CircleCI로 Terraform을 자동화해 보았다! LT용 자료
이벤트 세부정보 및 슬라이드
■connpass URL
2019/8/23(금요일)
CircleCI의 사용자 커뮤니티가 주최하는 이벤트로 LT 프레임을 받았으므로 LT 해왔습니다!
끊어지지 않은 내용은 여기에 대략 적어 갑니다
■LT 슬라이드
.circleci/config.yml
version: 2.1
jobs:
approval-notification-plan:
docker:
- image: alpine:3.10.1
working_directory: ~/repo
steps:
- checkout
- run:
name: "Slack Approval Notification Terraform Plan"
command: |
chmod 755 plan_slack.sh
cat plan_slack.sh
apk update
apk add curl
ash ./plan_slack.sh
working_directory: ~/repo/shellscripts
plan:
docker:
- image: hashicorp/terraform:0.12.6
working_directory: ~/repo
steps:
- checkout
- run:
name: "Init terraform"
command: terraform init
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "Validate terraform"
command: terraform validate
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[OREGON-DEV] Workspace Select terraform"
command: terraform workspace select oregon-dev
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[OREGON-DEV] Plan terraform"
command: terraform plan
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[DEV] Workspace Select terraform"
command: terraform workspace select dev
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[DEV] Plan terraform"
command: terraform plan
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[STG] Workspace Select terraform"
command: terraform workspace select stg
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[STG] Plan terraform"
command: terraform plan
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[PRD] Workspace Select terraform"
command: terraform workspace select prd
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[PRD] Plan terraform"
command: terraform plan
working_directory: ~/repo/[your_terraform_workspace_path]
approval-notification-apply:
docker:
- image: alpine:3.10.1
working_directory: ~/repo
steps:
- checkout
- run:
name: "Slack Approval Notification"
command: |
apk update
apk add curl
chmod 755 apply_slack.sh
cat apply_slack.sh
ash ./apply_slack.sh
working_directory: ~/repo/shellscripts/
apply-oregon-dev:
docker:
- image: hashicorp/terraform:0.12.6
working_directory: ~/repo
steps:
- checkout
- run:
name: Init terraform
command: terraform init
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[OREGON-DEV] Workspace Select terraform"
command: terraform workspace select oregon-dev
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[OREGON-DEV] Apply terraform"
command: terraform apply -auto-approve
working_directory: ~/repo/[your_terraform_workspace_path]
apply-dev:
docker:
- image: hashicorp/terraform:0.12.6
working_directory: ~/repo
steps:
- checkout
- run:
name: Init terraform
command: terraform init
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[DEV] Workspace Select terraform"
command: terraform workspace select dev
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[DEV] Apply terraform"
command: terraform apply -auto-approve
working_directory: ~/repo/[your_terraform_workspace_path]
apply-stg:
docker:
- image: hashicorp/terraform:0.12.6
working_directory: ~/repo
steps:
- checkout
- run:
name: Init terraform
command: terraform init
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[STG] Workspace Select terraform"
command: terraform workspace select stg
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[STG] Apply terraform"
command: terraform apply -auto-approve
working_directory: ~/repo/[your_terraform_workspace_path]
apply-prd:
docker:
- image: hashicorp/terraform:0.12.6
working_directory: ~/repo
steps:
- checkout
- run:
name: Init terraform
command: terraform init
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[PRD] Workspace Select terraform"
command: terraform workspace select prd
working_directory: ~/repo/[your_terraform_workspace_path]
- run:
name: "[PRD] Apply terraform"
command: terraform apply -auto-approve
working_directory: ~/repo/[your_terraform_workspace_path]
orbs:
slack: circleci/[email protected]
workflows:
plan-and-apply:
jobs:
- approval-notification-plan
- hold-plan:
type: approval
requires:
- approval-notification-plan
- plan:
requires:
- hold-plan
- approval-notification-apply:
requires:
- plan
filters:
branches:
only: master
- hold-oregon-dev:
type: approval
requires:
- approval-notification-apply
filters:
branches:
only: master
- apply-oregon-dev:
requires:
- hold-oregon-dev
filters:
branches:
only: master
- hold-dev:
type: approval
requires:
- approval-notification-apply
filters:
branches:
only: master
- apply-dev:
requires:
- hold-dev
filters:
branches:
only: master
- hold-stg:
type: approval
requires:
- approval-notification-apply
filters:
branches:
only: master
- apply-stg:
requires:
- hold-stg
filters:
branches:
only: master
- hold-prd:
type: approval
requires:
- approval-notification-apply
filters:
branches:
only: master
- apply-prd:
requires:
- hold-prd
filters:
branches:
only: master
Environment Variables
slack 알림용 shellscript
※Slack 통지에는 편리한 orbs가 준비되어 있습니다. 이번에는 webhook을 사용하여 다른 채널에 알리고 싶었기 때문에 CircleCI의 orbs 중에서 좋은 느낌으로 꺼내 가공했습니다.
무엇인가 특별하고 싶은 것이 없는 한은, 이쪽이 엄청 추천입니다!
h tps : // / rc ぇ시. 코 m / rbs / 레기 스트리 / rb / shi rc ぇ시 / s ぁ ck
■plan_slack.sh
POSTDATA=`cat << EOF
{"channel":"#infra-sre","attachments":[{"fallback":"CircleCI tf plan Approval","text":"tf plan approval br=[${CIRCLE_BRANCH}]","fields":[{"title":"Project","value":"${CIRCLE_PROJECT_REPONAME}","short":true},{"title":"Job Number","value":"${CIRCLE_BUILD_NUM}","short":true}],"actions":[{"type":"button","text":"Visit Workflow","url":"https://circleci.com/workflow-run/${CIRCLE_WORKFLOW_ID}"},{"type":"button","text":"Visit Github","url":"https://github.com/your-organization/${CIRCLE_PROJECT_REPONAME}/tree/${CIRCLE_BRANCH}"}],"color":"good"}]}
EOF`
echo $POSTDATA
curl -X POST -H "Content-type: application/json" -d "$POSTDATA" ${SLACK_WEBHOOK}
■apply_slack.sh
POSTDATA=`cat << EOF
{"channel":"#infra-sre","attachments":[{"fallback":"CircleCI tf apply Approval","text":"tf apply approval br=[${CIRCLE_BRANCH}]","fields":[{"title":"Project","value":"${CIRCLE_PROJECT_REPONAME}","short":true},{"title":"Job Number","value":"${CIRCLE_BUILD_NUM}","short":true}],"actions":[{"type":"button","text":"Visit Workflow","url":"https://circleci.com/workflow-run/${CIRCLE_WORKFLOW_ID}"}],"color":"good"}]}
EOF`
echo $POSTDATA
curl -X POST -H "Content-type: application/json" -d "$POSTDATA" ${SLACK_WEBHOOK}
Reference
이 문제에 관하여(CircleCI로 Terraform을 자동화해 보았다! LT용 자료), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://qiita.com/miyazawa214/items/90d725495d8303d6565b텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
우수한 개발자 콘텐츠 발견에 전념
(Collection and Share based on the CC Protocol.)
좋은 웹페이지 즐겨찾기
