Terraform 0.12

agilestacks · Oct 9, 2020 · 398628c · 398628c
1 parent 2d32cf9
commit 398628c
Show file tree

Hide file tree

Showing 7 changed files with 103 additions and 74 deletions.
diff --git a/Makefile b/Makefile
@@ -21,24 +21,24 @@ ifneq (,$(ZONE))
 	DEFAULT_ZONE := $(ZONE)
 endif
 
-export TF_VAR_domain ?= $(DOMAIN_NAME)
-export TF_VAR_base_domain ?= $(BASE_DOMAIN)
-export TF_VAR_project ?= $(PROJECT)
-export TF_VAR_location ?= $(LOCATION)
+export TF_VAR_domain       ?= $(DOMAIN_NAME)
+export TF_VAR_base_domain  ?= $(BASE_DOMAIN)
+export TF_VAR_project      ?= $(PROJECT)
+export TF_VAR_location     ?= $(LOCATION)
 export TF_VAR_cluster_name := $(or $(CLUSTER_NAME),$(NAME2))
-export TF_VAR_node_machine_type ?= g1-small
+export TF_VAR_node_machine_type ?= e2-small
 export TF_VAR_min_node_count ?= 1
 export TF_VAR_max_node_count ?= 3
 export TF_VAR_preemptible ?=
 export TF_VAR_addons_istio ?= false
 
-terraform ?= terraform-v0.11
+terraform ?= terraform-v0.12
 
-export TF_LOG      ?= info
 export TF_DATA_DIR ?= .terraform/$(DOMAIN_NAME)
 export TF_LOG_PATH ?= $(TF_DATA_DIR)/terraform.log
-TF_CLI_ARGS := -no-color -input=false -lock=false
-TFPLAN := $(TF_DATA_DIR)/$(DOMAIN_NAME).tfplan
+
+TF_CLI_ARGS ?= -input=false
+TFPLAN      := $(TF_DATA_DIR)/$(DOMAIN_NAME).tfplan
 
 gcloud ?= gcloud
 kubectl ?= kubectl --context=gke_$(PROJECT)_$(LOCATION)_$(TF_VAR_cluster_name)
@@ -53,12 +53,11 @@ init:
 .PHONY: init
 
 plan:
-	$(terraform) plan $(TF_CLI_ARGS) \
-		-refresh=true -module-depth=-1 -out=$(TFPLAN)
+	$(terraform) plan $(TF_CLI_ARGS) -out=$(TFPLAN)
 .PHONY: plan
 
 apply:
-	$(terraform) apply $(TF_CLI_ARGS) -Xshadow=false $(TFPLAN)
+	$(terraform) apply $(TF_CLI_ARGS) $(TFPLAN)
 	@echo
 .PHONY: apply
 
@@ -90,9 +89,9 @@ region:
 .PHONY: region
 
 import:
-	-$(terraform) import -provider=google $(TF_OPTS) google_dns_managed_zone.main $$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g')
-	-$(terraform) import -provider=google $(TF_OPTS) google_dns_managed_zone.internal i-$$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g')
-	-$(terraform) import -provider=google $(TF_OPTS) google_compute_network.gke_vpc $(TF_VAR_cluster_name)-vpc
+	-$(terraform) import -provider=google $(TF_CLI_ARGS) google_dns_managed_zone.main $$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g')
+	-$(terraform) import -provider=google $(TF_CLI_ARGS) google_dns_managed_zone.internal i-$$(echo $(DOMAIN_NAME) | sed -e 's/\./-/g')
+	-$(terraform) import -provider=google $(TF_CLI_ARGS) google_compute_network.gke_vpc $(TF_VAR_cluster_name)-vpc
 .PHONY: import
 
 output:

diff --git a/dns.tf b/dns.tf
@@ -1,58 +1,58 @@
 data "google_dns_managed_zone" "base" {
-  name    = "${replace(var.base_domain, ".", "-")}"
-  project = "${var.project}"
+  name    = replace(var.base_domain, ".", "-")
+  project = var.project
 }
 
 resource "google_dns_managed_zone" "main" {
-  name        = "${replace(var.domain, ".", "-")}"
+  name        = replace(var.domain, ".", "-")
   dns_name    = "${var.domain}."
   description = "${var.cluster_name} GKE Cluster DNS Zone"
-  project     = "${var.project}"
+  project     = var.project
 
   labels = {
-    foo = "${var.cluster_name}"
+    foo = var.cluster_name
   }
 }
 
 resource "google_dns_record_set" "parent" {
   name         = "${var.domain}."
-  managed_zone = "${data.google_dns_managed_zone.base.name}"
+  managed_zone = data.google_dns_managed_zone.base.name
   type         = "NS"
   ttl          = 300
-  rrdatas      = ["${google_dns_managed_zone.main.name_servers}"]
+  rrdatas      = google_dns_managed_zone.main.name_servers
 }
 
 resource "google_dns_managed_zone" "internal" {
   name        = "i-${replace(var.domain, ".", "-")}"
   dns_name    = "i.${var.domain}."
   description = "${var.cluster_name} GKE Cluster internal DNS Zone"
-  project     = "${var.project}"
+  project     = var.project
   visibility  = "private"
 
   private_visibility_config {
     networks {
-      network_url = "${google_compute_network.gke_vpc.self_link}"
+      network_url = google_compute_network.gke_vpc.self_link
     }
   }
 
   labels = {
-    foo = "${var.cluster_name}"
+    foo = var.cluster_name
   }
 }
 
 resource "google_dns_record_set" "internal" {
   name         = "i.${var.domain}."
-  managed_zone = "${google_dns_managed_zone.main.name}"
+  managed_zone = google_dns_managed_zone.main.name
   type         = "NS"
   ttl          = 300
-  rrdatas      = ["${google_dns_managed_zone.internal.name_servers}"]
+  rrdatas      = google_dns_managed_zone.internal.name_servers
 }
 
 resource "google_dns_record_set" "api" {
   name         = "api.${var.domain}."
-  managed_zone = "${google_dns_managed_zone.main.name}"
+  managed_zone = google_dns_managed_zone.main.name
   type         = "A"
   ttl          = 300
 
-  rrdatas = ["${google_container_cluster.primary.endpoint}"]
+  rrdatas = [google_container_cluster.primary.endpoint]
 }
diff --git a/k8s.tf b/k8s.tf
@@ -1,20 +1,21 @@
 data "google_container_engine_versions" "latest" {
-  location       = "${var.location}"
+  location = var.location
+
   # Since this is just a string match, it's recommended that you append a . after minor versions
   # Details: https://www.terraform.io/docs/providers/google/d/google_container_engine_versions.html#version_prefix
   version_prefix = "${var.gke_kubernetes_version_prefix}."
 }
 
 resource "google_container_cluster" "primary" {
-  provider = "google-beta"
+  provider = google-beta
 
-  name                     = "${var.cluster_name}"
-  location                 = "${var.location}"
-  project                  = "${var.project}"
-  network                  = "${google_compute_network.gke_vpc.name}"
+  name                     = var.cluster_name
+  location                 = var.location
+  project                  = var.project
+  network                  = google_compute_network.gke_vpc.name
   remove_default_node_pool = true
-  min_master_version       = "${data.google_container_engine_versions.latest.latest_node_version}"
-  node_version             = "${data.google_container_engine_versions.latest.latest_node_version}"
+  min_master_version       = data.google_container_engine_versions.latest.latest_node_version
+  node_version             = data.google_container_engine_versions.latest.latest_node_version
 
   initial_node_count = 1
 
@@ -29,34 +30,34 @@ resource "google_container_cluster" "primary" {
 
   addons_config {
     istio_config {
-      disabled = "${var.addons_istio == "true" ? false : true}"
+      disabled = !var.addons_istio
     }
   }
 }
 
 resource "google_container_node_pool" "primary_nodes" {
-  name     = "${var.cluster_name}"
-  location = "${var.location}"
-  cluster  = "${google_container_cluster.primary.name}"
+  name     = var.cluster_name
+  location = var.location
+  cluster  = google_container_cluster.primary.name
 
-  initial_node_count = "${var.min_node_count}"
-  version            = "${data.google_container_engine_versions.latest.latest_node_version}"
+  initial_node_count = var.min_node_count
+  version            = data.google_container_engine_versions.latest.latest_node_version
 
   autoscaling {
-    min_node_count = "${var.min_node_count}"
-    max_node_count = "${var.max_node_count}"
+    min_node_count = var.min_node_count
+    max_node_count = var.max_node_count
   }
 
   node_config {
-    preemptible  = "${var.preemptible}"
-    machine_type = "${var.node_machine_type}"
-    disk_size_gb = "${var.volume_size}"
+    preemptible  = var.preemptible
+    machine_type = var.node_machine_type
+    disk_size_gb = var.volume_size
 
-    metadata {
+    metadata = {
       disable-legacy-endpoints = "true"
     }
 
-    oauth_scopes = "${var.asi_oauth_scopes}"
+    oauth_scopes = var.asi_oauth_scopes
   }
 
   timeouts {
@@ -65,6 +66,8 @@ resource "google_container_node_pool" "primary_nodes" {
 }
 
 resource "local_file" "cluster_ca_certificate" {
-  content  = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}"
+  content = base64decode(
+    google_container_cluster.primary.master_auth[0].cluster_ca_certificate,
+  )
   filename = "${path.cwd}/.terraform/${var.domain}/cluster_ca_certificate.pem"
 }
diff --git a/outputs.tf b/outputs.tf
@@ -3,9 +3,9 @@ output "api_ca_crt" {
 }
 
 output "endpoint" {
-  value = "${google_container_cluster.primary.endpoint}"
+  value = google_container_cluster.primary.endpoint
 }
 
 output "network_name" {
-  value = "${google_compute_network.gke_vpc.name}"
+  value = google_compute_network.gke_vpc.name
 }
diff --git a/providers.tf b/providers.tf
@@ -1,16 +1,16 @@
 terraform {
-  required_version = ">= 0.11.10"
+  required_version = ">= 0.12"
   backend "gcs" {}
 }
 
 provider "google" {
-  project = "${var.project}"
-  version = "2.20.1"
+  project = var.project
+  version = "3.42.0"
 }
 
 provider "google-beta" {
-  project = "${var.project}"
-  version = "2.20.1"
+  project = var.project
+  version = "3.42.0"
 }
 
 provider "local" {

diff --git a/variables.tf b/variables.tf
@@ -1,28 +1,55 @@
-variable "project" {}
+variable "project" {
+  type = string
+}
 
-variable "location" {}
+variable "location" {
+  type = string
+}
 
-variable "cluster_name" {}
-variable "node_machine_type" {}
-variable "min_node_count" {}
-variable "max_node_count" {}
-variable "domain" {}
-variable "base_domain" {}
-variable "preemptible" {}
-variable "volume_size" {}
+variable "cluster_name" {
+  type = string
+}
+
+variable "node_machine_type" {
+  type = string
+}
+
+variable "min_node_count" {
+  type = number
+}
+
+variable "max_node_count" {
+  type = number
+}
+
+variable "domain" {
+  type = string
+}
+
+variable "base_domain" {
+  type = string
+}
+
+variable "preemptible" {
+  type    = bool
+  default = false
+}
+
+variable "volume_size" {
+  type = number
+}
 
 variable "addons_istio" {
-  type = "string"
-  default = "disabled"
+  type    = bool
+  default = false
 }
 
 variable "asi_oauth_scopes" {
-  type = "list"
+  type = list(string)
 
   # https://developers.google.com/identity/protocols/googlescopes
   default = [
     "https://www.googleapis.com/auth/cloud-platform",
-    # "https://www.googleapis.com/auth/cloud-platform.read-only",
     "https://www.googleapis.com/auth/bigquery",
     "https://www.googleapis.com/auth/compute",
     "https://www.googleapis.com/auth/datastore",
@@ -36,6 +63,6 @@ variable "asi_oauth_scopes" {
 }
 
 variable "gke_kubernetes_version_prefix" {
-  type = "string"
+  type    = string
   default = "1.17"
 }
diff --git a/vpc.tf b/vpc.tf
@@ -1,5 +1,5 @@
 resource "google_compute_network" "gke_vpc" {
   name                    = "${var.cluster_name}-vpc"
-  project                 = "${var.project}"
+  project                 = var.project
   auto_create_subnetworks = true
 }