From 46eb2ce07ad0185736f853ad87c64b35f21b08f8 Mon Sep 17 00:00:00 2001
From: Shridhar Patil <saspatil@amazon.co.uk>
Date: Wed, 1 Feb 2023 17:44:22 +0000
Subject: [PATCH 1/5] added codebuild provisioning

---
 .../v1/infrastructure/install-terraform.sh    | 11 +++++
 .../vpc-env/v1/infrastructure/manifest.yaml   | 44 +++++++++++++++++--
 .../vpc-env/v1/infrastructure/variables.tf    | 15 +++++++
 .../vpc-env/v1/schema/schema.yaml             | 15 +++++++
 4 files changed, 82 insertions(+), 3 deletions(-)
 create mode 100644 environment-templates/vpc-env/v1/infrastructure/install-terraform.sh
 create mode 100644 environment-templates/vpc-env/v1/infrastructure/variables.tf

diff --git a/environment-templates/vpc-env/v1/infrastructure/install-terraform.sh b/environment-templates/vpc-env/v1/infrastructure/install-terraform.sh
new file mode 100644
index 00000000..9dca37a6
--- /dev/null
+++ b/environment-templates/vpc-env/v1/infrastructure/install-terraform.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -e
+
+curl -Os https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip && \
+curl -Os https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS && \
+curl https://keybase.io/hashicorp/pgp_keys.asc | gpg --import && \
+curl -Os https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS.sig && \
+gpg --verify terraform_${TF_VERSION}_SHA256SUMS.sig terraform_${TF_VERSION}_SHA256SUMS && \
+shasum -a 256 -c terraform_${TF_VERSION}_SHA256SUMS 2>&1 | grep "${TF_VERSION}_linux_amd64.zip:\sOK" && \
+unzip -o terraform_${TF_VERSION}_linux_amd64.zip -d /usr/local/bin && \
+terraform --version
\ No newline at end of file
diff --git a/environment-templates/vpc-env/v1/infrastructure/manifest.yaml b/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
index 8d903452..cf8bb285 100644
--- a/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
+++ b/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
@@ -1,5 +1,43 @@
 infrastructure:
   templates:
-    - file: "*"
-      rendering_engine: hcl
-      template_language: terraform
\ No newline at end of file
+    - rendering_engine: codebuild
+      settings:
+        image: aws/codebuild/standard:6.0
+        runtimes:
+          golang: 1.18
+        env:
+          variables:
+            TF_VERSION: 1.3.4
+
+        provision:
+          # install terraform cli
+          - echo "Installing Terraform CLI ${TF_VERSION}"
+          - chmod +x ./install-terraform.sh && ./install-terraform.sh ${TF_VERSION}
+
+          # get user-named proton input
+          - export PROTON_ENV=$(cat proton-inputs.json | jq '.environment.name' -r)
+          - export AWS_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
+          - export TF_STATE_BUCKET=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket' -r)
+          - export TF_STATE_BUCKET_REGION=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket_region' -r)
+
+          # provision, storing state in an s3 bucket using the proton environment.service.instance as the key
+          - terraform init -backend-config="bucket=${TF_STATE_BUCKET}" -backend-config="key=${PROTON_ENV}.tfstate" -backend-config="region=${TF_STATE_BUCKET_REGION}"
+          - terraform apply -var-file=proton-inputs.json -var="aws_region=${AWS_REGION}" -auto-approve
+
+          # pass terraform output to proton
+          - chmod +x ./output.sh && ./output.sh
+
+        deprovision:
+          # install terraform cli
+          - echo "Installing Terraform CLI ${TF_VERSION}"
+          - chmod +x ./install-terraform.sh && ./install-terraform.sh ${TF_VERSION}
+
+          # get user-named proton input
+          - export PROTON_ENV=$(cat proton-inputs.json | jq '.environment.name' -r)
+          - export AWS_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
+          - export TF_STATE_BUCKET=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket' -r)
+          - export TF_STATE_BUCKET_REGION=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket_region' -r)
+
+          # destroy environment
+          - terraform init -backend-config="bucket=${TF_STATE_BUCKET}" -backend-config="key=${PROTON_ENV}.tfstate" -backend-config="aws_region=${TF_STATE_BUCKET_REGION}"
+          - terraform destroy -var-file=proton-inputs.json -var="aws_region=${AWS_REGION}" -auto-approve
\ No newline at end of file
diff --git a/environment-templates/vpc-env/v1/infrastructure/variables.tf b/environment-templates/vpc-env/v1/infrastructure/variables.tf
new file mode 100644
index 00000000..4d1f072b
--- /dev/null
+++ b/environment-templates/vpc-env/v1/infrastructure/variables.tf
@@ -0,0 +1,15 @@
+variable "aws_region" {
+  description = "AWS region where resources will be provisioned"
+  type        = string
+  default     = "us-west-2"
+}
+
+# required by proton
+variable "environment" {
+  description = "The Proton Environment"
+  type = object({
+    name   = string
+    inputs = map(string)
+  })
+  default = null
+}
\ No newline at end of file
diff --git a/environment-templates/vpc-env/v1/schema/schema.yaml b/environment-templates/vpc-env/v1/schema/schema.yaml
index 64bdd6de..76f7ef0c 100644
--- a/environment-templates/vpc-env/v1/schema/schema.yaml
+++ b/environment-templates/vpc-env/v1/schema/schema.yaml
@@ -32,3 +32,18 @@ schema:
           description: "The CIDR range for private subnet two"
           default: 10.0.192.0/18
           pattern: ([0-9]{1,3}\.){3}[0-9]{1,3}($|/(16|18|24))
+        aws_region:
+          title: AWS Region
+          type: string
+          description: AWS Region where resources will reside
+          default: us-east-1
+        tf_state_bucket:
+          title: Terraform state storage S3 bucket
+          type: string
+          description: S3 Bucket to store Terraform state
+          default: s3-bucket-name-here
+        tf_state_bucket_region:
+          title: State bucket AWS Region
+          type: string
+          description: AWS Region where state bucket resides
+          default: us-east-1
\ No newline at end of file

From cb6aaf6993c8b786ca2f9393e8630507b46da8da Mon Sep 17 00:00:00 2001
From: Shridhar Patil <saspatil@amazon.co.uk>
Date: Wed, 1 Feb 2023 17:50:42 +0000
Subject: [PATCH 2/5] added output.sh

---
 environment-templates/vpc-env/v1/infrastructure/output.sh | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 environment-templates/vpc-env/v1/infrastructure/output.sh

diff --git a/environment-templates/vpc-env/v1/infrastructure/output.sh b/environment-templates/vpc-env/v1/infrastructure/output.sh
new file mode 100644
index 00000000..3bc5b2e4
--- /dev/null
+++ b/environment-templates/vpc-env/v1/infrastructure/output.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+terraform output -json | jq 'to_entries | map({key:.key, valueString:.value.value})' > output.json
+aws proton notify-resource-deployment-status-change --resource-arn ${RESOURCE_ARN} --status IN_PROGRESS --outputs file://./output.json

From 3533878626b75ba432a494fc5b7a012ae93bf8c7 Mon Sep 17 00:00:00 2001
From: Shridhar Patil <saspatil@amazon.co.uk>
Date: Wed, 1 Feb 2023 17:57:08 +0000
Subject: [PATCH 3/5] moved vars to variables.tf file

---
 environment-templates/vpc-env/v1/infrastructure/config.tf  | 7 +------
 .../vpc-env/v1/infrastructure/variables.tf                 | 2 +-
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/environment-templates/vpc-env/v1/infrastructure/config.tf b/environment-templates/vpc-env/v1/infrastructure/config.tf
index 9e4b3d86..267f3942 100644
--- a/environment-templates/vpc-env/v1/infrastructure/config.tf
+++ b/environment-templates/vpc-env/v1/infrastructure/config.tf
@@ -17,9 +17,4 @@ provider "aws" {
       proton:environment = var.environment.name
     }
   }
-}
-
-variable "aws_region" {
-  type    = string
-  default = "us-east-1"
-}
+}
\ No newline at end of file
diff --git a/environment-templates/vpc-env/v1/infrastructure/variables.tf b/environment-templates/vpc-env/v1/infrastructure/variables.tf
index 4d1f072b..80eddd07 100644
--- a/environment-templates/vpc-env/v1/infrastructure/variables.tf
+++ b/environment-templates/vpc-env/v1/infrastructure/variables.tf
@@ -1,7 +1,7 @@
 variable "aws_region" {
   description = "AWS region where resources will be provisioned"
   type        = string
-  default     = "us-west-2"
+  default     = "us-east-1"
 }
 
 # required by proton

From 9632518846a25c557aadeb70fec0e25e9d1d7537 Mon Sep 17 00:00:00 2001
From: Shridhar Patil <saspatil@amazon.co.uk>
Date: Wed, 1 Feb 2023 18:01:17 +0000
Subject: [PATCH 4/5] fixed provider issue

---
 environment-templates/vpc-env/v1/infrastructure/config.tf | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/environment-templates/vpc-env/v1/infrastructure/config.tf b/environment-templates/vpc-env/v1/infrastructure/config.tf
index 267f3942..b36343f6 100644
--- a/environment-templates/vpc-env/v1/infrastructure/config.tf
+++ b/environment-templates/vpc-env/v1/infrastructure/config.tf
@@ -12,9 +12,4 @@ terraform {
 # Configure the AWS Provider
 provider "aws" {
   region = var.aws_region
-  default_tags {
-    tags = {
-      proton:environment = var.environment.name
-    }
-  }
-}
\ No newline at end of file
+}

From f8747802a94ac924f351b1d1b18d58af9149fe82 Mon Sep 17 00:00:00 2001
From: Shridhar Patil <saspatil@amazon.co.uk>
Date: Wed, 1 Feb 2023 18:16:52 +0000
Subject: [PATCH 5/5] differentiate proton template env and vpc env

---
 .../vpc-env/v1/infrastructure/manifest.yaml               | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/environment-templates/vpc-env/v1/infrastructure/manifest.yaml b/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
index cf8bb285..2ba937b0 100644
--- a/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
+++ b/environment-templates/vpc-env/v1/infrastructure/manifest.yaml
@@ -16,13 +16,13 @@ infrastructure:
 
           # get user-named proton input
           - export PROTON_ENV=$(cat proton-inputs.json | jq '.environment.name' -r)
-          - export AWS_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
+          - export VPC_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
           - export TF_STATE_BUCKET=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket' -r)
           - export TF_STATE_BUCKET_REGION=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket_region' -r)
 
           # provision, storing state in an s3 bucket using the proton environment.service.instance as the key
           - terraform init -backend-config="bucket=${TF_STATE_BUCKET}" -backend-config="key=${PROTON_ENV}.tfstate" -backend-config="region=${TF_STATE_BUCKET_REGION}"
-          - terraform apply -var-file=proton-inputs.json -var="aws_region=${AWS_REGION}" -auto-approve
+          - terraform apply -var-file=proton-inputs.json -var="aws_region=${VPC_REGION}" -auto-approve
 
           # pass terraform output to proton
           - chmod +x ./output.sh && ./output.sh
@@ -34,10 +34,10 @@ infrastructure:
 
           # get user-named proton input
           - export PROTON_ENV=$(cat proton-inputs.json | jq '.environment.name' -r)
-          - export AWS_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
+          - export VPC_REGION=$(cat proton-inputs.json | jq '.environment.inputs.aws_region' -r)
           - export TF_STATE_BUCKET=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket' -r)
           - export TF_STATE_BUCKET_REGION=$(cat proton-inputs.json | jq '.environment.inputs.tf_state_bucket_region' -r)
 
           # destroy environment
           - terraform init -backend-config="bucket=${TF_STATE_BUCKET}" -backend-config="key=${PROTON_ENV}.tfstate" -backend-config="aws_region=${TF_STATE_BUCKET_REGION}"
-          - terraform destroy -var-file=proton-inputs.json -var="aws_region=${AWS_REGION}" -auto-approve
\ No newline at end of file
+          - terraform destroy -var-file=proton-inputs.json -var="aws_region=${VPC_REGION}" -auto-approve
\ No newline at end of file