diff --git a/docker/docker-hub-build-push-single-arg-multi-arch.mk b/docker/docker-hub-build-push-single-arg-multi-arch.mk new file mode 100644 index 0000000..60b8897 --- /dev/null +++ b/docker/docker-hub-build-push-single-arg-multi-arch.mk @@ -0,0 +1,26 @@ +-include ../../@bin/config/base.mk + +.PHONY: help +SHELL := /bin/bash +DOCKER_REPO_NAME := binbash + +help: + @echo 'Available Commands:' + @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' + +#==============================================================# +# DOCKER # +#==============================================================# +build: ## build docker image + docker buildx build \ + --platform linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7,linux/arm/v8 \ + -t ${DOCKER_REPO_NAME}/${DOCKER_IMG_NAME}:${DOCKER_TAG} \ + --build-arg DOCKER_TAG='${DOCKER_TAG}' . + +push: ## push docker image to registry + docker buildx build \ + --platform linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7,linux/arm/v8 \ + --push \ + -t ${DOCKER_REPO_NAME}/${DOCKER_IMG_NAME}:${DOCKER_TAG} \ + --build-arg DOCKER_TAG='${DOCKER_TAG}' . + diff --git a/mkdocs/mkdocs-material.mk b/mkdocs/mkdocs-material.mk index 22cd04c..be3c709 100644 --- a/mkdocs/mkdocs-material.mk +++ b/mkdocs/mkdocs-material.mk @@ -5,7 +5,7 @@ SHELL := /bin/bash LOCAL_OS_USER_ID = $(shell id -u) LOCAL_OS_GROUP_ID = $(shell id -g) -MKDOCS_DOCKER_IMG := squidfunk/mkdocs-material:8.1.8 +MKDOCS_DOCKER_IMG := squidfunk/mkdocs-material:8.2.16 # GOOGLE_ANALYTICS_KEY: must be preset as os.ENV var help: diff --git a/terraform11/terraform11-subfolder.mk b/terraform11/terraform11-subfolder.mk deleted file mode 100644 index 312c8f8..0000000 --- a/terraform11/terraform11-subfolder.mk +++ /dev/null @@ -1,141 +0,0 @@ -include ../../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd ../../ && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../../.. && cd config && pwd) -TF_VER := 0.11.14 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /usr/local/go/bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -plan-detailed: ## Preview terraform changes with a more detailed output - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -diff: ## Terraform plan with landscape - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - | docker run -i --rm binbash/terraform-landscape - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output - -destroy: ## Destroy all resources managed by terraform - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt - -force-unlock: ## Manually unlock the terraform state, eg: make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../../@bin/scripts/validate-terraform-layout.sh diff --git a/terraform11/terraform11.mk b/terraform11/terraform11.mk deleted file mode 100644 index 8c7935d..0000000 --- a/terraform11/terraform11.mk +++ /dev/null @@ -1,141 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd .. && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../.. && cd config && pwd) -TF_VER := 0.11.14 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /usr/local/go/bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -plan-detailed: ## Preview terraform changes with a more detailed output - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -diff: ## Terraform plan with landscape - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - | docker run -i --rm binbash/terraform-landscape - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output - -destroy: ## Destroy all resources managed by terraform - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt - -force-unlock: ## Manually unlock the terraform state, eg: make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../@bin/scripts/validate-terraform-layout.sh diff --git a/terraform12/terraform12-import-rm-subfolder.mk b/terraform12/terraform12-import-rm-subfolder.mk deleted file mode 100644 index fdc6a0f..0000000 --- a/terraform12/terraform12-import-rm-subfolder.mk +++ /dev/null @@ -1,75 +0,0 @@ -include ../../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd ../../ && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../../../ && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -# -# Terraform Import & rm aux commands -# -import: ## terraform import resources - eg make import' - REPOS=(${TF_IMPORT_RESOURCE_LIST});\ - OLDIFS=$$IFS;\ - IFS=',';\ - for i in "$${REPOS[@]}"; do\ - set -- $$i;\ - if [ "$$2" != "" ]; then\ - echo -----------------------;\ - echo $$1;\ - echo $$2;\ - echo -----------------------;\ - ${TF_CMD_PREFIX} import \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} $$1 $$2;\ - echo -----------------------;\ - echo "TF SUCCESSFULLY IMPORTED $$1";\ - cd ..;\ - echo "";\ - fi;\ - done;\ - IFS=$$OLDIFS - -state-rm: ## terraform rm resource from state - eg make state-rm' - ${TF_CMD_PREFIX} state rm ${TF_RM_RESOURCE} - -state-list: ## terraform state list - eg make state-list - ${TF_CMD_PREFIX} state list diff --git a/terraform12/terraform12-import-rm.mk b/terraform12/terraform12-import-rm.mk deleted file mode 100644 index 88667ae..0000000 --- a/terraform12/terraform12-import-rm.mk +++ /dev/null @@ -1,72 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd ../ && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../../ && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -# -# Terraform Import & rm aux commands -# -import: ## terraform import resources - eg: make import' - REPOS=(${TF_IMPORT_RESOURCE_LIST});\ - OLDIFS=$$IFS;\ - IFS=',';\ - for i in "$${REPOS[@]}"; do\ - set -- $$i;\ - if [ "$$2" != "" ]; then\ - echo -----------------------;\ - echo $$1;\ - echo $$2;\ - echo -----------------------;\ - ${TF_CMD_PREFIX} import \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} $$1 $$2;\ - echo -----------------------;\ - echo "TF SUCCESSFULLY IMPORTED $$1";\ - cd ..;\ - echo "";\ - fi;\ - done;\ - IFS=$$OLDIFS - -state-rm: ## terraform rm resource from state - eg: make state-rm' - ${TF_CMD_PREFIX} state rm ${TF_RM_RESOURCE} diff --git a/terraform12/terraform12-mfa.mk b/terraform12/terraform12-mfa.mk deleted file mode 100644 index 365a998..0000000 --- a/terraform12/terraform12-mfa.mk +++ /dev/null @@ -1,201 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd .. && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../.. && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /root/scripts/aws-mfa/aws-mfa-entrypoint.sh -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_BASH_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_COMMON_CONFIG_DIR}/../\@bin/scripts:/root/scripts \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/tmp/${PROJECT_SHORT} \ --e BACKEND_CONFIG_FILE=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ --e COMMON_CONFIG_FILE=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --e SRC_AWS_CONFIG_FILE=/root/tmp/${PROJECT_SHORT}/config \ --e SRC_AWS_SHARED_CREDENTIALS_FILE=/root/tmp/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CACHE_DIR=/root/tmp/${PROJECT_SHORT}/cache \ ---entrypoint=bash \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -define TF_CMD_MFA_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_COMMON_CONFIG_DIR}/../\@bin/scripts:/root/scripts \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/tmp/${PROJECT_SHORT} \ --e BACKEND_CONFIG_FILE=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ --e COMMON_CONFIG_FILE=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --e SRC_AWS_CONFIG_FILE=/root/tmp/${PROJECT_SHORT}/config \ --e SRC_AWS_SHARED_CREDENTIALS_FILE=/root/tmp/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CACHE_DIR=/root/tmp/${PROJECT_SHORT}/cache \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} \ -terraform -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -shell: ## Initialize terraform backend, plugins, and modules - ${TF_CMD_BASH_PREFIX} - -version: ## Show terraform version - ${TF_CMD_MFA_PREFIX} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_MFA_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -init-reconfigure: init-reconfigure-cmd tf-dir-chown ## Initialize and reconfigure terraform backend, plugins, and modules -init-reconfigure-cmd: - ${TF_CMD_MFA_PREFIX} init \ - -reconfigure \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_MFA_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -plan-detailed: ## Preview terraform changes with a more detailed output - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_MFA_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_MFA_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_MFA_PREFIX} output - -destroy: ## Destroy all resources managed by terraform - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_MFA_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_MFA_PREFIX} fmt -recursive - -format-check: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_MFA_PREFIX} fmt -recursive -check ${TF_PWD_CONT_DIR} - -tflint: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 - -tflint-deep: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 --deep \ - --aws-profile=${LOCAL_OS_AWS_PROFILE} \ - --aws-creds-file=/root/.aws/credentials \ - --aws-region=${LOCAL_OS_AWS_REGION} - -force-unlock: ## Manually unlock the terraform state, eg make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_MFA_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../@bin/scripts/validate-terraform-layout.sh - -cost-estimate-plan: ## Terraform plan cost estimate (https://www.infracost.io/), eg make INFRACOST_API_KEY="XXXXXXXXXXXX" cost-estimate-plan - ${TF_CMD_MFA_PREFIX} plan -out=plan.save \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - ${TF_CMD_MFA_PREFIX} show -json plan.save > plan.json - sed -i '/^\[/d' plan.json - @echo ---------------------------------------------------------------------- - docker run --rm \ - -e INFRACOST_API_KEY=${INFRACOST_API_KEY} \ - -v $$PWD/:/code/ \ - --entrypoint=/usr/local/bin/infracost \ - binbash/terraform-infracost-slim:${TF_VER} --tfjson /code/plan.json --show-skipped diff --git a/terraform12/terraform12-no-warn.mk b/terraform12/terraform12-no-warn.mk deleted file mode 100644 index 5aa7095..0000000 --- a/terraform12/terraform12-no-warn.mk +++ /dev/null @@ -1,149 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd .. && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../.. && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - -compact-warnings - -plan-detailed: ## Preview terraform changes with a more detailed output - ${TF_CMD_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - -compact-warnings - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - ${TF_CMD_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} \ - -compact-warnings - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output - -destroy: ## Destroy all resources managed by terraform - ${TF_CMD_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive - -format-check: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive -check ${TF_PWD_CONT_DIR} - -tflint: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 - -tflint-deep: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 --deep \ - --aws-profile=${LOCAL_OS_AWS_PROFILE} \ - --aws-creds-file=/root/.aws/credentials \ - --aws-region=${LOCAL_OS_AWS_REGION} - -force-unlock: ## Manually unlock the terraform state, eg: make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../@bin/scripts/validate-terraform-layout.sh - -cost-estimate-plan: ## Terraform plan output compatible with https://terraform-cost-estimation.com/ - curl -sLO https://raw.githubusercontent.com/antonbabenko/terraform-cost-estimation/master/terraform.jq - ${TF_CMD_PREFIX} plan -out=plan.tfplan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} && \ - ${TF_CMD_PREFIX} show -json plan.tfplan > plan.json - @echo ---------------------------------------------------------------------- - cat plan.json \ - | curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/ - @ #| jq -cf terraform.jq | curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/ # TODO: Fix jq errorrs - @echo '' - @echo ---------------------------------------------------------------------- - @rm -rf terraform.jq plan.tfplan plan.json - -cost-estimate-state: ## Terraform state output compatible with https://terraform-cost-estimation.com/ - curl -sLO https://raw.githubusercontent.com/antonbabenko/terraform-cost-estimation/master/terraform.jq - ${TF_CMD_PREFIX} state pull > state.json - @echo ---------------------------------------------------------------------- - cat state.json \ - | curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/ - @ #| jq -cf terraform.jq | curl -s -X POST -H "Content-Type: application/json" -d @- https://cost.modules.tf/ # TODO: Fix jq errorrs - @echo '' - @echo ---------------------------------------------------------------------- - @rm -rf terraform.jq state.json diff --git a/terraform12/terraform12-root-context.mk b/terraform12/terraform12-root-context.mk deleted file mode 100644 index e4b223d..0000000 --- a/terraform12/terraform12-root-context.mk +++ /dev/null @@ -1,68 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_VER := 0.12.28 -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive - -format-check: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive -check ${TF_PWD_CONT_DIR} - -#==============================================================# -# TERRAFORM HELPERS # -#==============================================================# -pre-commit: ## Execute validation: pre-commit run --all-files. - pre-commit run --all-files - -tflint: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 - -tflint-deep: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 --deep \ - --aws-profile=${LOCAL_OS_AWS_PROFILE} \ - --aws-creds-file=/root/.aws/credentials \ - --aws-region=${LOCAL_OS_AWS_REGION} diff --git a/terraform12/terraform12-subfolder.mk b/terraform12/terraform12-subfolder.mk deleted file mode 100644 index ffc6887..0000000 --- a/terraform12/terraform12-subfolder.mk +++ /dev/null @@ -1,187 +0,0 @@ -include ../../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd ../../ && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../../../ && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -define TF_CMD_BASH_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=bash \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -shell: ## Initialize terraform backend, plugins, and modules - ${TF_CMD_BASH_PREFIX} - -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -plan-detailed: ## Preview terraform changes with a more detailed output - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output - -output-json: ## Terraform output json fmt command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output -json - -destroy: ## Destroy all resources managed by terraform - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive - -format-check: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive -check ${TF_PWD_CONT_DIR} - -tflint: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 - -tflint-deep: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 --deep \ - --aws-profile=${LOCAL_OS_AWS_PROFILE} \ - --aws-creds-file=/root/.aws/credentials \ - --aws-region=${LOCAL_OS_AWS_REGION} - -force-unlock: ## Manually unlock the terraform state, eg make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../../@bin/scripts/validate-terraform-layout.sh - -cost-estimate-plan: ## Terraform plan cost estimate (https://www.infracost.io/), eg make INFRACOST_API_KEY="XXXXXXXXXXXX" cost-estimate-plan - ${TF_CMD_MFA_PREFIX} plan -out=plan.save \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - ${TF_CMD_MFA_PREFIX} show -json plan.save > plan.json - sed -i '/^\[/d' plan.json - @echo ---------------------------------------------------------------------- - docker run --rm \ - -e INFRACOST_API_KEY=${INFRACOST_API_KEY} \ - -v $$PWD/:/code/ \ - --entrypoint=/usr/local/bin/infracost \ - binbash/terraform-infracost-slim:${TF_VER} --tfjson /code/plan.json --show-skipped diff --git a/terraform12/terraform12.mk b/terraform12/terraform12.mk deleted file mode 100644 index a612274..0000000 --- a/terraform12/terraform12.mk +++ /dev/null @@ -1,187 +0,0 @@ --include ../../@bin/config/base.mk - -.PHONY: help -SHELL := /bin/bash - -LOCAL_OS_USER_ID = $(shell id -u) -LOCAL_OS_GROUP_ID = $(shell id -g) -LOCAL_OS_SSH_DIR := ~/.ssh -LOCAL_OS_GIT_CONF_DIR := ~/.gitconfig -LOCAL_OS_AWS_CONF_DIR := ~/.aws/${PROJECT_SHORT} - -TF_PWD_DIR = $(shell pwd) -TF_PWD_CONT_DIR := "/go/src/project/" -TF_PWD_CONFIG_DIR = $(shell cd .. && cd config && pwd) -TF_PWD_COMMON_CONFIG_DIR = $(shell cd ../.. && cd config && pwd) -TF_VER := 0.12.28 -TF_DOCKER_BACKEND_CONF_VARS_FILE := /config/backend.config -TF_DOCKER_ACCOUNT_CONF_VARS_FILE := /config/account.config -TF_DOCKER_COMMON_CONF_VARS_FILE := /common-config/common.config -TF_DOCKER_ENTRYPOINT := /bin/terraform -TF_DOCKER_IMAGE := binbash/terraform-awscli-slim - -define TF_CMD_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=${TF_DOCKER_ENTRYPOINT} \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -define TF_CMD_BASH_PREFIX -docker run --security-opt="label:disable" --rm \ --v ${TF_PWD_DIR}:${TF_PWD_CONT_DIR}:rw \ --v ${TF_PWD_CONFIG_DIR}:/config \ --v ${TF_PWD_COMMON_CONFIG_DIR}/common.config:${TF_DOCKER_COMMON_CONF_VARS_FILE} \ --v ${LOCAL_OS_SSH_DIR}:/root/.ssh \ --v ${LOCAL_OS_GIT_CONF_DIR}:/etc/gitconfig \ --v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws/${PROJECT_SHORT} \ --e AWS_SHARED_CREDENTIALS_FILE=/root/.aws/${PROJECT_SHORT}/credentials \ --e AWS_CONFIG_FILE=/root/.aws/${PROJECT_SHORT}/config \ ---entrypoint=bash \ --w ${TF_PWD_CONT_DIR} \ --it ${TF_DOCKER_IMAGE}:${TF_VER} -endef - -help: - @echo 'Available Commands:' - @egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":"}; { if ($$3 == "") { printf " - \033[36m%-18s\033[0m %s\n", $$1, $$2 } else { printf " - \033[36m%-18s\033[0m %s\n", $$2, $$3 }}' - -#==============================================================# -# TERRAFORM # -#==============================================================# -tf-dir-chown: ## run chown in ./.terraform to grant that the docker mounted dir has the right permissions - @echo LOCAL_OS_USER_ID: ${LOCAL_OS_USER_ID} - @echo LOCAL_OS_GROUP_ID: ${LOCAL_OS_GROUP_ID} - sudo chown -R ${LOCAL_OS_USER_ID}:${LOCAL_OS_GROUP_ID} ./.terraform - -shell: ## Initialize terraform backend, plugins, and modules - ${TF_CMD_BASH_PREFIX} - -version: ## Show terraform version - docker run --security-opt="label:disable" --rm \ - --entrypoint=${TF_DOCKER_ENTRYPOINT} \ - -t ${TF_DOCKER_IMAGE}:${TF_VER} version - -init: init-cmd tf-dir-chown ## Initialize terraform backend, plugins, and modules -init-cmd: - ${TF_CMD_PREFIX} init \ - -backend-config=${TF_DOCKER_BACKEND_CONF_VARS_FILE} - -plan: ## Preview terraform changes - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -plan-detailed: ## Preview terraform changes with a more detailed output - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} plan -detailed-exitcode \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -apply: apply-cmd tf-dir-chown ## Make terraform apply any changes with dockerized binary -apply-cmd: - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} apply \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -output: ## Terraform output command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output - -output-json: ## Terraform output json fmt command is used to extract the value of an output variable from the state file. - ${TF_CMD_PREFIX} output -json - -destroy: ## Destroy all resources managed by terraform - @if [ -f ./*.enc ] && [ ! -f ./*.dec.tf ]; then\ - echo "===============================================";\ - echo "Decrypting secrets before running 'make apply',";\ - echo "please enter your ansible-vault encryption key ";\ - echo "===============================================";\ - make decrypt;\ - fi - - ${TF_CMD_PREFIX} destroy \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - -format: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive - -format-check: ## The terraform fmt is used to rewrite tf conf files to a canonical format and style. - ${TF_CMD_PREFIX} fmt -recursive -check ${TF_PWD_CONT_DIR} - -tflint: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 - -tflint-deep: ## TFLint is a Terraform linter for detecting errors that can not be detected by terraform plan (tf0.12 > 0.10.x). - docker run --security-opt="label:disable" --rm \ - -v ${LOCAL_OS_AWS_CONF_DIR}:/root/.aws \ - -v ${TF_PWD_DIR}:/data \ - -t wata727/tflint:0.14.0 --deep \ - --aws-profile=${LOCAL_OS_AWS_PROFILE} \ - --aws-creds-file=/root/.aws/credentials \ - --aws-region=${LOCAL_OS_AWS_REGION} - -force-unlock: ## Manually unlock the terraform state, eg make ARGS="a94b0919-de5b-9b8f-4bdf-f2d7a3d47112" force-unlock - ${TF_CMD_PREFIX} force-unlock ${ARGS} - -decrypt: ## Decrypt secrets.tf via ansible-vault - ansible-vault decrypt --output secrets.dec.tf secrets.enc - -encrypt: ## Encrypt secrets.dec.tf via ansible-vault - ansible-vault encrypt --output secrets.enc secrets.dec.tf \ - && rm -rf secrets.dec.tf - -validate-tf-layout: ## Validate Terraform layout to make sure it's set up properly - ../../@bin/scripts/validate-terraform-layout.sh - -cost-estimate-plan: ## Terraform plan cost estimate (https://www.infracost.io/), eg make INFRACOST_API_KEY="XXXXXXXXXXXX" cost-estimate-plan - ${TF_CMD_MFA_PREFIX} plan -out=plan.save \ - -var-file=${TF_DOCKER_BACKEND_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_COMMON_CONF_VARS_FILE} \ - -var-file=${TF_DOCKER_ACCOUNT_CONF_VARS_FILE} - ${TF_CMD_MFA_PREFIX} show -json plan.save > plan.json - sed -i '/^\[/d' plan.json - @echo ---------------------------------------------------------------------- - docker run --rm \ - -e INFRACOST_API_KEY=${INFRACOST_API_KEY} \ - -v $$PWD/:/code/ \ - --entrypoint=/usr/local/bin/infracost \ - binbash/terraform-infracost-slim:${TF_VER} --tfjson /code/plan.json --show-skipped