Change primary secondary to main dr (#267)

* change sonar primary and secondary to main and dr

* update git actions test files with the new TFVAR_PARAMETERS env var

* Modify Azure example to contains main and DR terms

* fix output and friendly name of main and dr in dsf deployment aws and azure

* revert azure sonar main nodes friendly name

* fix agent_gw_ssh_key_file_path output var name

---------

Co-authored-by: assaf.cohen <assaf.cohen@imperva.com>

.github/workflows/dsf_single_account_cli.yml

@@ -96,7 +96,7 @@ jobs:
     - name: Create tfvars File
       run: |
         cat << EOF > $EXAMPLE_DIR/terraform.tfvars
-        ${{ vars.TFVAR_PARAMETERS_DSF_SINGLE_ACCOUNT_AUTOMATION_PRIVATE_SUBNETS }}
+        ${{ vars.TFVAR_PARAMETERS_DSF_SINGLE_ACCOUNT_AUTOMATION_PRIVATE_SUBNETS_V1 }}
         EOF
 
     - name: Cat tfvars File

.github/workflows/plan_sonar_cli.yml

@@ -113,11 +113,11 @@ jobs:
         run: |
           if [ "${{ matrix.name }}" == "Sonar Single Account" ]; then 
             cat << EOF > "${{ matrix.example }}/terraform.tfvars"
-            ${{ vars.TFVAR_PARAMETERS_SINGLE_ACCOUNT_AUTOMATION }}
+            ${{ vars.TFVAR_PARAMETERS_SINGLE_ACCOUNT_AUTOMATION_V1 }}
           EOF
           elif [ "${{ matrix.name }}" == "Sonar Multi Account" ]; then
             cat << EOF > "${{ matrix.example }}/terraform.tfvars"
-            ${{ vars.TFVAR_PARAMETERS_MULTI_ACCOUNT_AUTOMATION }}
+            ${{ vars.TFVAR_PARAMETERS_MULTI_ACCOUNT_AUTOMATION_V1 }}
           EOF
           fi
 

.github/workflows/sonar_multi_account_cli.yml

@@ -86,7 +86,7 @@ jobs:
     - name: Create tfvars File
       run: |
         cat << EOF > $EXAMPLE_DIR/terraform.tfvars
-        ${{ vars.TFVAR_PARAMETERS_MULTI_ACCOUNT_AUTOMATION }}
+        ${{ vars.TFVAR_PARAMETERS_MULTI_ACCOUNT_AUTOMATION_V1 }}
         EOF
 
     - name: Cat tfvars File

.github/workflows/sonar_poc_cli.yml

@@ -84,8 +84,8 @@ jobs:
           - workspace: hadr_cli-${{ github.run_number }}-${{ github.run_attempt }}
             example_dir: ./examples/poc/sonar_hadr_deployment
             aws_region: eu-west-1
-            hub_output: '.dsf_hubs.value.primary.public_dns'
-            gw_output: '.dsf_agentless_gw.value."agentless-gw-0".primary.private_ip'
+            hub_output: '.dsf_hubs.value.main.public_dns'
+            gw_output: '.dsf_agentless_gw.value."agentless-gw-0".main.private_ip'
 
     name: 'Terraform ${{ matrix.workspace }}'
     runs-on: ubuntu-latest

.github/workflows/sonar_single_account_cli.yml

@@ -125,7 +125,7 @@ jobs:
       - name: Create tfvars File
         run: |
           cat << EOF > $EXAMPLE_DIR/terraform.tfvars
-          ${{ vars.TFVAR_PARAMETERS_SINGLE_ACCOUNT_AUTOMATION }}
+          ${{ vars.TFVAR_PARAMETERS_SINGLE_ACCOUNT_AUTOMATION_V1 }}
           EOF
 
 

examples/azure/dsf_deployment/networking.tf

@@ -1,8 +1,8 @@
 # locals {
 #   hub_subnet_id                    = var.subnet_ids != null ? var.subnet_ids.hub_subnet_id : module.vpc[0].public_subnets[0]
-#   hub_secondary_subnet_id          = var.subnet_ids != null ? var.subnet_ids.hub_secondary_subnet_id : module.vpc[0].public_subnets[1]
+#   hub_dr_subnet_id          = var.subnet_ids != null ? var.subnet_ids.hub_dr_subnet_id : module.vpc[0].public_subnets[1]
 #   agentless_gw_subnet_id           = var.subnet_ids != null ? var.subnet_ids.agentless_gw_subnet_id : module.vpc[0].private_subnets[0]
-#   agentless_gw_secondary_subnet_id = var.subnet_ids != null ? var.subnet_ids.agentless_gw_secondary_subnet_id : module.vpc[0].private_subnets[1]
+#   agentless_gw_dr_subnet_id = var.subnet_ids != null ? var.subnet_ids.agentless_gw_dr_subnet_id : module.vpc[0].private_subnets[1]
 #   db_subnet_ids                    = var.subnet_ids != null ? var.subnet_ids.db_subnet_ids : module.vpc[0].public_subnets
 #   mx_subnet_id                     = var.subnet_ids != null ? var.subnet_ids.mx_subnet_id : module.vpc[0].public_subnets[0]
 #   dra_admin_subnet_id              = var.subnet_ids != null ? var.subnet_ids.admin_subnet_id : module.vpc[0].public_subnets[0]
@@ -35,16 +35,16 @@ module "network" {
 #   id = local.hub_subnet_id
 # }
 
-# data "aws_subnet" "hub_secondary" {
-#   id = local.hub_secondary_subnet_id
+# data "aws_subnet" "hub_dr" {
+#   id = local.hub_dr_subnet_id
 # }
 
 # data "aws_subnet" "agentless_gw" {
 #   id = local.agentless_gw_subnet_id
 # }
 
-# data "aws_subnet" "agentless_gw_secondary" {
-#   id = local.agentless_gw_secondary_subnet_id
+# data "aws_subnet" "agentless_gw_dr" {
+#   id = local.agentless_gw_dr_subnet_id
 # }
 
 # data "aws_subnet" "mx" {

examples/azure/dsf_deployment/outputs.tf

@@ -20,51 +20,51 @@ output "generated_network" {
 
 output "sonar" {
   value = var.enable_sonar ? {
-    hub = {
-      public_ip    = try(module.hub[0].public_ip, null)
-      private_ip   = try(module.hub[0].private_ip, null)
-      jsonar_uid   = try(module.hub[0].jsonar_uid, null)
-      display_name = try(module.hub[0].display_name, null)
-      principal_id = try(module.hub[0].principal_id, null)
-      ssh_command  = try("ssh -i ${local.private_key_file_path} ${module.hub[0].ssh_user}@${module.hub[0].public_ip}", null)
-      tokens       = nonsensitive(module.hub[0].access_tokens)
+    hub_main = {
+      public_ip    = try(module.hub_main[0].public_ip, null)
+      private_ip   = try(module.hub_main[0].private_ip, null)
+      jsonar_uid   = try(module.hub_main[0].jsonar_uid, null)
+      display_name = try(module.hub_main[0].display_name, null)
+      principal_id = try(module.hub_main[0].principal_id, null)
+      ssh_command  = try("ssh -i ${local.private_key_file_path} ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}", null)
+      tokens       = nonsensitive(module.hub_main[0].access_tokens)
     }
-    hub_secondary = var.hub_hadr ? {
-      public_ip    = try(module.hub_secondary[0].public_ip, null)
-      private_ip   = try(module.hub_secondary[0].private_ip, null)
-      jsonar_uid   = try(module.hub_secondary[0].jsonar_uid, null)
-      display_name = try(module.hub_secondary[0].display_name, null)
-      principal_id = try(module.hub_secondary[0].principal_id, null)
-      ssh_command  = try("ssh -i ${local.private_key_file_path} ${module.hub_secondary[0].ssh_user}@${module.hub_secondary[0].public_ip}", null)
+    hub_dr = var.hub_hadr ? {
+      public_ip    = try(module.hub_dr[0].public_ip, null)
+      private_ip   = try(module.hub_dr[0].private_ip, null)
+      jsonar_uid   = try(module.hub_dr[0].jsonar_uid, null)
+      display_name = try(module.hub_dr[0].display_name, null)
+      principal_id = try(module.hub_dr[0].principal_id, null)
+      ssh_command  = try("ssh -i ${local.private_key_file_path} ${module.hub_dr[0].ssh_user}@${module.hub_dr[0].public_ip}", null)
     } : null
-    agentless_gw = [
-      for idx, val in module.agentless_gw :
+    agentless_gw_main = [
+      for idx, val in module.agentless_gw_main :
       {
         private_ip   = try(val.private_ip, null)
         jsonar_uid   = try(val.jsonar_uid, null)
         display_name = try(val.display_name, null)
         principal_id = try(val.principal_id, null)
-        ssh_command  = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
+        ssh_command  = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
       }
     ]
-    agentless_gw_secondary = var.agentless_gw_hadr ? [
-      for idx, val in module.agentless_gw_secondary :
+    agentless_gw_dr = var.agentless_gw_hadr ? [
+      for idx, val in module.agentless_gw_dr :
       {
         private_ip   = try(val.private_ip, null)
         jsonar_uid   = try(val.jsonar_uid, null)
         display_name = try(val.display_name, null)
         principal_id     = try(val.principal_id, null)
-        ssh_command  = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
+        ssh_command  = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
       }
     ] : []
   } : null
 }
 
 output "web_console_dsf_hub" {
   value = try({
-    user        = module.hub[0].web_console_user
+    user        = module.hub_main[0].web_console_user
     password    = nonsensitive(local.password)
-    public_url  = join("", ["https://", module.hub[0].public_ip, ":8443/"])
-    private_url = join("", ["https://", module.hub[0].private_ip, ":8443/"])
+    public_url  = join("", ["https://", module.hub_main[0].public_ip, ":8443/"])
+    private_url = join("", ["https://", module.hub_main[0].private_ip, ":8443/"])
   }, null)
 }

examples/azure/dsf_deployment/sonar.tf

@@ -3,7 +3,7 @@ locals {
   agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0
 }
 
-module "hub" {
+module "hub_main" {
   source = "../../../modules/azurerm/hub"
   # version                             = "1.3.5" # latest release tag
   count = var.enable_sonar ? 1 : 0
@@ -33,7 +33,7 @@ module "hub" {
   ]
 }
 
-module "hub_secondary" {
+module "hub_dr" {
   source = "../../../modules/azurerm/hub"
   # version                             = "1.3.5" # latest release tag
   count = var.enable_sonar && var.hub_hadr ? 1 : 0
@@ -47,9 +47,9 @@ module "hub_secondary" {
   instance_type                   = var.hub_instance_type
   attach_persistent_public_ip     = true
   use_public_ip                   = true
-  hadr_secondary_node             = true
-  primary_node_sonarw_public_key  = module.hub[0].sonarw_public_key
-  primary_node_sonarw_private_key = module.hub[0].sonarw_private_key
+  hadr_dr_node                    = true
+  main_node_sonarw_public_key     = module.hub_main[0].sonarw_public_key
+  main_node_sonarw_private_key    = module.hub_main[0].sonarw_private_key
   generate_access_tokens          = true
   ssh_key = {
     ssh_public_key            = tls_private_key.ssh_key.public_key_openssh
@@ -68,22 +68,22 @@ module "hub_secondary" {
 module "hub_hadr" {
   source  = "imperva/dsf-hadr/null"
   version = "1.5.1" # latest release tag
-  count   = length(module.hub_secondary) > 0 ? 1 : 0
+  count   = length(module.hub_dr) > 0 ? 1 : 0
 
   sonar_version            = module.globals.tarball_location.version
-  dsf_primary_ip           = module.hub[0].public_ip
-  dsf_primary_private_ip   = module.hub[0].private_ip
-  dsf_secondary_ip         = module.hub_secondary[0].public_ip
-  dsf_secondary_private_ip = module.hub_secondary[0].private_ip
+  dsf_main_ip              = module.hub_main[0].public_ip
+  dsf_main_private_ip      = module.hub_main[0].private_ip
+  dsf_dr_ip                = module.hub_dr[0].public_ip
+  dsf_dr_private_ip        = module.hub_dr[0].private_ip
   ssh_key_path             = local_sensitive_file.ssh_key.filename
-  ssh_user                 = module.hub[0].ssh_user
+  ssh_user                 = module.hub_main[0].ssh_user
   depends_on = [
-    module.hub,
-    module.hub_secondary
+    module.hub_main,
+    module.hub_dr
   ]
 }
 
-module "agentless_gw" {
+module "agentless_gw_main" {
   source = "../../../modules/azurerm/agentless-gw"
   # version                             = "1.3.5" # latest release tag
   count  = local.agentless_gw_count
@@ -95,7 +95,7 @@ module "agentless_gw" {
   binaries_location     = local.tarball_location
   instance_type         = var.agentless_gw_instance_type
   password              = local.password
-  hub_sonarw_public_key = module.hub[0].sonarw_public_key
+  hub_sonarw_public_key = module.hub_main[0].sonarw_public_key
   ssh_key = {
     ssh_public_key            = tls_private_key.ssh_key.public_key_openssh
     ssh_private_key_file_path = local_sensitive_file.ssh_key.filename
@@ -104,32 +104,32 @@ module "agentless_gw" {
   allowed_hub_cidrs = module.network[0].vnet_address_space
   allowed_all_cidrs          = local.workstation_cidr
   ingress_communication_via_proxy = {
-    proxy_address              = module.hub[0].public_ip
+    proxy_address              = module.hub_main[0].public_ip
     proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename
-    proxy_ssh_user             = module.hub[0].ssh_user
+    proxy_ssh_user             = module.hub_main[0].ssh_user
   }
   tags = local.tags
   depends_on = [
     module.network
   ]
 }
 
-module "agentless_gw_secondary" {
+module "agentless_gw_dr" {
   source = "../../../modules/azurerm/agentless-gw"
   # version                             = "1.3.5" # latest release tag
   count   = var.agentless_gw_hadr ? local.agentless_gw_count : 0
 
-  friendly_name                   = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index])
+  friendly_name                   = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
   resource_group        = local.resource_group
   subnet_id             = module.network[0].vnet_subnets[1]
   storage_details       = var.agentless_gw_storage_details
   binaries_location     = local.tarball_location
   instance_type         = var.agentless_gw_instance_type
   password              = local.password
-  hub_sonarw_public_key = module.hub[0].sonarw_public_key
-  hadr_secondary_node             = true
-  primary_node_sonarw_public_key  = module.agentless_gw[count.index].sonarw_public_key
-  primary_node_sonarw_private_key = module.agentless_gw[count.index].sonarw_private_key
+  hub_sonarw_public_key = module.hub_main[0].sonarw_public_key
+  hadr_dr_node                 = true
+  main_node_sonarw_public_key  = module.agentless_gw_main[count.index].sonarw_public_key
+  main_node_sonarw_private_key = module.agentless_gw_main[count.index].sonarw_private_key
   ssh_key = {
     ssh_public_key            = tls_private_key.ssh_key.public_key_openssh
     ssh_private_key_file_path = local_sensitive_file.ssh_key.filename
@@ -138,9 +138,9 @@ module "agentless_gw_secondary" {
   allowed_hub_cidrs = module.network[0].vnet_address_space
   allowed_all_cidrs          = local.workstation_cidr
   ingress_communication_via_proxy = {
-    proxy_address              = module.hub[0].public_ip
+    proxy_address              = module.hub_main[0].public_ip
     proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename
-    proxy_ssh_user             = module.hub[0].ssh_user
+    proxy_ssh_user             = module.hub_main[0].ssh_user
   }
   tags = local.tags
   depends_on = [
@@ -151,39 +151,39 @@ module "agentless_gw_secondary" {
 module "agentless_gw_hadr" {
   source  = "imperva/dsf-hadr/null"
   version = "1.5.1" # latest release tag
-  count   = length(module.agentless_gw_secondary)
+  count   = length(module.agentless_gw_dr)
 
   sonar_version            = module.globals.tarball_location.version
-  dsf_primary_ip           = module.agentless_gw[count.index].private_ip
-  dsf_primary_private_ip   = module.agentless_gw[count.index].private_ip
-  dsf_secondary_ip         = module.agentless_gw_secondary[count.index].private_ip
-  dsf_secondary_private_ip = module.agentless_gw_secondary[count.index].private_ip
+  dsf_main_ip           = module.agentless_gw_main[count.index].private_ip
+  dsf_main_private_ip   = module.agentless_gw_main[count.index].private_ip
+  dsf_dr_ip         = module.agentless_gw_dr[count.index].private_ip
+  dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip
   ssh_key_path             = local_sensitive_file.ssh_key.filename
-  ssh_user                 = module.agentless_gw[count.index].ssh_user
+  ssh_user                 = module.agentless_gw_main[count.index].ssh_user
   proxy_info = {
-    proxy_address              = module.hub[0].public_ip
+    proxy_address              = module.hub_main[0].public_ip
     proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename
-    proxy_ssh_user             = module.hub[0].ssh_user
+    proxy_ssh_user             = module.hub_main[0].ssh_user
   }
   depends_on = [
-    module.agentless_gw,
-    module.agentless_gw_secondary
+    module.agentless_gw_main,
+    module.agentless_gw_dr
   ]
 }
 
 locals {
   gws = merge(
-    { for idx, val in module.agentless_gw : "agentless-gw-${idx}" => val },
-    { for idx, val in module.agentless_gw_secondary : "agentless-gw-secondary-${idx}" => val },
+    { for idx, val in module.agentless_gw_main : "agentless-gw-${idx}" => val },
+    { for idx, val in module.agentless_gw_dr : "agentless-gw-dr-${idx}" => val },
   )
   gws_set = values(local.gws)
   hubs_set = concat(
-    var.enable_sonar ? [module.hub[0]] : [],
-    var.enable_sonar && var.hub_hadr ? [module.hub_secondary[0]] : []
+    var.enable_sonar ? [module.hub_main[0]] : [],
+    var.enable_sonar && var.hub_hadr ? [module.hub_dr[0]] : []
   )
   hubs_keys = compact([
-    var.enable_sonar ? "hub-primary" : null,
-    var.enable_sonar && var.hub_hadr ? "hub-secondary" : null,
+    var.enable_sonar ? "hub-main" : null,
+    var.enable_sonar && var.hub_hadr ? "hub-dr" : null,
   ])
 
   hub_gw_combinations_values = setproduct(local.hubs_set, local.gws_set)
@@ -208,9 +208,9 @@ module "federation" {
     gw_ssh_user             = each.value[1].ssh_user
   }
   gw_proxy_info = {
-    proxy_address              = module.hub[0].public_ip
+    proxy_address              = module.hub_main[0].public_ip
     proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename
-    proxy_ssh_user             = module.hub[0].ssh_user
+    proxy_ssh_user             = module.hub_main[0].ssh_user
   }
   depends_on = [
     module.hub_hadr,

examples/azure/dsf_deployment/variables.tf

@@ -65,14 +65,14 @@ variable "vnet_ip_range" {
 variable "subnet_ids" {
   type = object({
     hub_subnet_id                    = string
-    hub_secondary_subnet_id          = string
+    hub_dr_subnet_id                 = string
     agentless_gw_subnet_id           = string
-    agentless_gw_secondary_subnet_id = string
+    agentless_gw_dr_subnet_id        = string
   })
   default     = null
   description = "The IDs of existing subnets to deploy resources in. Keep empty if you wish to provision new VPC and subnets. db_subnet_ids can be an empty list only if no databases should be provisioned"
   validation {
-    condition     = var.subnet_ids == null || try(var.subnet_ids.hub_subnet_id != null && var.subnet_ids.hub_secondary_subnet_id != null && var.subnet_ids.agentless_gw_subnet_id != null && var.subnet_ids.agentless_gw_secondary_subnet_id != null, false)
+    condition     = var.subnet_ids == null || try(var.subnet_ids.hub_subnet_id != null && var.subnet_ids.hub_dr_subnet_id != null && var.subnet_ids.agentless_gw_subnet_id != null && var.subnet_ids.agentless_gw_dr_subnet_id != null, false)
     error_message = "Value must either be null or specified for all."
   }
   validation {