Skip to content

Commit 2e276d7

Browse files
rberlindrberlind
committed
update loadAndRunWorkspaces.sh
1 parent a11b056 commit 2e276d7

File tree

2 files changed

+29
-33
lines changed

2 files changed

+29
-33
lines changed

operations/automation-script/config/main.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,13 +4,13 @@ variable "name" {
44

55
resource "random_id" "random" {
66
keepers = {
7-
uuid = "${uuid()}"
7+
uuid = uuid()
88
}
99
byte_length = 32
1010
}
1111

1212
output "random" {
13-
value = "${random_id.random.hex}"
13+
value = random_id.random.hex
1414
}
1515

1616
output "hello_world" {

operations/automation-script/loadAndRunWorkspace.sh

Lines changed: 27 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ cat > workspace.template.json <<EOF
116116
{
117117
"attributes": {
118118
"name":"placeholder",
119-
"terraform-version": "0.11.14"
119+
"terraform-version": "0.13.6"
120120
},
121121
"type":"workspaces"
122122
}
@@ -287,27 +287,40 @@ while [ $continue -ne 0 ]; do
287287
# Apply in some cases
288288
applied="false"
289289

290-
# planned means plan finished and no Sentinel policies
291-
# exist or are applicable to the workspace
292-
293290
# Run is planning - get the plan
294291
# Note that we use "True" rather than "true" because python converts the
295292
# boolean "true" in json responses to "True" and "false" to "False"
293+
294+
# planned means plan finished and no Sentinel policies
295+
# exist or are applicable to the workspace
296296
if [[ "$run_status" == "planned" ]] && [[ "$is_confirmable" == "True" ]] && [[ "$override" == "no" ]]; then
297297
continue=0
298298
echo "There are " $sentinel_policy_count "policies, but none of them are applicable to this workspace."
299299
echo "Check the run in Terraform Enterprise UI and apply there if desired."
300300
save_plan="true"
301-
# planned means plan finished and no Sentinel policies
301+
# cost_estimated means plan finished and costs were estimated
302302
# exist or are applicable to the workspace
303+
elif [[ "$run_status" == "cost_estimated" ]] && [[ "$is_confirmable" == "True" ]] && [[ "$override" == "no" ]]; then
304+
continue=0
305+
echo "There are " $sentinel_policy_count "policies, but none of them are applicable to this workspace."
306+
echo "Check the run in Terraform Enterprise UI and apply there if desired."
307+
save_plan="true"
303308
elif [[ "$run_status" == "planned" ]] && [[ "$is_confirmable" == "True" ]] && [[ "$override" == "yes" ]]; then
304-
continue=0
305-
echo "There are " $sentinel_policy_count "policies, but none of them are applicable to this workspace."
306-
echo "Since override was set to \"yes\", we are applying."
307-
# Do the apply
308-
echo "Doing Apply"
309-
apply_result=$(curl -s --header "Authorization: Bearer $TFE_TOKEN" --header "Content-Type: application/vnd.api+json" --data @apply.json https://${address}/api/v2/runs/${run_id}/actions/apply)
310-
applied="true"
309+
continue=0
310+
echo "There are " $sentinel_policy_count "policies, but none of them are applicable to this workspace."
311+
echo "Since override was set to \"yes\", we are applying."
312+
# Do the apply
313+
echo "Doing Apply"
314+
apply_result=$(curl -s --header "Authorization: Bearer $TFE_TOKEN" --header "Content-Type: application/vnd.api+json" --data @apply.json https://${address}/api/v2/runs/${run_id}/actions/apply)
315+
applied="true"
316+
elif [[ "$run_status" == "cost_estimated" ]] && [[ "$is_confirmable" == "True" ]] && [[ "$override" == "yes" ]]; then
317+
continue=0
318+
echo "There are " $sentinel_policy_count "policies, but none of them are applicable to this workspace."
319+
echo "Since override was set to \"yes\", we are applying."
320+
# Do the apply
321+
echo "Doing Apply"
322+
apply_result=$(curl -s --header "Authorization: Bearer $TFE_TOKEN" --header "Content-Type: application/vnd.api+json" --data @apply.json https://${address}/api/v2/runs/${run_id}/actions/apply)
323+
applied="true"
311324
# policy_checked means all Sentinel policies passed
312325
elif [[ "$run_status" == "policy_checked" ]]; then
313326
continue=0
@@ -428,26 +441,9 @@ if [[ "$applied" == "true" ]]; then
428441
# and output to shell and file
429442
curl -s $apply_log_url | tee ${apply_id}.log
430443

431-
# Get state version IDs from after the apply
432-
state_id_before=$(echo $check_result | python -c "import sys, json; print(json.load(sys.stdin)['data']['relationships']['state-versions']['data'][1]['id'])")
433-
echo "State ID 1:" ${state_id_before}
434-
435-
# Call API to get information about the state version including its URL
436-
state_file_before_url_result=$(curl -s --header "Authorization: Bearer $TFE_TOKEN" https://${address}/api/v2/state-versions/${state_id_before})
437-
438-
# Get state file URL from the result
439-
state_file_before_url=$(echo $state_file_before_url_result | python -c "import sys, json; print(json.load(sys.stdin)['data']['attributes']['hosted-state-download-url'])")
440-
echo "URL for state file before apply:"
441-
echo ${state_file_before_url}
442-
443-
# Retrieve state file from the URL
444-
# and output to shell and file
445-
echo "State file before the apply:"
446-
curl -s $state_file_before_url | tee ${apply_id}-before.tfstate
447-
448-
# Get state version IDs from before the apply
444+
# Get state version ID from after the apply
449445
state_id_after=$(echo $check_result | python -c "import sys, json; print(json.load(sys.stdin)['data']['relationships']['state-versions']['data'][0]['id'])")
450-
echo "State ID 0:" ${state_id_after}
446+
echo "State ID:" ${state_id_after}
451447

452448
# Call API to get information about the state version including its URL
453449
state_file_after_url_result=$(curl -s --header "Authorization: Bearer $TFE_TOKEN" https://${address}/api/v2/state-versions/${state_id_after})

0 commit comments

Comments
 (0)