diff --git a/.github/workflows/packer.yaml b/.github/workflows/packer.yaml index c36c6ea..70959c4 100644 --- a/.github/workflows/packer.yaml +++ b/.github/workflows/packer.yaml @@ -1,16 +1,21 @@ -name: Build AMI with Packer +name: Deploy on: push: branches: - main - - feature/packer-pipeline + - feature/* jobs: packer_build: - name: Packer Build + name: AMI build with Packer runs-on: ubuntu-latest - environment: dev + environment: tmp + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + AMI_NAME: default_webserver_image # amazon-linux-sandbox outputs: ami_id: ${{ steps.build.outputs.ami_id }} @@ -18,7 +23,8 @@ jobs: steps: - name: сheckout run: | - git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git + git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git \ + --branch ${{ github.ref_name }} pwd ls -lah cd ${{ github.event.repository.name }} @@ -37,19 +43,13 @@ jobs: #TODO: добавить возможность пропуска, хз вручную как то, апровы или что еще, придумать короче # wokrlfow dipstach с входными параметрами - - name: build - id: build - # if: steps.changes.outcome != 'success' - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1 - AMI_NAME: default_webserver + - name: deregister previous AMI run: | - image_info=$(aws ec2 describe-images --owners self \ + image_info=$(aws ec2 describe-images --owners self \ --filters Name=name,Values=$AMI_NAME \ --query 'Images[0].{ImageId: ImageId, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId}') + # TODO: else логирование if [ "$image_info" != "null" ]; then image_id=$(echo $image_info | jq -r '.ImageId') snapshot_id=$(echo $image_info| jq -r '.SnapshotId') @@ -64,6 +64,9 @@ jobs: fi fi + - name: build + id: build + run: | cd ${{ github.event.repository.name }} cd packer packer init . @@ -72,16 +75,24 @@ jobs: ami_id_val=$(jq -r '(.last_run_uuid as $uid | .builds[] | select(.packer_run_uuid == $uid) | .artifact_id | split(":")[1])' manifest.json) echo "ami_id=${ami_id_val}" >> "$GITHUB_OUTPUT" + # - name: artifact + # uses: actions/upload-artifact@v4 + # with: + # name: manifest.json + # path: + + terraform_deploy: name: Terraform Deploy runs-on: ubuntu-latest - environment: dev + environment: tmp needs: packer_build steps: - name: сheckout run: | - git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git + git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git \ + --branch ${{ github.ref_name }} pwd ls -lah cd ${{ github.event.repository.name }} @@ -97,6 +108,5 @@ jobs: aws sts get-caller-identity --region=us-east-1 terraform init - terraform plan -var="ami_id=ami-0d02f4dc282064d6a" - # terraform apply -var="ami_id=ami-0d02f4dc282064d6a" -auto-approve - + terraform plan -var="ami_id=${{ needs.packer_build.outputs.ami_id }}" + terraform apply -var="ami_id=${{ needs.packer_build.outputs.ami_id }}" -auto-approve diff --git a/.gitignore b/.gitignore index efe4764..d0899b9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,8 @@ .DS_Store -.terraform/ \ No newline at end of file +.terraform/ + +terraform.tfstate + +services/ diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 60f8ff2..0000000 --- a/manifest.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "builds": [ - { - "name": "default_webserver", - "builder_type": "amazon-ebs", - "build_time": 1727359158, - "files": null, - "artifact_id": "ue_east-1:ami-03d0c1a6276eef46d", - "packer_run_uuid": "ad8ecf16-f117-deae-ca50-9f7d8478e766", - "custom_data": null - }, - { - "name": "default_webserver", - "builder_type": "amazon-ebs", - "build_time": 1727368318, - "files": null, - "artifact_id": "ue_east-1:ami-0fa60ef1c2084d33b", - "packer_run_uuid": "f033fcb5-36e5-1229-26fc-b726be250b7e", - "custom_data": null - } - ], - "last_run_uuid": "f033fcb5-36e5-1229-26fc-b726be250b7e" -} \ No newline at end of file diff --git a/packer/apache-server.pkr.hcl b/packer/apache-server.pkr.hcl index 00534d9..806d7f6 100644 --- a/packer/apache-server.pkr.hcl +++ b/packer/apache-server.pkr.hcl @@ -7,7 +7,7 @@ packer { } } -source "amazon-ebs" "default_webserver" { +source "amazon-ebs" "amazon-linux-sandbox" { region = "us-east-1" ami_name = var.ami_name instance_type = "t2.micro" @@ -29,31 +29,24 @@ source "amazon-ebs" "default_webserver" { } build { - name = "default_webserver" + name = "amazon-linux-sandbox" sources = [ - "source.amazon-ebs.default_webserver" + "source.amazon-ebs.amazon-linux-sandbox" ] provisioner "shell" { environment_vars = [ "GREETING=kek", ] - inline = [ - # "sudo dnf group install -y 'Development Tools'", - # "sudo dnf install -y nc", - # "sudo dnf install -y telnet", - # "sudo dnf install -y jq", - # "sudo dnf install -y httpd", - # "sudo systemctl start httpd", - # "sudo systemctl enable httpd", - # "sudo systemctl status httpd", - # "echo '<Region> - <Node #>' | sudo tee /var/www/html/index.html > /dev/null",§ qA - "echo LOLKEK" + + scripts = [ + "./scripts/install.sh", + "./scripts/configure.sh" ] expect_disconnect = true } post-processor "manifest" { - output = "manifest.json" + output = "manifest.json" } } diff --git a/packer/apache-server_variables.pkr.hcl b/packer/apache-server_variables.pkr.hcl index 3f906cb..88f1a30 100644 --- a/packer/apache-server_variables.pkr.hcl +++ b/packer/apache-server_variables.pkr.hcl @@ -1,4 +1,4 @@ variable "ami_name" { type = string - default = "default" + default = "amazon-linux-sandbox-v1" } \ No newline at end of file diff --git a/packer/manifest-2.json b/packer/manifest-2.json deleted file mode 100644 index a56123b..0000000 --- a/packer/manifest-2.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "builds": [ - { - "name": "default_webserver", - "builder_type": "amazon-ebs", - "build_time": 1727274008, - "files": null, - "artifact_id": "us-east-1:ami-0b79f8b5153fb99a9", - "packer_run_uuid": "c9c99496-f3f1-44a2-4972-57bb3ecaab61", - "custom_data": null - } - ], - "last_run_uuid": "c9c99496-f3f1-44a2-4972-57bb3ecaab61" -} \ No newline at end of file diff --git a/packer/manifest.json b/packer/manifest.json index e69de29..5fe0349 100644 --- a/packer/manifest.json +++ b/packer/manifest.json @@ -0,0 +1,14 @@ +{ + "builds": [ + { + "name": "amazon-linux-sandbox", + "builder_type": "amazon-ebs", + "build_time": 1728025626, + "files": null, + "artifact_id": "us-east-1:ami-03497412185c7e9f5", + "packer_run_uuid": "3ba4f35c-847d-0f25-f22f-53e994445300", + "custom_data": null + } + ], + "last_run_uuid": "3ba4f35c-847d-0f25-f22f-53e994445300" +} \ No newline at end of file diff --git a/packer/sample_for_jq.json b/packer/sample_for_jq.json deleted file mode 100644 index 364ab1a..0000000 --- a/packer/sample_for_jq.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "something": { - "Identifying Key": [ - { - "foo": "a.b.c", - "bar": "First Three" - }, - { - "foo": "a.b.d", - "bar": "Second Three" - } - ], - "Another Key": [ - { - "foo": "z.b.c", - "bar": "First Three, Take Two" - }, - { - "foo": "z.b.d", - "bar": "Second Three, Take Two" - } - ] - } -} diff --git a/packer/scripts/configure.sh b/packer/scripts/configure.sh new file mode 100644 index 0000000..af84290 --- /dev/null +++ b/packer/scripts/configure.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +echo '<Region> - <Node #>' | sudo tee /var/www/html/index.html > /dev/null \ No newline at end of file diff --git a/packer/scripts/install.sh b/packer/scripts/install.sh new file mode 100644 index 0000000..3227aae --- /dev/null +++ b/packer/scripts/install.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +sudo dnf update +sudo dnf group install -y 'Development Tools' +sudo dnf install -y nc +sudo dnf install -y telnet +sudo dnf install -y jq + # TODO: yaml query yq + # TODO: tree +sudo dnf install -y httpd +sudo systemctl start httpd +sudo systemctl enable httpd +sudo systemctl status httpd \ No newline at end of file diff --git a/terraform/main.tf b/terraform/main.tf index 26a7bc7..e387e5b 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -34,6 +34,7 @@ data "aws_vpc" "default_west" { } + module "sg_access_to_web_servers_east" { source = "./sg_access_to_web_servers" @@ -70,7 +71,6 @@ resource "aws_security_group" "access_to_jumpbox" { } - resource "aws_security_group" "ssh_access_to_web_servers" { provider = aws.us_east vpc_id = data.aws_vpc.default_east.id @@ -90,7 +90,7 @@ resource "aws_instance" "jump_box" { provider = aws.us_east ami = var.ami_id instance_type = "t2.micro" - associate_public_ip_address = true + associate_public_ip_address = false security_groups = [ aws_security_group.access_to_jumpbox.name, @@ -122,6 +122,8 @@ resource "aws_instance" "web_server_1" { http_tokens = "required" } + user_data = file("${path.module}/scripts/init-index-html.sh") + tags = { Name = "web_server_1" Target = "test-ec2-part1" @@ -129,11 +131,29 @@ resource "aws_instance" "web_server_1" { } +data "aws_ami" "ami_source" { + provider = aws.us_east + + filter { + name = "image-id" + values = [var.ami_id] + } +} + +resource "aws_ami_copy" "ami_west" { + name = data.aws_ami.ami_source.name + source_ami_id = data.aws_ami.ami_source.id + source_ami_region = "us-east-1" + description = "AMI copied from us-east-1 to us-west-1" + + provider = aws.us_west +} + resource "aws_instance" "web_server_2" { provider = aws.us_west - ami = var.ami_id + ami = aws_ami_copy.ami_west.id instance_type = "t2.micro" associate_public_ip_address = true key_name = module.key_pairs.name_us_west @@ -144,6 +164,8 @@ resource "aws_instance" "web_server_2" { http_tokens = "required" } + user_data = file("${path.module}/scripts/init-index-html.sh") + tags = { Name = "web_server_2" } diff --git a/terraform/scripts/init-index-html.sh b/terraform/scripts/init-index-html.sh new file mode 100644 index 0000000..6e66221 --- /dev/null +++ b/terraform/scripts/init-index-html.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +token=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 300"` + +region=`curl -s -H "X-aws-ec2-metadata-token: $token" http://169.254.169.254/latest/meta-data/placement/region` +node=`curl -s -H "X-aws-ec2-metadata-token: $token" http://169.254.169.254/latest/meta-data/placement/availability-zone` + +echo "$region - $node" | sudo tee /var/www/html/index.html diff --git a/terraform/terraform.tfstate b/terraform/terraform.tfstate deleted file mode 100644 index 442b234..0000000 --- a/terraform/terraform.tfstate +++ /dev/null @@ -1,9 +0,0 @@ -{ - "version": 4, - "terraform_version": "1.9.6", - "serial": 1, - "lineage": "937b3183-0f44-9402-d8a7-6f8526b9d330", - "outputs": {}, - "resources": [], - "check_results": null -} diff --git a/terraform/variables.tf b/terraform/variables.tf index 327b6a7..f696bc7 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,4 +1,4 @@ variable "ami_id" { - description = "AMI id" + description = "AMI ID" type = string } \ No newline at end of file diff --git a/test.sh b/test.sh deleted file mode 100755 index a1458a3..0000000 --- a/test.sh +++ /dev/null @@ -1,18 +0,0 @@ -image_info=$(aws ec2 describe-images --filters Name=name,Values=default_webserver --owners self \ ---query 'Images[0].{ImageId: ImageId, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId}') - -echo $image_info - -if [ "$image_info" != "null" ]; then - image_id=$(echo $image_info | jq -r '.ImageId') - snapshot_id=$(echo $image_info| jq -r '.SnapshotId') - - # aws ec2 deregister-image --image-id $image_id - if [ $? -eq 0 ]; then - echo "image $image_id deregistered" - fi - # aws ec2 delete-snapshot --snapshot-id $snapshot_id - if [ $? -eq 0 ]; then - echo "snapshot $snapshot_id deleted" - fi -fi \ No newline at end of file