Merge pull request #34 from stackql/feature/updates

Feature/updates

Author: jeffreyaven

examples/azure/azure-stack/README.md

@@ -40,7 +40,7 @@ stackql-deploy { build | test | teardown } { stack-directory } { deployment envi
 For example, to deploy the stack to an environment labeled `sit`, run the following:
 
 ```bash
-export AZURE_VM_ADMIN_PASSWORD="your_password_here"
+export AZURE_VM_ADMIN_PASSWORD="Your_password_here1"
 stackql-deploy build \
 examples/azure/azure-stack sit \
 -e AZURE_SUBSCRIPTION_ID=631d1c6d-2a65-43e7-93c2-688bfe4e1468 \
@@ -63,7 +63,8 @@ To test a stack to ensure that all resources are present and in the desired stat
 ```bash
 stackql-deploy test \
 examples/azure/azure-stack sit \
--e AZURE_SUBSCRIPTION_ID=631d1c6d-2a65-43e7-93c2-688bfe4e1468
+-e AZURE_SUBSCRIPTION_ID=631d1c6d-2a65-43e7-93c2-688bfe4e1468 \
+-e AZURE_VM_ADMIN_PASSWORD=$AZURE_VM_ADMIN_PASSWORD
 ```
 
 ### Tearing down a stack
@@ -73,5 +74,6 @@ To destroy or deprovision all resources in a stack for our `sit` deployment exam
 ```bash
 stackql-deploy teardown \
 examples/azure/azure-stack sit \
--e AZURE_SUBSCRIPTION_ID=631d1c6d-2a65-43e7-93c2-688bfe4e1468
+-e AZURE_SUBSCRIPTION_ID=631d1c6d-2a65-43e7-93c2-688bfe4e1468 \
+-e AZURE_VM_ADMIN_PASSWORD=$AZURE_VM_ADMIN_PASSWORD
 ```

examples/google/load-balanced-vms/README.md

@@ -0,0 +1,72 @@
+# example `stackql-deploy` stack
+
+Based upon the [__terraform-google-load-balanced-vms__](https://github.com/GoogleCloudPlatform/terraform-google-load-balanced-vms) project.
+
+![load balanced vms](https://raw.githubusercontent.com/GoogleCloudPlatform/terraform-google-load-balanced-vms/c3e9669856df44a7b7399a7119eda3ae9ce5a2fa/assets/load_balanced_vms_v1.svg)
+
+## about `stackql-deploy`
+
+[`stackql-deploy`](https://pypi.org/project/stackql-deploy/) is a multi cloud deployment automation and testing framework which is an alternative to Terraform or similar IaC tools.  `stackql-deploy` uses a declarative model/ELT based approach to cloud resource deployment (inspired by [`dbt`](https://www.getdbt.com/)).  Advantages of `stackql-deploy` include:
+
+- declarative framework
+- no state file (state is determined from the target environment)
+- multi-cloud/omni-cloud ready
+- includes resource tests which can include secure config tests
+
+## instaling `stackql-deploy`
+
+`stackql-deploy` is installed as a python based CLI using...
+
+```bash
+pip install stackql-deploy
+# or
+pip3 install stackql-deploy
+```
+> __Note for macOS users__  
+> to install `stackql-deploy` in a virtual environment (which may be necessary on __macOS__), use the following:
+> ```bash
+> python3 -m venv myenv
+> source myenv/bin/activate
+> pip install stackql-deploy
+> ```
+
+## getting started with `stackql-deploy`
+
+Once installed, use the `init` command to scaffold a sample project directory to get started:
+
+```bash
+stackql-deploy init load-balanced-vms
+```
+
+this will create a directory named `load-balanced-vms` which can be updated for your stack, as you can see in this project.
+
+## deploying using `stackql-deploy`
+
+```bash
+export GOOGLE_CREDENTIALS=$(cat ./testcreds/stackql-deploy-project-demo-service-account.json)
+# deploy a stack
+stackql-deploy build \
+examples\google\load-balanced-vms \
+dev \
+-e GOOGLE_PROJECT=stackql-k8s-the-hard-way-demo \
+--dry-run \
+--log-level DEBUG
+
+# test a stack
+stackql-deploy test \
+examples/google/k8s-the-hard-way \
+dev \
+-e GOOGLE_PROJECT=stackql-k8s-the-hard-way-demo \
+--dry-run
+
+# teardown a stack
+stackql-deploy teardown \
+examples/google/k8s-the-hard-way \
+dev \
+-e GOOGLE_PROJECT=stackql-k8s-the-hard-way-demo \
+--dry-run
+```
+
+
+
+stackql-deploy-project

examples/google/load-balanced-vms/example.tf

@@ -0,0 +1,107 @@
+
+# Create a Network Security Group and rule
+resource "azurerm_network_security_group" "tfexample" {
+  name                = "my-terraform-nsg"
+  location            = azurerm_resource_group.tfexample.location
+  resource_group_name = azurerm_resource_group.tfexample.name
+
+  security_rule {
+    name                       = "HTTP"
+    priority                   = 1001
+    direction                  = "Inbound"
+    access                     = "Allow"
+    protocol                   = "Tcp"
+    source_port_range          = "*"
+    destination_port_range     = "8080"
+    source_address_prefix      = "*"
+    destination_address_prefix = "*"
+  }
+
+  tags = {
+    environment = "my-terraform-env"
+  }
+}
+
+# Create a Network Interface
+resource "azurerm_network_interface" "tfexample" {
+  name                = "my-terraform-nic"
+  location            = azurerm_resource_group.tfexample.location
+  resource_group_name = azurerm_resource_group.tfexample.name
+
+  ip_configuration {
+    name                          = "my-terraform-nic-ip-config"
+    subnet_id                     = azurerm_subnet.tfexample.id
+    private_ip_address_allocation = "Dynamic"
+    public_ip_address_id          = azurerm_public_ip.tfexample.id
+  }
+
+  tags = {
+    environment = "my-terraform-env"
+  }
+}
+
+# Create a Network Interface Security Group association
+resource "azurerm_network_interface_security_group_association" "tfexample" {
+  network_interface_id      = azurerm_network_interface.tfexample.id
+  network_security_group_id = azurerm_network_security_group.tfexample.id
+}
+
+# Create a Virtual Machine
+resource "azurerm_linux_virtual_machine" "tfexample" {
+  name                            = "my-terraform-vm"
+  location                        = azurerm_resource_group.tfexample.location
+  resource_group_name             = azurerm_resource_group.tfexample.name
+  network_interface_ids           = [azurerm_network_interface.tfexample.id]
+  size                            = "Standard_DS1_v2"
+  computer_name                   = "myvm"
+  admin_username                  = "azureuser"
+  admin_password                  = "Password1234!"
+  disable_password_authentication = false
+
+  source_image_reference {
+    publisher = "Canonical"
+    offer     = "UbuntuServer"
+    sku       = "18.04-LTS"
+    version   = "latest"
+  }
+
+  os_disk {
+    name                 = "my-terraform-os-disk"
+    storage_account_type = "Standard_LRS"
+    caching              = "ReadWrite"
+  }
+
+  tags = {
+    environment = "my-terraform-env"
+  }
+}
+
+# Configurate to run automated tasks in the VM start-up
+resource "azurerm_virtual_machine_extension" "tfexample" {
+  name                 = "hostname"
+  virtual_machine_id   = azurerm_linux_virtual_machine.tfexample.id
+  publisher            = "Microsoft.Azure.Extensions"
+  type                 = "CustomScript"
+  type_handler_version = "2.1"
+
+  settings = <<SETTINGS
+    {
+      "commandToExecute": "echo 'Hello, World' > index.html ; nohup busybox httpd -f -p 8080 &"
+    }
+  SETTINGS
+
+  tags = {
+    environment = "my-terraform-env"
+  }
+}
+
+# Data source to access the properties of an existing Azure Public IP Address
+data "azurerm_public_ip" "tfexample" {
+  name                = azurerm_public_ip.tfexample.name
+  resource_group_name = azurerm_linux_virtual_machine.tfexample.resource_group_name
+}
+
+# Output variable: Public IP address
+output "public_ip" {
+  value = data.azurerm_public_ip.tfexample.ip_address
+}

examples/google/load-balanced-vms/resources/project_services.iql

@@ -0,0 +1,47 @@
+/*+ exists */
+SELECT name FROM google.serviceusage.services
+WHERE parent = '219788095364'
+AND parentType = 'projects'
+AND filter = 'state:ENABLED'
+AND name = 'compute.googleapis.com';
+
+
+projects//services/cloudtrace.googleapis.com
+
+SELECT * FROM google.serviceusage.services
+WHERE name = 'projects/123/services/serviceusage.googleapis.com'
+
+parent, parentType
+
+
+name	string	The resource name of the consumer and service. A valid name would be: - projects/123/services/serviceusage.googleapis.com
+config	object	The configuration of the service.
+parent	string	The resource name of the consumer. A valid name would be: - projects/123
+state	string	Whether or not the service has been enabled for use by the consumer.
+
+
+
+/*+ createorupdate */
+{% for network_interface in network_interfaces | from_json %}
+DELETE FROM google.compute.instances 
+WHERE project = '{{ project }}'
+AND zone = '{{ default_zone }}'
+AND instance = '{{ instance_name_prefix }}-{{ loop.index }}';
+{% endfor %}
+
+
+
+
+{{ range .root_projects }}
+{{ $project := . }}
+{{ range .apis }}
+EXEC google.serviceusage.services.enable
+@name = (
+  SELECT 
+   'projects/' || name || '/services/{{ . }}'
+   FROM google.cloudresourcemanager.projects 
+   WHERE parent='{{ $global.organization_id }}'
+   and displayName= '{{ $project.displayName }}'
+);
+{{end}}
+{{end}}