From af160514ccdd9bc6df8622e9880ca67ad945d9d1 Mon Sep 17 00:00:00 2001 From: Gary Crye Date: Mon, 24 Oct 2022 20:21:43 -0600 Subject: [PATCH] Require TF >=1.3, make variables optional if we already accepted `null` --- .github/workflows/ci.yml | 4 +- README.md | 110 ++++++++++++++++++------------------ examples/ci/ci.tf | 2 +- examples/logging/logging.tf | 23 ++++---- examples/simple/simple.tf | 25 ++++---- main.tf | 2 +- variables.tf | 35 ++++++------ 7 files changed, 104 insertions(+), 97 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6e5d673..f787ac5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,7 @@ jobs: - name: Terraform Setup uses: hashicorp/setup-terraform@v1 with: - terraform_version: '1.1.x' + terraform_version: '1.3.x' - name: Terraform Format working-directory: "./" @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - terraform: [ '0.12.x', '0.13.x', '0.14.x', '0.15.x', '1.0.x', '1.1.x' ] + terraform: [ '1.3.x' ] fail-fast: false steps: - uses: actions/checkout@v3 diff --git a/README.md b/README.md index 31fa000..273f59f 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ customized solution you may need to use this code more as a pattern or guideline ```hcl module "my_app" { - source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v4.0.1" + source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v5.0.0" app_name = "example-api" container_port = 8000 primary_container_definition = { @@ -77,54 +77,54 @@ module "my_app" { ## Inputs -| Name | Type | Description | Default | -|-----------------------------------|---------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------| -| app_name | string | Application name to name your Fargate API and other resources (Must be <= 24 alphanumeric characters) | | -| ecs_cluster_name | string | Existing ECS Cluster name to host the fargate server. Defaults to creating its own cluster. | | -| primary_container_definition | [object](#container_definition) | The primary container definition for your application. This one will be the only container that receives traffic from the ALB, so make sure the `ports` field contains the same port as the `image_port` | | -| extra_container_definitions | list([object](#container_definition)) | A list of extra container definitions (side car containers) | [] | -| container_port | number | The port the primary docker container is listening on | | -| health_check_path | string | Health check path for the image | "/" | -| health_check_matcher | string | Expected status code for health check. [See docs for syntax](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html) | 200 | -| health_check_interval | number | Amount of time, in seconds, between health checks of an individual target | 30 | -| health_check_timeout | number | Amount of time, in seconds, during which no response means a failed health check | 5 | -| health_check_healthy_threshold | number | Number of consecutive health checks required before considering target as healthy | 3 | -| health_check_unhealthy_threshold | number | Number of consecutive failed health checks required before considering target as unhealthy | 3 | -| health_check_grace_period | number | Health check grace period in seconds | 0 | -| task_policies | list(string) | List of IAM Policy ARNs to attach to the task execution IAM Policy | [] | -| task_cpu | number | CPU for the task definition | 256 | -| task_memory | number | Memory for the task definition | 512 | -| security_groups | list(string) | List of extra security group IDs to attach to the fargate task | [] | -| vpc_id | string | VPC ID to deploy the ECS fargate service and ALB | | -| public_subnet_ids | list(string) | List of subnet IDs for the ALB | | -| alb_internal_flag | bool | Marks an ALB as Internal (Inaccessible to public internet) | false | -| alb_sg_ingress_cidrs | list(string) | List of cidrs to allow alb ingress for | ["0.0.0.0/0"] | -| alb_sg_ingress_sg_ids | llist(string) | List of security groups to allow ingress | [] | -| private_subnet_ids | list(string) | List of subnet IDs for the fargate service | | -| codedeploy_service_role_arn | string | ARN of the IAM Role for the CodeDeploy to use to initiate new deployments. (usually the PowerBuilder Role) | | -| codedeploy_termination_wait_time | number | the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment | 15 | -| codedeploy_test_listener_port | number | The port for a codedeploy test listener. If provided CodeDeploy will use this port for test traffic on the new replacement set during the blue-green deployment process before shifting production traffic to the replacement set | null | -| codedeploy_lifecycle_hooks | [object](#codedeploy_lifecycle_hooks) | Define Lambda Functions for each CodeDeploy [lifecycle event hooks](https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html). Use the Lambda function names as the values. Use null if you don't want to invoke a lambda function at that specific hook. Or set this variable to null to not have any lifecycle hooks invoked | `null` | -| appspec_filename | string | Filename (including path) to use when outputing appspec json. | `appspec.json` in the current working directory (i.e. where you ran `terraform apply`) | -| role_permissions_boundary_arn | string | ARN of the IAM Role permissions boundary to place on each IAM role created | | -| target_group_deregistration_delay | number | Deregistration delay in seconds for ALB target groups | 60 | -| target_group_sticky_sessions | boolean | Enables sticky sessions on the ALB target groups | false | -| site_url | string | The URL for the site. | Concatenates app_name with hosted_zone_name. | -| overwrite_records | bool | Allow creation of Route53 records in Terraform to overwrite an existing record, if any. | false | -| hosted_zone | [object](#hosted_zone) | Hosted Zone object to redirect to ALB. (Can pass in the aws_hosted_zone object). A and AAAA records created in this hosted zone | | -| https_certificate_arn | string | ARN of the HTTPS certificate of the hosted zone/domain | | -| autoscaling_config | [object](#autoscaling_config) | Configuration for default autoscaling policies and alarms. Additional advanced scaling options, which are optional, can be made with the "scaling_up_policy_config", "scaling_up_metric_alarm_config", "scaling_down_policy_config", and "scaling_down_metric_alarm_config" variables. Set to `null` if you want to set up your own autoscaling policies and alarms. | | -| scaling_up_policy_config | [object](#scaling_up_policy_config) | Optional advanced configuration for the scaling up policy if 'autoscaling_config' is in use. | See object definition [object](#scaling_up_policy_config) | -| scaling_up_metric_alarm_config | [object](#scaling_up_metric_alarm_config) | Optional advanced configuration for the scaling up metric alarm if 'autoscaling_config' is in use. | See object definition [object](#scaling_up_metric_alarm_config) | -| scaling_down_policy_config | [object](#scaling_down_policy_config) | Optional advanced configuration for the scaling down policy if 'autoscaling_config' is in use. | See object definition [object](#scaling_down_policy_config) | -| scaling_down_metric_alarm_config | [object](#scaling_down_metric_alarm_config) | Optional advanced configuration for scaling the down metric alarm if 'autoscaling_config' is in use." | See object definition [object](#scaling_down_metric_alarm_config) | -| log_group_name | string | CloudWatch log group name. | | -| log_retention_in_days | number | CloudWatch log group retention in days | 120 | -| tags | map(string) | A map of AWS Tags to attach to each resource created | {} | -| lb_logging_enabled | bool | Option to enable logging of load balancer requests. | false | -| lb_logging_bucket_name | string | Required if `lb_logging_enabled` is true. A bucket to store the logs in with an a [load balancer access policy](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) attached. | | -| fargate_platform_version | string | Version of the Fargate platform to run. | 1.4.0 | -| xray_enabled | bool | Whether or not the X-Ray daemon should be created with the Fargate API. | false | +| Name | Type | Description | Default | +|-----------------------------------|---------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------| +| app_name | string | Application name to name your Fargate API and other resources (Must be <= 24 alphanumeric characters) | | +| ecs_cluster_name | string | Existing ECS Cluster name to host the fargate server. Defaults to creating its own cluster. | | +| primary_container_definition | [object](#container_definition) | The primary container definition for your application. This one will be the only container that receives traffic from the ALB, so make sure the `ports` field contains the same port as the `image_port` | | +| extra_container_definitions | list([object](#container_definition)) | A list of extra container definitions (side car containers) | [] | +| container_port | number | The port the primary docker container is listening on | | +| health_check_path | string | Health check path for the image | "/" | +| health_check_matcher | string | Expected status code for health check. [See docs for syntax](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html) | 200 | +| health_check_interval | number | Amount of time, in seconds, between health checks of an individual target | 30 | +| health_check_timeout | number | Amount of time, in seconds, during which no response means a failed health check | 5 | +| health_check_healthy_threshold | number | Number of consecutive health checks required before considering target as healthy | 3 | +| health_check_unhealthy_threshold | number | Number of consecutive failed health checks required before considering target as unhealthy | 3 | +| health_check_grace_period | number | Health check grace period in seconds | 0 | +| task_policies | list(string) | List of IAM Policy ARNs to attach to the task execution IAM Policy | [] | +| task_cpu | number | CPU for the task definition | 256 | +| task_memory | number | Memory for the task definition | 512 | +| security_groups | list(string) | List of extra security group IDs to attach to the fargate task | [] | +| vpc_id | string | VPC ID to deploy the ECS fargate service and ALB | | +| public_subnet_ids | list(string) | List of subnet IDs for the ALB | | +| alb_internal_flag | bool | Marks an ALB as Internal (Inaccessible to public internet) | false | +| alb_sg_ingress_cidrs | list(string) | List of cidrs to allow alb ingress for | ["0.0.0.0/0"] | +| alb_sg_ingress_sg_ids | list(string) | List of security groups to allow ingress | [] | +| private_subnet_ids | list(string) | List of subnet IDs for the fargate service | | +| codedeploy_service_role_arn | string | ARN of the IAM Role for the CodeDeploy to use to initiate new deployments. (usually the PowerBuilder Role) | | +| codedeploy_termination_wait_time | number | the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment | 15 | +| codedeploy_test_listener_port | number | The port for a codedeploy test listener. If provided CodeDeploy will use this port for test traffic on the new replacement set during the blue-green deployment process before shifting production traffic to the replacement set | `null` | +| codedeploy_lifecycle_hooks | [object](#codedeploy_lifecycle_hooks) | Define Lambda Functions for each CodeDeploy [lifecycle event hooks](https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html). Use the Lambda function names as the values. Omit or set specific hooks to `null` if you don't want to invoke a lambda function at that hook. Omit or set this variable to `null` to not have any lifecycle hooks invoked. | `null` | +| appspec_filename | string | Filename (including path) to use when outputing appspec json. | `appspec.json` in the current working directory (i.e. where you ran `terraform apply`) | +| role_permissions_boundary_arn | string | ARN of the IAM Role permissions boundary to place on each IAM role created | | +| target_group_deregistration_delay | number | Deregistration delay in seconds for ALB target groups | 60 | +| target_group_sticky_sessions | boolean | Enables sticky sessions on the ALB target groups | false | +| site_url | string | The URL for the site. | Concatenates app_name with hosted_zone_name. | +| overwrite_records | bool | Allow creation of Route53 records in Terraform to overwrite an existing record, if any. | false | +| hosted_zone | [object](#hosted_zone) | Hosted Zone object to redirect to ALB. (Can pass in the aws_hosted_zone object). A and AAAA records created in this hosted zone | | +| https_certificate_arn | string | ARN of the HTTPS certificate of the hosted zone/domain | | +| autoscaling_config | [object](#autoscaling_config) | Configuration for default autoscaling policies and alarms. Additional advanced scaling options, which are optional, can be made with the "scaling_up_policy_config", "scaling_up_metric_alarm_config", "scaling_down_policy_config", and "scaling_down_metric_alarm_config" variables. Omit or set to `null` if you want to set up your own autoscaling policies and alarms. | `null` | +| scaling_up_policy_config | [object](#scaling_up_policy_config) | Optional advanced configuration for the scaling up policy if 'autoscaling_config' is in use. | See object definition [object](#scaling_up_policy_config) | +| scaling_up_metric_alarm_config | [object](#scaling_up_metric_alarm_config) | Optional advanced configuration for the scaling up metric alarm if 'autoscaling_config' is in use. | See object definition [object](#scaling_up_metric_alarm_config) | +| scaling_down_policy_config | [object](#scaling_down_policy_config) | Optional advanced configuration for the scaling down policy if 'autoscaling_config' is in use. | See object definition [object](#scaling_down_policy_config) | +| scaling_down_metric_alarm_config | [object](#scaling_down_metric_alarm_config) | Optional advanced configuration for scaling the down metric alarm if 'autoscaling_config' is in use." | See object definition [object](#scaling_down_metric_alarm_config) | +| log_group_name | string | CloudWatch log group name. | | +| log_retention_in_days | number | CloudWatch log group retention in days | 120 | +| tags | map(string) | A map of AWS Tags to attach to each resource created | {} | +| lb_logging_enabled | bool | Option to enable logging of load balancer requests. | false | +| lb_logging_bucket_name | string | Required if `lb_logging_enabled` is true. A bucket to store the logs in with an a [load balancer access policy](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) attached. | | +| fargate_platform_version | string | Version of the Fargate platform to run. | 1.4.0 | +| xray_enabled | bool | Whether or not the X-Ray daemon should be created with the Fargate API. | false | #### container_definition @@ -134,11 +134,11 @@ Object with following attributes to define the docker container(s) your fargate * **`image`** - (Required) the ecr_image_url with the tag like: `.dkr.ecr.us-west-2.amazonaws.com/myapp:dev` or the image URL from dockerHub or some other docker registry * **`ports`** - (Required) a list of ports this container is listening on -* **`environment_variables`** - (Required) a map of environment variables to pass to the docker container -* **`secrets`** - (Required) a map of secrets from the parameter store to be assigned to env variables -* **`efs_volume_mounts`** - (Required) a list of efs_volume_mount [objects](#efs_volume_mount) to be mounted into the +* **`environment_variables`** - a map of environment variables to pass to the docker container +* **`secrets`** - a map of secrets from the parameter store to be assigned to env variables +* **`efs_volume_mounts`** - a list of efs_volume_mount [objects](#efs_volume_mount) to be mounted into the container. -* **`ulimits`** - (Required) a list of ulimit [objects](#ulimit) to be set on the container. +* **`ulimits`** - a list of ulimit [objects](#ulimit) to be set on the container. **Before running this configuration** make sure that your ECR repo exists and an image has been pushed to the repo. @@ -193,8 +193,8 @@ See the following docs for more details: This variable is used when generating the [appspec.json](#appspec) file. This will define what Lambda Functions to invoke at specific [lifecycle hooks](https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html) -. Set this variable to `null` if you don't want to invoke any lambda functions. Set each hook to `null` if you don't -need a specific lifecycle hook function. +. Omit this variable or set it to `null` if you don't want to invoke any lambda functions. Omit or set a hook to `null` if you don't +need that specific lifecycle hook function. * **`before_install`** - lambda function name to run before new task set is created * **`after_install`** - lambda function name to run after new task set is created before test traffic points to new task diff --git a/examples/ci/ci.tf b/examples/ci/ci.tf index 753d24f..382bf2a 100644 --- a/examples/ci/ci.tf +++ b/examples/ci/ci.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12" + required_version = ">= 1.3" required_providers { aws = { diff --git a/examples/logging/logging.tf b/examples/logging/logging.tf index 0046d6b..f197e69 100644 --- a/examples/logging/logging.tf +++ b/examples/logging/logging.tf @@ -1,6 +1,16 @@ +terraform { + required_version = ">= 1.3" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.0" + } + } +} + provider "aws" { - version = "~> 3.0" - region = "us-west-2" + region = "us-west-2" } module "acs" { @@ -14,7 +24,7 @@ data "aws_elb_service_account" "main" {} // name = "fake-example-cluster" //} module "fargate_api" { - source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v4.0.1" + source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v5.0.0" // source = "../../" // for local testing app_name = "example-api" // ecs_cluster_name = aws_ecs_cluster.existing.name @@ -29,18 +39,11 @@ module "fargate_api" { secrets = { foo = "/super-secret" } - efs_volume_mounts = null - ulimits = null } - autoscaling_config = null codedeploy_test_listener_port = 8443 codedeploy_lifecycle_hooks = { - BeforeInstall = null - AfterInstall = null AfterAllowTestTraffic = "testLifecycle" - BeforeAllowTraffic = null - AfterAllowTraffic = null } hosted_zone = module.acs.route53_zone diff --git a/examples/simple/simple.tf b/examples/simple/simple.tf index 567511d..fb6f2df 100644 --- a/examples/simple/simple.tf +++ b/examples/simple/simple.tf @@ -1,6 +1,16 @@ +terraform { + required_version = ">= 1.3" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.0" + } + } +} + provider "aws" { - version = "~> 3.0" - region = "us-west-2" + region = "us-west-2" } module "acs" { @@ -11,8 +21,8 @@ module "acs" { // name = "fake-example-cluster" //} module "fargate_api" { - source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v4.0.1" - // source = "../../" // for local testing + source = "github.com/byu-oit/terraform-aws-fargate-api?ref=v5.0.0" + // source = "../../" // for local testing app_name = "example-api" // ecs_cluster_name = aws_ecs_cluster.existing.name container_port = 8000 @@ -26,18 +36,11 @@ module "fargate_api" { secrets = { foo = "/super-secret" } - efs_volume_mounts = null - ulimits = null } - autoscaling_config = null codedeploy_test_listener_port = 8443 codedeploy_lifecycle_hooks = { - BeforeInstall = null - AfterInstall = null AfterAllowTestTraffic = "testLifecycle" - BeforeAllowTraffic = null - AfterAllowTraffic = null } hosted_zone = module.acs.route53_zone diff --git a/main.tf b/main.tf index 38cf0b6..fbf292b 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12.21" + required_version = ">= 1.3.0" required_providers { aws = ">= 3.0.0" } diff --git a/variables.tf b/variables.tf index 94f78f3..dc4d5d1 100644 --- a/variables.tf +++ b/variables.tf @@ -12,19 +12,19 @@ variable "primary_container_definition" { name = string image = string ports = list(number) - environment_variables = map(string) - secrets = map(string) - efs_volume_mounts = list(object({ + environment_variables = optional(map(string)) + secrets = optional(map(string)) + efs_volume_mounts = optional(list(object({ name = string file_system_id = string root_directory = string container_path = string - })) - ulimits = list(object({ + }))) + ulimits = optional(list(object({ name = string soft_limit = number hard_limit = number - })) + }))) }) description = "The primary container definition for your application. This one will be the only container that receives traffic from the ALB, so make sure the 'ports' field contains the same port as the 'image_port'" } @@ -33,19 +33,19 @@ variable "extra_container_definitions" { name = string image = string ports = list(number) - environment_variables = map(string) - secrets = map(string) - efs_volume_mounts = list(object({ + environment_variables = optional(map(string)) + secrets = optional(map(string)) + efs_volume_mounts = optional(list(object({ name = string file_system_id = string root_directory = string container_path = string - })) - ulimits = list(object({ + }))) + ulimits = optional(list(object({ name = string soft_limit = number hard_limit = number - })) + }))) })) description = "A list of extra container definitions. Defaults to []" default = [] @@ -156,11 +156,11 @@ variable "codedeploy_test_listener_port" { } variable "codedeploy_lifecycle_hooks" { type = object({ - BeforeInstall = string - AfterInstall = string - AfterAllowTestTraffic = string - BeforeAllowTraffic = string - AfterAllowTraffic = string + BeforeInstall = optional(string) + AfterInstall = optional(string) + AfterAllowTestTraffic = optional(string) + BeforeAllowTraffic = optional(string) + AfterAllowTraffic = optional(string) }) description = "Define Lambda Functions for CodeDeploy lifecycle event hooks. Or set this variable to null to not have any lifecycle hooks invoked. Defaults to null" default = null @@ -211,6 +211,7 @@ variable "autoscaling_config" { max_capacity = number }) description = "Configuration for default autoscaling policies and alarms. Set to null if you want to set up your own autoscaling policies and alarms." + default = null } variable "scaling_up_policy_config" { type = object({