fixup! move

edgelesssys · Oct 25, 2023 · 7f840b0 · 7f840b0
1 parent e5fae8c
commit 7f840b0
Show file tree

Hide file tree

Showing 86 changed files with 523 additions and 94 deletions.
diff --git a/cli/internal/terraform/BUILD.bazel b/cli/internal/terraform/BUILD.bazel
@@ -9,96 +9,14 @@ go_library(
         "terraform.go",
         "variables.go",
     ],
-    embedsrcs = [
-        "terraform/aws/.terraform.lock.hcl",
-        "terraform/aws/main.tf",
-        "terraform/aws/modules/instance_group/main.tf",
-        "terraform/aws/modules/instance_group/variables.tf",
-        "terraform/aws/modules/load_balancer_target/main.tf",
-        "terraform/aws/modules/load_balancer_target/output.tf",
-        "terraform/aws/modules/load_balancer_target/variables.tf",
-        "terraform/aws/modules/public_private_subnet/main.tf",
-        "terraform/aws/modules/public_private_subnet/output.tf",
-        "terraform/aws/modules/public_private_subnet/variables.tf",
-        "terraform/aws/outputs.tf",
-        "terraform/aws/variables.tf",
-        "terraform/azure/.terraform.lock.hcl",
-        "terraform/azure/main.tf",
-        "terraform/azure/modules/load_balancer_backend/main.tf",
-        "terraform/azure/modules/load_balancer_backend/outputs.tf",
-        "terraform/azure/modules/load_balancer_backend/variables.tf",
-        "terraform/azure/modules/scale_set/main.tf",
-        "terraform/azure/modules/scale_set/variables.tf",
-        "terraform/azure/outputs.tf",
-        "terraform/azure/variables.tf",
-        "terraform/gcp/.terraform.lock.hcl",
-        "terraform/gcp/main.tf",
-        "terraform/gcp/modules/instance_group/main.tf",
-        "terraform/gcp/modules/instance_group/outputs.tf",
-        "terraform/gcp/modules/instance_group/variables.tf",
-        "terraform/gcp/modules/loadbalancer/main.tf",
-        "terraform/gcp/modules/loadbalancer/variables.tf",
-        "terraform/gcp/outputs.tf",
-        "terraform/gcp/variables.tf",
-        "terraform/iam/aws/README.md",
-        "terraform/iam/aws/main.tf",
-        "terraform/iam/aws/outputs.tf",
-        "terraform/iam/aws/variables.tf",
-        "terraform/iam/azure/README.md",
-        "terraform/iam/azure/main.tf",
-        "terraform/iam/azure/outputs.tf",
-        "terraform/iam/azure/variables.tf",
-        "terraform/iam/gcp/README.md",
-        "terraform/iam/gcp/main.tf",
-        "terraform/iam/gcp/outputs.tf",
-        "terraform/iam/gcp/variables.tf",
-        "terraform/qemu/.terraform.lock.hcl",
-        "terraform/qemu/main.tf",
-        "terraform/qemu/modules/instance_group/domain.xsl",
-        "terraform/qemu/modules/instance_group/main.tf",
-        "terraform/qemu/modules/instance_group/outputs.tf",
-        "terraform/qemu/modules/instance_group/variables.tf",
-        "terraform/qemu/outputs.tf",
-        "terraform/qemu/variables.tf",
-        "terraform/openstack/.terraform.lock.hcl",
-        "terraform/openstack/main.tf",
-        "terraform/openstack/modules/instance_group/main.tf",
-        "terraform/openstack/modules/instance_group/outputs.tf",
-        "terraform/openstack/modules/instance_group/variables.tf",
-        "terraform/openstack/modules/loadbalancer/main.tf",
-        "terraform/openstack/modules/loadbalancer/variables.tf",
-        "terraform/openstack/outputs.tf",
-        "terraform/openstack/variables.tf",
-        "terraform/qemu/modules/instance_group/tdx_domain.xsl",
-        "terraform/iam/aws/.terraform.lock.hcl",
-        "terraform/iam/azure/.terraform.lock.hcl",
-        "terraform/iam/gcp/.terraform.lock.hcl",
-        "terraform/gcp/modules/internal_load_balancer/main.tf",
-        "terraform/gcp/modules/internal_load_balancer/variables.tf",
-        "terraform/gcp/modules/jump_host/main.tf",
-        "terraform/gcp/modules/jump_host/outputs.tf",
-        "terraform/gcp/modules/jump_host/variables.tf",
-        "terraform/aws/modules/jump_host/main.tf",
-        "terraform/aws/modules/jump_host/output.tf",
-        "terraform/aws/modules/jump_host/variables.tf",
-        "terraform/azure/modules/jump_host/main.tf",
-        "terraform/azure/modules/jump_host/variables.tf",
-        "terraform/azure/modules/jump_host/outputs.tf",
-        "terraform/constellation-cluster/.terraform.lock.hcl",
-        "terraform/constellation-cluster/install-constellation.sh",
-        "terraform/constellation-cluster/main.tf",
-        "terraform/constellation-cluster/variables.tf",
-        "terraform/aws-constellation/.terraform.lock.hcl",
-        "terraform/aws-constellation/main.tf",
-        "terraform/aws-constellation/variables.tf",
-    ],
     importpath = "github.com/edgelesssys/constellation/v2/cli/internal/terraform",
     visibility = ["//cli:__subpackages__"],
     deps = [
         "//cli/internal/state",
         "//internal/cloud/cloudprovider",
         "//internal/constants",
         "//internal/file",
+        "//terraform",
         "@com_github_hashicorp_go_version//:go-version",
         "@com_github_hashicorp_hc_install//:hc-install",
         "@com_github_hashicorp_hc_install//fs",

diff --git a/cli/internal/terraform/loader.go b/cli/internal/terraform/loader.go
@@ -8,26 +8,22 @@ package terraform
 
 import (
 	"bytes"
-	"embed"
 	"errors"
 	"fmt"
 	"io/fs"
 	slashpath "path"
 	"path/filepath"
 	"strings"
 
+	"github.com/edgelesssys/constellation/v2/terraform"
+
 	"github.com/edgelesssys/constellation/v2/internal/file"
 	"github.com/spf13/afero"
 )
 
 // ErrTerraformWorkspaceDifferentFiles is returned when a re-used existing Terraform workspace has different files than the ones to be extracted (e.g. due to a version mix-up or incomplete writes).
 var ErrTerraformWorkspaceDifferentFiles = errors.New("creating cluster: trying to overwrite an existing Terraform file with a different version")
 
-//go:embed terraform/*
-//go:embed terraform/*/.terraform.lock.hcl
-//go:embed terraform/iam/*/.terraform.lock.hcl
-var terraformFS embed.FS
-
 const (
 	noOverwrites overwritePolicy = iota
 	allowOverwrites
@@ -59,7 +55,7 @@ func prepareUpgradeWorkspace(rootDir string, fileHandler file.Handler, workingDi
 // allowOverwrites allows overwriting existing files in the workspace.
 func terraformCopier(fileHandler file.Handler, rootDir, workingDir string, overwritePolicy overwritePolicy) error {
 	goEmbedRootDir := filepath.ToSlash(rootDir)
-	return fs.WalkDir(terraformFS, goEmbedRootDir, func(path string, d fs.DirEntry, err error) error {
+	return fs.WalkDir(terraform.Assets, goEmbedRootDir, func(path string, d fs.DirEntry, err error) error {
 		if err != nil {
 			return err
 		}
@@ -68,7 +64,7 @@ func terraformCopier(fileHandler file.Handler, rootDir, workingDir string, overw
 		}
 
 		goEmbedPath := filepath.ToSlash(path)
-		content, err := terraformFS.ReadFile(goEmbedPath)
+		content, err := terraform.Assets.ReadFile(goEmbedPath)
 		if err != nil {
 			return err
 		}

diff --git a/terraform/BUILD.bazel b/terraform/BUILD.bazel
@@ -0,0 +1,91 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "terraform",
+    srcs = ["assets.go"],
+    embedsrcs = [
+        "terraform/aws-constellation/.terraform.lock.hcl",
+        "terraform/aws-constellation/main.tf",
+        "terraform/aws-constellation/variables.tf",
+        "terraform/aws/.terraform.lock.hcl",
+        "terraform/aws/main.tf",
+        "terraform/aws/modules/instance_group/main.tf",
+        "terraform/aws/modules/instance_group/variables.tf",
+        "terraform/aws/modules/jump_host/main.tf",
+        "terraform/aws/modules/jump_host/output.tf",
+        "terraform/aws/modules/jump_host/variables.tf",
+        "terraform/aws/modules/load_balancer_target/main.tf",
+        "terraform/aws/modules/load_balancer_target/output.tf",
+        "terraform/aws/modules/load_balancer_target/variables.tf",
+        "terraform/aws/modules/public_private_subnet/main.tf",
+        "terraform/aws/modules/public_private_subnet/output.tf",
+        "terraform/aws/modules/public_private_subnet/variables.tf",
+        "terraform/aws/outputs.tf",
+        "terraform/aws/variables.tf",
+        "terraform/azure/.terraform.lock.hcl",
+        "terraform/azure/main.tf",
+        "terraform/azure/modules/jump_host/main.tf",
+        "terraform/azure/modules/jump_host/outputs.tf",
+        "terraform/azure/modules/jump_host/variables.tf",
+        "terraform/azure/modules/load_balancer_backend/main.tf",
+        "terraform/azure/modules/load_balancer_backend/outputs.tf",
+        "terraform/azure/modules/load_balancer_backend/variables.tf",
+        "terraform/azure/modules/scale_set/main.tf",
+        "terraform/azure/modules/scale_set/variables.tf",
+        "terraform/azure/outputs.tf",
+        "terraform/azure/variables.tf",
+        "terraform/constellation-cluster/.terraform.lock.hcl",
+        "terraform/constellation-cluster/install-constellation.sh",
+        "terraform/constellation-cluster/main.tf",
+        "terraform/constellation-cluster/variables.tf",
+        "terraform/gcp/.terraform.lock.hcl",
+        "terraform/gcp/main.tf",
+        "terraform/gcp/modules/instance_group/main.tf",
+        "terraform/gcp/modules/instance_group/outputs.tf",
+        "terraform/gcp/modules/instance_group/variables.tf",
+        "terraform/gcp/modules/internal_load_balancer/main.tf",
+        "terraform/gcp/modules/internal_load_balancer/variables.tf",
+        "terraform/gcp/modules/jump_host/main.tf",
+        "terraform/gcp/modules/jump_host/outputs.tf",
+        "terraform/gcp/modules/jump_host/variables.tf",
+        "terraform/gcp/modules/loadbalancer/main.tf",
+        "terraform/gcp/modules/loadbalancer/variables.tf",
+        "terraform/gcp/outputs.tf",
+        "terraform/gcp/variables.tf",
+        "terraform/iam/aws/.terraform.lock.hcl",
+        "terraform/iam/aws/README.md",
+        "terraform/iam/aws/main.tf",
+        "terraform/iam/aws/outputs.tf",
+        "terraform/iam/aws/variables.tf",
+        "terraform/iam/azure/.terraform.lock.hcl",
+        "terraform/iam/azure/README.md",
+        "terraform/iam/azure/main.tf",
+        "terraform/iam/azure/outputs.tf",
+        "terraform/iam/azure/variables.tf",
+        "terraform/iam/gcp/.terraform.lock.hcl",
+        "terraform/iam/gcp/README.md",
+        "terraform/iam/gcp/main.tf",
+        "terraform/iam/gcp/outputs.tf",
+        "terraform/iam/gcp/variables.tf",
+        "terraform/openstack/.terraform.lock.hcl",
+        "terraform/openstack/main.tf",
+        "terraform/openstack/modules/instance_group/main.tf",
+        "terraform/openstack/modules/instance_group/outputs.tf",
+        "terraform/openstack/modules/instance_group/variables.tf",
+        "terraform/openstack/modules/loadbalancer/main.tf",
+        "terraform/openstack/modules/loadbalancer/variables.tf",
+        "terraform/openstack/outputs.tf",
+        "terraform/openstack/variables.tf",
+        "terraform/qemu/.terraform.lock.hcl",
+        "terraform/qemu/main.tf",
+        "terraform/qemu/modules/instance_group/domain.xsl",
+        "terraform/qemu/modules/instance_group/main.tf",
+        "terraform/qemu/modules/instance_group/outputs.tf",
+        "terraform/qemu/modules/instance_group/tdx_domain.xsl",
+        "terraform/qemu/modules/instance_group/variables.tf",
+        "terraform/qemu/outputs.tf",
+        "terraform/qemu/variables.tf",
+    ],
+    importpath = "github.com/edgelesssys/constellation/v2/terraform",
+    visibility = ["//visibility:public"],
+)
diff --git a/terraform/assets.go b/terraform/assets.go
@@ -0,0 +1,16 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+package terraform
+
+import "embed"
+
+// Assets are the exported Terraform template files.
+//
+//go:embed terraform/*
+//go:embed terraform/*/.terraform.lock.hcl
+//go:embed terraform/iam/*/.terraform.lock.hcl
+var Assets embed.FS
diff --git a/terraform/aws-constellation/main.tf b/terraform/aws-constellation/main.tf
@@ -32,8 +32,8 @@ module "constellation" {
   initSecretHash                     = module.aws.initSecret
   apiServerCertSANs                  = module.aws.api_server_cert_sans
   iam_instance_profile_control_plane = module.aws_iam.control_plane_instance_profile # TODO CSP specific
-  iam_instance_profile_worker_nodes  = module.aws_iam.worker_nodes_instance_profile # TODO CSP specific
-  region                             = var.region # TODO CSP specific
-  zone                               = var.zone # TODO CSP specific
+  iam_instance_profile_worker_nodes  = module.aws_iam.worker_nodes_instance_profile  # TODO CSP specific
+  region                             = var.region                                    # TODO CSP specific
+  zone                               = var.zone                                      # TODO CSP specific
   node_groups                        = var.node_groups
 }
diff --git a/terraform/terraform/aws-constellation/.terraform.lock.hcl b/terraform/terraform/aws-constellation/.terraform.lock.hcl
diff --git a/terraform/terraform/aws-constellation/main.tf b/terraform/terraform/aws-constellation/main.tf
@@ -0,0 +1,39 @@
+module "aws_iam" {
+  source      = "../iam/aws"
+  name_prefix = var.name_prefix
+  region      = var.region
+}
+
+
+module "aws" {
+  source                             = "../aws"
+  name                               = var.name
+  node_groups                        = var.node_groups
+  iam_instance_profile_worker_nodes  = module.aws_iam.worker_nodes_instance_profile
+  iam_instance_profile_control_plane = module.aws_iam.control_plane_instance_profile
+  ami                                = var.ami
+  region                             = var.region
+  zone                               = var.zone
+  debug                              = var.debug
+  enable_snp                         = var.enable_snp
+  custom_endpoint                    = var.custom_endpoint
+}
+
+module "constellation" {
+  source                             = "../constellation-cluster"
+  csp                                = "aws"
+  name                               = var.name
+  image                              = var.image
+  microservice_version               = var.microservice_version
+  kubernetes_version                 = var.kubernetes_version
+  uid                                = module.aws.uid
+  clusterEndpoint                    = module.aws.out_of_cluster_endpoint
+  inClusterEndpoint                  = module.aws.in_cluster_endpoint
+  initSecretHash                     = module.aws.initSecret
+  apiServerCertSANs                  = module.aws.api_server_cert_sans
+  iam_instance_profile_control_plane = module.aws_iam.control_plane_instance_profile # TODO CSP specific
+  iam_instance_profile_worker_nodes  = module.aws_iam.worker_nodes_instance_profile # TODO CSP specific
+  region                             = var.region # TODO CSP specific
+  zone                               = var.zone # TODO CSP specific
+  node_groups                        = var.node_groups
+}