Merge pull request #14 from DTherHtun/chapter11-other-codes

Chapter11 other codes

Author: scottwinkler

chapter11/complete/modules/codepipeline/main.tf

@@ -112,8 +112,8 @@ resource "aws_codepipeline" "codepipeline" {
         version  = "1"
 
         configuration = {
-          CustomData         = "Please review output of plan and approve"
-          NotificationArn    = aws_sns_topic.codepipeline.arn
+          CustomData      = "Please review output of plan and approve"
+          NotificationArn = aws_sns_topic.codepipeline.arn
         }
       }
     }

chapter11/complete/modules/codepipeline/variables.tf

@@ -1,35 +1,35 @@
 variable "name" {
-  type    = string
-  default = "terraform"
+  type        = string
+  default     = "terraform"
   description = "A project name to use for resource mapping"
 }
 
 variable "auto_apply" {
-  type    = bool
-  default = false
+  type        = bool
+  default     = false
   description = "Whether to automatically apply changes when a Terraform plan is successful. Defaults to false."
 }
 
 variable "terraform_version" {
-  type    = string
-  default = "latest"
+  type        = string
+  default     = "latest"
   description = "The version of Terraform to use for this workspace. Defaults to the latest available version."
 }
 
 variable "working_directory" {
-  type    = string
-  default = "."
+  type        = string
+  default     = "."
   description = "A relative path that Terraform will execute within. Defaults to the root of your repository."
 }
 
 variable "vcs_repo" {
-  type = object({ identifier = string, branch = string, oauth_token = string })
+  type        = object({ identifier = string, branch = string, oauth_token = string })
   description = "Settings for the workspace's VCS repository."
 }
 
 variable "environment" {
-  type    = map(string)
-  default = {}
+  type        = map(string)
+  default     = {}
   description = "A map of environment varaibles to use for this workspace"
 }
 

chapter11/listing11.1/main.tf

@@ -0,0 +1,28 @@
+variable "aws" {
+  type = object({ access_key = string, secret_key = string, region = string })
+}
+
+variable "vcs_repo" {
+  type = object({ identifier = string, branch = string, oauth_token = string })
+}
+
+provider "aws" {
+  access_key = var.aws.access_key
+  secret_key = var.aws.secret_key
+  region     = var.aws.region
+}
+
+module "s3backend" {
+  source = "scottwinkler/s3backend/aws"
+}
+
+module "codepipeline" {
+  source   = "./modules/codepipeline"
+  name     = "terraform-in-action"
+  vcs_repo = var.vcs_repo
+  environment = {
+    AWS_ACCESS_KEY_ID     = var.aws.access_key
+    AWS_SECRET_ACCESS_KEY = var.aws.secret_key
+  }
+  s3_backend_config = module.s3backend.config
+}

chapter11/listing11.10/main.tf

@@ -0,0 +1,9 @@
+resource "aws_s3_bucket" "codepipeline_bucket" {
+  bucket        = "${local.namespace}-codepipeline-bucket"
+  acl           = "private"
+  force_destroy = true
+}
+
+resource "aws_sns_topic" "codepipeline" {
+  name = "${local.namespace}-pipeline-topic"
+}

chapter11/listing11.11/main.tf

@@ -0,0 +1,85 @@
+resource "aws_codepipeline" "codepipeline" {
+  name     = "${local.namespace}-pipeline"
+  role_arn = aws_iam_role.codepipeline_role.arn
+
+  artifact_store {
+    location = aws_s3_bucket.codepipeline_bucket.bucket
+    type     = "S3"
+  }
+
+  stage {
+    name = "Source"
+
+    action {
+      name             = "Source"
+      category         = "Source"
+      owner            = "ThirdParty"
+      provider         = "GitHub"
+      version          = "1"
+      output_artifacts = ["source_output"]
+
+      configuration = {
+        Owner      = split("/", var.vcs_repo.identifier)[0]
+        Repo       = split("/", var.vcs_repo.identifier)[1]
+        Branch     = var.vcs_repo.branch
+        OAuthToken = var.vcs_repo.oauth_token
+      }
+    }
+  }
+
+  stage {
+    name = "Plan"
+
+    action {
+      name            = "Plan"
+      category        = "Build"
+      owner           = "AWS"
+      provider        = "CodeBuild"
+      input_artifacts = ["source_output"]
+      version         = "1"
+
+      configuration = {
+        ProjectName          = aws_codebuild_project.project[0].name
+        EnvironmentVariables = local.environment
+      }
+    }
+  }
+
+  dynamic "stage" {
+    for_each = ! var.auto_apply ? [1] : []
+    content {
+      name = "Approval"
+
+      action {
+        name     = "Approval"
+        category = "Approval"
+        owner    = "AWS"
+        provider = "Manual"
+        version  = "1"
+
+        configuration = {
+          CustomData      = "Please review output of plan and approve"
+          NotificationArn = aws_sns_topic.codepipeline.arn
+        }
+      }
+    }
+  }
+
+  stage {
+    name = "Apply"
+
+    action {
+      name            = "Apply"
+      category        = "Build"
+      owner           = "AWS"
+      provider        = "CodeBuild"
+      input_artifacts = ["source_output"]
+      version         = "1"
+
+      configuration = {
+        ProjectName          = aws_codebuild_project.project[1].name
+        EnvironmentVariables = local.environment
+      }
+    }
+  }
+}

chapter11/listing11.12/main.tf

@@ -0,0 +1,138 @@
+resource "random_string" "rand" {
+  length  = 24
+  special = false
+  upper   = false
+}
+
+locals {
+  namespace = substr(join("-", [var.name, random_string.rand.result]), 0, 24)
+  projects  = ["plan", "apply"]
+}
+
+resource "aws_codebuild_project" "project" {
+  count        = length(local.projects)
+  name         = "${local.namespace}-${local.projects[count.index]}"
+  service_role = aws_iam_role.codebuild_role.id
+
+  artifacts {
+    type = "NO_ARTIFACTS"
+  }
+
+  environment {
+    compute_type = "BUILD_GENERAL1_SMALL"
+    image        = "hashicorp/terraform:${var.terraform_version}"
+    type         = "LINUX_CONTAINER"
+  }
+
+  source {
+    type      = "NO_SOURCE"
+    buildspec = file("${path.module}/templates/buildspec_${local.projects[count.index]}.yml")
+  }
+}
+
+locals {
+  backend = templatefile("${path.module}/templates/backend.json", { config : var.s3_backend_config, name : local.namespace })
+  default_environment = {
+    TF_IN_AUTOMATION  = "1"
+    TF_INPUT          = "1"
+    WORKING_DIRECTORY = var.working_directory
+    BACKEND           = local.backend,
+  }
+  environment = jsonencode([for k, v in merge(local.default_environment, var.environment) : { name : k, value : v, type : "PLAINTEXT" }])
+}
+
+resource "aws_s3_bucket" "codepipeline_bucket" {
+  bucket        = "${local.namespace}-codepipeline-bucket"
+  acl           = "private"
+  force_destroy = true
+}
+
+resource "aws_sns_topic" "codepipeline" {
+  name = "${local.namespace}-pipeline-topic"
+}
+
+resource "aws_codepipeline" "codepipeline" {
+  name     = "${local.namespace}-pipeline"
+  role_arn = aws_iam_role.codepipeline_role.arn
+
+  artifact_store {
+    location = aws_s3_bucket.codepipeline_bucket.bucket
+    type     = "S3"
+  }
+
+  stage {
+    name = "Source"
+
+    action {
+      name             = "Source"
+      category         = "Source"
+      owner            = "ThirdParty"
+      provider         = "GitHub"
+      version          = "1"
+      output_artifacts = ["source_output"]
+
+      configuration = {
+        Owner      = split("/", var.vcs_repo.identifier)[0]
+        Repo       = split("/", var.vcs_repo.identifier)[1]
+        Branch     = var.vcs_repo.branch
+        OAuthToken = var.vcs_repo.oauth_token
+      }
+    }
+  }
+
+  stage {
+    name = "Plan"
+
+    action {
+      name            = "Plan"
+      category        = "Build"
+      owner           = "AWS"
+      provider        = "CodeBuild"
+      input_artifacts = ["source_output"]
+      version         = "1"
+
+      configuration = {
+        ProjectName          = aws_codebuild_project.project[0].name
+        EnvironmentVariables = local.environment
+      }
+    }
+  }
+
+  dynamic "stage" {
+    for_each = ! var.auto_apply ? [1] : []
+    content {
+      name = "Approval"
+
+      action {
+        name     = "Approval"
+        category = "Approval"
+        owner    = "AWS"
+        provider = "Manual"
+        version  = "1"
+
+        configuration = {
+          CustomData      = "Please review output of plan and approve"
+          NotificationArn = aws_sns_topic.codepipeline.arn
+        }
+      }
+    }
+  }
+
+  stage {
+    name = "Apply"
+
+    action {
+      name            = "Apply"
+      category        = "Build"
+      owner           = "AWS"
+      provider        = "CodeBuild"
+      input_artifacts = ["source_output"]
+      version         = "1"
+
+      configuration = {
+        ProjectName          = aws_codebuild_project.project[1].name
+        EnvironmentVariables = local.environment
+      }
+    }
+  }
+}

chapter11/listing11.13/terraform.tfvars

@@ -0,0 +1,11 @@
+aws = {
+  access_key = "AKIATESI2XGPI5F"
+  secret_key = "x2TZm1kBKfH4Z6P"
+  region     = "us-west-2"
+}
+
+vcs_repo = {
+  branch      = "master"
+  identifier  = "swinkler/test_deploy"
+  oauth_token = "b4c5e88c29a192cde69d150"
+}

chapter11/listing11.14/main.tf

@@ -0,0 +1,20 @@
+provider "aws" {
+  version = "2.12.0"
+  region  = "us-west-2"
+}
+
+data "aws_ami" "ubuntu" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]
+  }
+
+  owners = ["099720109477"]
+}
+
+resource "aws_instance" "helloworld" {
+  ami           = data.aws_ami.ubuntu.id
+  instance_type = "t2.micro"
+}

chapter11/listing11.15/main.tf

@@ -0,0 +1,30 @@
+variable "aws" {
+  type = object({ access_key = string, secret_key = string, region = string })
+}
+
+variable "vcs_repo" {
+  type = object({ identifier = string, branch = string, oauth_token = string })
+}
+
+provider "aws" {
+  access_key = var.aws.access_key
+  secret_key = var.aws.secret_key
+  region     = var.aws.region
+}
+
+module "s3backend" {
+  source = "scottwinkler/s3backend/aws"
+}
+
+module "codepipeline" {
+  source     = "./modules/codepipeline"
+  name       = "terraform-in-action"
+  vcs_repo   = var.vcs_repo
+  auto_apply = true
+  environment = {
+    AWS_ACCESS_KEY_ID     = var.aws.access_key
+    AWS_SECRET_ACCESS_KEY = var.aws.secret_key
+    CONFIRM_DESTROY       = 1
+  }
+  s3_backend_config = module.s3backend.config
+}