renew docker compose.

docker-compose.yml

@@ -1,53 +1,110 @@
+# https://docs.docker.com/compose/compose-file/compose-file-v3/#extension-fields
 x-service-provisioning-base: &provisioning-base
  build:
  args:
  GID: ${GID:-0}
  UID: ${UID:-0}
  context: Dockerfile.d/provisioning
- # command:
- # - zsh
- # - -ic
- # - |
- # rm -rf /tmp/provisioning/.terraform.d
- # /project/scripts/provisioning.init-with-azure.sh
- # /project/scripts/provisioning.init-with-google.sh
- environment:
- - PROJECT_UNIQUE_ID
- - AWS_ACCESS_KEY_ID
- - AWS_ACCOUNT_ID
- - AWS_DEFAULT_REGION
- - AWS_SECRET_ACCESS_KEY
- - AZURE_DEFAULT_LOCATION
- - ARM_CLIENT_ID
- - ARM_CLIENT_SECRET
- - ARM_SUBSCRIPTION_ID
- - ARM_TENANT_ID
- - AZURE_SERVICE_PRINCIPAL=/project/config/credentials/azure-service-principal.json
- - CLOUDSDK_CORE_PROJECT
- - GOOGLE_APPLICATION_CREDENTIALS=/project/config/credentials/google-cloud-keyfile.json
- - TF_DATA_DIR=/tmp/provisioning/.terraform.d/
- - TF_VAR_allowed_ipaddr_list=${TF_VAR_allowed_ipaddr_list}
- - TF_VAR_aws_access_key=${AWS_ACCESS_KEY_ID}
- - TF_VAR_aws_default_region=${AWS_DEFAULT_REGION}
- - TF_VAR_aws_secret_key=${AWS_SECRET_ACCESS_KEY}
- - TF_VAR_azure_default_location=${AZURE_DEFAULT_LOCATION}
- - TF_VAR_gcp_project_id=${CLOUDSDK_CORE_PROJECT}
- - TF_VAR_project_unique_id=${PROJECT_UNIQUE_ID}
+ command:
+ - zsh
+ - -ic
+ - |
+ export _STAT_DIR=/workspace/tmp/run/container-$$(hostname)
+ mkdir -p $${_STAT_DIR:?}/
+ export _STAT_DIR_INTERNAL=/tmp/container-myself
+ ln --force --no-dereference --symbolic $${_STAT_DIR:?}/ $${_STAT_DIR_INTERNAL:?}
+ echo '{}' | jq '. + {enabled:true}' > $${_STAT_DIR_INTERNAL}/stat.json
+ :
+ rm -rf /workspace/tmp/provisioning/.terraform.d
+ /workspace/scripts/provisioning.init-terraform-with-$${_TERRAFORM_BACKEND_TYPE}-backend.zsh\
+ || jq '. + {succeeded:false}' $${_STAT_DIR_INTERNAL}/stat.json > $${_STAT_DIR_INTERNAL}/stat.tmp.json
+ mv -f $${_STAT_DIR_INTERNAL}/stat{.tmp,}.json
+ :
+ echo ""
+ echo "\033[1;34m🎉The start-up process is completed.\033[0m"
+ echo "\033[1;34m✨Now you can provision your environment.\033[0m"
+ echo "\033[1;32mIf you want to stop me, remove \`tmp/run/container-$$(hostname)/\`.\033[0m"
+ jq '. + {succeeded:true}' $${_STAT_DIR_INTERNAL}/stat.json > $${_STAT_DIR_INTERNAL}/stat.tmp.json
+ mv -f $${_STAT_DIR_INTERNAL}/stat{.tmp,}.json
+ while :
+ do
+ jq -e '. | select(.enabled)' $${_STAT_DIR_INTERNAL}/stat.json > /dev/null\
+ || break
+ sleep 2
+ done
+ environment: &provisioning-base-environment
+ PROJECT_UNIQUE_ID: ~
+ # <AWS>
+ AWS_ACCESS_KEY_ID: ~
+ AWS_ACCOUNT_ID: ~
+ AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION:-us-east-1}
+ AWS_SECRET_ACCESS_KEY: ~
+ # </AWS>
+ # <Azure>
+ AZURE_DEFAULT_LOCATION: ${AZURE_DEFAULT_LOCATION:-centralus}
+ ARM_CLIENT_ID: ~
+ ARM_CLIENT_SECRET: ~
+ ARM_SUBSCRIPTION_ID: ~
+ ARM_TENANT_ID: ~
+ # </Azure>
+ # <Google>
+ CLOUDSDK_CORE_PROJECT: ~
+ GCP_DEFAULT_REGION: ${GCP_DEFAULT_REGION:-us-central1}
+ GOOGLE_APPLICATION_CREDENTIALS: ${GOOGLE_APPLICATION_CREDENTIALS:-/workspace/config/credentials/google-cloud-keyfile.provisioning-owner.json}
+ # </Google>
+ _TERRAFORM_BACKEND_TYPE: ~
+ TF_DATA_DIR: /tmp/provisioning/.terraform.d/
+ TF_VAR_allowed_ipaddr_list: ${TF_VAR_allowed_ipaddr_list}
+ TF_VAR_aws_access_key: ${AWS_ACCESS_KEY_ID}
+ TF_VAR_aws_default_region: ${AWS_DEFAULT_REGION:-us-east-1}
+ TF_VAR_aws_secret_key: ${AWS_SECRET_ACCESS_KEY}
+ TF_VAR_azure_default_location: ${AZURE_DEFAULT_LOCATION:-centralus}
+ TF_VAR_gcp_default_region: ${GCP_DEFAULT_REGION:-us-central1}
+ TF_VAR_gcp_project_id: ${CLOUDSDK_CORE_PROJECT}
+ TF_VAR_project_unique_id: ${PROJECT_UNIQUE_ID}
+ healthcheck:
+ test:
+ - CMD
+ - jq
+ - -e
+ - '. | select(.succeeded)'
+ - /tmp/container-myself/stat.json
+ interval: 2s
+ timeout: 1s
+ retries: 2
+ start_period: 10s
  user: "${UID:-0}:${GID:-0}"
  volumes:
  - provisioning-home-developer:/home/developer
- - provisioning-home-root:/root # for macOS
+ - provisioning-home-root:/root # for macOS & Windows
  - /var/run/docker.sock:/var/run/docker.sock
- - ./Dockerfile.d:/project/Dockerfile.d
- - ./config:/project/config
- - ./provisioning:/project/workspace
- - ./scripts:/project/scripts
- - ./tmp/provisioning:/tmp/provisioning
- working_dir: /project/workspace
+ - .:/workspace
+ working_dir: /workspace/provisioning
 
+# You are able to implement your service like below.
 services:
- provisioning:
+ provisioning-azurerm-backend:
  <<: *provisioning-base
+ environment:
+ <<: *provisioning-base-environment
+ _TERRAFORM_BACKEND_TYPE: azurerm
+ profiles:
+ - azurerm
+ provisioning-gcs-backend:
+ <<: *provisioning-base
+ environment:
+ <<: *provisioning-base-environment
+ _TERRAFORM_BACKEND_TYPE: gcs
+ profiles:
+ - gcs
+ provisioning-s3-backend:
+ <<: *provisioning-base
+ environment:
+ <<: *provisioning-base-environment
+ _TERRAFORM_BACKEND_TYPE: s3
+ profiles:
+ - s3
+
 version: "3.8"
 volumes:
  provisioning-home-developer:

tmp/run/.gitignore

@@ -0,0 +1,2 @@
+/*
+!/.gitignore