Destroy previously created resources before re-running bin/setup (#294)

civiform · Mar 27, 2024 · 391d857 · 391d857
1 parent f72ea47
commit 391d857
Show file tree

Hide file tree

Showing 5 changed files with 77 additions and 17 deletions.
diff --git a/.github/workflows/aws-oidc-deploy-test.yaml b/.github/workflows/aws-oidc-deploy-test.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
 
     env:
-      SKIP_TAG_CHECK: true
+      SKIP_USER_INPUT: true
     steps:
       - name: Check out branch
         uses: actions/checkout@v4

diff --git a/.github/workflows/azure-saml-ses-deploy-test.yaml b/.github/workflows/azure-saml-ses-deploy-test.yaml
@@ -22,7 +22,7 @@ jobs:
       ARM_CLIENT_SECRET: ${{ secrets.AZURE_SERVICE_PRINCIPAL_PASSWORD }}
       AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      SKIP_TAG_CHECK: true
+      SKIP_USER_INPUT: true
     steps:
       - name: Check out branch
         uses: actions/checkout@v4

diff --git a/cloud/shared/bin/destroy_backend_state_resources.py b/cloud/shared/bin/destroy_backend_state_resources.py
@@ -0,0 +1,24 @@
+"""
+destroy_backend_state_resources.py destroys the Terraform backend state resources that are used to track 
+resources created in the cloud provider during deployment. You may wish to destroy the backend state resources
+if they get corrupted.
+"""
+from typing import List
+
+from cloud.shared.bin.lib.config_loader import ConfigLoader
+from cloud.shared.bin.lib.setup_class_loader import get_config_specific_setup
+
+
+def run(config: ConfigLoader, params: List[str]):
+    template = get_config_specific_setup(config)
+    resources = template.detect_backend_state_resources()
+    if resources['bucket'] or resources['table']:
+        print(' - Found resources to destroy. Destroying backend resources...')
+        if template.destroy_backend_resources(resources):
+            print('Successfully destroyed backend state resources.')
+        else:
+            print(
+                'One or more errors occurred when attempting to delete Terraform backend state resources. Please check your cloud provider\'s console for more information.'
+            )
+    else:
+        print('No backend state resources found to destroy.')
diff --git a/cloud/shared/bin/run.py b/cloud/shared/bin/run.py
@@ -101,9 +101,9 @@ def validate_tag(tag):
         The provided tag "{tag}" does not reference a release tag and may not
         be stable.
         ''')
-    if os.getenv('SKIP_TAG_CHECK'):
+    if os.getenv('SKIP_USER_INPUT'):
         print(
-            'Proceeding automatically since the "SKIP_TAG_CHECK" environment variable was set.'
+            'Proceeding automatically since the "SKIP_USER_INPUT" environment variable was set.'
         )
         return True
     print(

diff --git a/cloud/shared/bin/setup.py b/cloud/shared/bin/setup.py
@@ -8,6 +8,7 @@
 from cloud.shared.bin.lib.setup_class_loader import get_config_specific_setup
 from cloud.shared.bin.lib.print import print
 from cloud.shared.bin.lib import terraform
+from cloud.shared.bin import destroy
 """
 Setup.py sets up and runs the initial terraform deployment. It's broken into
 2 parts:
@@ -23,6 +24,32 @@ def run(config: ConfigLoader, params: List[str]):
     # Load Setup Class for the specific template directory
     ###############################################################################
 
+    if os.getenv('SKIP_USER_INPUT'):
+        print(
+            'Proceeding automatically since the "SKIP_USER_INPUT" environment variable was set.'
+        )
+    else:
+        msg = inspect.cleandoc(
+            """
+            ###########################################################################
+                                            WARNING                                                       
+            ###########################################################################
+            You are getting ready to run the setup script which will create the necessary 
+            infrastructure for CiviForm. Interrupting the script in the middle may leave 
+            your infrastructure in an inconsistent state and require you to manually 
+            clean up resources in your cloud provider's console.
+            
+            Before continuing, be sure you have at least 20 minutes free to allow the 
+            script to complete. If your initial setup failed and you are re-running 
+            this script, leave at least 30 minutes to allow time for resources to be 
+            destroyed and recreated.
+
+            Would you like to continue with the setup? [y/N] > 
+            """)
+        answer = input(msg)
+        if answer not in ['y', 'Y', 'yes']:
+            exit(1)
+
     template_setup = get_config_specific_setup(config)
 
     template_setup.setup_log_file()
@@ -36,23 +63,32 @@ def run(config: ConfigLoader, params: List[str]):
         if resources['bucket'] or resources['table']:
             msg = inspect.cleandoc(
                 """
-                ERROR: Terraform backend state resources already exist. You may destroy these resources
-                and recreate them, but you must ensure there are no other deployed resources present.
-                Verify this by checking the AWS console for the presence of any civiform resources.
-                If additional resources are present, Terraform will lose track of them when the backend state
-                files are recreated, and subsequent deploys will fail due to the resources already existing.
-                Running 'bin/run' with the 'destroy' command may clean up these resources for you, but may
-                fail if a previous deployment failed.
-
-                Would you like to destroy the backend state resources and recreate them? [y/N] >
+                ###########################################################################
+                                                WARNING                                                       
+                ###########################################################################
+                Backend resources already exist. This may be due to a previous deployment.
+                Proceeding with the setup will destroy these resources and recreate them. 
+                THIS IS A DESTRUCTIVE CHANGE and may cause a loss of data if the resources 
+                are in use by another deployment. You should verify that no other deployments 
+                are using these resources before proceeding.
+
+                Would you like to destroy the backend resources and recreate them? [y/N] >
                 """)
             answer = input(msg)
             if answer in ['y', 'Y', 'yes']:
+                destroy.run(config, [])
                 if not template_setup.destroy_backend_resources(resources):
-                    answer = input(
-                        'One or more errors occurred when attempting to delete Terraform backend state resources. You may need to delete S3 bucket and/or the DynamoDB table yourself. Continue anyway? [y/N] >'
-                    )
-                    if answer in ['n', 'N', 'no']:
+                    msg = inspect.cleandoc(
+                        """
+                        One or more errors occurred when attempting to delete Terraform backend state resources.
+                        You can try destroying the backend state resources again by exiting this script
+                        and running `bin/run destroy_backend_state_resources`. If the script continues to fail,
+                        you may need to manually delete the resources in your cloud provider's console.
+                        
+                        Would you like to continue anyway? [y/N] >
+                        """)
+                    answer = input(msg)
+                    if answer not in ['y', 'Y', 'yes']:
                         exit(1)
             else:
                 exit(1)