Merge pull request #53 from dippynark/terraform-v0.12-support

Terraform v0.12 support
jetstack · Oct 16, 2019 · 67d5537 · 67d5537
2 parents d85a81a + 8e1820a
commit 67d5537
Show file tree

Hide file tree

Showing 7 changed files with 147 additions and 132 deletions.
diff --git a/README.md b/README.md
@@ -66,7 +66,7 @@ It can be used directly from the Terraform Registry like so:
 ```
 module "gke-cluster" {
   source  = "jetstack/gke-cluster/google"
-  version = "0.1.0"
+  version = "0.2.0-alpha1"
 
   # insert the 9 required variables here
 }

diff --git a/example/main.tf b/example/main.tf
@@ -13,10 +13,7 @@
 # limitations under the License.
 
 terraform {
-  # This project requires a terraform version >= 0.11 but < 0.12. This is
-  # because the module is only tested with 0.11 ,and has not yet been upgraded
-  # to use the new 0.12 syntax.
-  required_version = "~> 0.11"
+  required_version = "~> 0.12"
 
   # Use a GCS Bucket as a backend
   backend "gcs" {}
@@ -26,19 +23,19 @@ terraform {
 # times within a module. They are used here to determine the GCP region from
 # the given location, which can be either a region or zone.
 locals {
-  gcp_location_parts = ["${split("-", var.gcp_location)}"]
-  gcp_region         = "${local.gcp_location_parts[0]}-${local.gcp_location_parts[1]}"
+  gcp_location_parts = split("-", var.gcp_location)
+  gcp_region         = format("%s-%s", local.gcp_location_parts[0], local.gcp_location_parts[1])
 }
 
 # https://www.terraform.io/docs/providers/google/index.html
 provider "google" {
   version = "2.5.1"
-  project = "${var.gcp_project_id}"
-  region  = "${local.gcp_region}"
+  project = var.gcp_project_id
+  region  = local.gcp_region
 }
 
 resource "google_compute_network" "vpc_network" {
-  name                    = "${var.vpc_network_name}"
+  name                    = var.vpc_network_name
   auto_create_subnetworks = "false"
 }
 
@@ -52,60 +49,58 @@ resource "google_compute_subnetwork" "vpc_subnetwork" {
   # a dash, lowercase letter, or digit, except the last character, which
   # cannot be a dash.
   #name = "default-${var.gcp_cluster_region}"
-  name = "${var.vpc_subnetwork_name}"
+  name = var.vpc_subnetwork_name
 
-  ip_cidr_range = "${var.vpc_subnetwork_cidr_range}"
+  ip_cidr_range = var.vpc_subnetwork_cidr_range
 
   # The network this subnet belongs to. Only networks that are in the
   # distributed mode can have subnetworks.
-  network = "${var.vpc_network_name}"
+  network = var.vpc_network_name
 
-  # An array of configurations for secondary IP ranges for VM instances
-  # contained in this subnetwork. The primary IP of such VM must belong to the
-  # primary ipCidrRange of the subnetwork. The alias IPs may belong to either
-  # primary or secondary ranges.
-  secondary_ip_range = [
-    {
-      range_name    = "${var.cluster_secondary_range_name}"
-      ip_cidr_range = "${var.cluster_secondary_range_cidr}"
-    },
-    {
-      range_name    = "${var.services_secondary_range_name}"
-      ip_cidr_range = "${var.services_secondary_range_cidr}"
-    },
-  ]
+  # Configurations for secondary IP ranges for VM instances contained in this
+  # subnetwork. The primary IP of such VM must belong to the primary ipCidrRange
+  # of the subnetwork. The alias IPs may belong to either primary or secondary
+  # ranges.
+  secondary_ip_range {
+    range_name    = var.cluster_secondary_range_name
+    ip_cidr_range = var.cluster_secondary_range_cidr
+  }
+  secondary_ip_range {
+    range_name    = var.services_secondary_range_name
+    ip_cidr_range = var.services_secondary_range_cidr
+  }
 
   # When enabled, VMs in this subnetwork without external IP addresses can
   # access Google APIs and services by using Private Google Access. This is
   # set explicitly to prevent Google's default from fighting with Terraform.
   private_ip_google_access = true
 
   depends_on = [
-    "google_compute_network.vpc_network",
+    google_compute_network.vpc_network,
   ]
 }
 
 module "cluster" {
   source  = "jetstack/gke-cluster/google"
-  version = "0.1.0"
+  version = "0.2.0-alpha1"
 
   # These values are set from the terrafrom.tfvas file
-  gcp_project_id                         = "${var.gcp_project_id}"
-  cluster_name                           = "${var.cluster_name}"
-  gcp_location                           = "${var.gcp_location}"
-  daily_maintenance_window_start_time    = "${var.daily_maintenance_window_start_time}"
-  node_pools                             = "${var.node_pools}"
-  cluster_secondary_range_name           = "${var.cluster_secondary_range_name}"
-  services_secondary_range_name          = "${var.services_secondary_range_name}"
-  master_ipv4_cidr_block                 = "${var.master_ipv4_cidr_block}"
-  access_private_images                  = "${var.access_private_images}"
-  http_load_balancing_disabled           = "${var.http_load_balancing_disabled}"
-  master_authorized_networks_cidr_blocks = "${var.master_authorized_networks_cidr_blocks}"
+  gcp_project_id                         = var.gcp_project_id
+  cluster_name                           = var.cluster_name
+  gcp_location                           = var.gcp_location
+  daily_maintenance_window_start_time    = var.daily_maintenance_window_start_time
+  node_pools                             = var.node_pools
+  cluster_secondary_range_name           = var.cluster_secondary_range_name
+  services_secondary_range_name          = var.services_secondary_range_name
+  master_ipv4_cidr_block                 = var.master_ipv4_cidr_block
+  access_private_images                  = var.access_private_images
+  http_load_balancing_disabled           = var.http_load_balancing_disabled
+  master_authorized_networks_cidr_blocks = var.master_authorized_networks_cidr_blocks
 
   # Refer to the vpc-network and vpc-subnetwork by the name value on the
   # resource, rather than the variable used to assign the name, so that
   # Terraform knows they must be created before creating the cluster
-  vpc_network_name = "${google_compute_network.vpc_network.name}"
 
-  vpc_subnetwork_name = "${google_compute_subnetwork.vpc_subnetwork.name}"
+  vpc_network_name    = google_compute_network.vpc_network.name
+  vpc_subnetwork_name = google_compute_subnetwork.vpc_subnetwork.name
 }
diff --git a/example/variables.tf b/example/variables.tf
@@ -13,23 +13,23 @@
 # limitations under the License.
 
 variable "gcp_project_id" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The ID of the project in which the resources belong.
 EOF
 }
 
 variable "cluster_name" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The name of the cluster, unique within the project and zone.
 EOF
 }
 
 variable "gcp_location" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The location (region or zone) in which the cluster master will be created,
@@ -46,7 +46,7 @@ EOF
 }
 
 variable "daily_maintenance_window_start_time" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The start time of the 4 hour window for daily maintenance operations RFC3339
@@ -55,7 +55,7 @@ EOF
 }
 
 variable "node_pools" {
-  type = "list"
+  type = list(map(string))
 
   description = <<EOF
 The list of node pool configurations, each should include:
@@ -96,7 +96,7 @@ EOF
 }
 
 variable "vpc_network_name" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The name of the Google Compute Engine network to which the cluster is
@@ -105,7 +105,7 @@ EOF
 }
 
 variable "vpc_subnetwork_name" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The name of the Google Compute Engine subnetwork in which the cluster's
@@ -114,11 +114,11 @@ EOF
 }
 
 variable "vpc_subnetwork_cidr_range" {
-  type = "string"
+  type = string
 }
 
 variable "cluster_secondary_range_name" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The name of the secondary range to be used as for the cluster CIDR block.
@@ -128,11 +128,11 @@ EOF
 }
 
 variable "cluster_secondary_range_cidr" {
-  type = "string"
+  type = string
 }
 
 variable "services_secondary_range_name" {
-  type = "string"
+  type = string
 
   description = <<EOF
 The name of the secondary range to be used as for the services CIDR block.
@@ -142,11 +142,11 @@ EOF
 }
 
 variable "services_secondary_range_cidr" {
-  type = "string"
+  type = string
 }
 
 variable "master_ipv4_cidr_block" {
-  type    = "string"
+  type    = string
   default = "172.16.0.0/28"
 
   description = <<EOF
@@ -158,7 +158,7 @@ EOF
 }
 
 variable "access_private_images" {
-  type    = "string"
+  type    = string
   default = "false"
 
   description = <<EOF
@@ -168,7 +168,7 @@ EOF
 }
 
 variable "http_load_balancing_disabled" {
-  type    = "string"
+  type    = string
   default = "false"
 
   description = <<EOF
@@ -179,18 +179,19 @@ EOF
 }
 
 variable "master_authorized_networks_cidr_blocks" {
-  type = "list"
-
-  default = [{
-    # External network that can access Kubernetes master through HTTPS. Must
-    # be specified in CIDR notation. This block should allow access from any
-    # address, but is given explicitly to prevernt Google's defaults from
-    # fighting with Terraform.
-    cidr_block = "0.0.0.0/0"
-
-    # Field for users to identify CIDR blocks.
-    display_name = "default"
-  }]
+  type = list(map(string))
+
+  default = [
+    {
+      # External network that can access Kubernetes master through HTTPS. Must
+      # be specified in CIDR notation. This block should allow access from any
+      # address, but is given explicitly to prevernt Google's defaults from
+      # fighting with Terraform.
+      cidr_block = "0.0.0.0/0"
+      # Field for users to identify CIDR blocks.
+      display_name = "default"
+    },
+  ]
 
   description = <<EOF
 Defines up to 20 external networks that can access Kubernetes master

diff --git a/hack/verify.sh b/hack/verify.sh
@@ -23,7 +23,7 @@ REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." >/dev/null 2>&1 && pwd )"
 
 # Make temporary directory to use for testing and enter it
 VERIFY_DIR="${REPO_ROOT}/verify"
-mkdir "$VERIFY_DIR"
+mkdir -p "$VERIFY_DIR"
 pushd "$VERIFY_DIR"
 
 # Determine OS type and architecture to get the correct Terraform binary.
@@ -49,9 +49,7 @@ fi
 
 # Checks the Terraform version used by the module, download the Terraform binary
 # for that version
-if grep "required_version.*0.11.*" "${REPO_ROOT}/main.tf"; then
-    TERRAFORM_VERSION="0.11.14"
-elif grep "required_version.*0.12.*" "${REPO_ROOT}/main.tf"; then
+if grep "required_version.*0.12.*" "${REPO_ROOT}/main.tf"; then
     TERRAFORM_VERSION="0.12.4"
 else
     echo "Terraform version is not supported or could not be found."
@@ -81,7 +79,7 @@ cp "${REPO_ROOT}/example/terraform.tfvars.example" terraform.tfvars
 # Remove the requirement for a GCS backend so we can init and validate locally
 perl -i -0pe 's/(\s*)backend "gcs" \{\n?\s*\n?\s*\}/\1# GCS bucket not used for testing/gms' main.tf
 # Use the local version of the module, not the Terraform Registry version, and remove the version specification
-perl -i -0pe 's/(\s*)source*\s*= "jetstack\/gke-cluster\/google"\n\s*version = "0.1.0-beta2"/\1source = "..\/"/gms' main.tf
+perl -i -0pe 's/(\s*)source*\s*= "jetstack\/gke-cluster\/google"\n\s*version = "0.2.0-alpha1"/\1source = "..\/"/gms' main.tf
 
 # Initialise and validate the generated test project
 $TERRAFORM init

diff --git a/iam.tf b/iam.tf
@@ -44,7 +44,7 @@ resource "google_project_iam_member" "monitoring-viewer" {
 }
 
 resource "google_project_iam_member" "storage-object-viewer" {
-  count  = "${var.access_private_images == "true" ? 1 : 0}"
+  count  = var.access_private_images == "true" ? 1 : 0
   role   = "roles/storage.objectViewer"
   member = "serviceAccount:${google_service_account.default.email}"
 }