# GOV.UK Mini Environment Admin # Copyright © 2018 Christopher Baines # # This file is part of the GOV.UK Mini Environment Admin. # # The GOV.UK Mini Environment Admin is free software: you can # redistribute it and/or modify it under the terms of the GNU Affero # General Public License as published by the Free Software Foundation, # either version 3 of the License, or (at your option) any later # version. # # The GOV.UK Mini Environment Admin is distributed in the hope that it # will be useful, but WITHOUT ANY WARRANTY; without even the implied # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # See the GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public # License along with the GOV.UK Mini Environment Admin. If not, see # . module Backends::TerraformAws::MiniEnvironmentMethods def build(mini_environment) slug = mini_environment.name.parameterize GovukGuix::BuildMiniEnvironment.build( mini_environment.id, services: mini_environment.services.map(&:build_argument_string), arguments: { type: 'container-start-script', app_domain: "#{slug}.#{domain}", web_domain: "www.#{slug}.#{domain}", use_https: 'certbot', http_ports_mode: 'alternative', read_bundle_install_input_as_tar_archive: true, signon_instance_name: slug, admin_environment_label: mini_environment.name, use_error_pages: 'true', origin_basic_auth: "#{slug}=#{slug}", share: [ '/var/cache/govuk-mini-environment-admin=/var/cache', '/var/lib/govuk-mini-environment-admin=/var/lib', '/var/log/govuk-mini-environment-admin=/var/log' ] }, run_remotely_on_host: mini_environment.backend.build_remote_host ) end def start(mini_environment) logger.info "Setting up #{mini_environment.name}" within_terraform_working_directory(mini_environment) do RubyTerraform.apply( vars: terraform_variables(mini_environment), auto_approve: true ) end end def destroy(mini_environment) within_terraform_working_directory(mini_environment) do RubyTerraform.destroy( vars: terraform_variables(mini_environment), force: true ) end end def refresh(mini_environment) within_terraform_working_directory(mini_environment) do RubyTerraform.refresh( vars: terraform_variables(mini_environment) ) end end def terraform_states(mini_environment) TerraformState.where( state_id: mini_environment_state_id(mini_environment) ) end def within_terraform_working_directory(mini_environment, &block) with_advisory_lock( "aws_mini_environment_terraform_working_directory/#{mini_environment.id}" ) do TerraformWorkingDirectory.new( mini_environment_state_id(mini_environment), 'terraform/aws/mini_environment' ).within_working_directory(&block) end end def mini_environment_state_id(mini_environment) "mini_environment/#{mini_environment.id}" end def signon_url(mini_environment) "https://signon.#{mini_environment.name.parameterize}.#{domain}" end def terraform_variables(mini_environment) credentials = TerraformHttpBackendController.credentials common_terraform_variables.merge( slug: mini_environment.name.parameterize, start_command: mini_environment.backend_data['build_output'], backend_remote_state_address: ( Plek.new.external_url_for('mini-environment-admin') + Rails .application .routes .url_helpers .terraform_http_backend_path(terraform_state_id) ), backend_remote_state_username: credentials[:name], backend_remote_state_password: credentials[:password] ) end end