Merge pull request #236 from GSA/dev-infra-import

Add reset state script
This commit is contained in:
Ryan Ahearn
2023-04-27 11:40:14 -04:00
committed by GitHub
4 changed files with 83 additions and 3 deletions

View File

@@ -49,9 +49,24 @@ Credentials for these services are created by running:
1. `cd terraform/development`
1. `./run.sh`
in both the api repository as well as the admin repository.
This will append credentials to your `.env` file. You will need to manually clean up any prior runs from that file if you run that command again.
Offboarding: Service key bindings can be cleaned up from cloud.gov by running `./run.sh -d` yourself, or another developer running `./run.sh -d -u USER_TO_CLEANUP`
You can remove your development infrastructure by running `./run.sh -d`
#### Resetting
`./reset.sh` can be used to import your development infrastructure information in case of a new computer or new working tree and the old terraform state file was not transferred.
#### Offboarding
`./reset.sh -u USER_TO_OFFBOARD` can be used to import another user's development resources in order to clean them up. Steps for use:
1. Move your existing terraform state file aside temporarily, so it is not overwritten.
1. `./reset.sh -u USER_TO_OFFBOARD`
1. Answer no to the prompt about creating missing resources.
1. Run `./run.sh -u USER_TO_OFFBOARD -d` to fully remove the rest of that user's resources.
### Cloud.gov

View File

@@ -3,7 +3,7 @@ terraform {
required_providers {
cloudfoundry = {
source = "cloudfoundry-community/cloudfoundry"
version = "0.50.5"
version = "0.50.7"
}
}
}

65
terraform/development/reset.sh Executable file
View File

@@ -0,0 +1,65 @@
#!/usr/bin/env bash
username=`whoami`
org="gsa-tts-benefits-studio-prototyping"
usage="
$0: Reset terraform state so run.sh can be run again or for a new username
Usage:
$0 -h
$0 [-u <USER NAME>]
Options:
-h: show help and exit
-u <USER NAME>: your username. Default: $username
Notes:
* Requires cf-cli@8
"
while getopts ":hu:" opt; do
case "$opt" in
u)
username=${OPTARG}
;;
h)
echo "$usage"
exit 0
;;
esac
done
read -p "Are you sure you want to import terraform state and remove existing service keys for $username (y/n)? " verify
if [[ $verify != "y" ]]; then
exit 0
fi
# ensure we're in the correct directory
cd $(dirname $0)
service_account="$username-terraform"
if [[ ! -s "secrets.auto.tfvars" ]]; then
# create user in notify-local-dev space to create s3 buckets
../create_service_account.sh -s notify-local-dev -u $service_account > secrets.auto.tfvars
# grant user access to notify-staging to create a service key for SES and SNS
cg_username=`cf service-key $service_account service-account-key | tail -n +2 | jq -r '.credentials.username'`
cf set-space-role $cg_username $org notify-staging SpaceDeveloper
fi
echo "Importing terraform state for $username"
terraform init
key_name=$username-api-dev-key
cf t -s notify-local-dev
terraform import -var "username=$username" module.csv_upload_bucket.cloudfoundry_service_instance.bucket $(cf service --guid $username-csv-upload-bucket)
cf delete-service-key -f $username-csv-upload-bucket $key_name
cf t -s notify-staging
cf delete-service-key -f notify-api-ses-staging $key_name
cf delete-service-key -f notify-api-sns-staging $key_name
./run.sh -u $username

View File

@@ -8,7 +8,7 @@ $0: Create development infrastructure
Usage:
$0 -h
$0 [-u <USER NAME>] [-k]
$0 [-u <USER NAME>] [-k] [-d]
Options:
-h: show help and exit