From 5cef62834e76f57514d0d09c24e4a2c98ea05485 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 4 Dec 2024 13:42:47 +0000 Subject: [PATCH] fix: move spartan-script tf to spartan, use file in bucket (#10395) --- aztec-up/terraform/main.tf | 12 --- iac/main.tf | 49 --------- spartan/terraform/user-script/main.tf | 144 ++++++++++++++++++++++++++ 3 files changed, 144 insertions(+), 61 deletions(-) create mode 100644 spartan/terraform/user-script/main.tf diff --git a/aztec-up/terraform/main.tf b/aztec-up/terraform/main.tf index 63f44df06df..3adcae03b5d 100644 --- a/aztec-up/terraform/main.tf +++ b/aztec-up/terraform/main.tf @@ -108,18 +108,6 @@ resource "null_resource" "upload_public_directory" { } } -# resource "aws_route53_record" "subdomain_record" { -# zone_id = data.terraform_remote_state.aztec2_iac.outputs.aws_route53_zone_id -# name = "install.aztec.network" -# type = "A" - -# alias { -# name = aws_s3_bucket_website_configuration.website_bucket.website_domain -# zone_id = aws_s3_bucket.install_bucket.hosted_zone_id -# evaluate_target_health = true -# } -# } - resource "aws_cloudfront_distribution" "install" { origin { domain_name = aws_s3_bucket.install_bucket.website_endpoint diff --git a/iac/main.tf b/iac/main.tf index 46b145be06a..5e1dec466d6 100644 --- a/iac/main.tf +++ b/iac/main.tf @@ -125,52 +125,3 @@ resource "aws_route53_record" "static" { evaluate_target_health = true } } - -resource "aws_s3_bucket" "sp_testnet_redirect" { - bucket = "sp-testnet.aztec.network" - - website { - redirect_all_requests_to { - host_name = "github.com" - protocol = "https" - path = "/AztecProtocol/aztec-packages/refs/heads/master/spartan/releases/create-spartan.sh" - } - } -} - -resource "aws_s3_bucket_public_access_block" "sp_testnet_public_access" { - bucket = aws_s3_bucket.sp_testnet_redirect.id - - block_public_acls = false - block_public_policy = false - ignore_public_acls = false - restrict_public_buckets = false -} - -resource "aws_s3_bucket_policy" "sp_testnet_policy" { - bucket = aws_s3_bucket.sp_testnet_redirect.id - - policy = jsonencode({ - Version = "2012-10-17" - Statement = [ - { - Effect = "Allow" - Principal = "*" - Action = "s3:GetObject" - Resource = "arn:aws:s3:::${aws_s3_bucket.sp_testnet_redirect.id}/*" - } - ] - }) -} - -resource "aws_route53_record" "sp_testnet" { - zone_id = data.terraform_remote_state.aztec2_iac.outputs.aws_route53_zone_id - name = "sp-testnet.aztec.network" - type = "A" - - alias { - name = aws_s3_bucket.sp_testnet_redirect.website_domain - zone_id = aws_s3_bucket.sp_testnet_redirect.hosted_zone_id - evaluate_target_health = true - } -} diff --git a/spartan/terraform/user-script/main.tf b/spartan/terraform/user-script/main.tf new file mode 100644 index 00000000000..c3291292c2e --- /dev/null +++ b/spartan/terraform/user-script/main.tf @@ -0,0 +1,144 @@ +terraform { + backend "s3" { + bucket = "aztec-terraform" + key = "spartan-script" + region = "eu-west-2" + } + required_providers { + aws = { + source = "hashicorp/aws" + version = "5.29.0" + } + } +} + +provider "aws" { + region = "eu-west-2" +} + +data "terraform_remote_state" "aztec2_iac" { + backend = "s3" + config = { + bucket = "aztec-terraform" + key = "aztec2/iac" + region = "eu-west-2" + } +} + +resource "aws_s3_bucket" "sp_testnet_script" { + bucket = "sp-testnet.aztec.network" +} + +resource "aws_s3_bucket_website_configuration" "sp_testnet_script" { + bucket = aws_s3_bucket.sp_testnet_script.id + + index_document { + suffix = "create-spartan.sh" + } +} + +resource "aws_s3_bucket_public_access_block" "sp_testnet_public_access" { + bucket = aws_s3_bucket.sp_testnet_script.id + + block_public_acls = false + block_public_policy = false + ignore_public_acls = false + restrict_public_buckets = false +} + +resource "aws_s3_bucket_policy" "sp_testnet_policy" { + bucket = aws_s3_bucket.sp_testnet_script.id + + policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + Effect = "Allow" + Principal = "*" + Action = "s3:GetObject" + Resource = "arn:aws:s3:::${aws_s3_bucket.sp_testnet_script.id}/*" + } + ] + }) +} + +# Upload files to s3 bucket +resource "null_resource" "upload_script" { + triggers = { + always_run = "${timestamp()}" + } + + provisioner "local-exec" { + interpreter = ["/bin/bash", "-c"] + command = <