wip state management terraform recipe

futurice · Feb 19, 2023 · b9a9dc3 · b9a9dc3
1 parent 391b5dd
commit b9a9dc3
Show file tree

Hide file tree

Showing 4 changed files with 60 additions and 0 deletions.
diff --git a/examples/terraform-bootstrap/recipe.yml b/examples/terraform-bootstrap/recipe.yml
@@ -0,0 +1,10 @@
+apiVersion: v1
+name: terraform-bootstrap
+version: v0.0.1
+description: Set up Terraform basics like state file bootstrapping
+initHelp: Install Task from https://taskfile.dev and run `task tf-state-init dev` in the 'terraform' subdirectory of the project directory to set up terraform.
+vars:
+  - name: SERVICE_NAME
+    description: Service name
+  - name: RESOURCE_GROUP_NAME
+    description: Azure Resource Group name
diff --git a/examples/terraform-bootstrap/templates/terraform/Taskfile.yml b/examples/terraform-bootstrap/templates/terraform/Taskfile.yml
@@ -0,0 +1,10 @@
+version: "3"
+
+tasks:
+  tf-state-init:
+    cmds:
+      - terraform init
+      - terraform workspace {{.CLI_ARGS}}
+      - terraform apply -target local_file.backend_config -y
+      - echo "access_key=$(az storage account keys list --resource-group {{ .Variables.RESOURCE_GROUP_NAME }} --account-name $(terraform output -raw tfstate_storage_account_name) --query '[0].value' --output tsv)" > terraform-backend.config
+      - terraform init -migrate-state -backend-config="key=dev.tfstate" -backend-config="terraform-backend.config"
diff --git a/examples/terraform-bootstrap/templates/terraform/provider.tf b/examples/terraform-bootstrap/templates/terraform/provider.tf
@@ -0,0 +1,3 @@
+provider "azurerm" {
+  features {}
+}
diff --git a/examples/terraform-bootstrap/templates/terraform/state-storage.tf b/examples/terraform-bootstrap/templates/terraform/state-storage.tf
@@ -0,0 +1,37 @@
+data "azurerm_resource_group" "main" {
+  name     = {{ quote .Variables.RESOURCE_GROUP_NAME }}
+}
+
+resource "azurerm_storage_account" "tfstate" {
+  name                     = "{{ (printf "tfs%.11s%.6s" (regexReplaceAll "[^a-z0-9]" (.Variables.SERVICE_NAME | lower) "") (randNumeric 6)) }}${terraform.workspace}"
+  resource_group_name      = data.azurerm_resource_group.main.name
+  location                 = data.azurerm_resource_group.main.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+  min_tls_version          = "TLS1_2"
+}
+
+#
+# TODO: "anchor" / "id" in rendered recipe (generated when executed, somehow uniquely identifies recipe + project combo)
+# TODO: family of stableRandomX helper functions for sprig where they always give the same value for the same id, e.g. "gimme 6 random alphanumeric characters that don't change on recipe upgrade"
+
+resource "azurerm_storage_container" "tfstate" {
+  name                  = "tfstate"
+  storage_account_name  = azurerm_storage_account.tfstate.name
+}
+
+resource "local_file" "backend_config" {
+  filename = "backend.tf"
+  content = <<-EOT
+terraform {
+	backend "azurerm" {
+		storage_account_name = "${azurerm_storage_account.tfstate.name}"
+		container_name = "${azurerm_storage_container.tfstate.name}"
+	}
+}
+EOT
+}
+
+output "tfstate_storage_account_name" {
+  value = azurerm_storage_account.tfstate.name
+}