add var.registry (#320)

* add var.registry

main.tf

@@ -201,8 +201,10 @@ module "tfe_init_fdo" {
   proxy_port     = var.proxy_ip != null ? var.proxy_port : null
   extra_no_proxy = var.proxy_ip != null ? local.no_proxy : null
 
-  registry_username   = var.registry_username
-  registry_password   = var.registry_password
+  registry          = var.registry
+  registry_password = var.registry == "images.releases.hashicorp.com" ? var.hc_license : var.registry_password
+  registry_username = var.registry_username
+
   docker_compose_yaml = module.docker_compose_config[0].docker_compose_yaml
 }
 

tests/active-active-rhel7-proxy/locals.tf

@@ -4,20 +4,20 @@
 locals {
 
   common_tags = {
-    Terraform   = "cloud"
     Environment = local.utility_module_test ? "tfe_modules_test" : "tfe_team_dev"
     Description = "Active/Active on RHEL with Proxy scenario deployed from CircleCI"
     Repository  = "hashicorp/terraform-aws-terraform-enterprise"
     Team        = "Terraform Enterprise on Prem"
     OkToDelete  = "True"
   }
 
+  http_proxy_port       = "3128"
   friendly_name_prefix  = random_string.friendly_name.id
+  iam_principal         = data.aws_iam_user.ci_s3.arn
+  load_balancing_scheme = "PUBLIC"
+  registry              = "quay.io"
   ssh_user              = "ec2-user"
   ssm_policy_arn        = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
   test_name             = "${local.friendly_name_prefix}-test-active-active-rhel-proxy"
-  iam_principal         = data.aws_iam_user.ci_s3.arn
-  load_balancing_scheme = "PUBLIC"
-  http_proxy_port       = "3128"
   utility_module_test   = (var.license_file == null && var.is_replicated_deployment)
 }

tests/active-active-rhel7-proxy/main.tf

@@ -110,9 +110,10 @@ module "tfe" {
   is_replicated_deployment  = var.is_replicated_deployment
   hc_license                = var.hc_license
   license_reporting_opt_out = true
+  registry                  = local.registry
   registry_password         = var.registry_password
   registry_username         = var.registry_username
-  tfe_image                 = "quay.io/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
+  tfe_image                 = "${local.registry}/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
 }
 
 resource "null_resource" "wait_for_instances" {

tests/active-active-rhel7-proxy/variables.tf

@@ -71,16 +71,16 @@ variable "object_storage_iam_user_name" {
   description = "The name of the IAM user which will be authorized to access the S3 storage bucket."
 }
 
-variable "registry_username" {
+variable "registry_password" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
-variable "registry_password" {
+variable "registry_username" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "tfe_image_tag" {

tests/private-active-active/locals.tf

@@ -3,18 +3,18 @@
 
 locals {
   common_tags = {
-    Terraform   = "cloud"
     Environment = "tfe_modules_test"
     Description = "Private Active/Active"
     Repository  = "hashicorp/terraform-aws-terraform-enterprise"
     Team        = "Terraform Enterprise on Prem"
     OkToDelete  = "True"
   }
 
+  http_proxy_port       = 3128
   friendly_name_prefix  = random_string.friendly_name.id
+  load_balancing_scheme = "PRIVATE"
+  registry              = "quay.io"
   ssm_policy_arn        = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
   test_name             = "${local.friendly_name_prefix}-test-private-active-active"
-  load_balancing_scheme = "PRIVATE"
-  http_proxy_port       = 3128
   utility_module_test   = var.license_file == null
 }

tests/private-active-active/main.tf

@@ -76,7 +76,8 @@ module "private_active_active" {
   is_replicated_deployment  = var.is_replicated_deployment
   hc_license                = var.hc_license
   license_reporting_opt_out = true
+  registry                  = local.registry
   registry_password         = var.registry_password
   registry_username         = var.registry_username
-  tfe_image                 = "quay.io/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
+  tfe_image                 = "${local.registry}/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
 }

tests/private-active-active/variables.tf

@@ -45,16 +45,16 @@ variable "license_file" {
   description = "The local path to the Terraform Enterprise license to be provided by CI."
 }
 
-variable "registry_username" {
+variable "registry_password" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
-variable "registry_password" {
+variable "registry_username" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "tfe_image_tag" {

tests/private-tcp-active-active/locals.tf

@@ -4,18 +4,18 @@
 locals {
 
   common_tags = {
-    Terraform   = "cloud"
     Environment = "tfe_modules_test"
     Description = "Private TCP Active/Active"
     Repository  = "hashicorp/terraform-aws-terraform-enterprise"
     Team        = "Terraform Enterprise on Prem"
     OkToDelete  = "True"
   }
 
+  http_proxy_port       = 3128
   friendly_name_prefix  = random_string.friendly_name.id
+  registry              = "quay.io"
+  load_balancing_scheme = "PRIVATE_TCP"
   ssm_policy_arn        = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
   test_name             = "${local.friendly_name_prefix}-test-private-tcp-active-active"
-  load_balancing_scheme = "PRIVATE_TCP"
-  http_proxy_port       = 3128
   utility_module_test   = var.license_file == null
 }

tests/private-tcp-active-active/main.tf

@@ -79,7 +79,8 @@ module "private_tcp_active_active" {
   is_replicated_deployment  = var.is_replicated_deployment
   hc_license                = var.hc_license
   license_reporting_opt_out = true
+  registry                  = local.registry
   registry_password         = var.registry_password
   registry_username         = var.registry_username
-  tfe_image                 = "quay.io/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
+  tfe_image                 = "${local.registry}/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
 }

tests/private-tcp-active-active/variables.tf

@@ -65,16 +65,16 @@ variable "private_key_pem_secret_id" {
   description = "The secrets manager secret ID of the Base64 & PEM encoded TLS private key."
 }
 
-variable "registry_username" {
+variable "registry_password" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
-variable "registry_password" {
+variable "registry_username" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "tfe_image_tag" {

tests/public-active-active/locals.tf

@@ -3,7 +3,6 @@
 
 locals {
   common_tags = {
-    Terraform   = "cloud"
     Environment = "tfe_modules_test"
     Description = "Public Active/Active"
     Repository  = "hashicorp/terraform-aws-terraform-enterprise"
@@ -12,7 +11,8 @@ locals {
   }
 
   friendly_name_prefix  = random_string.friendly_name.id
-  test_name             = "${local.friendly_name_prefix}-test-public-active-active"
   load_balancing_scheme = "PUBLIC"
+  registry              = "quay.io"
+  test_name             = "${local.friendly_name_prefix}-test-public-active-active"
   utility_module_test   = var.license_file == null
 }

tests/public-active-active/main.tf

@@ -66,7 +66,8 @@ module "public_active_active" {
   is_replicated_deployment  = var.is_replicated_deployment
   hc_license                = var.hc_license
   license_reporting_opt_out = true
+  registry                  = local.registry
   registry_password         = var.registry_password
   registry_username         = var.registry_username
-  tfe_image                 = "quay.io/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
+  tfe_image                 = "${local.registry}/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
 }

tests/public-active-active/variables.tf

@@ -45,16 +45,16 @@ variable "license_file" {
   description = "The local path to the Terraform Enterprise license to be provided by CI."
 }
 
-variable "registry_username" {
+variable "registry_password" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
-variable "registry_password" {
+variable "registry_username" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "tfe_image_tag" {

tests/standalone-vault/locals.tf

@@ -3,7 +3,6 @@
 
 locals {
   common_tags = {
-    Terraform   = "False"
     Environment = var.license_file == null ? "tfe_utilities_test" : "ptfe-replicated CI"
     Description = "Standalone Vault"
     Repository  = "hashicorp/terraform-aws-terraform-enterprise"
@@ -12,7 +11,8 @@ locals {
   }
 
   friendly_name_prefix  = random_string.friendly_name.id
-  test_name             = "${local.friendly_name_prefix}-test-standalone-vault"
   load_balancing_scheme = "PUBLIC"
+  registry              = "quay.io"
+  test_name             = "${local.friendly_name_prefix}-test-standalone-vault"
   utility_module_test   = var.license_file == null
 }

tests/standalone-vault/main.tf

@@ -82,7 +82,8 @@ module "standalone_vault" {
   is_replicated_deployment  = var.is_replicated_deployment
   hc_license                = var.hc_license
   license_reporting_opt_out = true
+  registry                  = local.registry
   registry_password         = var.registry_password
   registry_username         = var.registry_username
-  tfe_image                 = "quay.io/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
+  tfe_image                 = "${local.registry}/hashicorp/terraform-enterprise:${var.tfe_image_tag}"
 }

tests/standalone-vault/variables.tf

@@ -46,16 +46,16 @@ variable "license_file" {
   description = "The local path to the Terraform Enterprise license to be provided by CI."
 }
 
-variable "registry_username" {
+variable "registry_password" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
-variable "registry_password" {
+variable "registry_username" {
   default     = null
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "tfe_image_tag" {

variables.tf

@@ -431,10 +431,10 @@ variable "pg_extra_params" {
   description = "Parameter keywords of the form param1=value1&param2=value2 to support additional options that may be necessary for your specific PostgreSQL server. Allowed values are documented on the PostgreSQL site. An additional restriction on the sslmode parameter is that only the require, verify-full, verify-ca, and disable values are allowed."
 }
 
-variable "registry_username" {
-  default     = null
+variable "registry" {
+  default     = "images.releases.hashicorp.com"
   type        = string
-  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+  description = "(Not needed if is_replicated_deployment is true) The docker registry from which to source the terraform_enterprise container images."
 }
 
 variable "registry_password" {
@@ -443,6 +443,12 @@ variable "registry_password" {
   description = "(Not needed if is_replicated_deployment is true) The password for the docker registry from which to source the terraform_enterprise container images."
 }
 
+variable "registry_username" {
+  default     = null
+  type        = string
+  description = "(Not needed if is_replicated_deployment is true) The username for the docker registry from which to source the terraform_enterprise container images."
+}
+
 variable "release_sequence" {
   default     = null
   type        = number
@@ -461,6 +467,18 @@ variable "ssl_policy" {
   description = "SSL policy to use on ALB listener"
 }
 
+variable "tfe_image" {
+  default     = "images.releases.hashicorp.com/hashicorp/terraform-enterprise:v202311-1"
+  type        = string
+  description = "(Not needed if is_replicated_deployment is true) The registry path, image name, and image version."
+}
+
+variable "tfe_subdomain" {
+  type        = string
+  default     = "tfe"
+  description = "Subdomain for accessing the Terraform Enterprise UI."
+}
+
 variable "tls_ciphers" {
   default     = null
   type        = string
@@ -482,18 +500,6 @@ variable "tls_version" {
   }
 }
 
-variable "tfe_image" {
-  default     = "quay.io/hashicorp/terraform-enterprise:latest"
-  type        = string
-  description = "(Not needed if is_replicated_deployment is true) The registry path, image name, and image version (e.g. \"quay.io/hashicorp/terraform-enterprise:1234567\")"
-}
-
-variable "tfe_subdomain" {
-  type        = string
-  default     = "tfe"
-  description = "Subdomain for accessing the Terraform Enterprise UI."
-}
-
 # KMS & Secrets Manager
 # ---------------------
 variable "ca_certificate_secret_id" {