github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/examples/terraform-remote-exec-example/main.tf

github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/examples/terraform-remote-exec-example/main.tf (about)

     1  # ---------------------------------------------------------------------------------------------------------------------
     2  # PIN TERRAFORM VERSION TO >= 0.12
     3  # The examples have been upgraded to 0.12 syntax
     4  # ---------------------------------------------------------------------------------------------------------------------
     5  
     6  terraform {
     7    # This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
     8    # 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
     9    # forwards compatible with 0.13.x code.
    10    required_version = ">= 0.12.26"
    11  }
    12  
    13  # ---------------------------------------------------------------------------------------------------------------------
    14  # DEPLOY AN INSTANCE, THEN TRIGGER A PROVISIONER
    15  # See test/terraform_ssh_example.go for how to write automated tests for this code.
    16  # ---------------------------------------------------------------------------------------------------------------------
    17  
    18  provider "aws" {
    19    region = var.aws_region
    20  }
    21  
    22  # ---------------------------------------------------------------------------------------------------------------------
    23  # DEPLOY THE EC2 INSTANCE WITH A PUBLIC IP
    24  # ---------------------------------------------------------------------------------------------------------------------
    25  
    26  resource "aws_instance" "example_public" {
    27    ami                    = data.aws_ami.ubuntu.id
    28    instance_type          = var.instance_type
    29    vpc_security_group_ids = [aws_security_group.example.id]
    30    key_name               = var.key_pair_name
    31  
    32    # This EC2 Instance has a public IP and will be accessible directly from the public Internet
    33    associate_public_ip_address = true
    34  
    35    tags = {
    36      Name = "${var.instance_name}-public"
    37    }
    38  }
    39  
    40  # ---------------------------------------------------------------------------------------------------------------------
    41  # CREATE A SECURITY GROUP TO CONTROL WHAT REQUESTS CAN GO IN AND OUT OF THE EC2 INSTANCES
    42  # ---------------------------------------------------------------------------------------------------------------------
    43  
    44  resource "aws_security_group" "example" {
    45    name = var.instance_name
    46  
    47    egress {
    48      from_port   = 0
    49      to_port     = 0
    50      protocol    = "-1"
    51      cidr_blocks = ["0.0.0.0/0"]
    52    }
    53  
    54    ingress {
    55      from_port = var.ssh_port
    56      to_port   = var.ssh_port
    57      protocol  = "tcp"
    58  
    59      # To keep this example simple, we allow incoming SSH requests from any IP. In real-world usage, you should only
    60      # allow SSH requests from trusted servers, such as a bastion host or VPN server.
    61      cidr_blocks = ["0.0.0.0/0"]
    62    }
    63  }
    64  
    65  # ---------------------------------------------------------------------------------------------------------------------
    66  # Provision the server using remote-exec
    67  # ---------------------------------------------------------------------------------------------------------------------
    68  
    69  resource "null_resource" "example_provisioner" {
    70    triggers = {
    71      public_ip = aws_instance.example_public.public_ip
    72    }
    73  
    74    connection {
    75      type  = "ssh"
    76      host  = aws_instance.example_public.public_ip
    77      user  = var.ssh_user
    78      port  = var.ssh_port
    79      agent = true
    80    }
    81  
    82    // copy our example script to the server
    83    provisioner "file" {
    84      source      = "files/get-public-ip.sh"
    85      destination = "/tmp/get-public-ip.sh"
    86    }
    87  
    88    // change permissions to executable and pipe its output into a new file
    89    provisioner "remote-exec" {
    90      inline = [
    91        "chmod +x /tmp/get-public-ip.sh",
    92        "/tmp/get-public-ip.sh > /tmp/public-ip",
    93      ]
    94    }
    95  
    96    provisioner "local-exec" {
    97      # copy the public-ip file back to CWD, which will be tested
    98      command = "scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${var.ssh_user}@${aws_instance.example_public.public_ip}:/tmp/public-ip public-ip"
    99    }
   100  }
   101  
   102  # ---------------------------------------------------------------------------------------------------------------------
   103  # LOOK UP THE LATEST UBUNTU AMI
   104  # ---------------------------------------------------------------------------------------------------------------------
   105  
   106  data "aws_ami" "ubuntu" {
   107    most_recent = true
   108    owners      = ["099720109477"] # Canonical
   109  
   110    filter {
   111      name   = "virtualization-type"
   112      values = ["hvm"]
   113    }
   114  
   115    filter {
   116      name   = "architecture"
   117      values = ["x86_64"]
   118    }
   119  
   120    filter {
   121      name   = "image-type"
   122      values = ["machine"]
   123    }
   124  
   125    filter {
   126      name   = "name"
   127      values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"]
   128    }
   129  }
   130