From 7a09acdecb0c13657194579ee3446a6e2fe1421e Mon Sep 17 00:00:00 2001 From: Sam Naser Date: Mon, 4 Apr 2022 21:08:54 -0700 Subject: [PATCH] fix: make GKE module cluster_name computed attribute (#1189) * Make GKE module cluster_name computed attribute * Use cluster ID for name output * Fix splat operator * Use values(...) to fix glob expression * fix README * refactor locals * remove cluster_name local Co-authored-by: Bharath KKB --- autogen/main/main.tf.tmpl | 9 ++++++++- autogen/main/outputs.tf.tmpl | 14 +++++++++++++- examples/simple_zonal_with_asm/main.tf | 2 +- main.tf | 4 +++- modules/asm/README.md | 2 +- modules/beta-autopilot-private-cluster/main.tf | 3 ++- modules/beta-autopilot-private-cluster/outputs.tf | 11 ++++++++++- modules/beta-autopilot-public-cluster/main.tf | 3 ++- modules/beta-autopilot-public-cluster/outputs.tf | 11 ++++++++++- .../beta-private-cluster-update-variant/main.tf | 4 +++- .../beta-private-cluster-update-variant/outputs.tf | 12 +++++++++++- modules/beta-private-cluster/main.tf | 4 +++- modules/beta-private-cluster/outputs.tf | 12 +++++++++++- modules/beta-public-cluster-update-variant/main.tf | 4 +++- .../beta-public-cluster-update-variant/outputs.tf | 12 +++++++++++- modules/beta-public-cluster/main.tf | 4 +++- modules/beta-public-cluster/outputs.tf | 12 +++++++++++- modules/private-cluster-update-variant/main.tf | 4 +++- modules/private-cluster-update-variant/outputs.tf | 12 +++++++++++- modules/private-cluster/main.tf | 4 +++- modules/private-cluster/outputs.tf | 12 +++++++++++- outputs.tf | 12 +++++++++++- 22 files changed, 145 insertions(+), 22 deletions(-) diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index 5afd74e756..a9ba1803ee 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -174,7 +174,14 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + {% if autopilot_cluster != true %} + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) + {% else %} + // cluster ID is in the form project/location/name + cluster_name_computed = element(split("/", local.cluster_id), length(split("/", local.cluster_id)) - 1) + {% endif %} cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/autogen/main/outputs.tf.tmpl b/autogen/main/outputs.tf.tmpl index bb3b09f1ce..1aa6dadae8 100644 --- a/autogen/main/outputs.tf.tmpl +++ b/autogen/main/outputs.tf.tmpl @@ -23,7 +23,19 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + {% if autopilot_cluster != true %} + google_container_node_pool.pools, + {% endif %} + ] } output "type" { diff --git a/examples/simple_zonal_with_asm/main.tf b/examples/simple_zonal_with_asm/main.tf index 8953c8b55e..c7351435c3 100644 --- a/examples/simple_zonal_with_asm/main.tf +++ b/examples/simple_zonal_with_asm/main.tf @@ -33,7 +33,7 @@ data "google_project" "project" { module "gke" { source = "../../" project_id = var.project_id - name = "${local.cluster_type}-cluster${var.cluster_name_suffix}" + name = "test-prefix-cluster-test-suffix" regional = false region = var.region zones = var.zones diff --git a/main.tf b/main.tf index 24297b180f..ff906bf81f 100644 --- a/main.tf +++ b/main.tf @@ -124,7 +124,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/asm/README.md b/modules/asm/README.md index 3bbc93bc09..2ca47d5d90 100644 --- a/modules/asm/README.md +++ b/modules/asm/README.md @@ -14,7 +14,7 @@ There is a full example provided [here](../../examples/simple_zonal_with_asm). D ```tf module "asm" { - source = "../../modules/asm" + source = "terraform-google-modules/kubernetes-engine/google//modules/asm" project_id = var.project_id cluster_name = module.gke.name cluster_location = module.gke.location diff --git a/modules/beta-autopilot-private-cluster/main.tf b/modules/beta-autopilot-private-cluster/main.tf index 779c6eb03c..fd72a8fb3c 100644 --- a/modules/beta-autopilot-private-cluster/main.tf +++ b/modules/beta-autopilot-private-cluster/main.tf @@ -107,7 +107,8 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // cluster ID is in the form project/location/name + cluster_name_computed = element(split("/", local.cluster_id), length(split("/", local.cluster_id)) - 1) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-autopilot-private-cluster/outputs.tf b/modules/beta-autopilot-private-cluster/outputs.tf index 6cdab1a5ce..b3b21d9053 100644 --- a/modules/beta-autopilot-private-cluster/outputs.tf +++ b/modules/beta-autopilot-private-cluster/outputs.tf @@ -23,7 +23,16 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + ] } output "type" { diff --git a/modules/beta-autopilot-public-cluster/main.tf b/modules/beta-autopilot-public-cluster/main.tf index cae98fa3c5..32fab5a8af 100644 --- a/modules/beta-autopilot-public-cluster/main.tf +++ b/modules/beta-autopilot-public-cluster/main.tf @@ -106,7 +106,8 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // cluster ID is in the form project/location/name + cluster_name_computed = element(split("/", local.cluster_id), length(split("/", local.cluster_id)) - 1) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-autopilot-public-cluster/outputs.tf b/modules/beta-autopilot-public-cluster/outputs.tf index 3d0d040736..0950df9513 100644 --- a/modules/beta-autopilot-public-cluster/outputs.tf +++ b/modules/beta-autopilot-public-cluster/outputs.tf @@ -23,7 +23,16 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + ] } output "type" { diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index acdae6152a..c115e1a3c2 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -147,7 +147,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-private-cluster-update-variant/outputs.tf b/modules/beta-private-cluster-update-variant/outputs.tf index 4377e2ee3e..41152fa2b4 100644 --- a/modules/beta-private-cluster-update-variant/outputs.tf +++ b/modules/beta-private-cluster-update-variant/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index acdae6152a..c115e1a3c2 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -147,7 +147,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-private-cluster/outputs.tf b/modules/beta-private-cluster/outputs.tf index 4377e2ee3e..41152fa2b4 100644 --- a/modules/beta-private-cluster/outputs.tf +++ b/modules/beta-private-cluster/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index 0f9683068f..a3af1a009f 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -146,7 +146,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-public-cluster-update-variant/outputs.tf b/modules/beta-public-cluster-update-variant/outputs.tf index 1fbf1d6aba..d05e54294d 100644 --- a/modules/beta-public-cluster-update-variant/outputs.tf +++ b/modules/beta-public-cluster-update-variant/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index 0f9683068f..a3af1a009f 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -146,7 +146,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/beta-public-cluster/outputs.tf b/modules/beta-public-cluster/outputs.tf index 1fbf1d6aba..d05e54294d 100644 --- a/modules/beta-public-cluster/outputs.tf +++ b/modules/beta-public-cluster/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index 5702f92d81..c6e02efd5c 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -125,7 +125,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/private-cluster-update-variant/outputs.tf b/modules/private-cluster-update-variant/outputs.tf index 62f205cda7..4c17822106 100644 --- a/modules/private-cluster-update-variant/outputs.tf +++ b/modules/private-cluster-update-variant/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index 5702f92d81..c6e02efd5c 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -125,7 +125,9 @@ locals { cluster_region = var.regional ? var.region : join("-", slice(split("-", local.cluster_location), 0, 2)) cluster_zones = sort(local.cluster_output_zones) - cluster_name = local.cluster_output_name + // node pool ID is in the form projects//locations//clusters//nodePools/ + cluster_name_parts_from_nodepool = split("/", element(values(google_container_node_pool.pools)[*].id, 0)) + cluster_name_computed = element(local.cluster_name_parts_from_nodepool, length(local.cluster_name_parts_from_nodepool) - 3) cluster_network_tag = "gke-${var.name}" cluster_ca_certificate = local.cluster_master_auth_map["cluster_ca_certificate"] cluster_master_version = local.cluster_output_master_version diff --git a/modules/private-cluster/outputs.tf b/modules/private-cluster/outputs.tf index 62f205cda7..4c17822106 100644 --- a/modules/private-cluster/outputs.tf +++ b/modules/private-cluster/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" { diff --git a/outputs.tf b/outputs.tf index c28719639a..414e662a17 100644 --- a/outputs.tf +++ b/outputs.tf @@ -23,7 +23,17 @@ output "cluster_id" { output "name" { description = "Cluster name" - value = local.cluster_name + value = local.cluster_name_computed + depends_on = [ + /* Nominally, the cluster name is populated as soon as it is known to Terraform. + * However, the cluster may not be in a usable state yet. Therefore any + * resources dependent on the cluster being up will fail to deploy. With + * this explicit dependency, dependent resources can wait for the cluster + * to be up. + */ + google_container_cluster.primary, + google_container_node_pool.pools, + ] } output "type" {