Taskfile.yml

version: '3'
dotenv: ['setup.config']

env:
  PROJECT: 
    sh: "basename {{.PWD}}"
  CMD:
    sh: (which nerdctl > /dev/null 2>&1 && echo "nerdctl" || echo "docker")
  IMAGE:  "ghcr.io/opentofu/opentofu:${TF_VERSION}"
  TEMPLATER: hairyhenderson/gomplate
  PLATFORM: 
    sh: (case $(uname -m) in x86_64) echo "linux/amd64" ;; arm64 | aarch64) echo "linux/arm64" ;; arm*) echo "linux/arm/v7" ;; *) echo "Unsupported platform" && exit 1 ;; esac)

tasks:
  debug:
    desc: "Print out viarables set before exexuting tasks"
    cmds:
      - |
        echo "TIER:{{.TIER}}"
        echo "TF_VERSION:{{.TF_VERSION}}"
        echo "DOMAIN:{{.DOMAIN}}"
        echo "CMD:{{.CMD}}"
        echo "IMAGE:{{.IMAGE}}"
        echo "PLATFORM:{{.PLATFORM}}"

  shell:
    desc: "Run a shell in the container"
    vars:
      account: '{{default "" .account}}'
      region: '{{default "ap-southeast-1" .region}}'
      group: '{{default "" .group}}'
      WS_PATH: '$(case ${TIER} in 1) echo "{{.account}}" ;; 2) echo "{{.account}}/{{.region}}" ;; 3) echo "{{.account}}/{{.region}}/{{.region}}" ;; *) echo "Unsupported tier" && exit 1 ;; esac)'
      COMMAND: '{{.CMD}} run --platform {{.PLATFORM}} --rm -it -e USER=$(id -u) -e GROUP=$(id -g) -e AWS_PROFILE={{.account}} -v {{.HOME}}/.aws:/root/.aws -v {{.HOME}}/.gitconfig:/root/.gitconfig -v {{.PWD}}:/tf -v {{.PWD}}/local_modules:/tf/workspaces/{{.WS_PATH}}/local_modules -w /tf/workspaces/{{.WS_PATH}} --entrypoint \"\" {{.IMAGE}}'
    cmds:
      - |
        [ "{{.account}}" ] || { echo "account is required."; exit 1; }
        [ "{{.TIER}}" -ge 2 ] && [ -z "{{.region}}" ] && echo "REGION is required." && exit 1 || true
        [ "{{.TIER}}" -eq 3 ] && [ -z "{{.region}}" ] && echo "GROUP is required." && exit 1 || true
        echo "{{.account}}"
        echo "{{.region}}"
        echo "{{.WS_PATH}}"
        echo "{{.COMMAND}}"
        eval "{{.COMMAND}}" /bin/sh
        eval "{{.COMMAND}}" chown -R $(id -u):$(id -g) .

  scaffold:
    desc: "Scaffold a workspace"
    vars:
      account: '{{default "" .account}}'
      account_id: '{{default "" .account_id}}'
      region: '{{default "ap-southeast-1" .region}}'
      group: '{{default "" .group}}'
      WS_PATH: '$(case ${TIER} in 1) echo "{{.account}}" ;; 2) echo "{{.account}}/{{.region}}" ;; 3) echo "{{.account}}/{{.region}}/{{.region}}" ;; *) echo "Unsupported tier" && exit 1 ;; esac)'
      KEY_PATH: '$(case ${TIER} in 1) echo "{{.account}}/{{.PROJECT}}" ;; 2) echo "{{.account}}/{{.PROJECT}}/{{.region}}" ;; 3) echo "{{.account}}/{{.PROJECT}}/{{.region}}/{{.region}}" ;; *) echo "Unsupported tier" && exit 1 ;; esac)'
      RELATIVE_WS_PATH: '$(case "${TIER}" in 1) echo "../..";; 2) echo "../../..";; 3) echo "../../../../";; esac)'
      RENDER: '{{.CMD}} run --platform {{ .PLATFORM }} --user $(id -u):$(id -g) --rm -it -v {{.PWD}}:/tf -w /tf {{.TEMPLATER}}'
    cmds:
      - |
        [ "{{.account}}" ]    || { echo "account is required."; exit 1; }
        [ "{{.account_id}}" ] || { echo "account_id is required."; exit 1; }
        [ "{{.TIER}}" -ge 2 ] && [ -z "{{.region}}" ] && echo "region is required." && exit 1 || true
        [ "{{.TIER}}" -eq 3 ] && [ -z "{{.region}}" ] && [ -z "{{.group}}" ] && echo "group is required." && exit 1 || true
        [ -d "workspaces/{{.WS_PATH}}" ] && echo "Workspace already exists." && exit 1 || mkdir -p workspaces/{{.WS_PATH}}
        [ -d "workspaces/{{.WS_PATH}}/local_modules" ]  || ( cd workspaces/{{.WS_PATH}}; ln -s {{.RELATIVE_WS_PATH}}/local_modules . )
        [ -f "workspaces/{{.WS_PATH}}/auto.tf" ]   	   || ( cd workspaces/{{.WS_PATH}}; ln -s {{.RELATIVE_WS_PATH}}/base/auto.tf . )
        [ -f "workspaces/{{.WS_PATH}}/main.tf" ]   	   || ( touch ./workspaces/{{.WS_PATH}}/main.tf )
        [ -f "workspaces/{{.WS_PATH}}/vars.tf" ]   	   || ( cp ./base/vars.tf ./workspaces/{{.WS_PATH}}/ ) 
        [ -d "workspaces/{{.WS_PATH}}/resources" ] 	   || ( mkdir -p ./workspaces/{{.WS_PATH}}/resources ; cp -r ./base/skeleton/* ./workspaces/{{.WS_PATH}}/resources ) 
        echo "ACCOUNT: {{.account}}" > tmp/config.yaml
        echo "ACCOUNT_ID: \"{{.account_id}}\"" >> tmp/config.yaml
        [ "{{.TIER}}" -ge 2 ] && echo "REGION: {{.region}}" >> tmp/config.yaml
        [ "{{.TIER}}" -eq 3 ] && echo "GROUP: {{.region}}" >> tmp/config.yaml
        echo "PROJECT: {{.PROJECT}}" >> tmp/config.yaml
        echo "DOMAIN: {{.DOMAIN}}" >> tmp/config.yaml
        echo "TIER: {{.TIER}}" >> tmp/config.yaml
        echo "KEY_PATH: {{.KEY_PATH}}" >> tmp/config.yaml
        {{.RENDER}} -c .=/tf/tmp/config.yaml -f /tf/base/provider.tf.tmpl -o /tf/workspaces/{{.WS_PATH}}/provider.tf     
        [ "{{.TIER}}" -ge 2 ] && {{.RENDER}} -c .=/tf/tmp/config.yaml -f /tf/base/terraform.auto.tfvars.tmpl -o /tf/workspaces/{{.WS_PATH}}/terraform.auto.tfvars  || true
        echo "Scaffold complete."

  unscaffold:
    desc: "Unscaffold a workspace"
    vars:
      account: '{{default "" .account}}'
      region: '{{default "ap-southeast-1" .region}}'
      GROUP: '{{default "" .region}}'
      WS_PATH: '$(case ${TIER} in 1) echo "{{.account}}" ;; 2) echo "{{.account}}/{{.region}}" ;; 3) echo "{{.account}}/{{.region}}/{{.region}}" ;; *) echo "Unsupported tier" && exit 1 ;; esac)'
    cmds:
      - |
        [ "{{.account}}" ] || ( echo "ACCOUNT is required."; exit 1 )
        [ "{{.TIER}}" -ge 2 ] && [ -z "{{.region}}" ] && echo "REGION is required." && exit 1 || true
        [ "{{.TIER}}" -eq 3 ] && [ -z "{{.region}}" ] && echo "GROUP is required." && exit 1 || true
        echo "{{.WS_PATH}}"
        [ -d "workspaces/{{.WS_PATH}}" ] || ( echo "Workspace does not exist."; exit 1 )
        rm -rf workspaces/{{.WS_PATH}}