-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun-terraform-locally.sh
executable file
·135 lines (123 loc) · 5.67 KB
/
run-terraform-locally.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/bin/bash
#
# *** Script Syntax ***
# scripts/run-terraform-locally.sh <create | delete> --profile=<SSO_PROFILE_NAME> \
# --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> \
# --service_account_user=<SERVICE_ACCOUNT_USER> \
# --day_count=<DAY_COUNT>
#
#
# Check required command (create or delete) was supplied
case $1 in
create)
create_action=true;;
delete)
create_action=false;;
*)
echo
echo "(Error Message 001) You did not specify one of the commands: create | delete."
echo
echo "Usage: Require all four arguments ---> `basename $0` <create | delete> --profile=<SSO_PROFILE_NAME> --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> --day_count=<DAY_COUNT> --service_account_user=<SERVICE_ACCOUNT_USER>"
echo
exit 85 # Common GNU/Linux Exit Code for 'Interrupted system call should be restarted'
;;
esac
# Get the arguments passed by shift to remove the first word
# then iterate over the rest of the arguments
shift
for arg in "$@" # $@ sees arguments as separate words
do
case $arg in
*"--profile="*)
AWS_PROFILE=$arg;;
*"--snowflake_warehouse="*)
arg_length=22
snowflake_warehouse=${arg:$arg_length:$(expr ${#arg} - $arg_length)};;
*"--day_count="*)
arg_length=12
day_count=${arg:$arg_length:$(expr ${#arg} - $arg_length)};;
*"--service_account_user="*)
arg_length=23
service_account_user=${arg:$arg_length:$(expr ${#arg} - $arg_length)};;
esac
done
# Check required --profile argument was supplied
if [ -z $AWS_PROFILE ]
then
echo
echo "(Error Message 002) You did not include the proper use of the --profile=<SSO_PROFILE_NAME> argument in the call."
echo
echo "Usage: Require all four arguments ---> `basename $0 $1` --profile=<SSO_PROFILE_NAME> --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> --day_count=<DAY_COUNT> --service_account_user=<SERVICE_ACCOUNT_USER>"
echo
exit 85 # Common GNU/Linux Exit Code for 'Interrupted system call should be restarted'
fi
# Check required --snowflake_warehouse argument was supplied
if [ -z $snowflake_warehouse ]
then
echo
echo "(Error Message 003) You did not include the proper use of the --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> argument in the call."
echo
echo "Usage: Require all four arguments ---> `basename $0 $1` --profile=<SSO_PROFILE_NAME> --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> --day_count=<DAY_COUNT> --service_account_user=<SERVICE_ACCOUNT_USER>"
echo
exit 85 # Common GNU/Linux Exit Code for 'Interrupted system call should be restarted'
fi
# Check required --day_count argument was supplied
if [ -z $day_count ] && [ create_action = true ]
then
echo
echo "(Error Message 004) You did not include the proper use of the --day_count=<DAY_COUNT> argument in the call."
echo
echo "Usage: Require all four arguments ---> `basename $0 $1` --profile=<SSO_PROFILE_NAME> --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> --day_count=<DAY_COUNT> --service_account_user=<SERVICE_ACCOUNT_USER>"
echo
exit 85 # Common GNU/Linux Exit Code for 'Interrupted system call should be restarted'
fi
# Check required --service_account_user argument was supplied
if [ -z $service_account_user ]
then
echo
echo "(Error Message 005) You did not include the proper use of the --service_account_user=<SERVICE_ACCOUNT_USER> argument in the call."
echo
echo "Usage: Require all four arguments ---> `basename $0 $1` --profile=<SSO_PROFILE_NAME> --snowflake_warehouse=<SNOWFLAKE_WAREHOUSE> --day_count=<DAY_COUNT> --service_account_user=<SERVICE_ACCOUNT_USER>"
echo
exit 85 # Common GNU/Linux Exit Code for 'Interrupted system call should be restarted'
fi
# Set the AWS environment credential variables that are used
# by the AWS CLI commands to authenicate
aws sso login $AWS_PROFILE
eval $(aws2-wrap $AWS_PROFILE --export)
export AWS_REGION=$(aws configure get sso_region $AWS_PROFILE)
export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
# Create terraform.tfvars file
if [ create_action = true ]
then
printf "aws_account_id=\"${AWS_ACCOUNT_ID}\"\
\naws_region=\"${AWS_REGION}\"\
\naws_access_key_id=\"${AWS_ACCESS_KEY_ID}\"\
\naws_secret_access_key=\"${AWS_SECRET_ACCESS_KEY}\"\
\naws_session_token=\"${AWS_SESSION_TOKEN}\"\
\nsnowflake_warehouse=\"${snowflake_warehouse}\"\
\nday_count=${day_count}\
\nservice_account_user=\"${service_account_user}\"" > terraform.tfvars
else
printf "aws_account_id=\"${AWS_ACCOUNT_ID}\"\
\naws_region=\"${AWS_REGION}\"\
\naws_access_key_id=\"${AWS_ACCESS_KEY_ID}\"\
\naws_secret_access_key=\"${AWS_SECRET_ACCESS_KEY}\"\
\naws_session_token=\"${AWS_SESSION_TOKEN}\"\
\nsnowflake_warehouse=\"${snowflake_warehouse}\"\
\nservice_account_user=\"${service_account_user}\"" > terraform.tfvars
fi
terraform init
if [ "$create_action" = true ]
then
# Create/Update the Terraform configuration
terraform plan -var-file=terraform.tfvars
terraform apply -var-file=terraform.tfvars
else
# Destroy the Terraform configuration
terraform destroy -var-file=terraform.tfvars
# Delete the secrets created by the Terraform configuration
aws secretsmanager delete-secret --secret-id '/snowflake_resource' --force-delete-without-recovery || true
aws secretsmanager delete-secret --secret-id '/snowflake_resource/rsa_private_key_pem_1' --force-delete-without-recovery || true
aws secretsmanager delete-secret --secret-id '/snowflake_resource/rsa_private_key_pem_2' --force-delete-without-recovery || true
fi