werft: Replace terraform with gcloud nodejs lib

Signed-off-by: ArthurSens <[email protected]>

Author: ArthurSens

.werft/dns/main.tf

@@ -12,6 +12,7 @@ import { JobConfig } from "./job-config";
 import * as VM from '../../vm/vm'
 import { Analytics, Installer } from "./installer/installer";
 import { previewNameFromBranchName } from "../../util/preview";
+import { createDNSRecord } from "../../util/gcloud";
 
 // used by both deploys (helm and Installer)
 const PROXY_SECRET_NAME = "proxy-config-certificates";
@@ -639,14 +640,15 @@ interface DeploymentConfig {
 }
 
 async function addDNSRecord(werft: Werft, namespace: string, domain: string, isLoadbalancer: boolean, kubeconfigPath: string) {
+    const coreDevIngressIP = getCoreDevIngressIP()
     let wsProxyLBIP = null
     if (isLoadbalancer === true) {
         werft.log(installerSlices.DNS_ADD_RECORD, "Getting ws-proxy loadbalancer IP");
         for (let i = 0; i < 60; i++) {
             try {
                 let lb = exec(`kubectl --kubeconfig ${kubeconfigPath} -n ${namespace} get service ws-proxy -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'`, { silent: true })
                 if (lb.length > 4) {
-                    wsProxyLBIP = lb
+                    wsProxyLBIP = lb.toString()
                     break
                 }
                 await sleep(1000)
@@ -659,22 +661,14 @@ async function addDNSRecord(werft: Werft, namespace: string, domain: string, isL
         }
         werft.log(installerSlices.DNS_ADD_RECORD, "Get ws-proxy loadbalancer IP: " + wsProxyLBIP);
     } else {
-        wsProxyLBIP = getCoreDevIngressIP()
+        wsProxyLBIP = coreDevIngressIP
     }
 
-    var cmd = `set -x \
-    && cd /workspace/.werft/dns \
-    && rm -rf .terraform* \
-    && export GOOGLE_APPLICATION_CREDENTIALS="${GCLOUD_SERVICE_ACCOUNT_PATH}" \
-    && terraform init -backend-config='prefix=${namespace}' -migrate-state -upgrade \
-    && terraform apply -auto-approve \
-        -var 'dns_zone_domain=gitpod-dev.com' \
-        -var 'domain=${domain}' \
-        -var 'ingress_ip=${getCoreDevIngressIP()}' \
-        -var 'ws_proxy_ip=${wsProxyLBIP}'`;
-
-    werft.log(installerSlices.DNS_ADD_RECORD, "Terraform command for create dns record: " + cmd)
-    exec(cmd, { ...metaEnv(), slice: installerSlices.DNS_ADD_RECORD });
+    await Promise.all([
+        createDNSRecord(domain, 'gitpod-dev-com', coreDevIngressIP, installerSlices.DNS_ADD_RECORD),
+        createDNSRecord(`*.${domain}`, 'gitpod-dev-com', coreDevIngressIP, installerSlices.DNS_ADD_RECORD),
+        createDNSRecord(`*.ws-dev.${domain}`, 'gitpod-dev-com', wsProxyLBIP, installerSlices.DNS_ADD_RECORD),
+    ])
     werft.done(installerSlices.DNS_ADD_RECORD);
 }
 

.werft/dns/variables.tf

@@ -7,6 +7,7 @@
     "run": "npx ts-node build.ts"
   },
   "dependencies": {
+    "@google-cloud/dns": "^2.2.4",
     "@grpc/grpc-js": "^1.4.1",
     "@opentelemetry/api": "^1.0.3",
     "@opentelemetry/auto-instrumentations-node": "^0.26.0",
@@ -21,7 +22,7 @@
     "@types/node": "^16.11.0",
     "@types/semver": "7.3.5",
     "@types/shelljs": "^0.8.8",
-    "typescript": "~4.4.2",
-    "tslib": "^2.3.0"
+    "tslib": "^2.3.0",
+    "typescript": "~4.4.2"
   }
 }

.werft/dns/versions.tf

@@ -1,6 +1,8 @@
 import { exec } from './shell';
 import { sleep } from './util';
 import { getGlobalWerftInstance } from './werft';
+import { DNS, Record, Zone } from '@google-cloud/dns';
+import { GCLOUD_SERVICE_ACCOUNT_PATH } from '../jobs/build/const';
 
 export async function deleteExternalIp(phase: string, name: string, region = "europe-west1") {
     const werft = getGlobalWerftInstance()
@@ -33,3 +35,54 @@ export async function deleteExternalIp(phase: string, name: string, region = "eu
 function getExternalIp(name: string, region = "europe-west1") {
     return exec(`gcloud compute addresses describe ${name} --region ${region}| grep 'address:' | cut -c 10-`, { silent: true }).trim();
 }
+
+export async function createDNSRecord(domain: string, dnsZone: string, IP: string, slice: string): Promise<void> {
+    const werft = getGlobalWerftInstance()
+
+    const dnsClient = new DNS({ projectId: 'gitpod-dev', keyFilename: GCLOUD_SERVICE_ACCOUNT_PATH })
+    const zone = dnsClient.zone(dnsZone)
+
+    if (!(await matchesExistingRecord(zone, domain, IP))) {
+        await createOrReplaceRecord(zone, domain, IP, slice)
+    } else {
+        werft.log(slice, `DNS Record already exists for domain ${domain}`)
+    }
+}
+
+// matchesExistingRecord will return true only if the existing record matches the same name and IP.
+// If IP doesn't match, then the record needs to be replaced in a following step.
+async function matchesExistingRecord(zone: Zone, domain: string, IP: string): Promise<boolean> {
+    const [records] = await zone.getRecords({ name: `${domain}.` })
+
+    if (records.length == 0) {
+        return false
+    }
+
+    let matches = false
+    records.every(record => {
+        if (record.metadata.name == `${domain}.` && record.data == IP) {
+            matches = true
+            return false // Works as a 'break'
+        }
+        return true
+    })
+    return matches
+}
+
+async function createOrReplaceRecord(zone: Zone, domain: string, IP: string, slice: string): Promise<void> {
+    const werft = getGlobalWerftInstance()
+    const record = new Record(zone, 'a', {
+        name: `${domain}.`,
+        ttl: 300,
+        data: IP
+    })
+
+    const [records] = await zone.getRecords({ name: `${domain}.` })
+    records.forEach(async (record) => {
+        werft.log(slice, `Deleting old record for ${record.metadata.name} due to IP mismatch.`)
+        await record.delete()
+    })
+
+    werft.log(slice, `Creating DNS record: ${JSON.stringify(record)}`) // delete before submiting PR
+    await zone.addRecords(record)
+}