uber/astro uber/astro

  • Stars
    star
    434
  • Rank 100,274 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created about 6 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
uber/astro
github

uber

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Astro is a tool for managing multiple Terraform executions as a single command

Astro

Astro is a tool for managing multiple Terraform executions as a single command.

Features:

  • Declarative configuration for modules to execute
  • Dependencies between modules
  • Fast, concurrent executions of Terraform operations
  • Safe Terraform upgrades and state file migrations

NOTE: Astro is currently experimental.

Getting started

Installation

Install Astro using go get (Go >1.12 required):

GO111MODULE=on go get github.com/uber/astro/astro/cli/astro

This will install a binary called astro in your $GOPATH/bin.

Alternatively, you can download precompiled binaries from the Github releases page.

Note that from version 0.6.0 tvm, a tool to download and install specific versions of Terraform for your platforms, is packaged together with astro.

Configuration

Astro looks for a configuration file called astro.yaml in the current or parent directories. It is recommended to place this file in the same top-level directory of your project where the Terraform code exists (e.g. terraform/astro.yaml).

An example astro configuration could look like:

---

terraform:
  version: 0.11.7

hooks:
  startup:
    - command: assume-role --role terraform
      set_env: true

modules:
  - name: app
    path: core/app
    deps:
      - module: users
      - module: vpc
    remote:
      backend_config:
        bucket: acme-terraform-states
        key: "{{.aws_region}}/app-{{.environment}}.tfstate"
        region: us-east-1
    variables:
      - name: region
      - name: environment
        values: [dev, prod]

  - name: database
    path: core/database
    remote:
      backend_config:
        bucket: acme-terraform-states
        key: "{{.aws_region}}/database-{{.environment}}.tfstate"
        region: us-east-1
    variables:
      - name: region
      - name: environment
        values: [dev, prod]

  - name: mgmt
    path: core/mgmt
    deps:
      - module: vpc
        variables:
          environment: mgmt  # depends on vpc/mgmt
    remote:
      backend_config:
        bucket: acme-terraform-states
        key: "{{.aws_region}}/mgmt-{{.environment}}.tfstate"
        region: us-east-1
    variables:
      - name: region

  - name: users
    path: core/users
    remote:
      backend_config:
        bucket: acme-terraform-states
        key: global/users
        region: us-east-1

  - name: vpc
    path: core/vpc
    remote:
      backend_config:
        bucket: acme-terraform-states
        key: "{{.aws_region}}/vpc-{{.environment}}.tfstate"
        region: us-east-1
    variables:
      - name: region
      - name: environment
        values: [mgmt, dev, prod]

Planning

You can run a plan across all modules by doing:

astro plan --region us-east-1

--region in this example is one of the variables defined in the module configuration above with no predefined value, so it must be provided at the command line.

Astro will show the results of the plan for each execution:

> astro plan --region us-east-1
users: OK No changes (7s)
vpc-mgmt-us-east-1: OK No changes (15s)
vpc-dev-us-east-1: OK No changes (31s)
vpc-prod-us-east-1: OK No changes (28s)
database-dev-us-east-1: OK No changes (9s)
database-prod-us-east-1: OK No changes (10s)
app-dev-us-east-1: OK No changes (10s)
app-prod-us-east-1: OK No changes (11s)
mgmt-us-east-1: OK No changes (43s)
>

If there is a change, the plan will be shown, e.g.:

> astro plan --region us-east-1 --modules app
app-dev-us-east-1: OK Changes (10s)

  ~ module.app.aws_s3_bucket.app-data
      versioning.0.enabled: "false" => "true"

app-prod-us-east-1: OK Changes (11s)

  ~ module.app.aws_s3_bucket.app-data
      versioning.0.enabled: "false" => "true"
>

Upgrading

Upgrading Terraform is as easy as changing the version in the config, e.g.:

diff --git a/terraform/astro.yaml b/terraform/astro.yaml
index 5725a36d..c0ef720f 100644
--- a/terraform/astro.yaml
+++ b/terraform/astro.yaml
@@ -1,7 +1,7 @@
 ---

 terraform:
-  version: 0.10.5
+  version: 0.11.7

 modules:
  - name: app

Astro will automatically download the new version when it needs it next.

Detaching from the remote

Older versions of Terraform had the ability to disable the remote state, which was useful for performing safe upgrades or migrations.

Astro restores this ability using the --detach command to plan, e.g.:

astro plan --detach

This will create a session directory with a sandbox containing a copy (hard links) of the Terraform code, along with a local copy of the state file:

> ls terraform/.astro/01CGC80C81CJFPFCCM0F1FRKDJ/app/sandbox/core/app/terraform.tfstate
terraform/.astro/01CGC80C81CJFPFCCM0F1FRKDJ/app/sandbox/core/app/terraform.tfstate

If you need to test anything, you can change directory within the sandbox without affecting the remote.

Hooks

Astro can run run external commands both at startup or before the execution of a module. If set_env is true, Astro will parse command output for NAME=value pairs, and set those as environment values.

This can be useful, for example, when using an assume-role script to assume an AWS role that requires MFA authentication. If the script outputs AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN to standard output, then it can be used as a startup hook by Astro to transparently change role before running Terraform.

Use cases

Dynamic environments

When running a terraform plan or terraform apply, you can specify custom variables at the command line (using -var foo=bar). This can be used to dynamically deploy to a particular environment, or region, for example.

Astro allows you to specify these variables at runtime, or filter a set of predefined ones.

In the example configuration above, the "app" and "database" modules are deployed to two different environments ("dev" and "prod") by invoking Terraform with different -var environment=<value> flags set.

What is happening behind the scenes is the module configuration generates a list of "executions", which is a Cartesian product of each set of possible variable values, plus the user-provided values at run time.

Each execution is then run in parallel, taking into considerations dependencies that modules may have on one another.

Targeted deploys

Given a list of predefined environments, the user can "filter" which executions are run. For example, the following would run only the executions with enviroment=dev:

astro plan --enviroment dev

The result would be:

> astro plan --region us-east-1 --environment dev
vpc-dev-us-east-1: OK No changes (31s)
database-dev-us-east-1: OK No changes (9s)
app-dev-us-east-1: OK No changes (10s)
>

Remapping CLI flags

Astro is meant to be used every day by operators. If your Terraform variable names are long-winded to type at the CLI, you can remap them to something simpler. For example, instead of typing --environment dev, you may wish to shorten this to --env dev.

You can specify a flags: block in your project configuration, like:

flags:
  environment:
    name: env
    description: Environment to deploy to

This will remap the "environment" Terraform variable to --env on the astro command line. You can also specify a description that will show up in the --help text.

More Repositories

1

react-vis

Data Visualization Components
JavaScript
8,732
star
2

baseweb

A React Component library implementing the Base design language
TypeScript
8,731
star
3

cadence

Cadence is a distributed, scalable, durable, and highly available orchestration engine to execute asynchronous long-running business logic in a scalable and resilient way.
Go
8,270
star
4

RIBs

Uber's cross-platform mobile architecture framework.
Kotlin
7,760
star
5

kraken

P2P Docker registry capable of distributing TBs of data in seconds
Go
6,099
star
6

causalml

Uplift modeling and causal inference with machine learning algorithms
Python
5,049
star
7

prototool

Your Swiss Army Knife for Protocol Buffers
Go
5,042
star
8

h3

Hexagonal hierarchical geospatial indexing system
C
4,911
star
9

NullAway

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Java
3,630
star
10

AutoDispose

Automatic binding+disposal of RxJava streams.
Java
3,369
star
11

aresdb

A GPU-powered real-time analytics storage and query engine.
Go
3,028
star
12

react-digraph

A library for creating directed graph editors
JavaScript
2,622
star
13

piranha

A tool for refactoring code related to feature flag APIs
Rust
2,283
star
14

orbit

A Python package for Bayesian forecasting with object-oriented design and probabilistic models under the hood.
Python
1,872
star
15

needle

Compile-time safe Swift dependency injection framework
Swift
1,825
star
16

petastorm

Petastorm library enables single machine or distributed training and evaluation of deep learning models from datasets in Apache Parquet format. It supports ML frameworks such as Tensorflow, Pytorch, and PySpark and can be used from pure Python code.
Python
1,795
star
17

ios-snapshot-test-case

Snapshot view unit tests for iOS
Objective-C
1,790
star
18

manifold

A model-agnostic visual debugging tool for machine learning
JavaScript
1,649
star
19

okbuck

OkBuck is a gradle plugin that lets developers utilize the Buck build system on a gradle project.
Java
1,537
star
20

UberSignature

Provides an iOS view controller allowing a user to draw their signature with their finger in a realistic style.
Objective-C
1,287
star
21

nanoscope

An extremely accurate Android method tracing tool.
HTML
1,250
star
22

tchannel

network multiplexing and framing protocol for RPC
Thrift
1,153
star
23

queryparser

Parsing and analysis of Vertica, Hive, and Presto SQL.
Haskell
1,075
star
24

fiber

Distributed Computing for AI Made Simple
Python
1,043
star
25

neuropod

A uniform interface to run deep learning models from multiple frameworks
C++
936
star
26

uReplicator

Improvement of Apache Kafka Mirrormaker
Java
914
star
27

h3-js

h3-js provides a JavaScript version of H3, a hexagon-based geospatial indexing system.
JavaScript
863
star
28

pam-ussh

uber's ssh certificate pam module
Go
846
star
29

ringpop-go

Scalable, fault-tolerant application-layer sharding for Go applications
Go
831
star
30

h3-py

Python bindings for H3, a hierarchical hexagonal geospatial indexing system
Python
826
star
31

mockolo

Efficient Mock Generator for Swift
Swift
814
star
32

xviz

A protocol for real-time transfer and visualization of autonomy data
JavaScript
760
star
33

streetscape.gl

Visualization framework for autonomy and robotics data encoded in XVIZ
JavaScript
702
star
34

react-view

React View is an interactive playground, documentation and code generator for your components.
TypeScript
698
star
35

nebula.gl

A suite of 3D-enabled data editing overlays, suitable for deck.gl
TypeScript
690
star
36

RxDogTag

Automatic tagging of RxJava 2+ originating subscribe points for onError() investigation.
Java
647
star
37

peloton

Unified Resource Scheduler to co-schedule mixed types of workloads such as batch, stateless and stateful jobs in a single cluster for better resource utilization.
Go
642
star
38

motif

A simple DI API for Android / Java
Kotlin
532
star
39

signals-ios

Typeful eventing
Objective-C
528
star
40

grafana-dash-gen

grafana dash dash dash gen
JavaScript
490
star
41

tchannel-go

Go implementation of a multiplexing and framing protocol for RPC calls
Go
485
star
42

marmaray

Generic Data Ingestion & Dispersal Library for Hadoop
Java
479
star
43

zanzibar

A build system & configuration system to generate versioned API gateways.
Go
462
star
44

clay

Clay is a framework for building RESTful backend services using best practices. It’s a wrapper around Flask.
Python
441
star
45

NEAL

πŸ”ŽπŸž A language-agnostic linting platform
OCaml
429
star
46

react-vis-force

d3-force graphs as React Components.
JavaScript
404
star
47

arachne

An always-on framework that performs end-to-end functional network testing for reachability, latency, and packet loss
Go
395
star
48

cadence-web

Web UI for visualizing workflows on Cadence
JavaScript
392
star
49

Python-Sample-Application

Python
377
star
50

uber-ios-sdk

Uber iOS SDK (beta)
Swift
375
star
51

stylist

A stylist creates cool styles. Stylist is a Gradle plugin that codegens a base set of Android XML themes.
Kotlin
358
star
52

storagetapper

StorageTapper is a scalable realtime MySQL change data streaming, logical backup and logical replication service
Go
341
star
53

swift-concurrency

Concurrency utilities for Swift
Swift
327
star
54

RemoteShuffleService

Remote shuffle service for Apache Spark to store shuffle data on remote servers.
Java
323
star
55

h3-go

Go bindings for H3, a hierarchical hexagonal geospatial indexing system
Go
312
star
56

cyborg

Display Android Vectordrawables on iOS.
Swift
302
star
57

hermetic_cc_toolchain

Bazel C/C++ toolchain for cross-compiling C/C++ programs
Starlark
295
star
58

rides-android-sdk

Uber Rides Android SDK (beta)
Java
293
star
59

h3-java

Java bindings for H3, a hierarchical hexagonal geospatial indexing system
Java
281
star
60

h3-py-notebooks

Jupyter notebooks for h3-py, a hierarchical hexagonal geospatial indexing system
Jupyter Notebook
258
star
61

geojson2h3

Conversion utilities between H3 indexes and GeoJSON
JavaScript
225
star
62

artist

An artist creates views. Artist is a Gradle plugin that codegens a base set of Android Views.
Kotlin
211
star
63

tchannel-node

JavaScript
203
star
64

RxCentralBle

A reactive, interface-driven central role Bluetooth LE library for Android
Java
199
star
65

uberalls

Track code coverage metrics with Jenkins and Phabricator
Go
186
star
66

SwiftCodeSan

SwiftCodeSan is a tool that "sanitizes" code written in Swift.
Swift
177
star
67

rides-python-sdk

Uber Rides Python SDK (beta)
Python
176
star
68

doubles

Test doubles for Python.
Python
165
star
69

logtron

A logging MACHINE
JavaScript
159
star
70

athenadriver

A fully-featured AWS Athena database driver (+ athenareader https://github.com/uber/athenadriver/tree/master/athenareader)
Go
151
star
71

cadence-java-client

Java framework for Cadence Workflow Service
Java
143
star
72

bayesmark

Benchmark framework to easily compare Bayesian optimization methods on real machine learning tasks
Python
140
star
73

cassette

Store and replay HTTP requests made in your Python app
Python
138
star
74

UBTokenBar

Flexible and extensible UICollectionView based TokenBar written in Swift
Swift
136
star
75

tchannel-java

A Java implementation of the TChannel protocol.
Java
134
star
76

android-template

This template provides a starting point for open source Android projects at Uber.
Java
128
star
77

crumb

An annotation processor for breadcrumbing metadata across compilation boundaries.
Kotlin
124
star
78

py-find-injection

Look for SQL injection attacks in python source code
Python
119
star
79

rides-java-sdk

Uber Rides Java SDK (beta)
Java
105
star
80

startup-reason-reporter

Reports the reason why an iOS App started.
Objective-C
97
star
81

cadence-java-samples

Java
96
star
82

uber-poet

A mock swift project generator & build runner to help benchmark various module dependency graphs.
Python
96
star
83

charlatan

A Python library to efficiently manage and install database fixtures
Python
89
star
84

simple-store

Simple yet performant asynchronous file storage for Android
Java
84
star
85

swift-abstract-class

Compile-time abstract class validation for Swift
Swift
84
star
86

tchannel-python

Python implementation of the TChannel protocol.
Python
76
star
87

lint-checks

A set of opinionated and useful lint checks
Kotlin
73
star
88

client-platform-engineering

A collection of cookbooks, scripts and binaries used to manage our macOS, Ubuntu and Windows endpoints
Ruby
72
star
89

eight-track

Record and playback HTTP requests
JavaScript
70
star
90

multidimensional_urlencode

Python library to urlencode a multidimensional dict
Python
67
star
91

uncaught-exception

Handle uncaught exceptions.
JavaScript
66
star
92

swift-common

Common code used by various Uber open source projects
Swift
66
star
93

uberscriptquery

UberScriptQuery, a SQL-like DSL to make writing Spark jobs super easy
Java
59
star
94

sentry-logger

A Sentry transport for Winston
JavaScript
56
star
95

graph.gl

WebGL2-Powered Visualization Components for Graph Visualization
JavaScript
53
star
96

nanoscope-art

C++
49
star
97

assume-role-cli

CLI for AssumeRole is a tool for running programs with temporary credentials from AWS's AssumeRole API.
Go
47
star
98

airlock

A prober to probe HTTP based backends for health
JavaScript
47
star
99

mutornadomon

Easy-to-install monitor endpoint for Tornado applications
Python
46
star
100

kafka-logger

A kafka logger for winston
JavaScript
45
star