cdktf -> HCL (#133)

.gitignore

@@ -171,3 +171,6 @@ input.json
 credentials*
 tmp/
 .gen
+.terraform
+terraform/backend.tf
+terraform/tfvars.json

Dockerfile

@@ -1,6 +1,10 @@
-FROM quay.io/redhat-services-prod/app-sre-tenant/er-base-cdktf-main/er-base-cdktf-main:cdktf-0.20.11-tf-1.6.6-py-3.12-v0.6.0-1@sha256:cbd7d366bd573c7346956083fe94f3145198be0630744d30bea3271925fcfe9a AS base
+FROM quay.io/redhat-services-prod/app-sre-tenant/er-base-terraform-main/er-base-terraform-main:tf-1.6.6-py-3.12-v0.3.0-1 AS base
 # keep in sync with pyproject.toml
-LABEL konflux.additional-tags="0.3.2"
+LABEL konflux.additional-tags="0.4.0"
+ENV TERRAFORM_MODULE_SRC_DIR="./terraform"
+ENV \
+    # Use the virtual environment
+    PATH="${APP}/.venv/bin:${PATH}"
 
 FROM base AS builder
 COPY --from=ghcr.io/astral-sh/uv:0.5.28@sha256:8bd47d593fb4a8ac5820c08265b651570e99e3c47d3247980a704174784c6a7f /uv /bin/uv
@@ -13,13 +17,15 @@ ENV \
     UV_NO_CACHE=true \
     UV_NO_PROGRESS=true
 
-COPY cdktf.json pyproject.toml uv.lock ./
+# Terraform code
+COPY ${TERRAFORM_MODULE_SRC_DIR} ${TERRAFORM_MODULE_SRC_DIR}
+RUN terraform-provider-sync
+
+COPY pyproject.toml uv.lock ./
 # Test lock file is up to date
 RUN uv lock --locked
 # Install dependencies
 RUN uv sync --frozen --no-group dev --no-install-project --python /usr/bin/python3
-# Download all necessary terraform providers
-RUN cdktf-provider-sync
 
 # the source code
 COPY README.md ./
@@ -29,18 +35,13 @@ COPY er_aws_elasticache ./er_aws_elasticache
 # Sync the project
 RUN uv sync --frozen --no-group dev
 
+
 FROM base AS prod
 # get cdktf providers
 COPY --from=builder ${TF_PLUGIN_CACHE_DIR} ${TF_PLUGIN_CACHE_DIR}
 # get our app with the dependencies
 COPY --from=builder ${APP} ${APP}
 
-ENV \
-    # Use the virtual environment
-    PATH="${APP}/.venv/bin:${PATH}" \
-    # cdktf python modules path
-    PYTHONPATH="$APP/.gen"
-
 FROM prod AS test
 COPY --from=ghcr.io/astral-sh/uv:0.5.28@sha256:8bd47d593fb4a8ac5820c08265b651570e99e3c47d3247980a704174784c6a7f /uv /bin/uv
 
@@ -51,7 +52,3 @@ COPY Makefile ./
 COPY tests ./tests
 
 RUN make in_container_test
-
-# Empty /tmp again because the test stage might have created files there, e.g. JSII_RUNTIME_PACKAGE_CACHE_ROOT
-# and we want to run this test image in the dev environment
-RUN rm -rf /tmp/*

Makefile

@@ -1,34 +1,37 @@
-SITE_PACKAGES_DIR ?= $(shell .venv/bin/python3 -c 'import sysconfig; print(sysconfig.get_paths()["purelib"])')
 CONTAINER_ENGINE ?= $(shell which podman >/dev/null 2>&1 && echo podman || echo docker)
 
 .PHONY: format
 format:
 	uv run ruff check
 	uv run ruff format
+	terraform fmt terraform
 
 .PHONY: image_tests
 image_tests:
-	# test /tmp must be empty
-	[ -z "$(shell ls -A /tmp)" ]
 	# hooks must be copied
 	[ -d "hooks" ]
 	[ -d "hooks_lib" ]
+
+	# sources must be copied
+	[ -d "$$TERRAFORM_MODULE_SRC_DIR" ]
+
+	# test the terrform providers are downloaded
+	[ -d "$$TF_PLUGIN_CACHE_DIR/registry.terraform.io/hashicorp/aws" ]
+	[ -d "$$TF_PLUGIN_CACHE_DIR/registry.terraform.io/hashicorp/random" ]
+
 	# test all files in ./hooks are executable
-	[ -z "$(shell find hooks -type f -not -executable ! -name "__init__.py")" ]
+	[ -z "$(shell for f in hooks/*; do [ ! -x "$$f" ] && [ "$$f" != "hooks/__init__.py" ] && echo not-executable; done)" ]
+
 
 .PHONY: code_tests
 code_tests:
 	uv run ruff check --no-fix
 	uv run ruff format --check
+	terraform fmt -check=true "$$TERRAFORM_MODULE_SRC_DIR"
 	uv run mypy
-	uv run pytest -vv --cov=er_aws_elasticache --cov-report=term-missing --cov-report xml
-
-.PHONY: dependency_tests
-dependency_tests:
-	python -c "import cdktf_cdktf_provider_random"
-	python -c "import cdktf_cdktf_provider_aws"
+	uv run pytest -vv --cov=er_aws_elasticache --cov=hooks --cov=hooks_lib --cov-report=term-missing --cov-report xml
 
-in_container_test: image_tests code_tests dependency_tests
+in_container_test: image_tests code_tests
 
 .PHONY: test
 test:
@@ -41,3 +44,7 @@ build:
 .PHONY: dev
 dev:
 	uv sync
+
+.PHONY: generate-variables-tf
+generate-variables-tf:
+	external-resources-io tf generate-variables-tf er_aws_elasticache.app_interface_input.AppInterfaceInput --output terraform/variables.tf

er_aws_elasticache/__main__.py

@@ -1,28 +1,22 @@
-import os
-
-from cdktf import App
 from external_resources_io.input import parse_model, read_input_from_file
+from external_resources_io.terraform import (
+    create_backend_tf_file,
+    create_tf_vars_json,
+)
 
 from .app_interface_input import AppInterfaceInput
-from .stack import ElasticacheStack
 
 
 def get_ai_input() -> AppInterfaceInput:
     """Get the AppInterfaceInput from the input file."""
     return parse_model(AppInterfaceInput, read_input_from_file())
 
 
-def init_cdktf_app(ai_input: AppInterfaceInput, id_: str = "CDKTF") -> App:
-    """Initialize the CDKTF app and all the stacks."""
-    app = App(outdir=os.environ.get("ER_OUTDIR", None))
-    ElasticacheStack(app, id_, ai_input)
-    return app
-
-
 def main() -> None:
-    """Proper entry point for the CDKTF app."""
-    app = init_cdktf_app(get_ai_input())
-    app.synth()
+    """Proper entry point for the module."""
+    ai_input = get_ai_input()
+    create_backend_tf_file(ai_input.provision)
+    create_tf_vars_json(ai_input.data)
 
 
 if __name__ == "__main__":

er_aws_elasticache/app_interface_input.py

@@ -1,5 +1,5 @@
 from collections.abc import Sequence
-from typing import Any, Literal, Self
+from typing import Any, Self
 
 from external_resources_io.input import AppInterfaceProvision
 from pydantic import BaseModel, field_validator, model_validator
@@ -19,7 +19,6 @@ class Parameter(BaseModel):
 
     name: str
     value: Any
-    apply_method: Literal["immediate", "pending-reboot"] | None = None
 
     @field_validator("value", mode="before")
     @classmethod
@@ -46,7 +45,9 @@ class ElasticacheData(BaseModel):
     output_resource_name: str | None = None
     output_prefix: str
     tags: dict[str, Any] | None = None
-    default_tags: Sequence[dict[str, Any]] | None = None
+    default_tags: Sequence[dict[str, Any]] = []
+    # This attribute will be generated by default_tags
+    default_tags_tf: dict[str, Any] | None = None
 
     # service updates related
     environment: str = "production"
@@ -63,9 +64,7 @@ class ElasticacheData(BaseModel):
     replication_group_description: str = "elasticache replication group"
     engine: str
     engine_version: str
-    log_delivery_configuration: Sequence[ElasticacheLogDeliveryConfiguration] | None = (
-        None
-    )
+    log_delivery_configuration: Sequence[ElasticacheLogDeliveryConfiguration] = []
     maintenance_window: str | None = None
     multi_az_enabled: bool | None = None
     node_type: str
@@ -75,10 +74,10 @@ class ElasticacheData(BaseModel):
     parameter_group: ParameterGroup | None = None
     parameter_group_name: str | None = None
     port: int | None = None
-    availability_zones: Sequence[str] | None = None
+    availability_zones: Sequence[str] = []
     replicas_per_node_group: int | None = None
     replication_group_id: str
-    security_group_ids: Sequence[str] | None = None
+    security_group_ids: Sequence[str] = []
     snapshot_retention_limit: int | None = None
     snapshot_window: str | None = None
     subnet_group_name: str | None = None
@@ -173,6 +172,15 @@ def check_parameter_group_family(self) -> Self:
             )
         return self
 
+    @model_validator(mode="after")
+    def set_terraform_variables(self) -> Self:
+        """Set default tags for terraform"""
+        if not self.default_tags:
+            return self
+        if tags := self.default_tags[0].get("tags"):
+            self.default_tags_tf = tags
+        return self
+
 
 class AppInterfaceInput(BaseModel):
     """Input model for AWS Elasticache"""