From b749ab98c3307a6eb56b55882ee04245128e13ab Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sun, 3 Nov 2024 09:07:23 -0500 Subject: [PATCH 1/7] Refactor tests and add shared helpers --- .../osinfra-io/terraform-core-helpers/v0.1.0 | 1 + .github/release.yml | 4 +- .gitignore | 3 -- .pre-commit-config.yaml | 4 +- README.md | 4 +- regional/README.md | 8 +-- regional/helpers.tf | 1 + regional/locals.tf | 30 ----------- regional/manifests/README.md | 2 +- regional/manifests/helpers.tf | 1 + regional/variables.tf | 2 +- shared/helpers.tf | 33 ++++++++++++ tests/fixtures/default/locals.tf | 12 ----- tests/fixtures/default/main.tf | 8 ++- tests/fixtures/default/outputs.tf | 10 ---- tests/fixtures/default/regional/locals.tf | 14 ------ tests/fixtures/default/regional/main.tf | 50 ++----------------- 17 files changed, 58 insertions(+), 129 deletions(-) create mode 160000 .external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 create mode 120000 regional/helpers.tf create mode 120000 regional/manifests/helpers.tf create mode 100644 shared/helpers.tf delete mode 100644 tests/fixtures/default/locals.tf delete mode 100644 tests/fixtures/default/outputs.tf delete mode 100644 tests/fixtures/default/regional/locals.tf diff --git a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 new file mode 160000 index 0000000..97964a3 --- /dev/null +++ b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 @@ -0,0 +1 @@ +Subproject commit 97964a358aa4328f590f7e5d3774ec0b6a0bc306 diff --git a/.github/release.yml b/.github/release.yml index c6d9cb1..421c43d 100644 --- a/.github/release.yml +++ b/.github/release.yml @@ -10,8 +10,8 @@ changelog: labels: - dependencies - - title: 🔩 Dependencies + - title: 🔩 Dependencies labels: - dependencies -# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly. \ No newline at end of file +# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly. diff --git a/.gitignore b/.gitignore index a543f04..4af90a9 100644 --- a/.gitignore +++ b/.gitignore @@ -18,9 +18,6 @@ crash.log # be included in version control. local.tfvars -# Provider.tf is used for local development of modules and shouldn't be added to repos. -provider.tf - # Ignore override files as they are usually used to override ressources locally override.tf override.tf.json diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 05e7141..90459ac 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,7 +11,7 @@ repos: - id: check-symlinks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.96.2 hooks: - id: terraform_fmt @@ -29,7 +29,7 @@ repos: - id: terraform_docs - repo: https://github.com/bridgecrewio/checkov.git - rev: 3.2.257 + rev: 3.2.277 hooks: - id: checkov verbose: true diff --git a/README.md b/README.md index 296af8e..caf8238 100644 --- a/README.md +++ b/README.md @@ -73,8 +73,8 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.4.0 | -| [google-beta](#provider\_google-beta) | 6.4.0 | +| [google](#provider\_google) | 6.9.0 | +| [google-beta](#provider\_google-beta) | 6.9.0 | ### Modules diff --git a/regional/README.md b/regional/README.md index 939f748..a5b9877 100644 --- a/regional/README.md +++ b/regional/README.md @@ -11,9 +11,9 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 5.40.0 | -| [helm](#provider\_helm) | 2.14.1 | -| [kubernetes](#provider\_kubernetes) | 2.31.0 | +| [google](#provider\_google) | 6.9.0 | +| [helm](#provider\_helm) | 2.16.1 | +| [kubernetes](#provider\_kubernetes) | 2.33.0 | ## Modules @@ -54,7 +54,7 @@ No modules. | [gateway\_mci\_global\_address](#input\_gateway\_mci\_global\_address) | The IP address for the Istio Gateway multi-cluster ingress | `string` | `""` | no | | [gateway\_memory\_limits](#input\_gateway\_memory\_limits) | The memory limit for the Istio gateway | `string` | `"64Mi"` | no | | [gateway\_memory\_requests](#input\_gateway\_memory\_requests) | The memory request for the Istio gateway | `string` | `"32Mi"` | no | -| [istio\_version](#input\_istio\_version) | The version to install, this is used for the chart as well as the image tag | `string` | `"1.23.2"` | no | +| [istio\_version](#input\_istio\_version) | The version to install, this is used for the chart as well as the image tag | `string` | `"1.23.3"` | no | | [labels](#input\_labels) | A map of key/value pairs to assign to the resources being created | `map(string)` | `{}` | no | | [multi\_cluster\_service\_clusters](#input\_multi\_cluster\_service\_clusters) | List of clusters to be included in the MultiClusterService | 
list(object({
    link = string
  }))
| `[]` | no | | [node\_location](#input\_node\_location) | The zone in which the cluster's nodes should be located. If not specified, the cluster's nodes are located across zones in the region | `string` | `null` | no | diff --git a/regional/helpers.tf b/regional/helpers.tf new file mode 120000 index 0000000..404585d --- /dev/null +++ b/regional/helpers.tf @@ -0,0 +1 @@ +../shared/helpers.tf \ No newline at end of file diff --git a/regional/locals.tf b/regional/locals.tf index 2688749..8e957e6 100644 --- a/regional/locals.tf +++ b/regional/locals.tf @@ -2,20 +2,6 @@ # https://www.terraform.io/docs/language/values/locals.html locals { - env = lookup(local.env_map, local.environment, "none") - - environment = ( - terraform.workspace == "default" ? - "mock-environment" : - regex(".*-(?P[^-]+)$", terraform.workspace)["environment"] - ) - - env_map = { - "non-production" = "nonprod" - "production" = "prod" - "sandbox" = "sb" - } - gateway_helm_values = { "autoscaling.minReplicas" = var.gateway_autoscale_min "labels.tags\\.datadoghq\\.com/env" = local.environment @@ -76,20 +62,4 @@ locals { gateway_domains = keys(var.gateway_dns) multi_cluster_name = local.zone != null ? "${var.cluster_prefix}-${local.region}-${local.zone}-${local.env}" : "${var.cluster_prefix}-${local.region}-${local.env}" - - region = ( - terraform.workspace == "default" ? - "mock-region" : - regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"] - ) - - zone = ( - terraform.workspace == "default" ? - "mock-zone" : - ( - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ? - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] : - null - ) - ) } diff --git a/regional/manifests/README.md b/regional/manifests/README.md index 28a9697..87ee196 100755 --- a/regional/manifests/README.md +++ b/regional/manifests/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [kubernetes](#provider\_kubernetes) | 2.32.0 | +| [kubernetes](#provider\_kubernetes) | 2.33.0 | ## Modules diff --git a/regional/manifests/helpers.tf b/regional/manifests/helpers.tf new file mode 120000 index 0000000..4be5464 --- /dev/null +++ b/regional/manifests/helpers.tf @@ -0,0 +1 @@ +../../shared/helpers.tf \ No newline at end of file diff --git a/regional/variables.tf b/regional/variables.tf index 001ea66..30388a9 100644 --- a/regional/variables.tf +++ b/regional/variables.tf @@ -72,7 +72,7 @@ variable "gateway_memory_requests" { variable "istio_version" { description = "The version to install, this is used for the chart as well as the image tag" type = string - default = "1.23.2" + default = "1.23.3" } variable "labels" { diff --git a/shared/helpers.tf b/shared/helpers.tf new file mode 100644 index 0000000..aa501c9 --- /dev/null +++ b/shared/helpers.tf @@ -0,0 +1,33 @@ +# Terraform Core Child Module Helpers + +locals { + env = lookup(local.env_map, local.environment, "none") + + environment = ( + terraform.workspace == "default" ? + "mock-environment" : + regex(".*-(?P[^-]+)$", terraform.workspace)["environment"] + ) + + env_map = { + "non-production" = "nonprod" + "production" = "prod" + "sandbox" = "sb" + } + + region = ( + terraform.workspace == "default" ? + "mock-region" : + regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"] + ) + + zone = ( + terraform.workspace == "default" ? + "mock-zone" : + ( + regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ? + regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] : + null + ) + ) +} diff --git a/tests/fixtures/default/locals.tf b/tests/fixtures/default/locals.tf deleted file mode 100644 index 39acd5e..0000000 --- a/tests/fixtures/default/locals.tf +++ /dev/null @@ -1,12 +0,0 @@ -# Local Values -# https://www.terraform.io/docs/language/values/locals.html - -locals { - labels = { - cost-center = "mock-x001" - env = "mock-environment" - repository = "mock-repository" - platform = "mock-platform" - team = "mock-team" - } -} diff --git a/tests/fixtures/default/main.tf b/tests/fixtures/default/main.tf index 2d75dd5..02c7e7f 100644 --- a/tests/fixtures/default/main.tf +++ b/tests/fixtures/default/main.tf @@ -16,6 +16,10 @@ module "test" { source = "../../../" gateway_dns = var.gateway_dns - labels = local.labels - project = var.project + + labels = { + "mock-key" = "mock-value" + } + + project = var.project } diff --git a/tests/fixtures/default/outputs.tf b/tests/fixtures/default/outputs.tf deleted file mode 100644 index 9717749..0000000 --- a/tests/fixtures/default/outputs.tf +++ /dev/null @@ -1,10 +0,0 @@ -# Output Values -# https://www.terraform.io/language/values/outputs - -output "gateway_mci_global_address" { - value = module.test.gateway_mci_global_address -} - -output "gateway_mci_ssl_certificate_name" { - value = module.test.gateway_mci_ssl_certificate_name -} diff --git a/tests/fixtures/default/regional/locals.tf b/tests/fixtures/default/regional/locals.tf deleted file mode 100644 index e72ad30..0000000 --- a/tests/fixtures/default/regional/locals.tf +++ /dev/null @@ -1,14 +0,0 @@ -# Local Values -# https://www.terraform.io/language/values/locals - -locals { - labels = { - cost-center = "mock-x001" - env = "mock-environment" - repository = "mock-repository" - platform = "mock-platform" - team = "mock-team" - } - - regional = data.terraform_remote_state.regional.outputs -} diff --git a/tests/fixtures/default/regional/main.tf b/tests/fixtures/default/regional/main.tf index e64a7e2..6494d83 100644 --- a/tests/fixtures/default/regional/main.tf +++ b/tests/fixtures/default/regional/main.tf @@ -15,51 +15,6 @@ terraform { } } -# Helm Provider -# https://registry.terraform.io/providers/hashicorp/helm/latest - -provider "helm" { - kubernetes { - - cluster_ca_certificate = base64decode( - local.regional.cluster_ca_certificate - ) - - host = local.regional.cluster_endpoint - token = data.google_client_config.current.access_token - } -} - -# Kubernetes Provider -# https://registry.terraform.io/providers/hashicorp/kubernetes/latest - -provider "kubernetes" { - cluster_ca_certificate = base64decode( - local.regional.cluster_ca_certificate - ) - - host = "https://${local.regional.cluster_endpoint}" - token = data.google_client_config.current.access_token -} - -# Google Client Config Data Source -# https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config - -data "google_client_config" "current" { -} - -# Remote State Data Source -# https://www.terraform.io/language/state/remote-state-data - -data "terraform_remote_state" "regional" { - backend = "gcs" - workspace = "mock-workspace" - - config = { - bucket = "mock-bucket" - } -} - module "test" { source = "../../../../regional" @@ -67,7 +22,10 @@ module "test" { cluster_prefix = "mock" enable_istio_gateway = true gateway_dns = var.gateway_dns - labels = local.labels + + labels = { + "mock-key" = "mock-value" + } multi_cluster_service_clusters = [ { From 420b9a2a4b886411ce27f2633718f1166cc2886e Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sun, 3 Nov 2024 09:12:40 -0500 Subject: [PATCH 2/7] Delete .external_modules/github.com/osinfra-io/terraform-core-helpers directory --- .../github.com/osinfra-io/terraform-core-helpers/v0.1.0 | 1 - 1 file changed, 1 deletion(-) delete mode 160000 .external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 diff --git a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 deleted file mode 160000 index 97964a3..0000000 --- a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 97964a358aa4328f590f7e5d3774ec0b6a0bc306 From 45a5cb05301382c45d839b7c4284a7883a2c5360 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sun, 3 Nov 2024 13:57:07 -0500 Subject: [PATCH 3/7] Enhance workspace parsing logic in helpers.tf to support structured names and improve environment, region, and zone extraction --- .../osinfra-io/terraform-core-helpers/v0.1.0 | 1 + shared/helpers.tf | 50 ++++++++++++------- 2 files changed, 33 insertions(+), 18 deletions(-) create mode 160000 .external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 diff --git a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 new file mode 160000 index 0000000..97964a3 --- /dev/null +++ b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 @@ -0,0 +1 @@ +Subproject commit 97964a358aa4328f590f7e5d3774ec0b6a0bc306 diff --git a/shared/helpers.tf b/shared/helpers.tf index aa501c9..ee2d669 100644 --- a/shared/helpers.tf +++ b/shared/helpers.tf @@ -1,13 +1,21 @@ # Terraform Core Child Module Helpers locals { - env = lookup(local.env_map, local.environment, "none") + # The regex is used to parse the workspace name into its components, the components are used to set the region, zone, and environment variables. + # This requires structured workspace names, the structured workspace names are defined by the regex. - environment = ( - terraform.workspace == "default" ? - "mock-environment" : - regex(".*-(?P[^-]+)$", terraform.workspace)["environment"] - ) + # Examples: + # main-sandbox -> region = null, zone = null, environment = sandbox + # us-east1-sandbox -> region = us-east1, zone = null, environment = sandbox + # us-east1-foo-sandbox -> region = us-east1, zone = null, environment = sandbox + # us-east1-a-sandbox -> region = us-east1, zone = a, environment = sandbox + # us-east1-a-foo-sandbox -> region = us-east1, zone = a, environment = sandbox + + environment_regex = "-(non-production|sandbox|production)$" + region_regex = "^(us-[a-z]+\\d+)" + zone_regex = "^us-[a-z]+\\d+-([abcd])" + + env = local.environment != null ? lookup(local.env_map, local.environment, "none") : null env_map = { "non-production" = "nonprod" @@ -15,19 +23,25 @@ locals { "sandbox" = "sb" } - region = ( - terraform.workspace == "default" ? - "mock-region" : - regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"] - ) + environment = local.parsed_workspace.environment - zone = ( + parsed_workspace = ( terraform.workspace == "default" ? - "mock-zone" : - ( - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ? - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] : - null - ) + { + + # We use mock providers when testing Terraform child modules, these values align with the test naming conventions. + + environment = "mock-environment" + region = "mock-region" + zone = "mock-zone" + } : + { + environment = try(regex(local.environment_regex, terraform.workspace)[0], null) + region = try(regex(local.region_regex, terraform.workspace)[0], null) + zone = try(regex(local.zone_regex, terraform.workspace)[0], null) + } ) + + region = local.parsed_workspace.region + zone = local.parsed_workspace.zone } From 9fcb2f14ea1243baa2b65b2429e5fa30c31ddbae Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sun, 3 Nov 2024 14:10:05 -0500 Subject: [PATCH 4/7] Delete .external_modules/github.com/osinfra-io/terraform-core-helpers directory --- .../github.com/osinfra-io/terraform-core-helpers/v0.1.0 | 1 - 1 file changed, 1 deletion(-) delete mode 160000 .external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 diff --git a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 deleted file mode 160000 index 97964a3..0000000 --- a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 97964a358aa4328f590f7e5d3774ec0b6a0bc306 From 1feab7a5a3a940fe2f3454ccc67e5527e320ac08 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Tue, 12 Nov 2024 18:15:08 -0500 Subject: [PATCH 5/7] Update dependencies and refactor configurations to utilize helper module --- .pre-commit-config.yaml | 4 ++- README.md | 4 +-- regional/README.md | 8 +++--- regional/helm/base.yml | 2 -- regional/locals.tf | 14 +++++------ regional/main.tf | 6 +---- regional/manifests/README.md | 4 ++- regional/variables.tf | 2 +- shared/helpers.tf | 49 +++--------------------------------- 9 files changed, 26 insertions(+), 67 deletions(-) delete mode 100644 regional/helm/base.yml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 90459ac..da925af 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,9 +29,11 @@ repos: - id: terraform_docs - repo: https://github.com/bridgecrewio/checkov.git - rev: 3.2.277 + rev: 3.2.291 hooks: - id: checkov verbose: true args: + - --skip-check + - "CKV_TF_1,CKV_TF_2" - --quiet diff --git a/README.md b/README.md index caf8238..48a36d1 100644 --- a/README.md +++ b/README.md @@ -73,8 +73,8 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.9.0 | -| [google-beta](#provider\_google-beta) | 6.9.0 | +| [google](#provider\_google) | 6.11.0 | +| [google-beta](#provider\_google-beta) | 6.11.0 | ### Modules diff --git a/regional/README.md b/regional/README.md index a5b9877..99a6534 100644 --- a/regional/README.md +++ b/regional/README.md @@ -11,13 +11,15 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.9.0 | +| [google](#provider\_google) | 6.11.0 | | [helm](#provider\_helm) | 2.16.1 | | [kubernetes](#provider\_kubernetes) | 2.33.0 | ## Modules -No modules. +| Name | Source | Version | +|------|--------|---------| +| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | multuse | ## Resources @@ -54,7 +56,7 @@ No modules. | [gateway\_mci\_global\_address](#input\_gateway\_mci\_global\_address) | The IP address for the Istio Gateway multi-cluster ingress | `string` | `""` | no | | [gateway\_memory\_limits](#input\_gateway\_memory\_limits) | The memory limit for the Istio gateway | `string` | `"64Mi"` | no | | [gateway\_memory\_requests](#input\_gateway\_memory\_requests) | The memory request for the Istio gateway | `string` | `"32Mi"` | no | -| [istio\_version](#input\_istio\_version) | The version to install, this is used for the chart as well as the image tag | `string` | `"1.23.3"` | no | +| [istio\_version](#input\_istio\_version) | The version to install, this is used for the chart as well as the image tag | `string` | `"1.24.0"` | no | | [labels](#input\_labels) | A map of key/value pairs to assign to the resources being created | `map(string)` | `{}` | no | | [multi\_cluster\_service\_clusters](#input\_multi\_cluster\_service\_clusters) | List of clusters to be included in the MultiClusterService | 
list(object({
    link = string
  }))
| `[]` | no | | [node\_location](#input\_node\_location) | The zone in which the cluster's nodes should be located. If not specified, the cluster's nodes are located across zones in the region | `string` | `null` | no | diff --git a/regional/helm/base.yml b/regional/helm/base.yml deleted file mode 100644 index 3fe1b08..0000000 --- a/regional/helm/base.yml +++ /dev/null @@ -1,2 +0,0 @@ -global: - platform: "gcp" diff --git a/regional/locals.tf b/regional/locals.tf index 8e957e6..208be33 100644 --- a/regional/locals.tf +++ b/regional/locals.tf @@ -4,7 +4,7 @@ locals { gateway_helm_values = { "autoscaling.minReplicas" = var.gateway_autoscale_min - "labels.tags\\.datadoghq\\.com/env" = local.environment + "labels.tags\\.datadoghq\\.com/env" = module.helpers.environment "labels.tags\\.datadoghq\\.com/version" = var.istio_version "podAnnotations.apm\\.datadoghq\\.com/env" = local.istio_gateway_datadog_apm_env "podAnnotations.proxy\\.istio\\.io/config" = < [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | multuse | ## Resources diff --git a/regional/variables.tf b/regional/variables.tf index 30388a9..476cb96 100644 --- a/regional/variables.tf +++ b/regional/variables.tf @@ -72,7 +72,7 @@ variable "gateway_memory_requests" { variable "istio_version" { description = "The version to install, this is used for the chart as well as the image tag" type = string - default = "1.23.3" + default = "1.24.0" } variable "labels" { diff --git a/shared/helpers.tf b/shared/helpers.tf index ee2d669..4270219 100644 --- a/shared/helpers.tf +++ b/shared/helpers.tf @@ -1,47 +1,6 @@ -# Terraform Core Child Module Helpers +# Terraform Core Child Module Helpers (osinfra.io) +# https://github.com/osinfra-io/terraform-core-helpers -locals { - # The regex is used to parse the workspace name into its components, the components are used to set the region, zone, and environment variables. - # This requires structured workspace names, the structured workspace names are defined by the regex. - - # Examples: - # main-sandbox -> region = null, zone = null, environment = sandbox - # us-east1-sandbox -> region = us-east1, zone = null, environment = sandbox - # us-east1-foo-sandbox -> region = us-east1, zone = null, environment = sandbox - # us-east1-a-sandbox -> region = us-east1, zone = a, environment = sandbox - # us-east1-a-foo-sandbox -> region = us-east1, zone = a, environment = sandbox - - environment_regex = "-(non-production|sandbox|production)$" - region_regex = "^(us-[a-z]+\\d+)" - zone_regex = "^us-[a-z]+\\d+-([abcd])" - - env = local.environment != null ? lookup(local.env_map, local.environment, "none") : null - - env_map = { - "non-production" = "nonprod" - "production" = "prod" - "sandbox" = "sb" - } - - environment = local.parsed_workspace.environment - - parsed_workspace = ( - terraform.workspace == "default" ? - { - - # We use mock providers when testing Terraform child modules, these values align with the test naming conventions. - - environment = "mock-environment" - region = "mock-region" - zone = "mock-zone" - } : - { - environment = try(regex(local.environment_regex, terraform.workspace)[0], null) - region = try(regex(local.region_regex, terraform.workspace)[0], null) - zone = try(regex(local.zone_regex, terraform.workspace)[0], null) - } - ) - - region = local.parsed_workspace.region - zone = local.parsed_workspace.zone +module "helpers" { + source = "github.com/osinfra-io/terraform-core-helpers//child?ref=multuse" } From 8a466709b2c4b736ad20306897106e2c99a49060 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Thu, 14 Nov 2024 17:38:06 -0500 Subject: [PATCH 6/7] Update pre-commit configuration and helpers module source reference --- .pre-commit-config.yaml | 4 ++-- README.md | 4 ++-- regional/README.md | 4 ++-- regional/manifests/README.md | 2 +- shared/helpers.tf | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index da925af..a422cc7 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,11 +29,11 @@ repos: - id: terraform_docs - repo: https://github.com/bridgecrewio/checkov.git - rev: 3.2.291 + rev: 3.2.296 hooks: - id: checkov verbose: true args: - --skip-check - - "CKV_TF_1,CKV_TF_2" + - "CKV_TF_1" - --quiet diff --git a/README.md b/README.md index 48a36d1..602c58d 100644 --- a/README.md +++ b/README.md @@ -73,8 +73,8 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.11.0 | -| [google-beta](#provider\_google-beta) | 6.11.0 | +| [google](#provider\_google) | 6.11.1 | +| [google-beta](#provider\_google-beta) | 6.11.1 | ### Modules diff --git a/regional/README.md b/regional/README.md index 99a6534..ab12855 100644 --- a/regional/README.md +++ b/regional/README.md @@ -11,7 +11,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.11.0 | +| [google](#provider\_google) | 6.11.1 | | [helm](#provider\_helm) | 2.16.1 | | [kubernetes](#provider\_kubernetes) | 2.33.0 | @@ -19,7 +19,7 @@ No requirements. | Name | Source | Version | |------|--------|---------| -| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | multuse | +| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | v0.1.2 | ## Resources diff --git a/regional/manifests/README.md b/regional/manifests/README.md index 3c6a124..2364ba9 100755 --- a/regional/manifests/README.md +++ b/regional/manifests/README.md @@ -15,7 +15,7 @@ No requirements. | Name | Source | Version | |------|--------|---------| -| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | multuse | +| [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//child | v0.1.2 | ## Resources diff --git a/shared/helpers.tf b/shared/helpers.tf index 4270219..c14ea27 100644 --- a/shared/helpers.tf +++ b/shared/helpers.tf @@ -2,5 +2,5 @@ # https://github.com/osinfra-io/terraform-core-helpers module "helpers" { - source = "github.com/osinfra-io/terraform-core-helpers//child?ref=multuse" + source = "github.com/osinfra-io/terraform-core-helpers//child?ref=v0.1.2" } From 10d5cc4047e7663e58414579ef69c43952414d37 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Thu, 14 Nov 2024 18:48:40 -0500 Subject: [PATCH 7/7] Add GRPC_ENFORCE_ALPN_ENABLED configuration to istiod.yml for future compatibility --- regional/helm/istiod.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/regional/helm/istiod.yml b/regional/helm/istiod.yml index fbbc0ba..b5d27ce 100644 --- a/regional/helm/istiod.yml +++ b/regional/helm/istiod.yml @@ -7,6 +7,7 @@ meshConfig: accessLogFile: /dev/stdout defaultConfig: proxyMetadata: + GRPC_ENFORCE_ALPN_ENABLED: "false" # This can be removed once https://github.com/cert-manager/istio-csr/pull/422 is released ISTIO_META_DNS_CAPTURE: "true" ISTIO_META_DNS_AUTO_ALLOCATE: "true"