def ts_amazon_aws(version='=< 2.30', AWS_REGION_LIST=['us-east-1'], **kwargs):
ts_local = Terrascript()
aws_access_key = ts_local.add(variable('aws_access_key'))
aws_secret_key = ts_local.add(variable('aws_secret_key'))
aws_region = ts_local.add(variable('aws_region', default='us-east-1'))
default_params = dict(
version=version,
access_key=aws_access_key,
secret_key=aws_secret_key,
)
default_params.update(kwargs)
# Providers
aws_providers_map = {}
for region in AWS_REGION_LIST:
_provider = provider('aws',
region=region,
alias=region,
**default_params)
aws_providers_map[region] = ts_local.add(_provider)
ts_local.add(provider('aws', region=aws_region, **default_params))
# VPC
aws_vpc_map = {}
for region in AWS_REGION_LIST:
aws_provider = 'aws.{0}'.format(region)
vpc_name = 'vpc-{}'.format(region)
aws_vpc_map[region] = ts_local.add(
aws_vpc(vpc_name, provider=aws_provider))
return ts_local
def __init__(self,
integration,
integration_prefix,
thread_pool_size,
oc_map={}):
self.integration = integration
self.integration_prefix = integration_prefix
self.oc_map = oc_map
self.thread_pool_size = thread_pool_size
self.populate_configs_and_vars_from_vault()
tss = {}
locks = {}
for name, config in self.configs.items():
# Ref: https://github.com/mjuenema/python-terrascript#example
ts = Terrascript()
ts += provider('aws',
access_key=config['aws_access_key_id'],
secret_key=config['aws_secret_access_key'],
version=config['aws_provider_version'],
region=config['region'])
b = backend("s3",
access_key=config['aws_access_key_id'],
secret_key=config['aws_secret_access_key'],
bucket=config['bucket'],
key=config['{}_key'.format(integration)],
region=config['region'])
ts += terraform(backend=b)
tss[name] = ts
locks[name] = Lock()
self.tss = tss
self.locks = locks
def test_issue3a():
"""Issue 3(a): Work-around for data/JSON bug"""
ts = terrascript.Terrascript()
ts += terrascript.provider("aws", region="us-east-1")
policydict = {
"Version": "2012-10-17",
"Statement": [{"Action": "s3:*", "Resource": "*"}],
}
ts += terrascript.aws.r.iam_policy(
"jbstest_works",
name="jbstest_works",
policy=json.dumps(policydict, sort_keys=True),
)
ts += terrascript.aws.d.aws_iam_policy_document(
"jbstest", statement=[{"actions": ["s3:*"], "resources": ["*"]}]
)
ts += terrascript.aws.r.iam_policy(
"jbstest_fails",
name="jbstest_fails",
policy="${data.aws_iam_policy_document.jbstest.json}",
)
assert ts.validate() == True
def test_issue33():
"""Issue 33: Suggestion of syntax to terrascript"""
ts = Terrascript()
var_access_key = ts.add(variable('access_key'))
assert isinstance(var_access_key, variable)
var_secret_key = ts.add(variable('secret_key'))
assert isinstance(var_secret_key, variable)
var_region = ts.add(variable('region', default='us-east-1'))
assert isinstance(var_region, variable)
ts += provider('aws', access_key=var_access_key,
secret_key=var_secret_key, region=var_region
)
resource_aws_instance = ts.add(aws_instance('example', ami='ami-2757f631', instance_type='t2.micro'))
assert isinstance(resource_aws_instance, aws_instance)
ts += output('example_public_ip', value=resource_aws_instance.public_ip,
description='Public IP of example')
assert ts.validate() is True
def test_issue3b():
"""Issue 3(b): Work-around for data/JSON bug"""
ts = terrascript.Terrascript()
ts += terrascript.provider("aws", region="us-east-1")
ts += terrascript.aws.d.aws_vpc('selected', id=1)
assert ts.validate() == True
def setVSphereConfig(self, host, username, password):
logger = logging.getLogger()
logger.debug("Set VSphere provider to {}".format(host))
self.provider = provider("vsphere",
user=username,
password=password,
vsphere_server=host,
allow_unverified_ssl=True)
self.ts.add(self.provider)
def ts_digitalocean(version='>= 1.7, < 1.9', **kwargs):
ts_local = Terrascript()
do_token = ts_local.add(variable('do_token'))
default_parms = dict(token=do_token)
default_parms.update(kwargs)
ts_local.add(provider('digitalocean', version=version, **default_parms))
return ts_local
def ts_cloudflare(version='< 1.9.0', **kwargs):
ts_local = Terrascript()
cloudflare_email = ts_local.add(variable('cloudflare_email'))
cloudflare_token = ts_local.add(variable('cloudflare_token', default=''))
default_parms = dict(
email=cloudflare_email,
token=cloudflare_token,
)
default_parms.update(kwargs)
ts_local.add(provider('cloudflare', version=version, **default_parms))
return ts_local
def test_issue32():
"""Issue 32: provisioner return one line with provisioner.file instead a dictionary."""
ts = Terrascript()
ts += provider('aws', region='ap-southeast-2')
p = provisioner('local-exec', command='date > $(mktemp tmpXXXXXXX.terrascript)')
ts += aws_instance('I1', ami='ami-60a26a02', instance_type='t2.nano', provisioner=p)
j = ts.dump()
assert 'mktemp' in j
assert ts.validate() is True
def test_update_add_value():
ts = Terrascript()
ts2 = Terrascript()
var_access_key = ts.add(variable('access_key'))
var_secret_key = ts.add(variable('secret_key'))
var_region = ts.add(variable('region', default='us-east-1'))
ts += provider('aws',
access_key=var_access_key,
secret_key=var_secret_key,
region=var_region)
resource_aws_instance = ts.add(
aws_instance('example', ami='ami-2757f631', instance_type='t2.micro'))
resource_aws_instance_2 = ts2.add(
aws_instance('example_second',
ami='ami-2757f631',
instance_type='t2.micro'))
assert isinstance(resource_aws_instance, aws_instance)
assert isinstance(resource_aws_instance_2, aws_instance)
# ts2 add resource "example_second" to ts
ts.update(ts2)
assert isinstance(ts, Terrascript)
assert isinstance(ts2, Terrascript)
ts_resources = ts.config.get('resource', {})
assert len(ts_resources.items()) == 1
ts_aws_instances = ts_resources.get('aws_instance')
assert len(ts_aws_instances.items()) == 2
assert resource_aws_instance._name in ts_aws_instances.keys()
assert resource_aws_instance_2._name in ts_aws_instances.keys()
assert ts.validate(delete=False) is True
from swarm_tf.managers import Manager
from swarm_tf.common import VolumeClaim, get_user_data_script, create_firewall
from terrascript.digitalocean.r import *
# Setup
do_token = "<Place your digital ocean token here>"
# Common
domain = "swarmdemo.com"
region = "nyc3"
ssh_key_file = "~/.ssh/id_rsa" # Need to be full path
user_data = get_user_data_script()
o = Terraobject()
o.terrascript.add(provider("digitalocean", token=do_token))
# ---------------------------------------------
# Get Existing Object at Digital Ocean
# ---------------------------------------------
do_sshkey = data_digitalocean_ssh_key("mysshkey", name="id_rsa")
o.terrascript.add(do_sshkey)
o.shared['sshkey'] = do_sshkey
# ---------------------------------------------
# Creating Swarm Manager
# ---------------------------------------------
managerVar = ManagerVariables()
managerVar.image = "ubuntu-18-04-x64"
managerVar.size = "s-1vcpu-1gb"
from terrascript import Terrascript, provider
from terrascript.google.r import *
from python_terraform import *
ts = Terrascript()
region = 'asia-south1'
ts += provider('google',
credentials='../service_account_gke.json',
project='learn-internal',
region=region)
nw = ts.add(
google_compute_network('test-network',
name='test-gke-nw',
auto_create_subnetworks=False,
routing_mode='GLOBAL'))
snw = ts.add(
google_compute_subnetwork('test-snw',
name='test-gke-snw',
ip_cidr_range='10.5.0.0/16',
region=region,
network=nw.name))
gke = ts.add(
google_container_cluster(
'primary',
name='my-cluster',
zone='asia-south1-a',
additional_zones=['asia-south1-b', 'asia-south1-c'],
cluster_ipv4_cidr='172.16.0.0/16',
from terrascript import Terrascript, provider
from python_terraform import *
from terrascript.google.r import google_compute_instance
from google.oauth2 import service_account
credentials = service_account.Credentials.from_service_account_file(
'/home/nasiruddin_happy/ns002p/service_account.json')
ts = Terrascript()
ts += provider(
'google',
credentials='/home/nasiruddin_happy/ns002p/service_account.json',
project='learn-internal',
region='us-central1')
inst = ts.add(
google_compute_instance('test-vm',
name='test-nasir1-tft',
boot_disk=[{
'initialize_params': [{
'image':
'debian-cloud/debian-9'
}]
}],
network_interface=[{
'network': 'default',
'access_config': {}
}],
machine_type='n1-standard-1',
zone='us-east1-b'))
print(ts.dump())
def wireguard_terraform(region, ami):
ts = Terrascript()
ts += provider('aws',
access_key=ACCESS_KEY,
secret_key=SECRET_KEY,
region=region)
# If key already exists, an error with be thrown and infrastructure will not build
key = ts.add(
aws_key_pair('wireguard_key',
key_name="wireguard",
public_key=PUBLIC_KEY))
# If security groups already exist, an error will be thrown but infrastructure will still build
sg_ssh = ts.add(
aws_security_group('allow_ssh',
name='allow_ssh',
description='default',
ingress=[
{
'from_port': 22,
'to_port': 22,
'protocol': 'tcp',
'cidr_blocks': ['0.0.0.0/0']
},
],
egress=[{
'from_port': 0,
'to_port': 0,
'protocol': '-1',
'cidr_blocks': ['0.0.0.0/0']
}]))
sg_wg = ts.add(
aws_security_group('wg',
name='wg',
description='Open port for wireguard',
ingress=[
{
'from_port': 54321,
'to_port': 54321,
'protocol': 'tcp',
'cidr_blocks': ["0.0.0.0/0"]
},
]))
inst = ts.add(
aws_instance(
'wireguard_test',
ami=ami,
instance_type='t2.micro',
security_groups=["allow_ssh", "wg"],
key_name="wireguard",
tags=[{
'Name': 'wireguard'
}],
))
eip = ts.add(aws_eip('default', instance=inst.id, vpc=True))
a_ip = ts.add(
aws_eip_association('eip_assoc',
instance_id=inst.id,
allocation_id=eip.id))
with open('wireguard.tf', 'w') as tf:
tf.write(ts.dump())
subprocess.run([
'terraform',
'init',
])
subprocess.run(['terraform', 'apply', '-auto-approve'])
