Updates pipeline to use docker command

.docker/Dockerfile

@@ -7,6 +7,4 @@ RUN apk --no-cache add --repository=http://dl-cdn.alpinelinux.org/alpine/edge/co
 
 COPY --chown=infrastructure:infrastructure . .
 
-RUN ls -lha
-
 ENTRYPOINT [ "terraform" ]

.github/workflows/pipeline.yml

@@ -2,9 +2,12 @@ name: "Pipeline"
 
 on:
   pull_request:
-    branches: [ "main" ]
+    branches:
+      - main
+      - docker
   push:
-    branches: [ "main" ]
+    branches:
+      - main
 
 jobs:
   test:
@@ -13,25 +16,41 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - uses: hashicorp/setup-terraform@v1
+      - name: "Build the image"
+        run: docker image build --file .docker/Dockerfile --tag infrastructure:${{ github.sha }} .
+
+      - name: "Create the volumes"
+        run: |
+          docker volume create aws-provider
+          docker volume create github-provider
+          docker volume create heroku-provider
 
       - name: "Initializes terraform"
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
         run: |
-          source scripts/pipeline_utils.sh
-          init_terraform github heroku aws
+          source scripts/utils.sh
+          init_terraform aws github heroku
 
       - name: "Run terraform to check for formatting"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
         run: |
-          source scripts/pipeline_utils.sh
-          format_terraform github heroku aws
+          source scripts/utils.sh
+          format_terraform aws github heroku
 
       - name: "Run validation to check for issues"
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
         run: |
-          source scripts/pipeline_utils.sh
-          validate_terraform github heroku aws
+          source scripts/utils.sh
+          format_terraform aws github heroku
 
   build:
     if: ${{ github.event_name == 'pull_request' }}
@@ -41,20 +60,29 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - uses: hashicorp/setup-terraform@v1
+      - name: "Build the image"
+        run: docker image build --file .docker/Dockerfile --tag infrastructure:${{ github.sha }} .
+
+      - name: "Create the volumes"
+        run: |
+          docker volume create aws-provider
+          docker volume create github-provider
+          docker volume create heroku-provider
 
       - name: "Initializes terraform"
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
         run: |
-          source scripts/pipeline_utils.sh
-          init_terraform github heroku aws
+          source scripts/utils.sh
+          init_terraform aws github heroku
 
       - name: "Generate terraform plan"
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
           TF_VAR_GH_PERSONAL_ACCESS_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
           TF_VAR_DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
           TF_VAR_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -81,24 +109,32 @@ jobs:
           TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_SECRET_KEY }}
           TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }}
         run: |
-          source scripts/pipeline_utils.sh
-          plan_terraform github heroku aws
+          source scripts/utils.sh
+          plan_terraform aws github heroku
 
   deploy:
     if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
     runs-on: "ubuntu-20.04"
     steps:
       - uses: actions/checkout@v2
 
-      - uses: hashicorp/setup-terraform@v1
+      - name: "Build the image"
+        run: docker image build --file .docker/Dockerfile --tag infrastructure:${{ github.sha }} .
+
+      - name: "Create the volumes"
+        run: |
+          docker volume create aws-provider
+          docker volume create github-provider
+          docker volume create heroku-provider
 
       - name: "Initializes terraform"
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          GITHUB_COMMIT_SHA: ${{ github.sha }}
         run: |
-          source scripts/pipeline_utils.sh
-          init_terraform github heroku aws
+          source scripts/utils.sh
+          init_terraform aws github heroku
 
       - name: "Apply terraform plan"
         env:
@@ -131,4 +167,4 @@ jobs:
           TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }}
         run: |
           source scripts/pipeline_utils.sh
-          apply_terraform github heroku aws
+          apply_terraform aws github heroku

scripts/utils.sh

@@ -0,0 +1,119 @@
+init_terraform() {
+    for dir in "$@"
+    do
+        echo "Initializing terraform for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" init -input=false 2>&1
+    done
+}
+
+format_terraform() {
+    for dir in "$@"
+    do
+        echo "Formatting terraform files for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" fmt -check 2>&1
+    done
+}
+
+validate_terraform() {
+    for dir in "$@"
+    do
+        echo "Validating terraform plan for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" validate -json 2>&1
+    done
+}
+
+plan_terraform() {
+    for dir in "$@"
+    do
+        echo "Generating terraform plan for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --env TF_VAR_GH_PERSONAL_ACCESS_TOKEN="$GH_PERSONAL_ACCESS_TOKEN" \
+            --env TF_VAR_DOCKERHUB_USERNAME="$DOCKERHUB_USERNAME" \
+            --env TF_VAR_DOCKERHUB_TOKEN="$DOCKERHUB_TOKEN" \
+            --env TF_VAR_HEROKU_EMAIL="$HEROKU_EMAIL" \
+            --env TF_VAR_HEROKU_API_KEY="$HEROKU_API_KEY" \
+            --env TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN="$EMAIL_SERVICE_CODECOV_TOKEN" \
+            --env TF_VAR_API_GATEWAY_CODECOV_TOKEN="$API_GATEWAY_CODECOV_TOKEN" \
+            --env TF_VAR_EMAIL_SERVICE_DATABASE_URL="$EMAIL_SERVICE_DATABASE_URL" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD="$EMAIL_SERVICE_MAIL_PASSWORD" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_USERNAME="$EMAIL_SERVICE_MAIL_USERNAME" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL="$EMAIL_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_URL="$EMAIL_SERVICE_REDIS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_DATABASE_URL="$PROFILE_SERVICE_DATABASE_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL="$PROFILE_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_URL="$PROFILE_SERVICE_REDIS_URL" \
+            --env TF_VAR_WIKI_DATABASE_HOST="$WIKI_DATABASE_HOST" \
+            --env TF_VAR_WIKI_DATABASE_PORT="$WIKI_DATABASE_PORT" \
+            --env TF_VAR_WIKI_DATABASE_USER="$WIKI_DATABASE_USER" \
+            --env TF_VAR_WIKI_DATABASE_PASSWORD="$WIKI_DATABASE_PASSWORD" \
+            --env TF_VAR_WIKI_DATABASE_NAME="$WIKI_DATABASE_NAME" \
+            --env TF_VAR_DISCORD_WEBHOOK_URL="$DISCORD_WEBHOOK_URL" \
+            --env TF_VAR_TRUSTED_HOSTS="$TRUSTED_HOSTS" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY="$GAMBLEY_CD_USER_AWS_ACCESS_KEY" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY="$GAMBLEY_CD_USER_AWS_SECRET_KEY" \
+            --env TF_VAR_SNYK_SECRET_KEY="$SNYK_SECRET_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" plan -input=false 2>&1
+    done
+}
+
+apply_terraform() {
+    for dir in "$@"
+    do
+        echo "Applying terraform plan for" "$dir"
+        docker container run \
+            --env AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+            --env AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
+            --env TF_VAR_GH_PERSONAL_ACCESS_TOKEN="$GH_PERSONAL_ACCESS_TOKEN" \
+            --env TF_VAR_DOCKERHUB_USERNAME="$DOCKERHUB_USERNAME" \
+            --env TF_VAR_DOCKERHUB_TOKEN="$DOCKERHUB_TOKEN" \
+            --env TF_VAR_HEROKU_EMAIL="$HEROKU_EMAIL" \
+            --env TF_VAR_HEROKU_API_KEY="$HEROKU_API_KEY" \
+            --env TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN="$EMAIL_SERVICE_CODECOV_TOKEN" \
+            --env TF_VAR_API_GATEWAY_CODECOV_TOKEN="$API_GATEWAY_CODECOV_TOKEN" \
+            --env TF_VAR_EMAIL_SERVICE_DATABASE_URL="$EMAIL_SERVICE_DATABASE_URL" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD="$EMAIL_SERVICE_MAIL_PASSWORD" \
+            --env TF_VAR_EMAIL_SERVICE_MAIL_USERNAME="$EMAIL_SERVICE_MAIL_USERNAME" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL="$EMAIL_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_EMAIL_SERVICE_REDIS_URL="$EMAIL_SERVICE_REDIS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_DATABASE_URL="$PROFILE_SERVICE_DATABASE_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL="$PROFILE_SERVICE_REDIS_TLS_URL" \
+            --env TF_VAR_PROFILE_SERVICE_REDIS_URL="$PROFILE_SERVICE_REDIS_URL" \
+            --env TF_VAR_WIKI_DATABASE_HOST="$WIKI_DATABASE_HOST" \
+            --env TF_VAR_WIKI_DATABASE_PORT="$WIKI_DATABASE_PORT" \
+            --env TF_VAR_WIKI_DATABASE_USER="$WIKI_DATABASE_USER" \
+            --env TF_VAR_WIKI_DATABASE_PASSWORD="$WIKI_DATABASE_PASSWORD" \
+            --env TF_VAR_WIKI_DATABASE_NAME="$WIKI_DATABASE_NAME" \
+            --env TF_VAR_DISCORD_WEBHOOK_URL="$DISCORD_WEBHOOK_URL" \
+            --env TF_VAR_TRUSTED_HOSTS="$TRUSTED_HOSTS" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY="$GAMBLEY_CD_USER_AWS_ACCESS_KEY" \
+            --env TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY="$GAMBLEY_CD_USER_AWS_SECRET_KEY" \
+            --env TF_VAR_SNYK_SECRET_KEY="$SNYK_SECRET_KEY" \
+            --volume aws-provider:/app/src/aws/.terraform \
+            --volume github-provider:/app/src/github/.terraform \
+            --volume heroku-provider:/app/src/heroku/.terraform \
+            infrastructure:"$GITHUB_COMMIT_SHA" -chdir=src/"$dir" apply -auto-approve -input=false 2>&1
+    done
+}