refactor!: add domains and load balancing

.github/workflows/release.yaml

@@ -9,6 +9,7 @@ env:
   AWS_REGION: us-west-1
   AWS_ROLE: arn:aws:iam::270074865685:role/terraform-module-ci-test
   GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+  DOMAIN: ${{secrets.DOMAIN}}
 
 permissions: write-all
 

README.md

@@ -2,6 +2,17 @@
 
 ## Recent Changes
 
+- BREAKING CHANGES!
+
+  While adding the loadbalancer and domain to this module it kinda seems like the ssh key shouldn't be included.
+  I also found a more standardized approach to how to skip or select modules.
+  When adding a load balancer I discovered that subnets will need to be tied to availability zones.
+  I also found that it was easier to combine the subnet input to something more complex, but should be easy enough to figure out
+  1. No longer managing ssh keys with this module!
+  2. The <name>-use-strategy variables now determine how modules are used (create, skip, or select)
+  3. Subnets inputs needed to change to incorporate high availability
+  With this is a massive change in the interface, this is a major break from the previous version, but I believe necessary for its growth.
+
 - Skip Runner IP
 
   By default this module will create a security group which allows the ip of the client running terraform ingress and egress access.

examples/basic/main.tf

@@ -2,27 +2,23 @@
 provider "aws" {
   default_tags {
     tags = {
-      Id = local.identifier
+      Id    = local.identifier
+      Owner = "terraform-ci@suse.com"
     }
   }
 }
 locals {
   identifier = var.identifier
-  name       = "tf-basic-${local.identifier}"
-  key        = var.key
-  key_name   = var.key_name
+  name       = "tf-${local.identifier}"
+  domain     = "${local.identifier}-${var.domain}"
 }
 # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
 module "this" {
   source              = "../../"
-  owner               = "terraform-ci@suse.com"
   vpc_name            = local.name
   vpc_cidr            = "10.0.255.0/24" # gives 256 usable addresses from .1 to .254, but AWS reserves .1 to .4 and .255, leaving .5 to .254
-  subnet_name         = local.name
-  subnet_cidr         = "10.0.255.224/28" # gives 14 usable addresses from .225 to .238, but AWS reserves .225 to .227 and .238, leaving .227 to .237
-  availability_zone   = "us-west-1b"      # check what availability zones are available in your region before setting this
   security_group_name = local.name
   security_group_type = "egress"
-  public_ssh_key      = local.key
-  ssh_key_name        = local.key_name
+  load_balancer_name  = local.name
+  domain              = local.domain
 }

examples/basic/outputs.tf

@@ -1,15 +1,18 @@
 output "vpc" {
   value = module.this.vpc
 }
-
-output "subnet" {
-  value = module.this.subnet
+output "subnets" {
+  value = module.this.subnets
 }
-
 output "security_group" {
   value = module.this.security_group
 }
-
-output "ssh_key" {
-  value = module.this.ssh_key
+output "load_balancer" {
+  value = module.this.load_balancer
+}
+output "domain" {
+  value = module.this.domain
+}
+output "certificate" {
+  value = module.this.certificate
 }

examples/basic/variables.tf

@@ -1,9 +1,6 @@
-variable "key" {
+variable "identifier" {
   type = string
 }
-variable "key_name" {
+variable "domain" {
   type = string
 }
-variable "identifier" {
-  type = string
-}

examples/basic/versions.tf

@@ -9,9 +9,5 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 5.11"
     }
-    http = {
-      source  = "hashicorp/http"
-      version = ">= 3.4"
-    }
   }
 }

examples/domain/main.tf

@@ -0,0 +1,27 @@
+
+provider "aws" {
+  default_tags {
+    tags = {
+      Id    = local.identifier
+      Owner = local.owner
+    }
+  }
+}
+locals {
+  identifier = var.identifier
+  name       = "tf-${local.identifier}"
+  owner      = "terraform-ci@suse.com"
+  domain     = "${local.identifier}-${var.domain}"
+  #zone = var.domain_zone
+}
+# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
+module "this" {
+  source              = "../../"
+  vpc_name            = local.name
+  vpc_cidr            = "10.0.255.0/24" # gives 256 usable addresses from .1 to .254, but AWS reserves .1 to .4 and .255, leaving .5 to .254
+  security_group_name = local.name
+  security_group_type = "project"
+  load_balancer_name  = local.name
+  domain              = local.domain
+  #domain_zone         = local.zone # only specify when creating a new zone
+}

examples/domain/outputs.tf

@@ -0,0 +1,18 @@
+output "vpc" {
+  value = module.this.vpc
+}
+output "subnets" {
+  value = module.this.subnets
+}
+output "security_group" {
+  value = module.this.security_group
+}
+output "load_balancer" {
+  value = module.this.load_balancer
+}
+output "domain" {
+  value = module.this.domain
+}
+output "certificate" {
+  value = module.this.certificate
+}

examples/domain/variables.tf

@@ -0,0 +1,14 @@
+variable "identifier" {
+  type = string
+}
+# variable "domain_zone" {
+#   type = string
+#   description = "The domain zone to use for the domain record. eg. example.com for domain 'test.example.com'"
+# }
+variable "domain" {
+  type        = string
+  description = <<-EOT
+    The domain to use for the domain record. eg. 'test.example.com'.
+    This example assumes that the zone already exists.
+  EOT
+}

examples/personal/versions.tf → examples/domain/versions.tf

@@ -9,9 +9,5 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 5.11"
     }
-    http = {
-      source  = "hashicorp/http"
-      version = ">= 3.4"
-    }
   }
 }

examples/sgip/main.tf → examples/loadbalancer/main.tf

@@ -1,23 +1,23 @@
+
 provider "aws" {
   default_tags {
     tags = {
-      Id = local.identifier
+      Id    = local.identifier
+      Owner = "terraform-ci@suse.com"
     }
   }
 }
 locals {
   identifier = var.identifier
-  name       = "tf-sgip-${local.identifier}"
+  name       = "tf-${local.identifier}"
 }
-
+# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
 module "this" {
   source              = "../../"
-  owner               = "terraform-ci@suse.com"
   vpc_name            = local.name
   vpc_cidr            = "10.0.255.0/24" # gives 256 usable addresses from .1 to .254, but AWS reserves .1 to .4 and .255, leaving .5 to .254
-  skip_subnet         = true
   security_group_name = local.name
-  security_group_type = "specific"
-  security_group_ip   = "192.168.1.1"
-  skip_ssh            = true
+  security_group_type = "project"
+  load_balancer_name  = local.name
+  domain_use_strategy = "skip"
 }

examples/loadbalancer/outputs.tf

@@ -0,0 +1,18 @@
+output "vpc" {
+  value = module.this.vpc
+}
+output "subnets" {
+  value = module.this.subnets
+}
+output "security_group" {
+  value = module.this.security_group
+}
+output "load_balancer" {
+  value = module.this.load_balancer
+}
+output "domain" {
+  value = module.this.domain
+}
+output "certificate" {
+  value = module.this.certificate
+}

examples/project/versions.tf → examples/loadbalancer/versions.tf

@@ -9,9 +9,5 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 5.11"
     }
-    http = {
-      source  = "hashicorp/http"
-      version = ">= 3.4"
-    }
   }
 }