terraform

package
v2.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 15, 2023 License: AGPL-3.0 Imports: 26 Imported by: 0

Documentation

Overview

Package terraform handles creation/destruction of cloud and IAM resources required by Constellation using Terraform.

Since Terraform does not provide a stable Go API, we use the `terraform-exec` package to interact with Terraform.

The Terraform templates are located in the constants.TerraformEmbeddedDir subdirectory. The templates are embedded into the CLI binary using `go:embed`. On use the relevant template is extracted to the working directory and the user customized variables are written to a `terraform.tfvars` file.

Functions in this package should be kept CSP agnostic (there should be no "CreateAzureCluster" function), as loading the correct values and calling the correct functions for a given CSP is handled by the `cloudcmd` package.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func VariablesFromBytes added in v2.11.0 

func VariablesFromBytes[T any](b []byte, vars *T) error

VariablesFromBytes parses the given bytes into the given variables struct.

Types

type AWSClusterVariables added in v2.3.0 

type AWSClusterVariables struct {
	// Name of the cluster.
	Name string `hcl:"name" cty:"name"`
	// Region is the AWS region to use.
	Region string `hcl:"region" cty:"region"`
	// Zone is the AWS zone to use in the given region.
	Zone string `hcl:"zone" cty:"zone"`
	// AMIImageID is the ID of the AMI image to use.
	AMIImageID string `hcl:"ami" cty:"ami"`
	// IAMGroupControlPlane is the IAM group to use for the control-plane nodes.
	IAMProfileControlPlane string `hcl:"iam_instance_profile_control_plane" cty:"iam_instance_profile_control_plane"`
	// IAMGroupWorkerNodes is the IAM group to use for the worker nodes.
	IAMProfileWorkerNodes string `hcl:"iam_instance_profile_worker_nodes" cty:"iam_instance_profile_worker_nodes"`
	// Debug is true if debug mode is enabled.
	Debug bool `hcl:"debug" cty:"debug"`
	// EnableSNP controls enablement of the EC2 cpu-option "AmdSevSnp".
	EnableSNP bool `hcl:"enable_snp" cty:"enable_snp"`
	// NodeGroups is a map of node groups to create.
	NodeGroups map[string]AWSNodeGroup `hcl:"node_groups" cty:"node_groups"`
	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
	// InternalLoadBalancer is true if an internal load balancer should be created.
	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
}

AWSClusterVariables is user configuration for creating a cluster with Terraform on AWS.

func (*AWSClusterVariables) GetCreateMAA added in v2.10.0 

func (a *AWSClusterVariables) GetCreateMAA() bool

GetCreateMAA gets the CreateMAA variable. TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.

func (*AWSClusterVariables) String added in v2.3.0 

func (a *AWSClusterVariables) String() string

String returns a string representation of the variables, formatted as Terraform variables.

type AWSIAMOutput added in v2.3.0 

type AWSIAMOutput struct {
	ControlPlaneInstanceProfile string
	WorkerNodeInstanceProfile   string
}

AWSIAMOutput contains the output information of the Terraform IAM operation on GCP.

type AWSIAMVariables added in v2.3.0 

type AWSIAMVariables struct {
	// Region is the AWS location to use. (e.g. us-east-2)
	Region string `hcl:"region" cty:"region"`
	// Prefix is the name prefix of the resources to use.
	Prefix string `hcl:"name_prefix" cty:"name_prefix"`
}

AWSIAMVariables is user configuration for creating the IAM configuration with Terraform on Microsoft Azure.

func (*AWSIAMVariables) String added in v2.3.0 

func (v *AWSIAMVariables) String() string

String returns a string representation of the IAM-specific variables, formatted as Terraform variables.

type AWSNodeGroup added in v2.9.0 

type AWSNodeGroup struct {
	// Role is the role of the node group.
	Role string `hcl:"role" cty:"role"`
	// StateDiskSizeGB is the size of the state disk to allocate to each node, in GB.
	StateDiskSizeGB int `hcl:"disk_size" cty:"disk_size"`
	// InitialCount is the initial number of nodes to create in the node group.
	// During upgrades this value ignored.
	InitialCount int `hcl:"initial_count" cty:"initial_count"`
	// Zone is the AWS availability-zone to use in the given region.
	Zone string `hcl:"zone" cty:"zone"`
	// InstanceType is the type of the EC2 instance to use.
	InstanceType string `hcl:"instance_type" cty:"instance_type"`
	// DiskType is the EBS disk type to use for the state disk.
	DiskType string `hcl:"disk_type" cty:"disk_type"`
}

AWSNodeGroup is a node group to create on AWS.

type AzureClusterVariables added in v2.3.0 

type AzureClusterVariables struct {
	// Name of the cluster.
	Name string `hcl:"name" cty:"name"`
	// ImageID is the ID of the Azure image to use.
	ImageID string `hcl:"image_id" cty:"image_id"`
	// CreateMAA sets whether a Microsoft Azure attestation provider should be created.
	CreateMAA *bool `hcl:"create_maa" cty:"create_maa"`
	// Debug is true if debug mode is enabled.
	Debug *bool `hcl:"debug" cty:"debug"`
	// ResourceGroup is the name of the Azure resource group to use.
	ResourceGroup string `hcl:"resource_group" cty:"resource_group"`
	// Location is the Azure location to use.
	Location string `hcl:"location" cty:"location"`
	// UserAssignedIdentity is the name of the Azure user-assigned identity to use.
	UserAssignedIdentity string `hcl:"user_assigned_identity" cty:"user_assigned_identity"`
	// ConfidentialVM sets the VM to be confidential.
	ConfidentialVM *bool `hcl:"confidential_vm" cty:"confidential_vm"`
	// SecureBoot sets the VM to use secure boot.
	SecureBoot *bool `hcl:"secure_boot" cty:"secure_boot"`
	// NodeGroups is a map of node groups to create.
	NodeGroups map[string]AzureNodeGroup `hcl:"node_groups" cty:"node_groups"`
	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
	// InternalLoadBalancer is true if an internal load balancer should be created.
	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
}

AzureClusterVariables is user configuration for creating a cluster with Terraform on Azure.

func (*AzureClusterVariables) GetCreateMAA added in v2.10.0 

func (a *AzureClusterVariables) GetCreateMAA() bool

GetCreateMAA gets the CreateMAA variable. TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.

func (*AzureClusterVariables) String added in v2.3.0 

func (a *AzureClusterVariables) String() string

String returns a string representation of the variables, formatted as Terraform variables.

type AzureIAMOutput added in v2.3.0 

type AzureIAMOutput struct {
	SubscriptionID string
	TenantID       string
	UAMIID         string
}

AzureIAMOutput contains the output information of the Terraform IAM operation on Microsoft Azure.

type AzureIAMVariables added in v2.3.0 

type AzureIAMVariables struct {
	// Region is the Azure region to use. (e.g. westus)
	Region string `hcl:"region" cty:"region"`
	// ServicePrincipal is the name of the service principal to use.
	ServicePrincipal string `hcl:"service_principal_name" cty:"service_principal_name"`
	// ResourceGroup is the name of the resource group to use.
	ResourceGroup string `hcl:"resource_group_name" cty:"resource_group_name"`
}

AzureIAMVariables is user configuration for creating the IAM configuration with Terraform on Microsoft Azure.

func (*AzureIAMVariables) String added in v2.3.0 

func (v *AzureIAMVariables) String() string

String returns a string representation of the IAM-specific variables, formatted as Terraform variables.

type AzureNodeGroup added in v2.9.0 

type AzureNodeGroup struct {
	// Role is the role of the node group.
	Role string `hcl:"role" cty:"role"`
	// InitialCount is optional for upgrades.
	InitialCount int      `hcl:"initial_count" cty:"initial_count"`
	InstanceType string   `hcl:"instance_type" cty:"instance_type"`
	DiskSizeGB   int      `hcl:"disk_size" cty:"disk_size"`
	DiskType     string   `hcl:"disk_type" cty:"disk_type"`
	Zones        []string `hcl:"zones" cty:"zones"`
}

AzureNodeGroup is a node group to create on Azure.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client manages interaction with Terraform.

func New 

func New(ctx context.Context, workingDir string) (*Client, error)

New sets up a new Client for Terraform.

func (*Client) ApplyCluster added in v2.11.0 

func (c *Client) ApplyCluster(ctx context.Context, provider cloudprovider.Provider, logLevel LogLevel) (state.Infrastructure, error)

ApplyCluster applies the Terraform configuration of the workspace to create or upgrade a Constellation cluster.

func (*Client) ApplyIAM added in v2.11.0 

func (c *Client) ApplyIAM(ctx context.Context, provider cloudprovider.Provider, logLevel LogLevel) (IAMOutput, error)

ApplyIAM applies the Terraform configuration of the workspace to create or upgrade an IAM configuration.

func (*Client) CleanUpWorkspace 

func (c *Client) CleanUpWorkspace() error

CleanUpWorkspace removes terraform files from the current directory.

func (*Client) Destroy added in v2.5.3 

func (c *Client) Destroy(ctx context.Context, logLevel LogLevel) error

Destroy destroys Terraform-created cloud resources.

func (*Client) Plan added in v2.8.0 

func (c *Client) Plan(ctx context.Context, logLevel LogLevel) (bool, error)

Plan determines the diff that will be applied by Terraform. The plan output is written to the Terraform working directory. If there is a diff, the returned bool is true. Otherwise, it is false.

func (*Client) PrepareWorkspace added in v2.3.0 

func (c *Client) PrepareWorkspace(path string, vars Variables) error

PrepareWorkspace prepares a Terraform workspace for a Constellation cluster.

func (*Client) RemoveInstaller 

func (c *Client) RemoveInstaller()

RemoveInstaller removes the Terraform installer, if it was downloaded for this command.

func (*Client) ShowIAM added in v2.10.0 

func (c *Client) ShowIAM(ctx context.Context, provider cloudprovider.Provider) (IAMOutput, error)

ShowIAM reads the state of Constellation IAM resources from Terraform.

func (*Client) ShowInfrastructure added in v2.12.0 

func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.Provider) (state.Infrastructure, error)

ShowInfrastructure reads the state of Constellation cluster resources from Terraform.

func (*Client) ShowPlan added in v2.8.0 

func (c *Client) ShowPlan(ctx context.Context, logLevel LogLevel, output io.Writer) error

ShowPlan formats the diff of a plan file in the Terraform working directory, and writes it to the specified output.

func (*Client) WithManualStateMigration added in v2.9.0 

func (c *Client) WithManualStateMigration(migration StateMigration) *Client

WithManualStateMigration adds a manual state migration to the Client.

type ClusterVariables added in v2.10.0 

type ClusterVariables interface {
	Variables
	// TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.
	// GetCreateMAA does not follow Go's naming convention because we need to keep the CreateMAA property public for now.
	// There are functions creating Variables objects outside of this package.
	// These functions can only be moved into this package once we have introduced an interface for config.Config,
	// since we do not want to introduce a dependency on config.Config in this package.
	GetCreateMAA() bool
}

ClusterVariables should be used in places where a cluster is created.

type GCPClusterVariables added in v2.3.0 

type GCPClusterVariables struct {
	// Name of the cluster.
	Name string `hcl:"name" cty:"name"`
	// Project is the ID of the GCP project to use.
	Project string `hcl:"project" cty:"project"`
	// Region is the GCP region to use.
	Region string `hcl:"region" cty:"region"`
	// Zone is the GCP zone to use.
	Zone string `hcl:"zone" cty:"zone"`
	// ImageID is the ID of the GCP image to use.
	ImageID string `hcl:"image_id" cty:"image_id"`
	// Debug is true if debug mode is enabled.
	Debug bool `hcl:"debug" cty:"debug"`
	// NodeGroups is a map of node groups to create.
	NodeGroups map[string]GCPNodeGroup `hcl:"node_groups" cty:"node_groups"`
	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
	// InternalLoadBalancer is true if an internal load balancer should be created.
	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
}

GCPClusterVariables is user configuration for creating resources with Terraform on GCP.

func (*GCPClusterVariables) GetCreateMAA added in v2.10.0 

func (g *GCPClusterVariables) GetCreateMAA() bool

GetCreateMAA gets the CreateMAA variable. TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.

func (*GCPClusterVariables) String added in v2.3.0 

func (g *GCPClusterVariables) String() string

String returns a string representation of the variables, formatted as Terraform variables.

type GCPIAMOutput added in v2.3.0 

type GCPIAMOutput struct {
	SaKey string
}

GCPIAMOutput contains the output information of the Terraform IAM operation on GCP.

type GCPIAMVariables added in v2.3.0 

type GCPIAMVariables struct {
	// Project is the ID of the GCP project to use.
	Project string `hcl:"project_id" cty:"project_id"`
	// Region is the GCP region to use.
	Region string `hcl:"region" cty:"region"`
	// Zone is the GCP zone to use.
	Zone string `hcl:"zone" cty:"zone"`
	// ServiceAccountID is the ID of the service account to use.
	ServiceAccountID string `hcl:"service_account_id" cty:"service_account_id"`
}

GCPIAMVariables is user configuration for creating the IAM confioguration with Terraform on GCP.

func (*GCPIAMVariables) String added in v2.3.0 

func (v *GCPIAMVariables) String() string

String returns a string representation of the IAM-specific variables, formatted as Terraform variables.

type GCPNodeGroup added in v2.9.0 

type GCPNodeGroup struct {
	// Role is the role of the node group.
	Role string `hcl:"role" cty:"role"`
	// StateDiskSizeGB is the size of the state disk to allocate to each node, in GB.
	StateDiskSizeGB int `hcl:"disk_size" cty:"disk_size"`
	// InitialCount is the initial number of nodes to create in the node group.
	// During upgrades this value ignored.
	InitialCount int    `hcl:"initial_count" cty:"initial_count"`
	Zone         string `hcl:"zone" cty:"zone"`
	InstanceType string `hcl:"instance_type" cty:"instance_type"`
	DiskType     string `hcl:"disk_type" cty:"disk_type"`
}

GCPNodeGroup is a node group to create on GCP.

type IAMOutput added in v2.3.0 

type IAMOutput struct {
	GCP   GCPIAMOutput
	Azure AzureIAMOutput
	AWS   AWSIAMOutput
}

IAMOutput contains the output information of the Terraform IAM operations.

type LogLevel added in v2.8.0 

type LogLevel int

LogLevel is a Terraform log level. As per https://developer.hashicorp.com/terraform/internals/debugging 

const (
	// LogLevelNone represents a log level that does not produce any output.
	LogLevelNone LogLevel = iota
	// LogLevelError enables log output at ERROR level.
	LogLevelError
	// LogLevelWarn enables log output at WARN level.
	LogLevelWarn
	// LogLevelInfo enables log output at INFO level.
	LogLevelInfo
	// LogLevelDebug enables log output at DEBUG level.
	LogLevelDebug
	// LogLevelTrace enables log output at TRACE level.
	LogLevelTrace
	// LogLevelJSON enables log output at TRACE level in JSON format.
	LogLevelJSON
)

func ParseLogLevel added in v2.8.0 

func ParseLogLevel(level string) (LogLevel, error)

ParseLogLevel parses a log level string into a Terraform log level.

func (LogLevel) String added in v2.8.0 

func (l LogLevel) String() string

String returns the string representation of a Terraform log level.

type OpenStackClusterVariables added in v2.6.0 

type OpenStackClusterVariables struct {
	// Name of the cluster.
	Name string `hcl:"name" cty:"name"`
	// NodeGroups is a map of node groups to create.
	NodeGroups map[string]OpenStackNodeGroup `hcl:"node_groups" cty:"node_groups"`
	// Cloud is the (optional) name of the OpenStack cloud to use when reading the "clouds.yaml" configuration file. If empty, environment variables are used.
	Cloud *string `hcl:"cloud" cty:"cloud"`
	// FloatingIPPoolID is the ID of the OpenStack floating IP pool to use for public IPs.
	FloatingIPPoolID string `hcl:"floating_ip_pool_id" cty:"floating_ip_pool_id"`
	// ImageURL is the URL of the OpenStack image to use.
	ImageURL string `hcl:"image_url" cty:"image_url"`
	// DirectDownload decides whether to download the image directly from the URL to OpenStack or to upload it from the local machine.
	DirectDownload bool `hcl:"direct_download" cty:"direct_download"`
	// OpenstackUserDomainName is the OpenStack user domain name to use.
	OpenstackUserDomainName string `hcl:"openstack_user_domain_name" cty:"openstack_user_domain_name"`
	// OpenstackUsername is the OpenStack user name to use.
	OpenstackUsername string `hcl:"openstack_username" cty:"openstack_username"`
	// OpenstackPassword is the OpenStack password to use.
	OpenstackPassword string `hcl:"openstack_password" cty:"openstack_password"`
	// Debug is true if debug mode is enabled.
	Debug bool `hcl:"debug" cty:"debug"`
	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
	// InternalLoadBalancer is true if an internal load balancer should be created.
	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
}

OpenStackClusterVariables is user configuration for creating a cluster with Terraform on OpenStack.

func (*OpenStackClusterVariables) GetCreateMAA added in v2.10.0 

func (o *OpenStackClusterVariables) GetCreateMAA() bool

GetCreateMAA gets the CreateMAA variable. TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.

func (*OpenStackClusterVariables) String added in v2.6.0 

func (o *OpenStackClusterVariables) String() string

String returns a string representation of the variables, formatted as Terraform variables.

type OpenStackNodeGroup added in v2.9.0 

type OpenStackNodeGroup struct {
	// Role is the role of the node group.
	Role string `hcl:"role" cty:"role"`
	// InitialCount is the number of instances to create.
	// InitialCount is optional for upgrades. OpenStack does not support upgrades yet but might in the future.
	InitialCount int `hcl:"initial_count" cty:"initial_count"`
	// Flavor is the ID of the OpenStack flavor (machine type) to use.
	FlavorID string `hcl:"flavor_id" cty:"flavor_id"`
	// Zone is the OpenStack availability zone to use.
	Zone string `hcl:"zone" cty:"zone"`
	// StateDiskType is the OpenStack disk type to use for the state disk.
	StateDiskType string `hcl:"state_disk_type" cty:"state_disk_type"`
	// StateDiskSizeGB is the size of the state disk to allocate to each node, in GB.
	StateDiskSizeGB int `hcl:"state_disk_size" cty:"state_disk_size"`
}

OpenStackNodeGroup is a node group to create on OpenStack.

type QEMUNodeGroup added in v2.9.0 

type QEMUNodeGroup struct {
	// Role is the role of the node group.
	Role string `hcl:"role" cty:"role"`
	// InitialCount is the number of instances to create.
	// InitialCount is optional for upgrades.
	// Upgrades are not implemented for QEMU. The type is similar to other NodeGroup types for consistency.
	InitialCount int `hcl:"initial_count" cty:"initial_count"`
	// DiskSize is the size of the disk to allocate to each node, in GiB.
	DiskSize int `hcl:"disk_size" cty:"disk_size"`
	// CPUCount is the number of CPUs to allocate to each node.
	CPUCount int `hcl:"vcpus" cty:"vcpus"`
	// MemorySize is the amount of memory to allocate to each node, in MiB.
	MemorySize int `hcl:"memory" cty:"memory"`
}

QEMUNodeGroup is a node group for a QEMU cluster.

type QEMUVariables 

type QEMUVariables struct {
	// Name is the name to use for the cluster.
	Name string `hcl:"name" cty:"name"`
	// NodeGroups is a map of node groups to create.
	NodeGroups map[string]QEMUNodeGroup `hcl:"node_groups" cty:"node_groups"`
	// Machine is the type of machine to use.  use 'q35' for secure boot and 'pc' for non secure boot. See 'qemu-system-x86_64 -machine help'
	Machine string `hcl:"machine" cty:"machine"`
	// LibvirtURI is the libvirt connection URI.
	LibvirtURI string `hcl:"libvirt_uri" cty:"libvirt_uri"`
	// LibvirtSocketPath is the path to the libvirt socket in case of unix socket.
	LibvirtSocketPath string `hcl:"libvirt_socket_path" cty:"libvirt_socket_path"`
	// BootMode is the boot mode to use.
	// Can be either "uefi" or "direct-linux-boot".
	BootMode string `hcl:"constellation_boot_mode" cty:"constellation_boot_mode"`
	// ImagePath is the path to the image to use for the nodes.
	ImagePath string `hcl:"constellation_os_image" cty:"constellation_os_image"`
	// ImageFormat is the format of the image from ImagePath.
	ImageFormat string `hcl:"image_format" cty:"image_format"`
	// MetadataAPIImage is the container image to use for the metadata API.
	MetadataAPIImage string `hcl:"metadata_api_image" cty:"metadata_api_image"`
	// MetadataLibvirtURI is the libvirt connection URI used by the metadata container.
	// In case of unix socket, this should be "qemu:///system".
	// Other wise it should be the same as LibvirtURI.
	MetadataLibvirtURI string `hcl:"metadata_libvirt_uri" cty:"metadata_libvirt_uri"`
	// NVRAM is the path to the NVRAM template.
	NVRAM string `hcl:"nvram" cty:"nvram"`
	// Firmware is the path to the firmware.
	Firmware *string `hcl:"firmware" cty:"firmware"`
	// BzImagePath is the path to the bzImage (kernel).
	BzImagePath *string `hcl:"constellation_kernel" cty:"constellation_kernel"`
	// InitrdPath is the path to the initrd.
	InitrdPath *string `hcl:"constellation_initrd" cty:"constellation_initrd"`
	// KernelCmdline is the kernel command line.
	KernelCmdline *string `hcl:"constellation_cmdline" cty:"constellation_cmdline"`
	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
	// InternalLoadBalancer is true if an internal load balancer should be created.
	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
}

QEMUVariables is user configuration for creating a QEMU cluster with Terraform.

func (*QEMUVariables) GetCreateMAA added in v2.10.0 

func (q *QEMUVariables) GetCreateMAA() bool

GetCreateMAA gets the CreateMAA variable. TODO(derpsteb): Rename this function once we have introduced an interface for config.Config.

func (*QEMUVariables) String 

func (q *QEMUVariables) String() string

String returns a string representation of the variables, formatted as Terraform variables.

type StateMigration added in v2.9.0 

type StateMigration struct {
	DisplayName string
	Hook        func(ctx context.Context, tfClient TFMigrator) error
}

StateMigration is a manual state migration that is not handled by Terraform due to missing features.

type TFMigrator added in v2.9.0 

type TFMigrator interface {
	StateMv(ctx context.Context, src, dst string, opts ...tfexec.StateMvCmdOption) error
}

TFMigrator is an interface for manual terraform state migrations (terraform state mv).

type Variables 

type Variables interface {
	fmt.Stringer
}

Variables is a struct that holds all variables that are passed to Terraform.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.