From d54520a3aa5f19441572311a2179a5e95bef69ea Mon Sep 17 00:00:00 2001 From: Tamir Kamara <26870601+tamirkamara@users.noreply.github.com> Date: Mon, 26 Dec 2022 18:49:29 +0200 Subject: [PATCH] Move core folder to root (#3016) * move core folder to root * fix paths * fix letsencrypt lint errors * Update core/terraform/destroy.sh Co-authored-by: Yuval Yaron <43217306+yuvalyaron@users.noreply.github.com> * lint Co-authored-by: Yuval Yaron <43217306+yuvalyaron@users.noreply.github.com> --- .devcontainer/devcontainer.json | 2 +- .devcontainer/scripts/consolidate_env.sh | 2 +- .github/dependabot.yml | 2 +- .../workflows/build_validation_develop.yml | 4 +-- .gitignore | 8 ++--- Makefile | 32 +++++++++---------- .../terraform/.terraform.lock.hcl | 0 .../terraform/airlock/airlock_processor.tf | 2 +- .../terraform/airlock/eventgrid_topics.tf | 0 .../terraform/airlock/identity.tf | 0 .../core => core}/terraform/airlock/locals.tf | 0 .../core => core}/terraform/airlock/main.tf | 0 .../terraform/airlock/outputs.tf | 0 .../terraform/airlock/service_bus.tf | 0 .../terraform/airlock/storage_accounts.tf | 0 .../terraform/airlock/variables.tf | 0 .../core => core}/terraform/api-identity.tf | 0 .../core => core}/terraform/api-webapp.tf | 2 +- .../terraform/appgateway/appgateway.tf | 0 .../terraform/appgateway/certificate.tf | 0 .../terraform/appgateway/locals.tf | 0 .../terraform/appgateway/main.tf | 0 .../terraform/appgateway/outputs.tf | 0 .../terraform/appgateway/staticweb.tf | 0 .../terraform/appgateway/variables.tf | 0 .../terraform/azure-monitor/azure-monitor.tf | 0 .../terraform/azure-monitor/locals.tf | 0 .../terraform/azure-monitor/main.tf | 0 .../terraform/azure-monitor/outputs.tf | 0 .../terraform/azure-monitor/variables.tf | 0 {templates/core => core}/terraform/bastion.tf | 0 core/terraform/compare_plans.sh | 23 +++++++++++++ .../core => core}/terraform/cosmos_mongo.tf | 0 {templates/core => core}/terraform/data.tf | 0 {templates/core => core}/terraform/deploy.sh | 2 +- core/terraform/destroy.sh | 13 ++++++++ {templates/core => core}/terraform/import.sh | 2 +- .../core => core}/terraform/json-to-env.sh | 0 .../core => core}/terraform/keyvault.tf | 0 {templates/core => core}/terraform/locals.tf | 0 {templates/core => core}/terraform/main.tf | 0 {templates/core => core}/terraform/migrate.sh | 10 +++--- .../terraform/modules_move_definitions.tf | 0 .../terraform/network/dns_zones.tf | 0 .../core => core}/terraform/network/locals.tf | 0 .../core => core}/terraform/network/main.tf | 0 .../terraform/network/network.tf | 0 .../network/network_security_groups.tf | 0 .../terraform/network/outputs.tf | 0 .../terraform/network/variables.tf | 0 {templates/core => core}/terraform/outputs.sh | 0 {templates/core => core}/terraform/outputs.tf | 0 .../vmss_porter/cloud-config.yaml | 0 .../resource_processor/vmss_porter/data.tf | 2 +- .../resource_processor/vmss_porter/locals.tf | 0 .../resource_processor/vmss_porter/main.tf | 0 .../vmss_porter/variables.tf | 0 .../terraform/scripts/auth-hook.sh | 1 + .../terraform/scripts/cleanup-hook.sh | 0 .../terraform/scripts/letsencrypt.sh | 24 +++++++------- .../core => core}/terraform/servicebus.tf | 0 .../core => core}/terraform/statestore.tf | 0 {templates/core => core}/terraform/storage.tf | 0 .../core => core}/terraform/update_tags.sh | 0 .../core => core}/terraform/variables.tf | 0 {templates/core => core}/version.txt | 0 devops/scripts/list_versions.sh | 2 +- devops/scripts/setup_local_debugging.sh | 26 ++++++++------- docs/azure-tre-overview/networking.md | 4 +-- docs/tre-developers/end-to-end-tests.md | 2 +- templates/core/terraform/compare_plans.sh | 23 ------------- templates/core/terraform/destroy.sh | 13 -------- 72 files changed, 104 insertions(+), 97 deletions(-) rename {templates/core => core}/terraform/.terraform.lock.hcl (100%) rename {templates/core => core}/terraform/airlock/airlock_processor.tf (98%) rename {templates/core => core}/terraform/airlock/eventgrid_topics.tf (100%) rename {templates/core => core}/terraform/airlock/identity.tf (100%) rename {templates/core => core}/terraform/airlock/locals.tf (100%) rename {templates/core => core}/terraform/airlock/main.tf (100%) rename {templates/core => core}/terraform/airlock/outputs.tf (100%) rename {templates/core => core}/terraform/airlock/service_bus.tf (100%) rename {templates/core => core}/terraform/airlock/storage_accounts.tf (100%) rename {templates/core => core}/terraform/airlock/variables.tf (100%) rename {templates/core => core}/terraform/api-identity.tf (100%) rename {templates/core => core}/terraform/api-webapp.tf (99%) rename {templates/core => core}/terraform/appgateway/appgateway.tf (100%) rename {templates/core => core}/terraform/appgateway/certificate.tf (100%) rename {templates/core => core}/terraform/appgateway/locals.tf (100%) rename {templates/core => core}/terraform/appgateway/main.tf (100%) rename {templates/core => core}/terraform/appgateway/outputs.tf (100%) rename {templates/core => core}/terraform/appgateway/staticweb.tf (100%) rename {templates/core => core}/terraform/appgateway/variables.tf (100%) rename {templates/core => core}/terraform/azure-monitor/azure-monitor.tf (100%) rename {templates/core => core}/terraform/azure-monitor/locals.tf (100%) rename {templates/core => core}/terraform/azure-monitor/main.tf (100%) rename {templates/core => core}/terraform/azure-monitor/outputs.tf (100%) rename {templates/core => core}/terraform/azure-monitor/variables.tf (100%) rename {templates/core => core}/terraform/bastion.tf (100%) create mode 100755 core/terraform/compare_plans.sh rename {templates/core => core}/terraform/cosmos_mongo.tf (100%) rename {templates/core => core}/terraform/data.tf (100%) rename {templates/core => core}/terraform/deploy.sh (93%) create mode 100755 core/terraform/destroy.sh rename {templates/core => core}/terraform/import.sh (88%) rename {templates/core => core}/terraform/json-to-env.sh (100%) rename {templates/core => core}/terraform/keyvault.tf (100%) rename {templates/core => core}/terraform/locals.tf (100%) rename {templates/core => core}/terraform/main.tf (100%) rename {templates/core => core}/terraform/migrate.sh (97%) rename {templates/core => core}/terraform/modules_move_definitions.tf (100%) rename {templates/core => core}/terraform/network/dns_zones.tf (100%) rename {templates/core => core}/terraform/network/locals.tf (100%) rename {templates/core => core}/terraform/network/main.tf (100%) rename {templates/core => core}/terraform/network/network.tf (100%) rename {templates/core => core}/terraform/network/network_security_groups.tf (100%) rename {templates/core => core}/terraform/network/outputs.tf (100%) rename {templates/core => core}/terraform/network/variables.tf (100%) rename {templates/core => core}/terraform/outputs.sh (100%) rename {templates/core => core}/terraform/outputs.tf (100%) rename {templates/core => core}/terraform/resource_processor/vmss_porter/cloud-config.yaml (100%) rename {templates/core => core}/terraform/resource_processor/vmss_porter/data.tf (96%) rename {templates/core => core}/terraform/resource_processor/vmss_porter/locals.tf (100%) rename {templates/core => core}/terraform/resource_processor/vmss_porter/main.tf (100%) rename {templates/core => core}/terraform/resource_processor/vmss_porter/variables.tf (100%) rename {templates/core => core}/terraform/scripts/auth-hook.sh (92%) rename {templates/core => core}/terraform/scripts/cleanup-hook.sh (100%) rename {templates/core => core}/terraform/scripts/letsencrypt.sh (90%) rename {templates/core => core}/terraform/servicebus.tf (100%) rename {templates/core => core}/terraform/statestore.tf (100%) rename {templates/core => core}/terraform/storage.tf (100%) rename {templates/core => core}/terraform/update_tags.sh (100%) rename {templates/core => core}/terraform/variables.tf (100%) rename {templates/core => core}/version.txt (100%) delete mode 100755 templates/core/terraform/compare_plans.sh delete mode 100755 templates/core/terraform/destroy.sh diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index b058b5586..85720c931 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -174,7 +174,7 @@ "console": "integratedTerminal", "preLaunchTask": "Install_resource_processor_dependencies", "cwd": "${workspaceFolder}/resource_processor", - "envFile": "${workspaceFolder}/templates/core/private.env", + "envFile": "${workspaceFolder}/core/private.env", "env": { "PYTHONPATH": "." } diff --git a/.devcontainer/scripts/consolidate_env.sh b/.devcontainer/scripts/consolidate_env.sh index 0ca1752ab..f64465b78 100755 --- a/.devcontainer/scripts/consolidate_env.sh +++ b/.devcontainer/scripts/consolidate_env.sh @@ -23,4 +23,4 @@ FORMAT_TO_ENV_FILE="to_entries| map(.key + \"=\" + .value)|.[]" yq e "$GET_LEAF_KEYS|$UPCASE_KEYS| $FORMAT_TO_ENV_FILE" config.yaml > $FILE # shellcheck disable=SC2086 -cat $WORKDIR/templates/core/private.env >> $FILE +cat $WORKDIR/core/private.env >> $FILE diff --git a/.github/dependabot.yml b/.github/dependabot.yml index eaedc3b1b..409eb6274 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -28,6 +28,6 @@ updates: interval: "monthly" - package-ecosystem: "terraform" - directory: "/templates/core/terraform" + directory: "/core/terraform" schedule: interval: "monthly" diff --git a/.github/workflows/build_validation_develop.yml b/.github/workflows/build_validation_develop.yml index 6fe3f8f1f..76cdba331 100644 --- a/.github/workflows/build_validation_develop.yml +++ b/.github/workflows/build_validation_develop.yml @@ -34,9 +34,9 @@ jobs: # our Terraform uses more than just *.tf files, so need to check changes in the folder - '**/terraform/**/*' core: - - 'templates/core/**/*' + - 'core/**/*' core_version: - - 'templates/core/version.txt' + - 'core/version.txt' docs: - 'docs/**/*' diff --git a/.gitignore b/.gitignore index 13c564b90..57359aa4c 100644 --- a/.gitignore +++ b/.gitignore @@ -111,7 +111,7 @@ venv/ ENV/ env.bak/ venv.bak/ -templates/core/tre.env +core/tre.env devops/auth.env private.env @@ -201,9 +201,9 @@ sample.dat .bash_history # lets encrypt -templates/core/terraform/scripts/index.html -templates/core/terraform/scripts/validation.txt -templates/core/terraform/plan +core/terraform/scripts/index.html +core/terraform/scripts/validation.txt +core/terraform/plan # Test results e2e_tests/pytest_e2e_*.xml diff --git a/Makefile b/Makefile index eec65016c..68a21585a 100644 --- a/Makefile +++ b/Makefile @@ -96,7 +96,7 @@ push-airlock-processor: prepare-tf-state: $(call target_title, "Preparing terraform state") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform > /dev/null && ../../shared_services/firewall/terraform/remove_state.sh && popd > /dev/null \ + && pushd ${MAKEFILE_DIR}/core/terraform > /dev/null && ../../shared_services/firewall/terraform/remove_state.sh && popd > /dev/null \ && pushd ${MAKEFILE_DIR}/templates/shared_services/firewall/terraform > /dev/null && ./import_state.sh && popd > /dev/null # / End migration targets @@ -104,16 +104,16 @@ deploy-core: tre-start $(call target_title, "Deploying TRE") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ && if [[ "$${TF_LOG}" == "DEBUG" ]]; \ - then echo "TF DEBUG set - output supressed - see tflogs container for log file" && cd ${MAKEFILE_DIR}/templates/core/terraform/ \ + then echo "TF DEBUG set - output supressed - see tflogs container for log file" && cd ${MAKEFILE_DIR}/core/terraform/ \ && ./deploy.sh 1>/dev/null 2>/dev/null; \ - else cd ${MAKEFILE_DIR}/templates/core/terraform/ && ./deploy.sh; fi; + else cd ${MAKEFILE_DIR}/core/terraform/ && ./deploy.sh; fi; letsencrypt: $(call target_title, "Requesting LetsEncrypt SSL certificate") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,certbot,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ - && ${MAKEFILE_DIR}/templates/core/terraform/scripts/letsencrypt.sh + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ + && ${MAKEFILE_DIR}/core/terraform/scripts/letsencrypt.sh tre-start: $(call target_title, "Starting TRE") \ @@ -297,15 +297,15 @@ firewall-install: static-web-upload: $(call target_title, "Uploading to static website") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ && ${MAKEFILE_DIR}/devops/scripts/upload_static_web.sh build-and-deploy-ui: $(call target_title, "Build and deploy UI") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ && if [ "$${DEPLOY_UI}" != "false" ]; then ${MAKEFILE_DIR}/devops/scripts/build_deploy_ui.sh; else echo "UI Deploy skipped as DEPLOY_UI is false"; fi \ prepare-for-e2e: @@ -347,8 +347,8 @@ test-e2e-custom: setup-local-debugging: $(call target_title,"Setting up the ability to debug the API and Resource Processor") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ && . ${MAKEFILE_DIR}/devops/scripts/setup_local_debugging.sh auth: @@ -358,18 +358,18 @@ auth: show-core-output: $(call target_title,"Display TRE core output") \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && terraform show && popd > /dev/null + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && terraform show && popd > /dev/null api-healthcheck: $(call target_title,"Checking API Health") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ && ${MAKEFILE_DIR}/devops/scripts/api_healthcheck.sh db-migrate: api-healthcheck $(call target_title,"Migrating Cosmos Data") \ && . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env \ - && pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ - && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \ + && pushd ${MAKEFILE_DIR}/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \ + && . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/core/private.env \ && . ${MAKEFILE_DIR}/devops/scripts/get_access_token.sh \ && . ${MAKEFILE_DIR}/devops/scripts/migrate_state_store.sh --tre_url "$${TRE_URL:-https://$${TRE_ID}.$${LOCATION}.cloudapp.azure.com}" --insecure diff --git a/templates/core/terraform/.terraform.lock.hcl b/core/terraform/.terraform.lock.hcl similarity index 100% rename from templates/core/terraform/.terraform.lock.hcl rename to core/terraform/.terraform.lock.hcl diff --git a/templates/core/terraform/airlock/airlock_processor.tf b/core/terraform/airlock/airlock_processor.tf similarity index 98% rename from templates/core/terraform/airlock/airlock_processor.tf rename to core/terraform/airlock/airlock_processor.tf index 6b7ce80d5..f18ead684 100644 --- a/templates/core/terraform/airlock/airlock_processor.tf +++ b/core/terraform/airlock/airlock_processor.tf @@ -1,5 +1,5 @@ data "local_file" "airlock_processor_version" { - filename = "${path.root}/../../../airlock_processor/_version.py" + filename = "${path.root}/../../airlock_processor/_version.py" } locals { diff --git a/templates/core/terraform/airlock/eventgrid_topics.tf b/core/terraform/airlock/eventgrid_topics.tf similarity index 100% rename from templates/core/terraform/airlock/eventgrid_topics.tf rename to core/terraform/airlock/eventgrid_topics.tf diff --git a/templates/core/terraform/airlock/identity.tf b/core/terraform/airlock/identity.tf similarity index 100% rename from templates/core/terraform/airlock/identity.tf rename to core/terraform/airlock/identity.tf diff --git a/templates/core/terraform/airlock/locals.tf b/core/terraform/airlock/locals.tf similarity index 100% rename from templates/core/terraform/airlock/locals.tf rename to core/terraform/airlock/locals.tf diff --git a/templates/core/terraform/airlock/main.tf b/core/terraform/airlock/main.tf similarity index 100% rename from templates/core/terraform/airlock/main.tf rename to core/terraform/airlock/main.tf diff --git a/templates/core/terraform/airlock/outputs.tf b/core/terraform/airlock/outputs.tf similarity index 100% rename from templates/core/terraform/airlock/outputs.tf rename to core/terraform/airlock/outputs.tf diff --git a/templates/core/terraform/airlock/service_bus.tf b/core/terraform/airlock/service_bus.tf similarity index 100% rename from templates/core/terraform/airlock/service_bus.tf rename to core/terraform/airlock/service_bus.tf diff --git a/templates/core/terraform/airlock/storage_accounts.tf b/core/terraform/airlock/storage_accounts.tf similarity index 100% rename from templates/core/terraform/airlock/storage_accounts.tf rename to core/terraform/airlock/storage_accounts.tf diff --git a/templates/core/terraform/airlock/variables.tf b/core/terraform/airlock/variables.tf similarity index 100% rename from templates/core/terraform/airlock/variables.tf rename to core/terraform/airlock/variables.tf diff --git a/templates/core/terraform/api-identity.tf b/core/terraform/api-identity.tf similarity index 100% rename from templates/core/terraform/api-identity.tf rename to core/terraform/api-identity.tf diff --git a/templates/core/terraform/api-webapp.tf b/core/terraform/api-webapp.tf similarity index 99% rename from templates/core/terraform/api-webapp.tf rename to core/terraform/api-webapp.tf index 75483c752..c209c91f3 100644 --- a/templates/core/terraform/api-webapp.tf +++ b/core/terraform/api-webapp.tf @@ -1,5 +1,5 @@ data "local_file" "api_app_version" { - filename = "${path.root}/../../../api_app/_version.py" + filename = "${path.root}/../../api_app/_version.py" } locals { diff --git a/templates/core/terraform/appgateway/appgateway.tf b/core/terraform/appgateway/appgateway.tf similarity index 100% rename from templates/core/terraform/appgateway/appgateway.tf rename to core/terraform/appgateway/appgateway.tf diff --git a/templates/core/terraform/appgateway/certificate.tf b/core/terraform/appgateway/certificate.tf similarity index 100% rename from templates/core/terraform/appgateway/certificate.tf rename to core/terraform/appgateway/certificate.tf diff --git a/templates/core/terraform/appgateway/locals.tf b/core/terraform/appgateway/locals.tf similarity index 100% rename from templates/core/terraform/appgateway/locals.tf rename to core/terraform/appgateway/locals.tf diff --git a/templates/core/terraform/appgateway/main.tf b/core/terraform/appgateway/main.tf similarity index 100% rename from templates/core/terraform/appgateway/main.tf rename to core/terraform/appgateway/main.tf diff --git a/templates/core/terraform/appgateway/outputs.tf b/core/terraform/appgateway/outputs.tf similarity index 100% rename from templates/core/terraform/appgateway/outputs.tf rename to core/terraform/appgateway/outputs.tf diff --git a/templates/core/terraform/appgateway/staticweb.tf b/core/terraform/appgateway/staticweb.tf similarity index 100% rename from templates/core/terraform/appgateway/staticweb.tf rename to core/terraform/appgateway/staticweb.tf diff --git a/templates/core/terraform/appgateway/variables.tf b/core/terraform/appgateway/variables.tf similarity index 100% rename from templates/core/terraform/appgateway/variables.tf rename to core/terraform/appgateway/variables.tf diff --git a/templates/core/terraform/azure-monitor/azure-monitor.tf b/core/terraform/azure-monitor/azure-monitor.tf similarity index 100% rename from templates/core/terraform/azure-monitor/azure-monitor.tf rename to core/terraform/azure-monitor/azure-monitor.tf diff --git a/templates/core/terraform/azure-monitor/locals.tf b/core/terraform/azure-monitor/locals.tf similarity index 100% rename from templates/core/terraform/azure-monitor/locals.tf rename to core/terraform/azure-monitor/locals.tf diff --git a/templates/core/terraform/azure-monitor/main.tf b/core/terraform/azure-monitor/main.tf similarity index 100% rename from templates/core/terraform/azure-monitor/main.tf rename to core/terraform/azure-monitor/main.tf diff --git a/templates/core/terraform/azure-monitor/outputs.tf b/core/terraform/azure-monitor/outputs.tf similarity index 100% rename from templates/core/terraform/azure-monitor/outputs.tf rename to core/terraform/azure-monitor/outputs.tf diff --git a/templates/core/terraform/azure-monitor/variables.tf b/core/terraform/azure-monitor/variables.tf similarity index 100% rename from templates/core/terraform/azure-monitor/variables.tf rename to core/terraform/azure-monitor/variables.tf diff --git a/templates/core/terraform/bastion.tf b/core/terraform/bastion.tf similarity index 100% rename from templates/core/terraform/bastion.tf rename to core/terraform/bastion.tf diff --git a/core/terraform/compare_plans.sh b/core/terraform/compare_plans.sh new file mode 100755 index 000000000..31746f2ad --- /dev/null +++ b/core/terraform/compare_plans.sh @@ -0,0 +1,23 @@ +#!/bin/bash +set -e + +# if no arguments are provided, return usage function +if [[ $# -ne 2 || -z $1 || -z $2 ]]; then + echo "Usage: $0 " + exit 1 +fi + +left_tfplan=$1 +right_tfplan=$2 + +echo "Comparing ${left_tfplan} to ${right_tfplan}..." + + +function plan_change() { + terraform show -json "$1" | jq -r '.resource_changes[] | select(.change.actions[] | contains("no-op") or contains("read") | not)' > "$1_filtered.json" +} + +plan_change "${left_tfplan}" +plan_change "${right_tfplan}" + +diff <(jq --sort-keys . "${left_tfplan}"_filtered.json) <(jq --sort-keys . "${right_tfplan}"_filtered.json) diff --git a/templates/core/terraform/cosmos_mongo.tf b/core/terraform/cosmos_mongo.tf similarity index 100% rename from templates/core/terraform/cosmos_mongo.tf rename to core/terraform/cosmos_mongo.tf diff --git a/templates/core/terraform/data.tf b/core/terraform/data.tf similarity index 100% rename from templates/core/terraform/data.tf rename to core/terraform/data.tf diff --git a/templates/core/terraform/deploy.sh b/core/terraform/deploy.sh similarity index 93% rename from templates/core/terraform/deploy.sh rename to core/terraform/deploy.sh index 84f240cd5..5ba0f9d6e 100755 --- a/templates/core/terraform/deploy.sh +++ b/core/terraform/deploy.sh @@ -15,7 +15,7 @@ LOG_FILE="${TS}-tre-core.log" # This variables are loaded in for us # shellcheck disable=SC2154 -../../../devops/scripts/terraform_wrapper.sh \ +../../devops/scripts/terraform_wrapper.sh \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ diff --git a/core/terraform/destroy.sh b/core/terraform/destroy.sh new file mode 100755 index 000000000..92b6b75c4 --- /dev/null +++ b/core/terraform/destroy.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -o errexit +set -o pipefail +set -o nounset +# set -o xtrace + +# These variables are loaded in for us +# shellcheck disable=SC2154 +../../devops/scripts/terraform_wrapper.sh -g "${TF_VAR_mgmt_resource_group_name}" \ + -s "${TF_VAR_mgmt_storage_account_name}" \ + -n "${TF_VAR_terraform_state_container_name}" \ + -k "${TRE_ID}" -c "terraform destroy -auto-approve" diff --git a/templates/core/terraform/import.sh b/core/terraform/import.sh similarity index 88% rename from templates/core/terraform/import.sh rename to core/terraform/import.sh index 7b3801c1e..b9cc6feee 100755 --- a/templates/core/terraform/import.sh +++ b/core/terraform/import.sh @@ -9,7 +9,7 @@ export TF_LOG="" # This variables are loaded in for us # shellcheck disable=SC2154 -../../../devops/scripts/terraform_wrapper.sh \ +../../devops/scripts/terraform_wrapper.sh \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ diff --git a/templates/core/terraform/json-to-env.sh b/core/terraform/json-to-env.sh similarity index 100% rename from templates/core/terraform/json-to-env.sh rename to core/terraform/json-to-env.sh diff --git a/templates/core/terraform/keyvault.tf b/core/terraform/keyvault.tf similarity index 100% rename from templates/core/terraform/keyvault.tf rename to core/terraform/keyvault.tf diff --git a/templates/core/terraform/locals.tf b/core/terraform/locals.tf similarity index 100% rename from templates/core/terraform/locals.tf rename to core/terraform/locals.tf diff --git a/templates/core/terraform/main.tf b/core/terraform/main.tf similarity index 100% rename from templates/core/terraform/main.tf rename to core/terraform/main.tf diff --git a/templates/core/terraform/migrate.sh b/core/terraform/migrate.sh similarity index 97% rename from templates/core/terraform/migrate.sh rename to core/terraform/migrate.sh index ab677e32c..95dd416a4 100755 --- a/templates/core/terraform/migrate.sh +++ b/core/terraform/migrate.sh @@ -5,6 +5,8 @@ set -o pipefail set -o nounset # set -o xtrace +terraform_wrapper_path="../../devops/scripts/terraform_wrapper.sh" + # This variables are loaded in for us # shellcheck disable=SC2154 terraform init -input=false -backend=true -reconfigure \ @@ -64,7 +66,7 @@ if [ -n "${app_insights_via_arm}" ]; then # This variables are loaded in for us # shellcheck disable=SC2154 - ../../../devops/scripts/terraform_wrapper.sh \ + "${terraform_wrapper_path}" \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ @@ -93,7 +95,7 @@ if [ -n "${core_plan}" ] && [ -n "${api_diag}" ]; then # This variables are loaded in for us # shellcheck disable=SC2154 - ../../../devops/scripts/terraform_wrapper.sh \ + "${terraform_wrapper_path}" \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ @@ -124,7 +126,7 @@ if [ -n "${airlock_vnet_integration}" ]; then # This variables are loaded in for us # shellcheck disable=SC2154 - ../../../devops/scripts/terraform_wrapper.sh \ + "${terraform_wrapper_path}" \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ @@ -146,7 +148,7 @@ if [ -n "${api_vnet_integration}" ]; then # This variables are loaded in for us # shellcheck disable=SC2154 - ../../../devops/scripts/terraform_wrapper.sh \ + "${terraform_wrapper_path}" \ -g "${TF_VAR_mgmt_resource_group_name}" \ -s "${TF_VAR_mgmt_storage_account_name}" \ -n "${TF_VAR_terraform_state_container_name}" \ diff --git a/templates/core/terraform/modules_move_definitions.tf b/core/terraform/modules_move_definitions.tf similarity index 100% rename from templates/core/terraform/modules_move_definitions.tf rename to core/terraform/modules_move_definitions.tf diff --git a/templates/core/terraform/network/dns_zones.tf b/core/terraform/network/dns_zones.tf similarity index 100% rename from templates/core/terraform/network/dns_zones.tf rename to core/terraform/network/dns_zones.tf diff --git a/templates/core/terraform/network/locals.tf b/core/terraform/network/locals.tf similarity index 100% rename from templates/core/terraform/network/locals.tf rename to core/terraform/network/locals.tf diff --git a/templates/core/terraform/network/main.tf b/core/terraform/network/main.tf similarity index 100% rename from templates/core/terraform/network/main.tf rename to core/terraform/network/main.tf diff --git a/templates/core/terraform/network/network.tf b/core/terraform/network/network.tf similarity index 100% rename from templates/core/terraform/network/network.tf rename to core/terraform/network/network.tf diff --git a/templates/core/terraform/network/network_security_groups.tf b/core/terraform/network/network_security_groups.tf similarity index 100% rename from templates/core/terraform/network/network_security_groups.tf rename to core/terraform/network/network_security_groups.tf diff --git a/templates/core/terraform/network/outputs.tf b/core/terraform/network/outputs.tf similarity index 100% rename from templates/core/terraform/network/outputs.tf rename to core/terraform/network/outputs.tf diff --git a/templates/core/terraform/network/variables.tf b/core/terraform/network/variables.tf similarity index 100% rename from templates/core/terraform/network/variables.tf rename to core/terraform/network/variables.tf diff --git a/templates/core/terraform/outputs.sh b/core/terraform/outputs.sh similarity index 100% rename from templates/core/terraform/outputs.sh rename to core/terraform/outputs.sh diff --git a/templates/core/terraform/outputs.tf b/core/terraform/outputs.tf similarity index 100% rename from templates/core/terraform/outputs.tf rename to core/terraform/outputs.tf diff --git a/templates/core/terraform/resource_processor/vmss_porter/cloud-config.yaml b/core/terraform/resource_processor/vmss_porter/cloud-config.yaml similarity index 100% rename from templates/core/terraform/resource_processor/vmss_porter/cloud-config.yaml rename to core/terraform/resource_processor/vmss_porter/cloud-config.yaml diff --git a/templates/core/terraform/resource_processor/vmss_porter/data.tf b/core/terraform/resource_processor/vmss_porter/data.tf similarity index 96% rename from templates/core/terraform/resource_processor/vmss_porter/data.tf rename to core/terraform/resource_processor/vmss_porter/data.tf index 47552535a..f037b0439 100644 --- a/templates/core/terraform/resource_processor/vmss_porter/data.tf +++ b/core/terraform/resource_processor/vmss_porter/data.tf @@ -1,5 +1,5 @@ data "local_file" "version" { - filename = "${path.module}/../../../../../resource_processor/_version.py" + filename = "${path.module}/../../../../resource_processor/_version.py" } data "azurerm_subscription" "current" {} diff --git a/templates/core/terraform/resource_processor/vmss_porter/locals.tf b/core/terraform/resource_processor/vmss_porter/locals.tf similarity index 100% rename from templates/core/terraform/resource_processor/vmss_porter/locals.tf rename to core/terraform/resource_processor/vmss_porter/locals.tf diff --git a/templates/core/terraform/resource_processor/vmss_porter/main.tf b/core/terraform/resource_processor/vmss_porter/main.tf similarity index 100% rename from templates/core/terraform/resource_processor/vmss_porter/main.tf rename to core/terraform/resource_processor/vmss_porter/main.tf diff --git a/templates/core/terraform/resource_processor/vmss_porter/variables.tf b/core/terraform/resource_processor/vmss_porter/variables.tf similarity index 100% rename from templates/core/terraform/resource_processor/vmss_porter/variables.tf rename to core/terraform/resource_processor/vmss_porter/variables.tf diff --git a/templates/core/terraform/scripts/auth-hook.sh b/core/terraform/scripts/auth-hook.sh similarity index 92% rename from templates/core/terraform/scripts/auth-hook.sh rename to core/terraform/scripts/auth-hook.sh index ede440f23..ea8707026 100755 --- a/templates/core/terraform/scripts/auth-hook.sh +++ b/core/terraform/scripts/auth-hook.sh @@ -4,6 +4,7 @@ cat << EOF > 'validation.txt' ${CERTBOT_VALIDATION} EOF +# shellcheck disable=SC2016 az storage blob upload \ --account-name "${STORAGE_ACCOUNT}" \ --auth-mode login \ diff --git a/templates/core/terraform/scripts/cleanup-hook.sh b/core/terraform/scripts/cleanup-hook.sh similarity index 100% rename from templates/core/terraform/scripts/cleanup-hook.sh rename to core/terraform/scripts/cleanup-hook.sh diff --git a/templates/core/terraform/scripts/letsencrypt.sh b/core/terraform/scripts/letsencrypt.sh similarity index 90% rename from templates/core/terraform/scripts/letsencrypt.sh rename to core/terraform/scripts/letsencrypt.sh index dc292a848..937586ba5 100755 --- a/templates/core/terraform/scripts/letsencrypt.sh +++ b/core/terraform/scripts/letsencrypt.sh @@ -1,7 +1,7 @@ #!/bin/bash set -e -script_dir=$(realpath $(dirname "${BASH_SOURCE[0]}")) +script_dir=$(realpath "$(dirname "${BASH_SOURCE[0]}")") if [[ -z ${STORAGE_ACCOUNT} ]]; then echo "STORAGE_ACCOUNT not set" @@ -44,7 +44,7 @@ else az storage account network-rule add \ --account-name "${STORAGE_ACCOUNT}" \ --resource-group "${RESOURCE_GROUP_NAME}" \ - --ip-address $IPADDR + --ip-address "$IPADDR" fi @@ -60,6 +60,7 @@ cat << EOF > index.html EOF +# shellcheck disable=SC2016 indexExists=$(az storage blob list -o json \ --account-name "${STORAGE_ACCOUNT}" \ --auth-mode login \ @@ -70,6 +71,7 @@ indexExists=$(az storage blob list -o json \ if [[ ${indexExists} -lt 1 ]]; then echo "Uploading index.html file" + # shellcheck disable=SC2016 az storage blob upload \ --account-name "${STORAGE_ACCOUNT}" \ --auth-mode login \ @@ -92,14 +94,14 @@ mkdir -p "${ledir}/logs" # Initiate the ACME challange /opt/certbot/bin/certbot certonly \ - --config-dir ${ledir} \ - --work-dir ${ledir} \ - --logs-dir ${ledir}/logs \ + --config-dir "${ledir}" \ + --work-dir "${ledir}" \ + --logs-dir "${ledir}"/logs \ --manual \ --preferred-challenges=http \ - --manual-auth-hook ${script_dir}/auth-hook.sh \ - --manual-cleanup-hook ${script_dir}/cleanup-hook.sh \ - --domain $FQDN \ + --manual-auth-hook "${script_dir}"/auth-hook.sh \ + --manual-cleanup-hook "${script_dir}"/cleanup-hook.sh \ + --domain "$FQDN" \ --non-interactive \ --agree-tos \ --register-unsafely-without-email @@ -116,7 +118,7 @@ openssl pkcs12 -export \ if [[ -n ${KEYVAULT} ]]; then sid=$(az keyvault certificate import \ -o json \ - --vault-name ${KEYVAULT} \ + --vault-name "${KEYVAULT}" \ --name 'letsencrypt' \ --file "${CERT_DIR}/aci.pfx" \ --password "${CERT_PASSWORD}" \ @@ -148,8 +150,8 @@ else echo "Ressetting network rule on storage account (removing $IPADDR from allow list)" az storage account network-rule remove \ - --account-name ${STORAGE_ACCOUNT} \ + --account-name "${STORAGE_ACCOUNT}" \ --resource-group "${RESOURCE_GROUP_NAME}" \ - --ip-address ${IPADDR} + --ip-address "${IPADDR}" fi diff --git a/templates/core/terraform/servicebus.tf b/core/terraform/servicebus.tf similarity index 100% rename from templates/core/terraform/servicebus.tf rename to core/terraform/servicebus.tf diff --git a/templates/core/terraform/statestore.tf b/core/terraform/statestore.tf similarity index 100% rename from templates/core/terraform/statestore.tf rename to core/terraform/statestore.tf diff --git a/templates/core/terraform/storage.tf b/core/terraform/storage.tf similarity index 100% rename from templates/core/terraform/storage.tf rename to core/terraform/storage.tf diff --git a/templates/core/terraform/update_tags.sh b/core/terraform/update_tags.sh similarity index 100% rename from templates/core/terraform/update_tags.sh rename to core/terraform/update_tags.sh diff --git a/templates/core/terraform/variables.tf b/core/terraform/variables.tf similarity index 100% rename from templates/core/terraform/variables.tf rename to core/terraform/variables.tf diff --git a/templates/core/version.txt b/core/version.txt similarity index 100% rename from templates/core/version.txt rename to core/version.txt diff --git a/devops/scripts/list_versions.sh b/devops/scripts/list_versions.sh index 49a6e2bc9..e714162b3 100755 --- a/devops/scripts/list_versions.sh +++ b/devops/scripts/list_versions.sh @@ -23,7 +23,7 @@ function component_version () { echo -e "| name | version |\n| ----- | ----- |" component_version "devops" "devops/version.txt" -component_version "core" "templates/core/version.txt" +component_version "core" "core/version.txt" find . -type f -name "porter.yaml" -not -path "*/.cnab/*" -print0 | sort | while read -r -d $'\0' file do diff --git a/devops/scripts/setup_local_debugging.sh b/devops/scripts/setup_local_debugging.sh index 20936341f..cc5f0e011 100755 --- a/devops/scripts/setup_local_debugging.sh +++ b/devops/scripts/setup_local_debugging.sh @@ -1,16 +1,18 @@ #!/bin/bash set -e +private_env_path="./core/private.env" + : "${TRE_ID?"You have not set your TRE_ID in ./config_yaml"}" -: "${RESOURCE_GROUP_NAME?"Check RESOURCE_GROUP_NAME is defined in ./templates/core/private.env"}" -: "${SERVICE_BUS_RESOURCE_ID?"Check SERVICE_BUS_RESOURCE_ID is defined in ./templates/core/private.env"}" -: "${STATE_STORE_RESOURCE_ID?"Check STATE_STORE_RESOURCE_ID is defined in ./templates/core/private.env"}" -: "${COSMOSDB_MONGO_RESOURCE_ID?"Check COSMOSDB_MONGO_RESOURCE_ID is defined in ./templates/core/private.env"}" -: "${COSMOSDB_ACCOUNT_NAME?"Check COSMOSDB_ACCOUNT_NAME is defined in ./templates/core/private.env"}" -: "${COSMOSDB_MONGO_ACCOUNT_NAME?"Check COSMOSDB_MONGO_ACCOUNT_NAME is defined in ./templates/core/private.env"}" -: "${AZURE_SUBSCRIPTION_ID?"Check AZURE_SUBSCRIPTION_ID is defined in ./templates/core/private.env"}" -: "${EVENT_GRID_STATUS_CHANGED_TOPIC_RESOURCE_ID?"Check EVENT_GRID_STATUS_CHANGED_TOPIC_RESOURCE_ID is defined in ./templates/core/private.env"}" -: "${EVENT_GRID_AIRLOCK_NOTIFICATION_TOPIC_RESOURCE_ID?"Check EVENT_GRID_AIRLOCK_NOTIFICATION_TOPIC_RESOURCE_ID is defined in ./templates/core/private.env"}" +: "${RESOURCE_GROUP_NAME?"Check RESOURCE_GROUP_NAME is defined in ${private_env_path}"}" +: "${SERVICE_BUS_RESOURCE_ID?"Check SERVICE_BUS_RESOURCE_ID is defined in ${private_env_path}"}" +: "${STATE_STORE_RESOURCE_ID?"Check STATE_STORE_RESOURCE_ID is defined in ${private_env_path}"}" +: "${COSMOSDB_MONGO_RESOURCE_ID?"Check COSMOSDB_MONGO_RESOURCE_ID is defined in ${private_env_path}"}" +: "${COSMOSDB_ACCOUNT_NAME?"Check COSMOSDB_ACCOUNT_NAME is defined in ${private_env_path}"}" +: "${COSMOSDB_MONGO_ACCOUNT_NAME?"Check COSMOSDB_MONGO_ACCOUNT_NAME is defined in ${private_env_path}"}" +: "${AZURE_SUBSCRIPTION_ID?"Check AZURE_SUBSCRIPTION_ID is defined in ${private_env_path}"}" +: "${EVENT_GRID_STATUS_CHANGED_TOPIC_RESOURCE_ID?"Check EVENT_GRID_STATUS_CHANGED_TOPIC_RESOURCE_ID is defined in ${private_env_path}"}" +: "${EVENT_GRID_AIRLOCK_NOTIFICATION_TOPIC_RESOURCE_ID?"Check EVENT_GRID_AIRLOCK_NOTIFICATION_TOPIC_RESOURCE_ID is defined in ${private_env_path}"}" set -o pipefail set -o nounset @@ -115,11 +117,11 @@ az role assignment create \ # Write the appId and secret to the private.env file which is used for RP debugging # First check if the env vars are there already and delete them -sed -i '/ARM_CLIENT_ID/d' ./templates/core/private.env -sed -i '/ARM_CLIENT_SECRET/d' ./templates/core/private.env +sed -i '/ARM_CLIENT_ID/d' "${private_env_path}" +sed -i '/ARM_CLIENT_SECRET/d' "${private_env_path}" # Append them to the TRE file so that the Resource Processor can use them -tee -a ./templates/core/private.env < " - exit 1 -fi - -left_tfplan=$1 -right_tfplan=$2 - -echo "Comparing ${left_tfplan} to ${right_tfplan}..." - - -function plan_change() { - terraform show -json $1 | jq -r '.resource_changes[] | select(.change.actions[] | contains("no-op") or contains("read") | not)' > "$1_filtered.json" -} - -plan_change ${left_tfplan} -plan_change ${right_tfplan} - -diff <(jq --sort-keys . ${left_tfplan}_filtered.json) <(jq --sort-keys . ${right_tfplan}_filtered.json) diff --git a/templates/core/terraform/destroy.sh b/templates/core/terraform/destroy.sh deleted file mode 100755 index 6f6892e58..000000000 --- a/templates/core/terraform/destroy.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset -# set -o xtrace - -# This variables are loaded in for us -# shellcheck disable=SC2154 -../../../devops/scripts/terraform_wrapper.sh -g "${TF_VAR_mgmt_resource_group_name}" \ - -s "${TF_VAR_mgmt_storage_account_name}" \ - -n "${TF_VAR_terraform_state_container_name}" \ - -k "${TRE_ID}" -c "terraform destroy -auto-approve"