Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem with peered_domains in PSA config #2245

Closed
apichick opened this issue Apr 28, 2024 · 1 comment
Closed

Problem with peered_domains in PSA config #2245

apichick opened this issue Apr 28, 2024 · 1 comment
Assignees
@ludoo @juliocc

Comments

@apichick
Copy link
Collaborator

There is a problem with the peered domains for PSA in this line

cloud-foundation-fabric/modules/net-vpc/psa.tf

Line 28 in a95e681

_psa_peered_domains = flatten([

dns_suffix attribute in google_service_networking_peered_dns_domain requires the dns suffix to end with a ".". If we pass the trailing "." when setting the peered_domains in the psa_configs variable then the name for the DNS peering results in a string ending in "-" which is not a valid name making terraform fail with the following error.

  # module.shared_vpc.google_service_networking_peered_dns_domain.name["servicenetworking-googleapis-com-backend-myorg-com-"] will be created
  + resource "google_service_networking_peered_dns_domain" "name" {
      + dns_suffix = "backend.myorg.com."
      + id         = (known after apply)
      + name       = "servicenetworking-googleapis-com-backend-myorg-com-"
      + network    = "vpc"
      + parent     = (known after apply)
      + project    = "g-prj-cd-sb-af-h-03"
      + service    = "servicenetworking.googleapis.com"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.shared_vpc.google_service_networking_peered_dns_domain.name["servicenetworking-googleapis-com-backend-myorg-com-"]: Creating...
module.shared_vpc.google_service_networking_peered_dns_domain.name["servicenetworking-googleapis-com-backend-myorg-com-"]: Still creating... [10s elapsed]
╷
│ Error: Error waiting for Create Service Networking Peered DNS Domain: Error code 3, message: 
│ 
│   with module.shared_vpc.google_service_networking_peered_dns_domain.name["servicenetworking-googleapis-com-backend-myorg-com-"],
│   on .terraform/modules/shared_vpc/modules/net-vpc/psa.tf line 83, in resource "google_service_networking_peered_dns_domain" "name":
│   83: resource "google_service_networking_peered_dns_domain" "name" {

If we don't pass the "." the name of google_service_networking_peered_dns_domain is OK but the dns_suffix isn't, so it does not work either. We would need to either:

  • Agree on passing the "." in the to peered_domains attribute and add a trimsuffix to remove the training "-" for the peering name, or,
  • Agree on nont passing the "." in peered_domains and add the trailing "." to the DNS suffix.

Both options are valid. Let me know which one you prefer and I'll change it
@apichick apichick mentioned this issue Apr 28, 2024
Merged
4 tasks
@juliocc
Copy link
Collaborator

juliocc commented Apr 29, 2024

@apichick this was fixed with #2246, right?

@juliocc juliocc closed this as completed Apr 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ludoo ludoo

@juliocc juliocc

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ludoo @juliocc @apichick