def create_variables(app_name, app_port, cluster_name): var_file = config.tf_dir + "/variables.tf" ts = Terrascript() var_access_key = variable('aws_access_key', default='') var_secret_key = variable('aws_secret_key', default='') var_region = variable('region', default='eu-west-1') var_ami = variable('ami', default='ami-066826c6a40879d75') var_az_qty = variable('az_qty', default='2') var_cluster_name = variable('ecs_cluster_name', default=cluster_name) var_instance_type = variable('instance_type', default='t2.micro') var_key_name = variable('key_name', default='rep') var_app_port = variable('app_port', default=app_port) var_app_name = variable('app_name', default=app_name) ts += var_access_key ts += var_secret_key ts += var_region ts += var_ami ts += var_az_qty ts += var_cluster_name ts += var_instance_type ts += var_key_name ts += var_app_port ts += var_app_name print ("Creating file: " + var_file) with open(var_file, 'w') as tfile: tfile.write(ts.dump())
def test_issue32(): """Issue 32: provisioner return one line with provisioner.file instead a dictionary.""" ts = Terrascript() ts += provider('aws', region='ap-southeast-2') p = provisioner('local-exec', command='date > $(mktemp tmpXXXXXXX.terrascript)') ts += aws_instance('I1', ami='ami-60a26a02', instance_type='t2.nano', provisioner=p) j = ts.dump() assert 'mktemp' in j assert ts.validate() is True
from terrascript.google.r import * from nw import * from variables import * ts = Terrascript() # metadata_startup_script = '${data.start_up.startup_script.rendered}' inst = ts.add( google_compute_instance( 'test-vm', name='test-pavan-tft', boot_disk=[{ 'initialize_params': [{ 'image': 'debian-cloud/debian-9' }] }], network_interface=[{ 'subnetwork': snw.self_link, 'access_config': {} }], machine_type='n1-standard-1', tags=['test-http', 'test-ssh'], zone=zone, metadata_startup_script= '#!/bin/bash\napt-get update -y\napt-get install nginx -y\nservice nginx start' )) file = open("./terraform/vm.tf.json", "w") file.write(ts.dump()) file.close()
class TerrascriptVSphereVM: def __init__(self, name, guestid, cpu, memory, folder=''): self.ts = Terrascript() self.name = name self.guestid = guestid self.cpu = cpu self.memory = memory self.folder = folder self.provider = None self.datacenter = None self.datastore = None self.template = None self.gateway = None self.disks = [] self.networks = [] self.interfaces = [] self.iface_customization = [] self.dns = [] def setProvider(self, host, username, password): logger = logging.getLogger() logger.debug("Set VSphere provider to {}".format(host)) self.provider = provider( "vsphere", user=username, password=password, vsphere_server=host, allow_unverified_ssl=True) self.ts.add(self.provider) def setDatacenter(self, datacenter): logger = logging.getLogger() logger.debug("Set VSphere datacenter to {}".format(datacenter)) self.datacenter = vsphere_datacenter( "dc", name=datacenter) self.ts.add(self.datacenter) def setDatastore(self, datastore): if not self.datacenter: raise Exception else: logger = logging.getLogger() logger.debug("Set VSphere datastore to {}".format(datastore)) self.datastore = vsphere_datastore( "ds", name=datastore, datacenter_id=self.datacenter.id) self.ts.add(self.datastore) def setResourcePool(self, pool): if not self.datacenter: raise Exception else: logger = logging.getLogger() logger.debug("Set VSphere Resource Pool to {}".format(pool)) self.pool = vsphere_resource_pool( "pool", name=pool, datacenter_id=self.datacenter.id) self.ts.add(self.pool) def setTemplate(self, template): if not self.datacenter: raise Exception else: logger = logging.getLogger() logger.debug("Set VSphere template to {}".format(template)) self.template = data_vsphere_virtual_machine( "template", name=template, datacenter_id=self.datacenter.id) self.ts.add(self.template) def addDisk(self, size): idx = len(self.disks) + 1 logger = logging.getLogger() logger.debug("Add {}GB disk".format(size)) self.disks.append({ "label": "disk{}".format(idx), "size": size, "unit_number": idx}) def addNetworkInterface(self, dvp, ipaddr, cidr): if not self.datacenter: raise Exception else: logger = logging.getLogger() logger.debug("Add network card on {} DVP, with {}/{}".format(dvp, ipaddr, cidr)) vnet = vsphere_network( dvp, name=dvp, datacenter_id=self.datacenter.id) self.networks.append(vnet) self.ts.add(vnet) self.interfaces.append({"network_id": vnet.id}) self.iface_customization.append({ "ipv4_address": ipaddr, "ipv4_netmask": cidr}) def setDomain(self, domain): logger = logging.getLogger() logger.debug("Set {} domain".format(domain)) self.domain = domain def setTimezone(self, timezone): logger = logging.getLogger() logger.debug("Set timezone to {}".format(timezone)) self.timezone = timezone def setGateway(self, gateway): logger = logging.getLogger() logger.debug("Set default gateway to {}".format(gateway)) self.gateway = gateway def addDns(self, dns): logger = logging.getLogger() logger.debug("Add {} to DNS list".format(dns)) self.dns.append(dns) def saveConfiguration(self, filename): linuxOptions = {} linuxOptions["host_name"] = self.name linuxOptions["domain"] = self.domain linuxOptions["time_zone"] = self.timezone customize = {} customize["linux_options"] = linuxOptions customize["network_interface"] = self.iface_customization customize["ipv4_gateway"] = self.gateway customize["dns_server_list"] = self.dns clone = {} clone["template_uuid"] = self.template.id clone["linked_clone"] = False clone["customize"] = customize if self.folder != '': self.virtualMachine = vsphere_virtual_machine( 'vm', name=self.name, resource_pool_id=self.pool.id, datastore_id=self.datastore.id, guest_id=self.guestid, folder=self.folder, num_cpus=self.cpu, memory=self.memory, network_interface=self.interfaces, disk=self.disks, clone=clone) else: self.virtualMachine = vsphere_virtual_machine( 'vm', name=self.name, resource_pool_id=self.pool.id, datastore_id=self.datastore.id, guest_id=self.guestid, num_cpus=self.cpu, memory=self.memory, network_interface=self.interfaces, disk=self.disks, clone=clone) self.ts.add(self.virtualMachine) fd = open(filename, 'w') fd.writelines(self.ts.dump()) fd.close() return 0
class TerraformHclFromDataSource: def __init__(self, record_file_name, resource_type, id_field_name, keywords_names): keywords_names_list = str(keywords_names).replace(" ", "").split(',') keywords_in_record = [ str(v).replace(" ", "").split('=')[0] for v in keywords_names_list ] keywords_in_hcl = [ str(v).replace(" ", "").split('=')[1] if '=' in str(v) else str(v).replace(" ", "").split('=')[0] for v in keywords_names_list ] keywords_names_dict = dict(zip(keywords_in_record, keywords_in_hcl)) self.file = open(record_file_name, 'r') json_data = json.load(self.file) alicloud_factory = factory(alicloud_instance, str(resource_type)) self.alicloud_hcl_store = Terrascript() self.alicloud_cmd_store = [] for record in json_data: assert record.get(id_field_name, "") != "" factory_parameter_dict = {} for k_record, k_hcl in keywords_names_dict.items(): v = json.dumps( record[k_record], sort_keys=True ) if record[k_record] is dict else record[k_record] factory_parameter_dict[k_hcl] = v # factory_parameter_dict[k_hcl] = record[k_record] resource_name = str(resource_type) + '-' + str( record[id_field_name]) one_hcl_item = alicloud_factory(resource_name, **factory_parameter_dict) one_cmd_item = "terraform import {}.{} {}".format( resource_type, resource_name, str(record[id_field_name])) self.alicloud_hcl_store.add(one_hcl_item) self.alicloud_cmd_store.append(one_cmd_item) def dump_hcl(self): """Dump Terraform Code.""" # printjson2hcl(self.alicloud_hcl_store.dump()) print(self.alicloud_hcl_store.dump()) def dump_cmd(self): """Dump Terraform import Command.""" for cmd in self.alicloud_cmd_store: print(cmd) def close(self): if self.file: self.file.close() self.file = None
project='learn-internal', region='us-central1') inst = ts.add( google_compute_instance('test-vm', name='test-nasir1-tft', boot_disk=[{ 'initialize_params': [{ 'image': 'debian-cloud/debian-9' }] }], network_interface=[{ 'network': 'default', 'access_config': {} }], machine_type='n1-standard-1', zone='us-east1-b')) print(ts.dump()) file = open("/home/nasiruddin_happy/ns002p/template/terraform/sample.tf.json", "w") file.write(ts.dump()) file.close() tf = Terraform(working_dir='/home/nasiruddin_happy/ns002p/template/terraform') tf.init() approve = {"auto-approve": True} print(tf.plan()) print(tf.apply(**approve))
def process(terrayaml: str, metadata: dict, logger: KopfObjectLogger) -> str: # # User input YAML # env = jinja2.Environment() env.filters['random_password'] = random_password env.filters['random_name'] = random_name template = T(template_text=terrayaml, environment=env).render(**metadata) provision = yaml.load(template, Loader=yaml.FullLoader) logger.info(f"provision this template {provision}") # print(provision) # # Start terraform # meta = provision.pop('meta', {}) team = meta.get('team', 'oss') profile = meta.get('profile', PROFILE) environment = meta.get('environment', 'testing') application = meta.get('application', 'wurkflow') statefile_region = meta.get('statefile_region', 'eu-west-1') ts = Terrascript() ts += Terraform(required_version=">= 0.12.7").backend( "s3", bucket=REMOTE_STATE_S3_BUCKET, key= f"k8/terrayaml-operator/{team}/{environment}/{application}-terraform.tfstate", region=statefile_region, profile=ROOT_PROFILE) # # Extract the notify component # notify = provision.pop('notify') if notify: # tuple of email, key recipient_emails = notify.get('email', []) # append out infra provisioner email recipient_emails.append('*****@*****.**') recipients = get_recipients_from_pgp(recipient_emails=recipient_emails) logger.info(f"notify these emails: {recipient_emails}") # # Parse the yaml # for provider in provision: #print(f"----- output for provider: {provider.upper()} -----") for resource, data in provision.get(provider).items(): #print(f"----- output for resource: {resource} -----") for item in data.get('items', []): api = TF_YAML_MAP.get(resource) outputs = item.pop('outputs', []) item_name = item.pop('name', random_name(value=resource)) tf_resource = api(item_name, **item) ts.add(tf_resource) # handle terraform outputs for opt in outputs: assert getattr( tf_resource, opt.get('value') ), f"{tf_resource} has no attribute {opt.get('value')}" ts.add( Output(opt.get('name'), value=getattr(tf_resource, opt.get('value')))) # Add a provider (+= syntax) ts += Provider('aws', skip_metadata_api_check=True, profile=profile, region=REGION) data = ts.dump() # Plan working_dir = tempfile.mkdtemp(dir='./runs') crd_api = kubernetes.client.CustomObjectsApi() selfLink = metadata.get('selfLink').split('/') # update with planId logger.info(f"planId: {working_dir}") crd_api.patch_namespaced_custom_object( group=selfLink[2], version=selfLink[3], name=selfLink[7], namespace=selfLink[5], plural=selfLink[6], body={"spec": { "planId": working_dir }}) tf_response, tf_code = terraform(working_dir=working_dir, data=data, logger=logger) logger.info(f"Terraform Plan result: {tf_response}") if recipients: logger.info(f"Send email to {recipients}") send_email(to=recipients, attachment=tf_response, message_type='success' if tf_code != 1 else 'error') else: logger.info('No recipients defined') logger.info(f"PlanId is {working_dir}") return f"{working_dir}"
def wireguard_terraform(region, ami): ts = Terrascript() ts += provider('aws', access_key=ACCESS_KEY, secret_key=SECRET_KEY, region=region) # If key already exists, an error with be thrown and infrastructure will not build key = ts.add( aws_key_pair('wireguard_key', key_name="wireguard", public_key=PUBLIC_KEY)) # If security groups already exist, an error will be thrown but infrastructure will still build sg_ssh = ts.add( aws_security_group('allow_ssh', name='allow_ssh', description='default', ingress=[ { 'from_port': 22, 'to_port': 22, 'protocol': 'tcp', 'cidr_blocks': ['0.0.0.0/0'] }, ], egress=[{ 'from_port': 0, 'to_port': 0, 'protocol': '-1', 'cidr_blocks': ['0.0.0.0/0'] }])) sg_wg = ts.add( aws_security_group('wg', name='wg', description='Open port for wireguard', ingress=[ { 'from_port': 54321, 'to_port': 54321, 'protocol': 'tcp', 'cidr_blocks': ["0.0.0.0/0"] }, ])) inst = ts.add( aws_instance( 'wireguard_test', ami=ami, instance_type='t2.micro', security_groups=["allow_ssh", "wg"], key_name="wireguard", tags=[{ 'Name': 'wireguard' }], )) eip = ts.add(aws_eip('default', instance=inst.id, vpc=True)) a_ip = ts.add( aws_eip_association('eip_assoc', instance_id=inst.id, allocation_id=eip.id)) with open('wireguard.tf', 'w') as tf: tf.write(ts.dump()) subprocess.run([ 'terraform', 'init', ]) subprocess.run(['terraform', 'apply', '-auto-approve'])