Use type map(object({...})) for all modules

After recent Terraform versions finalized the
optional object type attributes syntax, this
commit migrates all modules, primarily the
cluster modules away from type map(map(string)).

It also uses the new syntax to set default
values for optional attributes, and removes
setting these defaults in local blocks.

aws/_modules/eks/node_pool/main.tf

@@ -39,7 +39,7 @@ resource "aws_eks_node_group" "nodes" {
   labels = merge(var.labels, var.metadata_labels)
 
   dynamic "taint" {
-    for_each = var.taints
+    for_each = var.taints != null ? var.taints : toset([])
 
     content {
       key    = taint.value["key"]

aws/cluster/node-pool/configuration.tf

@@ -6,34 +6,4 @@ module "configuration" {
 
 locals {
   cfg = lookup(module.configuration.merged, terraform.workspace)
-
-  name = local.cfg["name"]
-
-  instance_types_lookup = local.cfg["instance_types"] == null ? "" : local.cfg["instance_types"]
-  instance_types        = toset(split(",", local.instance_types_lookup))
-  desired_capacity      = lookup(local.cfg, "desired_capacity")
-  min_size              = lookup(local.cfg, "min_size")
-  max_size              = lookup(local.cfg, "max_size")
-  disk_size             = lookup(local.cfg, "disk_size", null)
-
-  ami_type = lookup(local.cfg, "ami_type")
-
-  metadata_options = lookup(local.cfg, "metadata_options", null)
-
-  availability_zones_lookup = local.cfg["availability_zones"] == null ? "" : local.cfg["availability_zones"]
-  availability_zones        = compact(split(",", local.availability_zones_lookup))
-
-  az_subnet_ids            = length(data.aws_subnets.current) == 1 ? data.aws_subnets.current[0].ids : []
-  default_subnet_ids       = length(data.aws_subnets.current) == 1 ? local.az_subnet_ids : tolist(data.aws_eks_node_group.default.subnet_ids)
-  vpc_subnet_ids           = local.cfg["vpc_subnet_ids"] == null ? local.default_subnet_ids : split(",", local.cfg["vpc_subnet_ids"])
-  vpc_secondary_cidr       = lookup(local.cfg, "vpc_secondary_cidr", null)
-  vpc_subnet_newbits       = lookup(local.cfg, "vpc_subnet_newbits", null)
-  vpc_subnet_number_offset = local.cfg["vpc_subnet_number_offset"] == null ? 1 : local.cfg["vpc_subnet_number_offset"]
-  vpc_subnet_map_public_ip = lookup(local.cfg, "vpc_subnet_map_public_ip", null)
-
-  taints = local.cfg["taints"] == null ? toset([]) : local.cfg["taints"]
-
-  tags = local.cfg["tags"]
-
-  labels = local.cfg["labels"]
 }

aws/cluster/node-pool/data_sources.tf

@@ -14,7 +14,7 @@ data "aws_vpc" "current" {
 }
 
 data "aws_subnets" "current" {
-  count = length(local.availability_zones) > 0 ? 1 : 0
+  count = try(length(local.cfg["availability_zones"]), 0) > 0 ? 1 : 0
 
   filter {
     name   = "vpc-id"
@@ -25,7 +25,7 @@ data "aws_subnets" "current" {
   # only link subnet_ids belonging to these AZs
   filter {
     name   = "availability-zone"
-    values = local.availability_zones
+    values = local.cfg["availability_zones"]
   }
 
   # exclude control plane subnets
@@ -45,12 +45,12 @@ data "aws_internet_gateway" "current" {
 }
 
 data "aws_nat_gateway" "current" {
-  count = local.vpc_subnet_newbits == null ? 0 : local.vpc_subnet_map_public_ip == false ? length(local.availability_zones) : 0
+  count = local.vpc_subnet_newbits == null ? 0 : local.vpc_subnet_map_public_ip == false ? length(local.cfg["availability_zones"]) : 0
 
   vpc_id = data.aws_vpc.current.id
 
   tags = {
     "kubestack.com/cluster_name"          = data.aws_eks_cluster.current.name
-    "kubestack.com/cluster_provider_zone" = local.availability_zones[count.index]
+    "kubestack.com/cluster_provider_zone" = local.cfg["availability_zones"][count.index]
   }
 }

aws/cluster/node-pool/main.tf

@@ -16,28 +16,28 @@ module "node_pool" {
   eks_metadata_tags = local.tags_without_all_tags
   role_arn          = data.aws_eks_node_group.default.node_role_arn
 
-  node_group_name = local.name
+  node_group_name = local.cfg["name"]
 
   subnet_ids = local.vpc_subnet_newbits == null ? local.vpc_subnet_ids : aws_subnet.current.*.id
 
-  instance_types = local.instance_types
-  desired_size   = local.desired_capacity
-  max_size       = local.max_size
-  min_size       = local.min_size
+  instance_types = local.cfg["instance_types"]
+  desired_size   = local.cfg["desired_size"]
+  max_size       = local.cfg["max_size"]
+  min_size       = local.cfg["min_size"]
 
-  ami_type = local.ami_type
+  ami_type = local.cfg["ami_type"]
 
   kubernetes_version = data.aws_eks_cluster.current.version
 
-  disk_size = local.disk_size
+  disk_size = local.cfg["disk_size"]
 
-  metadata_options = local.metadata_options
+  metadata_options = local.cfg["metadata_options"]
 
-  taints = local.taints
+  taints = local.cfg["taints"]
 
-  tags = local.tags
+  tags = local.cfg["tags"]
 
-  labels = local.labels
+  labels = local.cfg["labels"]
 
   depends-on-aws-auth = null
 }

aws/cluster/node-pool/variables.tf

@@ -3,11 +3,11 @@ variable "configuration" {
 
     name = optional(string)
 
-    instance_types   = optional(string)
-    desired_capacity = optional(string)
-    min_size         = optional(string)
-    max_size         = optional(string)
-    disk_size        = optional(string)
+    instance_types = optional(list(string))
+    desired_size   = optional(string)
+    min_size       = optional(string)
+    max_size       = optional(string)
+    disk_size      = optional(string)
 
     ami_type = optional(string)
 
@@ -19,9 +19,9 @@ variable "configuration" {
       instance_metadata_tags      = optional(string)
     }))
 
-    availability_zones = optional(string)
+    availability_zones = optional(list(string))
 
-    vpc_subnet_ids = optional(string)
+    vpc_subnet_ids = optional(list(string))
 
     vpc_secondary_cidr = optional(string)
 

aws/cluster/node-pool/vpc.tf

@@ -1,18 +1,26 @@
+locals {
+  az_subnet_ids            = length(data.aws_subnets.current) == 1 ? data.aws_subnets.current[0].ids : []
+  default_subnet_ids       = length(data.aws_subnets.current) == 1 ? local.az_subnet_ids : tolist(data.aws_eks_node_group.default.subnet_ids)
+  vpc_subnet_ids           = local.cfg["vpc_subnet_ids"] == null ? local.default_subnet_ids : split(",", local.cfg["vpc_subnet_ids"])
+  vpc_secondary_cidr       = lookup(local.cfg, "vpc_secondary_cidr", null)
+  vpc_subnet_newbits       = lookup(local.cfg, "vpc_subnet_newbits", null)
+  vpc_subnet_number_offset = local.cfg["vpc_subnet_number_offset"] == null ? 1 : local.cfg["vpc_subnet_number_offset"]
+  vpc_subnet_map_public_ip = lookup(local.cfg, "vpc_subnet_map_public_ip", null)
+
+  subnet_cidr = length(aws_vpc_ipv4_cidr_block_association.current) == 1 ? aws_vpc_ipv4_cidr_block_association.current[0].cidr_block : data.aws_vpc.current.cidr_block
+}
+
 resource "aws_vpc_ipv4_cidr_block_association" "current" {
   count = local.vpc_secondary_cidr == null ? 0 : 1
 
   vpc_id     = data.aws_vpc.current.id
   cidr_block = local.vpc_secondary_cidr
 }
 
-locals {
-  subnet_cidr = length(aws_vpc_ipv4_cidr_block_association.current) == 1 ? aws_vpc_ipv4_cidr_block_association.current[0].cidr_block : data.aws_vpc.current.cidr_block
-}
-
 resource "aws_subnet" "current" {
-  count = local.vpc_subnet_newbits == null ? 0 : length(local.availability_zones)
+  count = local.vpc_subnet_newbits == null ? 0 : length(local.cfg["availability_zones"])
 
-  availability_zone = local.availability_zones[count.index]
+  availability_zone = local.cfg["availability_zones"][count.index]
   cidr_block = cidrsubnet(
     local.subnet_cidr,
     local.vpc_subnet_newbits,
@@ -25,13 +33,13 @@ resource "aws_subnet" "current" {
 }
 
 resource "aws_route_table" "current" {
-  count = local.vpc_subnet_newbits == null ? 0 : length(local.availability_zones)
+  count = local.vpc_subnet_newbits == null ? 0 : length(local.cfg["availability_zones"])
 
   vpc_id = data.aws_vpc.current.id
 }
 
 resource "aws_route" "current" {
-  count = local.vpc_subnet_newbits == null ? 0 : length(local.availability_zones)
+  count = local.vpc_subnet_newbits == null ? 0 : length(local.cfg["availability_zones"])
 
   route_table_id = aws_route_table.current[count.index].id
 
@@ -41,7 +49,7 @@ resource "aws_route" "current" {
 }
 
 resource "aws_route_table_association" "current" {
-  count = local.vpc_subnet_newbits == null ? 0 : length(local.availability_zones)
+  count = local.vpc_subnet_newbits == null ? 0 : length(local.cfg["availability_zones"])
 
   subnet_id      = aws_subnet.current[count.index].id
   route_table_id = aws_route_table.current[count.index].id

azurerm/_modules/aks/vnet.tf

@@ -16,5 +16,5 @@ resource "azurerm_subnet" "current" {
   resource_group_name  = data.azurerm_resource_group.current.name
   virtual_network_name = azurerm_virtual_network.current[0].name
 
-  service_endpoints = length(var.subnet_service_endpoints) > 0 ? var.subnet_service_endpoints : null
+  service_endpoints = var.subnet_service_endpoints
 }

azurerm/cluster/configuration.tf

@@ -8,62 +8,4 @@ module "configuration" {
 locals {
   # current workspace config
   cfg = module.configuration.merged[terraform.workspace]
-
-  name_prefix = local.cfg["name_prefix"]
-
-  base_domain = local.cfg["base_domain"]
-
-  resource_group = local.cfg["resource_group"]
-
-  dns_prefix = lookup(local.cfg, "dns_prefix", "api")
-
-  sku_tier = lookup(local.cfg, "sku_tier", "Free")
-
-  legacy_vnet_name        = lookup(local.cfg, "legacy_vnet_name", false)
-  vnet_address_space      = split(",", lookup(local.cfg, "vnet_address_space", "10.0.0.0/8"))
-  subnet_address_prefixes = split(",", lookup(local.cfg, "subnet_address_prefixes", "10.1.0.0/16"))
-
-  subnet_service_endpoints_lookup = lookup(local.cfg, "subnet_service_endpoints", "")
-  subnet_service_endpoints        = local.subnet_service_endpoints_lookup != "" ? split(",", local.subnet_service_endpoints_lookup) : []
-
-  network_plugin = lookup(local.cfg, "network_plugin", "kubenet")
-  network_policy = lookup(local.cfg, "network_policy", "calico")
-  service_cidr   = lookup(local.cfg, "service_cidr", "10.0.0.0/16")
-  dns_service_ip = lookup(local.cfg, "dns_service_ip", "10.0.0.10")
-  pod_cidr       = lookup(local.cfg, "pod_cidr", "10.244.0.0/16")
-  max_pods       = lookup(local.cfg, "max_pods", null)
-
-  default_node_pool_name = lookup(local.cfg, "default_node_pool_name", "default")
-  default_node_pool_type = lookup(local.cfg, "default_node_pool_type", "VirtualMachineScaleSets")
-
-  default_node_pool_enable_auto_scaling = lookup(local.cfg, "default_node_pool_enable_auto_scaling", true)
-  default_node_pool_min_count           = lookup(local.cfg, "default_node_pool_min_count", "1")
-  default_node_pool_max_count           = lookup(local.cfg, "default_node_pool_max_count", "1")
-  default_node_pool_node_count          = lookup(local.cfg, "default_node_pool_node_count", "1")
-
-  default_node_pool_vm_size              = lookup(local.cfg, "default_node_pool_vm_size", "Standard_B2s")
-  default_node_pool_only_critical_addons = lookup(local.cfg, "default_node_pool_only_critical_addons", false)
-  default_node_pool_os_disk_size_gb      = lookup(local.cfg, "default_node_pool_os_disk_size_gb", "30")
-
-  disable_default_ingress = lookup(local.cfg, "disable_default_ingress", false)
-
-  default_ingress_ip_zones_lookup = lookup(local.cfg, "default_ingress_ip_zones", "")
-  default_ingress_ip_zones        = local.default_ingress_ip_zones_lookup != "" ? split(",", local.default_ingress_ip_zones_lookup) : []
-
-  enable_azure_policy_agent = lookup(local.cfg, "enable_azure_policy_agent", false)
-
-  disable_managed_identities = lookup(local.cfg, "disable_managed_identities", false)
-  user_assigned_identity_id  = lookup(local.cfg, "user_assigned_identity_id", null)
-
-  enable_log_analytics = lookup(local.cfg, "enable_log_analytics", true)
-
-  kubernetes_version        = lookup(local.cfg, "kubernetes_version", null)
-  automatic_channel_upgrade = lookup(local.cfg, "automatic_channel_upgrade", null)
-
-  availability_zones_lookup = lookup(local.cfg, "availability_zones", "")
-  availability_zones        = local.availability_zones_lookup != "" ? split(",", local.availability_zones_lookup) : []
-
-  additional_metadata_labels_lookup = lookup(local.cfg, "additional_metadata_labels", "")
-  additional_metadata_labels_tuples = [for t in split(",", local.additional_metadata_labels_lookup) : split("=", t)]
-  additional_metadata_labels        = { for t in local.additional_metadata_labels_tuples : t[0] => t[1] if length(t) == 2 }
 }

azurerm/cluster/main.tf

@@ -1,12 +1,12 @@
 data "azurerm_resource_group" "current" {
-  name = local.resource_group
+  name = local.cfg["resource_group"]
 }
 
 module "cluster_metadata" {
   source = "../../common/metadata"
 
-  name_prefix = local.name_prefix
-  base_domain = local.base_domain
+  name_prefix = local.cfg["name_prefix"]
+  base_domain = local.cfg["base_domain"]
 
   provider_name   = "azure"
   provider_region = data.azurerm_resource_group.current.location
@@ -18,52 +18,56 @@ module "cluster_metadata" {
 module "cluster" {
   source = "../_modules/aks"
 
-  resource_group = local.resource_group
+  resource_group = local.cfg["resource_group"]
 
   metadata_name            = module.cluster_metadata.name
   metadata_fqdn            = module.cluster_metadata.fqdn
-  metadata_labels          = merge(module.cluster_metadata.labels, local.additional_metadata_labels)
+  metadata_labels          = merge(module.cluster_metadata.labels, local.cfg["additional_metadata_labels"])
   metadata_label_namespace = module.cluster_metadata.label_namespace
 
-  dns_prefix = local.dns_prefix
+  dns_prefix = local.cfg["dns_prefix"] != null ? local.cfg["dns_prefix"] : "api"
 
-  sku_tier = local.sku_tier
+  sku_tier = local.cfg["sku_tier"] != null ? local.cfg["sku_tier"] : "Free"
 
-  legacy_vnet_name         = local.legacy_vnet_name
-  vnet_address_space       = local.vnet_address_space
-  subnet_address_prefixes  = local.subnet_address_prefixes
-  subnet_service_endpoints = local.subnet_service_endpoints
+  legacy_vnet_name         = local.cfg["legacy_vnet_name"] != null ? local.cfg["legacy_vnet_name"] : false
+  vnet_address_space       = local.cfg["vnet_address_space"] != null ? local.cfg["vnet_address_space"] : ["10.0.0.0/8"]
+  subnet_address_prefixes  = local.cfg["subnet_address_prefixes"] != null ? local.cfg["subnet_address_prefixes"] : ["10.1.0.0/16"]
+  subnet_service_endpoints = local.cfg["subnet_service_endpoints"]
 
-  network_plugin = local.network_plugin
-  network_policy = local.network_policy
-  service_cidr   = local.service_cidr
-  dns_service_ip = local.dns_service_ip
-  pod_cidr       = local.pod_cidr
-  max_pods       = local.max_pods
+  network_plugin = local.cfg["network_plugin"] != null ? local.cfg["network_plugin"] : "kubenet"
+  network_policy = local.cfg["network_policy"] != null ? local.cfg["network_policy"] : "calico"
 
-  default_node_pool_name = local.default_node_pool_name
-  default_node_pool_type = local.default_node_pool_type
+  dns_service_ip = local.cfg["dns_service_ip"] != null ? local.cfg["dns_service_ip"] : "10.0.0.10"
 
-  default_node_pool_enable_auto_scaling = local.default_node_pool_enable_auto_scaling
-  default_node_pool_min_count           = local.default_node_pool_min_count
-  default_node_pool_max_count           = local.default_node_pool_max_count
-  default_node_pool_node_count          = local.default_node_pool_node_count
+  service_cidr = local.cfg["service_cidr"] != null ? local.cfg["service_cidr"] : "10.0.0.0/16"
+  pod_cidr     = local.cfg["pod_cidr"] != null ? local.cfg["pod_cidr"] : "10.244.0.0/16"
 
-  default_node_pool_only_critical_addons = local.default_node_pool_only_critical_addons
-  default_node_pool_vm_size              = local.default_node_pool_vm_size
-  default_node_pool_os_disk_size_gb      = local.default_node_pool_os_disk_size_gb
+  max_pods = local.cfg["max_pods"]
 
-  disable_default_ingress  = local.disable_default_ingress
-  default_ingress_ip_zones = local.default_ingress_ip_zones
+  default_node_pool_name = local.cfg["default_node_pool_name"] != null ? local.cfg["default_node_pool_name"] : "default"
+  default_node_pool_type = local.cfg["default_node_pool_type"] != null ? local.cfg["default_node_pool_type"] : "VirtualMachineScaleSets"
 
-  enable_azure_policy_agent = local.enable_azure_policy_agent
+  default_node_pool_enable_auto_scaling = local.cfg["default_node_pool_enable_auto_scaling"] != null ? local.cfg["default_node_pool_enable_auto_scaling"] : true
+  default_node_pool_min_count           = local.cfg["default_node_pool_min_count"] != null ? local.cfg["default_node_pool_min_count"] : 1
+  default_node_pool_max_count           = local.cfg["default_node_pool_max_count"] != null ? local.cfg["default_node_pool_max_count"] : 1
+  default_node_pool_node_count          = local.cfg["default_node_pool_node_count"] != null ? local.cfg["default_node_pool_node_count"] : 1
 
-  disable_managed_identities = local.disable_managed_identities
-  user_assigned_identity_id  = local.user_assigned_identity_id
+  default_node_pool_vm_size              = local.cfg["default_node_pool_vm_size"] != null ? local.cfg["default_node_pool_vm_size"] : "Standard_B2s"
+  default_node_pool_only_critical_addons = local.cfg["default_node_pool_only_critical_addons"] != null ? local.cfg["default_node_pool_only_critical_addons"] : false
+  default_node_pool_os_disk_size_gb      = local.cfg["default_node_pool_os_disk_size_gb"] != null ? local.cfg["default_node_pool_os_disk_size_gb"] : 30
 
-  kubernetes_version        = local.kubernetes_version
-  automatic_channel_upgrade = local.automatic_channel_upgrade
-  enable_log_analytics      = local.enable_log_analytics
+  disable_default_ingress  = local.cfg["disable_default_ingress"] != null ? local.cfg["disable_default_ingress"] : false
+  default_ingress_ip_zones = local.cfg["default_ingress_ip_zones"]
 
-  availability_zones = local.availability_zones
+  enable_azure_policy_agent = local.cfg["enable_azure_policy_agent"] != null ? local.cfg["enable_azure_policy_agent"] : false
+
+  disable_managed_identities = local.cfg["disable_managed_identities"] != null ? local.cfg["disable_managed_identities"] : false
+  user_assigned_identity_id  = local.cfg["user_assigned_identity_id"]
+
+  enable_log_analytics = local.cfg["enable_log_analytics"] != null ? local.cfg["enable_log_analytics"] : true
+
+  kubernetes_version        = local.cfg["kubernetes_version"]
+  automatic_channel_upgrade = local.cfg["automatic_channel_upgrade"]
+
+  availability_zones = local.cfg["availability_zones"]
 }