feat(corebuild): embed terraform definitions

conplementAG · Feb 6, 2024 · 0e3b80d · 0e3b80d
1 parent 9493426
commit 0e3b80d
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 30 deletions.
diff --git a/cmd/copsctl/main.go b/cmd/copsctl/main.go
@@ -9,7 +9,7 @@ import (
 
 func main() {
  defer errorhandler()
- hq := hq.NewQuiet("copsctl", "0.12.0", "copsctl.log")
+ hq := hq.NewQuiet("copsctl", "0.12.1", "copsctl.log")
  createCommands(hq)
 
  error_handling.PanicOnAnyError = true

diff --git a/internal/adapters/kubernetes/commands.go b/internal/adapters/kubernetes/commands.go
@@ -2,6 +2,7 @@ package kubernetes
 
 import (
  "encoding/json"
+ "github.com/conplementAG/copsctl/internal/common"
  "github.com/conplementAG/copsctl/internal/common/file_processing"
  "github.com/conplementag/cops-hq/v2/pkg/commands"
  "github.com/sirupsen/logrus"
@@ -58,14 +59,20 @@ func Delete(executor commands.Executor, filepath string) (string, error) {
 
 func ApplyString(executor commands.Executor, content string) (string, error) {
  temporaryDirectory, temporaryFile := file_processing.WriteStringToTemporaryFile(content, "resource.yaml")
- defer file_processing.DeletePath(temporaryDirectory)
+ defer func() {
+ err := file_processing.DeletePath(temporaryDirectory)
+ common.FatalOnError(err)
+ }()
 
  return Apply(executor, temporaryFile)
 }
 
 func DeleteString(executor commands.Executor, content string) (string, error) {
  temporaryDirectory, temporaryFile := file_processing.WriteStringToTemporaryFile(content, "resource.yaml")
- defer file_processing.DeletePath(temporaryDirectory)
+ defer func() {
+ err := file_processing.DeletePath(temporaryDirectory)
+ common.FatalOnError(err)
+ }()
 
  return Delete(executor, temporaryFile)
 }

diff --git a/internal/common/file_processing/file_processing.go b/internal/common/file_processing/file_processing.go
@@ -5,13 +5,11 @@ import (
  "fmt"
  "github.com/conplementAG/copsctl/internal/common"
  "github.com/conplementAG/copsctl/internal/corebuild/security"
+ "github.com/rs/xid"
  "gopkg.in/yaml.v3"
- "io"
+ "io/fs"
  "os"
  "path/filepath"
- "strings"
-
- "github.com/rs/xid"
 )
 
 // WriteStringToTemporaryFile writes the file contents into a file on a temporary disk location
@@ -26,36 +24,37 @@ func WriteStringToTemporaryFile(fileContents string, filePath string) (outputFol
 }
 
 // DeletePath deletes the file from the disk
-func DeletePath(filePath string) {
- err := os.RemoveAll(filePath)
- common.FatalOnError(err)
+func DeletePath(filePath string) error {
+ return os.RemoveAll(filePath)
 }
 
-// InterpolateStaticFiles loads all the files in given embed FS path.
+// CreateTempDirectory loads all the files in given embed FS path.
 // It depends on resource embedding, set by go:embed directive
-// Replaces the variables based on the given dictionary,
-// and returns the path to the generated directory where the results are stored
-func InterpolateStaticFiles(inputPathFs embed.FS, inputPathRootFolderName string, variables map[string]string) string {
- directory, readDirError := inputPathFs.ReadDir(inputPathRootFolderName)
- common.FatalOnError(readDirError)
+// Returns the path to the generated directory where the results are stored
+func CreateTempDirectory(inputPathFs embed.FS, inputPathRootFolderName string) (string, error) {
 
  uniqueOutputFolder := createUniqueDirectory()
 
- for _, file := range directory {
- f, err := inputPathFs.Open(inputPathRootFolderName + "/" + file.Name())
- common.FatalOnError(err)
- filesContent, err := io.ReadAll(f)
- common.FatalOnError(err)
- fileContentString := string(filesContent)
- for key, value := range variables {
- fileContentString = strings.Replace(fileContentString, key, value, -1)
+ err := fs.WalkDir(inputPathFs, inputPathRootFolderName, func(path string, entry fs.DirEntry, err error) error {
+ if err != nil {
+ return err
  }
+ relPath, err := filepath.Rel(inputPathRootFolderName, path)
+ if err != nil {
+ return err
+ }
+ destPath := filepath.Join(uniqueOutputFolder, relPath)
+ if entry.IsDir() {
+ return os.MkdirAll(destPath, 0755)
+ }
+ fileContent, err := inputPathFs.ReadFile(path)
+ if err != nil {
+ return err
+ }
+ return os.WriteFile(destPath, fileContent, 0644)
+ })
 
- err = os.WriteFile(filepath.Join(uniqueOutputFolder, file.Name()), []byte(fileContentString), 0644)
- common.FatalOnError(err)
- }
-
- return uniqueOutputFolder
+ return uniqueOutputFolder, err
 }
 
 func LoadEncryptedFile[T interface{}](filename string, cryptographer security.Cryptographer) (*T, error) {

diff --git a/internal/corebuild/orchestrator.go b/internal/corebuild/orchestrator.go
@@ -1,6 +1,8 @@
 package corebuild
 
 import (
+ "embed"
+ "errors"
  "fmt"
  "github.com/conplementAG/copsctl/internal/adapters/azure"
  "github.com/conplementAG/copsctl/internal/cmd/flags"
@@ -20,6 +22,9 @@ import (
  "path/filepath"
 )
 
+//go:embed terraform/*
+var terraformDirectory embed.FS
+
 type Orchestrator struct {
  hq hq.HQ
  executor commands.Executor
@@ -28,6 +33,7 @@ type Orchestrator struct {
  longNamingService naming.Service
  resourceGroupName string
  autoApprove bool
+ cleanupActions []func() error
 }
 
 func New(hq hq.HQ) (*Orchestrator, error) {
@@ -90,6 +96,9 @@ func (o *Orchestrator) CreateInfrastructure() {
  managedIdentityName, err := tf.Output(common.ToPtr("managed_identity_name"))
  common.FatalOnError(err)
 
+ err = o.runCleanupActions()
+ common.FatalOnError(err)
+
  logrus.Info("================== Build agent pool created ====================")
  logrus.Infof("Make sure you add public egress ip %s to all resources firewall access lists build agent needs access", publicEgressIp)
  logrus.Infof("Make sure you add build agent managed identity %s to all resources permissions needed", managedIdentityName)
@@ -112,6 +121,9 @@ func (o *Orchestrator) DestroyInfrastructure() {
  err = o.cleanup()
  common.FatalOnError(err)
 
+ err = o.runCleanupActions()
+ common.FatalOnError(err)
+
  logrus.Info("================== Build agent pool destroyed ====================")
 }
 
@@ -148,13 +160,19 @@ func (o *Orchestrator) initializeTerraform() (terraform.Terraform, error) {
  return nil, err
  }
 
+ tempDir, err := file_processing.CreateTempDirectory(terraformDirectory, "terraform")
+ o.cleanupActions = append(o.cleanupActions, func() error { return file_processing.DeletePath(tempDir) })
+ if err != nil {
+ return nil, err
+ }
+
  tf := terraform.New(o.executor, "core-build",
  o.config.Environment.SubscriptionID,
  o.config.Environment.TenantID,
  o.config.Environment.Region,
  o.resourceGroupName,
  terraformStorageAccountName,
- filepath.Join(hq.ProjectBasePath, "internal", "corebuild", "terraform"),
+ tempDir,
  backendStorageSettings,
  terraform.DefaultDeploymentSettings)
  err = tf.Init()
@@ -225,6 +243,22 @@ func (o *Orchestrator) cleanup() error {
  return azureAdapter.RemoveResourceGroup(o.resourceGroupName)
 }
 
+func (o *Orchestrator) runCleanupActions() error {
+ var errs []string
+
+ for _, f := range o.cleanupActions {
+ if err := f(); err != nil {
+ errs = append(errs, err.Error())
+ }
+ }
+
+ if len(errs) > 0 {
+ return errors.New("combined error: " + fmt.Sprint(errs))
+ }
+
+ return nil
+}
+
 type roleAssignment struct {
  Scope string `mapstructure:"scope" json:"scope" yaml:"scope"`
  RoleDefinitionName string `mapstructure:"role_definition_name" json:"role_definition_name" yaml:"role_definition_name"`