diff --git a/cli/internal/terraform/terraform/.terraform.lock.hcl b/cli/internal/terraform/terraform/.terraform.lock.hcl new file mode 100644 index 0000000000..ebdd23caa1 --- /dev/null +++ b/cli/internal/terraform/terraform/.terraform.lock.hcl @@ -0,0 +1,45 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.17.0" + constraints = "5.17.0" + hashes = [ + "h1:rplvK7UGP2FuzM44t2eRX+QYYPC0aUIoKdi5XayRI8M=", + "zh:0087b9dd2c9c638fd63e527e5b9b70988008e263d480a199f180efe5a4f070f0", + "zh:0fd532a4fd03ddef11f0502ff9fe4343443e1ae805cb088825a71d6d48906ec7", + "zh:16411e731100cd15f7e165f53c23be784b2c86c2fcfd34781e0642d17090d342", + "zh:251d520927e77f091e2ec6302e921d839a2430ac541c6a461aed7c08fb5eae12", + "zh:4919e69682dc2a8c32d44f6ebc038a52c9f40af9c61cb574b64e322800d6a794", + "zh:5334c60759d5f76bdc51355d1a3ebcc451d4d20f632f5c73b6e55c52b5dc9e52", + "zh:7341a2b7247572eba0d0486094a870b872967702ec0ac7af728c2df2c30af4e5", + "zh:81d1b1cb2cac6b3922a05adab69543b678f344a01debd54500263700dad7a288", + "zh:882bc8e15ef6d4020a07321ec4c056977c5c1d96934118032922561d29504d43", + "zh:8cd4871ef2b03fd916de1a6dc7eb8a81a354c421177d4334a2e3308e50215e41", + "zh:97e12fe6529b21298adf1046c5e20ac35d0569c836a6f385ff041e257e00cfd2", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9f5baf5d59b9f3cf5504d1fa975f10f27da3791896a9e18ece47c258bac17634", + "zh:dffafba6731ac1db1c540bdbd6a8c878486b71de9d0ca1d23c5c00a6c3c14d80", + "zh:fa7440c3c15a42fc5731444d324ced75407d417bfe3184661ae47d40a9718dce", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.5.1" + constraints = "3.5.1" + hashes = [ + "h1:IL9mSatmwov+e0+++YX2V6uel+dV6bn+fC/cnGDK3Ck=", + "zh:04e3fbd610cb52c1017d282531364b9c53ef72b6bc533acb2a90671957324a64", + "zh:119197103301ebaf7efb91df8f0b6e0dd31e6ff943d231af35ee1831c599188d", + "zh:4d2b219d09abf3b1bb4df93d399ed156cadd61f44ad3baf5cf2954df2fba0831", + "zh:6130bdde527587bbe2dcaa7150363e96dbc5250ea20154176d82bc69df5d4ce3", + "zh:6cc326cd4000f724d3086ee05587e7710f032f94fc9af35e96a386a1c6f2214f", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:b6d88e1d28cf2dfa24e9fdcc3efc77adcdc1c3c3b5c7ce503a423efbdd6de57b", + "zh:ba74c592622ecbcef9dc2a4d81ed321c4e44cddf7da799faa324da9bf52a22b2", + "zh:c7c5cde98fe4ef1143bd1b3ec5dc04baf0d4cc3ca2c5c7d40d17c0e9b2076865", + "zh:dac4bad52c940cd0dfc27893507c1e92393846b024c5a9db159a93c534a3da03", + "zh:de8febe2a2acd9ac454b844a4106ed295ae9520ef54dc8ed2faf29f12716b602", + "zh:eab0d0495e7e711cca367f7d4df6e322e6c562fc52151ec931176115b83ed014", + ] +} diff --git a/cli/internal/terraform/terraform/constellation-cluster/.terraform.lock.hcl b/cli/internal/terraform/terraform/constellation-cluster/.terraform.lock.hcl new file mode 100644 index 0000000000..3f44acc7d9 --- /dev/null +++ b/cli/internal/terraform/terraform/constellation-cluster/.terraform.lock.hcl @@ -0,0 +1,21 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.1" + hashes = [ + "h1:ydA0/SNRVB1o95btfshvYsmxA+jZFRZcvKzZSB+4S1M=", + "zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840", + "zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb", + "zh:63cff4de03af983175a7e37e52d4bd89d990be256b16b5c7f919aff5ad485aa5", + "zh:74cb22c6700e48486b7cabefa10b33b801dfcab56f1a6ac9b6624531f3d36ea3", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:79e553aff77f1cfa9012a2218b8238dd672ea5e1b2924775ac9ac24d2a75c238", + "zh:a1e06ddda0b5ac48f7e7c7d59e1ab5a4073bbcf876c73c0299e4610ed53859dc", + "zh:c37a97090f1a82222925d45d84483b2aa702ef7ab66532af6cbcfb567818b970", + "zh:e4453fbebf90c53ca3323a92e7ca0f9961427d2f0ce0d2b65523cc04d5d999c2", + "zh:e80a746921946d8b6761e77305b752ad188da60688cfd2059322875d363be5f5", + "zh:fbdb892d9822ed0e4cb60f2fedbdbb556e4da0d88d3b942ae963ed6ff091e48f", + "zh:fca01a623d90d0cad0843102f9b8b9fe0d3ff8244593bd817f126582b52dd694", + ] +} diff --git a/cli/internal/terraform/terraform/constellation-cluster/install-constellation.sh b/cli/internal/terraform/terraform/constellation-cluster/install-constellation.sh new file mode 100755 index 0000000000..36d9b1549c --- /dev/null +++ b/cli/internal/terraform/terraform/constellation-cluster/install-constellation.sh @@ -0,0 +1,31 @@ +#!/bin/bash +alias constellation="./constellation" +#if ! command -v constellation &> /dev/null +#then +# OS=$(uname -s) +# ARCH=$(uname -m) + +# URL="" + +# if [[ "$OS" = "Darwin" ]]; then +# if [[ "$ARCH" = "arm64" ]]; then +# URL="https://github.com/edgelesssys/constellation/releases/latest/download/constellation-darwin-arm64" +# elif [[ "$ARCH" = "x86_64" ]]; then +# URL="https://github.com/edgelesssys/constellation/releases/latest/download/constellation-darwin-amd64" +# fi +# elif [[ "$OS" = "Linux" ]]; then +# if [[ "$ARCH" = "x86_64" ]]; then +# URL="https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-amd64" +# elif [[ "$ARCH" = "arm64" ]]; then +# URL="https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-arm64" +# fi +# fi + +# if [ -z "$URL" ]; then +# echo "Unsupported OS or architecture" +# exit 1 +# else +# curl -o constellation -LO $URL +# sudo install constellation /usr/local/bin/constellation +# fi +#fi diff --git a/cli/internal/terraform/terraform/constellation-cluster/main.tf b/cli/internal/terraform/terraform/constellation-cluster/main.tf new file mode 100644 index 0000000000..ba42285f4a --- /dev/null +++ b/cli/internal/terraform/terraform/constellation-cluster/main.tf @@ -0,0 +1,56 @@ +resource "terraform_data" "ensure_cli" { + provisioner "local-exec" { + command = "${path.module}/install-constellation.sh" + } +} +# TODO ensure yq dependency + +resource "terraform_data" "prepare_config" { + #} // TODO only once + provisioner "local-exec" { + command = < 4 && substr(var.ami, 0, 4) == "ami-" + error_message = "The image_id value must be a valid AMI id, starting with \"ami-\"." + } + default = "ami-05f952f58bc859371" // TODO +} + +variable "region" { + type = string + description = "The AWS region to create the cluster in" +} + +variable "zone" { + type = string + description = "The AWS availability zone name to create the cluster in" +} + +variable "debug" { + type = bool + default = false + description = "Enable debug mode. This opens up a debugd port that can be used to deploy a custom bootstrapper." +} + +variable "enable_snp" { + type = bool + default = true + description = "Enable AMD SEV SNP. Setting this to true sets the cpu-option AmdSevSnp to enable." +} + +variable "custom_endpoint" { + type = string + default = "" + description = "Custom endpoint to use for the Kubernetes apiserver. If not set, the default endpoint will be used." +} + +variable "internal_load_balancer" { + type = bool + default = false + description = "Use an internal load balancer." +}