From 8c34b83a29eb5bab664361f2e426eec14ee9989a Mon Sep 17 00:00:00 2001 From: aidenvaines-bjss Date: Fri, 30 Aug 2024 09:55:59 +0100 Subject: [PATCH] CCM-6104 consolidating repo changes for AMET structure back to template --- scripts/terraform/terraform.lib.sh | 6 ++++- scripts/terraform/terraform.mk | 39 ++++++++++++++++++++++++------ 2 files changed, 37 insertions(+), 8 deletions(-) diff --git a/scripts/terraform/terraform.lib.sh b/scripts/terraform/terraform.lib.sh index 7793b9b0..d94213e8 100644 --- a/scripts/terraform/terraform.lib.sh +++ b/scripts/terraform/terraform.lib.sh @@ -53,8 +53,12 @@ function terraform-destroy() { # dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is '.'] # opts=[options to pass to the Terraform fmt command, default is '-recursive'] function terraform-fmt() { + for d in "${PWD}infrastructure/"*; do + if [ -d "$d" ]; then + terraform fmt --recursive "${d}" + fi + done - _terraform fmt -recursive # 'dir' and 'opts' are passed to the function as environment variables, if set } # Validate Terraform code. diff --git a/scripts/terraform/terraform.mk b/scripts/terraform/terraform.mk index 111acda9..4a2783a1 100644 --- a/scripts/terraform/terraform.mk +++ b/scripts/terraform/terraform.mk @@ -4,11 +4,6 @@ # Custom implementation - implementation of a make target should not exceed 5 lines of effective code. # In most cases there should be no need to modify the existing make targets. -TF_ENV ?= dev -STACK ?= ${stack} -TERRAFORM_STACK ?= $(or ${STACK}, infrastructure/environments/${TF_ENV}) -dir ?= ${TERRAFORM_STACK} - terraform-init: # Initialise Terraform - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform init command, default is none/empty] @Development make _terraform cmd="init" \ dir=$(or ${terraform_dir}, ${dir}) \ @@ -46,9 +41,11 @@ clean:: # Remove Terraform files (terraform) - optional: terraform_dir|dir=[path opts=$(or ${terraform_opts}, ${opts}) _terraform: # Terraform command wrapper - mandatory: cmd=[command to execute]; optional: dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], opts=[options to pass to the Terraform command, default is none/empty] + # 'TERRAFORM_STACK' is passed to the functions as environment variable + TERRAFORM_STACK=$(or ${TERRAFORM_STACK}, $(or ${terraform_stack}, $(or ${STACK}, ${stack}))) dir=$(or ${dir}, ${TERRAFORM_STACK}) - . scripts/terraform/terraform.lib.sh && \ - terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set + . "scripts/terraform/terraform.lib.sh"; \ + terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set # ============================================================================== # Quality checks - please DO NOT edit this section! @@ -58,6 +55,31 @@ terraform-shellscript-lint: # Lint all Terraform module shell scripts @Quality file=$${file} scripts/shellscript-linter.sh done +terraform-sec: # TFSEC check against Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality + tfsec infrastructure/terraform \ + --force-all-dirs \ + --exclude-downloaded-modules \ + --tfvars-file infrastructure/terraform/etc/global.tfvars \ + --tfvars-file infrastructure/terraform/etc/env_eu-west-2_main.tfvars \ + --config-file scripts/config/tfsec.yml + +# ============================================================================== +# Module tests and examples - please DO NOT edit this section! + +terraform-example-provision-aws-infrastructure: # Provision example of AWS infrastructure @ExamplesAndTests + make terraform-init + make terraform-plan opts="-out=terraform.tfplan" + make terraform-apply opts="-auto-approve terraform.tfplan" + +terraform-example-destroy-aws-infrastructure: # Destroy example of AWS infrastructure @ExamplesAndTests + make terraform-destroy opts="-auto-approve" + +terraform-example-clean: # Remove Terraform example files @ExamplesAndTests + dir=$(or ${dir}, ${TERRAFORM_STACK}) + . "scripts/terraform/terraform.lib.sh"; \ + terraform-clean + rm -f ${TERRAFORM_STACK}/.terraform.lock.hcl + # ============================================================================== # Configuration - please DO NOT edit this section! @@ -71,6 +93,9 @@ ${VERBOSE}.SILENT: \ clean \ terraform-apply \ terraform-destroy \ + terraform-example-clean \ + terraform-example-destroy-aws-infrastructure \ + terraform-example-provision-aws-infrastructure \ terraform-fmt \ terraform-init \ terraform-install \