169163334 - Abstracts terraform wrapper code

The terraform wrapper is now abstracted in to a utility class for working with terraform. The terraform module was also updated to support configurable keyvault servers. Logging for this new module was also added, so the terraform output is seen on the console.
2020-01-16 12:51:20 -05:00
parent deead852b5
commit aa89505650
4 changed files with 88 additions and 39 deletions
--- a/terraform/secrets-tool/commands/terraform.py
+++ b/terraform/secrets-tool/commands/terraform.py
@@ -4,64 +4,48 @@ import logging
 import subprocess

 from utils.keyvault.secrets import SecretsClient
+from utils.terraform.wrapper import TFWrapper

 logger = logging.getLogger(__name__)

 PROCESS='terraform'

@click.group()
+@click.option('--keyvault', required=True, help="Specify the keyvault to operate on")
@click.pass_context
-def terraform(ctx):
-    pass
+def terraform(ctx, keyvault):
+    ctx.ensure_object(dict)
+    ctx.obj['keyvault'] = keyvault

@click.command('plan')
@click.pass_context
 def plan(ctx):
-    keyvault = SecretsClient(vault_url="https://cloudzero-dev-keyvault.vault.azure.net/")
-    # Set env variables for TF
-    for secret in keyvault.list_secrets():
-        name = 'TF_VAR_' + secret
-        val = keyvault.get_secret(secret)
-        #print(val)
-        os.environ[name] = val
-    env = os.environ.copy() 
-    command = "{} {}".format(PROCESS, 'plan')
-    with subprocess.Popen(command, env=env, stdout=subprocess.PIPE, shell=True) as proc:
-        for line in proc.stdout:
-            logging.info(line.decode("utf-8") )
+    keyvault = SecretsClient(vault_url=ctx.obj['keyvault'])
+    tf = TFWrapper(keyvault)
+    tf.plan()

@click.command('apply')
@click.pass_context
 def apply(ctx):
-    keyvault = SecretsClient(vault_url="https://cloudzero-dev-keyvault.vault.azure.net/")
-    # Set env variables for TF
-    for secret in keyvault.list_secrets():
-        name = 'TF_VAR_' + secret
-        val = keyvault.get_secret(secret)
-        #print(val)
-        os.environ[name] = val
-    env = os.environ.copy() 
-    command = "{} {}".format(PROCESS, 'apply -auto-approve')
-    with subprocess.Popen(command, env=env, stdout=subprocess.PIPE, shell=True) as proc:
-        for line in proc.stdout:
-            logging.info(line.decode("utf-8") )
+    keyvault = SecretsClient(vault_url=ctx.obj['keyvault'])
+    tf = TFWrapper(keyvault)
+    tf.apply()

@click.command('destroy')
@click.pass_context
 def destroy(ctx):
-    keyvault = SecretsClient(vault_url="https://cloudzero-dev-keyvault.vault.azure.net/")
-    # Set env variables for TF
-    for secret in keyvault.list_secrets():
-        name = 'TF_VAR_' + secret
-        val = keyvault.get_secret(secret)
-        #print(val)
-        os.environ[name] = val
-    env = os.environ.copy() 
-    command = "{} {}".format(PROCESS, 'destroy')
-    with subprocess.Popen(command, env=env, stdout=subprocess.PIPE, shell=True) as proc:
-        for line in proc.stdout:
-            logging.info(line.decode("utf-8") )
+    keyvault = SecretsClient(vault_url=ctx.obj['keyvault'])
+    tf = TFWrapper(keyvault)
+    tf.destroy()
+
+@click.command('init')
+@click.pass_context
+def init(ctx):
+    keyvault = SecretsClient(vault_url=ctx.obj['keyvault'])
+    tf = TFWrapper(keyvault)
+    tf.init()

 terraform.add_command(plan)
 terraform.add_command(apply)
-terraform.add_command(destroy)
+terraform.add_command(destroy)
+terraform.add_command(init)