[Native K8s] Use <<-EOF syntax instead of an array of strings

majanjua-amzn · majanjua-amzn · commit f4e394895014 · 2024-04-02T14:18:01.000-07:00
diff --git a/terraform/k8s/cleanup/main.tf b/terraform/k8s/cleanup/main.tf
@@ -10,26 +10,28 @@ resource "null_resource" "cleanup" {
 
   provisioner "remote-exec" {
     inline = [
+      <<-EOF
       # Allow terraform to fail any of the following steps without exiting
-      "set +e",
+      set +e
 
       # Uninstall the operator and remove the repo from the EC2 instance
-      "echo \"LOG: Uninstalling CloudWatch Agent Operator\"",
-      "helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found",
-      "echo \"LOG: Deleting CloudWatch Agent Operator repo from environment\"",
-      "[ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator",
+      echo "LOG: Uninstalling CloudWatch Agent Operator"
+      helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found
+      echo "LOG: Deleting CloudWatch Agent Operator repo from environment"
+      [ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator
 
       # Delete sample app resources
-      "echo \"LOG: Deleting sample app namespace\"",
-      "kubectl delete namespace sample-app-namespace",
-      "echo \"LOG: Deleting sample app deployment files\"",
-      "[ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml",
-      "[ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml",
-      "sleep 10",
+      echo "LOG: Deleting sample app namespace"
+      kubectl delete namespace sample-app-namespace
+      echo "LOG: Deleting sample app deployment files"
+      [ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml
+      [ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml
+      sleep 10
 
       # Print cluster state when done clean up procedures
-      "echo \"LOG: Printing cluster state after cleanup\"",
-      "kubectl get pods -A",
+      echo "LOG: Printing cluster state after cleanup"
+      kubectl get pods -A
+      EOF
     ]
   }
 }
diff --git a/terraform/k8s/deploy/main.tf b/terraform/k8s/deploy/main.tf
@@ -23,66 +23,72 @@ resource "null_resource" "deploy" {
 
   provisioner "remote-exec" {
     inline = [
+      <<-EOF
       # Make the Terraform fail if any step throws an error
-      "set -e",
+      set -e
 
       # Ensure environment is clean
-      "echo \"LOG: Rerunning cleanup commands in case of cleanup failure in previous run\"",
-      "helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found",
-      "kubectl delete namespace sample-app-namespace --ignore-not-found=true",
-      "[ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator",
-      "[ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml",
-      "[ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml",
+      echo "LOG: Rerunning cleanup commands in case of cleanup failure in previous run"
+      helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found
+      kubectl delete namespace sample-app-namespace --ignore-not-found=true
+      [ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator
+      [ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml
+      [ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml
 
       # Clone and install operator onto cluster
-      "echo \"LOG: Cloning operator repo\"",
-      "git clone https://github.com/aws/amazon-cloudwatch-agent-operator -q",
-      "cd amazon-cloudwatch-agent-operator/helm/",
-      "echo \"LOG: Installing CloudWatch Agent Operator using Helm\"",
-      "helm upgrade --install --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator ./ --create-namespace --set region=us-east-1 --set clusterName=k8s-cluster-${var.test_id}",
+      echo "LOG: Cloning operator repo"
+      git clone https://github.com/aws/amazon-cloudwatch-agent-operator -q
+      cd amazon-cloudwatch-agent-operator/helm/
+      echo "LOG: Installing CloudWatch Agent Operator using Helm"
+      helm upgrade --install --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator ./ --create-namespace --set region=us-east-1 --set clusterName=k8s-cluster-${var.test_id}
 
-      "sleep 60", # wait for pods to exist before checking if they're ready
-      "kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=amazon-cloudwatch-observability -n amazon-cloudwatch --timeout=60s",
-      "kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=cloudwatch-agent -n amazon-cloudwatch --timeout=60s",
+      # Wait for pods to exist before checking if they're ready
+      sleep 60
+      kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=amazon-cloudwatch-observability -n amazon-cloudwatch --timeout=60s
+      kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=cloudwatch-agent -n amazon-cloudwatch --timeout=60s
 
       # Create sample app namespace
-      "echo \"LOG: Creating sample app namespace\"",
-      "kubectl create namespace sample-app-namespace",
+      echo "LOG: Creating sample app namespace"
+      kubectl create namespace sample-app-namespace
 
       # Set up secret to pull image with
-      "echo \"LOG: Creating secret \"",
-      "ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)",
-      "SECRET_NAME=ecr-secret",
-      "TOKEN=`aws ecr --region=${var.aws_region} get-authorization-token --output text --query authorizationData[].authorizationToken | base64 -d | cut -d: -f2`",
+      echo "LOG: Creating secret to access ECR images"
+      ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)
+      SECRET_NAME=ecr-secret
+      TOKEN=`aws ecr --region=${var.aws_region} get-authorization-token --output text --query authorizationData[].authorizationToken | base64 -d | cut -d: -f2`
 
-      "echo \"LOG: Deleting secret if it exists\"",
-      "kubectl delete secret -n sample-app-namespace --ignore-not-found $SECRET_NAME",
-      "echo \"LOG: Creating secret for pulling sample app ECR\"",
-      "kubectl create secret -n sample-app-namespace docker-registry $SECRET_NAME \\",
-      "--docker-server=https://$ACCOUNT.dkr.ecr.${var.aws_region}.amazonaws.com \\",
-      "--docker-username=AWS \\",
-      "--docker-password=\"$${TOKEN}\"",
+      echo "LOG: Deleting secret if it exists"
+      kubectl delete secret -n sample-app-namespace --ignore-not-found $SECRET_NAME
+      echo "LOG: Creating secret for pulling sample app ECR"
+      kubectl create secret -n sample-app-namespace docker-registry $SECRET_NAME \
+      --docker-server=https://$ACCOUNT.dkr.ecr.${var.aws_region}.amazonaws.com \
+      --docker-username=AWS \
+      --docker-password="$${TOKEN}"
 
       # Deploy sample app
-      "echo \"LOG: Pulling sample app deployment files\"",
-      "cd ~", # To ensure everything is downloaded into root directory so cleanup is easy
-      "aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key frontend-service-depl.yaml frontend-service-depl.yaml",
-      "aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key remote-service-depl.yaml remote-service-depl.yaml",
-      "echo \"LOG: Applying sample app deployment files\"",
-      "kubectl apply -f frontend-service-depl.yaml",
-      "kubectl apply -f remote-service-depl.yaml",
+      echo "LOG: Pulling sample app deployment files"
+
+      # cd to ensure everything is downloaded into root directory so cleanup is each
+      cd ~
+      aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key frontend-service-depl.yaml frontend-service-depl.yaml
+      aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key remote-service-depl.yaml remote-service-depl.yaml
+      echo "LOG: Applying sample app deployment files"
+      kubectl apply -f frontend-service-depl.yaml
+      kubectl apply -f remote-service-depl.yaml
 
       # Expose sample app on port 30100
-      "echo \"LOG: Exposing main sample app on port 30100\"",
-      "kubectl expose deployment sample-app-deployment-${var.test_id} -n sample-app-namespace --type=\"NodePort\" --port 8080",
-      "kubectl patch service sample-app-deployment-${var.test_id} -n sample-app-namespace --type='json' --patch='[{\"op\": \"replace\", \"path\": \"/spec/ports/0/nodePort\", \"value\":30100}]'",
+      echo "LOG: Exposing main sample app on port 30100"
+      kubectl expose deployment sample-app-deployment-${var.test_id} -n sample-app-namespace --type="NodePort" --port 8080
+      kubectl patch service sample-app-deployment-${var.test_id} -n sample-app-namespace --type='json' --patch='[{"op": "replace", "path": "/spec/ports/0/nodePort", "value":30100}]'
 
       # Wait for sample app to be reach ready state
-      "kubectl wait --for=condition=Ready --request-timeout '5m' pod --all -n sample-app-namespace",
+      kubectl wait --for=condition=Ready --request-timeout '5m' pod --all -n sample-app-namespace
 
       # Emit remote service pod IP
-      "echo \"LOG: Outputting remote service pod IP to SSM using put-parameter API\"",
-      "aws ssm put-parameter --region ${var.aws_region} --name remote-service-ip --type String --overwrite --value $(kubectl get pod --selector=app=remote-app -n sample-app-namespace -o jsonpath='{.items[0].status.podIP}')",
+      echo "LOG: Outputting remote service pod IP to SSM using put-parameter API"
+      aws ssm put-parameter --region ${var.aws_region} --name remote-service-ip --type String --overwrite --value $(kubectl get pod --selector=app=remote-app -n sample-app-namespace -o jsonpath='{.items[0].status.podIP}')
+
+      EOF
     ]
   }
 }
