Terraform linting

.tflint.hcl

+config {
+	call_module_type = "local"
+	force = false
+}
+
+plugin "terraform" {
+	enabled = true
+	preset	= "recommended"
+}

cesnet-mcc/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  master_ip  = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   ingress_ip = replace(openstack_compute_instance_v2.ingress.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
-  nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  nfs_ip     = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
 }
 
 # Security groups
@@ -25,9 +25,9 @@ resource "openstack_compute_secgroup_v2" "ping" {
   rule {
     from_port   = 128
     to_port     = 0
-    # initial installation (bug in terraform): ip_protocol = "icmp"
     ip_protocol = "ipv6-icmp"
     cidr        = "::/0"
+    # initial installation (bug in terraform): ip_protocol = "icmp"
   }
 }
 
@@ -100,9 +100,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
-  image_id = data.openstack_images_image_v2.ubuntu.id
-  # 4 cores 4 GB RAM
+  name            = "k8s-${var.site_name}-master"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", "all"]
   user_data       = file("cloud-init.yaml")
@@ -296,7 +295,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts:

common/terraform/firewall.tf

@@ -20,10 +20,11 @@ resource "openstack_networking_secgroup_rule_v2" "ping" {
   ethertype         = strcontains(each.key, ":") ? "IPv6" : "IPv4"
   port_range_min    = strcontains(each.key, ":") ? 128 : 8
   port_range_max    = 0
-  # protocol          = strcontains(each.key, ":") ? "ipv6-icmp" : "icmp"
   protocol          = "icmp"
   remote_ip_prefix  = each.key
   security_group_id = openstack_networking_secgroup_v2.ping.id
+  # for update:
+  # protocol          = strcontains(each.key, ":") ? "ipv6-icmp" : "icmp"
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh" {

common/terraform/vars.tf

@@ -19,7 +19,7 @@ variable "site_name" {
 }
 
 variable "gpu_flavor_name" {
-  type = string
+  type        = string
   description = "Name of the GPU flavor"
 }
 
@@ -64,10 +64,10 @@ variable "squid_volume_size" {
 }
 
 variable "security_public_cidr" {
-  type = map(string)
+  type        = map(string)
   description = "Enabled IP ranges"
   default = {
-    "0.0.0.0/0": "Public access",
-    "::/0":      "Public access",
+    "0.0.0.0/0" : "Public access",
+    "::/0" : "Public access",
   }
 }

common/terraform/versions.tf

@@ -3,9 +3,12 @@ provider "openstack" {
 
 terraform {
   required_providers {
-    local = "~> 2.0"
+    local = {
+      source  = "hashicorp/local"
+      version = "~> 2.0"
+    }
     openstack = {
-      source  = "terraform-provider-openstack/openstack",
+      source  = "terraform-provider-openstack/openstack"
       version = ">= 1.38.0"
     }
   }

production1/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
+  master_ip  = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
   ingress_ip = openstack_compute_instance_v2.ingress.network[0].fixed_ip_v4
-  nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
+  nfs_ip     = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v4 : s]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
 }
 
 resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,7 +31,7 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
+  name            = "k8s-${var.site_name}-master"
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
@@ -93,7 +93,7 @@ resource "openstack_compute_instance_v2" "gpu" {
   flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
-  tags = ["worker"]
+  tags            = ["worker"]
   network {
     uuid = openstack_networking_network_v2.local-network.id
   }
@@ -221,7 +221,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts:

production2/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  master_ip  = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   ingress_ip = replace(openstack_compute_instance_v2.ingress.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
-  nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  nfs_ip     = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
 }
 
 data "openstack_images_image_v2" "ubuntu" {
@@ -27,8 +27,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
-  image_id = data.openstack_images_image_v2.ubuntu.id
+  name            = "k8s-${var.site_name}-master"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
@@ -82,7 +82,7 @@ resource "openstack_compute_instance_v2" "gpu" {
   flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
-  tags = ["worker"]
+  tags            = ["worker"]
   network {
     name = var.net_name
   }
@@ -204,7 +204,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts:

staging1/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
+  master_ip  = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
   ingress_ip = openstack_compute_instance_v2.ingress.network[0].fixed_ip_v4
-  nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
+  nfs_ip     = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v4 : s]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
 }
 
 resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,8 +31,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
-  image_id = data.openstack_images_image_v2.ubuntu.id
+  name            = "k8s-${var.site_name}-master"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
@@ -86,7 +86,7 @@ resource "openstack_compute_instance_v2" "gpu" {
   flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
-  tags = ["worker"]
+  tags            = ["worker"]
   network {
     uuid = openstack_networking_network_v2.local-network.id
   }
@@ -240,7 +240,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts:

staging2/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  master_ip  = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   ingress_ip = replace(openstack_compute_instance_v2.ingress.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
-  nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  nfs_ip     = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
 }
 
 data "openstack_images_image_v2" "ubuntu" {
@@ -27,8 +27,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
-  image_id = data.openstack_images_image_v2.ubuntu.id
+  name            = "k8s-${var.site_name}-master"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
@@ -82,7 +82,7 @@ resource "openstack_compute_instance_v2" "gpu" {
   flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
-  tags = ["worker"]
+  tags            = ["worker"]
   network {
     name = var.net_name
   }
@@ -204,7 +204,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts:

testing/terraform/vms.tf

@@ -3,11 +3,11 @@ locals {
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
   ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
-  master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  master_ip  = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   ingress_ip = replace(openstack_compute_instance_v2.ingress.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
-  nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+  nfs_ip     = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
-  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+  gpu_ips    = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
 }
 
 resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,8 +31,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
 }
 
 resource "openstack_compute_instance_v2" "master" {
-  name     = "k8s-${var.site_name}-master"
-  image_id = data.openstack_images_image_v2.ubuntu.id
+  name            = "k8s-${var.site_name}-master"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
   flavor_id       = data.openstack_compute_flavor_v2.master-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
@@ -255,7 +255,7 @@ nfs:
 
 worker:
   hosts:
-    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
+    ${join("\n    ", [for s in local.worker_ips : "${s}:"])}
 
 gpu:
   hosts: