Skip to content

Commit

Permalink
feat!: Upgraded Terraform version to 1.0+. Added wrappers. (#249)
Browse files Browse the repository at this point in the history
  • Loading branch information
antonbabenko authored May 23, 2022
1 parent 9ac31e7 commit 25d31ee
Show file tree
Hide file tree
Showing 14 changed files with 178 additions and 8 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/pre-commit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,14 @@ jobs:
id: minMax
uses: clowdhaus/terraform-min-max@v1.0.3

- name: Install hcledit (for terraform_wrapper_module_for_each hook)
shell: bash
run: |
curl -L "$(curl -s https://api.github.com/repos/minamijoyo/hcledit/releases/latest | grep -o -E -m 1 "https://.+?_linux_amd64.tar.gz")" > hcledit.tgz
sudo tar -xzf hcledit.tgz -C /usr/bin/ hcledit
rm -f hcledit.tgz 2> /dev/null
hcledit version
- name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
uses: clowdhaus/terraform-composite-actions/pre-commit@v1.3.0
with:
Expand Down
1 change: 1 addition & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ repos:
rev: v1.71.0
hooks:
- id: terraform_fmt
- id: terraform_wrapper_module_for_each
- id: terraform_validate
- id: terraform_docs
args:
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,7 @@ module "lb" {

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.67 |

## Providers
Expand Down
2 changes: 1 addition & 1 deletion examples/complete-alb/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Note that this example may create resources which cost money. Run `terraform des

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.40 |
| <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.0 |
Expand Down
2 changes: 1 addition & 1 deletion examples/complete-alb/versions.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
terraform {
required_version = ">= 0.13.1"
required_version = ">= 1.0.0"

required_providers {
aws = {
Expand Down
2 changes: 1 addition & 1 deletion examples/complete-nlb/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Note that this example may create resources which cost money. Run `terraform des

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.40 |
| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.0 |

Expand Down
2 changes: 1 addition & 1 deletion examples/complete-nlb/versions.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
terraform {
required_version = ">= 0.13.1"
required_version = ">= 1.0.0"

required_providers {
aws = {
Expand Down
4 changes: 2 additions & 2 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ locals {
}

resource "aws_lambda_permission" "lb" {
for_each = var.create_lb && local.target_group_attachments_lambda != null ? local.target_group_attachments_lambda : {}
for_each = { for k, v in local.target_group_attachments_lambda : k => v if local.create_lb }

function_name = each.value.lambda_function_name
qualifier = try(each.value.lambda_qualifier, null)
Expand All @@ -158,7 +158,7 @@ resource "aws_lambda_permission" "lb" {
}

resource "aws_lb_target_group_attachment" "this" {
for_each = local.create_lb && local.target_group_attachments != null ? local.target_group_attachments : {}
for_each = { for k, v in local.target_group_attachments : k => v if local.create_lb }

target_group_arn = aws_lb_target_group.main[each.value.tg_index].arn
target_id = each.value.target_id
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
terraform {
required_version = ">= 0.13.1"
required_version = ">= 1.0.0"

required_providers {
aws = {
Expand Down
100 changes: 100 additions & 0 deletions wrappers/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
# Wrapper for the root module

The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt).

You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module.

This wrapper does not implement any extra functionality.

## Usage with Terragrunt

`terragrunt.hcl`:

```hcl
terraform {
source = "tfr:///terraform-aws-modules/alb/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-alb.git?ref=master//wrappers"
}
inputs = {
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = {
my-item = {
# omitted... can be any argument supported by the module
}
my-second-item = {
# omitted... can be any argument supported by the module
}
# omitted...
}
}
```

## Usage with Terraform

```hcl
module "wrapper" {
source = "terraform-aws-modules/alb/aws//wrappers"
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = {
my-item = {
# omitted... can be any argument supported by the module
}
my-second-item = {
# omitted... can be any argument supported by the module
}
# omitted...
}
}
```

## Example: Manage multiple S3 buckets in one Terragrunt layer

`eu-west-1/s3-buckets/terragrunt.hcl`:

```hcl
terraform {
source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers"
}
inputs = {
defaults = {
force_destroy = true
attach_elb_log_delivery_policy = true
attach_lb_log_delivery_policy = true
attach_deny_insecure_transport_policy = true
attach_require_latest_tls_policy = true
}
items = {
bucket1 = {
bucket = "my-random-bucket-1"
}
bucket2 = {
bucket = "my-random-bucket-2"
tags = {
Secure = "probably"
}
}
}
}
```
42 changes: 42 additions & 0 deletions wrappers/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
module "wrapper" {
source = "../"

for_each = var.items

create_lb = try(each.value.create_lb, var.defaults.create_lb, true)
drop_invalid_header_fields = try(each.value.drop_invalid_header_fields, var.defaults.drop_invalid_header_fields, false)
enable_deletion_protection = try(each.value.enable_deletion_protection, var.defaults.enable_deletion_protection, false)
enable_http2 = try(each.value.enable_http2, var.defaults.enable_http2, true)
enable_cross_zone_load_balancing = try(each.value.enable_cross_zone_load_balancing, var.defaults.enable_cross_zone_load_balancing, false)
extra_ssl_certs = try(each.value.extra_ssl_certs, var.defaults.extra_ssl_certs, [])
https_listeners = try(each.value.https_listeners, var.defaults.https_listeners, [])
http_tcp_listeners = try(each.value.http_tcp_listeners, var.defaults.http_tcp_listeners, [])
https_listener_rules = try(each.value.https_listener_rules, var.defaults.https_listener_rules, [])
http_tcp_listener_rules = try(each.value.http_tcp_listener_rules, var.defaults.http_tcp_listener_rules, [])
idle_timeout = try(each.value.idle_timeout, var.defaults.idle_timeout, 60)
ip_address_type = try(each.value.ip_address_type, var.defaults.ip_address_type, "ipv4")
listener_ssl_policy_default = try(each.value.listener_ssl_policy_default, var.defaults.listener_ssl_policy_default, "ELBSecurityPolicy-2016-08")
internal = try(each.value.internal, var.defaults.internal, false)
load_balancer_create_timeout = try(each.value.load_balancer_create_timeout, var.defaults.load_balancer_create_timeout, "10m")
load_balancer_delete_timeout = try(each.value.load_balancer_delete_timeout, var.defaults.load_balancer_delete_timeout, "10m")
name = try(each.value.name, var.defaults.name, null)
name_prefix = try(each.value.name_prefix, var.defaults.name_prefix, null)
load_balancer_type = try(each.value.load_balancer_type, var.defaults.load_balancer_type, "application")
load_balancer_update_timeout = try(each.value.load_balancer_update_timeout, var.defaults.load_balancer_update_timeout, "10m")
access_logs = try(each.value.access_logs, var.defaults.access_logs, {})
subnets = try(each.value.subnets, var.defaults.subnets, null)
subnet_mapping = try(each.value.subnet_mapping, var.defaults.subnet_mapping, [])
tags = try(each.value.tags, var.defaults.tags, {})
lb_tags = try(each.value.lb_tags, var.defaults.lb_tags, {})
target_group_tags = try(each.value.target_group_tags, var.defaults.target_group_tags, {})
https_listener_rules_tags = try(each.value.https_listener_rules_tags, var.defaults.https_listener_rules_tags, {})
http_tcp_listener_rules_tags = try(each.value.http_tcp_listener_rules_tags, var.defaults.http_tcp_listener_rules_tags, {})
https_listeners_tags = try(each.value.https_listeners_tags, var.defaults.https_listeners_tags, {})
http_tcp_listeners_tags = try(each.value.http_tcp_listeners_tags, var.defaults.http_tcp_listeners_tags, {})
security_groups = try(each.value.security_groups, var.defaults.security_groups, [])
target_groups = try(each.value.target_groups, var.defaults.target_groups, [])
vpc_id = try(each.value.vpc_id, var.defaults.vpc_id, null)
enable_waf_fail_open = try(each.value.enable_waf_fail_open, var.defaults.enable_waf_fail_open, false)
desync_mitigation_mode = try(each.value.desync_mitigation_mode, var.defaults.desync_mitigation_mode, "defensive")
putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true)
}
5 changes: 5 additions & 0 deletions wrappers/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
output "wrapper" {
description = "Map of outputs of a wrapper."
value = module.wrapper
# sensitive = false # No sensitive module output found
}
11 changes: 11 additions & 0 deletions wrappers/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
variable "defaults" {
description = "Map of default values which will be used for each item."
type = any
default = {}
}

variable "items" {
description = "Maps of items to create a wrapper from. Values are passed through to the module."
type = any
default = {}
}
3 changes: 3 additions & 0 deletions wrappers/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
terraform {
required_version = ">= 0.13.1"
}

0 comments on commit 25d31ee

Please sign in to comment.