From 5ad6a08006c9fc476c95a2f9159ad04cff031cf7 Mon Sep 17 00:00:00 2001 From: Jalil Abdollahi Date: Fri, 29 Nov 2024 18:43:56 +0100 Subject: [PATCH 1/2] Added JCasc with All required sections --- app/template_generators/jenkins/jcasc.py | 61 +++++++++++++++++++++++- 1 file changed, 59 insertions(+), 2 deletions(-) diff --git a/app/template_generators/jenkins/jcasc.py b/app/template_generators/jenkins/jcasc.py index d7bd8906..acee96bc 100644 --- a/app/template_generators/jenkins/jcasc.py +++ b/app/template_generators/jenkins/jcasc.py @@ -1,4 +1,61 @@ +def jcasc_template_generator(input) -> str: + + allowsSignup = 'true' if input.allowsSignup else 'false' + allowAnonymousRead = 'true' if input.allowAnonymousRead else 'false' + cache_size = input.cache_size + executators = input.executators + required_plugins = input.required_plugins -def jcasc_template_generator(input): - prompt = """M""" + + prompt = f""" + Generate a Python code, to generate a JCasc file (project name is app/media/MyJcasc) + and install plugins based on the provided list, ensuring a modular, flexible structure to enable users + to configure all essential settings at the first load. Only provide JCasc code, no explanations or + markdown formatting. The file should be created based on these values + - allowSignup = {allowsSignup} + - allowAnonymousRead = {allowAnonymousRead} + - cache_size = {cache_size} + - executators = {executators} + - required_plugins = {required_plugins} + + Also the file should contain ONLY these sections with following order and do not add emptylines: + 1- systemMessage + 2- create a local admin user and password, default username is admin and default password is password + 3- allowSignup + 4- allowAnonymousRead + 5- cache_size + 6- executators + 7- required_plugins + 8- views + 9- authorizationStrategy: + - ``` + projectMatrix: + grantedPermissions: + - "Overall/Administer:admin" + - "Job/Read:developer" + - "Job/Build:developer" + ``` + 10- tools: + - ``` + git: + installations: + - name: "Default" + home: "/usr/bin/git" + ``` + 11- security: + - ``` + globalJobDslSecurityConfiguration: + useScriptSecurity: false + ``` + finally the python code should run without any note that can generate a project folder with the given + schema without ```python entry. the final JCasc template must work very well without any error! + + import os + project_name = "app/media/MyJcasc" + jcasc_dir = os.path.join(project_name, "jcasc") + + # Create project directories + os.makedirs(jcasc_dir, exist_ok=True) + + """ return prompt \ No newline at end of file From 61de758141cdf0aba97959a95e1a34a7681d8766 Mon Sep 17 00:00:00 2001 From: Jalil Abdollahi Date: Wed, 4 Dec 2024 23:13:40 +0100 Subject: [PATCH 2/2] Added JCasc with All required sections v2 --- app/directory_generators/jcasc_generator.py | 61 +++ .../terraform_generator.py | 353 +++++++++++------- app/media/MyJcasc/jcasc/jcasc.yaml | 47 +++ app/media/MyTerraform/main.tf | 25 +- app/media/MyTerraform/modules/argocd/main.tf | 39 -- .../modules/argocd/terraform.tfvars | 19 - .../MyTerraform/modules/argocd/variables.tf | 20 - app/media/MyTerraform/modules/efs/main.tf | 83 ++++ .../MyTerraform/modules/efs/terraform.tfvars | 29 ++ .../MyTerraform/modules/efs/variables.tf | 45 +++ .../modules/{argocd => efs}/versions.tf | 6 +- app/media/MyTerraform/terraform.tfvars | 43 ++- app/media/MyTerraform/variables.tf | 46 ++- app/media/MyTerraform/versions.tf | 6 +- app/template_generators/jenkins/jcasc.py | 103 +++-- 15 files changed, 626 insertions(+), 299 deletions(-) create mode 100644 app/directory_generators/jcasc_generator.py create mode 100644 app/media/MyJcasc/jcasc/jcasc.yaml delete mode 100644 app/media/MyTerraform/modules/argocd/main.tf delete mode 100644 app/media/MyTerraform/modules/argocd/terraform.tfvars delete mode 100644 app/media/MyTerraform/modules/argocd/variables.tf create mode 100644 app/media/MyTerraform/modules/efs/main.tf create mode 100644 app/media/MyTerraform/modules/efs/terraform.tfvars create mode 100644 app/media/MyTerraform/modules/efs/variables.tf rename app/media/MyTerraform/modules/{argocd => efs}/versions.tf (50%) diff --git a/app/directory_generators/jcasc_generator.py b/app/directory_generators/jcasc_generator.py new file mode 100644 index 00000000..8f5cb49e --- /dev/null +++ b/app/directory_generators/jcasc_generator.py @@ -0,0 +1,61 @@ +import os +project_name = "app/media/MyJcasc" +jcasc_dir = os.path.join(project_name, "jcasc") + +# Create project directories +os.makedirs(jcasc_dir, exist_ok=True) + +# Define the JCasc content +jcasc_content = """ +jenkins: + numExecutors: 1 + scmCheckoutRetryCount: 2 + mode: NORMAL + markupFormatter: + rawHtml: + disableSyntaxHighlighting: false + primaryView: + all: + name: "all" + crumbIssuer: + standard: + excludeClientIPFromCrumb: true +credentials: + system: + domainCredentials: + - credentials: + - string: + scope: GLOBAL + id: "gitlab-token" + secret: "SECRET KEY" + description: "GitLab personal access token" +unclassified: + location: + url: "http://localhost:8080/" +security: + globalJobDslSecurityConfiguration: + useScriptSecurity: false +jobs: + - script: > + pipelineJob('DSL Job') { + quietPeriod(0) + properties { + disableConcurrentBuilds() + } + logRotator { + numToKeep(10) + } + triggers { + cron("H/15 * * * *") + } + definition { + cps { + script('createJobs()') + } + } + } +""" + +# Write the JCasc content to a file +with open(os.path.join(jcasc_dir, "jcasc.yaml"), "w") as f: + f.write(jcasc_content.strip()) \ No newline at end of file diff --git a/app/directory_generators/terraform_generator.py b/app/directory_generators/terraform_generator.py index 6a5a4eb5..1ac9f1b3 100644 --- a/app/directory_generators/terraform_generator.py +++ b/app/directory_generators/terraform_generator.py @@ -1,93 +1,111 @@ import os project_name = "app/media/MyTerraform" modules_dir = os.path.join(project_name, "modules") -argocd_dir = os.path.join(modules_dir, "argocd") +efs_dir = os.path.join(modules_dir, "efs") # Create project directories -os.makedirs(argocd_dir, exist_ok=True) +os.makedirs(efs_dir, exist_ok=True) # Create main.tf with open(os.path.join(project_name, "main.tf"), "w") as main_file: main_file.write(''' -provider "argocd" { - server_addr = var.argocd_instance_info["server_addr"] - username = var.argocd_instance_info["username"] - password = var.argocd_instance_info["password"] - insecure = var.argocd_instance_info["insecure"] -} - -module "argocd" { - source = "./modules/argocd" - - repository_create = var.repository_create - argocd_repository_info = var.argocd_repository_info - application_create = var.application_create - argocd_application = var.argocd_application - argocd_sync_options = var.argocd_sync_options +provider "aws" { + region = "us-east-1" +} + +module "efs" { + source = "./modules/efs" + + security_group_name = var.security_group_name + security_group_ingress_rules = var.security_group_ingress_rules + security_group_egress_rule = var.security_group_egress_rule + file_system_create = var.file_system_create + efs = var.efs + mount_target_create = var.mount_target_create + backup_policy_create = var.backup_policy_create } ''') # Create variables.tf -with open(os.path.join(project_name, "variables.tf"), "w") as vars_file: - vars_file.write(''' -variable "argocd_instance_info" { +with open(os.path.join(project_name, "variables.tf"), "w") as variables_file: + variables_file.write(''' +variable "security_group_name" { + type = string +} + +variable "security_group_ingress_rules" { + type = map(object({ + description = string + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + })) +} + +variable "security_group_egress_rule" { type = object({ - server_addr = string - username = string - password = string - insecure = bool + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) }) } -variable "repository_create" { +variable "file_system_create" { type = bool } -variable "argocd_repository_info" { - type = map(string) +variable "efs" { + type = object({ + creation_token = string + encrypted = bool + performance_mode = string + throughput_mode = string + backup_policy = string + }) } -variable "application_create" { +variable "mount_target_create" { type = bool } -variable "argocd_application" { - type = map(string) -} - -variable "argocd_sync_options" { - type = list(string) +variable "backup_policy_create" { + type = bool } ''') # Create terraform.tfvars with open(os.path.join(project_name, "terraform.tfvars"), "w") as tfvars_file: tfvars_file.write(''' -argocd_instance_info = { - server_addr = "ARGOCD_DOMAIN" - username = "admin" - password = "ARGOCD_ADMIN_PASS" - insecure = true +security_group_name = "efs_rule" +security_group_ingress_rules = { + efs_rule = { + description = "EFS Ingress" + from_port = 2049 + to_port = 2049 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } } - -repository_create = false -argocd_repository_info = { - repo = "https://YOUR_REPO.git" - username = "USERNAME" - password = "CHANGE_ME_WITH_TOKEN" +security_group_egress_rule = { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } -application_create = true -argocd_application = { - name = "APPLICATION_NAME" - destination_server = "https://kubernetes.default.svc" - destination_namespace = "DESTINATION_NAMESPACE" - source_repo_url = "https://YOUR_REPO.git" - source_path = "SOURCE_PATH" - source_target_revision = "SOURCE_TARGET_REVISION" +file_system_create = true +efs = { + creation_token = "terraform" + encrypted = true + performance_mode = "generalPurpose" + throughput_mode = "elastic" + backup_policy = "ENABLED" } -argocd_sync_options = ["CreateNamespace=true", "ApplyOutOfSyncOnly=true", "FailOnSharedResource=true"] +mount_target_create = true +backup_policy_create = true ''') # Create versions.tf @@ -97,114 +115,193 @@ required_version = ">= 1.0" required_providers { - argocd = { - source = "oboukili/argocd" - version = ">= 6.0.2" + aws = { + source = "hashicorp/aws" + version = ">= 5.20" } } } ''') # Create module main.tf -with open(os.path.join(argocd_dir, "main.tf"), "w") as module_main_file: - module_main_file.write(''' -resource "argocd_repository" "repository" { - count = var.repository_create ? 1 : 0 - repo = var.argocd_repository_info["repo"] - username = var.argocd_repository_info["username"] - password = var.argocd_repository_info["password"] -} - -resource "argocd_application" "application" { - count = var.application_create ? 1 : 0 - depends_on = [argocd_repository.repository] - - metadata { - name = var.argocd_application["name"] - namespace = "argocd" - labels = { - using_sync_policy_options = "true" - } +with open(os.path.join(efs_dir, "main.tf"), "w") as efs_main_file: + efs_main_file.write(''' +locals { + default_efs_lifecycle_policies = { + transition_to_ia = "AFTER_14_DAYS", + transition_to_primary_storage_class = "AFTER_1_ACCESS", } +} - spec { - destination { - server = var.argocd_application["destination_server"] - namespace = var.argocd_application["destination_namespace"] - } - source { - repo_url = var.argocd_application["source_repo_url"] - path = var.argocd_application["source_path"] - target_revision = var.argocd_application["source_target_revision"] - } - sync_policy { - automated { - prune = false - self_heal = false - } - sync_options = var.argocd_sync_options +data "aws_availability_zones" "available_zones" { + state = "available" +} + +data "aws_vpc" "default_vpc" { + default = true +} + +data "aws_subnets" "subnets_ids" { + filter { + name = "vpc-id" + values = [data.aws_vpc.default_vpc.id] + } +} + +resource "aws_security_group" "security_group" { + count = var.file_system_create && var.mount_target_create ? 1 : 0 + name = var.security_group_name + description = "Security group for EFS mount targets" + vpc_id = data.aws_vpc.default_vpc.id + + dynamic "ingress" { + for_each = var.security_group_ingress_rules + content { + description = ingress.value["description"] + from_port = ingress.value["from_port"] + to_port = ingress.value["to_port"] + protocol = ingress.value["protocol"] + cidr_blocks = ingress.value["cidr_blocks"] } } + + egress { + from_port = var.security_group_egress_rule["from_port"] + to_port = var.security_group_egress_rule["to_port"] + protocol = var.security_group_egress_rule["protocol"] + cidr_blocks = var.security_group_egress_rule["cidr_blocks"] + } +} + +resource "aws_efs_file_system" "filesystem" { + count = var.file_system_create ? 1 : 0 + creation_token = var.efs["creation_token"] + encrypted = var.efs["encrypted"] + performance_mode = var.efs["performance_mode"] + throughput_mode = var.efs["throughput_mode"] + + lifecycle_policy { + transition_to_ia = lookup(local.default_efs_lifecycle_policies, "transition_to_ia", null) + } + + lifecycle_policy { + transition_to_primary_storage_class = lookup(local.default_efs_lifecycle_policies, "transition_to_primary_storage_class", null) + } + + tags = { + Name = "terraform-efs" + } +} + +resource "aws_efs_mount_target" "mount_target" { + count = var.file_system_create && var.mount_target_create ? length(data.aws_availability_zones.available_zones.names) : 0 + file_system_id = aws_efs_file_system.filesystem[0].id + subnet_id = data.aws_subnets.subnets_ids.ids[count.index] + security_groups = [aws_security_group.security_group[0].id] +} + +resource "aws_efs_backup_policy" "backup_policy" { + count = var.file_system_create && var.backup_policy_create ? 1 : 0 + file_system_id = aws_efs_file_system.filesystem[0].id + + backup_policy { + status = var.efs["backup_policy"] + } } ''') # Create module variables.tf -with open(os.path.join(argocd_dir, "variables.tf"), "w") as module_vars_file: - module_vars_file.write(''' -variable "repository_create" { - type = bool +with open(os.path.join(efs_dir, "variables.tf"), "w") as efs_variables_file: + efs_variables_file.write(''' +variable "security_group_name" { + type = string } -variable "argocd_repository_info" { - type = map(string) +variable "security_group_ingress_rules" { + type = map(object({ + description = string + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + })) } -variable "application_create" { +variable "security_group_egress_rule" { + type = object({ + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + }) +} + +variable "file_system_create" { type = bool } -variable "argocd_application" { - type = map(string) +variable "efs" { + type = object({ + creation_token = string + encrypted = bool + performance_mode = string + throughput_mode = string + backup_policy = string + }) +} + +variable "mount_target_create" { + type = bool } -variable "argocd_sync_options" { - type = list(string) +variable "backup_policy_create" { + type = bool } ''') # Create module terraform.tfvars -with open(os.path.join(argocd_dir, "terraform.tfvars"), "w") as module_tfvars_file: - module_tfvars_file.write(''' -repository_create = false -argocd_repository_info = { - repo = "https://YOUR_REPO.git" - username = "USERNAME" - password = "CHANGE_ME_WITH_TOKEN" -} - -application_create = true -argocd_application = { - name = "APPLICATION_NAME" - destination_server = "https://kubernetes.default.svc" - destination_namespace = "DESTINATION_NAMESPACE" - source_repo_url = "https://YOUR_REPO.git" - source_path = "SOURCE_PATH" - source_target_revision = "SOURCE_TARGET_REVISION" -} - -argocd_sync_options = ["CreateNamespace=true", "ApplyOutOfSyncOnly=true", "FailOnSharedResource=true"] +with open(os.path.join(efs_dir, "terraform.tfvars"), "w") as efs_tfvars_file: + efs_tfvars_file.write(''' +security_group_name = "efs_rule" +security_group_ingress_rules = { + efs_rule = { + description = "EFS Ingress" + from_port = 2049 + to_port = 2049 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} +security_group_egress_rule = { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] +} + +file_system_create = true +efs = { + creation_token = "terraform" + encrypted = true + performance_mode = "generalPurpose" + throughput_mode = "elastic" + backup_policy = "ENABLED" +} + +mount_target_create = true +backup_policy_create = true ''') # Create module versions.tf -with open(os.path.join(argocd_dir, "versions.tf"), "w") as module_versions_file: - module_versions_file.write(''' +with open(os.path.join(efs_dir, "versions.tf"), "w") as efs_versions_file: + efs_versions_file.write(''' terraform { required_version = ">= 1.0" required_providers { - argocd = { - source = "oboukili/argocd" - version = ">= 6.0.2" + aws = { + source = "hashicorp/aws" + version = ">= 5.20" } } } diff --git a/app/media/MyJcasc/jcasc/jcasc.yaml b/app/media/MyJcasc/jcasc/jcasc.yaml new file mode 100644 index 00000000..b743b370 --- /dev/null +++ b/app/media/MyJcasc/jcasc/jcasc.yaml @@ -0,0 +1,47 @@ +jenkins: + numExecutors: 1 + scmCheckoutRetryCount: 2 + mode: NORMAL + markupFormatter: + rawHtml: + disableSyntaxHighlighting: false + primaryView: + all: + name: "all" + crumbIssuer: + standard: + excludeClientIPFromCrumb: true +credentials: + system: + domainCredentials: + - credentials: + - string: + scope: GLOBAL + id: "gitlab-token" + secret: "SECRET KEY" + description: "GitLab personal access token" +unclassified: + location: + url: "http://localhost:8080/" +security: + globalJobDslSecurityConfiguration: + useScriptSecurity: false +jobs: + - script: > + pipelineJob('DSL Job') { + quietPeriod(0) + properties { + disableConcurrentBuilds() + } + logRotator { + numToKeep(10) + } + triggers { + cron("H/15 * * * *") + } + definition { + cps { + script('createJobs()') + } + } + } \ No newline at end of file diff --git a/app/media/MyTerraform/main.tf b/app/media/MyTerraform/main.tf index 3deb6501..2bd22fb1 100644 --- a/app/media/MyTerraform/main.tf +++ b/app/media/MyTerraform/main.tf @@ -1,17 +1,16 @@ -provider "argocd" { - server_addr = var.argocd_instance_info["server_addr"] - username = var.argocd_instance_info["username"] - password = var.argocd_instance_info["password"] - insecure = var.argocd_instance_info["insecure"] +provider "aws" { + region = "us-east-1" } -module "argocd" { - source = "./modules/argocd" - - repository_create = var.repository_create - argocd_repository_info = var.argocd_repository_info - application_create = var.application_create - argocd_application = var.argocd_application - argocd_sync_options = var.argocd_sync_options +module "efs" { + source = "./modules/efs" + + security_group_name = var.security_group_name + security_group_ingress_rules = var.security_group_ingress_rules + security_group_egress_rule = var.security_group_egress_rule + file_system_create = var.file_system_create + efs = var.efs + mount_target_create = var.mount_target_create + backup_policy_create = var.backup_policy_create } diff --git a/app/media/MyTerraform/modules/argocd/main.tf b/app/media/MyTerraform/modules/argocd/main.tf deleted file mode 100644 index 38762cdb..00000000 --- a/app/media/MyTerraform/modules/argocd/main.tf +++ /dev/null @@ -1,39 +0,0 @@ - -resource "argocd_repository" "repository" { - count = var.repository_create ? 1 : 0 - repo = var.argocd_repository_info["repo"] - username = var.argocd_repository_info["username"] - password = var.argocd_repository_info["password"] -} - -resource "argocd_application" "application" { - count = var.application_create ? 1 : 0 - depends_on = [argocd_repository.repository] - - metadata { - name = var.argocd_application["name"] - namespace = "argocd" - labels = { - using_sync_policy_options = "true" - } - } - - spec { - destination { - server = var.argocd_application["destination_server"] - namespace = var.argocd_application["destination_namespace"] - } - source { - repo_url = var.argocd_application["source_repo_url"] - path = var.argocd_application["source_path"] - target_revision = var.argocd_application["source_target_revision"] - } - sync_policy { - automated { - prune = false - self_heal = false - } - sync_options = var.argocd_sync_options - } - } -} diff --git a/app/media/MyTerraform/modules/argocd/terraform.tfvars b/app/media/MyTerraform/modules/argocd/terraform.tfvars deleted file mode 100644 index 56d589ee..00000000 --- a/app/media/MyTerraform/modules/argocd/terraform.tfvars +++ /dev/null @@ -1,19 +0,0 @@ - -repository_create = false -argocd_repository_info = { - repo = "https://YOUR_REPO.git" - username = "USERNAME" - password = "CHANGE_ME_WITH_TOKEN" -} - -application_create = true -argocd_application = { - name = "APPLICATION_NAME" - destination_server = "https://kubernetes.default.svc" - destination_namespace = "DESTINATION_NAMESPACE" - source_repo_url = "https://YOUR_REPO.git" - source_path = "SOURCE_PATH" - source_target_revision = "SOURCE_TARGET_REVISION" -} - -argocd_sync_options = ["CreateNamespace=true", "ApplyOutOfSyncOnly=true", "FailOnSharedResource=true"] diff --git a/app/media/MyTerraform/modules/argocd/variables.tf b/app/media/MyTerraform/modules/argocd/variables.tf deleted file mode 100644 index 5d76fdc1..00000000 --- a/app/media/MyTerraform/modules/argocd/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ - -variable "repository_create" { - type = bool -} - -variable "argocd_repository_info" { - type = map(string) -} - -variable "application_create" { - type = bool -} - -variable "argocd_application" { - type = map(string) -} - -variable "argocd_sync_options" { - type = list(string) -} diff --git a/app/media/MyTerraform/modules/efs/main.tf b/app/media/MyTerraform/modules/efs/main.tf new file mode 100644 index 00000000..e1374059 --- /dev/null +++ b/app/media/MyTerraform/modules/efs/main.tf @@ -0,0 +1,83 @@ + +locals { + default_efs_lifecycle_policies = { + transition_to_ia = "AFTER_14_DAYS", + transition_to_primary_storage_class = "AFTER_1_ACCESS", + } +} + +data "aws_availability_zones" "available_zones" { + state = "available" +} + +data "aws_vpc" "default_vpc" { + default = true +} + +data "aws_subnets" "subnets_ids" { + filter { + name = "vpc-id" + values = [data.aws_vpc.default_vpc.id] + } +} + +resource "aws_security_group" "security_group" { + count = var.file_system_create && var.mount_target_create ? 1 : 0 + name = var.security_group_name + description = "Security group for EFS mount targets" + vpc_id = data.aws_vpc.default_vpc.id + + dynamic "ingress" { + for_each = var.security_group_ingress_rules + content { + description = ingress.value["description"] + from_port = ingress.value["from_port"] + to_port = ingress.value["to_port"] + protocol = ingress.value["protocol"] + cidr_blocks = ingress.value["cidr_blocks"] + } + } + + egress { + from_port = var.security_group_egress_rule["from_port"] + to_port = var.security_group_egress_rule["to_port"] + protocol = var.security_group_egress_rule["protocol"] + cidr_blocks = var.security_group_egress_rule["cidr_blocks"] + } +} + +resource "aws_efs_file_system" "filesystem" { + count = var.file_system_create ? 1 : 0 + creation_token = var.efs["creation_token"] + encrypted = var.efs["encrypted"] + performance_mode = var.efs["performance_mode"] + throughput_mode = var.efs["throughput_mode"] + + lifecycle_policy { + transition_to_ia = lookup(local.default_efs_lifecycle_policies, "transition_to_ia", null) + } + + lifecycle_policy { + transition_to_primary_storage_class = lookup(local.default_efs_lifecycle_policies, "transition_to_primary_storage_class", null) + } + + tags = { + Name = "terraform-efs" + } +} + +resource "aws_efs_mount_target" "mount_target" { + count = var.file_system_create && var.mount_target_create ? length(data.aws_availability_zones.available_zones.names) : 0 + file_system_id = aws_efs_file_system.filesystem[0].id + subnet_id = data.aws_subnets.subnets_ids.ids[count.index] + security_groups = [aws_security_group.security_group[0].id] +} + +resource "aws_efs_backup_policy" "backup_policy" { + count = var.file_system_create && var.backup_policy_create ? 1 : 0 + file_system_id = aws_efs_file_system.filesystem[0].id + + backup_policy { + status = var.efs["backup_policy"] + } +} diff --git a/app/media/MyTerraform/modules/efs/terraform.tfvars b/app/media/MyTerraform/modules/efs/terraform.tfvars new file mode 100644 index 00000000..a54687cb --- /dev/null +++ b/app/media/MyTerraform/modules/efs/terraform.tfvars @@ -0,0 +1,29 @@ + +security_group_name = "efs_rule" +security_group_ingress_rules = { + efs_rule = { + description = "EFS Ingress" + from_port = 2049 + to_port = 2049 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} +security_group_egress_rule = { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] +} + +file_system_create = true +efs = { + creation_token = "terraform" + encrypted = true + performance_mode = "generalPurpose" + throughput_mode = "elastic" + backup_policy = "ENABLED" +} + +mount_target_create = true +backup_policy_create = true diff --git a/app/media/MyTerraform/modules/efs/variables.tf b/app/media/MyTerraform/modules/efs/variables.tf new file mode 100644 index 00000000..c9ca05f7 --- /dev/null +++ b/app/media/MyTerraform/modules/efs/variables.tf @@ -0,0 +1,45 @@ + +variable "security_group_name" { + type = string +} + +variable "security_group_ingress_rules" { + type = map(object({ + description = string + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + })) +} + +variable "security_group_egress_rule" { + type = object({ + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + }) +} + +variable "file_system_create" { + type = bool +} + +variable "efs" { + type = object({ + creation_token = string + encrypted = bool + performance_mode = string + throughput_mode = string + backup_policy = string + }) +} + +variable "mount_target_create" { + type = bool +} + +variable "backup_policy_create" { + type = bool +} diff --git a/app/media/MyTerraform/modules/argocd/versions.tf b/app/media/MyTerraform/modules/efs/versions.tf similarity index 50% rename from app/media/MyTerraform/modules/argocd/versions.tf rename to app/media/MyTerraform/modules/efs/versions.tf index c2fa9111..b19ec086 100644 --- a/app/media/MyTerraform/modules/argocd/versions.tf +++ b/app/media/MyTerraform/modules/efs/versions.tf @@ -3,9 +3,9 @@ terraform { required_version = ">= 1.0" required_providers { - argocd = { - source = "oboukili/argocd" - version = ">= 6.0.2" + aws = { + source = "hashicorp/aws" + version = ">= 5.20" } } } diff --git a/app/media/MyTerraform/terraform.tfvars b/app/media/MyTerraform/terraform.tfvars index 163075df..a54687cb 100644 --- a/app/media/MyTerraform/terraform.tfvars +++ b/app/media/MyTerraform/terraform.tfvars @@ -1,26 +1,29 @@ -argocd_instance_info = { - server_addr = "ARGOCD_DOMAIN" - username = "admin" - password = "ARGOCD_ADMIN_PASS" - insecure = true +security_group_name = "efs_rule" +security_group_ingress_rules = { + efs_rule = { + description = "EFS Ingress" + from_port = 2049 + to_port = 2049 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } } - -repository_create = false -argocd_repository_info = { - repo = "https://YOUR_REPO.git" - username = "USERNAME" - password = "CHANGE_ME_WITH_TOKEN" +security_group_egress_rule = { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } -application_create = true -argocd_application = { - name = "APPLICATION_NAME" - destination_server = "https://kubernetes.default.svc" - destination_namespace = "DESTINATION_NAMESPACE" - source_repo_url = "https://YOUR_REPO.git" - source_path = "SOURCE_PATH" - source_target_revision = "SOURCE_TARGET_REVISION" +file_system_create = true +efs = { + creation_token = "terraform" + encrypted = true + performance_mode = "generalPurpose" + throughput_mode = "elastic" + backup_policy = "ENABLED" } -argocd_sync_options = ["CreateNamespace=true", "ApplyOutOfSyncOnly=true", "FailOnSharedResource=true"] +mount_target_create = true +backup_policy_create = true diff --git a/app/media/MyTerraform/variables.tf b/app/media/MyTerraform/variables.tf index 6cd53c28..c9ca05f7 100644 --- a/app/media/MyTerraform/variables.tf +++ b/app/media/MyTerraform/variables.tf @@ -1,29 +1,45 @@ -variable "argocd_instance_info" { +variable "security_group_name" { + type = string +} + +variable "security_group_ingress_rules" { + type = map(object({ + description = string + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) + })) +} + +variable "security_group_egress_rule" { type = object({ - server_addr = string - username = string - password = string - insecure = bool + from_port = number + to_port = number + protocol = string + cidr_blocks = list(string) }) } -variable "repository_create" { +variable "file_system_create" { type = bool } -variable "argocd_repository_info" { - type = map(string) +variable "efs" { + type = object({ + creation_token = string + encrypted = bool + performance_mode = string + throughput_mode = string + backup_policy = string + }) } -variable "application_create" { +variable "mount_target_create" { type = bool } -variable "argocd_application" { - type = map(string) -} - -variable "argocd_sync_options" { - type = list(string) +variable "backup_policy_create" { + type = bool } diff --git a/app/media/MyTerraform/versions.tf b/app/media/MyTerraform/versions.tf index c2fa9111..b19ec086 100644 --- a/app/media/MyTerraform/versions.tf +++ b/app/media/MyTerraform/versions.tf @@ -3,9 +3,9 @@ terraform { required_version = ">= 1.0" required_providers { - argocd = { - source = "oboukili/argocd" - version = ">= 6.0.2" + aws = { + source = "hashicorp/aws" + version = ">= 5.20" } } } diff --git a/app/template_generators/jenkins/jcasc.py b/app/template_generators/jenkins/jcasc.py index acee96bc..136d5c08 100644 --- a/app/template_generators/jenkins/jcasc.py +++ b/app/template_generators/jenkins/jcasc.py @@ -1,54 +1,79 @@ def jcasc_template_generator(input) -> str: - allowsSignup = 'true' if input.allowsSignup else 'false' - allowAnonymousRead = 'true' if input.allowAnonymousRead else 'false' - cache_size = input.cache_size + DSL_Job_Name = 'false' if input.allowsSignup else 'true' + useScriptSecurity = 'true' if input.useScriptSecurity else 'false' + scmCheckoutRetryCount = input.scmCheckoutRetryCount executators = input.executators - required_plugins = input.required_plugins prompt = f""" Generate a Python code, to generate a JCasc file (project name is app/media/MyJcasc) and install plugins based on the provided list, ensuring a modular, flexible structure to enable users to configure all essential settings at the first load. Only provide JCasc code, no explanations or - markdown formatting. The file should be created based on these values - - allowSignup = {allowsSignup} - - allowAnonymousRead = {allowAnonymousRead} - - cache_size = {cache_size} - - executators = {executators} - - required_plugins = {required_plugins} - + markdown formatting. + Also the file should contain ONLY these sections with following order and do not add emptylines: - 1- systemMessage - 2- create a local admin user and password, default username is admin and default password is password - 3- allowSignup - 4- allowAnonymousRead - 5- cache_size - 6- executators - 7- required_plugins - 8- views - 9- authorizationStrategy: - - ``` - projectMatrix: - grantedPermissions: - - "Overall/Administer:admin" - - "Job/Read:developer" - - "Job/Build:developer" - ``` - 10- tools: - - ``` - git: - installations: - - name: "Default" - home: "/usr/bin/git" - ``` - 11- security: - - ``` - globalJobDslSecurityConfiguration: - useScriptSecurity: false + - jenkins: + - numExecutors= {executators} + - scmCheckoutRetryCount= {scmCheckoutRetryCount} + - mode : NORMAL + - markupFormatter: + ``` + rawHtml: + disableSyntaxHighlighting: false + ``` + - primaryView: + ``` + all: + name: "all" + ``` + - crumbIssuer: + standard: + excludeClientIPFromCrumb: true + - credentials: + ``` + system: + domainCredentials: + - credentials: + - string: + scope: GLOBAL + id: "gitlab-token" + secret: "SECRET KEY" + description: "GitLab personal access token" + ``` + - unclassified: + ``` + location: + url: "http://localhost:8080/" + ``` + - security: + ``` + globalJobDslSecurityConfiguration: + useScriptSecurity: {useScriptSecurity} + ``` + - jobs: + ``` - script: > + pipelineJob('{DSL_Job_Name}') {{ + quietPeriod(0) + properties {{ + disableConcurrentBuilds() + }} + logRotator {{ + numToKeep(10) + }} + triggers {{ + cron("H/15 * * * *") + }} + definition {{ + cps {{ + script('createJobs()') + }} + }} + }} ``` finally the python code should run without any note that can generate a project folder with the given - schema without ```python entry. the final JCasc template must work very well without any error! + schema without + python entry. the final JCasc template must work very well without any error! import os project_name = "app/media/MyJcasc"