From eb582ce1996b255deef18393b4775013a853e911 Mon Sep 17 00:00:00 2001 From: Arsenii Petrovich Date: Sun, 24 Feb 2019 03:16:07 +0300 Subject: [PATCH] fixes after beta testing --- .gitignore | 4 ++++ roles/destroy/tasks/main.yml | 5 +++-- roles/dynamodb/defaults/main.yml | 2 +- roles/dynamodb/tasks/main.yml | 2 +- roles/ec2_key/tasks/main.yml | 2 +- roles/main_infra/defaults/main.yml | 6 +++++- roles/main_infra/tasks/main.yml | 17 +++++++++++------ roles/main_infra/templates/backend.tfvars.j2 | 6 +++--- roles/main_infra/templates/terraform.tfvars.j2 | 2 +- roles/s3/tasks/main.yml | 3 ++- 10 files changed, 32 insertions(+), 17 deletions(-) diff --git a/.gitignore b/.gitignore index 92115c4..0c13615 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,10 @@ *.terraform* *terraform.tfstate.d* *tfplan* +roles/main_infra/files/backend.tfvars +roles/main_infra/files/remote-backend-selector.tf +roles/main_infra/files/terraform.tfvars + # Sensitive information /*.privkey diff --git a/roles/destroy/tasks/main.yml b/roles/destroy/tasks/main.yml index b7fd6e8..9e7be9d 100644 --- a/roles/destroy/tasks/main.yml +++ b/roles/destroy/tasks/main.yml @@ -33,9 +33,10 @@ - name: Destroy S3 bucket s3_bucket: - name: "{{ prefix }}-{{ bucket }}" + name: "{{ bucket }}" state: absent + force: yes - dynamodb_table: - name: "{{ prefix }}-{{ table }}" + name: "{{ dynamodb_table }}" state: absent diff --git a/roles/dynamodb/defaults/main.yml b/roles/dynamodb/defaults/main.yml index b1bbfe9..1dd5c7c 100644 --- a/roles/dynamodb/defaults/main.yml +++ b/roles/dynamodb/defaults/main.yml @@ -1,2 +1,2 @@ prefix: "sokol" -table: "dynamo" +dynamodb_table: "dynamo" diff --git a/roles/dynamodb/tasks/main.yml b/roles/dynamodb/tasks/main.yml index 8b33e7b..c9e9670 100644 --- a/roles/dynamodb/tasks/main.yml +++ b/roles/dynamodb/tasks/main.yml @@ -1,6 +1,6 @@ - name: Create DynamoDB table dynamodb_table: - name: "{{ table }}" + name: "{{ dynamodb_table }}" hash_key_name: LockID hash_key_type: STRING read_capacity: 1 diff --git a/roles/ec2_key/tasks/main.yml b/roles/ec2_key/tasks/main.yml index c396933..c3946e6 100644 --- a/roles/ec2_key/tasks/main.yml +++ b/roles/ec2_key/tasks/main.yml @@ -1,6 +1,6 @@ - name: Creating a keypair ec2_key: - name: "{{ ec2_ssh_key_name }} " + name: "{{ ec2_ssh_key_name }}" key_material: "{{ ec2_ssh_key_content }}" force: true when: ec2_ssh_key_content != "" diff --git a/roles/main_infra/defaults/main.yml b/roles/main_infra/defaults/main.yml index d2e1b04..da33099 100644 --- a/roles/main_infra/defaults/main.yml +++ b/roles/main_infra/defaults/main.yml @@ -1,9 +1,13 @@ +dynamodb_table: "poa-terraform-lock" +bucket: "poa-terraform-state" + +terraform_location: "/usr/local/bin/terraform" region: "us-east-1" prefix: "sokol" ec2_ssh_key_name: "sokol-test" vpc_cidr: "10.0.0.0/16" public_subnet_cidr: "10.0.0.0/24" -db_subnet_cidr: "10.0.1.0/24" +db_subnet_cidr: "10.0.2.0/16" dns_zone_name: "poa.internal" instance_type: "m5.xlarge" root_block_size: 8 diff --git a/roles/main_infra/tasks/main.yml b/roles/main_infra/tasks/main.yml index b55008a..7181564 100644 --- a/roles/main_infra/tasks/main.yml +++ b/roles/main_infra/tasks/main.yml @@ -1,32 +1,31 @@ - name: Local or remote backend selector (remote) template: src: remote-backend-selector.tf.j2 - dest: roles/terraform/files/remote-backend-selector.tf + dest: roles/main_infra/files/remote-backend-selector.tf when: - backend|bool == true - name: Local or remote backend selector (local) file: state: absent - dest: roles/terraform/files/remote-backend-selector.tf + dest: roles/main_infra/files/remote-backend-selector.tf when: - backend | default ('false') | bool != true - name: Generating variables file template: src: terraform.tfvars.j2 - dest: roles/terraform/files/terraform.tfvars + dest: roles/main_infra/files/terraform.tfvars - name: Generating backend file template: src: backend.tfvars.j2 - dest: roles/terraform/files/backend.tfvars + dest: roles/main_infra/files/backend.tfvars when: backend|bool == true #Workaround since terraform module return unexpected error. - name: Terraform provisioning shell: "echo yes | {{ terraform_location }} {{ item }}" - register: output args: chdir: "roles/main_infra/files" with_items: @@ -34,6 +33,12 @@ - plan - apply +- name: Terraform output info into variable + shell: "{{ terraform_location }} output" + register: output + args: + chdir: "roles/main_infra/files" + - name: Output info from Terraform debug: - var: output + var: output.stdout_lines diff --git a/roles/main_infra/templates/backend.tfvars.j2 b/roles/main_infra/templates/backend.tfvars.j2 index 5f22693..e15b1c1 100644 --- a/roles/main_infra/templates/backend.tfvars.j2 +++ b/roles/main_infra/templates/backend.tfvars.j2 @@ -1,4 +1,4 @@ -region = "{{ lookup('env','AWS_REGION') }}" -bucket = "{{ prefix }}-{{ bucket }}" -dynamodb_table = "{{ prefix }}-{{ dynamodb_table }}" +region = "{{ ansible_env.AWS_REGION }}" +bucket = "{{ bucket }}" +dynamodb_table = "{{ dynamodb_table }}" key = "terraform.tfstate" diff --git a/roles/main_infra/templates/terraform.tfvars.j2 b/roles/main_infra/templates/terraform.tfvars.j2 index 0745f58..10d6969 100644 --- a/roles/main_infra/templates/terraform.tfvars.j2 +++ b/roles/main_infra/templates/terraform.tfvars.j2 @@ -1,4 +1,4 @@ -region = "{{ lookup('env','AWS_REGION') }}" +region = "{{ ansible_env.AWS_REGION }}" prefix = "{{ prefix }}" key_name = "{{ ec2_ssh_key_name }}" vpc_cidr = "{{ vpc_cidr }}" diff --git a/roles/s3/tasks/main.yml b/roles/s3/tasks/main.yml index 290d11a..7ee55b2 100644 --- a/roles/s3/tasks/main.yml +++ b/roles/s3/tasks/main.yml @@ -2,6 +2,7 @@ aws_s3: bucket: "{{ bucket }}" mode: create + permission: private - name: Apply tags and versioning to create S3 bucket s3_bucket: @@ -28,7 +29,7 @@ - name: Upload config to S3 bucket aws_s3: bucket: "{{ bucket }}" - object: localhost.yml + object: all.yml src: "{{ playbook_dir }}/group_vars/all.yml" mode: put when: stat_result.stat.exists == True and upload_config_to_s3|bool == True