def run(dry_run, print_only=False, enable_deletion=False, io_dir='throughput/', thread_pool_size=10, internal=None, use_jump_host=True, light=False, vault_output_path='', account_name=None, defer=None): ri, oc_map, tf = \ setup(dry_run, print_only, thread_pool_size, internal, use_jump_host, account_name) if not dry_run: defer(lambda: oc_map.cleanup()) if print_only: cleanup_and_exit() if tf is None: err = True cleanup_and_exit(tf, err) if not light: deletions_detected, err = tf.plan(enable_deletion) if err: cleanup_and_exit(tf, err) if deletions_detected: if enable_deletion: tf.dump_deleted_users(io_dir) else: cleanup_and_exit(tf, deletions_detected) if dry_run: cleanup_and_exit(tf) if not light: err = tf.apply() if err: cleanup_and_exit(tf, err) # Temporary skip apply secret for running tf-r per account locally. # The integration running on the cluster will manage the secret # after any manual running. # Will refactor with caller for further operator implement. if account_name: cleanup_and_exit(tf) tf.populate_desired_state(ri, oc_map) ob.realize_data(dry_run, oc_map, ri) disable_keys(dry_run, thread_pool_size, disable_service_account_keys=True) if vault_output_path: write_outputs_to_vault(vault_output_path, ri) if ri.has_error_registered(): sys.exit(1) cleanup_and_exit(tf)
def run(dry_run=False, print_only=False, enable_deletion=False, io_dir='throughput/', thread_pool_size=10, internal=None, use_jump_host=True, light=False, vault_output_path='', defer=None): try: ri, oc_map, tf = \ setup(print_only, thread_pool_size, internal, use_jump_host) defer(lambda: oc_map.cleanup()) if print_only: cleanup_and_exit() if tf is None: err = True cleanup_and_exit(tf, err) if not light: deletions_detected, err = tf.plan(enable_deletion) if err: cleanup_and_exit(tf, err) if deletions_detected: if enable_deletion: tf.dump_deleted_users(io_dir) else: cleanup_and_exit(tf, deletions_detected) if dry_run: cleanup_and_exit(tf) if not light: err = tf.apply() if err: cleanup_and_exit(tf, err) tf.populate_desired_state(ri, oc_map) ob.realize_data(dry_run, oc_map, ri) disable_keys(dry_run, thread_pool_size, disable_service_account_keys=True) if vault_output_path: write_outputs_to_vault(vault_output_path, ri) if ri.has_error_registered(): sys.exit(1) except Exception as e: msg = 'There was problem running terraform resource reconcile.' msg += ' Exception: {}' msg = msg.format(str(e)) logging.error(msg) sys.exit(1) cleanup_and_exit(tf)
def run(dry_run, print_only=False, enable_deletion=False, io_dir='throughput/', thread_pool_size=10, internal=None, use_jump_host=True, light=False, vault_output_path='', account_name=None, extra_labels=None, defer=None): ri, oc_map, tf, tf_namespaces = \ setup(dry_run, print_only, thread_pool_size, internal, use_jump_host, account_name, extra_labels) if not dry_run: defer(lambda: oc_map.cleanup()) if print_only: cleanup_and_exit() if tf is None: err = True cleanup_and_exit(tf, err) if not light: disabled_deletions_detected, err = tf.plan(enable_deletion) if err: cleanup_and_exit(tf, err) tf.dump_deleted_users(io_dir) if disabled_deletions_detected: cleanup_and_exit(tf, disabled_deletions_detected) if dry_run: cleanup_and_exit(tf) if not light: err = tf.apply() if err: cleanup_and_exit(tf, err) tf.populate_desired_state(ri, oc_map, tf_namespaces, account_name) actions = ob.realize_data(dry_run, oc_map, ri, caller=account_name) disable_keys(dry_run, thread_pool_size, disable_service_account_keys=True, account_name=account_name) if actions and vault_output_path: write_outputs_to_vault(vault_output_path, ri) if ri.has_error_registered(): err = True cleanup_and_exit(tf, err) cleanup_and_exit(tf)
def run(dry_run, print_only=False, enable_deletion=False, io_dir='throughput/', thread_pool_size=10, internal=None, use_jump_host=True, light=False, vault_output_path='', defer=None): ri, oc_map, tf = \ setup(print_only, thread_pool_size, internal, use_jump_host) defer(lambda: oc_map.cleanup()) if print_only: cleanup_and_exit() if tf is None: err = True cleanup_and_exit(tf, err) if not light: deletions_detected, err = tf.plan(enable_deletion) if err: cleanup_and_exit(tf, err) if deletions_detected: if enable_deletion: tf.dump_deleted_users(io_dir) else: cleanup_and_exit(tf, deletions_detected) if dry_run: cleanup_and_exit(tf) if not light: err = tf.apply() if err: cleanup_and_exit(tf, err) tf.populate_desired_state(ri, oc_map) ob.realize_data(dry_run, oc_map, ri) disable_keys(dry_run, thread_pool_size, disable_service_account_keys=True) if vault_output_path: write_outputs_to_vault(vault_output_path, ri) if ri.has_error_registered(): sys.exit(1) cleanup_and_exit(tf)
def run(dry_run, print_only=False, enable_deletion=False, io_dir='throughput/', thread_pool_size=10, internal=None, use_jump_host=True, light=False, vault_output_path='', account_name=None, defer=None): ri, oc_map, tf, tf_namespaces = \ setup(dry_run, print_only, thread_pool_size, internal, use_jump_host, account_name) if not dry_run: defer(lambda: oc_map.cleanup()) if print_only: cleanup_and_exit() if tf is None: err = True cleanup_and_exit(tf, err) if not light: disabled_deletions_detected, err = tf.plan(enable_deletion) if err: cleanup_and_exit(tf, err) tf.dump_deleted_users(io_dir) if disabled_deletions_detected: cleanup_and_exit(tf, disabled_deletions_detected) if dry_run: cleanup_and_exit(tf) if not light: err = tf.apply() if err: cleanup_and_exit(tf, err) # Temporary skip apply secret for running tf-r per account locally. # The integration running on the cluster will manage the secret # after any manual running. # Will refactor with caller for further operator implement. if account_name: cleanup_and_exit(tf) tf.populate_desired_state(ri, oc_map, tf_namespaces) # temporarily not allowing resources to be deleted # or for pods to be recycled # this should be removed after we gained confidence # following the terraform 0.13 upgrade actions = ob.realize_data(dry_run, oc_map, ri) disable_keys(dry_run, thread_pool_size, disable_service_account_keys=True) if actions and vault_output_path: write_outputs_to_vault(vault_output_path, ri) if ri.has_error_registered(): err = True cleanup_and_exit(tf, err) cleanup_and_exit(tf)