Merge main to dev (#420)

* Add yaml syntax highlighting (#402) * Release 0.15.0 (#410) * Attempting more graceful usage of git dependency (#393) Import is not within a try-catch and only imported if the code for its usage is invoked. * Nicer plan displayer (#391) * Nicer plan displayer 1. Using tables to show data about changes 2. Only 2 security levels "LOW RISK" and "HIGH RISK". Low risk represents no expected dataloss and minimal, recoverable downtime * more colors * typo * addressing cr * max node count increase should be benign * addressing cr * Preemptive GCP instances. (#394) * Fix unnecessary logs and other minor issues (#395) * fix-stuff * revert-pipfile * fix-dict * fix-lint * fix-lint * Update nightly.yaml * Checking b/w 2 versions will now verify no dataloss (#398) * Feature/dashlocal (#397) Added --local functionality for Opta local runs. * Check in ci that pdb is not mentioned anywhere in the code (#401) * Check in ci that pdb is not mentioned anywhere in the code * wip * wip * Tiny fix for our runx module (#405) * Jd/fixing displayer (#406) * plan displayer handle delete * destroy was not a valid value * adding deletions to test * Fixed local yaml quote issue (#404) * Jd/fixing aws destroy (#407) * AWS destroy facing issue b/c cli can't clean up auto created sec group terraform-aws-modules/terraform-aws-vpc#283 * wip * terraform fmt * Adding Secondary Gcp NodePool Opta module (#403) * Adding Secondary Gcp NodePool Opta module * Update the GCP Node Pool name * Update gcp-env.yml example and fix terraform lint * Add IAM Member permissions * Supporting a list of helm values files (#409) Also, now we check for relative path and support it * Updating to linkerd v2.10.2 (#408) * Updating to linkerd v2.10.2 OK, looks like all of the important work was already taken care of earlier as we skipped the outbound mysql and postgres ports already. More good news: the linkerd visualization components are now their own separate charts so linkerd resource overhead will drop a lot. https://linkerd.io/2.10/tasks/upgrading-2.10-ports-and-protocols/# https://linkerd.io/2.10/tasks/upgrade/#upgrade-notice-stable-2-10-0 * terraform fmt * Fixing gcp dns delegation * Fixed relative path issues for yaml files (#411) * Disabling ssl for gcp postgres (#415) Doing this because in order to enable ssl for postgres a user would need to download the ssl CA/key files and include them in all outgoing connections, which makes psql incredibly cumbersome to use. So for now, we won't be supporting it. * Forgot to update regula to not complain about missing gcp postgres ssl (#416) * Fixing azure destroy (#414) (#418) * Fixing azure destroy Sometime in the past week Azure terraform started failing when trying to destroy the acr key vault key because we disabled purge and yet destroy causes a purge. Found the new toggle to just do a soft delete on purge and confirmed that it worked. * Disabling regular rule for purge * Reverting azure provider to version 2.78.0 Honestly, I'm very disappointed with Azure: Azure/AKS#2584 * Fixed terraform local working dir (#413) Co-authored-by: Juan Diego Palomino <[email protected]> Co-authored-by: Nilesh Sarupriya <[email protected]> Co-authored-by: Sachin Agarwal <[email protected]> Co-authored-by: Anthony Campolo <[email protected]> Co-authored-by: Nitin Aggarwal <[email protected]> Co-authored-by: Juan Diego Palomino <[email protected]> Co-authored-by: Nilesh Sarupriya <[email protected]>
run-x · Oct 11, 2021 · 41243b5 · 41243b5
1 parent b50d2ed
commit 41243b5
Show file tree

Hide file tree

Showing 7 changed files with 53 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -78,7 +78,7 @@ This will set up the base infrastructure (like network and cluster) that will be
 > (opta has a destroy command so it should be easy :))!
 
 Create this file and name it staging.yml
-```
+```yaml
 name: staging
 org_name: <something unique>
 providers:
@@ -96,7 +96,7 @@ modules:
 In this example we are using the popular [httbin](https://httpbin.org/) container as our application
 
 Create this file and name it opta.yml:
-```
+```yaml
 name: hello-world
 environments:
  - name: staging

diff --git a/config/config.rego b/config/config.rego
@@ -47,4 +47,4 @@ rules[rule] {
  "rule_id": "FG_R00433",
  "status": "DISABLED"
  }
-}
+}
diff --git a/config/tf_modules/local-base/install-cluster.sh b/config/tf_modules/local-base/install-cluster.sh
@@ -1,6 +1,24 @@
 #!/usr/bin/env bash
+set -o errexit
 reg_name='opta-local-registry'
 reg_port='5000'
+
+stopped="$(docker inspect -f '{{.State.Status}}' "opta-local-cluster-control-plane" 2>/dev/null || true)"
+if [ "${stopped}" == 'exited' ]; then
+ echo "Found a stopped Opta local cluster docker container opta-local-cluster-control-plane, starting it again; manually clean it up if you want a new Opta Local environment."
+ docker start "opta-local-cluster-control-plane"
+ echo "Waiting 20s for restarted docker container opta-local-cluster-control-plane to stabilize "
+ sleep 20
+ kubectl config use-context kind-opta-local-cluster
+ exit 0
+fi
+
+running="$(docker inspect -f '{{.State.Status}}' "opta-local-cluster-control-plane" 2>/dev/null || true)"
+if [ "${running}" == 'running' ]; then
+ echo "Found a running Opta local cluster docker container opta-local-cluster-control-plane, manually clean it up if you want a new Opta Local environment."
+ kubectl config use-context kind-opta-local-cluster
+ exit 0
+fi
 # create a cluster with the local registry and nginx externalPorts enabled in containerd
 cat <<EOF | $HOME/.opta/local/kind create cluster --name opta-local-cluster --kubeconfig $HOME/.kube/config --wait 5m --config=-
 kind: Cluster

diff --git a/config/tf_modules/local-base/main.tf b/config/tf_modules/local-base/main.tf
@@ -1,7 +1,8 @@
 resource "null_resource" "local-base" {
 
  provisioner "local-exec" {
- command = "bash -c config/tf_modules/local-base/install_software.sh"
+ working_dir = path.module
+ command = "bash ./install_software.sh"
  }
  provisioner "local-exec" {
  when = destroy
@@ -24,7 +25,8 @@ resource "null_resource" "k8s-installer" {
  null_resource.local-base
  ]
  provisioner "local-exec" {
- command = "bash -c config/tf_modules/local-base/install-cluster.sh"
+ working_dir = path.module
+ command = "bash -c ./install-cluster.sh"
  }
  provisioner "local-exec" {
  when = destroy
@@ -43,11 +45,11 @@ resource "null_resource" "kind-installer" {
  null_resource.k8s-installer
  ]
  provisioner "local-exec" {
-
- command = <<EOT
+ working_dir = path.module
+ command  = <<EOT
  echo "Installing Nginx ingress"
  kubectl config use-context kind-opta-local-cluster
- kubectl apply -f config/tf_modules/local-base/deploy.yaml
+ kubectl apply -f deploy.yaml
  echo "Waiting 20s for nginx ingress to stabilize"
  sleep 20 # Wait for nginx to be ready
  EOT

diff --git a/opta/commands/apply.py b/opta/commands/apply.py
@@ -1,3 +1,5 @@
+import os
+from pathlib import Path
 from threading import Thread
 from typing import Any, List, Optional, Set
 
@@ -142,9 +144,12 @@ def _apply(
  if local:
  adjusted_config = _handle_local_flag(config, test)
  if adjusted_config != config: # Only do this for service opta files
- config = adjusted_config
+ config = adjusted_config # Config for service
+ localopta_envfile = os.path.join(
+ Path.home(), ".opta", "local", "localopta.yml"
+ )
  _apply(
- config="config/localopta.yml",
+ config=localopta_envfile,
  auto_approve=True,
  local=False,
  env="",

diff --git a/opta/commands/deploy.py b/opta/commands/deploy.py
@@ -1,3 +1,5 @@
+import os
+from pathlib import Path
 from typing import Optional
 
 import click
@@ -75,8 +77,11 @@ def deploy(
  adjusted_config = _handle_local_flag(config, False)
  if adjusted_config != config: # Only do this for service opta files
  config = adjusted_config
+ localopta_envfile = os.path.join(
+ Path.home(), ".opta", "local", "localopta.yml"
+ )
  _apply(
- config="config/localopta.yml",
+ config=localopta_envfile,
  auto_approve=True,
  local=False,
  env="",

diff --git a/opta/commands/local_flag.py b/opta/commands/local_flag.py
@@ -1,6 +1,6 @@
 import os
 from pathlib import Path
-from shutil import copyfile, rmtree
+from shutil import rmtree
 
 from ruamel import yaml
 
@@ -17,7 +17,17 @@ def _handle_local_flag(config: str, test: bool = False) -> str:
  dir_path = os.path.join(Path.home(), ".opta", "local")
  if not os.path.exists(dir_path):
  os.makedirs(dir_path)
- copyfile("config/localopta.yml", dir_path + "/localopta.yml")
+ with open(os.path.join(dir_path, "localopta.yml"), "w") as fw:
+ yaml.safe_dump(
+ {
+ "name": "localopta",
+ "org_name": "opta",
+ "providers": {"local": {}},
+ "modules": [{"type": "local-base"}],
+ },
+ fw,
+ )
+
  with open(config, "r") as fr:
  y = yaml.round_trip_load(fr, preserve_quotes=True)
  if "environments" not in y: # This is an environment opta file, so do nothing