Merge pull request #877 from flavio/aws-terraform-0.12

AWS deployment - port to terraform 0.12
SUSE · Feb 19, 2020 · 9c77a1b · 9c77a1b
2 parents e1748a8 + 9fd1e64
commit 9c77a1b
Show file tree

Hide file tree

Showing 18 changed files with 293 additions and 191 deletions.
diff --git a/ci/infra/aws/ami.tf b/ci/infra/aws/ami.tf
@@ -1,8 +1,9 @@
 data "susepubliccloud_image_ids" "sles15sp1_chost_byos" {
   cloud  = "amazon"
-  region = "${var.aws_region}"
+  region = var.aws_region
   state  = "active"
 
   # USE SLES 15 SP1 Container host AMI - this is needed to avoid issues like bsc#1146774
   name_regex = "suse-sles-15-sp1-chost-byos.*-hvm-ssd-x86_64"
 }
+
diff --git a/ci/infra/aws/aws.tf b/ci/infra/aws/aws.tf
@@ -2,25 +2,31 @@ locals {
   # Do not add the special `kubernetes.io/cluster<cluster-name>` here,
   # this tag cannot be added to all our resources otherwise the CPI
   # will get confused when dealing with security rules objects.
-  basic_tags = "${merge(
-    map("Name", var.stack_name,
-        "Environment", var.stack_name),
-    var.tags)}"
+  basic_tags = merge(
+    {
+      "Name"        = var.stack_name
+      "Environment" = var.stack_name
+    },
+    var.tags,
+  )
 
-  tags = "${merge(
+  tags = merge(
     local.basic_tags,
-    map(format("kubernetes.io/cluster/%v", var.stack_name), "SUSE-terraform")
-  )}"
+    {
+      format("kubernetes.io/cluster/%v", var.stack_name) = "SUSE-terraform"
+    },
+  )
 }
 
 provider "aws" {
-  region     = "${var.aws_region}"
-  access_key = "${var.aws_access_key}"
-  secret_key = "${var.aws_secret_key}"
+  region     = var.aws_region
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
   profile    = "default"
 }
 
 resource "aws_key_pair" "kube" {
   key_name   = "${var.stack_name}-keypair"
-  public_key = "${element(var.authorized_keys, 0)}"
+  public_key = element(var.authorized_keys, 0)
 }
+
diff --git a/ci/infra/aws/cloud-init.tf b/ci/infra/aws/cloud-init.tf
@@ -1,60 +1,60 @@
 data "template_file" "register_rmt" {
-  template = "${file("cloud-init/register-rmt.tpl")}"
-  count    = "${var.rmt_server_name == "" ? 0 : 1}"
+  template = file("cloud-init/register-rmt.tpl")
+  count    = var.rmt_server_name == "" ? 0 : 1
 
-  vars {
-    rmt_server_name = "${var.rmt_server_name}"
+  vars = {
+    rmt_server_name = var.rmt_server_name
   }
 }
 
 data "template_file" "register_scc" {
   # register with SCC iff an RMT has not been provided
-  count    = "${var.caasp_registry_code != "" && var.rmt_server_name == "" ? 1 : 0}"
-  template = "${file("cloud-init/register-scc.tpl")}"
+  count    = var.caasp_registry_code != "" && var.rmt_server_name == "" ? 1 : 0
+  template = file("cloud-init/register-scc.tpl")
 
-  vars {
-    caasp_registry_code = "${var.caasp_registry_code}"
+  vars = {
+    caasp_registry_code = var.caasp_registry_code
   }
 }
 
 data "template_file" "register_suma" {
-  template = "${file("cloud-init/register-suma.tpl")}"
-  count    = "${var.suma_server_name == "" ? 0 : 1}"
+  template = file("cloud-init/register-suma.tpl")
+  count    = var.suma_server_name == "" ? 0 : 1
 
-  vars {
-    suma_server_name = "${var.suma_server_name}"
+  vars = {
+    suma_server_name = var.suma_server_name
   }
 }
 
 data "template_file" "repositories" {
-  count    = "${length(var.repositories) == 0 ? 0 : length(var.repositories)}"
-  template = "${file("cloud-init/repository.tpl")}"
+  count    = length(var.repositories)
+  template = file("cloud-init/repository.tpl")
 
-  vars {
-    repository_url  = "${element(values(var.repositories[count.index]), 0)}"
-    repository_name = "${element(keys(var.repositories[count.index]), 0)}"
+  vars = {
+    repository_url  = var.repositories[count.index]
+    repository_name = var.repositories[count.index]
   }
 }
 
 data "template_file" "commands" {
-  template = "${file("cloud-init/commands.tpl")}"
-  count    = "${join("", var.packages) == "" ? 0 : 1}"
+  template = file("cloud-init/commands.tpl")
+  count    = length(var.packages) == 0 ? 0 : 1
 
-  vars {
-    packages = "${join(", ", var.packages)}"
+  vars = {
+    packages = join(", ", var.packages)
   }
 }
 
 data "template_file" "cloud-init" {
-  template = "${file("cloud-init/cloud-init.yaml.tpl")}"
+  template = file("cloud-init/cloud-init.yaml.tpl")
 
-  vars {
-    authorized_keys = "${join("\n", formatlist("  - %s", var.authorized_keys))}"
-    commands        = "${join("\n", data.template_file.commands.*.rendered)}"
-    repositories    = "${length(var.repositories) == 0 ? "\n" : join("\n", data.template_file.repositories.*.rendered)}"
-    register_scc    = "${var.caasp_registry_code != "" && var.rmt_server_name == "" ? join("\n", data.template_file.register_scc.*.rendered) : "" }"
-    register_rmt    = "${var.rmt_server_name != "" ? join("\n", data.template_file.register_rmt.*.rendered) : ""}"
-    register_suma   = "${var.suma_server_name != "" ? join("\n", data.template_file.register_suma.*.rendered) : ""}"
+  vars = {
+    authorized_keys = join("\n", formatlist("  - %s", var.authorized_keys))
+    commands        = join("\n", data.template_file.commands.*.rendered)
+    repositories    = length(var.repositories) == 0 ? "\n" : join("\n", data.template_file.repositories.*.rendered)
+    register_scc    = var.caasp_registry_code != "" && var.rmt_server_name == "" ? join("\n", data.template_file.register_scc.*.rendered) : ""
+    register_rmt    = var.rmt_server_name != "" ? join("\n", data.template_file.register_rmt.*.rendered) : ""
+    register_suma   = var.suma_server_name != "" ? join("\n", data.template_file.register_suma.*.rendered) : ""
   }
 }
 
@@ -64,6 +64,7 @@ data "template_cloudinit_config" "cfg" {
 
   part {
     content_type = "text/cloud-config"
-    content      = "${data.template_file.cloud-init.rendered}"
+    content      = data.template_file.cloud-init.rendered
   }
 }
+
diff --git a/ci/infra/aws/iam_policies.tf b/ci/infra/aws/iam_policies.tf
@@ -7,10 +7,10 @@ locals {
 }
 
 resource "aws_iam_policy" "master" {
-  name        = "${local.aws_iam_policy_master_terraform}"
+  name        = local.aws_iam_policy_master_terraform
   path        = "/"
   description = "IAM policy needed by CPI on master nodes"
-  count       = "${length(var.iam_profile_master) == 0 ? 1 : 0}"
+  count       = length(var.iam_profile_master) == 0 ? 1 : 0
 
   policy = <<EOF
 {
@@ -81,13 +81,14 @@ resource "aws_iam_policy" "master" {
   ]
 }
 EOF
+
 }
 
 resource "aws_iam_policy" "worker" {
-  name        = "${local.aws_iam_policy_worker_terraform}"
+  name        = local.aws_iam_policy_worker_terraform
   path        = "/"
   description = "IAM policy needed by CPI on worker nodes"
-  count       = "${length(var.iam_profile_worker) == 0 ? 1 : 0}"
+  count       = length(var.iam_profile_worker) == 0 ? 1 : 0
 
   policy = <<EOF
 {
@@ -111,4 +112,6 @@ resource "aws_iam_policy" "worker" {
   ]
 }
 EOF
+
 }
+
diff --git a/ci/infra/aws/load-balancer.tf b/ci/infra/aws/load-balancer.tf
@@ -2,13 +2,13 @@ resource "aws_elb" "kube_api" {
   connection_draining       = false
   cross_zone_load_balancing = true
   idle_timeout              = 400
-  instances                 = ["${aws_instance.control_plane.*.id}"]
+  instances                 = aws_instance.control_plane.*.id
   name                      = "${var.stack_name}-elb"
-  subnets                   = ["${aws_subnet.public.0.id}"]
+  subnets                   = [aws_subnet.public.id]
 
   security_groups = [
-    "${aws_security_group.elb.id}",
-    "${aws_security_group.egress.id}",
+    aws_security_group.elb.id,
+    aws_security_group.egress.id,
   ]
 
   # kube
@@ -47,5 +47,6 @@ resource "aws_elb" "kube_api" {
 }
 
 output "elb_address" {
-  value = "${aws_elb.kube_api.dns_name}"
+  value = aws_elb.kube_api.dns_name
 }
+
diff --git a/ci/infra/aws/master-instance.tf b/ci/infra/aws/master-instance.tf
@@ -1,35 +1,37 @@
 resource "aws_instance" "control_plane" {
-  ami                         = "${data.susepubliccloud_image_ids.sles15sp1_chost_byos.ids[0]}"
+  ami                         = data.susepubliccloud_image_ids.sles15sp1_chost_byos.ids[0]
   associate_public_ip_address = true
-  count                       = "${var.masters}"
-  instance_type               = "${var.master_size}"
-  key_name                    = "${aws_key_pair.kube.key_name}"
+  count                       = var.masters
+  instance_type               = var.master_size
+  key_name                    = aws_key_pair.kube.key_name
   source_dest_check           = false
-  subnet_id                   = "${aws_subnet.public.0.id}"
-  user_data                   = "${data.template_cloudinit_config.cfg.rendered}"
-  iam_instance_profile        = "${length(var.iam_profile_master) == 0 ? local.aws_iam_policy_master_terraform : var.iam_profile_master}"
+  subnet_id                   = aws_subnet.public.id
+  user_data                   = data.template_cloudinit_config.cfg.rendered
+  iam_instance_profile        = length(var.iam_profile_master) == 0 ? local.aws_iam_policy_master_terraform : var.iam_profile_master
 
   depends_on = [
-    "aws_internet_gateway.platform",
-    "aws_iam_policy.master",
+    aws_internet_gateway.platform,
+    aws_iam_policy.master,
   ]
 
-  tags = "${merge(local.tags, map(
-    "Name", "${var.stack_name}-master-${count.index}",
-    "Class", "Instance"))}"
+  tags = merge(
+    local.tags,
+    {
+      "Name"  = "${var.stack_name}-master-${count.index}"
+      "Class" = "Instance"
+    },
+  )
 
   vpc_security_group_ids = [
-    "${aws_security_group.egress.id}",
-    "${aws_security_group.common.id}",
-    "${aws_security_group.master.id}",
+    aws_security_group.egress.id,
+    aws_security_group.common.id,
+    aws_security_group.master.id,
   ]
 
   lifecycle {
     create_before_destroy = true
 
-    ignore_changes = [
-      "ami",
-    ]
+    ignore_changes = [ami]
   }
 
   root_block_device {
@@ -38,3 +40,4 @@ resource "aws_instance" "control_plane" {
     delete_on_termination = true
   }
 }
+