Refactor code. (#55)

* Refactor code.

* fix typo

* fix as per comments

CHANGELOG.md

@@ -9,6 +9,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a
 - Improved error handling in scripts/endpoint_dns_name.sh - see [#17](https://github.com/ExpediaInc/apiary-federation/issues/17).
 - Support for Docker private registry.
 
+### Changed
+- Refactor code to multiple `tf` files.
+
 
 ## [1.0.5] - 2019-03-12
 

cloudwatch.tf

@@ -0,0 +1,10 @@
+/**
+ * Copyright (C) 2018-2019 Expedia Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ */
+
+resource "aws_cloudwatch_log_group" "waggledance_ecs" {
+  name = "${local.instance_alias}"
+  tags = "${var.tags}"
+}

common.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2018 Expedia Inc.
+ * Copyright (C) 2018-2019 Expedia Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  */

ecs-service-discovery.tf

@@ -0,0 +1,36 @@
+/**
+ * Copyright (C) 2018-2019 Expedia Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ */
+
+resource "aws_service_discovery_private_dns_namespace" "waggledance" {
+  name = "${local.instance_alias}-${var.aws_region}.${var.domain_extension}"
+  vpc  = "${var.vpc_id}"
+}
+
+resource "aws_service_discovery_service" "metastore_proxy" {
+  name = "metastore-proxy"
+
+  dns_config {
+    namespace_id = "${aws_service_discovery_private_dns_namespace.waggledance.id}"
+
+    dns_records {
+      ttl  = 10
+      type = "A"
+    }
+
+    routing_policy = "MULTIVALUE"
+  }
+
+  health_check_custom_config {
+    failure_threshold = 1
+  }
+}
+
+resource "aws_route53_zone_association" "secondary" {
+  count      = "${length(var.secondary_vpcs)}"
+  zone_id    = "${aws_service_discovery_private_dns_namespace.waggledance.hosted_zone}"
+  vpc_id     = "${element(var.secondary_vpcs,count.index)}"
+  vpc_region = "${var.aws_region}"
+}

ecs.tf

@@ -0,0 +1,39 @@
+/**
+ * Copyright (C) 2018-2019 Expedia Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ */
+
+resource "aws_ecs_cluster" "waggledance" {
+  name = "${local.instance_alias}"
+  tags = "${var.tags}"
+}
+
+resource "aws_ecs_service" "waggledance_service" {
+  name            = "${local.instance_alias}-service"
+  launch_type     = "FARGATE"
+  cluster         = "${aws_ecs_cluster.waggledance.id}"
+  task_definition = "${aws_ecs_task_definition.waggledance.arn}"
+  desired_count   = "${var.wd_ecs_task_count}"
+
+  network_configuration {
+    security_groups = ["${aws_security_group.wd_sg.id}"]
+    subnets         = ["${var.subnets}"]
+  }
+
+  service_registries {
+    registry_arn = "${aws_service_discovery_service.metastore_proxy.arn}"
+  }
+}
+
+resource "aws_ecs_task_definition" "waggledance" {
+  family                   = "${local.instance_alias}"
+  task_role_arn            = "${aws_iam_role.waggledance_task.arn}"
+  execution_role_arn       = "${aws_iam_role.waggledance_task_exec.arn}"
+  network_mode             = "awsvpc"
+  memory                   = "${var.memory}"
+  cpu                      = "${var.cpu}"
+  requires_compatibilities = ["EC2", "FARGATE"]
+  container_definitions    = "${data.template_file.waggledance.rendered}"
+  tags                     = "${var.tags}"
+}

endpoints.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2018 Expedia Inc.
+ * Copyright (C) 2018-2019 Expedia Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  */

iam-ecs.tf

@@ -0,0 +1,88 @@
+/**
+ * Copyright (C) 2018-2019 Expedia Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ */
+
+resource "aws_iam_role" "waggledance_task_exec" {
+  name = "${local.instance_alias}-ecs-task-exec-${var.aws_region}"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "",
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "ecs-tasks.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}
+EOF
+
+  tags = "${var.tags}"
+}
+
+resource "aws_iam_role_policy_attachment" "task_exec_managed" {
+  role       = "${aws_iam_role.waggledance_task_exec.id}"
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
+
+resource "aws_iam_role_policy" "secretsmanager_for_ecs_task_exec" {
+  count = "${var.docker_registry_auth_secret_name == "" ? 0 : 1}"
+  name  = "secretsmanager-exec"
+  role  = "${aws_iam_role.waggledance_task_exec.id}"
+
+  policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": {
+        "Effect": "Allow",
+        "Action": "secretsmanager:GetSecretValue",
+        "Resource": [ "${join("\",\"",concat(data.aws_secretsmanager_secret.docker_registry.*.arn))}" ]
+    }
+}
+EOF
+}
+
+resource "aws_iam_role" "waggledance_task" {
+  name = "${local.instance_alias}-ecs-task-${var.aws_region}"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "",
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "ecs-tasks.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}
+EOF
+
+  tags = "${var.tags}"
+}
+
+resource "aws_iam_role_policy" "secretsmanager_for_waggledance_task" {
+  count = "${ var.bastion_ssh_key_secret_name == "" ? 0 : 1}"
+  name  = "secretsmanager"
+  role  = "${aws_iam_role.waggledance_task.id}"
+
+  policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": {
+        "Effect": "Allow",
+        "Action": "secretsmanager:GetSecretValue",
+        "Resource": "${data.aws_secretsmanager_secret.bastion_ssh_key.arn}"
+    }
+}
+EOF
+}