diff --git a/.circleci/config.yml b/.circleci/config.yml index 1b378d4d824..82285e22bbb 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,35 +1,6 @@ version: 2 jobs: - "test-infra/scan/terraform": - docker: - - image: alpine/git:v2.26.2 - steps: - - checkout - - run: - name: Scan terraform code # terrascan -d does not currently support remote TF modules. See: https://github.com/accurics/terrascan/issues/332 - command: | - apk add curl tar - curl -L "$(curl -Ls https://api.github.com/repos/accurics/terrascan/releases/latest | grep -o -E "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz - tar -xf terrascan.tar.gz - install terrascan /usr/local/bin - terrascan scan -i terraform -d config/clusters -v \ - --skip-rules 'AC_AWS_0214,AC_AWS_0369,AC_AWS_0487,AC_AWS_078,AWS.CloudTrail.Logging.Medium.007,AC_AWS_0447,AC_AWS_0497,AC_AWS_0458,AC_AWS_0320' - "test-infra/deploy/terraform": - requires: - - test-infra/scan/terraform - docker: - - image: amazon/aws-cli:2.6.3 - steps: - - checkout - - run: - name: Deploy terraform - command: | - yum update -y - yum install jq unzip git -y - ./tools/deploy_terraform.sh "test-infra/deploy/prow": - requires: - - test-infra/deploy/terraform docker: - image: amazon/aws-cli:2.6.3 steps: @@ -46,15 +17,6 @@ workflows: version: 2 build: jobs: - - "test-infra/scan/terraform": - context: test-infra - - "test-infra/deploy/terraform": - requires: - - test-infra/scan/terraform - context: test-infra - filters: - branches: - only: master - "test-infra/deploy/prow": requires: - test-infra/deploy/terraform diff --git a/tools/deploy_terraform.sh b/tools/deploy_terraform.sh deleted file mode 100755 index 43203e36983..00000000000 --- a/tools/deploy_terraform.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit -set -o nounset -set -o pipefail - -# Specific to Prow instance -PROW_INSTANCE_NAME="${PROW_INSTANCE_NAME:-}" -CLUSTER="falco-prow" -ZONE="eu-west-1" - -function main() { - echo "> Installing terraform" - echo - terraform-install - echo "> Running Terraform" - echo - createCluster -} - -function terraform-install() { - hash terraform 2>/dev/null && \ - echo "Already installed at $(command -v terraform)." && \ - echo "Version: $(terraform version)" && \ - return 0 - - local terraform_version=$(grep required_version config/clusters/terraform_versions.tf | cut -d '=' -f3 | tr -d '"' | tr -d ' ') - local terraform_url="https://releases.hashicorp.com/terraform/${terraform_version}/terraform_${terraform_version}_linux_amd64.zip" - local install_path="/usr/local/bin/" - local tmpdir=$(mktemp -d) - - curl -s "${terraform_url}" > $tmpdir/terraform.zip - unzip $tmpdir/terraform.zip - rm -rf $tmpdir - install terraform $install_path - terraform --version - echo "Installed: $(terraform)" -} - -function createCluster() { - echo "Creating cluster '${CLUSTER}' (this may take a few minutes)..." - echo - - pushd config/clusters - - terraform init - terraform get - terraform validate - - terraform apply -var-file prow.tfvars -auto-approve - - popd - - aws eks --region ${ZONE} update-kubeconfig --name falco-prow-test-infra -} - -function cleanup() { - returnCode="$?" - exit "${returnCode}" -} - -trap cleanup EXIT -main "$@" -cleanup