feat: abstracting cloud providers

2023-02-26 12:52:08 +00:00 · 2023-02-26 12:52:08 +00:00 · 0a72aeed96
commit 0a72aeed96
parent af36a545a1
18 changed files with 629 additions and 181 deletions
--- a/app/terraform/bridge/ovh.py
+++ b/app/terraform/bridge/ovh.py
@ -1,18 +1,13 @@
+from app.models.cloud import CloudProvider
 from app.terraform.bridge import BridgeAutomation


 class BridgeOvhAutomation(BridgeAutomation):
    short_name = "bridge_ovh"
    description = "Deploy Tor bridges on OVH Public Cloud"
-    provider = "ovh"
+    provider = CloudProvider.OVH

    template_parameters = [
-        "ovh_cloud_application_key",
-        "ovh_cloud_application_secret",
-        "ovh_cloud_consumer_key",
-        "ovh_openstack_user",
-        "ovh_openstack_password",
-        "ovh_openstack_tenant_id",
        "ssh_public_key_path",
        "ssh_private_key_path"
    ]
@ -36,46 +31,50 @@ class BridgeOvhAutomation(BridgeAutomation):
      }
    }

+    locals {
+      public_ssh_key = "{{ ssh_public_key_path }}"
+      private_ssh_key = "{{ ssh_private_key_path }}"
+    }
+
+    {% for resource in destroyed_resources %}
+    {% set bridge, bridgeconf, account = resource %}
    provider "openstack" {
      auth_url    = "https://auth.cloud.ovh.net/v3/"
      domain_name = "Default" # Domain name - Always at 'default' for OVHcloud
-      user_name = "{{ ovh_openstack_user }}"
-      password = "{{ ovh_openstack_password }}"
-      tenant_id = "{{ ovh_openstack_tenant_id }}"
+      user_name   = "{{ account.credentials["ovh_openstack_user"] }}"
+      password    = "{{ account.credentials["ovh_openstack_password"] }}"
+      tenant_id   = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
+      alias       = "account_{{ bridge.id }}"
+    }
+    {% endfor %}
+
+    {% for resource in active_resources %}
+    {% set bridge, bridgeconf, account = resource %}
+    provider "openstack" {
+      auth_url    = "https://auth.cloud.ovh.net/v3/"
+      domain_name = "Default" # Domain name - Always at 'default' for OVHcloud
+      user_name   = "{{ account.credentials["ovh_openstack_user"] }}"
+      password    = "{{ account.credentials["ovh_openstack_password"] }}"
+      tenant_id   = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
+      alias       = "account_{{ bridge.id }}"
    }

    provider "ovh" {
      endpoint           = "ovh-eu"
-      application_key    = "{{ ovh_cloud_application_key }}"
-      application_secret = "{{ ovh_cloud_application_secret }}"
-      consumer_key       = "{{ ovh_cloud_consumer_key }}"
+      application_key    = "{{ account.credentials["ovh_cloud_application_key"] }}"
+      application_secret = "{{ account.credentials["ovh_cloud_application_secret"] }}"
+      consumer_key       = "{{ account.credentials["ovh_cloud_consumer_key"] }}"
+      alias              = "account_{{ bridge.id }}"
    }

-    locals {
-      public_ssh_key = file("{{ ssh_public_key_path }}")
-      private_ssh_key = file("{{ ssh_private_key_path }}")
-    }
-
-    data "ovh_cloud_project_regions" "regions" {
-      service_name = "{{ ovh_openstack_tenant_id }}"
+    data "ovh_cloud_project_regions" "regions_{{ bridge.id }}" {
+      provider        = ovh.account_{{ bridge.id }}
+      service_name    = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
      has_services_up = ["instance"]
    }

-    {% for group in groups %}
-    module "label_{{ group.id }}" {
-      source  = "cloudposse/label/null"
-      version = "0.25.0"
-      namespace = "{{ global_namespace }}"
-      tenant = "{{ group.group_name }}"
-      label_order = ["namespace", "tenant", "name", "attributes"]
-    }
-    {% endfor %}
-
-    {% for bridgeconf in bridgeconfs %}
-    {% for bridge in bridgeconf.bridges %}
-    {% if not bridge.destroyed %}
    resource "random_shuffle" "region_{{ bridge.id }}" {
-      input = data.ovh_cloud_project_regions.regions.names
+      input = data.ovh_cloud_project_regions.regions_{{ bridge.id }}.names
      result_count = 1

      lifecycle {
@ -84,15 +83,18 @@ class BridgeOvhAutomation(BridgeAutomation):
    }

    module "bridge_{{ bridge.id }}" {
+      providers = {
+        openstack = openstack.account_{{ bridge.id }}
+      }
      source = "{{ terraform_modules_path }}/terraform-openstack-tor-bridge"
      region = one(random_shuffle.region_{{ bridge.id }}.result)
-      context = module.label_{{ bridgeconf.group.id }}.context
-      name = "br"
+      namespace = "{{ global_namespace }}"
+      name = "bridge"
      attributes = ["{{ bridge.id }}"]
      ssh_key = local.public_ssh_key
      ssh_private_key = local.private_ssh_key
-      contact_info = "hi"
-      distribution_method = "{{ bridge.conf.method }}"
+      contact_info = "hello from onionland"
+      distribution_method = "{{ bridgeconf.method }}"
    }

    output "bridge_hashed_fingerprint_{{ bridge.id }}" {
@ -103,7 +105,5 @@ class BridgeOvhAutomation(BridgeAutomation):
      value = module.bridge_{{ bridge.id }}.bridgeline
      sensitive = true
    }
-    {% endif %}
-    {% endfor %}
    {% endfor %}
    """