Merge pull request #25 from zeroae/f-local-development

Initial commit of local install/development mode

Author: sodre

.chalice/config.json

@@ -2,6 +2,17 @@
   "version": "2.0",
   "app_name": "terraform-registry",
   "stages": {
+    "local": {
+      "api_gateway_stage": "local",
+      "autogen_policy": true,
+      "environment_variables": {
+        "AWS_ACCESS_KEY_ID": "local_id",
+        "AWS_SECRET_ACCESS_KEY": "local_key",
+        "ZTR_DYNAMODB_URL": "http://backend:8000",
+        "ZTR_DYNAMODB_TABLE_PREFIX": "ZTR-LOCAL"
+      },
+      "manage_iam_role": false
+    },
     "dev": {
       "api_gateway_stage": "dev",
       "autogen_policy": false,

.env

@@ -0,0 +1,5 @@
+# One of the LEGO DNS Providers https://go-acme.github.io/lego/dns/
+# Requires DNS Record: *.${ACME_DNS_SUFFIX} IN A 127.0.0.1
+# Changing the DNS_SUFFIX requires modifying tests/integration/tf.local.zeroae.net
+ACME_DNS_PROVIDER=route53
+ACME_DNS_SUFFIX=local.zeroae.net

.gitignore

@@ -7,3 +7,9 @@
 
 # IDEs
 .idea
+
+# Secrets
+/secrets/
+
+# Ignore DynamoDB-local
+/.ddb/

README.md

@@ -1,17 +1,76 @@
-# terraform-registry
-An implementation of the [Terraform Registry API][registry-api] using [Chalice][chalice] and [PynamoDB][pynamodb].
+# zeroae/terraform-registry
+Zero A.E.'s [12-Factor][12-factor] codebase of the [Terraform Registry API][registry-api] implemented using [Chalice][chalice] and [PynamoDB][pynamodb].
 
 ## Similar projects (and likely more complete), in alphabetical order
-  - [apparentlymart/terraform-simple-registry](https://github.com/apparentlymart/terraform-simple-registry)
   - [apparentlymart/terraform-aws-tf-registry](https://github.com/apparentlymart/terraform-aws-tf-registry)
+  - [apparentlymart/terraform-simple-registry](https://github.com/apparentlymart/terraform-simple-registry)
   - [dflook/terraform-registry](https://github.com/dflook/terraform-registry)
   - [outsideris/citizen](https://github.com/outsideris/citizen)
   - [rmb938/tf-registry](https://github.com/rmb938/tf-registry)
 
-## Deployment on AWS
+## Local Deployment
+1. Requirements: 
+    - conda
+    - docker-compose
+    - keybase
 
+1. Clone the repository
+    ```shell script
+    git clone https://github.com/zeroae/terraform-registry.git
+    cd terraform-registry
+    ``` 
+   
+1. Clone the secrets (submodules did not work)
+    ```shell script
+    git clone keybase://team/zeroae/terraform-registry-secrets secrets
+    ```
+   
+1. Create conda environment
+    ```shell script
+    conda env create 
+    conda activate terraform-registry
+    ```` 
+   
+1. Start the app on local mode
+    ```shell script
+    docker-compose up -d
+    ```
+   
+1. Attach to the Management container 
+    ```shell script
+    docker attach terraform-registry_management_1
+    conda activate terraform-registry
+    ./manage.py --help
+    ```
+   
+    1. Initialize the Database
+       ```shell script
+       ./manage.py db init
+       ```
+    1. (Optional) Restore the initial "local.ddb"
+        ```shell script
+        ./manage.py db restore tests/integration/local.ddb
+        ```
+    1. (Optional) Verify Terraform CLI can reach the local server
+        ```shell script
+        cd tests/integration/tf.local.zeroae.net
+        rm -rf .terraform
+        terraform init
+        ```
+    1. Detach from the container
+        ```shell script
+        Ctrl-P + Ctrl-Q
+        ```
+       
+1. (Optional) Verify Terraform CLI can reach the local registry (outside management)
+    ```shell script
+    cd tests/integration/tf.local.zeroae.net
+    rm -rf .terraform
+    terraform init
+    ```
 
 ---
+[12-factor]: https://www.12factor.net
 [chalice]: https://github.com/aws/chalice
 [pynamodb]: https://github.com/pynamodb/PynamoDB
 [registry-api]: https://www.terraform.io/docs/registry/api.html

app.Dockerfile

@@ -0,0 +1,16 @@
+FROM python:3.7-alpine
+
+RUN apk add curl
+
+ARG CHALICE_VERSION
+VOLUME /opt/chalice
+WORKDIR /opt/chalice
+EXPOSE 8000
+RUN pip install chalice==$CHALICE_VERSION
+
+ENTRYPOINT [ "chalice", "--project-dir=/opt/chalice" ]
+CMD ["local", "--host=0.0.0.0", "--stage=local"]
+
+# Candidate for ON-BUILD
+COPY requirements.txt .
+RUN pip install -r requirements.txt

docker-compose.yml

@@ -0,0 +1,68 @@
+version: '3.4'
+
+networks:
+  default:
+
+services:
+  app:
+    build:
+      context: .
+      dockerfile: app.Dockerfile
+      args:
+        CHALICE_VERSION: 1.12
+    image: zeroae/terraform-registry-app:local
+    healthcheck:
+      test: "curl --fail -s http://localhost:8000/.well-known/terraform.json"
+    labels:
+      - traefik.http.routers.app.rule=Host(`tf.$ACME_DNS_SUFFIX`)
+      - traefik.http.routers.app.tls.certresolver=default
+    expose:
+      - 8000
+    volumes:
+      - ./:/opt/chalice:ro
+
+  backend:
+    image: amazon/dynamodb-local:1.12.0
+    command: -jar DynamoDBLocal.jar -dbPath ./data
+    healthcheck:
+      test: "curl -s -I http://localhost:8000 | grep -q 'HTTP/1.1 400 Bad Request'"
+    expose:
+      - 8000
+    volumes:
+      - ./.ddb:/home/dynamodblocal/data
+
+  manage:
+    build:
+      context: .
+      dockerfile: manage.Dockerfile
+    image: zeroae/terraform-registry-manage:local
+    links:
+      - reverse-proxy:tf.$ACME_DNS_SUFFIX
+    stdin_open: true
+    tty: true
+    volumes:
+      - ./:/opt/chalice
+
+
+  reverse-proxy:
+    # The official v2 Traefik docker image
+    image: traefik:v2.1
+    # Enables the web UI and tells Traefik to listen to docker
+    command:
+      - --api.insecure=true
+      - --providers.docker
+      - --entryPoints.web.address=:80
+      - --entryPoints.websecure.address=:443
+      - --certificatesResolvers.default.acme.storage=/etc/traefik/acme/acme.json
+      - --certificatesResolvers.default.acme.dnsChallenge.provider=$ACME_DNS_PROVIDER
+    ports:
+      # The HTTP(s) port
+      - "80:80"
+      - "443:443"
+      # The Web UI (enabled by --api.insecure=true)
+      - "8080:8080"
+    volumes:
+      # So that Traefik can listen to Docker events
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./secrets/$ACME_DNS_SUFFIX/acme:/etc/traefik/acme
+      - ./secrets/aws:/root/.aws/:ro

environment.yml

@@ -13,7 +13,6 @@ dependencies:
   - python 3.7
   - pre-commit
   - requests
-  # - ngrok, open an account at ngrok.com
 
   # Runtime Dependencies (must match requirements.txt)
   - environs
@@ -25,3 +24,4 @@ dependencies:
   - coverage
   - pytest
   - pytest-chalice
+  - terraform

manage.Dockerfile

@@ -0,0 +1,10 @@
+FROM continuumio/miniconda3:4.8.2-alpine AS management
+
+VOLUME /opt/chalice
+WORKDIR /opt/chalice
+
+COPY environment.yml .
+RUN /opt/conda/bin/conda env create -n chalice && \
+    /opt/conda/bin/conda clean --all --yes && \
+    /opt/conda/bin/conda remove -n chalice liquidprompt && \
+    sed -i 's/activate base/activate chalice/' /home/anaconda/.profile

tests/integration/local.ddb

@@ -0,0 +1 @@
+[["plus3it/file-cache/external", {"range_key": "1.2.0", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.2.1", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.2.2", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.2.3", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.2.4", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.3.0", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["plus3it/file-cache/external", {"range_key": "1.3.1", "attributes": {"description": {"S": "Terraform module to retrieve and cache files"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/plus3it/terraform-external-file-cache/tarball/1.3.1//*?archive=tar.gz"}, "owner": {"S": "lorengordon"}, "published_at": {"S": "2019-09-05T14:10:59.548658+0000"}, "source": {"S": "https://github.com/plus3it/terraform-external-file-cache"}, "verified": {"BOOL": false}}}], ["terraform-aws-modules/vpc/aws", {"range_key": "2.29.0", "attributes": {"description": {"S": "Terraform module which creates VPC resources on AWS"}, "downloads": {"N": "0"}, "getter_url": {"S": "https://api.github.com/repos/terraform-aws-modules/terraform-aws-vpc/tarball/v2.29.0//*?archive=tar.gz"}, "owner": {"S": "antonbabenko"}, "published_at": {"S": "2020-03-13T09:35:24.502364+0000"}, "source": {"S": "https://github.com/terraform-aws-modules/terraform-aws-vpc"}, "verified": {"BOOL": true}}}]]

tests/integration/tf.local.zeroae.net/main.tf

@@ -0,0 +1,19 @@
+module "file-cache" {
+  source = "tf.local.zeroae.net/plus3it/file-cache/external"
+  version = "1.2.0"
+}
+
+module "file-cache-latest" {
+  source = "tf.local.zeroae.net/plus3it/file-cache/external"
+  # version = "1.3.1"
+}
+
+module "file-cache-ranged" {
+  source = "tf.local.zeroae.net/plus3it/file-cache/external"
+  version = ">=1.3.0"
+}
+
+module "file-cache-older" {
+  source = "tf.local.zeroae.net/plus3it/file-cache/external"
+  version = "~>1.2.0"
+}