User input validation (#57)

dtoki · web-flow · commit 5bb2976e1028 · 2020-08-06T16:05:02.000-07:00
* adds support for field validation

* shorten appended cluster-name suffix

* production -&gt; prod

* staging -&gt; stage

* update env

* update readme

* shorten rds secret env
diff --git a/README.md b/README.md
@@ -16,13 +16,13 @@ The root folder is used for declaring parameters required by the templates, and
 |   |-- terraform/
 |   |   |-- bootstrap/              #initial setup
 |   |   |-- environments/           #infrastructure setup
-|   |   |   |-- production/
-|   |   |   |-- staging/
+|   |   |   |-- prod/
+|   |   |   |-- stage/
 |   |-- kubernetes
 |   |   |-- terraform
 |   |   |   |-- environments        #k8s-ultities
-|   |   |   |   |-- production/
-|   |   |   |   |-- staging/
+|   |   |   |   |-- prod/
+|   |   |   |   |-- stage/
 ```
 
 ## AWS EKS Stack
@@ -60,7 +60,7 @@ infrastructure:
  - RDS (db.t3.small): $0.034 USD / hr
  - EC2 (t2.small): $0.023 USD / hr
 
-EC2 instance sizing can be configured in [terraform/environments/staging/main.tf](terraform/environments/staging/main.tf)
+EC2 instance sizing can be configured in [terraform/environments/stage/main.tf](terraform/environments/stage/main.tf)
 
 ## Other links
 Project board: [zenhub][zenhub-board]
diff --git a/templates/Makefile b/templates/Makefile
@@ -1,4 +1,4 @@
-ENVIRONMENT ?= staging
+ENVIRONMENT ?= stage
 
 apply: apply-remote-state apply-secrets apply-env apply-k8s-utils
 
diff --git a/templates/kubernetes/terraform/environments/dev/main.tf b/templates/kubernetes/terraform/environments/dev/main.tf
@@ -1,18 +1,18 @@
 terraform {
   backend "s3" {
-    bucket         = "<% .Name %>-development-terraform-state"
+    bucket         = "<% .Name %>-dev-terraform-state"
     key            = "infrastructure/terraform/environments/development/kubernetes"
     encrypt        = true
     region         = "<% index .Params `region` %>"
-    dynamodb_table = "<% .Name %>-development-terraform-state-locks"
+    dynamodb_table = "<% .Name %>-dev-terraform-state-locks"
   }
 }
 
 # Provision kubernetes resources required to run services/applications
 module "kubernetes" {
   source = "../../modules/kubernetes"
 
-  environment = "development"
+  environment = "dev"
   region      = "<% index .Params `region` %>"
 
   # Authenticate with the EKS cluster via the cluster id
diff --git a/templates/kubernetes/terraform/environments/prod/main.tf b/templates/kubernetes/terraform/environments/prod/main.tf
@@ -1,10 +1,10 @@
 terraform {
   backend "s3" {
-    bucket         = "<% .Name %>-production-terraform-state"
+    bucket         = "<% .Name %>-prod-terraform-state"
     key            = "infrastructure/terraform/environments/production/kubernetes"
     encrypt        = true
     region         = "<% index .Params `region` %>"
-    dynamodb_table = "<% .Name %>-production-terraform-state-locks"
+    dynamodb_table = "<% .Name %>-prod-terraform-state-locks"
   }
 }
 
@@ -16,11 +16,11 @@ provider "aws" {
 module "kubernetes" {
   source = "../../modules/kubernetes"
 
-  environment = "production"
+  environment = "prod"
   region      = "<% index .Params `region` %>"
 
   # Authenticate with the EKS cluster via the cluster id
-  cluster_name = "<% .Name %>-production-<% index .Params `region` %>"
+  cluster_name = "<% .Name %>-prod-<% index .Params `region` %>"
 
   external_dns_zone = "<% index .Params `productionHostRoot` %>"
   external_dns_owner_id = "<% GenerateUUID %>" # randomly generated ID
diff --git a/templates/kubernetes/terraform/environments/stage/main.tf b/templates/kubernetes/terraform/environments/stage/main.tf
@@ -1,10 +1,10 @@
 terraform {
   backend "s3" {
-    bucket         = "<% .Name %>-staging-terraform-state"
+    bucket         = "<% .Name %>-stage-terraform-state"
     key            = "infrastructure/terraform/environments/staging/kubernetes"
     encrypt        = true
     region         = "<% index .Params `region` %>"
-    dynamodb_table = "<% .Name %>-staging-terraform-state-locks"
+    dynamodb_table = "<% .Name %>-stage-terraform-state-locks"
   }
 }
 
@@ -16,11 +16,11 @@ provider "aws" {
 module "kubernetes" {
   source = "../../modules/kubernetes"
 
-  environment = "staging"
+  environment = "stage"
   region      = "<% index .Params `region` %>"
 
   # Authenticate with the EKS cluster via the cluster id
-  cluster_name = "<% .Name %>-staging-<% index .Params `region` %>"
+  cluster_name = "<% .Name %>-stage-<% index .Params `region` %>"
 
   external_dns_zone = "<% index .Params `stagingHostRoot` %>"
   external_dns_owner_id = "<% GenerateUUID %>" # randomly generated ID
diff --git a/templates/terraform/README.md b/templates/terraform/README.md
@@ -49,9 +49,9 @@
 ```
     README.md
     environments/
-        production/
+        prod/
             main.tf
-        staging/
+        stage/
             main.tf
         development/
             main.tf
diff --git a/templates/terraform/bootstrap/secrets/main.tf b/templates/terraform/bootstrap/secrets/main.tf
@@ -32,18 +32,18 @@ module "ci_user_keys" {
   tags = map("project", local.project)
 }
 
-module "rds_master_secret_staging" {
+module "rds_master_secret_stage" {
   source  = "../../modules/secret"
-  name = "${local.project}-staging-rds-<% index .Params `randomSeed` %>"
+  name = "${local.project}-stage-rds-<% index .Params `randomSeed` %>"
   type          = "random"	
   random_length = 32
-  tags = map("rds", "${local.project}-staging")
+  tags = map("rds", "${local.project}-stage")
 }
 
-module "rds_master_secret_production" {
+module "rds_master_secret_prod" {
   source  = "../../modules/secret"
-  name = "${local.project}-production-rds-<% index .Params `randomSeed` %>"
+  name = "${local.project}-prod-rds-<% index .Params `randomSeed` %>"
   type          = "random"	
   random_length = 32
-  tags = map("rds", "${local.project}-production")
+  tags = map("rds", "${local.project}-prod")
 }
diff --git a/templates/terraform/environments/prod/main.tf b/templates/terraform/environments/prod/main.tf
@@ -1,18 +1,18 @@
 terraform {
   required_version = ">= 0.12"
   backend "s3" {
-    bucket         = "<% .Name %>-production-terraform-state"
+    bucket         = "<% .Name %>-prod-terraform-state"
     key            = "infrastructure/terraform/environments/production/main"
     encrypt        = true
     region         = "<% index .Params `region` %>"
-    dynamodb_table = "<% .Name %>-production-terraform-state-locks"
+    dynamodb_table = "<% .Name %>-prod-terraform-state-locks"
   }
 }
 
 # Instantiate the production environment
-module "production" {
+module "prod" {
   source      = "../../modules/environment"
-  environment = "production"
+  environment = "prod"
 
   # Project configuration
   project             = "<% .Name %>"
diff --git a/templates/terraform/environments/stage/main.tf b/templates/terraform/environments/stage/main.tf
@@ -1,18 +1,18 @@
 terraform {
   required_version = ">= 0.12"
   backend "s3" {
-    bucket         = "<% .Name %>-staging-terraform-state"
+    bucket         = "<% .Name %>-stage-terraform-state"
     key            = "infrastructure/terraform/environments/staging/main"
     encrypt        = true
     region         = "<% index .Params `region` %>"
-    dynamodb_table = "<% .Name %>-staging-terraform-state-locks"
+    dynamodb_table = "<% .Name %>-stage-terraform-state-locks"
   }
 }
 
 # Instantiate the staging environment
-module "staging" {
+module "stage" {
   source      = "../../modules/environment"
-  environment = "staging"
+  environment = "stage"
 
   # Project configuration
   project             = "<% .Name %>"
diff --git a/zero-module.yml b/zero-module.yml
@@ -23,20 +23,44 @@ parameters:
       - "us-east-2"
   - field: productionHostRoot
     label: Production Root Host Name (e.g. mydomain.com) - this must be the root of the chosen domain, not a subdomain.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.{1})+[a-z]{2,}$'
+      errorMessage: Invalid root domain name
   - field: productionFrontendSubdomain
     label: Production Frontend Host Name (e.g. app.)
     default: app.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
+      errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
   - field: productionBackendSubdomain
     label: Production Backend Host Name (e.g. api.)
     default: api.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
+      errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
   - field: stagingHostRoot
     label: Staging Root Host Name (e.g. mydomain-staging.com) - this must be the root of the chosen domain, not a subdomain.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.{1})+[a-z]{2,}$'
+      errorMessage: Invalid root domain name
   - field: stagingFrontendSubdomain
     label: Staging Frontend Host Name (e.g. app.)
     default: app.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
+      errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
   - field: stagingBackendSubdomain
     label: Staging Backend Host Name (e.g. api.)
     default: api.
+    fieldValidation:
+      type: regex
+      value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
+      errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
   - field: accountId
     label: AWS Account ID
     execute: aws sts get-caller-identity --query "Account" | tr -d '"'

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-ENVIRONMENT ?= staging`
	`1`	`+ENVIRONMENT ?= stage`
`2`	`2`
`3`	`3`	`apply: apply-remote-state apply-secrets apply-env apply-k8s-utils`
`4`	`4`