From 5b950e5969454adb5b76ca8245d3bf3392868c3e Mon Sep 17 00:00:00 2001 From: Leonard Cohnen Date: Mon, 22 Jul 2024 02:15:11 +0200 Subject: [PATCH] terraform: introduce local revision variable and data resource --- terraform/infrastructure/aws/main.tf | 7 ++++ terraform/infrastructure/azure/main.tf | 42 ++++------------------ terraform/infrastructure/gcp/main.tf | 7 ++++ terraform/infrastructure/openstack/main.tf | 5 +++ terraform/infrastructure/qemu/main.tf | 7 ++++ 5 files changed, 33 insertions(+), 35 deletions(-) diff --git a/terraform/infrastructure/aws/main.tf b/terraform/infrastructure/aws/main.tf index b3bb9d2984..28bcd09a13 100644 --- a/terraform/infrastructure/aws/main.tf +++ b/terraform/infrastructure/aws/main.tf @@ -55,6 +55,13 @@ locals { in_cluster_endpoint = aws_lb.front_end.dns_name out_of_cluster_endpoint = var.internal_load_balancer && var.debug ? module.jump_host[0].ip : local.in_cluster_endpoint + revision = 1 +} + +# A way to force replacement of resources if the provider does not want to replace them +# see: https://developer.hashicorp.com/terraform/language/resources/terraform-data#example-usage-data-for-replace_triggered_by +resource "terraform_data" "replacement" { + input = local.revision } resource "random_id" "uid" { diff --git a/terraform/infrastructure/azure/main.tf b/terraform/infrastructure/azure/main.tf index b1e0601427..d49722b7da 100644 --- a/terraform/infrastructure/azure/main.tf +++ b/terraform/infrastructure/azure/main.tf @@ -48,6 +48,13 @@ locals { in_cluster_endpoint = var.internal_load_balancer ? azurerm_lb.loadbalancer.frontend_ip_configuration[0].private_ip_address : azurerm_public_ip.loadbalancer_ip[0].ip_address out_of_cluster_endpoint = var.debug && var.internal_load_balancer ? module.jump_host[0].ip : local.in_cluster_endpoint + revision = 1 +} + +# A way to force replacement of resources if the provider does not want to replace them +# see: https://developer.hashicorp.com/terraform/language/resources/terraform-data#example-usage-data-for-replace_triggered_by +resource "terraform_data" "replacement" { + input = local.revision } resource "random_id" "uid" { @@ -304,38 +311,3 @@ data "azurerm_user_assigned_identity" "uaid" { name = local.uai_name resource_group_name = local.uai_resource_group } - -moved { - to = azurerm_network_security_rule.nsg_rule["nodeports"] - from = azurerm_network_security_group.security_group.security_rule["nodeports"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["kubernetes"] - from = azurerm_network_security_group.security_group.security_rule["kubernetes"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["bootstrapper"] - from = azurerm_network_security_group.security_group.security_rule["bootstrapper"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["verify"] - from = azurerm_network_security_group.security_group.security_rule["verify"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["recovery"] - from = azurerm_network_security_group.security_group.security_rule["recovery"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["join"] - from = azurerm_network_security_group.security_group.security_rule["join"] -} - -moved { - to = azurerm_network_security_rule.nsg_rule["debugd"] - from = azurerm_network_security_group.security_group.security_rule["debugd"] -} diff --git a/terraform/infrastructure/gcp/main.tf b/terraform/infrastructure/gcp/main.tf index 83fb9c182b..7224216081 100644 --- a/terraform/infrastructure/gcp/main.tf +++ b/terraform/infrastructure/gcp/main.tf @@ -60,6 +60,13 @@ locals { ] in_cluster_endpoint = var.internal_load_balancer ? google_compute_address.loadbalancer_ip_internal[0].address : google_compute_global_address.loadbalancer_ip[0].address out_of_cluster_endpoint = var.debug && var.internal_load_balancer ? module.jump_host[0].ip : local.in_cluster_endpoint + revision = 1 +} + +# A way to force replacement of resources if the provider does not want to replace them +# see: https://developer.hashicorp.com/terraform/language/resources/terraform-data#example-usage-data-for-replace_triggered_by +resource "terraform_data" "replacement" { + input = local.revision } resource "random_id" "uid" { diff --git a/terraform/infrastructure/openstack/main.tf b/terraform/infrastructure/openstack/main.tf index 2baee62b5f..1b28614f30 100644 --- a/terraform/infrastructure/openstack/main.tf +++ b/terraform/infrastructure/openstack/main.tf @@ -59,6 +59,11 @@ locals { cloudsyaml_path = length(var.openstack_clouds_yaml_path) > 0 ? var.openstack_clouds_yaml_path : "~/.config/openstack/clouds.yaml" cloudsyaml = yamldecode(file(pathexpand(local.cloudsyaml_path))) cloudyaml = local.cloudsyaml.clouds[var.cloud] + revision = 1 +} + +resource "terraform_data" "replacement" { + input = local.revision } resource "random_id" "uid" { diff --git a/terraform/infrastructure/qemu/main.tf b/terraform/infrastructure/qemu/main.tf index 62ec2a013e..52b3138dcc 100644 --- a/terraform/infrastructure/qemu/main.tf +++ b/terraform/infrastructure/qemu/main.tf @@ -23,6 +23,13 @@ locals { cidr_vpc_subnet_nodes = "10.42.0.0/22" cidr_vpc_subnet_control_planes = "10.42.1.0/24" cidr_vpc_subnet_worker = "10.42.2.0/24" + revision = 1 +} + +# A way to force replacement of resources if the provider does not want to replace them +# see: https://developer.hashicorp.com/terraform/language/resources/terraform-data#example-usage-data-for-replace_triggered_by +resource "terraform_data" "replacement" { + input = local.revision } resource "random_password" "init_secret" {