Updated the module version (#74)

* Adjust resource base name logic `var.worker_pool_id` has historically been effectively a free text field where users can enter any string usable as a worker pool identifier. For example, the pool's _name_ (rather than its ID). With the module's new support for an autoscaler, this doesn't work. The autoscaler requires the pool's _ID_. Make three changes: 0. Rename `local.namespace` to `local.base_name`. This is a less ambiguous term. 1. Add variable validation for `var.worker_pool_id` to ensure a real ID (ULID) is provided. 2. Add `var.base_name` which can optionally override the default local.base_name logic. * Update variables.tf * Update docs * update docs Updated the version of the module variable test variable test number2 Updated test variable for amd64 Updated test variable Updated variables for all tests Updated config file Updated config file variable Updated iam example and config file variable Updated config variables --------- Co-authored-by: Alex Jurkiewicz <[email protected]>
spacelift-io · Nov 21, 2023 · 164dff5 · 164dff5
1 parent 6dade54
commit 164dff5
Show file tree

Hide file tree

Showing 13 changed files with 49 additions and 24 deletions.
diff --git a/.spacelift/config.yml b/.spacelift/config.yml
@@ -1,23 +1,26 @@
 version: 1
-module_version: 2.0.0
+module_version: 2.1.0
 tests:
   - name: AMD64-based workerpool
     project_root: examples/amd64
     environment:
       TF_VAR_spacelift_api_key_id: "EXAMPLE0VOYU49U485BMZZVAWXU59VOW2"
       TF_VAR_spacelift_api_key_secret: "EXAMPLEf7anuofh4b6a4e43aplqt49099606de2mzbq4391tj1d3dc9872q23z8fvctu4kh"
       TF_VAR_spacelift_api_key_endpoint: "https://example.app.spacelift.io"
+      TF_VAR_worker_pool_id: "01HBD5QZ932J8EEH5GTBM1QMAS"
 
   - name: ARM64-based workerpool
     project_root: examples/arm64
     environment:
       TF_VAR_spacelift_api_key_id: "EXAMPLE0VOYU49U485BMZZVAWXU59VOW2"
       TF_VAR_spacelift_api_key_secret: "EXAMPLEf7anuofh4b6a4e43aplqt49099606de2mzbq4391tj1d3dc9872q23z8fvctu4kh"
       TF_VAR_spacelift_api_key_endpoint: "https://example.app.spacelift.io"
+      TF_VAR_worker_pool_id: "01HBD5QZ932J8AEH5GTBM1QMAS"
 
   - name: Custom IAM Role
     project_root: examples/custom-iam-role
     environment:
       TF_VAR_spacelift_api_key_id: "EXAMPLE0VOYU49U485BMZZVAWXU59VOW2"
       TF_VAR_spacelift_api_key_secret: "EXAMPLEf7anuofh4b6a4e43aplqt49099606de2mzbq4391tj1d3dc9872q23z8fvctu4kh"
       TF_VAR_spacelift_api_key_endpoint: "https://example.app.spacelift.io"
+      TF_VAR_worker_pool_id: "01HBD5QZ932J8CEH5GTBM1QMAS"
diff --git a/README.md b/README.md
@@ -19,7 +19,7 @@ terraform {
 }
 
 module "my_workerpool" {
-  source = "github.com/spacelift-io/terraform-aws-spacelift-workerpool-on-ec2?ref=v2.0.0"
+  source = "github.com/spacelift-io/terraform-aws-spacelift-workerpool-on-ec2?ref=v2.1.0"
 
   configuration = <<-EOT
     export SPACELIFT_TOKEN="${var.worker_pool_config}"
@@ -109,6 +109,7 @@ $ make docs
 | <a name="input_additional_tags"></a> [additional\_tags](#input\_additional\_tags) | Additional tags to set on the resources | `map(string)` | `{}` | no |
 | <a name="input_ami_id"></a> [ami\_id](#input\_ami\_id) | ID of the Spacelift AMI. If left empty, the latest Spacelift AMI will be used. | `string` | `""` | no |
 | <a name="input_autoscaler_version"></a> [autoscaler\_version](#input\_autoscaler\_version) | Version of the autoscaler to deploy | `string` | `"v0.2.0"` | no |
+| <a name="input_base_name"></a> [base\_name](#input\_base\_name) | Base name for resources. If unset, it defaults to `sp5ft-${var.worker_pool_id}`. | `string` | `null` | no |
 | <a name="input_configuration"></a> [configuration](#input\_configuration) | User configuration. This allows you to decide how you want to pass your token<br>  and private key to the environment - be that directly, or using SSM Parameter<br>  Store, Vault etc. Ultimately, here you need to export SPACELIFT\_TOKEN and<br>  SPACELIFT\_POOL\_PRIVATE\_KEY to the environment. | `string` | n/a | yes |
 | <a name="input_create_iam_role"></a> [create\_iam\_role](#input\_create\_iam\_role) | Determines whether an IAM role is created or to use an existing IAM role | `bool` | `true` | no |
 | <a name="input_custom_iam_role_name"></a> [custom\_iam\_role\_name](#input\_custom\_iam\_role\_name) | Name of an existing IAM to use. Used `when create_iam_role` = `false` | `string` | `""` | no |
@@ -131,7 +132,7 @@ $ make docs
 | <a name="input_volume_encryption_kms_key_id"></a> [volume\_encryption\_kms\_key\_id](#input\_volume\_encryption\_kms\_key\_id) | KMS key ID to use for encrypting the EBS volume | `string` | `null` | no |
 | <a name="input_volume_size"></a> [volume\_size](#input\_volume\_size) | Size of instance EBS volume | `number` | `40` | no |
 | <a name="input_vpc_subnets"></a> [vpc\_subnets](#input\_vpc\_subnets) | List of VPC subnets to use | `list(string)` | n/a | yes |
-| <a name="input_worker_pool_id"></a> [worker\_pool\_id](#input\_worker\_pool\_id) | ID of the the worker pool. It is used for the naming convention of the resources. | `string` | n/a | yes |
+| <a name="input_worker_pool_id"></a> [worker\_pool\_id](#input\_worker\_pool\_id) | ID (ULID) of the the worker pool. | `string` | n/a | yes |
 
 ## Outputs
 

diff --git a/asg.tf b/asg.tf
@@ -78,7 +78,7 @@ module "asg" {
   source  = "terraform-aws-modules/autoscaling/aws"
   version = "~> 6.0"
 
-  name = local.namespace
+  name = local.base_name
 
   iam_instance_profile_arn = aws_iam_instance_profile.this.arn
   image_id                 = var.ami_id != "" ? var.ami_id : data.aws_ami.this.id

diff --git a/autoscaler.tf b/autoscaler.tf
@@ -1,5 +1,5 @@
 locals {
-  function_name = "${local.namespace}-ec2-autoscaler"
+  function_name = "${local.base_name}-ec2-autoscaler"
 }
 
 resource "aws_ssm_parameter" "spacelift_api_key_secret" {

diff --git a/examples/amd64/main.tf b/examples/amd64/main.tf
@@ -29,8 +29,6 @@ data "aws_subnets" "this" {
   }
 }
 
-resource "random_pet" "this" {}
-
 #### Spacelift worker pool ####
 
 module "this" {
@@ -45,5 +43,5 @@ module "this" {
   spacelift_api_key_id       = var.spacelift_api_key_id
   spacelift_api_key_secret   = var.spacelift_api_key_secret
   vpc_subnets                = data.aws_subnets.this.ids
-  worker_pool_id             = random_pet.this.id
+  worker_pool_id             = var.worker_pool_id
 }
diff --git a/examples/amd64/variables.tf b/examples/amd64/variables.tf
@@ -12,4 +12,9 @@ variable "spacelift_api_key_secret" {
 variable "spacelift_api_key_endpoint" {
   type        = string
   description = "Full URL of the Spacelift API endpoint to use, eg. https://demo.app.spacelift.io"
+}
+
+variable "worker_pool_id" {
+  type        = string
+  description = "ID (ULID) of the the worker pool."
 }
diff --git a/examples/arm64/main.tf b/examples/arm64/main.tf
@@ -50,8 +50,6 @@ data "aws_ami" "this" {
   }
 }
 
-resource "random_pet" "this" {}
-
 #### Spacelift worker pool ####
 
 module "this" {
@@ -68,5 +66,5 @@ module "this" {
   spacelift_api_key_id       = var.spacelift_api_key_id
   spacelift_api_key_secret   = var.spacelift_api_key_secret
   vpc_subnets                = data.aws_subnets.this.ids
-  worker_pool_id             = random_pet.this.id
+  worker_pool_id             = var.worker_pool_id
 }
diff --git a/examples/arm64/variables.tf b/examples/arm64/variables.tf
@@ -12,4 +12,9 @@ variable "spacelift_api_key_secret" {
 variable "spacelift_api_key_endpoint" {
   type        = string
   description = "Full URL of the Spacelift API endpoint to use, eg. https://demo.app.spacelift.io"
+}
+
+variable "worker_pool_id" {
+  type        = string
+  description = "ID (ULID) of the the worker pool."
 }
diff --git a/examples/custom-iam-role/main.tf b/examples/custom-iam-role/main.tf
@@ -68,5 +68,5 @@ module "this" {
   spacelift_api_key_id       = var.spacelift_api_key_id
   spacelift_api_key_secret   = var.spacelift_api_key_secret
   vpc_subnets                = data.aws_subnets.this.ids
-  worker_pool_id             = random_pet.this.id
+  worker_pool_id             = var.worker_pool_id
 }
diff --git a/examples/custom-iam-role/variables.tf b/examples/custom-iam-role/variables.tf
@@ -12,4 +12,9 @@ variable "spacelift_api_key_secret" {
 variable "spacelift_api_key_endpoint" {
   type        = string
   description = "Full URL of the Spacelift API endpoint to use, eg. https://demo.app.spacelift.io"
+}
+
+variable "worker_pool_id" {
+  type        = string
+  description = "ID (ULID) of the the worker pool."
 }
diff --git a/iam.tf b/iam.tf
@@ -4,17 +4,17 @@ locals {
   #! If IAM role name is not known during 'terraform plan', the check will be skipped and
   #! error message will pop up only after `terraform apply ' in the next 'terraform plan'.
   validate_condition = (!var.create_iam_role && length(var.custom_iam_role_name) == 0) || (var.create_iam_role && length(var.custom_iam_role_name) > 0)
-  validate_message = "The 'create_iam_role' has been set to '${var.create_iam_role}', when 'custom_iam_role_name' set to '${var.custom_iam_role_name}', which are mutually exclusive. To create a new IAM role inside module, set 'create_iam_role' to 'true' and 'custom_iam_role_name' to ''. To use a custom IAM role, set 'create_iam_role' to 'false' and 'custom_iam_role_name' to the name of the custom IAM role."
+  validate_message   = "The 'create_iam_role' has been set to '${var.create_iam_role}', when 'custom_iam_role_name' set to '${var.custom_iam_role_name}', which are mutually exclusive. To create a new IAM role inside module, set 'create_iam_role' to 'true' and 'custom_iam_role_name' to ''. To use a custom IAM role, set 'create_iam_role' to 'false' and 'custom_iam_role_name' to the name of the custom IAM role."
   validate_check = regex(
-      "^${local.validate_message}$",
-      ( !local.validate_condition
-        ? local.validate_message
-        : "" ) )
+    "^${local.validate_message}$",
+    (!local.validate_condition
+      ? local.validate_message
+  : ""))
 }
 
 resource "aws_iam_role" "this" {
   count = var.create_iam_role ? 1 : 0
-  name  = local.namespace
+  name  = local.base_name
   path  = "/"
 
   assume_role_policy = jsonencode({
@@ -44,7 +44,7 @@ resource "aws_iam_role_policy_attachment" "this" {
 resource "aws_iam_instance_profile" "this" {
   depends_on = [aws_iam_role_policy_attachment.this]
 
-  name = local.namespace
+  name = local.base_name
   role = var.create_iam_role ? aws_iam_role.this[0].name : var.custom_iam_role_name
 }
 

diff --git a/main.tf b/main.tf
@@ -0,0 +1,3 @@
+locals {
+  base_name = var.base_name == null ? "sp5ft-${var.worker_pool_id}" : var.base_name
+}
diff --git a/variables.tf b/variables.tf
@@ -113,7 +113,18 @@ variable "vpc_subnets" {
 
 variable "worker_pool_id" {
   type        = string
-  description = "ID of the the worker pool. It is used for the naming convention of the resources."
+  description = "ID (ULID) of the the worker pool."
+  validation {
+    condition     = can(regex("^[0-9A-HJKMNP-TV-Z]+$", var.worker_pool_id))
+    error_message = "The worker pool ID must be a valid ULID (eg 01HCC6QZ932J7WDF4FTVM9QMEP)."
+  }
+}
+
+variable "base_name" {
+  type        = string
+  description = "Base name for resources. If unset, it defaults to `sp5ft-$${var.worker_pool_id}`."
+  nullable    = true
+  default     = null
 }
 
 variable "enable_monitoring" {
@@ -128,10 +139,6 @@ variable "instance_refresh" {
   default     = {}
 }
 
-locals {
-  namespace = "sp5ft-${var.worker_pool_id}"
-}
-
 variable "enable_autoscaling" {
   default     = true
   description = "Determines whether to create the Lambda Autoscaler function and dependent resources or not"