feat: abstracting cloud providers

2023-02-26 12:52:08 +00:00 · 2023-02-26 12:52:08 +00:00 · 0a72aeed96
commit 0a72aeed96
parent af36a545a1
18 changed files with 629 additions and 181 deletions
--- a/app/terraform/bridge/aws.py
+++ b/app/terraform/bridge/aws.py
@ -1,15 +1,15 @@
+from app.models.cloud import CloudProvider
 from app.terraform.bridge import BridgeAutomation


 class BridgeAWSAutomation(BridgeAutomation):
    short_name = "bridge_aws"
-    description = "Deploy Tor bridges on AWS Lightsail"
-    provider = "aws"
+    description = "Deploy Tor bridges on AWS EC2"
+    provider = CloudProvider.AWS

    template_parameters = [
-        "aws_access_key",
-        "aws_secret_key",
-        "ssh_public_key_path"
+        "ssh_public_key_path",
+        "ssh_private_key_path",
    ]

    template = """
@ -22,37 +22,42 @@ class BridgeAWSAutomation(BridgeAutomation):
      }
    }

-    provider "aws" {
-      access_key = "{{ aws_access_key }}"
-      secret_key = "{{ aws_secret_key }}"
-      region = "us-east-1"
-    }
-
    locals {
-      ssh_key = file("{{ ssh_public_key_path }}")
+      ssh_public_key  = "{{ ssh_public_key_path }}"
+      ssh_private_key = "{{ ssh_public_key_path }}"
    }

-    {% for group in groups %}
-    module "label_{{ group.id }}" {
-      source  = "cloudposse/label/null"
-      version = "0.25.0"
-      namespace = "{{ global_namespace }}"
-      tenant = "{{ group.group_name }}"
-      label_order = ["namespace", "tenant", "name", "attributes"]
+    {% for resource in destroyed_resources %}
+    {% set bridge, bridgeconf, account = resource %}
+    provider "aws" {
+      access_key = "{{ account.credentials['aws_access_key'] }}"
+      secret_key = "{{ account.credentials['aws_secret_key'] }}"
+      region     = "{{ account.credentials['aws_region'] }}"
+      alias      = "account_{{ bridge.id }}"
    }
    {% endfor %}

-    {% for bridgeconf in bridgeconfs %}
-    {% for bridge in bridgeconf.bridges %}
-    {% if not bridge.destroyed %}
+    {% for resource in resources %}
+    {% set bridge, bridgeconf, account = resource %}
+    provider "aws" {
+      access_key = "{{ account.credentials['aws_access_key'] }}"
+      secret_key = "{{ account.credentials['aws_secret_key'] }}"
+      region     = "{{ account.credentials['aws_region'] }}"
+      alias      = "account_{{ bridge.id }}"
+    }
+
    module "bridge_{{ bridge.id }}" {
-      source = "{{ terraform_modules_path }}/terraform-aws-tor-bridge"
-      ssh_key = local.ssh_key
-      contact_info = "hi"
-      context = module.label_{{ bridgeconf.group.id }}.context
-      name = "br"
-      attributes = ["{{ bridge.id }}"]
-      distribution_method = "{{ bridge.conf.method }}"
+      providers = {
+        aws = aws.account_{{ bridge.id }}
+      }
+      source              = "{{ terraform_modules_path }}/terraform-aws-tor-bridge"
+      ssh_public_key      = local.ssh_public_key
+      ssh_private_key     = local.ssh_private_key
+      contact_info        = "hi"
+      namespace           = "{{ global_namespace }}"
+      name                = "bridge"
+      attributes          = ["{{ bridge.id }}"]
+      distribution_method = "{{ bridgeconf.method }}"
    }

    output "bridge_hashed_fingerprint_{{ bridge.id }}" {
@ -63,7 +68,5 @@ class BridgeAWSAutomation(BridgeAutomation):
      value = module.bridge_{{ bridge.id }}.bridgeline
      sensitive = true
    }
-    {% endif %}
-    {% endfor %}
    {% endfor %}
    """