stop using data image, use private_bucket as CI var

2025-02-20 12:54:28 +01:00 · 2019-09-06 11:43:25 -07:00 · 2019-09-06 11:43:25 -07:00 · 11058196de
commit 11058196de
parent 8c09d3eae8
9 changed files with 20 additions and 22 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -81,6 +81,7 @@ plan_satapi:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "lb_svc_acct=$LB_SA_STAGING"
         -var "pguser=$PGUSER"
@ -160,6 +161,7 @@ plan_staging:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "pguser=$PGUSER"
         -var "pgpass=$PGPASS"
@ -189,6 +191,7 @@ deploy_staging:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "pguser=$PGUSER"
         -var "pgpass=$PGPASS"
@ -217,6 +220,7 @@ plan_production:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "pguser=$PGUSER"
         -var "pgpass=$PGPASS"
@ -246,6 +250,7 @@ deploy_production:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "pguser=$PGUSER"
         -var "pgpass=$PGPASS"
@ -273,6 +278,7 @@ plan_staging_testnet:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "lb_svc_acct=$LB_SA_STAGING"
         -var "pguser=$PGUSER"
@ -302,6 +308,7 @@ deploy_staging_testnet:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "lb_svc_acct=$LB_SA_STAGING"
         -var "pguser=$PGUSER"
@ -330,6 +337,7 @@ plan_production_testnet:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "pguser=$PGUSER"
         -var "pgpass=$PGPASS"
@ -358,6 +366,7 @@ deploy_production_testnet:
         -var "prom_service_acct=$PROM_SA"
         -var "opsgenie_key=$OPSGENIE_KEY"
         -var "public_bucket_url=$PUBLIC_BUCKET_URL"
+         -var "private_bucket=$PRIVATE_BUCKET"
         -var "letsencrypt_email=$LE_EMAIL"
         -var "lb_svc_acct=$LB_SA"
         -var "pguser=$PGUSER"
--- a/terraform/main.tf
+++ b/terraform/main.tf
@ -32,7 +32,6 @@ module "blc-mainnet" {
  net                   = "mainnet"
  env                   = local.env
  lb_svc_acct           = module.lb.lb_svc_acct
-  cert_bucket           = module.lb.lb_cert_bucket
  ssh_key_net           = ""

  create_resources = local.create_mainnet
@ -49,6 +48,7 @@ module "blc-mainnet" {
  pgpass            = var.pgpass
  charge_token      = var.charge_token
  k8s_autossh_lb    = var.k8s_autossh_lb
+  private_bucket    = var.private_bucket
 }

 module "blc-testnet" {
@ -67,7 +67,6 @@ module "blc-testnet" {
  certbot_docker        = var.certbot_docker
  net                   = "testnet"
  env                   = local.env
-  cert_bucket           = data.terraform_remote_state.blc-mainnet.outputs.lb_cert_bucket
  ssh_key_net           = "_testnet"

  create_resources = local.create_testnet
@ -85,6 +84,7 @@ module "blc-testnet" {
  pgpass            = var.pgpass
  charge_token      = var.charge_token
  k8s_autossh_lb    = var.k8s_autossh_lb
+  private_bucket    = var.private_bucket
 }

 module "lb" {
--- a/terraform/modules/blc/cloud-init/blc.yaml
+++ b/terraform/modules/blc/cloud-init/blc.yaml
@ -140,7 +140,7 @@ write_files:
            --tmpfs /tmp \
            --rm \
            -v /home/bs:/mnt/bs:rw \
-            "${certbot_docker}" /google-cloud-sdk/bin/gsutil -m cp -r ${cert_bucket}/k8s_keys${ssh_key_net}/* /mnt/bs/
+            "${certbot_docker}" /google-cloud-sdk/bin/gsutil -m cp -r ${private_bucket}/k8s_keys${ssh_key_net}/* /mnt/bs/
        ExecStartPost=-/bin/chmod 0600 /home/bs/k8s_autossh.key
        ExecStopPost=-/bin/chmod 0600 /home/bs/k8s_autossh.key

--- a/terraform/modules/blc/data.tf
+++ b/terraform/modules/blc/data.tf
@ -3,12 +3,6 @@ data "google_compute_network" "blc" {
  project = var.project
 }

-data "google_compute_image" "blc" {
-  family  = "satapi-data-${var.net}-${var.env}"
-  project = var.project
-  count   = var.create_resources
-}
-
 data "template_file" "blc" {
  template = file("${path.module}/cloud-init/blc.yaml")
  count    = var.create_resources
@ -36,7 +30,7 @@ data "template_file" "blc" {
    rpcpass               = var.rpcpass
    k8s_autossh_ssh_port  = "${var.net == "testnet" ? "2222" : "2223"}"
    k8s_autossh_btc_port  = "${var.net == "testnet" ? "18332" : "8332"}"
-    cert_bucket           = var.cert_bucket
+    private_bucket        = var.private_bucket
    ssh_key_net           = var.ssh_key_net
  }
 }
--- a/terraform/modules/blc/main.tf
+++ b/terraform/modules/blc/main.tf
@ -1,13 +1,11 @@
 resource "google_compute_disk" "blc" {
  name  = "${var.name}-data-${var.net}-${var.env}"
  type  = "pd-standard"
-  image = data.google_compute_image.blc[0].self_link
  zone  = var.zone
  count = var.create_resources

  lifecycle {
    prevent_destroy = true
-    ignore_changes  = [image]
  }
 }

--- a/terraform/modules/blc/variables.tf
+++ b/terraform/modules/blc/variables.tf
@ -76,7 +76,7 @@ variable "rpcpass" {
  type = string
 }

-variable "cert_bucket" {
+variable "private_bucket" {
  type = string
 }

--- a/terraform/modules/lb/outputs.tf
+++ b/terraform/modules/lb/outputs.tf
@ -5,7 +5,3 @@ output "lb_svc_acct" {
 output "backend_service" {
  value = google_compute_backend_service.satapi-lb[0].self_link
 }
-
-output "lb_cert_bucket" {
-  value = google_storage_bucket.satapi-lb-private[0].url
-}
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@ -14,8 +14,4 @@ output "lb_svc_acct" {

 output "lb_backend_service" {
  value = module.lb.backend_service
-}
-
-output "lb_cert_bucket" {
-  value = module.lb.lb_cert_bucket
-}
+}
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -174,6 +174,11 @@ variable "public_bucket_url" {
  default = ""
 }

+variable "private_bucket" {
+  type    = string
+  default = ""
+}
+
 variable "letsencrypt_email" {
  type    = string
  default = ""