view | history | commit | commitdiff
Tok
2018-11-09 04259f14a042c84a1164402d9ac2009c9db6adf5
commit | author | age
da4ace 1 ---
GC 2 - import_tasks: locate_template.yml
3
4 - set_fact:
5     cloudformation_template: "{{ANSIBLE_REPO_PATH}}/workdir/{{ env_type }}.{{ guid }}.{{cloud_provider}}_cloud_template"
6
2a18ae 7 - name: AWS Generate CloudFormation Template
S 8   template:
da4ace 9     src: "{{ cloudformation_template_src }}"
GC 10     dest: "{{ cloudformation_template }}"
2a18ae 11   tags:
S 12     - aws_infrastructure_deployment
13     - gen_cf_template
3e2a8d 14
GC 15 ######################### Copy CF Template to S3 if too big
16 - name: Stat CloudFormation template
17   stat:
da4ace 18     path: "{{ cloudformation_template }}"
3e2a8d 19   register: stat_template
GC 20   tags:
21     - aws_infrastructure_deployment
22     - gen_cf_template
23
24 - when:
25     stat_template.stat.size > 51200
26   tags:
27     - aws_infrastructure_deployment
28     - gen_cf_template
29   environment:
30     AWS_ACCESS_KEY_ID: "{{aws_access_key_id}}"
31     AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}"
32     AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}"
33   block:
b5c784 34     - name: Get user name
GC 35       command: aws iam get-user
36       register: rget_user
37       ignore_errors: yes
38
39     # Bucket name must be globally unique. Use the userID to define the bucketname.
40     # Otherwise when we use the code in another account it fails because the bucket
41     # already exists.
42     - set_fact:
43         aws_account_user: "{{rget_user.stdout|from_json|json_query('User.UserId')}}"
44       ignore_errors: yes
45
46     - set_fact:
7d48ed 47         bucket_templates: "cloudformation-templates-{{aws_account_user|default('user')|lower}}"
b5c784 48
3e2a8d 49     - name: Create bucket
GC 50       s3_bucket:
b5c784 51         name: "{{bucket_templates}}"
3e2a8d 52     - name: Copy Template to S3
GC 53       aws_s3:
b5c784 54         bucket: "{{bucket_templates}}"
3e2a8d 55         object: "{{ env_type }}.{{ guid }}.{{cloud_provider}}_cloud_template"
da4ace 56         src: "{{ cloudformation_template }}"
3e2a8d 57         mode: put
GC 58
2a18ae 59 ######################### Validate CF Template
S 60
3e2a8d 61 - name: validate cloudformation template (local)
2a18ae 62   environment:
S 63     AWS_ACCESS_KEY_ID: "{{aws_access_key_id}}"
64     AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}"
5c7a03 65     AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}"
GC 66   command: >-
67     aws cloudformation validate-template
68     --region {{ aws_region_final | d(aws_region) | default(region) | default('us-east-1')}}
da4ace 69     --template-body file://{{ cloudformation_template }}
2a18ae 70   changed_when: false
692763 71   register: cloudformation_validation
GC 72   until: cloudformation_validation is succeeded
da4ace 73   retries: "{{ cloudformation_retries }}"
692763 74   delay: 20
2a18ae 75   tags:
S 76     - aws_infrastructure_deployment
77     - validate_cf_template
3e2a8d 78   when: stat_template.stat.size <= 51200
GC 79
80 - name: validate cloudformation template (S3)
81   environment:
82     AWS_ACCESS_KEY_ID: "{{aws_access_key_id}}"
83     AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}"
84     AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}"
85   command: >-
86     aws cloudformation validate-template
87     --region {{ aws_region_final | d(aws_region) | default(region) | default('us-east-1')}}
b5c784 88     --template-url https://s3.amazonaws.com/{{bucket_templates}}/{{env_type}}.{{guid}}.{{cloud_provider}}_cloud_template
3e2a8d 89   changed_when: false
GC 90   register: cloudformation_validation
91   until: cloudformation_validation is succeeded
da4ace 92   retries: "{{ cloudformation_retries }}"
3e2a8d 93   delay: 20
GC 94   tags:
95     - aws_infrastructure_deployment
96     - validate_cf_template
97   when: stat_template.stat.size > 51200
2a18ae 98
S 99 ######################### Launch CF Template