diff --git a/locals.tf b/locals.tf new file mode 100644 index 0000000..796adbb --- /dev/null +++ b/locals.tf @@ -0,0 +1,26 @@ + +locals { + scm_providers = { + github = { + provider = "github" + http_url = "https://github.com" + api_url = "https://api.github.com" + } + gitlab = { + provider = "gitlab_hosted" + http_url = "https://gitlab.com" + api_url = "https://gitlab.com/api/v4" + } + bitbucket = { + provider = "bitbucket_hosted" + http_url = "https://bitbucket.org" + api_url = "https://api.bitbucket.org/2.0" + } + } + + # check to see if token is actually SCM token or TFC token ID + create_oauth_client = substr(var.git_token, 0, 3) != "ot-" + + # if token is TFC token ID then resource should not be created and provided token should be used + oauth_token_id = local.create_oauth_client ? tfe_oauth_client.this[0].oauth_token_id : var.git_token +} diff --git a/oauth-client.tf b/oauth-client.tf index 32999a6..75ab6b1 100644 --- a/oauth-client.tf +++ b/oauth-client.tf @@ -1,5 +1,7 @@ # for oauth_token_id generation resource "tfe_oauth_client" "this" { + count = local.create_oauth_client ? 1 : 0 + name = "git-oauth-client" organization = var.org # this one is terraform cloud organisation service_provider = local.scm_providers[var.git_provider].provider diff --git a/tests/basic/1-example.tf b/tests/basic/1-example.tf index c4b260d..13c7b94 100644 --- a/tests/basic/1-example.tf +++ b/tests/basic/1-example.tf @@ -1,8 +1,11 @@ +variable "tfc_token" {} +variable "git_token" {} + module "basic" { source = "../.." org = "dasmeta-testing" - token = "ojODA5TvvwpL1A.atlasv1.6ifl0D5Q3zaonS3GPc5aXSLo4HWxCScaXf3u0sSVy4Eb4I62HAcs75W9l4EO9iBkFyE" + token = var.tfc_token rootdir = "_terraform" targetdir = "_terraform" @@ -11,7 +14,7 @@ module "basic" { git_provider = "github" git_org = "dasmeta-testing" git_repo = "test-infrastructure" - git_token = "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" + git_token = var.git_token aws = { access_key_id = "" diff --git a/tests/basic/_terraform/component-1/README.md b/tests/basic/_terraform/component-1/README.md deleted file mode 100755 index 522622f..0000000 --- a/tests/basic/_terraform/component-1/README.md +++ /dev/null @@ -1,46 +0,0 @@ -#### This folder content has been generated from by using special terraform code generator module. It is supposed not direct/manual change should be go into files in this folder if there is no special need(like when one debugging) or making hotfix. Please follow the flow/format and instruction on how to manage this content using configuration files (most possible it is .yaml file in root of repo) and corresponding CI/CD action(or terraform generator code next to .yaml file) - -#### the module can be found here https://github.com/dasmeta/terraform-tfe-cloud - - -```txt -tf cloud workspace name: component-1 -tf module source: dasmeta/account/aws -tf_module version: 1.2.2 -``` - -## Requirements - -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | >= 1.3.0 | -| [aws](#requirement\_aws) | ~> 4.0 | - -## Providers - -| Name | Version | -|------|---------| -| [tfe](#provider\_tfe) | n/a | - -## Modules - -| Name | Source | Version | -|------|--------|---------| -| [this](#module\_this) | dasmeta/account/aws | 1.2.2 | - -## Resources - -| Name | Type | -|------|------| -| [tfe_outputs.this](https://registry.terraform.io/providers/hashicorp/tfe/latest/docs/data-sources/outputs) | data source | - -## Inputs - -No inputs. - -## Outputs - -| Name | Description | -|------|-------------| -| [results](#output\_results) | n/a | - diff --git a/tests/basic/_terraform/component-1/main.tf b/tests/basic/_terraform/component-1/main.tf deleted file mode 100755 index 427f7d9..0000000 --- a/tests/basic/_terraform/component-1/main.tf +++ /dev/null @@ -1,19 +0,0 @@ -## This file and its content are generated based on config, pleas check README.md for more details - -module "this" { - source = "dasmeta/account/aws" - version = "1.2.2" - - alarm_actions = {"enabled":true,"slack_webhooks":[{"channel":"test-monitoring","hook_url":"${0-account/secret-reader.secrets.MONITORING_SLACK_HOOK_URL}","username":"reporter"}],"web_endpoints":["${0-account/secret-reader.secrets.MONITORING_OPSGENIE_HOOK_URL_HIGH}"]} - alarm_actions_virginia = {"enabled":true,"slack_webhooks":[{"channel":"test-monitoring","hook_url":"${0-account/secret-reader.secrets.MONITORING_SLACK_HOOK_URL}","username":"reporter2"}],"web_endpoints":["${0-account/secret-reader.secrets.MONITORING_OPSGENIE_HOOK_URL_HIGH}"]} - secrets = {"enabled":true,"values":{}} - providers = {"aws":"aws","aws.virginia":"aws.virginia"} -} - - -data "tfe_outputs" "this" { - for_each = { for workspace in ["0-account/root/secret-reader"] : workspace => workspace } - - organization = "dasmeta-testing" - workspace = replace(each.value, "/[^a-zA-Z0-9_-]+/", "_") -} diff --git a/tests/basic/_terraform/component-1/outputs.tf b/tests/basic/_terraform/component-1/outputs.tf deleted file mode 100755 index beeab86..0000000 --- a/tests/basic/_terraform/component-1/outputs.tf +++ /dev/null @@ -1,6 +0,0 @@ -## This file and its content are generated based on config, pleas check README.md for more details - -output "results" { - value = module.this - -} diff --git a/tests/basic/_terraform/component-1/providers.tf b/tests/basic/_terraform/component-1/providers.tf deleted file mode 100755 index fe3cf1b..0000000 --- a/tests/basic/_terraform/component-1/providers.tf +++ /dev/null @@ -1,24 +0,0 @@ -## This file and its content are generated based on config, pleas check README.md for more details - -provider "aws" { - - - region = "eu-central-1" - - - default_tags { - - tags = {"Account":"test","AppliedFrom":"terraform-cloud","ManageLevel":"account","ManagedBy":"terraform","TerraformCloudWorkspace":"component-1","TerraformModuleSource":"dasmeta/account/aws","TerraformModuleVersion":"1.2.2"} - } -} -provider "aws" { - alias = "virginia" - - region = "us-east-1" - - - default_tags { - - tags = {"Account":"test","AppliedFrom":"terraform-cloud","Environment":"stage","ManageLevel":"product","ManagedBy":"terraform","Product":"test","TerraformCloudWorkspace":"component-1","TerraformModuleSource":"dasmeta/account/aws","TerraformModuleVersion":"1.2.2"} - } -} diff --git a/tests/basic/_terraform/component-1/versions.tf b/tests/basic/_terraform/component-1/versions.tf deleted file mode 100755 index e48e012..0000000 --- a/tests/basic/_terraform/component-1/versions.tf +++ /dev/null @@ -1,23 +0,0 @@ -## This file and its content are generated based on config, pleas check README.md for more details - -terraform { - cloud { - organization = "dasmeta-testing" - - workspaces { - name = "component-1" - } - } - - required_providers { - - aws = { - source = "hashicorp/aws" - version = "~> 4.0" - configuration_aliases = [aws.virginia] - } - - } - - required_version = ">= 1.3.0" -} diff --git a/tests/bitbucket/0-setup.tf b/tests/bitbucket/0-setup.tf new file mode 100644 index 0000000..49f74c6 --- /dev/null +++ b/tests/bitbucket/0-setup.tf @@ -0,0 +1,8 @@ +terraform { + cloud { + organization = "dasmeta-testing" + workspaces { + name = "terraform-tfe-cloud-test" + } + } +} diff --git a/tests/bitbucket/1-example.tf b/tests/bitbucket/1-example.tf new file mode 100644 index 0000000..d537724 --- /dev/null +++ b/tests/bitbucket/1-example.tf @@ -0,0 +1,24 @@ +variable "tfc_token" {} +variable "git_token" {} + +module "basic" { + source = "../.." + + org = "dasmeta-testing" + token = var.tfc_token + + rootdir = "_terraform" + targetdir = "_terraform" + yamldir = "." + + git_provider = "bitbucket" + git_org = "dasmeta-testing" + git_repo = "test-infrastructure" + git_token = var.git_token + + aws = { + access_key_id = "" + secret_access_key = "" + default_region = "" + } +} diff --git a/tests/bitbucket/empty.yaml b/tests/bitbucket/empty.yaml new file mode 100644 index 0000000..3691bba --- /dev/null +++ b/tests/bitbucket/empty.yaml @@ -0,0 +1,2 @@ +source: dasmeta/null/empty +version: 1.0.1 diff --git a/variables.tf b/variables.tf index 13776d1..bf9f65b 100644 --- a/variables.tf +++ b/variables.tf @@ -33,21 +33,6 @@ variable "rootdir" { } # SCM -locals { - scm_providers = { - github = { - http_url = "https://github.com" - api_url = "https://api.github.com" - provider = "github" - } - gitlab = { - http_url = "https://gitlab.com" - api_url = "https://gitlab.com/api/v4" - provider = "gitlab_hosted" - } - } -} - variable "git_provider" { type = string default = "gitlab" @@ -64,7 +49,7 @@ variable "git_repo" { } variable "git_token" { type = string - description = "The vsc(github, gitlab, ...) personal access token" + description = "The vsc(github, gitlab, ...) personal access token. TFC oauth token can be created manually or externally and oken supplied via this variable." } # Cloud Access (goes to shared variable set, should be adjusted) diff --git a/workspaces.tf b/workspaces.tf index cbff30e..637c275 100644 --- a/workspaces.tf +++ b/workspaces.tf @@ -34,7 +34,7 @@ module "workspaces" { repo = { identifier = "${var.git_org}/${var.git_repo}" - oauth_token_id = tfe_oauth_client.this.oauth_token_id + oauth_token_id = local.oauth_token_id } variable_set_ids = concat([module.aws_credentials_variable_set.id], try(each.value.variable_set_ids, []))