From 708ee4c545ba214a66d5ed504a6ba4bd432e5c6c Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 24 Mar 2023 10:09:32 -0400 Subject: [PATCH] normalize code --- .tf-control | 20 ++++++++++++++++ .tf-control.tfrc | 24 +++++++++++++++++++ cname/.terraform.lock.hcl | 44 ++++++++++++++++++++++++++++++++++ cname/common.tf | 1 + cname/entry.tf | 1 + cname/entry_heritage.tf | 1 + cname/heritage_tags.tf | 1 + cname/main.tf | 50 +++------------------------------------ cname/x | 4 ++++ cname/zone_forward.tf | 1 + common/common.tf | 23 ++++++++++++++++++ common/entries.tf | 46 ----------------------------------- common/entry.tf | 7 ++++++ common/entry_heritage.tf | 9 +++++++ common/heritage_tags.tf | 9 +++++++ common/variables.tf | 5 ++++ common/versions.tf | 4 ++++ common/zone_forward.tf | 5 ++++ 18 files changed, 162 insertions(+), 93 deletions(-) create mode 100644 .tf-control create mode 100644 .tf-control.tfrc create mode 100644 cname/.terraform.lock.hcl create mode 120000 cname/common.tf create mode 120000 cname/entry.tf create mode 120000 cname/entry_heritage.tf create mode 120000 cname/heritage_tags.tf create mode 100644 cname/x create mode 120000 cname/zone_forward.tf create mode 100644 common/common.tf delete mode 100644 common/entries.tf create mode 100644 common/entry.tf create mode 100644 common/entry_heritage.tf create mode 100644 common/heritage_tags.tf create mode 100644 common/zone_forward.tf diff --git a/.tf-control b/.tf-control new file mode 100644 index 0000000..280f449 --- /dev/null +++ b/.tf-control @@ -0,0 +1,20 @@ +# .tf-control +# allows for setting a specific command to be used for tf-* commands under this git repo +# see tf-control.sh help for more info + +TFCONTROL_VERSION="1.0.5" + +TFCOMMAND="terraform_latest" +# TF_CLI_CONFIG_FILE=PATH-TO-FILE/.tf-control.tfrc +# TFARGS="" +# TFNOLOG="" +# TFNOCOLOR="" + +# use the following to force a specific version. An upgrade of an existing 0.12.31 to 1.x +# needs you to cycle through 0.13.17, 0.14.11, and then latest (0.15.5 not needed). Other +# steps in between. See https://github.e.it.census.gov/terraform/support/tree/master/docs/how-to/terraform-upgrade for details +# +#TFCOMMAND="terraform_0.12.31" +#TFCOMMAND="terraform_0.13.7" +#TFCOMMAND="terraform_0.14.11" +#TFCOMMAND="terraform_0.15.5" diff --git a/.tf-control.tfrc b/.tf-control.tfrc new file mode 100644 index 0000000..7425488 --- /dev/null +++ b/.tf-control.tfrc @@ -0,0 +1,24 @@ +TFCONTROL_VERSION="1.0.5" + +# https://www.terraform.io/docs/cli/config/config-file.html +plugin_cache_dir = "/data/terraform/terraform.d/plugin-cache" +#disable_checkpoint = true + +provider_installation { +# filesystem_mirror { +# path = "/apps/terraform/terraform.d/providers" +# include = [ "*/*/*" ] +# } + filesystem_mirror { + path = "/data/terraform/terraform.d/providers" + include = [ "*/*/*" ] + } +# filesystem_mirror { +# path = "/apps/terraform/terraform.d/providers" +# include = [ "external.terraform.census.gov/*/*" ] +# } + direct { + include = [ "*/*/*" ] + } +} + diff --git a/cname/.terraform.lock.hcl b/cname/.terraform.lock.hcl new file mode 100644 index 0000000..ab6081e --- /dev/null +++ b/cname/.terraform.lock.hcl @@ -0,0 +1,44 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "4.60.0" + constraints = ">= 4.0.0" + hashes = [ + "h1:b2U4EncUaHCsQuiePo/yHZiH5ib0rx+P/qG4LC8pGlA=", + "zh:1853d6bc89e289ac36c13485e8ff877c1be8485e22f545bb32c7a30f1d1856e8", + "zh:4321d145969e3b7ede62fe51bee248a15fe398643f21df9541eef85526bf3641", + "zh:4c01189cc6963abfe724e6b289a7c06d2de9c395011d8d54efa8fe1aac444e2e", + "zh:5934db7baa2eec0f9acb9c7f1c3dd3b3fe1e67e23dd4a49e9fe327832967b32b", + "zh:5fbedf5d55c6e04e34c32b744151e514a80308e7dec633a56b852829b41e4b5a", + "zh:651558e1446cc05061b75e6f5cc6e2959feb17615cd0ace6ec7a2bcc846321c0", + "zh:76875eb697916475e554af080f9d4d3cd1f7d5d58ecdd3317a844a30980f4eec", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:a52528e6d6c945a6ac45b89e9a70a5435148e4c151241e04c231dd2acc4a8c80", + "zh:af5f94c69025f1c2466a3cf970d1e9bed72938ec33b976c8c067468b6707bb57", + "zh:b6692fad956c9d4ef4266519d9ac2ee9f699f8f2c21627625c9ed63814d41590", + "zh:b74311af5fa5ac6e4eb159c12cfb380dfe2f5cd8685da2eac8073475f398ae60", + "zh:cc5aa6f738baa42edacba5ef1ca0969e5a959422e4491607255f3f6142ba90ed", + "zh:dd1a7ff1b22f0036a76bc905a8229ce7ed0a7eb5a783d3a2586fb1bd920515c3", + "zh:e5ab40c4ad0f1c7bd4d5d834d1aa144e690d1a93329d73b3d37512715a638de9", + ] +} + +provider "registry.terraform.io/hashicorp/time" { + version = "0.9.1" + hashes = [ + "h1:NUv/YtEytDQncBQ2mTxnUZEy/rmDlPYmE9h2iokR0vk=", + "zh:00a1476ecf18c735cc08e27bfa835c33f8ac8fa6fa746b01cd3bcbad8ca84f7f", + "zh:3007f8fc4a4f8614c43e8ef1d4b0c773a5de1dcac50e701d8abc9fdc8fcb6bf5", + "zh:5f79d0730fdec8cb148b277de3f00485eff3e9cf1ff47fb715b1c969e5bbd9d4", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:8c8094689a2bed4bb597d24a418bbbf846e15507f08be447d0a5acea67c2265a", + "zh:a6d9206e95d5681229429b406bc7a9ba4b2d9b67470bda7df88fa161508ace57", + "zh:aa299ec058f23ebe68976c7581017de50da6204883950de228ed9246f309e7f1", + "zh:b129f00f45fba1991db0aa954a6ba48d90f64a738629119bfb8e9a844b66e80b", + "zh:ef6cecf5f50cda971c1b215847938ced4cb4a30a18095509c068643b14030b00", + "zh:f1f46a4f6c65886d2dd27b66d92632232adc64f92145bf8403fe64d5ffa5caea", + "zh:f79d6155cda7d559c60d74883a24879a01c4d5f6fd7e8d1e3250f3cd215fb904", + "zh:fd59fa73074805c3575f08cd627eef7acda14ab6dac2c135a66e7a38d262201c", + ] +} diff --git a/cname/common.tf b/cname/common.tf new file mode 120000 index 0000000..6941673 --- /dev/null +++ b/cname/common.tf @@ -0,0 +1 @@ +../common/common.tf \ No newline at end of file diff --git a/cname/entry.tf b/cname/entry.tf new file mode 120000 index 0000000..f43d394 --- /dev/null +++ b/cname/entry.tf @@ -0,0 +1 @@ +../common/entry.tf \ No newline at end of file diff --git a/cname/entry_heritage.tf b/cname/entry_heritage.tf new file mode 120000 index 0000000..2725450 --- /dev/null +++ b/cname/entry_heritage.tf @@ -0,0 +1 @@ +../common/entry_heritage.tf \ No newline at end of file diff --git a/cname/heritage_tags.tf b/cname/heritage_tags.tf new file mode 120000 index 0000000..5a0ecdc --- /dev/null +++ b/cname/heritage_tags.tf @@ -0,0 +1 @@ +../common/heritage_tags.tf \ No newline at end of file diff --git a/cname/main.tf b/cname/main.tf index 29c414f..fc4bad5 100644 --- a/cname/main.tf +++ b/cname/main.tf @@ -1,32 +1,8 @@ -locals { - account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id - account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" - - base_tags = { - "boc:tf_module_version" = local._module_version - "boc:created_by" = "terraform" - } -} - -locals { - name_parts = split(".", var.name) - host_name = var.name_parts[0] - zone = trimprefix(var.name, format("%v.", local.host_name)) - private_zone = local.account_environment == "gov" ? true : var.private_zone - rr_type = uppercase(var.type) - default_enable_ptr = lookup(local._defaults.enable_ptr, var.type, false) - default_heritage_prefix = lookup(local._defaults.heritage_prefix, var.type, "") != "" ? format("%v.", lookup(local._defaults.heritage_prefix, var.type)) : "" - is_cname = var.type == "cname" - base_heritage_tags = [ - format("heritage=%v", local._defaults.heritage_label), - format("%v/account_id=%v", local._defaults.heritage_label, data.aws_caller_identity.current.account_id), - format("%v/region=%v", local._defaults.heritage_label, local.region), - format("%v/create_time=%d", local._defaults.heritage_label, time_static.timestamp.unix) - ] - heritage_tags = [for k, v in var.heritage_tags : format("%v/%v", local._defaults.heritage_label, k)] +local { +# force to cname for this module + record_type = "cname" } - # if the zone grab fails here, it either doesn't exist or it is not associated with this VPC data "aws_route53_zone" "zone" { name = local.zone @@ -34,23 +10,3 @@ data "aws_route53_zone" "zone" { } resource "time_static" "timestamp" {} - -resource "aws_route53_record" "entry" { - count = local.is_cname ? 1 : 0 - zone_id = data.aws_route53_zone.zone.zone_id - name = var.name - type = local.rr_type - ttl = var.ttl - records = var.values -} - - -resource "aws_route53_record" "entry_heritage" { - count = var.enable_heritage ? 1 : 0 - zone_id = data.aws_route53_zone.zone.zone_id - name = format("%v%v", aws_route53_record.entry.name) - - type = "TXT" - ttl = var.ttl - records = [join(",", concat(local.base_heritage_tags, local.heritage_tags))] -} diff --git a/cname/x b/cname/x new file mode 100644 index 0000000..8e62cc2 --- /dev/null +++ b/cname/x @@ -0,0 +1,4 @@ +../common/entry_heritage.tf +../common/entry.tf +../common/heritage_tags.tf +../common/zone_forward.tf diff --git a/cname/zone_forward.tf b/cname/zone_forward.tf new file mode 120000 index 0000000..92b9dd1 --- /dev/null +++ b/cname/zone_forward.tf @@ -0,0 +1 @@ +../common/zone_forward.tf \ No newline at end of file diff --git a/common/common.tf b/common/common.tf new file mode 100644 index 0000000..e61c5f4 --- /dev/null +++ b/common/common.tf @@ -0,0 +1,23 @@ +locals { + account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id + account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" + region = var.region + + base_tags = { + "boc:tf_module_version" = local._module_version + "boc:created_by" = "terraform" + } +} + +locals { + name_parts = split(".", var.name) + host_name = var.name_parts[0] + zone = trimprefix(var.name, format("%v.", local.host_name)) + private_zone = local.account_environment == "gov" ? true : var.private_zone + rr_type = uppercase(local.record_type) + default_enable_ptr = lookup(local._defaults.enable_ptr, local.record_type, false) + default_heritage_prefix = lookup(local._defaults.heritage_prefix, local.record_type, "") != "" ? format("%v.", lookup(local._defaults.heritage_prefix, local.record_type)) : "" + values = type(var.values) == "string" ? [var.values] : var.values +} + +resource "time_static" "timestamp" {} diff --git a/common/entries.tf b/common/entries.tf deleted file mode 100644 index 1335672..0000000 --- a/common/entries.tf +++ /dev/null @@ -1,46 +0,0 @@ -data "aws_route53_zone" "lakefront" { - name = var.vpc_domain_name - private_zone = true -} - -resource "aws_route53_record" "lakefront_cname" { - zone_id = data.aws_route53_zone.lakefront.zone_id - name = format("%v.%v", local.app_shortname, data.aws_route53_zone.lakefront.name) - type = "CNAME" - ttl = "900" - records = [format("%v.execute-api.%v.amazonaws.com", data.aws_api_gateway_rest_api.lakefront.id, local.region)] -} - -resource "time_static" "lakefront_txt" {} - -resource "aws_route53_record" "lakefront_txt" { - zone_id = data.aws_route53_zone.lakefront.zone_id - name = format("_txt.%v", aws_route53_record.lakefront_cname.name) - - type = "TXT" - ttl = "900" - records = [format("heritage=terraform,terraform/account_id=%v,terraform/region=%v,terraform/terraform/create_time=%d", - data.aws_caller_identity.current.account_id, local.region, time_static.lakefront_txt.unix)] -} - -variable "zone" { - description = "DNS Zone into which to create the record. By default, it will extract this from the name" - type = string - default = null -} - -variable "name" { - description = "FQDN DNS name to create. If the zone (everything after the first dot) does not exist or is not associated to the VPC, this creation will fail." - type = string -} - -variable "record_type" { - description = "Type of DNS record to create: cname, a, aaaa, ptr, txt, host (ptr and a and/or aaaa)" - type = string - default = "host" - - validation { - condition = contains(["cname", "a", "aaaa", "ptr", "txt", "host"], lowercase(var.record_type)) - error_message = "The record type must be one of: cname, a, aaaa, ptr, txt, or host" - } -} diff --git a/common/entry.tf b/common/entry.tf new file mode 100644 index 0000000..771302f --- /dev/null +++ b/common/entry.tf @@ -0,0 +1,7 @@ +resource "aws_route53_record" "entry" { + zone_id = data.aws_route53_zone.zone.zone_id + name = var.name + type = local.rr_type + ttl = var.ttl + records = var.values +} diff --git a/common/entry_heritage.tf b/common/entry_heritage.tf new file mode 100644 index 0000000..dc6ec88 --- /dev/null +++ b/common/entry_heritage.tf @@ -0,0 +1,9 @@ +resource "aws_route53_record" "entry_heritage" { + count = var.enable_heritage ? 1 : 0 + zone_id = data.aws_route53_zone.zone.zone_id + name = format("%v%v", aws_route53_record.entry[0].name) + + type = "TXT" + ttl = var.ttl + records = [join(",", concat(local.base_heritage_tags, local.heritage_tags))] +} diff --git a/common/heritage_tags.tf b/common/heritage_tags.tf new file mode 100644 index 0000000..148f56c --- /dev/null +++ b/common/heritage_tags.tf @@ -0,0 +1,9 @@ +locals { + base_heritage_tags = [ + format("heritage=%v", local._defaults.heritage_label), + format("%v/account_id=%v", local._defaults.heritage_label, data.aws_caller_identity.current.account_id), + format("%v/region=%v", local._defaults.heritage_label, local.region), + format("%v/create_time=%d", local._defaults.heritage_label, time_static.timestamp.unix) + ] + heritage_tags = [for k, v in var.heritage_tags : format("%v/%v", local._defaults.heritage_label, k)] +} diff --git a/common/variables.tf b/common/variables.tf index ba81cb9..7a012a6 100644 --- a/common/variables.tf +++ b/common/variables.tf @@ -54,3 +54,8 @@ variable "ttl" { type = number default = 900 } + +variable "values" { + description = "DNS value to set for the name. May be a string or list of strings (like multiple IP addresses)" + type = any +} diff --git a/common/versions.tf b/common/versions.tf index fc5afe7..744c395 100644 --- a/common/versions.tf +++ b/common/versions.tf @@ -5,5 +5,9 @@ terraform { source = "hashicorp/aws" version = ">= 4" } + time = { + source = "hashicorp/time" + version = ">= 0.9.1" + } } } diff --git a/common/zone_forward.tf b/common/zone_forward.tf new file mode 100644 index 0000000..15c1533 --- /dev/null +++ b/common/zone_forward.tf @@ -0,0 +1,5 @@ +# if the zone grab fails here, it either doesn't exist or it is not associated with this VPC +data "aws_route53_zone" "zone" { + name = local.zone + private_zone = local.private_zone +}