diff --git a/README.md b/README.md index 8dd6f61f..bfa8bdab 100644 --- a/README.md +++ b/README.md @@ -7,15 +7,15 @@ Modular Global HTTP Load Balancer for GCE using forwarding rules. ## Usage -```ruby +```HCL module "gce-lb-http" { source = "GoogleCloudPlatform/lb-http/google" name = "group-http-lb" - target_tags = ["${module.mig1.target_tags}", "${module.mig2.target_tags}"] + target_tags = [module.mig1.target_tags, module.mig2.target_tags] backends = { "0" = [ - { group = "${module.mig1.instance_group}" }, - { group = "${module.mig2.instance_group}" } + { group = module.mig1.instance_group }, + { group = module.mig2.instance_group } ], } backend_params = [ diff --git a/examples/https-gke/gke-node-port/main.tf b/examples/https-gke/gke-node-port/main.tf index 5a0c5cac..e0fdff8f 100644 --- a/examples/https-gke/gke-node-port/main.tf +++ b/examples/https-gke/gke-node-port/main.tf @@ -34,12 +34,12 @@ resource "google_compute_subnetwork" "default" { } data "google_container_engine_versions" "default" { - location = var.zone + location = var.location } resource "google_container_cluster" "default" { name = var.network_name - location = var.zone + location = var.location initial_node_count = 3 min_master_version = data.google_container_engine_versions.default.latest_master_version network = google_compute_subnetwork.default.name @@ -62,12 +62,11 @@ provider "kubernetes" { cluster_ca_certificate = base64decode(google_container_cluster.default.master_auth.0.cluster_ca_certificate) } -module "named-port" { - # this module is not migrated to HCL2 / TF 0.12 syntax - source = "github.com/danisla/terraform-google-named-ports" - instance_group = google_container_cluster.default.instance_group_urls[0] - name = var.port_name - port = var.node_port +resource "null_resource" "default" { + + provisioner "local-exec" { + command = "gcloud compute instance-groups set-named-ports ${google_container_cluster.default.instance_group_urls[0]} --named-ports=${var.port_name}:${var.node_port} --format=json" + } } resource "kubernetes_service" "nginx" { diff --git a/examples/https-gke/gke-node-port/test.sh b/examples/https-gke/gke-node-port/test.sh index b35c47a7..c7d4123a 100644 --- a/examples/https-gke/gke-node-port/test.sh +++ b/examples/https-gke/gke-node-port/test.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -set -x +set -x set -e EXP_NAME=$(terraform output port_name) diff --git a/examples/https-gke/gke-node-port/variables.tf b/examples/https-gke/gke-node-port/variables.tf index b8fd9aea..bc6def7e 100644 --- a/examples/https-gke/gke-node-port/variables.tf +++ b/examples/https-gke/gke-node-port/variables.tf @@ -26,8 +26,7 @@ variable "region" { default = "us-central1" } -variable "zone" { - # this variable is deprecated in resources, new name for it is `location` +variable "location" { default = "us-central1-f" } diff --git a/examples/https-gke/main.tf b/examples/https-gke/main.tf index 90664c9b..95069538 100644 --- a/examples/https-gke/main.tf +++ b/examples/https-gke/main.tf @@ -14,64 +14,16 @@ * limitations under the License. */ -variable "name" { - default = "tf-lb-https-gke" -} - -variable "service_port" { - default = "30000" -} - -variable "service_port_name" { - default = "http" -} - -variable "target_tags" { - default = "tf-lb-https-gke" -} - -variable "backend" {} - -data "google_client_config" "current" {} - -variable "region" { - default = "us-central1" -} - -variable "zone" { - default = "us-central1-f" -} - -variable "network_name" { - default = "default" -} - -variable "service_account" { - type = object({ - email = string, - scopes = list(string) - }) - default = { - email = "" - scopes = [ - "cloud-platform"] - } -} - -variable "project" { - type = string -} - provider "google" { project = var.project - version = "~> 2.7.0" } provider "google-beta" { project = var.project - version = "~> 2.7.0" } +data "google_client_config" "current" {} + module "gce-lb-https" { project = var.project source = "../../" @@ -169,7 +121,3 @@ resource "google_storage_object_acl" "image-acl" { object = google_storage_bucket_object.image.name predefined_acl = "publicRead" } - -output "load-balancer-ip" { - value = module.gce-lb-https.external_ip -} diff --git a/examples/https-gke/outputs.tf b/examples/https-gke/outputs.tf new file mode 100644 index 00000000..8d8a2c9e --- /dev/null +++ b/examples/https-gke/outputs.tf @@ -0,0 +1,19 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "load-balancer-ip" { + value = module.gce-lb-https.external_ip +} diff --git a/examples/https-gke/test.sh b/examples/https-gke/test.sh index b6fb965a..2113581e 100755 --- a/examples/https-gke/test.sh +++ b/examples/https-gke/test.sh @@ -1,18 +1,18 @@ #!/usr/bin/env bash -set -x +set -x set -e URL="https://$(terraform output load-balancer-ip)" status=0 count=0 -while [[ $count -lt 720 && $status -ne 200 ]]; do +while [[ ${count} -lt 720 && ${status} -ne 200 ]]; do echo "INFO: Waiting for load balancer..." status=$(curl -sfk -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) ((count=count+1)) sleep 5 done -if [[ $count -lt 720 ]]; then +if [[ ${count} -lt 720 ]]; then echo "INFO: PASS. Load balancer is ready." else echo "ERROR: Failed. Load balancer never became ready." diff --git a/examples/https-gke/variables.tf b/examples/https-gke/variables.tf new file mode 100644 index 00000000..07e9b092 --- /dev/null +++ b/examples/https-gke/variables.tf @@ -0,0 +1,62 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +variable "name" { + default = "tf-lb-https-gke" +} + +variable "service_port" { + default = "30000" +} + +variable "service_port_name" { + default = "http" +} + +variable "target_tags" { + default = "tf-lb-https-gke" +} + +variable "backend" {} + +variable "region" { + default = "us-central1" +} + +variable "zone" { + default = "us-central1-f" +} + +variable "network_name" { + default = "default" +} + +variable "service_account" { + type = object({ + email = string, + scopes = list(string) + }) + default = { + email = "" + scopes = [ + "cloud-platform"] + } +} + +variable "project" { + type = string +} diff --git a/examples/mig-nat-http-lb/main.tf b/examples/mig-nat-http-lb/main.tf index 6e4a82dc..5f1346f7 100644 --- a/examples/mig-nat-http-lb/main.tf +++ b/examples/mig-nat-http-lb/main.tf @@ -14,47 +14,17 @@ * limitations under the License. */ -variable "region" { - default = "us-west1" -} - -variable "zone" { - default = "us-west1-b" -} - -variable "network_name" { - default = "tf-lb-http-mig-nat" -} - -variable "service_account" { - type = object({ - email = string, - scopes = list(string) - }) - default = { - email = "" - scopes = [ - "cloud-platform"] - } -} - -variable "project" { - type = string -} - provider "google" { project = var.project - version = "~> 2.7.0" } provider "google-beta" { project = var.project - version = "~> 2.7.0" } resource "google_compute_network" "default" { name = var.network_name - auto_create_subnetworks = "false" + auto_create_subnetworks = false } resource "google_compute_subnetwork" "default" { @@ -139,7 +109,3 @@ module "gce-lb-http" { "/,http,80,10", ] } - -output "load-balancer-ip" { - value = module.gce-lb-http.external_ip -} diff --git a/examples/mig-nat-http-lb/outputs.tf b/examples/mig-nat-http-lb/outputs.tf new file mode 100644 index 00000000..a8cd1a29 --- /dev/null +++ b/examples/mig-nat-http-lb/outputs.tf @@ -0,0 +1,23 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "load-balancer-ip" { + value = module.gce-lb-http.external_ip +} + +output "backend_services" { + value = module.gce-lb-http.backend_services +} diff --git a/examples/mig-nat-http-lb/test.sh b/examples/mig-nat-http-lb/test.sh index 4edd74f2..e326a527 100755 --- a/examples/mig-nat-http-lb/test.sh +++ b/examples/mig-nat-http-lb/test.sh @@ -1,18 +1,18 @@ #!/usr/bin/env bash -set -x +set -x set -e URL="http://$(terraform output load-balancer-ip)" status=0 count=0 -while [[ $count -lt 720 && $status -ne 200 ]]; do +while [[ ${count} -lt 720 && ${status} -ne 200 ]]; do echo "INFO: Waiting for load balancer..." status=$(curl -sf -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) ((count=count+1)) sleep 5 done -if [[ $count -lt 720 ]]; then +if [[ ${count} -lt 720 ]]; then echo "INFO: PASS" else echo "ERROR: Failed" diff --git a/examples/mig-nat-http-lb/variables.tf b/examples/mig-nat-http-lb/variables.tf new file mode 100644 index 00000000..1652d3ac --- /dev/null +++ b/examples/mig-nat-http-lb/variables.tf @@ -0,0 +1,43 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "region" { + default = "us-west1" +} + +variable "zone" { + default = "us-west1-b" +} + +variable "network_name" { + default = "tf-lb-http-mig-nat" +} + +variable "service_account" { + type = object({ + email = string, + scopes = list(string) + }) + default = { + email = "" + scopes = [ + "cloud-platform"] + } +} + +variable "project" { + type = string +} diff --git a/examples/multi-backend-multi-mig-bucket-https-lb/main.tf b/examples/multi-backend-multi-mig-bucket-https-lb/main.tf index 9aa3b40e..51573249 100644 --- a/examples/multi-backend-multi-mig-bucket-https-lb/main.tf +++ b/examples/multi-backend-multi-mig-bucket-https-lb/main.tf @@ -14,58 +14,12 @@ * limitations under the License. */ -variable "group1_region" { - default = "us-west1" -} - -variable "group1_zone" { - default = "us-west1-a" -} - -variable "group2_region" { - default = "us-central1" -} - -variable "group2_zone" { - default = "us-central1-f" -} - -variable "group3_region" { - default = "us-east1" -} - -variable "group3_zone" { - default = "us-east1-b" -} - -variable "network_name" { - default = "ml-bk-ml-mig-bkt-s-lb" -} - -variable "service_account" { - type = object({ - email = string, - scopes = list(string) - }) - default = { - email = "" - scopes = [ - "cloud-platform"] - } -} - -variable "project" { - type = string -} - provider "google" { project = var.project - version = "~> 2.7.0" } provider "google-beta" { project = var.project - version = "~> 2.7.0" } resource "google_compute_network" "default" { @@ -285,23 +239,3 @@ resource "google_storage_object_acl" "image-acl" { object = google_storage_bucket_object.image.name predefined_acl = "publicRead" } - -output "group1_region" { - value = var.group1_region -} - -output "group2_region" { - value = var.group2_region -} - -output "group3_region" { - value = var.group3_region -} - -output "load-balancer-ip" { - value = module.gce-lb-https.external_ip -} - -output "asset-url" { - value = "https://${module.gce-lb-https.external_ip}/assets/gcp-logo.svg" -} diff --git a/examples/multi-backend-multi-mig-bucket-https-lb/outputs.tf b/examples/multi-backend-multi-mig-bucket-https-lb/outputs.tf new file mode 100644 index 00000000..7c6ca4ef --- /dev/null +++ b/examples/multi-backend-multi-mig-bucket-https-lb/outputs.tf @@ -0,0 +1,35 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "group1_region" { + value = var.group1_region +} + +output "group2_region" { + value = var.group2_region +} + +output "group3_region" { + value = var.group3_region +} + +output "load-balancer-ip" { + value = module.gce-lb-https.external_ip +} + +output "asset-url" { + value = "https://${module.gce-lb-https.external_ip}/assets/gcp-logo.svg" +} diff --git a/examples/multi-backend-multi-mig-bucket-https-lb/test.sh b/examples/multi-backend-multi-mig-bucket-https-lb/test.sh index ac54d7df..06da3a8e 100755 --- a/examples/multi-backend-multi-mig-bucket-https-lb/test.sh +++ b/examples/multi-backend-multi-mig-bucket-https-lb/test.sh @@ -1,18 +1,18 @@ #!/usr/bin/env bash -set -x +set -x set -e URL="https://$(terraform output load-balancer-ip)" status=0 count=0 -while [[ $count -lt 720 && $status -ne 200 ]]; do +while [[ ${count} -lt 720 && ${status} -ne 200 ]]; do echo "INFO: Waiting for load balancer..." status=$(curl -sfk -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) ((count=count+1)) sleep 5 done -if [[ $count -lt 720 ]]; then +if [[ ${count} -lt 720 ]]; then echo "INFO: PASS. Load balancer is ready." else echo "ERROR: Failed. Load balancer never became ready." @@ -23,7 +23,7 @@ function checkPattern() { local URL=$1 local pattern="$2" local count=0 - while [[ $count -lt 120 ]]; do + while [[ ${count} -lt 120 ]]; do echo "INFO: Checking ${URL} for text: '$pattern'..." if curl -sfkL -m 5 "${URL}" | egrep -q "${pattern}"; then echo "INFO: PASS. Found pattern: '$pattern'" @@ -38,10 +38,10 @@ function checkPattern() { function checkFile() { local URL=$1 local count=0 - while [[ $count -lt 120 ]]; do + while [[ ${count} -lt 120 ]]; do echo "INFO: Checking ${URL}..." status=$(curl -sfk -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) - if [[ $status -eq 200 ]]; then + if [[ ${status} -eq 200 ]]; then echo "INFO: PASS" return 0 fi diff --git a/examples/multi-backend-multi-mig-bucket-https-lb/variables.tf b/examples/multi-backend-multi-mig-bucket-https-lb/variables.tf new file mode 100644 index 00000000..99b73903 --- /dev/null +++ b/examples/multi-backend-multi-mig-bucket-https-lb/variables.tf @@ -0,0 +1,59 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "group1_region" { + default = "us-west1" +} + +variable "group1_zone" { + default = "us-west1-a" +} + +variable "group2_region" { + default = "us-central1" +} + +variable "group2_zone" { + default = "us-central1-f" +} + +variable "group3_region" { + default = "us-east1" +} + +variable "group3_zone" { + default = "us-east1-b" +} + +variable "network_name" { + default = "ml-bk-ml-mig-bkt-s-lb" +} + +variable "service_account" { + type = object({ + email = string, + scopes = list(string) + }) + default = { + email = "" + scopes = [ + "cloud-platform"] + } +} + +variable "project" { + type = string +} diff --git a/examples/multi-mig-http-lb/mig.tf b/examples/multi-mig-http-lb/mig.tf index 3f6cbe6d..a1b892cd 100644 --- a/examples/multi-mig-http-lb/mig.tf +++ b/examples/multi-mig-http-lb/mig.tf @@ -16,12 +16,10 @@ provider "google" { project = var.project - version = "~> 2.7.0" } provider "google-beta" { project = var.project - version = "~> 2.7.0" } data "template_file" "group-startup-script" { diff --git a/examples/multi-mig-http-lb/test.sh b/examples/multi-mig-http-lb/test.sh index 4edd74f2..e326a527 100755 --- a/examples/multi-mig-http-lb/test.sh +++ b/examples/multi-mig-http-lb/test.sh @@ -1,18 +1,18 @@ #!/usr/bin/env bash -set -x +set -x set -e URL="http://$(terraform output load-balancer-ip)" status=0 count=0 -while [[ $count -lt 720 && $status -ne 200 ]]; do +while [[ ${count} -lt 720 && ${status} -ne 200 ]]; do echo "INFO: Waiting for load balancer..." status=$(curl -sf -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) ((count=count+1)) sleep 5 done -if [[ $count -lt 720 ]]; then +if [[ ${count} -lt 720 ]]; then echo "INFO: PASS" else echo "ERROR: Failed" diff --git a/examples/multiple-certs/main.tf b/examples/multiple-certs/main.tf index 5ef3aa30..32f4d97b 100644 --- a/examples/multiple-certs/main.tf +++ b/examples/multiple-certs/main.tf @@ -14,58 +14,12 @@ * limitations under the License. */ -variable "group1_region" { - default = "us-west1" -} - -variable "group1_zone" { - default = "us-west1-a" -} - -variable "group2_region" { - default = "us-central1" -} - -variable "group2_zone" { - default = "us-central1-f" -} - -variable "group3_region" { - default = "us-east1" -} - -variable "group3_zone" { - default = "us-east1-b" -} - -variable "network_name" { - default = "tf-lb-https-multi-cert" -} - -variable "service_account" { - type = object({ - email = string, - scopes = list(string) - }) - default = { - email = "" - scopes = [ - "cloud-platform"] - } -} - -variable "project" { - type = string -} - provider "google" { project = var.project - version = "~> 2.7.0" } provider "google-beta" { project = var.project - version = "~> 2.7.0" } resource "google_compute_network" "default" { @@ -285,23 +239,3 @@ resource "google_storage_object_acl" "image-acl" { object = google_storage_bucket_object.image.name predefined_acl = "publicRead" } - -output "group1_region" { - value = var.group1_region -} - -output "group2_region" { - value = var.group2_region -} - -output "group3_region" { - value = var.group3_region -} - -output "load-balancer-ip" { - value = module.gce-lb-https.external_ip -} - -output "asset-url" { - value = "https://${module.gce-lb-https.external_ip}/assets/gcp-logo.svg" -} diff --git a/examples/multiple-certs/outputs.tf b/examples/multiple-certs/outputs.tf new file mode 100644 index 00000000..7c6ca4ef --- /dev/null +++ b/examples/multiple-certs/outputs.tf @@ -0,0 +1,35 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "group1_region" { + value = var.group1_region +} + +output "group2_region" { + value = var.group2_region +} + +output "group3_region" { + value = var.group3_region +} + +output "load-balancer-ip" { + value = module.gce-lb-https.external_ip +} + +output "asset-url" { + value = "https://${module.gce-lb-https.external_ip}/assets/gcp-logo.svg" +} diff --git a/examples/multiple-certs/test.sh b/examples/multiple-certs/test.sh index 8407c12c..56588877 100755 --- a/examples/multiple-certs/test.sh +++ b/examples/multiple-certs/test.sh @@ -1,18 +1,18 @@ #!/usr/bin/env bash -set -x +set -x set -e URL="https://$(terraform output load-balancer-ip)" status=0 count=0 -while [[ $count -lt 720 && $status -ne 200 ]]; do +while [[ ${count} -lt 720 && ${status} -ne 200 ]]; do echo "INFO: Waiting for load balancer..." status=$(curl -sfk -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true) ((count=count+1)) sleep 5 done -if [[ $count -lt 720 ]]; then +if [[ ${count} -lt 720 ]]; then echo "INFO: PASS. Load balancer is ready." else echo "ERROR: Failed. Load balancer never became ready." @@ -23,7 +23,7 @@ function checkPattern() { local URL=$1 local pattern="$2" local count=0 - while [[ $count -lt 120 ]]; do + while [[ ${count} -lt 120 ]]; do echo "INFO: Checking ${URL} for text: '$pattern'..." if curl -sfkL -m 5 "${URL}" | egrep -q "${pattern}"; then echo "INFO: PASS. Found pattern: '$pattern'" @@ -41,7 +41,7 @@ checkPattern ${URL}/group3 "$(terraform output group3_region)" status=0 status=$(curl -sfk -m 5 -o /dev/null -w "%{http_code}" "$(terraform output asset-url)" || true) -if [[ $status -eq 200 ]]; then +if [[ ${status} -eq 200 ]]; then echo "INFO: PASS. Assets served from GCS bucket." else echo "ERROR: Failed, could not get asset from bucket." diff --git a/examples/multiple-certs/variables.tf b/examples/multiple-certs/variables.tf new file mode 100644 index 00000000..245208c2 --- /dev/null +++ b/examples/multiple-certs/variables.tf @@ -0,0 +1,59 @@ +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "group1_region" { + default = "us-west1" +} + +variable "group1_zone" { + default = "us-west1-a" +} + +variable "group2_region" { + default = "us-central1" +} + +variable "group2_zone" { + default = "us-central1-f" +} + +variable "group3_region" { + default = "us-east1" +} + +variable "group3_zone" { + default = "us-east1-b" +} + +variable "network_name" { + default = "tf-lb-https-multi-cert" +} + +variable "service_account" { + type = object({ + email = string, + scopes = list(string) + }) + default = { + email = "" + scopes = [ + "cloud-platform"] + } +} + +variable "project" { + type = string +} diff --git a/examples/shared-vpc/main.tf b/examples/shared-vpc/main.tf index afd7e8f6..70b77a70 100644 --- a/examples/shared-vpc/main.tf +++ b/examples/shared-vpc/main.tf @@ -16,13 +16,11 @@ provider "google" { project = var.service_project - version = "~> 2.7.0" region = var.region } provider "google-beta" { project = var.service_project - version = "~> 2.7.0" region = var.region } diff --git a/examples/terraform-install.sh b/examples/terraform-install.sh index 8431b57c..c5f91818 100755 --- a/examples/terraform-install.sh +++ b/examples/terraform-install.sh @@ -11,11 +11,11 @@ function terraform-install() { if [[ -z $(grep 'export PATH=${HOME}/bin:${PATH}' ~/.bashrc 2>/dev/null) ]]; then echo 'export PATH=${HOME}/bin:${PATH}' >> ~/.bashrc fi - + echo "Installed: `${HOME}/bin/terraform version`" - - cat - << EOF - + + cat - << EOF + Run the following to reload your PATH with terraform: source ~/.bashrc diff --git a/main.tf b/main.tf index 6e793112..d8e5e097 100644 --- a/main.tf +++ b/main.tf @@ -21,8 +21,6 @@ resource "google_compute_global_forwarding_rule" "http" { target = google_compute_target_http_proxy.default[0].self_link ip_address = google_compute_global_address.default.address port_range = "80" - depends_on = [ - google_compute_global_address.default] } resource "google_compute_global_forwarding_rule" "https" { @@ -32,8 +30,6 @@ resource "google_compute_global_forwarding_rule" "https" { target = google_compute_target_https_proxy.default[0].self_link ip_address = google_compute_global_address.default.address port_range = "443" - depends_on = [ - google_compute_global_address.default] } resource "google_compute_global_address" "default" { @@ -66,7 +62,7 @@ resource "google_compute_target_https_proxy" "default" { resource "google_compute_ssl_certificate" "default" { project = var.project - count = var.ssl && false == var.use_ssl_certificates ? 1 : 0 + count = var.ssl && !var.use_ssl_certificates ? 1 : 0 name_prefix = "${var.name}-certificate-" private_key = var.private_key certificate = var.certificate @@ -118,12 +114,11 @@ resource "google_compute_http_health_check" "default" { port = split(",", var.backend_params[count.index])[2] } -# Create firewall rule for each backend in each network specified, uses mod behavior of element(). resource "google_compute_firewall" "default-hc" { - count = length(var.firewall_networks) == 1 ? length(var.firewall_networks) * length(distinct(var.backend_params)) : length(var.firewall_networks) * length(var.backend_params) + count = length(var.firewall_networks) project = length(var.firewall_networks) == 1 && var.firewall_projects[0] == "default" ? var.project : var.firewall_projects[count.index] name = "${var.name}-hc-${count.index}" - network = length(var.firewall_networks) == 1 ? var.firewall_networks[0] : var.firewall_networks[count.index] + network = var.firewall_networks[count.index] source_ranges = [ "130.211.0.0/22", "35.191.0.0/16", diff --git a/outputs.tf b/outputs.tf index 307886a1..4b141ab0 100644 --- a/outputs.tf +++ b/outputs.tf @@ -16,7 +16,7 @@ output "backend_services" { description = "The backend service resources." - value = [for i in range(length(google_compute_backend_service.default)) : google_compute_backend_service.default[i].self_link] + value = google_compute_backend_service.default[*].self_link } output "external_ip" { diff --git a/variables.tf b/variables.tf index 62dac9d2..21a78bf8 100644 --- a/variables.tf +++ b/variables.tf @@ -57,7 +57,9 @@ variable "target_tags" { variable "backends" { description = "Map backend indices to list of backend maps." - type = map(list(map(string))) + type = map(list(object({ + group = string + }))) } variable "backend_params" { diff --git a/versions.tf b/versions.tf index ee879c77..5bc25e41 100644 --- a/versions.tf +++ b/versions.tf @@ -1,13 +1,23 @@ -provider "google" { - project = var.project - version = "~> 2.7.0" -} - -provider "google-beta" { - project = var.project - version = "~> 2.7.0" -} +/* + * Copyright 2019 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ terraform { - required_version = ">= 0.12" + required_version = "~> 0.12" + required_providers { + google = "~> 2.7.0" + google-beta = "~> 2.7.0" + } }