From 6ad00184e313c56058d8432b76fd995ce97a072e Mon Sep 17 00:00:00 2001 From: Daniel Mannarino Date: Fri, 23 Jun 2023 22:39:03 -0400 Subject: [PATCH] Upgrade to TF module 0.4.5 which uses TF 1.0.x --- terraform/docker/docker-compose.yml | 4 +-- terraform/main.tf | 38 +++++++++++++++++------------ terraform/versions.tf | 4 +-- 3 files changed, 27 insertions(+), 19 deletions(-) diff --git a/terraform/docker/docker-compose.yml b/terraform/docker/docker-compose.yml index 4f72dd0..84360b5 100644 --- a/terraform/docker/docker-compose.yml +++ b/terraform/docker/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.7" services: terraform: - image: globalforestwatch/terraform:1.2.2 + image: globalforestwatch/terraform:v1.4.2 volumes: - ../../:/usr/local/src - $HOME/.aws:/root/.aws:ro @@ -13,4 +13,4 @@ services: - AWS_REGION=us-east-1 - AWS_PROFILE working_dir: /usr/local/src - entrypoint: infra + entrypoint: infra \ No newline at end of file diff --git a/terraform/main.tf b/terraform/main.tf index 7bec82c..4b8c43c 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,4 +1,3 @@ -# Require TF version to be same as or greater than 0.12.13 terraform { backend "s3" { region = "us-east-1" @@ -26,7 +25,8 @@ module "vpc" { module.firewall.default_security_group_id, module.postgresql.security_group_id, module.documentdb.security_group_id, - module.redis.security_group_id] + module.redis.security_group_id + ] keys = values(aws_key_pair.all)[*].public_key // keys = concat(values(aws_key_pair.all)[*].public_key, data.terraform_remote_state.fw_core.outputs.public_keys) } @@ -34,7 +34,11 @@ module "vpc" { module "postgresql" { source = "./modules/postgresql" - availability_zone_names = [module.vpc.private_subnets[0].availability_zone, module.vpc.private_subnets[1].availability_zone, module.vpc.private_subnets[3].availability_zone] + availability_zone_names = [ + module.vpc.private_subnets[0].availability_zone, + module.vpc.private_subnets[1].availability_zone, + module.vpc.private_subnets[3].availability_zone + ] log_retention_period = var.log_retention_period private_subnet_ids = [module.vpc.private_subnets[0].id, module.vpc.private_subnets[1].id, module.vpc.private_subnets[3].id] project = var.project_prefix @@ -48,7 +52,9 @@ module "postgresql" { tags = merge( { Job = "Geostore", - }, local.tags) + }, + local.tags + ) vpc_id = module.vpc.id rds_password_ro = var.rds_password_ro rds_port = 5432 @@ -61,24 +67,26 @@ module "sns" { tags = merge( { Job = "SNS Discovery Topic", - }, local.tags) + }, + local.tags + ) } module "data-lake_bucket" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.5" bucket_name = "gfw-data-lake${local.bucket_suffix}" project = var.project_prefix requester_pays = true tags = merge({ Job = "Data Lake" }, local.tags) read_roles = [ jsonencode(formatlist("arn:aws:iam::%s:root", values(var.wri_accounts))), - jsonencode(formatlist("arn:aws:iam::%s:role/core-emr_profile", - matchkeys(values(var.wri_accounts), keys(var.wri_accounts), ["gfw_production", "gfw_staging", "gfw_dev"])))] + jsonencode(formatlist("arn:aws:iam::%s:role/core-emr_profile", matchkeys(values(var.wri_accounts), keys(var.wri_accounts), ["gfw_production", "gfw_staging", "gfw_dev"]))) + ] write_policy_prefix = ["", "*/raw/"] } module "pipeline_bucket" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.5" bucket_name = "gfw-pipelines${local.bucket_suffix}" project = var.project_prefix requester_pays = false @@ -119,7 +127,7 @@ module "pipeline_bucket" { module "data-lake-test-bucket" { count = var.environment == "dev" ? 1 : 0 - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.5" bucket_name = "gfw-data-lake-test" requester_pays = true project = var.project_prefix @@ -129,7 +137,7 @@ module "data-lake-test-bucket" { module "pipeline-test-bucket" { count = var.environment == "dev" ? 1 : 0 - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/storage?ref=v0.4.5" bucket_name = "gfw-pipelines-test" requester_pays = false project = var.project_prefix @@ -147,7 +155,7 @@ module "firewall" { } module "api_token_secret" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.5" project = var.project_prefix name = "gfw-api/token" secret_string = jsonencode({ "token" = var.gfw_api_token, "email" = "gfw-sync@wri.org" }) @@ -155,21 +163,21 @@ module "api_token_secret" { module "slack_secret" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.5" project = var.project_prefix name = "slack/gfw-sync" secret_string = jsonencode({ "data-updates" = var.slack_data_updates_hook }) } module "gcs_gfw_gee_export_secret" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.5" project = var.project_prefix name = "gcs/gfw-gee-export" secret_string = var.gfw-gee-export_key } module "planet_api_key_secret" { - source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.0" + source = "git::https://github.com/wri/gfw-terraform-modules.git//terraform/modules/secrets?ref=v0.4.5" project = var.project_prefix name = "planet/api_key" secret_string = var.planet_api_key diff --git a/terraform/versions.tf b/terraform/versions.tf index 534ac6e..8fb1b27 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 2.56, < 4.0" + version = ">= 4, < 5" region = "us-east-1" } local = { @@ -13,4 +13,4 @@ terraform { } } required_version = ">= 0.13" -} +} \ No newline at end of file