🤗 Add Terraform wrapper script (#146)

Signed-off-by: Jacob Woffenden <jacob.woffenden@digital.justice.gov.uk>
ministryofjustice · Oct 21, 2024 · 20e7702 · 20e7702
1 parent 9cc1908
commit 20e7702
Show file tree

Hide file tree

Showing 8 changed files with 60 additions and 6 deletions.
diff --git a/.github/workflows/features.yml b/.github/workflows/features.yml
@@ -155,7 +155,7 @@ jobs:
           file: images/base/Dockerfile
           context: images/base
           load: true
-          tags: ghcr.io/ministryofjustice/devcontainer-base:local-feature-test-${{ github.sha }}
+          tags: ghcr.io/ministryofjustice/devcontainer-base:local-feature-test
 
       - name: Testing ${{ matrix.feature }}
         id: test_feature
@@ -165,7 +165,7 @@ jobs:
             --skip-scenarios \
             --project-folder features \
             --features ${{ matrix.feature }} \
-            --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test-${{ github.sha }}
+            --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test
 
       - name: Testing ${{ matrix.feature }} scenarios
         id: test_feature_scenarios
@@ -175,7 +175,7 @@ jobs:
             --features ${{ matrix.feature }} \
             --skip-autogenerated \
             --skip-duplicated \
-            --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test-${{ github.sha }}
+            --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test
 
   validate:
     needs: [detect-changes]

diff --git a/features/src/terraform/CHANGELOG.md b/features/src/terraform/CHANGELOG.md
@@ -9,6 +9,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.2.0] - 2024-10-17
+
+### Added
+
+- Default to installing wrapper script that sets `TF_DATA_DIR` to `/tmp/terraform/${currentDirectory}` ([#140](https://github.com/ministryofjustice/.devcontainer/issues/140))
+
 ## [1.1.0] - 2024-08-22
 
 ### Changed

diff --git a/features/src/terraform/devcontainer-feature.json b/features/src/terraform/devcontainer-feature.json
@@ -1,9 +1,9 @@
 {
   "id": "terraform",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "name": "Terraform",
   "documentationURL": "https://github.com/ministryofjustice/.devcontainer/tree/main/features/src/terraform",
-  "description": "Installs the Terraform CLI and tflint",
+  "description": "Installs the Terraform CLI, tflint and a wrapper script to aid with permissions issues on macOS",
   "options": {
     "terraformCliVersion": {
       "type": "string",
@@ -16,6 +16,11 @@
       "description": "Version of the tflint to install",
       "proposals": ["latest"],
       "default": "latest"
+    },
+    "installTerraformWrapper": {
+      "type": "boolean",
+      "description": "Install a Terraform wrapper to help with this permissions bug (https://github.com/ministryofjustice/.devcontainer/issues/140)",
+      "default": true
     }
   },
   "customizations": {

diff --git a/features/src/terraform/install-terraform-cli.sh b/features/src/terraform/install-terraform-cli.sh
@@ -10,6 +10,7 @@ get_system_architecture
 
 GITHUB_REPOSITORY="hashicorp/terraform"
 VERSION="${TERRAFORMCLIVERSION:-"latest"}"
+INSTALL_TERRAFORM_WRAPPER="${INSTALLTERRAFORMWRAPPER:-"true"}"
 
 if [[ "${VERSION}" == "latest" ]]; then
   get_github_latest_tag "${GITHUB_REPOSITORY}"
@@ -25,7 +26,12 @@ curl --fail-with-body --location "https://releases.hashicorp.com/terraform/${VER
 
 unzip "terraform_${VERSION_STRIP_V}_linux_${ARCHITECTURE}.zip"
 
-install --owner=vscode --group=vscode --mode=775 terraform /usr/local/bin/terraform
+if [[ "${INSTALL_TERRAFORM_WRAPPER}" == "true" ]]; then
+  install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/usr/local/bin/terraform /usr/local/bin/terraform
+  install --owner=vscode --group=vscode --mode=775 terraform /usr/local/bin/terraform-bin
+else
+  install --owner=vscode --group=vscode --mode=775 terraform /usr/local/bin/terraform
+fi
 
 install --owner=vscode --group=vscode --mode=775 "$(dirname "${0}")"/src/home/vscode/.devcontainer/featurerc.d/terraform-cli.sh /home/vscode/.devcontainer/featurerc.d/terraform-cli.sh
 

diff --git a/features/src/terraform/src/usr/local/bin/terraform b/features/src/terraform/src/usr/local/bin/terraform
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+# If current directory contains .tf files, set TF_DATA_DIR to /tmp/terraform/${currentDirectory} otherwise use default
+if ls -- *.tf &>/dev/null; then
+  currentDirectory="$(basename "$(pwd)")"
+  export TF_DATA_DIR="/tmp/terraform/${currentDirectory}"
+fi
+
+exec /usr/local/bin/terraform-bin "$@"
diff --git a/features/test/terraform/no_wrapper.sh b/features/test/terraform/no_wrapper.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+set -e
+
+# shellcheck source=/dev/null
+# file only accessible when using devcontainer CLI
+source dev-container-features-test-lib
+
+check "terraform version" terraform version
+
+reportResults
diff --git a/features/test/terraform/scenarios.json b/features/test/terraform/scenarios.json
@@ -0,0 +1,10 @@
+{
+  "no_wrapper": {
+    "image": "ghcr.io/ministryofjustice/devcontainer-base:local-feature-test",
+    "features": {
+      "terraform": {
+        "installTerraformWrapper": false
+      }
+    }
+  }
+}
diff --git a/scripts/features/test.sh b/scripts/features/test.sh
@@ -13,3 +13,10 @@ devcontainer features test \
   --skip-scenarios \
   --skip-duplicated \
   --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test
+
+devcontainer features test \
+  --project-folder features \
+  --features "${FEATURE_TO_TEST}" \
+  --skip-autogenerated \
+  --skip-duplicated \
+  --base-image ghcr.io/ministryofjustice/devcontainer-base:local-feature-test