diff --git a/plugin.go b/plugin.go index 4384c17..5699203 100644 --- a/plugin.go +++ b/plugin.go @@ -125,13 +125,6 @@ func (p Plugin) Exec() error { return nil } -func installCaCert(cacert string) *exec.Cmd { - ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644) - return exec.Command( - "update-ca-certificates", - ) -} - // CopyTfEnv creates copies of TF_VAR_ to lowercase func CopyTfEnv() { tfVar := regexp.MustCompile(`^TF_VAR_.*$`) @@ -144,6 +137,27 @@ func CopyTfEnv() { } } +func assumeRole(roleArn string) { + client := sts.New(session.New()) + duration := time.Hour * 1 + stsProvider := &stscreds.AssumeRoleProvider{ + Client: client, + Duration: duration, + RoleARN: roleArn, + RoleSessionName: "drone", + } + + value, err := credentials.NewCredentials(stsProvider).Get() + if err != nil { + logrus.WithFields(logrus.Fields{ + "error": err, + }).Fatal("Error assuming role!") + } + os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID) + os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey) + os.Setenv("AWS_SESSION_TOKEN", value.SessionToken) +} + func deleteCache() *exec.Cmd { return exec.Command( "rm", @@ -152,6 +166,13 @@ func deleteCache() *exec.Cmd { ) } +func getModules() *exec.Cmd { + return exec.Command( + "terraform", + "get", + ) +} + func initCommand(config InitOptions) *exec.Cmd { args := []string{ "init", @@ -180,51 +201,24 @@ func initCommand(config InitOptions) *exec.Cmd { ) } -func getModules() *exec.Cmd { +func installCaCert(cacert string) *exec.Cmd { + ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644) return exec.Command( - "terraform", - "get", + "update-ca-certificates", ) } -func tfValidate(config Config) *exec.Cmd { - args := []string{ - "validate", - } - for _, v := range config.VarFiles { - args = append(args, "-var-file", fmt.Sprintf("%s", v)) - } - for k, v := range config.Vars { - args = append(args, "-var") - args = append(args, fmt.Sprintf("%s=%s", k, v)) - } - return exec.Command( - "terraform", - args..., - ) +func trace(cmd *exec.Cmd) { + fmt.Println("$", strings.Join(cmd.Args, " ")) } -func tfPlan(config Config, destroy bool) *exec.Cmd { +func tfApply(config Config) *exec.Cmd { args := []string{ - "plan", - } - - if destroy { - args = append(args, "-destroy") - } else { - args = append(args, "-out=plan.tfout") + "apply", } - for _, v := range config.Targets { args = append(args, "--target", fmt.Sprintf("%s", v)) } - for _, v := range config.VarFiles { - args = append(args, "-var-file", fmt.Sprintf("%s", v)) - } - for k, v := range config.Vars { - args = append(args, "-var") - args = append(args, fmt.Sprintf("%s=%s", k, v)) - } if config.Parallelism > 0 { args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism)) } @@ -234,18 +228,19 @@ func tfPlan(config Config, destroy bool) *exec.Cmd { if config.InitOptions.LockTimeout != "" { args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout)) } + args = append(args, "plan.tfout") return exec.Command( "terraform", args..., ) } -func tfApply(config Config) *exec.Cmd { +func tfDestroy(config Config) *exec.Cmd { args := []string{ - "apply", + "destroy", } for _, v := range config.Targets { - args = append(args, "--target", fmt.Sprintf("%s", v)) + args = append(args, fmt.Sprintf("-target=%s", v)) } if config.Parallelism > 0 { args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism)) @@ -256,19 +251,33 @@ func tfApply(config Config) *exec.Cmd { if config.InitOptions.LockTimeout != "" { args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout)) } - args = append(args, "plan.tfout") + args = append(args, "-force") return exec.Command( "terraform", args..., ) } -func tfDestroy(config Config) *exec.Cmd { +func tfPlan(config Config, destroy bool) *exec.Cmd { args := []string{ - "destroy", + "plan", } + + if destroy { + args = append(args, "-destroy") + } else { + args = append(args, "-out=plan.tfout") + } + for _, v := range config.Targets { - args = append(args, fmt.Sprintf("-target=%s", v)) + args = append(args, "--target", fmt.Sprintf("%s", v)) + } + for _, v := range config.VarFiles { + args = append(args, "-var-file", fmt.Sprintf("%s", v)) + } + for k, v := range config.Vars { + args = append(args, "-var") + args = append(args, fmt.Sprintf("%s=%s", k, v)) } if config.Parallelism > 0 { args = append(args, fmt.Sprintf("-parallelism=%d", config.Parallelism)) @@ -279,34 +288,25 @@ func tfDestroy(config Config) *exec.Cmd { if config.InitOptions.LockTimeout != "" { args = append(args, fmt.Sprintf("-lock-timeout=%s", config.InitOptions.LockTimeout)) } - args = append(args, "-force") return exec.Command( "terraform", args..., ) } -func assumeRole(roleArn string) { - client := sts.New(session.New()) - duration := time.Hour * 1 - stsProvider := &stscreds.AssumeRoleProvider{ - Client: client, - Duration: duration, - RoleARN: roleArn, - RoleSessionName: "drone", +func tfValidate(config Config) *exec.Cmd { + args := []string{ + "validate", } - - value, err := credentials.NewCredentials(stsProvider).Get() - if err != nil { - logrus.WithFields(logrus.Fields{ - "error": err, - }).Fatal("Error assuming role!") + for _, v := range config.VarFiles { + args = append(args, "-var-file", fmt.Sprintf("%s", v)) } - os.Setenv("AWS_ACCESS_KEY_ID", value.AccessKeyID) - os.Setenv("AWS_SECRET_ACCESS_KEY", value.SecretAccessKey) - os.Setenv("AWS_SESSION_TOKEN", value.SessionToken) -} - -func trace(cmd *exec.Cmd) { - fmt.Println("$", strings.Join(cmd.Args, " ")) + for k, v := range config.Vars { + args = append(args, "-var") + args = append(args, fmt.Sprintf("%s=%s", k, v)) + } + return exec.Command( + "terraform", + args..., + ) }