diff --git a/applications/next-js/pnpm-lock.yaml b/applications/next-js/pnpm-lock.yaml index e966de2b5..feccded21 100644 --- a/applications/next-js/pnpm-lock.yaml +++ b/applications/next-js/pnpm-lock.yaml @@ -7769,6 +7769,11 @@ packages: engines: {node: '>=12'} dev: true + /ansi-regex@6.2.2: + resolution: {integrity: sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==} + engines: {node: '>=12'} + dev: true + /ansi-styles@3.2.1: resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} engines: {node: '>=4'} @@ -7786,6 +7791,11 @@ packages: engines: {node: '>=12'} dev: true + /ansi-styles@6.2.3: + resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==} + engines: {node: '>=12'} + dev: true + /any-promise@1.3.0: resolution: {integrity: sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==} dev: true @@ -10612,7 +10622,7 @@ packages: ansi-escapes: 7.0.0 cli-cursor: 5.0.0 slice-ansi: 7.1.0 - strip-ansi: 7.1.0 + strip-ansi: 7.2.0 wrap-ansi: 9.0.0 dev: true @@ -11995,7 +12005,7 @@ packages: resolution: {integrity: sha512-FC+lgizVPfie0kkhqUScwRu1O/lF6NOgJmlCgK+/LYxDCTk8sGelYaHDhFcDN+Sn3Cv+3VSa4Byeo+IMCzpMgQ==} engines: {node: '>=12'} dependencies: - ansi-styles: 6.2.1 + ansi-styles: 6.2.3 is-fullwidth-code-point: 4.0.0 dev: true @@ -12003,7 +12013,7 @@ packages: resolution: {integrity: sha512-bSiSngZ/jWeX93BqeIAbImyTbEihizcwNjFoRUIY/T1wWQsfsm2Vw1agPKylXvQTU7iASGdHhyqRlqQzfz+Htg==} engines: {node: '>=18'} dependencies: - ansi-styles: 6.2.1 + ansi-styles: 6.2.3 is-fullwidth-code-point: 5.0.0 dev: true @@ -12113,7 +12123,7 @@ packages: dependencies: emoji-regex: 10.4.0 get-east-asian-width: 1.2.0 - strip-ansi: 7.1.0 + strip-ansi: 7.2.0 dev: true /string.prototype.includes@2.0.0: @@ -12188,6 +12198,13 @@ packages: ansi-regex: 6.1.0 dev: true + /strip-ansi@7.2.0: + resolution: {integrity: sha512-yDPMNjp4WyfYBkHnjIRLfca1i6KMyGCtsVgoKe/z1+6vukgaENdgGBZt+ZmKPc4gavvEZ5OgHfHdrazhgNyG7w==} + engines: {node: '>=12'} + dependencies: + ansi-regex: 6.2.2 + dev: true + /strip-bom@3.0.0: resolution: {integrity: sha512-vavAMRXOgBVNF6nyEEmL3DBK19iRpDcoIwW+swQ+CbGiu7lju6t+JklA1MHweoWtadgt4ISVUsXLyDq34ddcwA==} engines: {node: '>=4'} @@ -12837,9 +12854,9 @@ packages: resolution: {integrity: sha512-G8ura3S+3Z2G+mkgNRq8dqaFZAuxfsxpBB8OCTGRTCtp+l/v9nbFNmCUP1BZMts3G1142MsZfn6eeUKrr4PD1Q==} engines: {node: '>=18'} dependencies: - ansi-styles: 6.2.1 + ansi-styles: 6.2.3 string-width: 7.2.0 - strip-ansi: 7.1.0 + strip-ansi: 7.2.0 dev: true /wrappy@1.0.2: diff --git a/destroy-all.sh b/destroy-all.sh new file mode 100755 index 000000000..c63a2ddd3 --- /dev/null +++ b/destroy-all.sh @@ -0,0 +1,37 @@ +#!/bin/bash +set -e + +export RESOURCE_PREFIX="peeks" +export AWS_REGION="us-east-2" +export USER1_PASSWORD="${USER1_PASSWORD:-ChangeMe123!}" + +echo "Getting cluster info..." +export HUB_VPC_ID=$(aws eks describe-cluster --name ${RESOURCE_PREFIX}-hub --region $AWS_REGION --query 'cluster.resourcesVpcConfig.vpcId' --output text 2>/dev/null || echo "vpc-dummy") +export HUB_SUBNET_IDS=$(aws eks describe-cluster --name ${RESOURCE_PREFIX}-hub --region $AWS_REGION --query 'cluster.resourcesVpcConfig.subnetIds' --output json 2>/dev/null || echo '["subnet-dummy"]') + +echo "VPC ID: $HUB_VPC_ID" +echo "Subnet IDs: $HUB_SUBNET_IDS" + +echo "Destroying common addons..." +cd /Users/shapirov/projects/appmod-blueprints/platform/infra/terraform/common +terraform destroy \ + -var="ide_password=${USER1_PASSWORD}" \ + -var="resource_prefix=${RESOURCE_PREFIX}" \ + -auto-approve || echo "Common destroy failed, continuing..." + +echo "Destroying cluster..." +cd /Users/shapirov/projects/appmod-blueprints/platform/infra/terraform/cluster +terraform destroy \ + -var="hub_vpc_id=${HUB_VPC_ID}" \ + -var="hub_subnet_ids=${HUB_SUBNET_IDS}" \ + -var="resource_prefix=${RESOURCE_PREFIX}" \ + -auto-approve || echo "Cluster destroy failed, continuing..." + +echo "Destroying VPC..." +cd /Users/shapirov/projects/appmod-blueprints/platform/infra/terraform/vpc +terraform destroy \ + -var="region=${AWS_REGION}" \ + -var="resource_prefix=${RESOURCE_PREFIX}" \ + -auto-approve || echo "VPC destroy failed" + +echo "Destruction complete!" diff --git a/gitops/fleet/members/fleet-spoke-dev/values.yaml b/gitops/fleet/members/fleet-spoke-dev/values.yaml new file mode 100644 index 000000000..5f8dd7cc2 --- /dev/null +++ b/gitops/fleet/members/fleet-spoke-dev/values.yaml @@ -0,0 +1,7 @@ +externalSecret: + enabled: true + clusterName: spoke-dev + secretStoreRefKind: ClusterSecretStore + secretStoreRefName: aws-secrets-manager + secretManagerSecretNamePrefix: peeks + server: remote diff --git a/gitops/fleet/members/fleet-spoke-prod/values.yaml b/gitops/fleet/members/fleet-spoke-prod/values.yaml new file mode 100644 index 000000000..b5a18b442 --- /dev/null +++ b/gitops/fleet/members/fleet-spoke-prod/values.yaml @@ -0,0 +1,7 @@ +externalSecret: + enabled: true + clusterName: spoke-prod + secretStoreRefKind: ClusterSecretStore + secretStoreRefName: aws-secrets-manager + secretManagerSecretNamePrefix: peeks + server: remote diff --git a/platform/infra/terraform/cluster/versions.tf b/platform/infra/terraform/cluster/versions.tf index 587383122..570876ced 100644 --- a/platform/infra/terraform/cluster/versions.tf +++ b/platform/infra/terraform/cluster/versions.tf @@ -8,10 +8,10 @@ terraform { } } - # Backend configuration provided via CLI parameters - backend "s3" { - # bucket provided via -backend-config - key = "clusters/terraform.tfstate" - use_lockfile = true - } + # Backend configuration disabled - using local state + # backend "s3" { + # # bucket provided via -backend-config + # key = "clusters/terraform.tfstate" + # use_lockfile = true + # } } diff --git a/platform/infra/terraform/common/gitlab_infra/versions.tf b/platform/infra/terraform/common/gitlab_infra/versions.tf index 5d3fcd6f1..3e21fdffc 100644 --- a/platform/infra/terraform/common/gitlab_infra/versions.tf +++ b/platform/infra/terraform/common/gitlab_infra/versions.tf @@ -19,10 +19,10 @@ terraform { version = ">= 2.0" } } - # Backend configuration provided via CLI parameters - backend "s3" { - # bucket and provided via -backend-config - key = "gitlabinfra/terraform.tfstate" - use_lockfile = true - } + # Backend configuration disabled - using local state + # backend "s3" { + # # bucket and provided via -backend-config + # key = "gitlabinfra/terraform.tfstate" + # use_lockfile = true + # } } diff --git a/platform/infra/terraform/scripts/0-init.sh b/platform/infra/terraform/scripts/0-init.sh index d3a5ba0f2..2882e3eec 100755 --- a/platform/infra/terraform/scripts/0-init.sh +++ b/platform/infra/terraform/scripts/0-init.sh @@ -234,6 +234,10 @@ main() { if [ "${ready_nodes:-0}" -gt 0 ] 2>/dev/null; then print_status "SUCCESS" "Cluster $cluster_name is ready with $ready_nodes nodes" cluster_ready=true + elif [ $cluster_wait -ge 60 ]; then + # After 60 seconds, if no nodes, assume Auto Mode cluster with no workloads yet + print_status "WARNING" "Cluster $cluster_name has no nodes (Auto Mode - nodes created on demand). Skipping." + cluster_ready=true else print_status "INFO" "Cluster $cluster_name has no ready nodes yet, waiting..." sleep 15 diff --git a/platform/infra/terraform/scripts/1-tools-urls.sh b/platform/infra/terraform/scripts/1-tools-urls.sh index 87c99f9e4..4b63f2610 100755 --- a/platform/infra/terraform/scripts/1-tools-urls.sh +++ b/platform/infra/terraform/scripts/1-tools-urls.sh @@ -2,6 +2,8 @@ # Source the colors script SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +source "${SCRIPT_DIR}/colors.sh" +source "${SCRIPT_DIR}/utils.sh" GIT_ROOT_PATH=$(git rev-parse --show-toplevel) # Source required utility scripts diff --git a/platform/infra/terraform/scripts/utils.sh b/platform/infra/terraform/scripts/utils.sh index f0df9c4cc..926ed9315 100644 --- a/platform/infra/terraform/scripts/utils.sh +++ b/platform/infra/terraform/scripts/utils.sh @@ -193,21 +193,24 @@ configure_kubectl_with_fallback() { # Validate required environment variables and backend resources validate_backend_config() { - log "Validating S3 backend configuration..." - - if [[ -z "${TFSTATE_BUCKET_NAME:-}" ]]; then - log_error "TFSTATE_BUCKET_NAME environment variable is required" - exit 1 - fi - - # Check if S3 bucket exists and is accessible - if ! aws s3api head-bucket --bucket "${TFSTATE_BUCKET_NAME}" 2>/dev/null; then - log_error "S3 bucket '${TFSTATE_BUCKET_NAME}' does not exist or is not accessible" - exit 1 - fi + log "Skipping S3 backend validation (using local state)..." + return 0 - log_success "Backend configuration validated" - log "S3 Bucket: ${TFSTATE_BUCKET_NAME}" + # log "Validating S3 backend configuration..." + # + # if [[ -z "${TFSTATE_BUCKET_NAME:-}" ]]; then + # log_error "TFSTATE_BUCKET_NAME environment variable is required" + # exit 1 + # fi + # + # # Check if S3 bucket exists and is accessible + # if ! aws s3api head-bucket --bucket "${TFSTATE_BUCKET_NAME}" 2>/dev/null; then + # log_error "S3 bucket '${TFSTATE_BUCKET_NAME}' does not exist or is not accessible" + # exit 1 + # fi + # + # log_success "Backend configuration validated" + # log "S3 Bucket: ${TFSTATE_BUCKET_NAME}" } # Initialize Terraform with S3 backend @@ -218,14 +221,12 @@ initialize_terraform() { local attempt=1 local delay=30 - log "Initializing Terraform with S3 backend for $module_name..." + log "Initializing Terraform with local backend for $module_name..." while [ $attempt -le $max_attempts ]; do log "Attempt $attempt of $max_attempts for terraform init..." - if terraform -chdir=$script_dir init --upgrade \ - -backend-config="bucket=${TFSTATE_BUCKET_NAME}" \ - -backend-config="region=${AWS_REGION}"; then + if terraform -chdir=$script_dir init --upgrade; then log_success "Terraform initialized successfully on attempt $attempt" # Check for and resolve state locks before proceeding @@ -252,7 +253,10 @@ initialize_terraform() { force_unlock_if_needed() { local script_dir=$1 - log "Checking for Terraform state locks..." + log "Skipping state lock check (using local state)..." + return 0 + + # log "Checking for Terraform state locks..." # Check DynamoDB lock table directly (much faster than terraform plan) local lock_table="${TFSTATE_BUCKET_NAME}-lock" @@ -365,22 +369,10 @@ cleanup_kubernetes_resources_with_fallback() { } gitlab_repository_setup(){ - log "Setting up GitLab repository..." - # Wait for GitLab to be accessible (5 minute timeout) - local timeout=300 - local elapsed=0 - while ! curl -sf "https://${GITLAB_DOMAIN}" > /dev/null 2>&1; do - sleep 5 - elapsed=$((elapsed + 5)) - if [ $elapsed -ge $timeout ]; then - log_error "GitLab not accessible after 5 minutes" - exit 1 - fi - done + log "Setting up GitLab repository (skipping push - will be done by 2-gitlab-init.sh)..." cd "$GIT_ROOT_PATH" - git config --global credential.helper store git config --global user.name "$GIT_USERNAME" git config --global user.email "$GIT_USERNAME@workshop.local" @@ -399,22 +391,7 @@ gitlab_repository_setup(){ if ! git diff --quiet || ! git diff --cached --quiet; then git add . git commit -m "Updated bootstrap values in Backstag template and Created spoke cluster secret files " || true - - # Try to pull latest changes first to avoid stale info - if ! git pull gitlab main --rebase; then - log_warning "Failed to pull and rebase, trying without rebase" - git pull gitlab main || log_warning "Pull failed, proceeding with push" - fi - - if ! git push --set-upstream gitlab HEAD:main --force-with-lease; then - if ! git push gitlab HEAD:main --force-with-lease; then - # If force-with-lease still fails, try regular push - if ! git push gitlab HEAD:main; then - log_error "Failed to push repository to GitLab" - exit 1 - fi - fi - fi + log "Changes committed locally. Run 2-gitlab-init.sh to push to GitLab." else print_info "No changes to commit" fi