Adding terrarist to ahoskingIT

2017-06-29 01:21:27 -04:00 · 2017-06-29 01:21:27 -04:00 · 0169c5a011
commit 0169c5a011
parent 7d51f413cb
2 changed files with 49 additions and 0 deletions
--- a/ahoskingit/terraform/terraform.vault
+++ b/ahoskingit/terraform/terraform.vault
@ -0,0 +1,10 @@
+$ANSIBLE_VAULT;1.1;AES256
+62386630666534333733353038396465343361613734333565373865316533326138366535633162
+6265653138393566343833323933643431626134356237660a333730383834343539393861653061
+66313437383035373864363132336331353233356436646237353261656231376637643339396131
+6633613834333435330a303630363162326265363038336636663236373865613530613163393164
+62346338316330626565656433383262646436613935656434393062323164393938343437663535
+30626135663563343461626463646266333035386532613263613832633366343431623566613765
+35313365653763663336346362346365393237386433616539303662326532363436633036323966
+30393032393333396162303965343961316561643537383437306337323839333461343834353936
+6463
--- a/ahoskingit/terraform/terrarist.py
+++ b/ahoskingit/terraform/terrarist.py
@ -0,0 +1,39 @@
+import argparse
+import os
+import string
+import sys 
+from ansible_vault import Vault
+
+if __name__ == "__main__":
+
+    parser = argparse.ArgumentParser(description='Securely wrap terraform like a terrarist!')
+    parser.add_argument('action', choices=['plan', 'apply', 'import'], help='Terraform action to execute')
+    parser.add_argument('--vault', '--ansible-vault', dest='vault_file', required=True, help='Ansible Vault File')
+    parser.add_argument('--vault-password-file', dest='vault_password', required=True, help='Ansible Vault Password File')
+    parser.add_argument('--environment', dest='environment', required=True, help='Production, Staging, etc...')
+
+    args, options = parser.parse_known_args()
+
+    if not os.path.isfile(args.vault_file):
+        sys.stderr.write("Ansible vault file does not exist.\n")
+        sys.exit(3)
+
+    if not os.path.isfile(args.vault_password):
+        sys.stderr.write("Ansible vault password does not exist.\n")
+        sys.exit(3)
+
+    password = open(args.vault_password).read().strip()
+
+    vault = Vault(password)
+    data = vault.load(open(args.vault_file).read())
+
+    cmd = ["terraform", args.action, "--var", "environment=%s" %args.environment ]
+
+    for key, value in data.items():
+        cmd.append("--var")
+        cmd.append("'%s=%s'" %(key, value))
+
+    cmd += string.join(options)
+    
+    x = os.system(string.join(cmd))
+    sys.exit(x)