Initial release

Author: farioas

.github/workflows/cicd_pipeline.yml

@@ -0,0 +1,117 @@
+name: "Validation"
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+  pull_request_target:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+    branches:
+      - master
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.pull_request.head.ref || github.ref_name }}
+  cancel-in-progress: true
+
+env:
+  TFSEC_VERSION: "v1.28.1"
+  TFLINT_VERSION: "v0.42.2"
+
+jobs:
+
+  tfsec:
+    strategy:
+      matrix:
+        provider: [ aws ]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: hmarr/[email protected]
+
+      - name: Configure tfsec binary cache
+        id: tfsec-cache
+        uses: actions/cache@v3
+        with:
+          path: /usr/local/bin/tfsec
+          key: tfsec-${{ env.TFSEC_VERSION }}
+
+      - name: Install tfsec
+        if: steps.tfsec-cache.outputs.cache-hit != 'true'
+        run: |
+          download_path=$(mktemp -d -t tfsec.XXXXXXXXXX)
+          download_executable="${download_path}/tfsec"
+          wget -O "${download_executable}" \
+            "https://github.com/aquasecurity/tfsec/releases/download/${{ env.TFSEC_VERSION }}/tfsec-linux-amd64"
+          install "${download_executable}" "/usr/local/bin/tfsec"
+
+      - name: Check tfsec version
+        run: tfsec -v
+
+      - uses: actions/checkout@v3
+
+      - name: TF Sec
+        id: tfsec
+        run: |
+          result_file="$(mktemp -d)/tfsec_results.txt"
+          echo "result_file=${result_file}" >> $GITHUB_OUTPUT
+          tfsec --out="${result_file}"  .
+
+      - name: Upload TF Sec results
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: TF Sec results
+          path: ${{ steps.tfsec.outputs.result_file }}
+
+
+  tflint:
+    strategy:
+      matrix:
+        provider: [ aws ]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: hmarr/[email protected]
+
+      - name: Configure tflint binary cache
+        id: tflint-cache
+        uses: actions/cache@v3
+        with:
+          path: /usr/local/bin/tflint
+          key: tflint-${{ env.TFLINT_VERSION }}
+
+      - name: Install tflint
+        if: steps.tflint-cache.outputs.cache-hit != 'true'
+        run: |
+          set -euo pipefail ${ACTIONS_STEP_DEBUG:+-x}
+          download_path=$(mktemp -d -t tflint.XXXXXXXXXX)
+          download_zip="${download_path}/tflint.zip"
+          download_executable="${download_path}/tflint"
+          wget -O "${download_zip}" \
+            "https://github.com/terraform-linters/tflint/releases/download/${{ env.TFLINT_VERSION }}/tflint_linux_amd64.zip"
+          unzip -u "${download_zip}" -d "${download_path}"
+          install "${download_executable}" "/usr/local/bin/tflint"
+
+      - name: Check tflint version
+        run: tflint -v
+
+      - uses: actions/checkout@v3
+
+      - name: TF Lint
+        id: tflint
+        run: |
+          set -euo pipefail ${ACTIONS_STEP_DEBUG:+-x}
+          result_file="$(mktemp -d)/tflint_results.txt"
+          echo "result_file=${result_file}" >> $GITHUB_OUTPUT
+          cd "terraform/${{ matrix.provider }}/env"
+          tflint | tee -a "${result_file}"
+
+      - name: Upload TF Lint results
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: TF Lint results
+          path: ${{ steps.tflint.outputs.result_file }}

.gitignore

@@ -1,3 +1,15 @@
+### Intellij ###
+.idea/
+*.iws
+out/
+### macOS ###
+# General
+.DS_Store
+
+# Thumbnails
+._*
+
+### Terraform ###
 # Local .terraform directories
 **/.terraform/*
 
@@ -7,13 +19,16 @@
 
 # Crash log files
 crash.log
+crash.*.log
 
 # Ignore any .tfvars files that are generated automatically for each Terraform run. Most
 # .tfvars files are managed as part of configuration and so should be included in
 # version control.
 #
 # example.tfvars
 
+terraform.tfvars
+
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
@@ -22,8 +37,20 @@ override.tf.json
 *_override.tf.json
 
 # Include override files you do wish to add to version control using negated pattern
-#
 # !example_override.tf
 
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
+plan.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+### Terragrunt ###
+# terragrunt cache directories
+**/.terragrunt-cache/*
+
+# Terragrunt debug output file (when using `--terragrunt-debug` option)
+# See: https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-debug
+terragrunt-debug.tfvars.json

Makefile

@@ -0,0 +1,75 @@
+SHELL := /usr/bin/env bash
+ROOT := ${CURDIR}
+provider := ${}
+var_file := ${}
+
+.PHONY: help
+help:
+	@echo 'Usage:'
+	@echo '    make init    "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>" Initialize and configure Terraform Backend.'
+	@echo '    make plan    "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>" Plan all Terraform resources.'
+	@echo '    make apply   "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>" Create or update Terraform resources.'
+	@echo '    make destroy "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>" Destroy all Terraform resources.'
+	@echo '    make console "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>" Run terraform console to debug terraform resources.'
+	@echo '    make lint	                                                 Check syntax of all scripts.'
+	@echo '    make docs	                                                 Generate documentation for terraform modules.'
+	@echo
+
+# Before you run this command please export the required variables.
+# Initialize the environment variables
+.PHONY: init
+init:
+	bash $(ROOT)/terraform/$(provider)/scripts/init.sh "$(var_file)"
+
+# Plan the Terraform resources
+.PHONY: plan
+plan:
+	bash $(ROOT)/terraform/$(provider)/scripts/plan.sh "$(var_file)"
+
+# Run terraform console for debug
+.PHONY: console
+console:
+	bash $(ROOT)/terraform/$(provider)/scripts/console.sh "$(var_file)"
+
+# Apply the Terraform resources
+.PHONY: apply
+apply:
+	bash $(ROOT)/terraform/$(provider)/scripts/apply.sh "$(var_file)"
+
+# Destroy the terraform resources
+.PHONY: destroy
+destroy:
+	bash $(ROOT)/terraform/$(provider)/scripts/destroy.sh "$(var_file)"
+
+.PHONY: lint
+lint: check_shell check_terraform check_shebangs check_tflint check_tfsec
+
+# Shell check
+.PHONY: check_shell
+check_shell:
+	source ${ROOT}/test/lint.sh && check_shell
+
+# Terraform check
+.PHONY: check_terraform
+check_terraform:
+	source ${ROOT}/test/lint.sh && check_terraform
+
+# Shebangs check
+.PHONY: check_shebangs
+check_shebangs:
+	source ${ROOT}/test/lint.sh && check_bash
+
+# TF Lint check
+.PHONY: check_tflint
+check_tflint:
+	source ${ROOT}/test/lint.sh && check_tflint
+
+# TF Sec check
+.PHONY: check_tfsec
+check_tfsec:
+	source ${ROOT}/test/lint.sh && check_tfsec
+
+# TF documentation
+.PHONY: docs
+docs:
+	source ${ROOT}/terraform/common/scripts/docs.sh

README.md

@@ -0,0 +1,59 @@
+## Label Studio Terraform
+The LabelStudio terraform module allows users to easily deploy a fully-featured instance of [Label Studio/Label Studio Enterprise](https://labelstud.io/) on multiple cloud providers, including AWS, Google Cloud(support in 2023) and Azure(support in late 2023).
+
+With [Label Studio/Label Studio Enterprise](https://labelstud.io/), users can create custom labeling interfaces, manage the labeling process, and export labeled data for use in machine learning and other applications.
+
+## Introduction
+The module provides a set of [pre-defined configuration examples](terraform/aws/examples) that can be easily customized to meet the needs of your project. It includes options for specifying the cloud provider, the region to deploy the Label Studio/Label Studio Enterprise instance, and various other parameters such as the number of replicas and 3rd party integrations.
+
+Using the module, you can quickly set up a Label Studio/Label Studio Enterprise instance that is ready to use, without the need to manually configure and deploy the various components of the system. Whether you are a data scientist, machine learning engineer, or just someone who needs to create high-quality labeled data, the LabelStudio terraform module can help you get up and running quickly and easily on your preferred cloud provider.
+
+## Common prerequisites
+
+| NAME        | Version | 
+|-------------|---------|
+| MacOS/Linux | any     |
+| Terraform   | 1.3.6   |
+| Helm        | 3.10.x  |
+| kubectl     | 1.24.x  |
+
+### How to install Terraform
+
+Consult the [Terraform documentation](https://developer.hashicorp.com/terraform/downloads) for specific instructions for your system.
+
+### How to install Helm
+
+Consult the [Helm documentation](https://helm.sh/docs/intro/install/) for specific instructions for your system.
+
+### How to install kubectl
+
+Follow the step from official Kubernetes documentation:
+- [Install kubectl on Linux](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/)
+- [Install kubectl on macOS](https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/)
+
+
+## How to use Makefile 
+* Terraform scripts stored in different folders. You have to specify your cloud provider to create resources.
+* List of supported providers: `aws`.
+
+| Command                                                         | Description                                  |
+|-----------------------------------------------------------------|----------------------------------------------|
+| `make help`                                                     | List all the available options to use        |
+| `make init "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>"`    | Initialize and configure Terraform backend   |
+| `make plan "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>"`    | Plan all Terraform resources                 |
+| `make apply "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>"`   | Create or update Terraform resources         |
+| `make destroy "provider=<REPLACE_ME>" "vars_file=<REPLACE_ME>"` | Destroy all Terraform resources              |
+| `make lint`                                                     | Check syntax of all scripts                  |
+| `make docs`                                                     | Generate documentation for terraform modules |
+
+
+## Cloud Providers
+
+### Provider AWS
+
+Link to [AWS Provider Documentation](./terraform/aws/README.md)
+
+## Seeking help
+
+If you run into an issue, bug or have a question, please reach out to the Label Studio
+community via [Label Studio Slack Community](https://slack.labelstudio.heartex.com/).