From decf957c61ba5b9c90518ba15a00a77770761229 Mon Sep 17 00:00:00 2001
From: Carmelo Messina <carmelo.messina@outlook.com>
Date: Sat, 19 Jun 2021 12:16:16 +0200
Subject: [PATCH] add terraform script for buildgrid server

---
 images/terraform-buildgrid/buildgrid.tf  | 152 +++++++++++++++++++++++
 images/terraform-buildgrid/buildgrid.yml |  60 +++++++++
 images/terraform-buildgrid/variables.tf  |  43 +++++++
 3 files changed, 255 insertions(+)
 create mode 100644 images/terraform-buildgrid/buildgrid.tf
 create mode 100644 images/terraform-buildgrid/buildgrid.yml
 create mode 100644 images/terraform-buildgrid/variables.tf

diff --git a/images/terraform-buildgrid/buildgrid.tf b/images/terraform-buildgrid/buildgrid.tf
new file mode 100644
index 0000000..cd7eb1e
--- /dev/null
+++ b/images/terraform-buildgrid/buildgrid.tf
@@ -0,0 +1,152 @@
+terraform {
+  backend "remote" {
+    organization = "uazo-bromite"
+
+    workspaces {
+      name = "bromite-ci"
+    }
+  }
+}
+
+provider "oci" {
+  tenancy_ocid     = "${var.tenancy_ocid}"
+  user_ocid        = "${var.user_ocid}"
+  fingerprint      = "${var.fingerprint}"
+  private_key_path = "${var.private_oci_key_path}"
+  region           = "${var.region}"
+}
+
+resource "oci_core_vcn" "ci_vcn" {
+  compartment_id = "${var.compartment_id}"
+  cidr_blocks = ["10.0.1.0/24"]
+}
+
+resource "oci_core_internet_gateway" "ci_internet_gateway" {
+  vcn_id         = oci_core_vcn.ci_vcn.id
+  compartment_id = "${var.compartment_id}"
+  enabled        = true
+}
+
+resource "oci_core_default_route_table" "ci_route_table" {
+  compartment_id = "${var.compartment_id}"
+  manage_default_resource_id = oci_core_vcn.ci_vcn.default_route_table_id
+  route_rules {
+    network_entity_id = oci_core_internet_gateway.ci_internet_gateway.id
+    destination = "0.0.0.0/0"
+    destination_type = "CIDR_BLOCK"
+  }
+}
+
+resource "oci_core_default_security_list" "ci_security_list" {
+  compartment_id = "${var.compartment_id}"
+  manage_default_resource_id = oci_core_vcn.ci_vcn.default_security_list_id
+  egress_security_rules {
+    stateless        = false
+    destination      = "0.0.0.0/0"
+    destination_type = "CIDR_BLOCK"
+    protocol         = "all" 
+  }
+
+  ingress_security_rules {
+    protocol = "6" # TCP
+    source = "0.0.0.0/0"
+    tcp_options {
+      min = 50051
+      max = 50051
+    }
+  }
+
+  ingress_security_rules {
+    protocol = "6" # TCP
+    source = "0.0.0.0/0"
+    tcp_options {
+      min = 22
+      max = 22
+    }
+  }
+}
+
+resource "oci_core_subnet" "ci_subnet" {
+  vcn_id         = oci_core_vcn.ci_vcn.id
+  cidr_block     = "10.0.1.0/24"
+  compartment_id = "${var.compartment_id}"
+}
+
+resource "oci_core_instance" "buildgrid0" {
+  display_name        = "buildgrid0"
+  availability_domain = "${var.availability_domain}"
+  compartment_id      = "${var.compartment_id}"
+  shape               = "VM.Standard.E2.1.Micro"
+
+  create_vnic_details {
+    assign_public_ip = true
+    subnet_id        = oci_core_subnet.ci_subnet.id
+  }
+	
+  source_details {
+    source_type = "image"
+    source_id   = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaa3mdsbx7kel54yf55ugtfwsvegivhvtidxlfrofwzqlfsg4nb4dxa"
+  }
+
+  metadata = {
+    ssh_authorized_keys = file("${var.ssh_authorized_keys}")
+  }
+
+  timeouts {
+    create = "15m"
+  }
+
+  connection {
+    type        = "ssh"
+    host        = "${self.public_ip}"
+    user        = "${var.userid}"
+    private_key = file("${var.public_key}")
+    timeout     = "5m"
+  }
+  
+  provisioner "file" {
+    source      = "buildgrid.yml"
+    destination = "buildgrid.yml"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "set -o errexit",
+      
+      "echo waiting 90s",
+      "sleep 90s",
+
+      "echo apt updating",
+      "sudo apt-get update",
+      "sudo apt-get -y upgrade",
+      
+      "echo installing pre-reqs",
+      "sudo apt-get install -y python3 python3-venv git firewalld",
+      
+      "echo cloning buildgrid repo",
+      "git clone https://gitlab.com/BuildGrid/buildgrid.git",
+      "cd buildgrid/",
+
+      "echo setting up",
+      "python3 -m venv env",
+      "env/bin/python -m pip install --upgrade setuptools pip wheel",
+      "env/bin/python -m pip install --editable .",
+
+      "echo opening tcp port",
+      "sudo firewall-cmd --zone=public --permanent --add-port=50051/tcp",
+      "sudo firewall-cmd --reload",
+
+      "nohup env/bin/bgd server start ../buildgrid.yml &",
+      "sleep 30s",
+    ]
+  }
+}
+
+data "oci_core_instance" "instance" {
+  instance_id = oci_core_instance.buildgrid0.id
+}
+
+output "instance_ip" {
+  value = data.oci_core_instance.instance.public_ip
+}
+#terraform output instance_ip
diff --git a/images/terraform-buildgrid/buildgrid.yml b/images/terraform-buildgrid/buildgrid.yml
new file mode 100644
index 0000000..a8c1053
--- /dev/null
+++ b/images/terraform-buildgrid/buildgrid.yml
@@ -0,0 +1,60 @@
+server:
+  - !channel
+    port: 50051
+    insecure-mode: true
+
+description: >
+  BuildGrid's default configuration:
+    - Unauthenticated plain HTTP at :50051
+    - Single instance: [unnamed]
+    - In-memory data, max. 2Gio
+    - DataStore: sqlite:///./example.db
+    - Hosted services:
+       - ActionCache
+       - Execute
+       - ContentAddressableStorage
+       - ByteStream
+
+authorization:
+  method: none
+
+monitoring:
+  enabled: false
+
+instances:
+  - name: 'default_instance'
+    description: |
+      The unique '' instance.
+
+    storages:
+      - !disk-storage &cas-storage
+        path: !expand-path $HOME/cas
+
+    schedulers:
+      - !memory-scheduler &state-database
+        storage: *cas-storage
+
+    caches:
+      - !lru-action-cache &build-cache
+        storage: *cas-storage
+        max-cached-refs: 256
+        cache-failed-actions: true
+        allow-updates: true
+
+    services:
+      - !action-cache
+        cache: *build-cache
+
+      - !execution
+        storage: *cas-storage
+        action-cache: *build-cache
+        scheduler: *state-database
+        max-execution-timeout: 7200
+
+      - !cas
+        storage: *cas-storage
+
+      - !bytestream
+        storage: *cas-storage
+
+thread-pool-size: 5000
diff --git a/images/terraform-buildgrid/variables.tf b/images/terraform-buildgrid/variables.tf
new file mode 100644
index 0000000..3f227cc
--- /dev/null
+++ b/images/terraform-buildgrid/variables.tf
@@ -0,0 +1,43 @@
+
+variable "tenancy_ocid" {
+  sensitive = true
+}
+
+variable "user_ocid" {
+  sensitive = true
+}
+
+variable "fingerprint" {
+  sensitive = true
+}
+
+variable "private_oci_key_path" {
+  sensitive = true
+}
+
+variable "region" {
+  sensitive = true
+}
+
+variable "compartment_id" {
+  sensitive = true
+}
+
+variable "availability_domain" {
+  sensitive = true
+}
+
+variable "ssh_authorized_keys" {
+  sensitive = true
+}
+variable "public_key" {
+  sensitive = true
+}
+
+variable "subnet_id" {
+  sensitive = true
+}
+
+variable "userid" {
+  sensitive = true
+}
\ No newline at end of file