lead-terraform

module

v0.1.19-0...-46fc716 Latest Latest Go to latest Published: Oct 12, 2022 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/liatrio/lead-terraform

Links

Open Source Insights

README ¶

Overview

This repository contains the Terraform automation to manage LEAD environments.

Additional Documentation

Istio Implementation

Tools

Install required tools with Homebrew:

brew bundle

Setup

You'll need to create a secrets/ directory with a file for each environment (e.g. liatrio-sandbox.tfvars) containing the secrets for that account.

Required Terraform variables: See Slack Operator to setup Slack App.

artifactory_license          = "Artifactory License (ask in slack)"
slack_bot_token              = "Slack Bot User OAuth Token"
slack_client_signing_secret  = "Slack App Credentials Signing Secret"
keycloak_admin_password      = "Keycloak Admin Password"
prometheus_slack_channel     = "Some Slack Channel"
prometheus_slack_webhook_url = "Some Slack Webhook Url"

See instructions for creating slack app

Testing

The tests folder contains functional test which apply individual Terraform modules and verify the final state. The tests use Terratest which uses golang tests to trigger Terraform and verify the outcome. The tests can be run with a local Kubernetes cluster (docker-for-desktop, minikube, microk8s, etc) or create an EKS cluster and run the tests there.

Local tests

Make sure your current Kubernetes context points to your local cluster

make test

AWS tests

The AWS tests create an EKS cluster, run the tests against the cluster and teardown the cluster. This usually takes 25 to 30 minutes.

The tests will not interfere with other clusters in the same account and multiple tests can safely run at the same time. You should run the tests in the sandbox account and you must use a role with sufficient privileges (administrator).

aws-vault exec AWS_PROFILE -- make test-aws

The tests will attempt to teardown the cluster on failure but sometimes it is necessary to manually delete the EKS cluster and VPC.

To speed up running tests repeatedly the --destroyCluster flag can be set to false to skip tearing down the cluster and re-use it on subsequent tests. The test-aws-nodestroy make target uses this flag.

aws-vault exec AWS_PROFILE -- make test-aws-nodestroy

Don't forget to run the test with --destroyCluster set to true to cleanup the cluster.

aws-vault exec AWS_PROFILE -- make test-aws

Running locally

Follow Setup instructions above and store secrets in secrets/docker-for-desktop.tfvars

Add these additional dependency versions in local/environment/local.auto.tfvars

sdm_version                  = "v2.0.0"
dashboard_version            = "v2.0.0"
builder_images_version       = "v2.0.0"
jenkins_image_version        = "v2.0.0"

You can find up to date versions in the lead-environments repo by looking at what is deployed to production or sandbox environments.

To test an environment locally, run:

# Setup keycloak plugin
make plugins

cd local/environment

# Validate a 'stack'
terragrunt validate

# Apply a 'stack' 
terragrunt apply

To test the product locally, run:

cd local/product

# Apply a 'stack' 
terragrunt apply

Directories ¶

Path	Synopsis
test
common
tests
common Package common contains shared resources for terratest tests	Package common contains shared resources for terratest tests

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL