Init script improvement.

6e972896 · Ing. Klára Moravcová · 1a2293cf · 6e972896
Verified Commit 6e972896 authored 1 year ago by Ing. Klára Moravcová
--- a/terraform/init.sh
+++ b/terraform/init.sh
 #!/bin/bash
 PROJECT_NAME=$(openstack application credential show ${OS_APPLICATION_CREDENTIAL_ID} -f value -c name)
+PROJECT_ID=$(openstack application credential show ${OS_APPLICATION_CREDENTIAL_ID} -f value -c project_id)
 INFRA_NAME=$(grep -oP 'infra_name\s*=\s*"\K[^"]+' main.tf | awk '{print $1}')
-# Check if the container already exists
+CONTAINER_NAME="$PROJECT_NAME-$INFRA_NAME-tf-backend"
-if openstack container show "$PROJECT_NAME-$INFRA_NAME-tf-backend" >/dev/null 2>&1; then
+if openstack container show "$CONTAINER_NAME" >/dev/null 2>&1; then
    echo "Container already exists, skipping creation."
 else
    # Container doesn't exist, create it
-    openstack container create "$PROJECT_NAME-$INFRA_NAME-tf-backend"
+    openstack container create "$CONTAINER_NAME"
    echo "Container created."
 fi
 # Check if EC2 credentials already exist
-existing_credentials=$(openstack ec2 credentials list -f value | grep -c '^')
+existing_credentials=$(openstack ec2 credentials list -f value -c "Project ID" | grep ${PROJECT_ID} | grep -c '^')
 if [ "$existing_credentials" -gt 0 ]; then
-    access=$(openstack ec2 credentials list -f value | head -n 1 |  awk '{print $1}')
+    access=$(openstack ec2 credentials list -f value | grep ${PROJECT_ID} |  awk '{print $1}')
-    secret=$(openstack ec2 credentials list -f value | head -n 1 |  awk '{print $2}')
+    secret=$(openstack ec2 credentials list -f value | grep ${PROJECT_ID} |  awk '{print $2}')
    echo "EC2 credentials already exist, skipping creation."
 else
    # Create new EC2 credentials
@@ -21,26 +22,23 @@ else
    access=$(echo "$CREDENTIALS" | grep -o 'access="[^"]*"' | cut -d'"' -f2)
    secret=$(echo "$CREDENTIALS" | grep -o 'secret="[^"]*"' | cut -d'"' -f2)
    echo "EC2 credentials created."
-fi
+fi    
-if [ -f ".tf-s3-creds" ]; then
+cat > .tf-s3-creds << EOL
-    echo "Credential file already exists, skipping creation."
+[default]
-else
+aws_access_key_id=${access}
-    cat > .tf-s3-creds << EOL
+aws_secret_access_key=${secret}
-    [default]
-    aws_access_key_id=${access}
-    aws_secret_access_key=${secret}
 EOL
-    echo "Credential file created."
+echo "Credential file created."
-fi
 cat > backend.tf << EOL
 terraform { 
  backend "s3" {
-    endpoints =                 { s3 = "https://object-store.cloud.muni.cz/"}
+    endpoints =                 { s3 = "$(openstack version show -c Endpoint -f value | grep object-store | sed 's/\/swift\/v1\///')"}
    shared_credentials_files    = ["./.tf-s3-creds"]
-    bucket                      = "$PROJECT_NAME-$INFRA_NAME-tf-backend"
+    bucket                      = "$CONTAINER_NAME"
    use_path_style              = true
    key                         = "terraform.tfstate"
-    region                      = "brno1"
+    workspace_key_prefix        = "$(openstack container show $CONTAINER_NAME -c account -f value)"
+    region                      = "$(openstack region list -c Region -f value)"
    skip_credentials_validation = true
    skip_region_validation      = true
    skip_requesting_account_id  = true
@@ -48,4 +46,5 @@ cat > backend.tf << EOL
    skip_s3_checksum            = true
  }
 } 
 EOL
\ No newline at end of file
+echo "Backend file created."
\ No newline at end of file