Initial commit

Author: Steven Nemetz

.circleci/config.yml

@@ -0,0 +1,69 @@
+version: 2
+
+jobs:
+  build:
+    docker:
+      - image: hashicorp/terraform:0.11.3
+        entrypoint: /bin/sh
+    steps:
+      - checkout
+      - run:
+          name: "Validate tf files (terraform validate)"
+          command: |
+              find . -type f -name "*.tf" -exec dirname {} \;|sort -u | while read m; do (terraform validate -check-variables=false "$m" && echo "√ $m") || exit 1 ; done
+      - run:
+          name: "Check: Terraform formatting (terraform fmt)"
+          command: |
+              if [ `terraform fmt --list=true -diff=true -write=false | tee format-issues | wc -c` -ne 0 ]; then
+                echo "Some terraform files need be formatted, run 'terraform fmt' to fix"
+                echo "Formatting issues:"
+                cat format-issues
+                exit 1
+              fi
+      - run:
+          name: "Install: tflint"
+          command: |
+              apk add jq wget
+              # Get latest version of tflint
+              pkg_arch=linux_amd64
+              dl_url=$(curl -s https://api.github.com/repos/wata727/tflint/releases/latest | jq -r ".assets[] | select(.name | test(\"${pkg_arch}\")) | .browser_download_url")
+              wget ${dl_url}
+              unzip tflint_linux_amd64.zip
+              mkdir -p /usr/local/tflint/bin
+              # Setup PATH for later run steps - ONLY for Bash and not in Bash
+              #echo 'export PATH=/usr/local/tflint/bin:$PATH' >> $BASH_ENV
+              echo "Installing tflint..."
+              install tflint /usr/local/tflint/bin
+              echo "Configuring tflint..."
+              tf_ver=$(terraform version | awk 'FNR <= 1' | cut -dv -f2)
+              echo -e "\tConfig for terraform version: ${tf_ver}"
+              if [ -f '.tflint.hcl' ]; then
+                sed -i "/terraform_version =/s/\".*\"/\"${tf_ver}\"/" .tflint.hcl
+              else
+                {
+                echo -e "config {\nterraform_version = \"${tf_ver}\"\ndeep_check = true\nignore_module = {"
+                for module in $(grep -h '[^a-zA-Z]source[ =]' *.tf | sed -r 's/.*=\s+//' | sort -u); do
+                  # if not ^"../
+                  echo "${module} = true"
+                done
+                echo "}}"
+                } > .tflint.hcl
+                fi
+              echo "tflint configuration:"
+              cat .tflint.hcl
+      - run:
+          # Not supporting modules from registry ?? v0.5.4
+          # For now, must ignore in config file
+          name: "Check: tflint"
+          command: |
+              #echo "Initializing terraform..."
+              #terraform init -input=false
+              echo "Running tflint..."
+              /usr/local/tflint/bin/tflint --version
+              /usr/local/tflint/bin/tflint
+
+workflows:
+  version: 2
+  build:
+    jobs:
+      - build

.gitignore

@@ -0,0 +1,5 @@
+*.pyc
+*.tfstate
+*.tfstate.backup
+*.zip
+.terraform

README.md

@@ -0,0 +1,26 @@
+# terraform-datadog-integrations
+
+The Datadog API only supports fully defining and deleting an integration. This creates an issue when the desire is to manage by service NOT a global config. To solve this, Terraform for each service will write the service's settings to S3, this will a trigger a lambda to combine the information from all the services and update the Datadog integration
+
+
+
+Lambda (per integration or 1 for all integrations)
+Submodules for services to call to generate data and write to S3
+
+Will need to maintain last config uploaded to be able to tell what is managed and what can be deleted. Don't remove manually created items
+
+Manually add current config pieces to S3 paths
+Read S3 path and file pattern, build data structure
+Read old data structure and compare with new. Log what is being removed and/or added
+
+Lambdas:
+
+PagerDuty:
+Read S3 path and file pattern, build data structure
+Build data structure, update Datadog
+
+Slack:
+Read S3 path and file pattern, build data structure
+Build data structure, update Datadog
+Add/remove Slack channels
+On add: set purpose, add bots (pagerduty)

examples/lambda/providers.tf

@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "us-west-2"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}

examples/pagerduty-svc1/main.tf

@@ -0,0 +1,7 @@
+
+module "service" {
+  source       = "../../modules/pagerduty"
+  service_key  = "1234567890"
+  service_name = "testing_tf"
+  s3_bucket    = "wiser-one-ci"
+}

examples/pagerduty-svc1/providers.tf

@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "us-west-2"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}

examples/pagerduty-svc2/main.tf

@@ -0,0 +1,7 @@
+
+module "service" {
+  source       = "../../modules/pagerduty"
+  service_key  = "123456789012"
+  service_name = "test-srv-2"
+  s3_bucket    = "wiser-one-ci"
+}

examples/pagerduty-svc2/providers.tf

@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "us-west-2"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}

examples/slack-ch1/main.tf

@@ -0,0 +1,6 @@
+
+module "channel" {
+  source       = "../../modules/slack"
+  channel_name = "test-srv-1a"
+  s3_bucket    = "wiser-one-ci"
+}

examples/slack-ch1/providers.tf

@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "us-west-2"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}