-
-
Save kondor6c/58d8395b32d55b8ab4f18620b75f86ae to your computer and use it in GitHub Desktop.
POC of basic python terraform wrapper scripting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sh | |
| from sh import terraform, Command | |
| go_getter = Command("go-getter") | |
| from sh import ErrorReturnCode | |
| import yaml | |
| import logging | |
| import re | |
| import os | |
| import sys | |
| TF_OUTPUT_OFFSET = 16 | |
| CWD = os.getcwd() | |
| CONFIG_FILES = [ | |
| 'aws/us-west-2/spoke1-vpc/terraform.yml', | |
| # 'aws/us-east-1/spoke2-vpc/terraform.yml' | |
| ] | |
| log = logging.getLogger() | |
| log.handlers = [] | |
| handler = logging.StreamHandler(sys.stdout) | |
| formatter = logging.Formatter( | |
| '%(asctime)4s %(name)4s [%(filename)s:%(lineno)s - %(funcName)s()] %(levelname)4s %(message)4s') | |
| handler.setFormatter(formatter) | |
| log.addHandler(handler) | |
| log.setLevel(logging.INFO) | |
| def format_tf_output(output): | |
| return re.sub(r'(?m)^', ' ' * TF_OUTPUT_OFFSET, str(output)) | |
| def get_module_config(f): | |
| with open(f, 'r') as s: | |
| log.info('opening config {}'.format(f)) | |
| return yaml.load(s) | |
| def load_module_configs(config_files): | |
| config = [] | |
| for c in config_files: | |
| config.append({'name': c, 'properties': get_module_config(c)}) | |
| return config | |
| def get_module_secrets(config): | |
| """ | |
| utilize hashicorp go-getter cli https://github.com/hashicorp/go-getter | |
| """ | |
| tf_module = os.path.dirname(config['name']) | |
| secrets = config['properties']['secrets'] | |
| with sh.pushd(tf_module): | |
| for secret in secrets: | |
| try: | |
| log.info('fetching secrets: {}'.format(secret)) | |
| go_getter(secret, '.secrets') | |
| except ErrorReturnCode as err: | |
| log.error(err.stderr) | |
| def terraform_plan(config): | |
| tf_module = os.path.dirname(config['name']) | |
| log.info('terraform plan on module: {}'.format(tf_module)) | |
| with sh.pushd(tf_module): | |
| try: | |
| tf_init = terraform.init() | |
| log.info(format_tf_output(tf_init)) | |
| tf_plan = terraform.plan() | |
| log.info(format_tf_output(tf_plan)) | |
| except ErrorReturnCode as err: | |
| log.error(err.stderr) | |
| def terraform_apply(config): | |
| tf_module = os.path.dirname(config['name']) | |
| log.info('terraform apply on module: {}'.format(tf_module)) | |
| with sh.pushd(tf_module): | |
| try: | |
| tf_apply = terraform.apply('-input=true', '-auto-approve') | |
| log.info(format_tf_output(tf_apply)) | |
| except ErrorReturnCode as err: | |
| log.error(err.stdout) | |
| def terraform_destroy(config): | |
| tf_module = os.path.dirname(config['name']) | |
| log.info('terraform destroy on module: {}'.format(tf_module)) | |
| with sh.pushd(tf_module): | |
| try: | |
| tf_destroy = terraform.destroy('-force') | |
| log.info(format_tf_output(tf_destroy)) | |
| except ErrorReturnCode as err: | |
| log.error(err.stderr) | |
| if __name__ == '__main__': | |
| # load the config files | |
| config = load_module_configs(CONFIG_FILES) | |
| # process the modules | |
| for c in config: | |
| get_module_secrets(c) | |
| terraform_plan(c) | |
| terraform_apply(c) | |
| terraform_destroy(c) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment