diff --git a/build.py b/build.py index c59de6e..39148bb 100644 --- a/build.py +++ b/build.py @@ -33,7 +33,7 @@ default_task = "dev" name = "ddadevops" MODULE = "not-used" PROJECT_ROOT_PATH = "." -version = "4.0.0-dev74" +version = "4.0.0-dev75" summary = "tools to support builds combining gopass, terraform, dda-pallet, aws & hetzner-cloud" description = __doc__ authors = [Author("meissa GmbH", "buero@meissa-gmbh.de")] @@ -142,7 +142,6 @@ def tag_bump_and_push_release(project): def build(project, release_type): build = get_devops_build(project) - # TODO: release_type is here a string! build.update_release_type(release_type) test(project) lint(project) diff --git a/doc/DevopsTerraformBuildWithAwsProvider.md b/doc/DevopsTerraformBuildWithAwsProvider.md index 1dca96b..b752a8a 100644 --- a/doc/DevopsTerraformBuildWithAwsProvider.md +++ b/doc/DevopsTerraformBuildWithAwsProvider.md @@ -4,6 +4,8 @@ | name | description | default | | --------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------- | +| aws_access_key | your aws access-key | | +| aws_secret_key | your aws secret-key | | | aws_as_backend | you can use aws s3 as backend state storage | False | | aws_region | in case of backend usage | "eu-central-1" | | aws_bucket | in case of backend usage, the bucket your state is stored in. the url is S3://{aws_bucket}/{aws_bucket_key}/{aws_account_name} | | diff --git a/doc/architecture/Domain.md b/doc/architecture/Domain.md index 8148756..e35af13 100644 --- a/doc/architecture/Domain.md +++ b/doc/architecture/Domain.md @@ -50,7 +50,7 @@ classDiagram tf_terraform_semantic_version } - class Digitalocean { + class ProviderDigitalocean { do_api_key do_spaces_access_key do_spaces_secret_key @@ -62,12 +62,19 @@ classDiagram do_region } - class Hetzner { + class ProviderHetzner { hetzner_api_key } - class Aws { + class ProviderAws { + aws_access_key + aws_secret_key + aws_bucket + aws_bucket_kms_key_id aws_account_name + aws_bucket_key + aws_as_backend + aws_region } class DnsRecord { @@ -118,9 +125,9 @@ classDiagram Devops *-- "0..1" ProvsK3s: specialized_builds Devops *-- "0..1" TerraformDomain: specialized_builds Devops *-- "0..1" Release: mixins - TerraformDomain *-- "0..1" Digitalocean: providers - TerraformDomain *-- "0..1" Hetzner: providers - TerraformDomain *-- "0..1" Aws: providers + TerraformDomain *-- "0..1" ProviderDigitalocean: providers + TerraformDomain *-- "0..1" ProviderHetzner: providers + TerraformDomain *-- "0..1" ProviderAws: providers Release o-- "0..1" BuildFile: primary_build_file Release o-- "0..n" BuildFile: secondary_build_files BuildFile *-- "1" Version diff --git a/src/main/python/ddadevops/domain/provider_aws.py b/src/main/python/ddadevops/domain/provider_aws.py index e0ef793..d9d7a36 100644 --- a/src/main/python/ddadevops/domain/provider_aws.py +++ b/src/main/python/ddadevops/domain/provider_aws.py @@ -9,6 +9,8 @@ class Aws(Validateable, CredentialMappingDefault): ): self.stage = inp.get("stage") self.module = inp.get("module") + self.aws_access_key = inp.get("aws_access_key") + self.aws_secret_key = inp.get("aws_secret_key") self.aws_bucket = inp.get("aws_bucket") self.aws_bucket_kms_key_id = inp.get("aws_bucket_kms_key_id") self.aws_account_name = inp.get("aws_account_name", self.stage) @@ -20,6 +22,8 @@ class Aws(Validateable, CredentialMappingDefault): result = [] result += self.__validate_is_not_empty__("stage") result += self.__validate_is_not_empty__("module") + result += self.__validate_is_not_empty__("aws_access_key") + result += self.__validate_is_not_empty__("aws_secret_key") result += self.__validate_is_not_empty__("aws_account_name") result += self.__validate_is_not_empty__("aws_as_backend") if self.aws_as_backend: @@ -42,7 +46,7 @@ class Aws(Validateable, CredentialMappingDefault): return result def resources_from_package(self) -> Set[str]: - result = {"provider_registry.tf", "aws_provider.tf"} + result = {"provider_registry.tf", "aws_provider.tf", "aws_provider_vars.tf"} if self.aws_as_backend: result.update( {"aws_backend_properties_vars.tf", "aws_backend_with_properties.tf"} @@ -50,7 +54,10 @@ class Aws(Validateable, CredentialMappingDefault): return result def project_vars(self): - result = {} + result = { + "aws_access_key": self.aws_access_key, + "aws_secret_key": self.aws_secret_key, + } if self.aws_as_backend: result.update( { diff --git a/src/main/resources/terraform/aws_provider.tf b/src/main/resources/terraform/aws_provider.tf index dc58d9a..30bea30 100644 --- a/src/main/resources/terraform/aws_provider.tf +++ b/src/main/resources/terraform/aws_provider.tf @@ -1,3 +1,5 @@ provider "aws" { region = var.region + access_key = var.aws_access_key + secret_key = var.aws_secret_key } diff --git a/src/main/resources/terraform/aws_provider_vars.tf b/src/main/resources/terraform/aws_provider_vars.tf new file mode 100644 index 0000000..1134309 --- /dev/null +++ b/src/main/resources/terraform/aws_provider_vars.tf @@ -0,0 +1,5 @@ +variable "aws_access_key" { +} + +variable "aws_secret_key" { +} diff --git a/src/test/python/domain/helper.py b/src/test/python/domain/helper.py index 48183fe..cf58a0f 100644 --- a/src/test/python/domain/helper.py +++ b/src/test/python/domain/helper.py @@ -42,6 +42,8 @@ def devops_config(overrides: dict) -> dict: "do_bucket": "bucket", "do_region": "region", "hetzner_api_key": "hetzner_api_key", + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", "aws_as_backend": True, "aws_bucket": "bucket", "aws_region": "region", diff --git a/src/test/python/domain/test_provider_aws.py b/src/test/python/domain/test_provider_aws.py index 7334039..648b727 100644 --- a/src/test/python/domain/test_provider_aws.py +++ b/src/test/python/domain/test_provider_aws.py @@ -12,6 +12,8 @@ def test_aws_creation(): { "module": "module", "stage": "test", + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", "aws_account_name": "aws_account_name", } ) @@ -22,6 +24,8 @@ def test_aws_creation(): { "module": "module", "stage": "test", + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", "aws_as_backend": True, "aws_bucket": "bucket", "aws_bucket_kms_key_id": "aws_bucket_kms_key_id", @@ -59,7 +63,10 @@ def test_should_calculate_project_vars(): } ) ) - assert {} == sut.project_vars() + assert { + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", + } == sut.project_vars() sut = Aws( devops_config( @@ -69,6 +76,8 @@ def test_should_calculate_project_vars(): ) ) assert { + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", "account_name": "test", "bucket": "bucket", "key": "test/module", diff --git a/src/test/python/domain/test_terraform.py b/src/test/python/domain/test_terraform.py index 30ab62a..c3277a8 100644 --- a/src/test/python/domain/test_terraform.py +++ b/src/test/python/domain/test_terraform.py @@ -87,6 +87,8 @@ def test_should_calculate_project_vars(): "do_spaces_access_id": "spaces_id", "do_spaces_secret_key": "spaces_secret", "hetzner_api_key": "hetzner_api_key", + "aws_access_key": "aws_access_key", + "aws_secret_key": "aws_secret_key", } == sut.project_vars() @@ -111,7 +113,7 @@ def test_should_calculate_resources_from_package(): "terraform_build_vars.tf", "provider_registry.tf", "do_provider.tf", - "do_mixin_vars.tf", + "do_provider_vars.tf", } == sut.resources_from_package() sut = TerraformDomain( @@ -127,7 +129,7 @@ def test_should_calculate_resources_from_package(): "terraform_build_vars.tf", "provider_registry.tf", "do_provider.tf", - "do_mixin_vars.tf", + "do_provider_vars.tf", "do_backend_properties_vars.tf", "do_backend_with_properties.tf", } == sut.resources_from_package() @@ -139,7 +141,7 @@ def test_should_calculate_resources_from_package(): "terraform_build_vars.tf", "provider_registry.tf", "hetzner_provider.tf", - "hetzner_mixin_vars.tf", + "hetzner_provider_vars.tf", } == sut.resources_from_package() config = devops_config( @@ -154,12 +156,13 @@ def test_should_calculate_resources_from_package(): "terraform_build_vars.tf", "provider_registry.tf", "do_provider.tf", - "do_mixin_vars.tf", + "do_provider_vars.tf", "provider_registry.tf", "hetzner_provider.tf", - "hetzner_mixin_vars.tf", + "hetzner_provider_vars.tf", "aws_backend_with_properties.tf", "aws_provider.tf", + "aws_provider_vars.tf", "aws_backend_properties_vars.tf", "my.file", } == sut.resources_from_package()