Added: example terraform module usage (#2)

Added: example terraform module usage ***What does this change do?*** - example terraform module usage - formatting and linting ***Why is this change needed?*** - get one example in place
eirenauts · Mar 13, 2024 · b0bd819 · b0bd819
1 parent 89311f8
commit b0bd819
Show file tree

Hide file tree

Showing 22 changed files with 946 additions and 43 deletions.
diff --git a/.ci/exec_functions.sh b/.ci/exec_functions.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+# shellcheck shell=bash disable=SC1094,SC1090,SC1091,SC2044
+
+set -e
+set -o pipefail
+
+scripts_path="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+for f in $(find "${scripts_path}" -type f -name 'functions_*.sh'); do
+    source "${f}"
+done
+
+"$@"
diff --git a/.ci/functions.sh b/.ci/functions.sh
diff --git a/.ci/functions_az.sh b/.ci/functions_az.sh
@@ -0,0 +1,77 @@
+#!/usr/bin/env bash
+# shellcheck shell=bash disable=SC1090,SC1091,SC2015
+
+function azure_cli_login() {
+    local az_client_id="${1}"
+    local az_client_secret="${2}"
+    local az_tenant_id="${3}"
+
+    az login \
+        --service-principal \
+        --username "${az_client_id}" \
+        --password "${az_client_secret}" \
+        --tenant "${az_tenant_id}"
+}
+
+function get_az_ad_application_name() {
+    if [[ ! -e ./terraform.auto.tfvars.enc.json ]]; then
+        echo "Unexpectedly missing terraform.auto.tfvars.enc.json file" >/dev/stderr
+        exit 1
+    fi
+    jq -r '.azure.az_ad_application_name' <terraform.auto.tfvars.enc.json
+}
+
+function get_azure_client_id() {
+    az ad app list \
+        --display-name "$(get_az_ad_application_name)" \
+        --output tsv \
+        --query '[0].appId'
+}
+
+function get_azure_client_secret() {
+    if [[ ! -e ./terraform.auto.tfvars.json ]]; then
+        echo "Unexpectedly missing terraform.auto.tfvars.json file" >/dev/stderr
+        echo "Ensure that the terraform.auto.tfvars.enc.json file has been decrypted"
+        exit 1
+    fi
+    jq -r .azure.client_secret_enc <terraform.auto.tfvars.json
+}
+
+function generate_sas_key() {
+    local subscription="${1}"
+    local storage_account_name="${2}"
+
+    if [[ -z "${storage_account_name}" ]]; then
+        echo "variable storage_account_name must be set" >>/dev/stderr
+        exit 1
+    fi
+
+    if [[ -z "${subscription}" ]]; then
+        echo "variable subscription must be set" >>/dev/stderr
+        exit 1
+    fi
+
+    az storage account generate-sas \
+        --expiry "$(date -d "+1 days" +%Y-%m-%d)"'T00:00:00Z' \
+        --permissions "acdlpruw" \
+        --resource-types "co" \
+        --services "b" \
+        --account-name "${storage_account_name}" \
+        --https-only \
+        --subscription "${subscription}" \
+        -o tsv
+}
+
+function get_sas_token() {
+    local tf_decrypted_file="${1}"
+    local subscription_id
+
+    if [[ -z "${tf_decrypted_file}" ]]; then
+        tf_decrypted_file=terraform.auto.tfvars.json
+    fi
+
+    subscription_id="$(jq -r .azure.subscription_id <"${tf_decrypted_file}")"
+    storage_account_name="$(jq -r .terraform_backend.storage_account_name <"${tf_decrypted_file}")"
+
+    generate_sas_key "${subscription_id}" "${storage_account_name}"
+}
diff --git a/.ci/functions_lint.sh b/.ci/functions_lint.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+# shellcheck disable=SC2061,SC2035,SC2044
+
+function format_shell() {
+    for f in $(
+        find . -type f -name "*.sh" \
+            -not \( -path "*/node_modules/*" -prune \) \
+            -not \( -path "*/.terraform/*" -prune \)
+    ); do
+        shfmt -l -w "${f}"
+    done
+}
+
+function format_markdown() {
+    for f in $(
+        find . -type f -name "*.md" \
+            -not \( -path "*/node_modules/*" -prune \) \
+            -not \( -path "*/.terraform/*" -prune \)
+    ); do
+        yarn prettier --write "${f}"
+    done
+}
+
+function format_tofu() {
+    tofu fmt --recursive
+}
+
+function format_all() {
+    format_markdown
+    format_shell
+    format_tofu
+}
+
+function lint_markdown() {
+    for f in $(
+        find . -type f -name "*.md" \
+            -not \( -path "*/node_modules/**" -prune \) \
+            -not \( -path "*/.terraform/**" -prune \)
+    ); do
+        yarn markdownlint-cli2 "${f}" "#node_modules"
+    done
+    for f in $(
+        find . -type f -name "*.md" \
+            -not \( -path "*/node_modules/**" -prune \) \
+            -not \( -path "*/.terraform/**" -prune \)
+    ); do
+        yarn prettier --check "${f}"
+    done
+}
+
+function lint_shell() {
+    find . -type f -name "*.sh" -exec shfmt -l -d {} +
+    find . -type f -name "*.sh" -exec shellcheck -x {} +
+}
+
+function lint_tofu() {
+    local tf_projs
+    readarray -t tf_projs < <(find ./examples -mindepth 1 -maxdepth 1 -type d)
+
+    for tf_proj in "${tf_projs[@]}"; do
+        if [[ -n "$(find ./"${tf_proj}" -name *.tf)" ]]; then
+            pushd "${tf_proj}" >/dev/null || return
+            if [[ -d .terraform ]]; then rm -rf .terraform; fi
+            if [[ -e .terraform.lock.hcl ]]; then rm .terraform.lock.hcl; fi
+            tofu init -backend=false >/dev/null || (popd >/dev/null || return)
+            tofu validate || (popd >/dev/null || return)
+            popd >/dev/null || return
+        fi
+    done
+}