Update to stacks. Add import to all configs. Remove hardcoded set…

…tings. Add Terraform S3 backend generation (#6)

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

* Update CLI

example/.dockerignore

@@ -21,6 +21,7 @@ aws-assumed-role/
 **/*.terraform.tfvars.json
 **/*.terraform.auto.tfvars.json
 **/*.helmfile.vars.yaml
+**/vendir.lock.yml
 
 # Module directory
 **/.terraform/

example/.gitignore

@@ -17,6 +17,7 @@ aws-assumed-role/
 **/*.terraform.tfvars.json
 **/*.terraform.auto.tfvars.json
 **/*.helmfile.vars.yaml
+**/vendir.lock.yml
 
 # Module directory
 # Note that the leading "**/" appears necessary for Docker even if not for Git

example/Dockerfile

@@ -53,16 +53,19 @@ RUN apk add kubectl-1.17@cloudposse
 # Install terraform.
 # Install the latest 0.12 and 0.13 versions of terraform
 RUN apk add -u terraform-0.12@cloudposse terraform-0.13@cloudposse~=0.13.3
-# Set Terraform 0.12.x as the default `terraform`. You can still use
+# Set Terraform 0.13.x as the default `terraform`. You can still use
 # `terraform-0.12` or `terraform-0.13` to be explicit when needed.
-RUN update-alternatives --set terraform /usr/share/terraform/0.12/bin/terraform
+RUN update-alternatives --set terraform /usr/share/terraform/0.13/bin/terraform
 
 # https://github.com/Versent/saml2aws#linux
 RUN apk add saml2aws@cloudposse
 
 # Install assume-role
 RUN apk add assume-role@cloudposse
 
+# Install vendir
+RUN apk add vendir@cloudposse
+
 # Install variant2
 RUN apk add variant2@cloudposse
 RUN update-alternatives --set variant /usr/share/variant/2/bin/variant
@@ -71,8 +74,7 @@ RUN update-alternatives --set variant /usr/share/variant/2/bin/variant
 ARG CLI_NAME
 COPY --from=cli /usr/cli/$CLI_NAME /usr/local/bin
 
-COPY projects/ /projects/
-COPY config/ /config/
-
+COPY stacks/ /stacks/
+COPY vendir.yml /vendir.yml
 
-WORKDIR /projects
+WORKDIR /

example/cli/main.variant

@@ -1,15 +1,9 @@
 #!/usr/bin/env variant
 # vim: filetype=hcl
 
-option "region" {
-  default     = "us-east-2"
-  description = "AWS region"
-  type        = string
-}
-
 option "dry-run" {
   default     = false
-  description = "Disable execution of any commands and echo the commands instead"
+  description = "Disable execution of any commands and echo the command instead"
   type        = bool
 }
 
@@ -20,42 +14,43 @@ option "kubeconfig-path" {
 }
 
 option "kubeconfig-profile-pattern" {
-  default     = "eg-gbl-$$stage-helm"
+  default     = "{namespace}-{environment}-{stage}-helm"
   description = "AWS profile pattern for kubeconfig"
   type        = string
 }
 
 option "cluster-name-pattern" {
-  default     = "eg-$$environment-$$stage-eks-cluster"
+  default     = "{namespace}-{environment}-{stage}-eks-cluster"
   description = "Cluster name pattern"
   type        = string
 }
 
 option "terraform-dir" {
-  default     = "./"
-  description = "Terraform projects directory"
+  default     = "./components/terraform"
+  description = "Terraform components directory"
   type        = string
 }
 
 option "helmfile-dir" {
-  default     = "./helmfiles"
-  description = "Helmfile projects directory"
+  default     = "./components/helmfiles"
+  description = "Helmfile components directory"
   type        = string
 }
 
 option "config-dir" {
-  default     = "../config"
-  description = "Config directory"
+  default     = "./stacks"
+  description = "Stacks config directory"
   type        = string
 }
 
 option "vendor-config-path" {
-  default     = "../vendor/vendir.yml"
+  default     = "./vendir.yml"
   description = "Path to the vendor configuration file"
   type        = string
 }
 
 imports = [
+  "git::https://[email protected]/cloudposse/atmos@modules/utils?ref=master",
   "git::https://[email protected]/cloudposse/atmos@modules/shell?ref=master",
   "git::https://[email protected]/cloudposse/atmos@modules/kubeconfig?ref=master",
   "git::https://[email protected]/cloudposse/atmos@modules/terraform?ref=master",

example/stacks/globals.yaml

@@ -0,0 +1,11 @@
+namespace: eg
+
+terraform_backend_environment: ue2
+
+terraform_backend_stage: root
+
+terraform_backend_role_environment: gbl
+
+terraform_backend_role_stage: root
+
+kubeconfig_profile_environment: gbl

example/config/ue2-dev.yaml → example/stacks/ue2-dev.yaml

@@ -1,21 +1,28 @@
-projects:
+import:
+  - globals
+  - ue2-globals
+
+components:
   globals:
     stage: dev
 
   terraform:
     vpc:
+      command: "/usr/bin/terraform-0.13"
+      terraform_backend_assume_role: true
       vars:
         cidr_block: "10.100.0.0/18"
         # ...
 
     eks:
       command: "/usr/bin/terraform-0.13"
+      terraform_backend_assume_role: true
       vars:
         cluster_kubernetes_version: "1.17"
         # ...
 
   helmfile:
-    ingress-nginx:
+    nginx-ingress:
       vars:
         installed: true
 
@@ -26,4 +33,4 @@ workflows:
     steps:
       - job: terraform deploy vpc
       - job: terraform deploy eks
-      - job: helmfile deploy ingress-nginx
+      - job: helmfile deploy nginx-ingress

example/config/ue2-globals.yaml → example/stacks/ue2-globals.yaml

@@ -1,3 +1,5 @@
-namespace: eg
 region: us-east-2
+
 environment: ue2
+
+account_id: ""

example/config/ue2-prod.yaml → example/stacks/ue2-prod.yaml

@@ -1,20 +1,26 @@
-projects:
+import:
+  - globals
+  - ue2-globals
+
+components:
   globals:
     stage: prod
 
   terraform:
     vpc:
+      terraform_backend_assume_role: true
       vars:
         cidr_block: "10.102.0.0/18"
         # ...
 
     eks:
+      terraform_backend_assume_role: true
       command: "/usr/bin/terraform-0.13"
       vars:
         cluster_kubernetes_version: "1.17"
         # ...
 
   helmfile:
-    ingress-nginx:
+    nginx-ingress:
       vars:
         installed: true

example/config/ue2-staging.yaml → example/stacks/ue2-staging.yaml

@@ -1,20 +1,26 @@
-projects:
+import:
+  - globals
+  - ue2-globals
+
+components:
   globals:
     stage: staging
 
   terraform:
     vpc:
+      terraform_backend_assume_role: true
       vars:
         cidr_block: "10.104.0.0/18"
         # ...
 
     eks:
       command: "/usr/bin/terraform-0.13"
+      terraform_backend_assume_role: true
       vars:
         cluster_kubernetes_version: "1.17"
         # ...
 
   helmfile:
-    ingress-nginx:
+    nginx-ingress:
       vars:
         installed: true

example/stacks/workflows.yaml

@@ -0,0 +1,29 @@
+workflows:
+  deploy-all:
+    description: Deploy terraform project and helmfiles for a stack (provided as a command-line argument)
+    steps:
+      - job: terraform deploy vpc
+      - job: terraform deploy eks
+      - job: helmfile deploy nginx-ingress
+
+  plan-all:
+    description: Run 'terraform plan' and 'helmfile diff' on all components
+    steps:
+      - job: terraform plan vpc
+        stack: ue2-dev
+      - job: terraform plan eks
+        stack: ue2-dev
+      - job: helmfile diff nginx-ingress
+        stack: ue2-dev
+      - job: terraform plan vpc
+        stack: ue2-staging
+      - job: terraform plan eks
+        stack: ue2-staging
+      - job: helmfile diff nginx-ingress
+        stack: ue2-staging
+      - job: terraform plan vpc
+        stack: ue2-prod
+      - job: terraform plan eks
+        stack: ue2-prod
+      - job: helmfile diff nginx-ingress
+        stack: ue2-prod