From c9bc950faea81556d8fa8e6d5e9783522b9cfb99 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Fri, 22 Nov 2024 18:40:26 +0530 Subject: [PATCH 1/2] variable refactoring --- locals.tf | 6 +++--- postgres.tf | 15 +++++++------- variables.tf | 55 ++++++++++++++++++++++++++++++++-------------------- 3 files changed, 45 insertions(+), 31 deletions(-) diff --git a/locals.tf b/locals.tf index d95e0a1..b7f06de 100644 --- a/locals.tf +++ b/locals.tf @@ -1,8 +1,8 @@ locals { - truefoundry_unique_name = substr(replace(var.unique_name, "-", ""), 0, 20) - svcfoundry_unique_name = substr(replace("svc-${var.unique_name}", "-", ""), 0, 20) - mlfoundry_unique_name = substr(replace("mlf-${var.unique_name}", "-", ""), 0, 20) + truefoundry_unique_name = substr(replace(var.cluster_name, "-", ""), 0, 20) + svcfoundry_unique_name = substr(replace("svc-${var.cluster_name}", "-", ""), 0, 20) + mlfoundry_unique_name = substr(replace("mlf-${var.cluster_name}", "-", ""), 0, 20) # truefoundry_db_port = 5432 truefoundry_db_master_username = "truefoundry_root" diff --git a/postgres.tf b/postgres.tf index b661ed7..3f1031b 100644 --- a/postgres.tf +++ b/postgres.tf @@ -6,7 +6,7 @@ resource "random_password" "truefoundry_db_password" { resource "azurerm_subnet" "postgresql_flexible_subnet" { count = var.create_db ? 1 : 0 - name = replace("${var.unique_name}-postgres", "-", "") + name = replace("${var.cluster_name}-postgres", "-", "") resource_group_name = var.resource_group_name virtual_network_name = var.truefoundry_db_vnet_name address_prefixes = [var.truefoundry_db_subnet_cidr] @@ -24,18 +24,19 @@ resource "azurerm_subnet" "postgresql_flexible_subnet" { resource "azurerm_postgresql_flexible_server" "postgresql_flexible" { count = var.create_db ? 1 : 0 - name = var.truefoundry_db_enable_override ? var.truefoundry_db_override_name : "${var.unique_name}-psql" + name = var.truefoundry_db_enable_override ? var.truefoundry_db_override_name : "${var.cluster_name}-psql" resource_group_name = var.resource_group_name location = var.location version = var.postgres_version authentication { password_auth_enabled = true } - administrator_login = local.truefoundry_db_master_username - administrator_password = random_password.truefoundry_db_password.result - delegated_subnet_id = azurerm_subnet.postgresql_flexible_subnet[0].id - private_dns_zone_id = var.truefoundry_db_private_dns_zone_id - zone = "3" + administrator_login = local.truefoundry_db_master_username + administrator_password = random_password.truefoundry_db_password.result + public_network_access_enabled = false + delegated_subnet_id = azurerm_subnet.postgresql_flexible_subnet[0].id + private_dns_zone_id = var.truefoundry_db_private_dns_zone_id + zone = "3" high_availability { mode = "SameZone" standby_availability_zone = "3" diff --git a/variables.tf b/variables.tf index c11b16b..ce7d451 100644 --- a/variables.tf +++ b/variables.tf @@ -1,21 +1,22 @@ -variable "unique_name" { - description = "Truefoundry deployment unique name" - type = string - validation { - condition = length(var.unique_name) <= 24 - error_message = "Error: Unique name is too long." - } - validation { - condition = length(var.unique_name) >= 3 - error_message = "Error: Unique name is too short." - } -} + +################################################################################ +# Common +################################################################################ variable "resource_group_name" { description = "Name of the resource group" type = string } +variable "cluster_name" { + description = "Cluster name" + type = string + validation { + condition = length(var.cluster_name) <= 24 || length(var.cluster_name) >= 3 + error_message = "Error: 3 <= len(cluster_name) <= 24" + } +} + variable "location" { description = "Location of the resource group" type = string @@ -32,9 +33,9 @@ variable "cluster_oidc_url" { type = string } -##### Control Plane Components - -#### Database +################################################################################ +# Database +################################################################################ variable "create_db" { type = bool @@ -63,16 +64,19 @@ variable "truefoundry_db_enable_override" { variable "truefoundry_db_override_name" { type = string description = "Truefoundry db name override" + default = "" } variable "truefoundry_db_instance_class" { type = string description = "Instance class for DB" + default = "GP_Standard_D4ds_v5" } variable "truefoundry_db_allocated_storage" { type = number description = "Storage for DB" + default = 32768 } variable "truefoundry_db_require_ssl" { @@ -81,7 +85,6 @@ variable "truefoundry_db_require_ssl" { default = false } -#### Network variable "truefoundry_db_vnet_name" { description = "Name of the virtual network" type = string @@ -107,7 +110,9 @@ variable "truefoundry_db_allowed_ip_range_end_ip_address" { description = "IP range end address which is allowed to connect to DB" } -#### Azure Container Repository +################################################################################ +# Container Registry +################################################################################ variable "create_acr" { type = bool @@ -115,7 +120,9 @@ variable "create_acr" { default = false } -#### Azure KeyVault +################################################################################ +# Key vault +################################################################################ variable "create_kv" { type = bool @@ -123,7 +130,9 @@ variable "create_kv" { default = false } -#### Azure Storage +################################################################################ +# Storage account +################################################################################ variable "create_blob_storage" { type = bool @@ -131,7 +140,9 @@ variable "create_blob_storage" { default = false } -###### mlfoundry +################################################################################ +# Mlfoundry-server +################################################################################ variable "mlfoundry_svc_acc" { description = "Name of the mlfoundry service account" @@ -145,7 +156,9 @@ variable "mlfoundry_namespace" { type = string } -###### svcfoundry +################################################################################ +# Servicefoundry-server +################################################################################ variable "svcfoundry_svc_acc" { description = "Name of the svcfoundry service account" From d62dee4afd32264d5e24809383a9cc9189298280 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 22 Nov 2024 13:13:47 +0000 Subject: [PATCH 2/2] terraform-docs: automated action --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 84013d0..390988a 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [cluster\_name](#input\_cluster\_name) | Cluster name | `string` | n/a | yes | | [cluster\_oidc\_url](#input\_cluster\_oidc\_url) | OIDC url for the cluster to create federated credential for | `string` | n/a | yes | | [create\_acr](#input\_create\_acr) | Create acr | `bool` | `false` | no | | [create\_blob\_storage](#input\_create\_blob\_storage) | Create blob storage | `bool` | `false` | no | @@ -62,17 +63,16 @@ No modules. | [svcfoundry\_namespace](#input\_svcfoundry\_namespace) | Name of the svcfoundry namespace | `string` | `"truefoundry"` | no | | [svcfoundry\_svc\_acc](#input\_svcfoundry\_svc\_acc) | Name of the svcfoundry service account | `string` | `"servicefoundry-server"` | no | | [tags](#input\_tags) | AWS Tags common to all the resources created | `map(string)` | `{}` | no | -| [truefoundry\_db\_allocated\_storage](#input\_truefoundry\_db\_allocated\_storage) | Storage for DB | `number` | n/a | yes | +| [truefoundry\_db\_allocated\_storage](#input\_truefoundry\_db\_allocated\_storage) | Storage for DB | `number` | `32768` | no | | [truefoundry\_db\_allowed\_ip\_range\_end\_ip\_address](#input\_truefoundry\_db\_allowed\_ip\_range\_end\_ip\_address) | IP range end address which is allowed to connect to DB | `string` | n/a | yes | | [truefoundry\_db\_allowed\_ip\_range\_start\_ip\_address](#input\_truefoundry\_db\_allowed\_ip\_range\_start\_ip\_address) | IP range start address which is allowed to connect to DB | `string` | n/a | yes | | [truefoundry\_db\_enable\_override](#input\_truefoundry\_db\_enable\_override) | Truefoundry db name override to be enabled | `bool` | `false` | no | -| [truefoundry\_db\_instance\_class](#input\_truefoundry\_db\_instance\_class) | Instance class for DB | `string` | n/a | yes | -| [truefoundry\_db\_override\_name](#input\_truefoundry\_db\_override\_name) | Truefoundry db name override | `string` | n/a | yes | +| [truefoundry\_db\_instance\_class](#input\_truefoundry\_db\_instance\_class) | Instance class for DB | `string` | `"GP_Standard_D4ds_v5"` | no | +| [truefoundry\_db\_override\_name](#input\_truefoundry\_db\_override\_name) | Truefoundry db name override | `string` | `""` | no | | [truefoundry\_db\_private\_dns\_zone\_id](#input\_truefoundry\_db\_private\_dns\_zone\_id) | Private DNS zone ID | `string` | n/a | yes | | [truefoundry\_db\_require\_ssl](#input\_truefoundry\_db\_require\_ssl) | Require SSL for DB | `bool` | `false` | no | | [truefoundry\_db\_subnet\_cidr](#input\_truefoundry\_db\_subnet\_cidr) | CIDR of the subnet which we should use for the db | `string` | n/a | yes | | [truefoundry\_db\_vnet\_name](#input\_truefoundry\_db\_vnet\_name) | Name of the virtual network | `string` | n/a | yes | -| [unique\_name](#input\_unique\_name) | Truefoundry deployment unique name | `string` | n/a | yes | ## Outputs