update icg files example generation

input_file_generated/openstack_nginx_ir.json

+{
+  "output_path": "output_files_generated/nginx_openstack/",
+  "steps": [
+    {
+      "data": {
+        "credentials": [
+          {
+            "algorithm": "RSA",
+            "bits": 4096,
+            "keyfile": "/home/user1/.ssh/openstack.key",
+            "name": "ssh_key",
+            "user": "ubuntu"
+          }
+        ],
+        "networks": [
+          {
+            "addressRange": "16.0.0.0/24",
+            "infra_element_name": "net1",
+            "name": "concrete_net",
+            "protocol": "tcp/ip"
+          }
+        ],
+        "provider": "openstack",
+        "vmImages": [
+          {
+            "infra_element_name": "v_img",
+            "kind": "SCRIPT",
+            "name": "concrete_vm_image"
+          }
+        ],
+        "vms": [
+          {
+            "credentials": "ssh_key",
+            "generatedFrom": "v_img",
+            "group": "sg",
+            "i1": {
+              "associated": "sg",
+              "belongsTo": "net1",
+              "endPoint": "16.0.0.1",
+              "name": "i1"
+            },
+            "infra_element_name": "vm1",
+            "name": "concrete_vm",
+            "os": "ubuntu-20.04.3",
+            "vm_flavor": "small",
+            "vm_key_name": "user1",
+            "vm_name": "nginx-host"
+          }
+        ]
+      },
+      "programming_language": "terraform"
+    }
+  ]
+}
\ No newline at end of file

output_file_example/nginx_openstack/ansible/config.yaml

 ---
-input: []
+input:
+  - instance_server_public_key
 output: []
 engine: ansible
 ...

output_file_example/nginx_openstack/ansible/nginx.play

@@ -3,7 +3,7 @@
   gather_facts: no
   become: yes
   vars:
-    ansible_ssh_private_key_file: "/home/user1/.ssh/openstack.key"
+    ansible_ssh_private_key_file: "{{instance_server_public_key}}"
     ansible_ssh_user: "ubuntu"
   tasks:
     - name: Update repositories

output_file_example/nginx_openstack/terraform/config.yaml

 ---
 engine: terraform
 input: []
-output: []
+output:
+  - instance_server_public_key
+  - instance_server_private_key
 ...

output_file_example/nginx_openstack/terraform/main.tf

@@ -33,7 +33,7 @@ data "openstack_networking_secgroup_v2" "default" {
 # Create virtual machine
 resource "openstack_compute_instance_v2" "nginx" {
   name        = "nginx-host"
-  image_name  = "cirros"
+  image_name  = "ubuntu-18.04"
   flavor_name = "m1.tiny"
   key_pair    = openstack_compute_keypair_v2.user_key.name
   network {

output_file_example/nginx_openstack/terraform/output.tf

+output "instance_server_public_key" {
+  value = openstack_compute_keypair_v2.user_key.public_key
+}
+
+output "instance_server_private_key" {
+  value = openstack_compute_keypair_v2.user_key.private_key
+}
\ No newline at end of file

output_file_example/nginx_openstack_with_agents/ansible/config.yaml

+---
+input: []
+output: []
+engine: ansible
+...

output_file_example/nginx_openstack_with_agents/ansible/nginx.play

+---
+- hosts: 16.0.0.1
+  gather_facts: no
+  become: yes
+  vars:
+    ansible_ssh_private_key_file: "/home/user1/.ssh/openstack.key"
+    ansible_ssh_user: "ubuntu"
+  tasks:
+    - name: Update repositories
+      apt:
+        update_cache: yes
+
+    - name: Install nginx
+      package:
+        name: nginx
+
+    - name: Start nginx
+      service:
+        name: nginx
+        enabled: yes
+        state: started
+
+    - name: Set attributes
+      set_stats:
+        data:
+          site_config_dir: /etc/nginx/conf.d
+
+    - name: Install sample site
+      copy:
+        dest: ""
+        content: |
+          <!doctype html>
+          <html lang="en">
+          <head>
+            <title>Hello World!</title>
+          </head>
+          <body>
+            <h1>Sample web page</h1>
+            <p>With little content ;)</p>
+          </body>
+          </html>
+      with_items:
+        - /var/www/html/index.html
+        - /usr/share/nginx/html/index.html
+

output_file_example/nginx_openstack_with_agents/config.yaml

+---
+iac:
+  - terraform
+  - ansible
+...
\ No newline at end of file

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/ansible.cfg

+# https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+[defaults]
+host_key_checking = False
+inventory = {{CWD}}/hosts.yaml  ; This points to the file that lists your hosts
+remote_user = esilab
+deprecation_warnings=False ; to remove the python version depretation warning
+display_skipped_hosts = no 
\ No newline at end of file

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/ansible_requirements.yml

+roles:
+#  - name: dj-wasabi.telegraf
+#    version: 0.13.2
+#    source: https://galaxy.ansible.com
+  - name: dj-wasabi.telegraf
+    src: https://github.com/dj-wasabi/ansible-telegraf.git
+    scm: git
+    version: 0.13.2

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/hosts.yaml

+all:
+  hosts:
+    localhost:
+      ansible_connection: local

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/install_playbook_requirements.sh

+#!/bin/bash
+set -e
+
+SCRIPT_DIR=$(dirname "$0")
+
+# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable 
+if [[ -f ./ansible.cfg ]]
+then
+    export ANSIBLE_CONFIG=./ansible.cfg
+else 
+    if [[ -f $SCRIPT_DIR/ansible.cfg ]]
+    then
+        export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
+    fi
+fi
+
+if [[ -z "$ANSIBLE_CONFIG" ]]
+then 
+    echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+else 
+    echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
+fi
+
+if [[ -z "$1" ]]
+then 
+    # echo without params 
+    echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml
+    ansible-playbook $SCRIPT_DIR/site_requirements.yaml
+else 
+    # echo with params
+    echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
+    ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
+fi

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/run-playbook.sh

+#!/bin/bash
+set -e
+
+SCRIPT_DIR=$(dirname "$0")
+
+# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable 
+if [[ -f ./ansible.cfg ]]
+then
+    export ANSIBLE_CONFIG=./ansible.cfg
+else 
+    if [[ -f $SCRIPT_DIR/ansible.cfg ]]
+    then
+        export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
+    fi
+fi
+
+if [[ -z "$ANSIBLE_CONFIG" ]]
+then 
+    echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+else 
+    echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
+fi
+
+if [[ -z "$1" ]]
+then 
+    # echo without params 
+    echo ansible-playbook $SCRIPT_DIR/site.yaml
+    ansible-playbook $SCRIPT_DIR/site.yaml
+else 
+    # echo with params
+    echo ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
+    ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
+fi

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/site.yaml

+- hosts: all
+  pre_tasks:
+    - name: Check parameters
+      fail:
+        msg: 'variable {{item}} not defined'
+      when: item is not defined
+      with_items:
+        - pma_deployment_id
+        - pma_influxdb_bucket
+        - pma_influxdb_token
+        - pma_influxdb_org
+        - pma_influxdb_addr
+    - name: Print parameters
+      debug:
+        msg: 
+          - "pma_deployment_id: {{ pma_deployment_id }}"
+          - "pma_influxdb_bucket: {{ pma_influxdb_bucket }}"
+          - "pma_influxdb_token: {{ pma_influxdb_token }}"
+          - "pma_influxdb_org: {{ pma_influxdb_org }}"
+          - "pma_influxdb_addr: {{ pma_influxdb_addr }}"
+    - name: Ensure gnupg package
+      package:
+        name: gnupg
+        state: present
+      become: true
+      
+  vars_files:
+    - vars/main.yaml
+  roles:
+    - dj-wasabi.telegraf

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/site_requirements.yaml

+- hosts: localhost
+  tasks:
+    - name: print disclamer
+      debug:
+        msg: this can also be done with "ansible-galaxy install -r requirements"
+    - name: install telegraf from galaxy
+      community.general.ansible_galaxy_install:
+        type: role
+        requirements_file: ansible_requirements.yml

output_file_example/nginx_openstack_with_agents/terraform/agents_playbook/ansible/playbooks/pma/vars/main.yaml

+telegraf_agent_package_state: latest
+
+telegraf_agent_output:
+  - type: influxdb_v2
+    config:
+      - urls = ["{{ pma_influxdb_addr }}"]
+      - token = "{{ pma_influxdb_token }}"
+      - organization = "{{ pma_influxdb_org }}"
+      - bucket = "{{ pma_influxdb_bucket }}"
+      - insecure_skip_verify = true
+
+telegraf_global_tags:
+  - tag_name: deployment_id
+    tag_value: "{{ pma_deployment_id }}"
+
+telegraf_plugins_default:
+  - plugin: cpu
+  - plugin: mem
+  - plugin: processes
+  - plugin: disk
+  - plugin: net
+  
+  

output_file_example/nginx_openstack_with_agents/terraform/config.yaml

+---
+engine: terraform
+input: []
+output:
+  - instance_server_key_public_key
+  - instance_server_key_private_key
+...

output_file_example/nginx_openstack_with_agents/terraform/main.tf

+terraform {
+required_version = ">= 0.14.0"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.35.0"
+    }
+  }
+}
+
+# Configure the OpenStack Provider
+provider "openstack" {
+  user_name   = var.openstack_username
+  tenant_name = "admin"
+  password    = var.openstack_password
+  auth_url    = var.openstack_auth_url
+  insecure    = true
+}
+
+# Retrieve data
+data "openstack_networking_network_v2" "external" {
+  name = "external"
+}
+
+data "openstack_identity_project_v3" "test_tenant" {
+  name = "admin"
+}
+
+data "openstack_networking_secgroup_v2" "default" {
+  name = "default"
+  tenant_id = data.openstack_identity_project_v3.test_tenant.id
+}
+# Create virtual machine
+resource "openstack_compute_instance_v2" "nginx" {
+  name        = "nginx-host"
+  image_name  = "cirros"
+  flavor_name = "m1.tiny"
+  key_pair    = openstack_compute_keypair_v2.user_key.name
+  network {
+    port = openstack_networking_port_v2.nginx.id
+  }
+
+  ## AGENTS TO ADD
+  # this is subject to be moved to IEM as part of its baseline
+    provisioner "local-exec" {
+    command = "ansible-galaxy collection install community.general"
+  }
+
+  # this is subject to be moved to IEM as part of its baseline
+  provisioner "local-exec" {
+    command = "ansible-playbook ansible/playbooks/pma/site_requirements.yaml"
+  }
+
+  # secrets can be taken from environment variables at IEM but these security issues I will leave them to y2, the user can also be problematic ubuntu/root/centos/...
+  provisioner "local-exec" {
+    command = "ansible-playbook -u root -i '${openstack_networking_floatingip_v2.nginx.address},' ansible/playbooks/pma/site.yaml --extra-vars '{\"pma_deployment_id\": \"123e4567-e89b-12d3-a456-426614174002\", \"pma_influxdb_bucket\": \"bucket\", \"pma_influxdb_token\": \"piacerePassword\", \"pma_influxdb_org\": \"piacere\", \"pma_influxdb_addr\": \"https://influxdb.pm.ci.piacere.digital.tecnalia.dev\" }'"
+  }
+}
+
+# Create ssh keys
+resource "openstack_compute_keypair_v2" "user_key" {
+  name       = "user1"
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAsRO3dcuZVB0but7Ti9eN+Ti4FvRzQfZT6DugkOnasGSwQkuBUxr0RGHYG2O+C/ul4bN4wcM8VZ4aX9bk9vwkvBkk2uJhy0ZHqIzuwzTOmRPScHWApkxGEANO4QYiYdPYdjmGgAVuKhdqPYOJc5Spkf3n4sYrU89rhC4rLyRs7doYofxpwBVaDfUExPLAtwFb2UGGzC6c0SJzqX4ZFq72NC0zs"
+}
+
+# Create floating ip
+resource "openstack_networking_floatingip_v2" "nginx" {
+  pool = "external"
+
+}
+
+# Attach floating ip to instance
+resource "openstack_compute_floatingip_associate_v2" "nginx" {
+  floating_ip = openstack_networking_floatingip_v2.nginx.address
+  instance_id = openstack_compute_instance_v2.nginx.id
+}
+
+## Network
+
+# Create Network
+resource "openstack_networking_network_v2" "generic" {
+  name = " "
+}
+
+# Create Subnet
+resource "openstack_networking_subnet_v2" "nginx" {
+  name            = "subnet-nginx"
+  network_id      = openstack_networking_network_v2.generic.id
+  cidr            = "16.0.0.0/24"
+  dns_nameservers = ["8.8.8.8", "8.8.8.4"]
+}
+
+# Attach networking port
+resource "openstack_networking_port_v2" "nginx" {
+  name           = "nginx"
+  network_id     = openstack_networking_network_v2.generic.id
+  admin_state_up = true
+  security_group_ids = [
+    data.openstack_networking_secgroup_v2.default.id        #default flavour id
+  ]
+  fixed_ip {
+    subnet_id = openstack_networking_subnet_v2.nginx.id
+  }
+}
+
+# Router creation. UUID external gateway
+resource "openstack_networking_router_v2" "generic" {
+  name                = "router-generic"
+  external_network_id = data.openstack_networking_network_v2.external.id    #External network id
+}
+# Router interface configuration
+resource "openstack_networking_router_interface_v2" "nginx" {
+  router_id = openstack_networking_router_v2.generic.id
+  subnet_id = openstack_networking_subnet_v2.nginx.id
+}
+
+resource "openstack_compute_secgroup_v2" "http" {
+  name        = "http"
+  description = "Open input http port"
+  rule {
+    from_port   = 80
+    to_port     = 80
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+
+resource "openstack_compute_secgroup_v2" "ssh" {
+  name        = "ssh"
+  description = "Open input ssh port"
+  rule {
+    from_port   = 22
+    to_port     = 22
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}

output_file_example/nginx_openstack_with_agents/terraform/output.tf

+output "instance_server_key_public_key" {
+  value = openstack_compute_keypair_v2.user_key.public_key
+}
+
+output "instance_server_key_private_key" {
+  value = openstack_compute_keypair_v2.user_key.private_key
+}
\ No newline at end of file