From bebf2fbea5950a794d4bf5e5f02c93a1108a3c1d Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Wed, 6 Mar 2019 16:51:08 +0100 Subject: [PATCH 01/16] Remove unnecessary interpolation for single quoted variables --- bin/terraform | 2 +- main.tf | 274 +++++++++++++++++++++++++------------------------- 2 files changed, 138 insertions(+), 138 deletions(-) diff --git a/bin/terraform b/bin/terraform index 24c142d..a51041c 100755 --- a/bin/terraform +++ b/bin/terraform @@ -13,4 +13,4 @@ exec docker run \ --volume "$(cd .. && pwd)":/tmp/workspace/fargate-module \ --env AWS_PROFILE="${AWS_PROFILE}" \ --env AWS_DEFAULT_REGION="${AWS_DEFAULT_REGION}" \ - hashicorp/terraform:0.11.13 "${@}" + hashicorp/terraform:0.12.0-beta2 "${@}" diff --git a/main.tf b/main.tf index 6c274e4..b1ab239 100644 --- a/main.tf +++ b/main.tf @@ -1,7 +1,7 @@ # Main Module file terraform { - required_version = "~> 0.11.13" + required_version = ">= 0.12" } provider "random" { @@ -15,9 +15,9 @@ provider "template" { # VPC CONFIGURATION locals { - vpc_id = "${!var.vpc_create ? var.vpc_external_id : module.vpc.vpc_id}" + vpc_id = !var.vpc_create ? var.vpc_external_id : module.vpc.vpc_id - vpc_public_subnets = "${split(",", + vpc_public_subnets = split(",", length(var.vpc_public_subnets) > 0 || !var.vpc_create ? join(",", var.vpc_public_subnets) @@ -26,9 +26,9 @@ locals { cidrsubnet(var.vpc_cidr, 8, 2), cidrsubnet(var.vpc_cidr, 8, 3) )) - )}" + ) - vpc_private_subnets = "${split(",", + vpc_private_subnets = split(",", length(var.vpc_private_subnets) > 0 || !var.vpc_create ? join(",", var.vpc_private_subnets) @@ -37,19 +37,19 @@ locals { cidrsubnet(var.vpc_cidr, 8, 102), cidrsubnet(var.vpc_cidr, 8, 103) )) - )}" + ) - vpc_private_subnets_ids = "${split(",", + vpc_private_subnets_ids = split(",", !var.vpc_create ? join(",", var.vpc_external_private_subnets_ids) : join(",", module.vpc.private_subnets) - )}" + ) - vpc_public_subnets_ids = "${split(",", + vpc_public_subnets_ids = split(",", !var.vpc_create ? join(",", var.vpc_external_public_subnets_ids) : join(",", module.vpc.public_subnets) - )}" + ) } data "aws_availability_zones" "this" {} @@ -60,18 +60,18 @@ module "vpc" { source = "terraform-aws-modules/vpc/aws" version = "1.60.0" - create_vpc = "${var.vpc_create}" + create_vpc = var.vpc_create name = "${var.name}-${terraform.workspace}-vpc" - cidr = "${var.vpc_cidr}" - azs = "${data.aws_availability_zones.this.names}" + cidr = var.vpc_cidr + azs = data.aws_availability_zones.this.names - public_subnets = "${local.vpc_public_subnets}" - private_subnets = "${local.vpc_private_subnets}" + public_subnets = local.vpc_public_subnets + private_subnets = local.vpc_private_subnets # NAT gateway for private subnets - enable_nat_gateway = "${var.vpc_create_nat}" - single_nat_gateway = "${var.vpc_create_nat}" + enable_nat_gateway = var.vpc_create_nat + single_nat_gateway = var.vpc_create_nat # Every instance deployed within the VPC will get a hostname enable_dns_hostnames = true @@ -83,27 +83,27 @@ module "vpc" { # ECR resource "aws_ecr_repository" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${element(keys(var.services), count.index)}-${terraform.workspace}" } data "template_file" "ecr-lifecycle" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/policies/ecr-lifecycle-policy.json")}" + template = file("${path.module}/policies/ecr-lifecycle-policy.json") vars { - count = "${lookup(var.services[element(keys(var.services), count.index)], "registry_retention_count", var.ecr_default_retention_count)}" + count = lookup(var.services[element(keys(var.services), count.index)], "registry_retention_count", var.ecr_default_retention_count) } } resource "aws_ecr_lifecycle_policy" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - repository = "${element(aws_ecr_repository.this.*.name, count.index)}" + repository = element(aws_ecr_repository.this.*.name, count.index) - policy = "${element(data.template_file.ecr-lifecycle.*.rendered, count.index)}" + policy = element(data.template_file.ecr-lifecycle.*.rendered, count.index) } # ECS CLUSTER @@ -116,60 +116,60 @@ resource "aws_ecs_cluster" "this" { resource "aws_iam_role" "tasks" { name = "${var.name}-${terraform.workspace}-task-execution-role" - assume_role_policy = "${file("${path.module}/policies/ecs-task-execution-role.json")}" + assume_role_policy = file("${path.module}/policies/ecs-task-execution-role.json") } resource "aws_iam_role_policy" "tasks" { name = "${var.name}-${terraform.workspace}-task-execution-policy" - policy = "${file("${path.module}/policies/ecs-task-execution-role-policy.json")}" - role = "${aws_iam_role.tasks.id}" + policy = file("${path.module}/policies/ecs-task-execution-role-policy.json") + role = aws_iam_role.tasks.id } data "template_file" "tasks" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.cwd}/${lookup(var.services[element(keys(var.services), count.index)], "task_definition")}")}" + template = file("${path.cwd}/${lookup(var.services[element(keys(var.services), count.index)], "task_definition")}") vars { - container_name = "${element(keys(var.services), count.index)}" - container_port = "${lookup(var.services[element(keys(var.services), count.index)], "container_port")}" - repository_url = "${element(aws_ecr_repository.this.*.repository_url, count.index)}" - log_group = "${element(aws_cloudwatch_log_group.this.*.name, count.index)}" - region = "${var.region != "" ? var.region : data.aws_region.current.name}" + container_name = element(keys(var.services), count.index) + container_port = lookup(var.services[element(keys(var.services), count.index)], "container_port") + repository_url = element(aws_ecr_repository.this.*.repository_url, count.index) + log_group = element(aws_cloudwatch_log_group.this.*.name, count.index) + region = var.region != "" ? var.region : data.aws_region.current.name } } resource "aws_ecs_task_definition" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 family = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}" - container_definitions = "${element(data.template_file.tasks.*.rendered, count.index)}" + container_definitions = element(data.template_file.tasks.*.rendered, count.index) requires_compatibilities = ["FARGATE"] network_mode = "awsvpc" - cpu = "${lookup(var.services[element(keys(var.services), count.index)], "cpu")}" - memory = "${lookup(var.services[element(keys(var.services), count.index)], "memory")}" - execution_role_arn = "${aws_iam_role.tasks.arn}" - task_role_arn = "${aws_iam_role.tasks.arn}" + cpu = lookup(var.services[element(keys(var.services), count.index)], "cpu") + memory = lookup(var.services[element(keys(var.services), count.index)], "memory") + execution_role_arn = aws_iam_role.tasks.arn + task_role_arn = aws_iam_role.tasks.arn } data "aws_ecs_task_definition" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - task_definition = "${element(aws_ecs_task_definition.this.*.family, count.index)}" + task_definition = element(aws_ecs_task_definition.this.*.family, count.index) } resource "aws_cloudwatch_log_group" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "/ecs/${var.name}-${element(keys(var.services), count.index)}" - retention_in_days = "${lookup(var.services[element(keys(var.services), count.index)], "logs_retention_days", var.cloudwatch_logs_default_retention_days)}" + retention_in_days = lookup(var.services[element(keys(var.services), count.index)], "logs_retention_days", var.cloudwatch_logs_default_retention_days) } # SECURITY GROUPS resource "aws_security_group" "web" { - vpc_id = "${local.vpc_id}" + vpc_id = local.vpc_id name = "${var.name}-${terraform.workspace}-web-sg" } @@ -204,9 +204,9 @@ resource "aws_security_group_rule" "web_ingress_https" { } resource "aws_security_group" "services" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - vpc_id = "${local.vpc_id}" + vpc_id = local.vpc_id name = "${var.name}-${element(keys(var.services), count.index)}-${terraform.workspace}-services-sg" } @@ -237,22 +237,22 @@ resource "aws_security_group_rule" "services_ingress" { # ALBs resource "random_id" "target_group_sufix" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 keepers = { - container_port = "${lookup(var.services[element(keys(var.services), count.index)], "container_port")}" + container_port = lookup(var.services[element(keys(var.services), count.index)], "container_port") } byte_length = 2 } resource "aws_lb_target_group" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${element(keys(var.services), count.index)}-${element(random_id.target_group_sufix.*.hex, count.index)}" - port = "${element(random_id.target_group_sufix.*.keepers.container_port, count.index)}" + port = element(random_id.target_group_sufix.*.keepers.container_port, count.index) protocol = "HTTP" - vpc_id = "${local.vpc_id}" + vpc_id = local.vpc_id target_type = "ip" health_check { @@ -269,25 +269,25 @@ resource "aws_lb_target_group" "this" { } resource "aws_lb" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-alb" - subnets = ["${slice(local.vpc_public_subnets_ids, 0, min(length(data.aws_availability_zones.this.names), length(local.vpc_public_subnets_ids)))}"] - security_groups = ["${aws_security_group.web.id}"] + subnets = [slice(local.vpc_public_subnets_ids, 0, min(length(data.aws_availability_zones.this.names), length(local.vpc_public_subnets_ids)))] + security_groups = [aws_security_group.web.id] } resource "aws_lb_listener" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - load_balancer_arn = "${element(aws_lb.this.*.arn, count.index)}" - port = "${lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? 443 : 80}" - protocol = "${lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? "HTTPS" : "HTTP"}" - ssl_policy = "${lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? "ELBSecurityPolicy-FS-2018-06" : ""}" - certificate_arn = "${lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "")}" + load_balancer_arn = element(aws_lb.this.*.arn, count.index) + port = lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? 443 : 80 + protocol = lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? "HTTPS" : "HTTP" + ssl_policy = lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") != "" ? "ELBSecurityPolicy-FS-2018-06" : "" + certificate_arn = lookup(var.services[element(keys(var.services), count.index)], "acm_certificate_arn", "") depends_on = ["aws_lb_target_group.this"] default_action { - target_group_arn = "${element(aws_lb_target_group.this.*.arn, count.index)}" + target_group_arn = element(aws_lb_target_group.this.*.arn, count.index) type = "forward" } } @@ -295,29 +295,29 @@ resource "aws_lb_listener" "this" { # ECS SERVICES resource "aws_ecs_service" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${element(keys(var.services), count.index)}" - cluster = "${aws_ecs_cluster.this.name}" + cluster = aws_ecs_cluster.this.name task_definition = "${element(aws_ecs_task_definition.this.*.family, count.index)}:${max("${element(aws_ecs_task_definition.this.*.revision, count.index)}", "${element(data.aws_ecs_task_definition.this.*.revision, count.index)}")}" - desired_count = "${lookup(var.services[element(keys(var.services), count.index)], "replicas")}" + desired_count = lookup(var.services[element(keys(var.services), count.index)], "replicas") launch_type = "FARGATE" deployment_minimum_healthy_percent = 100 deployment_maximum_percent = 200 network_configuration { - security_groups = ["${element(aws_security_group.services.*.id, count.index)}"] + security_groups = [element(aws_security_group.services.*.id, count.index)] # https://github.com/hashicorp/terraform/issues/18259#issuecomment-438407005 - subnets = ["${split(",", var.vpc_create_nat ? join(",", local.vpc_private_subnets_ids) : join(",", local.vpc_public_subnets_ids))}"] - assign_public_ip = "${!var.vpc_create_nat}" + subnets = [split(",", var.vpc_create_nat ? join(",", local.vpc_private_subnets_ids) : join(",", local.vpc_public_subnets_ids))] + assign_public_ip = !var.vpc_create_nat } load_balancer { - target_group_arn = "${element(aws_lb_target_group.this.*.arn, count.index)}" - container_name = "${element(keys(var.services), count.index)}" - container_port = "${lookup(var.services[element(keys(var.services), count.index)], "container_port")}" + target_group_arn = element(aws_lb_target_group.this.*.arn, count.index) + container_name = element(keys(var.services), count.index) + container_port = lookup(var.services[element(keys(var.services), count.index)], "container_port") } depends_on = ["aws_lb_target_group.this", "aws_lb_listener.this"] @@ -384,39 +384,39 @@ resource "aws_s3_bucket" "this" { resource "aws_iam_role" "codebuild" { name = "${var.name}-${terraform.workspace}-codebuild-role" - assume_role_policy = "${file("${path.module}/policies/codebuild-role.json")}" + assume_role_policy = file("${path.module}/policies/codebuild-role.json") } data "template_file" "codebuild" { - template = "${file("${path.module}/policies/codebuild-role-policy.json")}" + template = file("${path.module}/policies/codebuild-role-policy.json") vars { - aws_s3_bucket_arn = "${aws_s3_bucket.this.arn}" + aws_s3_bucket_arn = aws_s3_bucket.this.arn } } resource "aws_iam_role_policy" "codebuild" { name = "${var.name}-${terraform.workspace}-codebuild-role-policy" - role = "${aws_iam_role.codebuild.id}" - policy = "${data.template_file.codebuild.rendered}" + role = aws_iam_role.codebuild.id + policy = data.template_file.codebuild.rendered } data "template_file" "buildspec" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/build/buildspec.yml")}" + template = file("${path.module}/build/buildspec.yml") vars { - container_name = "${element(keys(var.services), count.index)}" + container_name = element(keys(var.services), count.index) } } resource "aws_codebuild_project" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-builds" build_timeout = "10" - service_role = "${aws_iam_role.codebuild.arn}" + service_role = aws_iam_role.codebuild.arn artifacts { type = "CODEPIPELINE" @@ -433,46 +433,46 @@ resource "aws_codebuild_project" "this" { source { type = "CODEPIPELINE" - buildspec = "${element(data.template_file.buildspec.*.rendered, count.index)}" + buildspec = element(data.template_file.buildspec.*.rendered, count.index) } } # CODEPIPELINE resource "aws_iam_role" "codepipeline" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-codepipeline-role" - assume_role_policy = "${file("${path.module}/policies/codepipeline-role.json")}" + assume_role_policy = file("${path.module}/policies/codepipeline-role.json") } data "template_file" "codepipeline" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/policies/codepipeline-role-policy.json")}" + template = file("${path.module}/policies/codepipeline-role-policy.json") vars { - aws_s3_bucket_arn = "${aws_s3_bucket.this.arn}" - ecr_repository_arn = "${element(aws_ecr_repository.this.*.arn, count.index)}" + aws_s3_bucket_arn = aws_s3_bucket.this.arn + ecr_repository_arn = element(aws_ecr_repository.this.*.arn, count.index) } } resource "aws_iam_role_policy" "codepipeline" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-codepipeline-role-policy" - role = "${element(aws_iam_role.codepipeline.*.id, count.index)}" - policy = "${element(data.template_file.codepipeline.*.rendered, count.index)}" + role = element(aws_iam_role.codepipeline.*.id, count.index) + policy = element(data.template_file.codepipeline.*.rendered, count.index) } resource "aws_codepipeline" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-pipeline" - role_arn = "${element(aws_iam_role.codepipeline.*.arn, count.index)}" + role_arn = element(aws_iam_role.codepipeline.*.arn, count.index) artifact_store { - location = "${aws_s3_bucket.this.bucket}" + location = aws_s3_bucket.this.bucket type = "S3" } @@ -488,7 +488,7 @@ resource "aws_codepipeline" "this" { output_artifacts = ["source"] configuration { - RepositoryName = "${element(aws_ecr_repository.this.*.name, count.index)}" + RepositoryName = element(aws_ecr_repository.this.*.name, count.index) ImageTag = "latest" } } @@ -524,8 +524,8 @@ resource "aws_codepipeline" "this" { version = "1" configuration { - ClusterName = "${aws_ecs_cluster.this.name}" - ServiceName = "${element(keys(var.services), count.index)}" + ClusterName = aws_ecs_cluster.this.name + ServiceName = element(keys(var.services), count.index) FileName = "imagedefinitions.json" } } @@ -537,136 +537,136 @@ resource "aws_codepipeline" "this" { # CODEPIPELINE STATUS SNS data "template_file" "codepipeline_events" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 - template = "${file("${path.module}/cloudwatch/codepipeline-source-event.json")}" + template = file("${path.module}/cloudwatch/codepipeline-source-event.json") vars { - codepipeline_names = "${jsonencode(aws_codepipeline.this.*.name)}" + codepipeline_names = jsonencode(aws_codepipeline.this.*.name) } } data "template_file" "codepipeline_events_sns" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 - template = "${file("${path.module}/policies/sns-cloudwatch-events-policy.json")}" + template = file("${path.module}/policies/sns-cloudwatch-events-policy.json") vars { - sns_arn = "${element(aws_sns_topic.codepipeline_events.*.arn, count.index)}" + sns_arn = element(aws_sns_topic.codepipeline_events.*.arn, count.index) } } resource "aws_cloudwatch_event_rule" "codepipeline_events" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 name = "${var.name}-${terraform.workspace}-pipeline-events" description = "Amazon CloudWatch Events rule to automatically post SNS notifications when CodePipeline state changes." - event_pattern = "${element(data.template_file.codepipeline_events.*.rendered, count.index)}" + event_pattern = element(data.template_file.codepipeline_events.*.rendered, count.index) } resource "aws_sns_topic" "codepipeline_events" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 name = "${var.name}-${terraform.workspace}-codepipeline-events" display_name = "${var.name}-${terraform.workspace}-codepipeline-events" } resource "aws_sns_topic_policy" "codepipeline_events" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 - arn = "${element(aws_sns_topic.codepipeline_events.*.arn, count.index)}" + arn = element(aws_sns_topic.codepipeline_events.*.arn, count.index) - policy = "${element(data.template_file.codepipeline_events_sns.*.rendered, count.index)}" + policy = element(data.template_file.codepipeline_events_sns.*.rendered, count.index) } resource "aws_cloudwatch_event_target" "codepipeline_events" { - count = "${var.codepipeline_events_enabled ? 1 : 0}" + count = var.codepipeline_events_enabled ? 1 : 0 - rule = "${element(aws_cloudwatch_event_rule.codepipeline_events.*.name, count.index)}" + rule = element(aws_cloudwatch_event_rule.codepipeline_events.*.name, count.index) target_id = "${var.name}-${terraform.workspace}-codepipeline" - arn = "${element(aws_sns_topic.codepipeline_events.*.arn, count.index)}" + arn = element(aws_sns_topic.codepipeline_events.*.arn, count.index) } ### CLOUDWATCH BASIC DASHBOARD data "template_file" "metric_dashboard" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/metrics/basic-dashboard.json")}" + template = file("${path.module}/metrics/basic-dashboard.json") vars { - region = "${var.region != "" ? var.region : data.aws_region.current.name}" - alb_arn_suffix = "${element(aws_lb.this.*.arn_suffix, count.index)}" - cluster_name = "${aws_ecs_cluster.this.name}" - service_name = "${element(keys(var.services), count.index)}" + region = var.region != "" ? var.region : data.aws_region.current.name + alb_arn_suffix = element(aws_lb.this.*.arn_suffix, count.index) + cluster_name = aws_ecs_cluster.this.name + service_name = element(keys(var.services), count.index) } } resource "aws_cloudwatch_dashboard" "this" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 dashboard_name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-metrics-dashboard" - dashboard_body = "${element(data.template_file.metric_dashboard.*.rendered, count.index)}" + dashboard_body = element(data.template_file.metric_dashboard.*.rendered, count.index) } ### Remove after ECR as CodePipeline Source gets fully integrated with AWS Provider resource "aws_iam_role" "events" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-events-role" - assume_role_policy = "${file("${path.module}/policies/events-role.json")}" + assume_role_policy = file("${path.module}/policies/events-role.json") } data "template_file" "events" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/policies/events-role-policy.json")}" + template = file("${path.module}/policies/events-role-policy.json") vars { - codepipeline_arn = "${element(aws_codepipeline.this.*.arn, count.index)}" + codepipeline_arn = element(aws_codepipeline.this.*.arn, count.index) } } resource "aws_iam_role_policy" "events" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-events-role-policy" - role = "${element(aws_iam_role.events.*.id, count.index)}" - policy = "${element(data.template_file.events.*.rendered, count.index)}" + role = element(aws_iam_role.events.*.id, count.index) + policy = element(data.template_file.events.*.rendered, count.index) } data "template_file" "ecr_event" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - template = "${file("${path.module}/cloudwatch/ecr-source-event.json")}" + template = file("${path.module}/cloudwatch/ecr-source-event.json") vars { - ecr_repository_name = "${element(aws_ecr_repository.this.*.name, count.index)}" + ecr_repository_name = element(aws_ecr_repository.this.*.name, count.index) } } resource "aws_cloudwatch_event_rule" "events" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-ecr-event" description = "Amazon CloudWatch Events rule to automatically start your pipeline when a change occurs in the Amazon ECR image tag." - event_pattern = "${element(data.template_file.ecr_event.*.rendered, count.index)}" + event_pattern = element(data.template_file.ecr_event.*.rendered, count.index) depends_on = ["aws_codepipeline.this"] } resource "aws_cloudwatch_event_target" "events" { - count = "${length(var.services) > 0 ? length(var.services) : 0}" + count = length(var.services) > 0 ? length(var.services) : 0 - rule = "${element(aws_cloudwatch_event_rule.events.*.name, count.index)}" + rule = element(aws_cloudwatch_event_rule.events.*.name, count.index) target_id = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-codepipeline" - arn = "${element(aws_codepipeline.this.*.arn, count.index)}" - role_arn = "${element(aws_iam_role.events.*.arn, count.index)}" + arn = element(aws_codepipeline.this.*.arn, count.index) + role_arn = element(aws_iam_role.events.*.arn, count.index) } ### End Remove From 0fd5445677b98161df15c6c9b585b9d4da46025d Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Thu, 21 Mar 2019 11:49:22 +0100 Subject: [PATCH 02/16] =?UTF-8?q?Fmt=20=F0=9F=A4=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index b1ab239..8ee24b8 100644 --- a/main.tf +++ b/main.tf @@ -311,7 +311,7 @@ resource "aws_ecs_service" "this" { # https://github.com/hashicorp/terraform/issues/18259#issuecomment-438407005 subnets = [split(",", var.vpc_create_nat ? join(",", local.vpc_private_subnets_ids) : join(",", local.vpc_public_subnets_ids))] - assign_public_ip = !var.vpc_create_nat + assign_public_ip = ! var.vpc_create_nat } load_balancer { From cb4f10e066b34d607914532d603c83ab6fbd9a0e Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Thu, 21 Mar 2019 11:53:28 +0100 Subject: [PATCH 03/16] Disable TFLint for now Ref: https://github.com/wata727/tflint#current-project-status --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index b12372d..7f9b083 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,7 +30,7 @@ script: - terraform init -input=false - terraform validate -check-variables=false . - if [[ -n "$(terraform fmt -write=false)" ]]; then echo "Some terraform files need be formatted, run 'terraform fmt' to fix"; exit 1; fi - - tflint --debug + # - tflint bug TODO: Enable again when 0.12 support gets ready -> https://github.com/wata727/tflint#current-project-status - go test -v $(go list ./test/) notifications: From d42243b190b54b1660dfc361627506c69c5be5c4 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Fri, 19 Apr 2019 11:10:19 +0200 Subject: [PATCH 04/16] =?UTF-8?q?Fmt=20again=20=F0=9F=98=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.tf | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/main.tf b/main.tf index 8ee24b8..0b5762f 100644 --- a/main.tf +++ b/main.tf @@ -22,10 +22,10 @@ locals { || !var.vpc_create ? join(",", var.vpc_public_subnets) : join(",", list( - cidrsubnet(var.vpc_cidr, 8, 1), - cidrsubnet(var.vpc_cidr, 8, 2), - cidrsubnet(var.vpc_cidr, 8, 3) - )) + cidrsubnet(var.vpc_cidr, 8, 1), + cidrsubnet(var.vpc_cidr, 8, 2), + cidrsubnet(var.vpc_cidr, 8, 3) + )) ) vpc_private_subnets = split(",", @@ -33,10 +33,10 @@ locals { || !var.vpc_create ? join(",", var.vpc_private_subnets) : join(",", list( - cidrsubnet(var.vpc_cidr, 8, 101), - cidrsubnet(var.vpc_cidr, 8, 102), - cidrsubnet(var.vpc_cidr, 8, 103) - )) + cidrsubnet(var.vpc_cidr, 8, 101), + cidrsubnet(var.vpc_cidr, 8, 102), + cidrsubnet(var.vpc_cidr, 8, 103) + )) ) vpc_private_subnets_ids = split(",", From de4fd6bbb86ff172a2f8089b43df64d0d3301dca Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Fri, 19 Apr 2019 11:42:44 +0200 Subject: [PATCH 05/16] Fix `template_file` vars declarations --- main.tf | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/main.tf b/main.tf index 0b5762f..7fdb9db 100644 --- a/main.tf +++ b/main.tf @@ -93,7 +93,7 @@ data "template_file" "ecr-lifecycle" { template = file("${path.module}/policies/ecr-lifecycle-policy.json") - vars { + vars = { count = lookup(var.services[element(keys(var.services), count.index)], "registry_retention_count", var.ecr_default_retention_count) } } @@ -130,7 +130,7 @@ data "template_file" "tasks" { template = file("${path.cwd}/${lookup(var.services[element(keys(var.services), count.index)], "task_definition")}") - vars { + vars = { container_name = element(keys(var.services), count.index) container_port = lookup(var.services[element(keys(var.services), count.index)], "container_port") repository_url = element(aws_ecr_repository.this.*.repository_url, count.index) @@ -390,7 +390,7 @@ resource "aws_iam_role" "codebuild" { data "template_file" "codebuild" { template = file("${path.module}/policies/codebuild-role-policy.json") - vars { + vars = { aws_s3_bucket_arn = aws_s3_bucket.this.arn } } @@ -406,7 +406,7 @@ data "template_file" "buildspec" { template = file("${path.module}/build/buildspec.yml") - vars { + vars = { container_name = element(keys(var.services), count.index) } } @@ -451,7 +451,7 @@ data "template_file" "codepipeline" { template = file("${path.module}/policies/codepipeline-role-policy.json") - vars { + vars = { aws_s3_bucket_arn = aws_s3_bucket.this.arn ecr_repository_arn = element(aws_ecr_repository.this.*.arn, count.index) } @@ -541,7 +541,7 @@ data "template_file" "codepipeline_events" { template = file("${path.module}/cloudwatch/codepipeline-source-event.json") - vars { + vars = { codepipeline_names = jsonencode(aws_codepipeline.this.*.name) } } @@ -551,7 +551,7 @@ data "template_file" "codepipeline_events_sns" { template = file("${path.module}/policies/sns-cloudwatch-events-policy.json") - vars { + vars = { sns_arn = element(aws_sns_topic.codepipeline_events.*.arn, count.index) } } @@ -595,7 +595,7 @@ data "template_file" "metric_dashboard" { template = file("${path.module}/metrics/basic-dashboard.json") - vars { + vars = { region = var.region != "" ? var.region : data.aws_region.current.name alb_arn_suffix = element(aws_lb.this.*.arn_suffix, count.index) cluster_name = aws_ecs_cluster.this.name @@ -626,7 +626,7 @@ data "template_file" "events" { template = file("${path.module}/policies/events-role-policy.json") - vars { + vars = { codepipeline_arn = element(aws_codepipeline.this.*.arn, count.index) } } @@ -644,7 +644,7 @@ data "template_file" "ecr_event" { template = file("${path.module}/cloudwatch/ecr-source-event.json") - vars { + vars = { ecr_repository_name = element(aws_ecr_repository.this.*.name, count.index) } } From 70ea86afce759970b8585d0c169d3826115b3f4f Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 21:59:05 +0200 Subject: [PATCH 06/16] =?UTF-8?q?Update=20TF=20Docker=20image=20to=20offic?= =?UTF-8?q?ial=20v0.12=20=F0=9F=8E=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bin/terraform | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/terraform b/bin/terraform index a51041c..d744921 100755 --- a/bin/terraform +++ b/bin/terraform @@ -13,4 +13,4 @@ exec docker run \ --volume "$(cd .. && pwd)":/tmp/workspace/fargate-module \ --env AWS_PROFILE="${AWS_PROFILE}" \ --env AWS_DEFAULT_REGION="${AWS_DEFAULT_REGION}" \ - hashicorp/terraform:0.12.0-beta2 "${@}" + hashicorp/terraform:0.12.0 "${@}" From d834f0cf7b36e0c2c99159825fc38e6b4d2bb1e4 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 21:59:45 +0200 Subject: [PATCH 07/16] Update VPC module to v2.0.0 (TF 0.12 compatible) And fix some migration syntax --- main.tf | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/main.tf b/main.tf index 7fdb9db..9982607 100644 --- a/main.tf +++ b/main.tf @@ -58,7 +58,7 @@ data "aws_region" "current" {} module "vpc" { source = "terraform-aws-modules/vpc/aws" - version = "1.60.0" + version = "2.0.0" create_vpc = var.vpc_create @@ -272,7 +272,7 @@ resource "aws_lb" "this" { count = length(var.services) > 0 ? length(var.services) : 0 name = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-alb" - subnets = [slice(local.vpc_public_subnets_ids, 0, min(length(data.aws_availability_zones.this.names), length(local.vpc_public_subnets_ids)))] + subnets = slice(local.vpc_public_subnets_ids, 0, min(length(data.aws_availability_zones.this.names), length(local.vpc_public_subnets_ids))) security_groups = [aws_security_group.web.id] } @@ -309,8 +309,7 @@ resource "aws_ecs_service" "this" { network_configuration { security_groups = [element(aws_security_group.services.*.id, count.index)] - # https://github.com/hashicorp/terraform/issues/18259#issuecomment-438407005 - subnets = [split(",", var.vpc_create_nat ? join(",", local.vpc_private_subnets_ids) : join(",", local.vpc_public_subnets_ids))] + subnets = var.vpc_create_nat ? local.vpc_private_subnets_ids : local.vpc_public_subnets_ids assign_public_ip = ! var.vpc_create_nat } @@ -487,7 +486,7 @@ resource "aws_codepipeline" "this" { version = "1" output_artifacts = ["source"] - configuration { + configuration = { RepositoryName = element(aws_ecr_repository.this.*.name, count.index) ImageTag = "latest" } @@ -506,7 +505,7 @@ resource "aws_codepipeline" "this" { input_artifacts = ["source"] output_artifacts = ["imagedefinitions"] - configuration { + configuration = { ProjectName = "${var.name}-${terraform.workspace}-${element(keys(var.services), count.index)}-builds" } } @@ -523,7 +522,7 @@ resource "aws_codepipeline" "this" { input_artifacts = ["imagedefinitions"] version = "1" - configuration { + configuration = { ClusterName = aws_ecs_cluster.this.name ServiceName = element(keys(var.services), count.index) FileName = "imagedefinitions.json" From 64d9474ddf6b63ace81679af230c4e668e2e9eec Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 22:15:56 +0200 Subject: [PATCH 08/16] Enable TFLint again and set fixed Docker image version (0.8.0) --- .travis.yml | 2 +- bin/tflint | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 7f9b083..3cb2ed9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,7 +30,7 @@ script: - terraform init -input=false - terraform validate -check-variables=false . - if [[ -n "$(terraform fmt -write=false)" ]]; then echo "Some terraform files need be formatted, run 'terraform fmt' to fix"; exit 1; fi - # - tflint bug TODO: Enable again when 0.12 support gets ready -> https://github.com/wata727/tflint#current-project-status + - tflint - go test -v $(go list ./test/) notifications: diff --git a/bin/tflint b/bin/tflint index 6966a74..caa7bd9 100755 --- a/bin/tflint +++ b/bin/tflint @@ -4,4 +4,4 @@ exec docker run \ --name tflint \ --rm \ --volume "$(pwd)":/data \ - wata727/tflint "${@}" + wata727/tflint:0.8.0 "${@}" From 77083b08230bf6fdc60b6815417ab08a46ab2afc Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 22:38:43 +0200 Subject: [PATCH 09/16] Remove terraform validate cmd due bug with -check-variables flag --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 3cb2ed9..67e5659 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ before_install: ./ci/before_install.sh script: - terraform init -input=false - - terraform validate -check-variables=false . + # - terraform validate -check-variables=false . - if [[ -n "$(terraform fmt -write=false)" ]]; then echo "Some terraform files need be formatted, run 'terraform fmt' to fix"; exit 1; fi - tflint - go test -v $(go list ./test/) From 2ac08dcd2b5d93459ca0cfc677acf4282e5fb23b Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 22:43:11 +0200 Subject: [PATCH 10/16] Update TF version to v0.12 on tests files --- test/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/main.tf b/test/main.tf index d19ee46..3ad0796 100644 --- a/test/main.tf +++ b/test/main.tf @@ -1,9 +1,9 @@ terraform { - required_version = "~> 0.11.13" + required_version = "~> 0.12.0" } provider "aws" { - version = "~> 2.6" + version = "~> 2.12.0" profile = "test" } From d2624043bf5640b4b363cb2552fd9b1ecbd72e18 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Sat, 25 May 2019 23:10:46 +0200 Subject: [PATCH 11/16] Upgrade Terratest --- go.mod | 2 +- go.sum | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 83566ae..8f15462 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/boombuler/barcode v1.0.0 // indirect github.com/go-sql-driver/mysql v1.4.1 // indirect github.com/google/uuid v1.1.1 // indirect - github.com/gruntwork-io/terratest v0.14.2 + github.com/gruntwork-io/terratest v0.16.0 github.com/pquerna/otp v1.1.0 // indirect github.com/stretchr/testify v1.3.0 // indirect golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 // indirect diff --git a/go.sum b/go.sum index 32a4cdc..64b9559 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,7 @@ github.com/aws/aws-sdk-go v1.17.14 h1:IjqZDIQoLyZ48A93BxVrZOaIGgZPRi4nXt6WQUMJplY= github.com/aws/aws-sdk-go v1.17.14/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.19.38 h1:WKjobgPO4Ua1ww2NJJl2/zQNreUZxvqmEzwMlRjjm9g= +github.com/aws/aws-sdk-go v1.19.38/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/boombuler/barcode v1.0.0 h1:s1TvRnXwL2xJRaccrdcBQMZxq6X7DvsMogtmJeHDdrc= github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= @@ -10,6 +12,8 @@ github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gruntwork-io/terratest v0.14.2 h1:A9YUZZlXE/syTnIVeuqhqoyVO5CUJS5Kasvyr5IUsv8= github.com/gruntwork-io/terratest v0.14.2/go.mod h1:NjUn6YXA5Skxt8Rs20t3isYx5Rl+EgvGB8/+RRXddqk= +github.com/gruntwork-io/terratest v0.16.0 h1:8dDdkAzqwVDclmefcy//oBPWs5bVrWuKYCUwG0WFG4c= +github.com/gruntwork-io/terratest v0.16.0/go.mod h1:NjUn6YXA5Skxt8Rs20t3isYx5Rl+EgvGB8/+RRXddqk= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= From 8e333e741ca61cb750c2f50360f73366ce69d0e0 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Mon, 3 Jun 2019 10:48:26 +0200 Subject: [PATCH 12/16] fix: add workaround for buggy terraform validate cmd --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 67e5659..6af5393 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ before_install: ./ci/before_install.sh script: - terraform init -input=false - # - terraform validate -check-variables=false . + - AWS_DEFAULT_REGION=us-east-1 terraform validate # TODO: Remove AWS_DEFAULT_REGION variable once https://github.com/hashicorp/terraform/issues/21408#issuecomment-495746582 gets fixed! - if [[ -n "$(terraform fmt -write=false)" ]]; then echo "Some terraform files need be formatted, run 'terraform fmt' to fix"; exit 1; fi - tflint - go test -v $(go list ./test/) From f6641820a6218efc924c0bd580e50d3268ccf47f Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Mon, 3 Jun 2019 10:48:52 +0200 Subject: [PATCH 13/16] chore: add explicit min version for aws provider TF 0.12 compatible --- main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/main.tf b/main.tf index 9982607..7c9d943 100644 --- a/main.tf +++ b/main.tf @@ -2,6 +2,10 @@ terraform { required_version = ">= 0.12" + + required_providers { + aws = ">= 2.12.0" + } } provider "random" { From a65f1f0ecb7c8a6862b84a0a903f04653730ecde Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Tue, 13 Aug 2019 17:03:41 +0200 Subject: [PATCH 14/16] chore: add note about tf compatible version in readme --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 110fac6..b0b2e74 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,8 @@ The goal of this effort is to provide tools/configuration files/scripts/other to - CloudWatch Logs group - CloudWatch Metrics Dashboard +## Note: This module is compatible only with Terraform version >=12. Last TF 0.11.x compatible version is, well, module's version [0.11.3][0.11-compatible]. + ![Diagram][diagram] ## Roadmap @@ -66,3 +68,4 @@ See the [LICENSE][license] file for information. [https-usage]: examples/https_enabled [autoscaling-usage]: examples/autoscaling [external-vpc-usage]: examples/external_vpc +[0.11-compatible]: https://github.com/strvcom/terraform-aws-fargate/tree/0.11.3 From 80b23f303a82b539888f41b3069431c3fe88c309 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Wed, 14 Aug 2019 09:58:25 +0200 Subject: [PATCH 15/16] chore: rebasing #34 --- main.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/main.tf b/main.tf index 7c9d943..37329c7 100644 --- a/main.tf +++ b/main.tf @@ -19,11 +19,11 @@ provider "template" { # VPC CONFIGURATION locals { - vpc_id = !var.vpc_create ? var.vpc_external_id : module.vpc.vpc_id + vpc_id = ! var.vpc_create ? var.vpc_external_id : module.vpc.vpc_id vpc_public_subnets = split(",", length(var.vpc_public_subnets) > 0 - || !var.vpc_create + || ! var.vpc_create ? join(",", var.vpc_public_subnets) : join(",", list( cidrsubnet(var.vpc_cidr, 8, 1), @@ -34,7 +34,7 @@ locals { vpc_private_subnets = split(",", length(var.vpc_private_subnets) > 0 - || !var.vpc_create + || ! var.vpc_create ? join(",", var.vpc_private_subnets) : join(",", list( cidrsubnet(var.vpc_cidr, 8, 101), @@ -44,13 +44,13 @@ locals { ) vpc_private_subnets_ids = split(",", - !var.vpc_create + ! var.vpc_create ? join(",", var.vpc_external_private_subnets_ids) : join(",", module.vpc.private_subnets) ) vpc_public_subnets_ids = split(",", - !var.vpc_create + ! var.vpc_create ? join(",", var.vpc_external_public_subnets_ids) : join(",", module.vpc.public_subnets) ) From e12e8e08cf869aba71f696bd0b56bba92e41dab3 Mon Sep 17 00:00:00 2001 From: Juan Sanchez Date: Wed, 14 Aug 2019 10:16:36 +0200 Subject: [PATCH 16/16] chore: upgrade both tf and tflint dockerized binaries --- .tflint.hcl | 7 ------- bin/terraform | 2 +- bin/tflint | 2 +- 3 files changed, 2 insertions(+), 9 deletions(-) delete mode 100644 .tflint.hcl diff --git a/.tflint.hcl b/.tflint.hcl deleted file mode 100644 index 12a8fac..0000000 --- a/.tflint.hcl +++ /dev/null @@ -1,7 +0,0 @@ -config { - # We need to ignore the module checking because TFLint currently does not support TF v0.11 module resolver 😕 - # https://github.com/wata727/tflint/issues/167 - ignore_module = { - "terraform-aws-modules/vpc/aws" = true - } -} diff --git a/bin/terraform b/bin/terraform index d744921..2b055b7 100755 --- a/bin/terraform +++ b/bin/terraform @@ -13,4 +13,4 @@ exec docker run \ --volume "$(cd .. && pwd)":/tmp/workspace/fargate-module \ --env AWS_PROFILE="${AWS_PROFILE}" \ --env AWS_DEFAULT_REGION="${AWS_DEFAULT_REGION}" \ - hashicorp/terraform:0.12.0 "${@}" + hashicorp/terraform:0.12.6 "${@}" diff --git a/bin/tflint b/bin/tflint index caa7bd9..63ddcc3 100755 --- a/bin/tflint +++ b/bin/tflint @@ -4,4 +4,4 @@ exec docker run \ --name tflint \ --rm \ --volume "$(pwd)":/data \ - wata727/tflint:0.8.0 "${@}" + wata727/tflint:0.9.3 "${@}"