1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
# GOV.UK Mini Environment Admin
# Copyright © 2018 Christopher Baines <mail@cbaines.net>
#
# This file is part of the GOV.UK Mini Environment Admin.
#
# The GOV.UK Mini Environment Admin is free software: you can
# redistribute it and/or modify it under the terms of the GNU Affero
# General Public License as published by the Free Software Foundation,
# either version 3 of the License, or (at your option) any later
# version.
#
# The GOV.UK Mini Environment Admin is distributed in the hope that it
# will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# See the GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License along with the GOV.UK Mini Environment Admin. If not, see
# <http://www.gnu.org/licenses/>.
# == Schema Information
#
# Table name: terraform_aws_backends
#
# id :integer not null, primary key
# label :string
# aws_region :string
# aws_access_key_id :string
# aws_secret_access_key :string
# created_at :datetime not null
# updated_at :datetime not null
# domain :string
#
require 'ruby_terraform'
class Backends::TerraformAws < ApplicationRecord
has_many :mini_environments, as: :backend
self.table_name = 'terraform_aws_backends'
def self.label
'Amazon Web Services'
end
def type_and_id
"#{self.class.name}=#{id}"
end
def build(mini_environment)
slug = mini_environment.name.parameterize
GovukGuix::BuildJob.enqueue(
mini_environment.id,
%w(whitehall government-frontend),
type: 'container-start-script',
app_domain: "#{slug}.#{domain}",
web_domain: "www.#{slug}.#{domain}",
use_https: 'certbot'
)
end
def start(mini_environment)
logger.info "Setting up #{mini_environment.name}"
within_terraform_working_directory(mini_environment) do
RubyTerraform.apply(
vars: terraform_variables(mini_environment),
auto_approve: true
)
end
end
def destroy(mini_environment)
within_terraform_working_directory(mini_environment) do
RubyTerraform.destroy(
vars: terraform_variables(mini_environment),
force: true
)
end
end
def within_terraform_working_directory(mini_environment, &block)
TerraformWorkingDirectory.new(
"mini_environment/#{mini_environment.id}",
'terraform/aws'
).within_working_directory(&block)
end
def signon_url(mini_environment)
"https://signon.#{mini_environment.name.parameterize}.#{domain}"
end
def terraform_variables(mini_environment)
{
aws_access_key: aws_access_key_id,
aws_secret_key: aws_secret_access_key,
aws_region: aws_region,
slug: mini_environment.name.parameterize,
ssh_public_key: ssh_public_key,
start_command: mini_environment.backend_data['build_output']
}
end
def ssh_public_key
File.open("#{ENV['HOME']}/.ssh/id_rsa.pub", &:readline)
end
end
|