github.com/terraform-modules-krish/terratest@v0.29.0/examples/terraform-remote-exec-example/main.tf

github.com/terraform-modules-krish/terratest@v0.29.0/examples/terraform-remote-exec-example/main.tf (about)

     1  # ---------------------------------------------------------------------------------------------------------------------
     2  # PIN TERRAFORM VERSION TO >= 0.12
     3  # The examples have been upgraded to 0.12 syntax
     4  # ---------------------------------------------------------------------------------------------------------------------
     5  
     6  terraform {
     7    required_version = ">= 0.12"
     8  }
     9  
    10  # ---------------------------------------------------------------------------------------------------------------------
    11  # DEPLOY AN INSTANCE, THEN TRIGGER A PROVISIONER
    12  # See test/terraform_ssh_example.go for how to write automated tests for this code.
    13  # ---------------------------------------------------------------------------------------------------------------------
    14  
    15  provider "aws" {
    16    region = var.aws_region
    17  }
    18  
    19  # ---------------------------------------------------------------------------------------------------------------------
    20  # DEPLOY THE EC2 INSTANCE WITH A PUBLIC IP
    21  # ---------------------------------------------------------------------------------------------------------------------
    22  
    23  resource "aws_instance" "example_public" {
    24    ami                    = data.aws_ami.ubuntu.id
    25    instance_type          = "t2.micro"
    26    vpc_security_group_ids = [aws_security_group.example.id]
    27    key_name               = var.key_pair_name
    28  
    29    # This EC2 Instance has a public IP and will be accessible directly from the public Internet
    30    associate_public_ip_address = true
    31  
    32    tags = {
    33      Name = "${var.instance_name}-public"
    34    }
    35  }
    36  
    37  # ---------------------------------------------------------------------------------------------------------------------
    38  # CREATE A SECURITY GROUP TO CONTROL WHAT REQUESTS CAN GO IN AND OUT OF THE EC2 INSTANCES
    39  # ---------------------------------------------------------------------------------------------------------------------
    40  
    41  resource "aws_security_group" "example" {
    42    name = var.instance_name
    43  
    44    egress {
    45      from_port   = 0
    46      to_port     = 0
    47      protocol    = "-1"
    48      cidr_blocks = ["0.0.0.0/0"]
    49    }
    50  
    51    ingress {
    52      from_port = var.ssh_port
    53      to_port   = var.ssh_port
    54      protocol  = "tcp"
    55  
    56      # To keep this example simple, we allow incoming SSH requests from any IP. In real-world usage, you should only
    57      # allow SSH requests from trusted servers, such as a bastion host or VPN server.
    58      cidr_blocks = ["0.0.0.0/0"]
    59    }
    60  }
    61  
    62  # ---------------------------------------------------------------------------------------------------------------------
    63  # Provision the server using remote-exec
    64  # ---------------------------------------------------------------------------------------------------------------------
    65  
    66  resource "null_resource" "example_provisioner" {
    67    triggers = {
    68      public_ip = aws_instance.example_public.public_ip
    69    }
    70  
    71    connection {
    72      type  = "ssh"
    73      host  = aws_instance.example_public.public_ip
    74      user  = var.ssh_user
    75      port  = var.ssh_port
    76      agent = true
    77    }
    78  
    79    // copy our example script to the server
    80    provisioner "file" {
    81      source      = "files/get-public-ip.sh"
    82      destination = "/tmp/get-public-ip.sh"
    83    }
    84  
    85    // change permissions to executable and pipe its output into a new file
    86    provisioner "remote-exec" {
    87      inline = [
    88        "chmod +x /tmp/get-public-ip.sh",
    89        "/tmp/get-public-ip.sh > /tmp/public-ip",
    90      ]
    91    }
    92  
    93    provisioner "local-exec" {
    94      # copy the public-ip file back to CWD, which will be tested
    95      command = "scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${var.ssh_user}@${aws_instance.example_public.public_ip}:/tmp/public-ip public-ip"
    96    }
    97  }
    98  
    99  # ---------------------------------------------------------------------------------------------------------------------
   100  # LOOK UP THE LATEST UBUNTU AMI
   101  # ---------------------------------------------------------------------------------------------------------------------
   102  
   103  data "aws_ami" "ubuntu" {
   104    most_recent = true
   105    owners      = ["099720109477"] # Canonical
   106  
   107    filter {
   108      name   = "virtualization-type"
   109      values = ["hvm"]
   110    }
   111  
   112    filter {
   113      name   = "architecture"
   114      values = ["x86_64"]
   115    }
   116  
   117    filter {
   118      name   = "image-type"
   119      values = ["machine"]
   120    }
   121  
   122    filter {
   123      name   = "name"
   124      values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"]
   125    }
   126  }
   127