Anton Babenko antonbabenko

## crash.log
2018/01/17 12:16:50 [INFO] Terraform version: 0.11.2  a6008b8a48a749c7c167453b9cf55ffd572b9a5d
2018/01/17 12:16:50 [INFO] Go runtime version: go1.9.1
2018/01/17 12:16:50 [INFO] CLI args: []string{"/usr/local/Cellar/tfenv/0.6.0/versions/0.11.2/terraform", "init"}
2018/01/17 12:16:50 [DEBUG] Attempting to open CLI config file: /Users/Bob/.terraformrc
2018/01/17 12:16:50 Loading CLI configuration from /Users/Bob/.terraformrc
2018/01/17 12:16:50 [INFO] CLI command args: []string{"init"}
2018/01/17 12:16:50 [DEBUG] command: loading backend config file: /Users/Bob/Sites/terracing-test-repo/terraform
2018/01/17 12:16:50 [TRACE] module source: "terraform-aws-modules/security-group/aws//modules/http-80"
2018/01/17 12:16:50 [TRACE] "terraform-aws-modules/security-group/aws//modules/http-80" is a registry module
2018/01/17 12:16:50 [INFO] no matching version for "terraform-aws-modules/security-group/aws//modules/http-80"<>, no versions found

## ecs-codedeploy
#!/usr/bin/env bash

#######################################################################
# This script performs deployment of ECS Service using AWS CodeDeploy
#
# Heavily inspired by https://github.com/silinternational/ecs-deploy ,
# which unfortunately can't be used to deploy ECS service when `deployment_option=ECS`
#
# Author: Anton Babenko
# URL: https://github.com/antonbabenko

## .bash_profile
# Put this function in your ~/.bash_profile or similar and use `terragrunt` as before.

# From: https://github.com/gruntwork-io/bash-commons/blob/master/modules/bash-commons/src/array.sh
# Returns 0 if the given item (needle) is in the given array (haystack); returns 1 otherwise.
array_contains() {
  local -r needle="$1"
  shift
  local -ra haystack=("$@")

  local item

## gist:8eca477d28340d5116a2cd776bfd5e65
1. Faster cache invalidation (eg, like stackpath has, for example). Maybe add flag to disable blocking which is helpful when using in automation? - Denis S.
2. Add brotli compression - Anton K.
3. Why different POPs have different distribution settings? Canada and Dallas sometimes have gzip disabled. - Anton K.
4. Allow to specify "latest" as version of AWS Lambda functions. - Uriah S.

## terraform-cost-estimation.rego
# Terraform Cost Estimation + Open Policy Agent
#
# This code snippet supports terraform state for now.
#
# Get the whole response:
# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation
#
# Get boolean response. Return false if state (per hour) is too expensive:
# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation.response.allowed

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                antonbabenko
                / README.md
            
            
              Created
              September 1, 2020 13:16
            
              
                aws_ecs_service - The new ARN and resource ID format must be enabled to propagate tags.
              
          
    Error:
aws_ecs_service.atlantis: Creating...

Error: InvalidParameterException: The new ARN and resource ID format must be enabled to add tags to the service. Opt in to the new format and try again. "atlantis"

Solution - enable new features in AWS account:

  
## setup.sh
git clone git@github.com:tj/sponsors-api.git
cd sponsors-api

# Install up ( https://github.com/apex/up )
curl -sf https://up.apex.sh/install | sh

# Build the binary
GOOS=linux GOARCH=amd64 go build -o server cmd/sponsors-api/main.go

# Create config for up

## generate-terraform-wrappers.sh
#!/usr/bin/env bash

set -e

readonly CONTENT_MAIN_TF='module "wrapper" {}'
readonly CONTENT_VARIABLES_TF='variable "items" {
  description = "Maps of items to create a wrapper from. Values are passed through to the module."
  type        = any
  default     = {}
}'

## gist:06ef9e96867e790e1a17ca958d2da95c
# Copy image from GHCR into private ECR

aws ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin 835367859851.dkr.ecr.eu-west-1.amazonaws.com

docker pull ghcr.io/cloudquery/cloudquery:0.13.4
docker tag ghcr.io/cloudquery/cloudquery:0.13.4 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4
docker push 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4


# Run Postgres locally

## valid_but_ugly.tf
resource "aws_db_instance" "valid_but_ugly" {
  allocated_storage       = 20
  storage_type            = "gp2"
  engine                  = "mysql"
  engine_version          = "5.7"
  instance_class          = "db.t2.micro"

  # flip value to true/false will return multiple violations.
  iam_database_authentication_enabled = local.test2.some[0] == "dd" #tobool("true")
  #(true == true)
	2018/01/17 12:16:50 [INFO] Terraform version: 0.11.2 a6008b8a48a749c7c167453b9cf55ffd572b9a5d
	2018/01/17 12:16:50 [INFO] Go runtime version: go1.9.1
	2018/01/17 12:16:50 [INFO] CLI args: []string{"/usr/local/Cellar/tfenv/0.6.0/versions/0.11.2/terraform", "init"}
	2018/01/17 12:16:50 [DEBUG] Attempting to open CLI config file: /Users/Bob/.terraformrc
	2018/01/17 12:16:50 Loading CLI configuration from /Users/Bob/.terraformrc
	2018/01/17 12:16:50 [INFO] CLI command args: []string{"init"}
	2018/01/17 12:16:50 [DEBUG] command: loading backend config file: /Users/Bob/Sites/terracing-test-repo/terraform
	2018/01/17 12:16:50 [TRACE] module source: "terraform-aws-modules/security-group/aws//modules/http-80"
	2018/01/17 12:16:50 [TRACE] "terraform-aws-modules/security-group/aws//modules/http-80" is a registry module
	2018/01/17 12:16:50 [INFO] no matching version for "terraform-aws-modules/security-group/aws//modules/http-80"<>, no versions found
	#!/usr/bin/env bash

	#######################################################################
	# This script performs deployment of ECS Service using AWS CodeDeploy
	#
	# Heavily inspired by https://github.com/silinternational/ecs-deploy ,
	# which unfortunately can't be used to deploy ECS service when `deployment_option=ECS`
	#
	# Author: Anton Babenko
	# URL: https://github.com/antonbabenko
	# Put this function in your ~/.bash_profile or similar and use `terragrunt` as before.

	# From: https://github.com/gruntwork-io/bash-commons/blob/master/modules/bash-commons/src/array.sh
	# Returns 0 if the given item (needle) is in the given array (haystack); returns 1 otherwise.
	array_contains() {
	local -r needle="$1"
	shift
	local -ra haystack=("$@")

	local item
	1. Faster cache invalidation (eg, like stackpath has, for example). Maybe add flag to disable blocking which is helpful when using in automation? - Denis S.
	2. Add brotli compression - Anton K.
	3. Why different POPs have different distribution settings? Canada and Dallas sometimes have gzip disabled. - Anton K.
	4. Allow to specify "latest" as version of AWS Lambda functions. - Uriah S.
	# Terraform Cost Estimation + Open Policy Agent
	#
	# This code snippet supports terraform state for now.
	#
	# Get the whole response:
	# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation
	#
	# Get boolean response. Return false if state (per hour) is too expensive:
	# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation.response.allowed
	git clone git@github.com:tj/sponsors-api.git
	cd sponsors-api

	# Install up ( https://github.com/apex/up )
	curl -sf https://up.apex.sh/install \| sh

	# Build the binary
	GOOS=linux GOARCH=amd64 go build -o server cmd/sponsors-api/main.go

	# Create config for up
	#!/usr/bin/env bash

	set -e

	readonly CONTENT_MAIN_TF='module "wrapper" {}'
	readonly CONTENT_VARIABLES_TF='variable "items" {
	description = "Maps of items to create a wrapper from. Values are passed through to the module."
	type = any
	default = {}
	}'
	# Copy image from GHCR into private ECR

	aws ecr get-login-password --region eu-west-1 \| docker login --username AWS --password-stdin 835367859851.dkr.ecr.eu-west-1.amazonaws.com

	docker pull ghcr.io/cloudquery/cloudquery:0.13.4
	docker tag ghcr.io/cloudquery/cloudquery:0.13.4 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4
	docker push 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4


	# Run Postgres locally
	resource "aws_db_instance" "valid_but_ugly" {
	allocated_storage = 20
	storage_type = "gp2"
	engine = "mysql"
	engine_version = "5.7"
	instance_class = "db.t2.micro"

	# flip value to true/false will return multiple violations.
	iam_database_authentication_enabled = local.test2.some[0] == "dd" #tobool("true")
	#(true == true)