feat(corebuild): embed terraform definitions

ChristianGottinger · ChristianGottinger · commit 0e3b80ddcfab · 2024-02-06T14:16:20.000+01:00
diff --git a/cmd/copsctl/main.go b/cmd/copsctl/main.go
@@ -9,7 +9,7 @@ import (
 
 func main() {
 	defer errorhandler()
-	hq := hq.NewQuiet("copsctl", "0.12.0", "copsctl.log")
+	hq := hq.NewQuiet("copsctl", "0.12.1", "copsctl.log")
 	createCommands(hq)
 
 	error_handling.PanicOnAnyError = true
diff --git a/internal/adapters/kubernetes/commands.go b/internal/adapters/kubernetes/commands.go
@@ -2,6 +2,7 @@ package kubernetes
 
 import (
 	"encoding/json"
+	"github.com/conplementAG/copsctl/internal/common"
 	"github.com/conplementAG/copsctl/internal/common/file_processing"
 	"github.com/conplementag/cops-hq/v2/pkg/commands"
 	"github.com/sirupsen/logrus"
@@ -58,14 +59,20 @@ func Delete(executor commands.Executor, filepath string) (string, error) {
 
 func ApplyString(executor commands.Executor, content string) (string, error) {
 	temporaryDirectory, temporaryFile := file_processing.WriteStringToTemporaryFile(content, "resource.yaml")
-	defer file_processing.DeletePath(temporaryDirectory)
+	defer func() {
+		err := file_processing.DeletePath(temporaryDirectory)
+		common.FatalOnError(err)
+	}()
 
 	return Apply(executor, temporaryFile)
 }
 
 func DeleteString(executor commands.Executor, content string) (string, error) {
 	temporaryDirectory, temporaryFile := file_processing.WriteStringToTemporaryFile(content, "resource.yaml")
-	defer file_processing.DeletePath(temporaryDirectory)
+	defer func() {
+		err := file_processing.DeletePath(temporaryDirectory)
+		common.FatalOnError(err)
+	}()
 
 	return Delete(executor, temporaryFile)
 }
diff --git a/internal/common/file_processing/file_processing.go b/internal/common/file_processing/file_processing.go
@@ -5,13 +5,11 @@ import (
 	"fmt"
 	"github.com/conplementAG/copsctl/internal/common"
 	"github.com/conplementAG/copsctl/internal/corebuild/security"
+	"github.com/rs/xid"
 	"gopkg.in/yaml.v3"
-	"io"
+	"io/fs"
 	"os"
 	"path/filepath"
-	"strings"
-
-	"github.com/rs/xid"
 )
 
 // WriteStringToTemporaryFile writes the file contents into a file on a temporary disk location
@@ -26,36 +24,37 @@ func WriteStringToTemporaryFile(fileContents string, filePath string) (outputFol
 }
 
 // DeletePath deletes the file from the disk
-func DeletePath(filePath string) {
-	err := os.RemoveAll(filePath)
-	common.FatalOnError(err)
+func DeletePath(filePath string) error {
+	return os.RemoveAll(filePath)
 }
 
-// InterpolateStaticFiles loads all the files in given embed FS path.
+// CreateTempDirectory loads all the files in given embed FS path.
 // It depends on resource embedding, set by go:embed directive
-// Replaces the variables based on the given dictionary,
-// and returns the path to the generated directory where the results are stored
-func InterpolateStaticFiles(inputPathFs embed.FS, inputPathRootFolderName string, variables map[string]string) string {
-	directory, readDirError := inputPathFs.ReadDir(inputPathRootFolderName)
-	common.FatalOnError(readDirError)
+// Returns the path to the generated directory where the results are stored
+func CreateTempDirectory(inputPathFs embed.FS, inputPathRootFolderName string) (string, error) {
 
 	uniqueOutputFolder := createUniqueDirectory()
 
-	for _, file := range directory {
-		f, err := inputPathFs.Open(inputPathRootFolderName + "/" + file.Name())
-		common.FatalOnError(err)
-		filesContent, err := io.ReadAll(f)
-		common.FatalOnError(err)
-		fileContentString := string(filesContent)
-		for key, value := range variables {
-			fileContentString = strings.Replace(fileContentString, key, value, -1)
+	err := fs.WalkDir(inputPathFs, inputPathRootFolderName, func(path string, entry fs.DirEntry, err error) error {
+		if err != nil {
+			return err
 		}
+		relPath, err := filepath.Rel(inputPathRootFolderName, path)
+		if err != nil {
+			return err
+		}
+		destPath := filepath.Join(uniqueOutputFolder, relPath)
+		if entry.IsDir() {
+			return os.MkdirAll(destPath, 0755)
+		}
+		fileContent, err := inputPathFs.ReadFile(path)
+		if err != nil {
+			return err
+		}
+		return os.WriteFile(destPath, fileContent, 0644)
+	})
 
-		err = os.WriteFile(filepath.Join(uniqueOutputFolder, file.Name()), []byte(fileContentString), 0644)
-		common.FatalOnError(err)
-	}
-
-	return uniqueOutputFolder
+	return uniqueOutputFolder, err
 }
 
 func LoadEncryptedFile[T interface{}](filename string, cryptographer security.Cryptographer) (*T, error) {
diff --git a/internal/corebuild/orchestrator.go b/internal/corebuild/orchestrator.go
@@ -1,6 +1,8 @@
 package corebuild
 
 import (
+	"embed"
+	"errors"
 	"fmt"
 	"github.com/conplementAG/copsctl/internal/adapters/azure"
 	"github.com/conplementAG/copsctl/internal/cmd/flags"
@@ -20,6 +22,9 @@ import (
 	"path/filepath"
 )
 
+//go:embed terraform/*
+var terraformDirectory embed.FS
+
 type Orchestrator struct {
 	hq                 hq.HQ
 	executor           commands.Executor
@@ -28,6 +33,7 @@ type Orchestrator struct {
 	longNamingService  naming.Service
 	resourceGroupName  string
 	autoApprove        bool
+	cleanupActions     []func() error
 }
 
 func New(hq hq.HQ) (*Orchestrator, error) {
@@ -90,6 +96,9 @@ func (o *Orchestrator) CreateInfrastructure() {
 	managedIdentityName, err := tf.Output(common.ToPtr("managed_identity_name"))
 	common.FatalOnError(err)
 
+	err = o.runCleanupActions()
+	common.FatalOnError(err)
+
 	logrus.Info("================== Build agent pool created  ====================")
 	logrus.Infof("Make sure you add public egress ip %s to all resources firewall access lists build agent needs access", publicEgressIp)
 	logrus.Infof("Make sure you add build agent managed identity %s to all resources permissions needed", managedIdentityName)
@@ -112,6 +121,9 @@ func (o *Orchestrator) DestroyInfrastructure() {
 	err = o.cleanup()
 	common.FatalOnError(err)
 
+	err = o.runCleanupActions()
+	common.FatalOnError(err)
+
 	logrus.Info("================== Build agent pool destroyed  ====================")
 }
 
@@ -148,13 +160,19 @@ func (o *Orchestrator) initializeTerraform() (terraform.Terraform, error) {
 		return nil, err
 	}
 
+	tempDir, err := file_processing.CreateTempDirectory(terraformDirectory, "terraform")
+	o.cleanupActions = append(o.cleanupActions, func() error { return file_processing.DeletePath(tempDir) })
+	if err != nil {
+		return nil, err
+	}
+
 	tf := terraform.New(o.executor, "core-build",
 		o.config.Environment.SubscriptionID,
 		o.config.Environment.TenantID,
 		o.config.Environment.Region,
 		o.resourceGroupName,
 		terraformStorageAccountName,
-		filepath.Join(hq.ProjectBasePath, "internal", "corebuild", "terraform"),
+		tempDir,
 		backendStorageSettings,
 		terraform.DefaultDeploymentSettings)
 	err = tf.Init()
@@ -225,6 +243,22 @@ func (o *Orchestrator) cleanup() error {
 	return azureAdapter.RemoveResourceGroup(o.resourceGroupName)
 }
 
+func (o *Orchestrator) runCleanupActions() error {
+	var errs []string
+
+	for _, f := range o.cleanupActions {
+		if err := f(); err != nil {
+			errs = append(errs, err.Error())
+		}
+	}
+
+	if len(errs) > 0 {
+		return errors.New("combined error: " + fmt.Sprint(errs))
+	}
+
+	return nil
+}
+
 type roleAssignment struct {
 	Scope              string `mapstructure:"scope" json:"scope" yaml:"scope"`
 	RoleDefinitionName string `mapstructure:"role_definition_name" json:"role_definition_name" yaml:"role_definition_name"`
