pkg

package

v0.0.0-...-cbd38bd Latest Latest Go to latest Published: Mar 27, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/app-sre/terraform-repo-executor

Documentation ¶

Overview ¶

Package pkg contains logic for executing Terraform actions

Index ¶

Constants
func Run(cfgPath, workdir, vaultAddr, roleID, secretID, kvVersion string) error
type Executor
type Input
type Repo
type TfCreds
type TfVars

Constants ¶

View Source

const (
	AwsAccessKeyID     = "aws_access_key_id"
	AwsSecretAccessKey = "aws_secret_access_key"
	AwsRegion          = "region"
	AwsBucket          = "bucket"
)

standardized AppSRE terraform secret keys

View Source

const (
	TfVarsFile  = "plan.tfvars"
	BackendFile = "s3.tfbackend"
)

terraform specific filenames

Variables ¶

This section is empty.

Functions ¶

func Run ¶

func Run(cfgPath,
	workdir,
	vaultAddr,
	roleID,
	secretID,
	kvVersion string) error

Run is responsible for the full lifecycle of creating/updating/deleting a Terraform repo. Including loading config, secrets from vault, creation and cleanup of temp directories and the actual Terraform operations

Types ¶

type Executor ¶

type Executor struct {
	// contains filtered or unexported fields
}

Executor includes required secrets and variables to perform a tf repo executor run

type Input ¶

type Input struct {
	DryRun bool   `yaml:"dry_run" json:"dry_run"`
	Repos  []Repo `yaml:"repos" json:"repos"`
}

Input holds YAML/JSON loaded from CONFIG_FILE and is passed from Qontract Reconcile

type Repo ¶

type Repo struct {
	Name        string                `yaml:"name" json:"name"`
	URL         string                `yaml:"repository" json:"repository"`
	Path        string                `yaml:"project_path" json:"project_path"`
	Ref         string                `yaml:"ref" json:"ref"`
	Delete      bool                  `yaml:"delete" json:"delete"`
	Secret      vaultutil.VaultSecret `yaml:"secret" json:"secret"`
	Bucket      string                `yaml:"bucket,omitempty" json:"bucket,omitempty"`
	Region      string                `yaml:"region,omitempty" json:"region,omitempty"`
	BucketPath  string                `yaml:"bucket_path,omitempty" json:"bucket_path,omitempty"`
	RequireFips bool                  `yaml:"require_fips" json:"require_fips"`
}

Repo represents an individual Terraform Repo

type TfCreds ¶

type TfCreds struct {
	AccessKey string
	SecretKey string
	Region    string
	Key       string
	Bucket    string
}

TfCreds is made up of AWS credentials and configuration for using an S3 backend with Terraform

type TfVars ¶

type TfVars struct {
	AccessKey     string
	SecretKey     string
	Region        string
	VaultAddress  string
	VaultRoleID   string
	VaultSecretID string
}

TfVars are secrets and IDs required for setting up a Terraform S3 backend

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
vaultutil Package vaultutil includes helper functions for communicating with Vault	Package vaultutil includes helper functions for communicating with Vault

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL