From 66c7880626c2c9b3144f3b57fab2f49cc5f7b9a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Tue, 5 Nov 2024 17:45:43 +0100
Subject: [PATCH] Terraform linting
---
.tflint.hcl | 9 +++++++++
cesnet-mcc/terraform/vms.tf | 15 +++++++--------
common/terraform/firewall.tf | 3 ++-
common/terraform/vars.tf | 8 ++++----
common/terraform/versions.tf | 7 +++++--
production1/terraform/vms.tf | 12 ++++++------
production2/terraform/vms.tf | 14 +++++++-------
staging1/terraform/vms.tf | 14 +++++++-------
staging2/terraform/vms.tf | 14 +++++++-------
testing/terraform/vms.tf | 12 ++++++------
10 files changed, 60 insertions(+), 48 deletions(-)
create mode 100644 .tflint.hcl
diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 0000000..8af4099
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,9 @@
+config {
+ call_module_type = "local"
+ force = false
+}
+
+plugin "terraform" {
+ enabled = true
+ preset = "recommended"
+}
diff --git a/cesnet-mcc/terraform/vms.tf b/cesnet-mcc/terraform/vms.tf
index 4d4275a..fa87415 100644
--- a/cesnet-mcc/terraform/vms.tf
+++ b/cesnet-mcc/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
ingress_ip = replace(openstack_compute_instance_v2.ingress.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
- nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
}
# Security groups
@@ -25,9 +25,9 @@ resource "openstack_compute_secgroup_v2" "ping" {
rule {
from_port = 128
to_port = 0
- # initial installation (bug in terraform): ip_protocol = "icmp"
ip_protocol = "ipv6-icmp"
cidr = "::/0"
+ # initial installation (bug in terraform): ip_protocol = "icmp"
}
}
@@ -100,9 +100,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
- image_id = data.openstack_images_image_v2.ubuntu.id
- # 4 cores 4 GB RAM
+ name = "k8s-${var.site_name}-master"
+ image_id = data.openstack_images_image_v2.ubuntu.id
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", "all"]
user_data = file("cloud-init.yaml")
@@ -296,7 +295,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
diff --git a/common/terraform/firewall.tf b/common/terraform/firewall.tf
index 7e332d0..68b3621 100644
--- a/common/terraform/firewall.tf
+++ b/common/terraform/firewall.tf
@@ -20,10 +20,11 @@ resource "openstack_networking_secgroup_rule_v2" "ping" {
ethertype = strcontains(each.key, ":") ? "IPv6" : "IPv4"
port_range_min = strcontains(each.key, ":") ? 128 : 8
port_range_max = 0
- # protocol = strcontains(each.key, ":") ? "ipv6-icmp" : "icmp"
protocol = "icmp"
remote_ip_prefix = each.key
security_group_id = openstack_networking_secgroup_v2.ping.id
+ # for update:
+ # protocol = strcontains(each.key, ":") ? "ipv6-icmp" : "icmp"
}
resource "openstack_networking_secgroup_rule_v2" "ssh" {
diff --git a/common/terraform/vars.tf b/common/terraform/vars.tf
index 4c83a79..8d204cd 100644
--- a/common/terraform/vars.tf
+++ b/common/terraform/vars.tf
@@ -19,7 +19,7 @@ variable "site_name" {
}
variable "gpu_flavor_name" {
- type = string
+ type = string
description = "Name of the GPU flavor"
}
@@ -64,10 +64,10 @@ variable "squid_volume_size" {
}
variable "security_public_cidr" {
- type = map(string)
+ type = map(string)
description = "Enabled IP ranges"
default = {
- "0.0.0.0/0": "Public access",
- "::/0": "Public access",
+ "0.0.0.0/0" : "Public access",
+ "::/0" : "Public access",
}
}
diff --git a/common/terraform/versions.tf b/common/terraform/versions.tf
index ff6f75b..21fd5ca 100644
--- a/common/terraform/versions.tf
+++ b/common/terraform/versions.tf
@@ -3,9 +3,12 @@ provider "openstack" {
terraform {
required_providers {
- local = "~> 2.0"
+ local = {
+ source = "hashicorp/local"
+ version = "~> 2.0"
+ }
openstack = {
- source = "terraform-provider-openstack/openstack",
+ source = "terraform-provider-openstack/openstack"
version = ">= 1.38.0"
}
}
diff --git a/production1/terraform/vms.tf b/production1/terraform/vms.tf
index c170ede..95b974d 100644
--- a/production1/terraform/vms.tf
+++ b/production1/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
+ master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
ingress_ip = openstack_compute_instance_v2.ingress.network[0].fixed_ip_v4
- nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
+ nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v4 : s]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
}
resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,7 +31,7 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
+ name = "k8s-${var.site_name}-master"
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
@@ -93,7 +93,7 @@ resource "openstack_compute_instance_v2" "gpu" {
flavor_id = data.openstack_compute_flavor_v2.gpu-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
- tags = ["worker"]
+ tags = ["worker"]
network {
uuid = openstack_networking_network_v2.local-network.id
}
@@ -221,7 +221,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
diff --git a/production2/terraform/vms.tf b/production2/terraform/vms.tf
index c631465..c59595e 100644
--- a/production2/terraform/vms.tf
+++ b/production2/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
ingress_ip = replace(openstack_compute_instance_v2.ingress.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
- nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
}
data "openstack_images_image_v2" "ubuntu" {
@@ -27,8 +27,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
- image_id = data.openstack_images_image_v2.ubuntu.id
+ name = "k8s-${var.site_name}-master"
+ image_id = data.openstack_images_image_v2.ubuntu.id
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
@@ -82,7 +82,7 @@ resource "openstack_compute_instance_v2" "gpu" {
flavor_id = data.openstack_compute_flavor_v2.gpu-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
- tags = ["worker"]
+ tags = ["worker"]
network {
name = var.net_name
}
@@ -204,7 +204,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
diff --git a/staging1/terraform/vms.tf b/staging1/terraform/vms.tf
index b196eda..f1dc139 100644
--- a/staging1/terraform/vms.tf
+++ b/staging1/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
+ master_ip = openstack_compute_instance_v2.master.network[0].fixed_ip_v4
ingress_ip = openstack_compute_instance_v2.ingress.network[0].fixed_ip_v4
- nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
+ nfs_ip = openstack_compute_instance_v2.nfs.network[0].fixed_ip_v4
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v4 : s]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v4 : s]
}
resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,8 +31,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
- image_id = data.openstack_images_image_v2.ubuntu.id
+ name = "k8s-${var.site_name}-master"
+ image_id = data.openstack_images_image_v2.ubuntu.id
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
@@ -86,7 +86,7 @@ resource "openstack_compute_instance_v2" "gpu" {
flavor_id = data.openstack_compute_flavor_v2.gpu-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
- tags = ["worker"]
+ tags = ["worker"]
network {
uuid = openstack_networking_network_v2.local-network.id
}
@@ -240,7 +240,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
diff --git a/staging2/terraform/vms.tf b/staging2/terraform/vms.tf
index c631465..c59595e 100644
--- a/staging2/terraform/vms.tf
+++ b/staging2/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ master_ip = replace(openstack_compute_instance_v2.master.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
ingress_ip = replace(openstack_compute_instance_v2.ingress.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
- nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ nfs_ip = replace(openstack_compute_instance_v2.nfs.network[0].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[0].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
}
data "openstack_images_image_v2" "ubuntu" {
@@ -27,8 +27,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
- image_id = data.openstack_images_image_v2.ubuntu.id
+ name = "k8s-${var.site_name}-master"
+ image_id = data.openstack_images_image_v2.ubuntu.id
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
@@ -82,7 +82,7 @@ resource "openstack_compute_instance_v2" "gpu" {
flavor_id = data.openstack_compute_flavor_v2.gpu-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
- tags = ["worker"]
+ tags = ["worker"]
network {
name = var.net_name
}
@@ -204,7 +204,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
diff --git a/testing/terraform/vms.tf b/testing/terraform/vms.tf
index 0c5751c..d4d208b 100644
--- a/testing/terraform/vms.tf
+++ b/testing/terraform/vms.tf
@@ -3,11 +3,11 @@ locals {
openstack_compute_instance_v2.ingress,
openstack_compute_instance_v2.nfs,
], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
- master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
ingress_ip = replace(openstack_compute_instance_v2.ingress.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
- nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
+ nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
- gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+ gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
}
resource "openstack_networking_floatingip_v2" "public_ip" {
@@ -31,8 +31,8 @@ data "openstack_compute_flavor_v2" "gpu-flavor" {
}
resource "openstack_compute_instance_v2" "master" {
- name = "k8s-${var.site_name}-master"
- image_id = data.openstack_images_image_v2.ubuntu.id
+ name = "k8s-${var.site_name}-master"
+ image_id = data.openstack_images_image_v2.ubuntu.id
flavor_id = data.openstack_compute_flavor_v2.master-flavor.id
security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
user_data = file("cloud-init.yaml")
@@ -255,7 +255,7 @@ nfs:
worker:
hosts:
- ${join("\n ", [for s in local.worker_ips: "${s}:"])}
+ ${join("\n ", [for s in local.worker_ips : "${s}:"])}
gpu:
hosts:
--
GitLab