partial cherry pick from 973c02f7b1

2020-02-05 15:37:53 +03:00 · 2020-02-05 15:37:53 +03:00 · 366aa71d9a
parent 60433fb935
commit 366aa71d9a
10 changed files with 42 additions and 18 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@ -6,3 +6,4 @@ deprecation_warnings = False
 host_key_checking = false
 log_path = log.txt
 hash_behaviour = merge
+display_skipped_hosts = false
--- a/destroy.yml
+++ b/destroy.yml
@ -1,8 +1,7 @@
 - name: Destroy infrastructure
  hosts: all
-  serial: 1
  roles:
-    - { role: destroy, when: "confirmation|bool == True" } 
+    - { role: destroy, when: "confirmation|bool == True and inventory_hostname == groups[group_names[0]][0]" } 
  vars_prompt:
    - name: "confirmation"
      prompt: "Are you sure you want to destroy all the infra?"
--- a/roles/main_infra/files/deploy.tf
+++ b/roles/main_infra/files/deploy.tf
@ -17,7 +17,7 @@ resource "aws_codedeploy_deployment_group" "explorer" {
  app_name              = "${aws_codedeploy_app.explorer.name}"
  deployment_group_name = "${var.prefix}-explorer-dg${count.index}"
  service_role_arn      = "${aws_iam_role.deployer.arn}"
-  autoscaling_groups    = ["${aws_launch_configuration.explorer.name}-asg-${element(var.chains,count.index)}"]
+  autoscaling_groups    = ["${aws_launch_configuration.explorer.name}-asg-${element(var.chains, count.index)}"]

  deployment_style {
    deployment_option = "WITH_TRAFFIC_CONTROL"
--- a/roles/main_infra/files/dns.tf
+++ b/roles/main_infra/files/dns.tf
@ -1,7 +1,9 @@
 # Internal DNS Zone
 resource "aws_route53_zone" "main" {
  name   = "${var.prefix}.${var.dns_zone_name}"
-  vpc_id = "${aws_vpc.vpc.id}"
+  vpc {
+    vpc_id = "${aws_vpc.vpc.id}"
+  }

  tags {
    prefix = "${var.prefix}"
--- a/roles/main_infra/files/libexec/init.sh
+++ b/roles/main_infra/files/libexec/init.sh
@ -147,9 +147,10 @@ EOF

 log "Installing Erlang.."

-wget https://packages.erlang-solutions.com/erlang/rpm/centos/7/x86_64/esl-erlang_21.1-1~centos~7_amd64.rpm
+erlang_version="esl-erlang_22.0-1~centos~7_amd64.rpm"
+wget https://packages.erlang-solutions.com/erlang/rpm/centos/7/x86_64/${erlang_version}
 yum localinstall -y wxGTK-devel unixODBC-devel >"$LOG"
-yum localinstall -y esl-erlang_21.1-1~centos~7_amd64.rpm >"$LOG"
+yum localinstall -y ${erlang_version} >"$LOG"

 log "Fetching configuration from Parameter Store..."
 fetch_ssm_with_token
--- a/roles/main_infra/files/subnets.tf
+++ b/roles/main_infra/files/subnets.tf
@ -16,7 +16,7 @@ resource "aws_subnet" "default" {
 ## ALB subnet
 resource "aws_subnet" "alb" {
  vpc_id                  = "${aws_vpc.vpc.id}"
-  cidr_block              = "${var.public_subnet_cidr}"
+  #cidr_block              = var.public_subnet_cidr
  cidr_block              = "${cidrsubnet(var.db_subnet_cidr, 5, 1)}"
  availability_zone       = "${data.aws_availability_zones.available.names[1]}"
  map_public_ip_on_launch = true
--- a/roles/main_infra/files/variables.tf
+++ b/roles/main_infra/files/variables.tf
@ -1,3 +1,19 @@
+variable "aws_profile" {
+  default = "null"
+}
+
+variable "aws_region" {
+  default = "null"
+}
+
+variable "aws_access_key" {
+  default = "null"
+}
+
+variable "aws_secret_key" {
+  default = "null"
+}
+
 variable "prefix" {}
 variable "key_name" {}
 variable "vpc_cidr" {}
--- a/roles/main_infra/tasks/main.yml
+++ b/roles/main_infra/tasks/main.yml
@ -64,9 +64,9 @@
  args:
    chdir: "/tmp/files-{{ group_names[0] }}"
  with_items:
-    - "init{{ ' -backend-config=backend.tfvars' if backend|bool == true else '' }}"
+    - "init{{ ' -backend-config=backend.tfvars' if backend|bool else '' }}"
    - plan -out terraform.tfplan
-    - show terraform.tfplan -no-color
+    - show -no-color terraform.tfplan

 - name: Show Terraform plan
  debug:
@ -92,13 +92,10 @@
  args:
    chdir: "/tmp/files-{{ group_names[0] }}"
  when: hostvars[groups['all'][0]].user_answer.user_input | bool
-  ignore_errors: True
-
- name: Ensure Terraform resources has been provisioned
-  shell: "echo yes | {{ terraform_location }} apply"
-  args:
-    chdir: "/tmp/files-{{ group_names[0] }}"
-  when: hostvars[groups['all'][0]].user_answer.user_input | bool
+  retries: 1
+  delay: 3
+  register: result
+  until: result.rc == 0

 - name: Terraform output info into variable
  shell: "{{ terraform_location }} output -json"
@ -109,7 +106,7 @@

 - name: Output info from Terraform
  debug:
-    var: output.stdout_lines
+    var: (output.stdout|from_json).instructions.value
  when: hostvars[groups['all'][0]].user_answer.user_input | bool

 - name: Ansible delete file glob
--- a/roles/main_infra/templates/remote-backend-selector.tf.j2
+++ b/roles/main_infra/templates/remote-backend-selector.tf.j2
@ -1,6 +1,6 @@
 terraform {
  backend "s3" {
-    {% if aws_access_key is undefined %}
+    {% if aws_access_key is undefined or aws_access_key == '' %}
      profile    = "{{ aws_profile|default("default") }}"
    {% else %}
      access_key = "{{ aws_access_key }}"
--- a/roles/main_infra/templates/terraform.tfvars.j2
+++ b/roles/main_infra/templates/terraform.tfvars.j2
@ -1,3 +1,11 @@
+{% if aws_access_key is undefined or aws_access_key == '' %}
+aws_profile        = "{{ aws_profile|default('default') }}"
+{% else %}
+aws_access_key     = "{{ aws_access_key | default('null') }}"
+aws_secret_key     = "{{ aws_secret_key | default('null') }}"
+{% endif %}
+aws_region         = "{{ aws_region | default('us-east-1') }}"
+
 prefix             = "{{ group_names[0] }}"
 key_name           = "{{ ec2_ssh_key_name }}"
 key_content        = "{{ ec2_ssh_key_content }}"