Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flatten TF module structure via .tfvars/.tfbackend, update to TF v1.5.3 #980

Open
wants to merge 5 commits into
base: dev
Choose a base branch
from
Open

Flatten TF module structure via .tfvars/.tfbackend, update to TF v1.5.3 #980

wants to merge 5 commits into from

Conversation

GaryGSC
Copy link
Member

@GaryGSC GaryGSC commented Jul 12, 2023
edited

Using .tfvars and .tfbackend files, we can flatten our TF modules.

Before After
82d1b3e4-9e8d-49cd-b573-4642ec7badbb 37774ebc-685d-4ce6-9f19-81e3f7a18d4a

@GaryGSC GaryGSC force-pushed the simplify-tf-module-structure branch 2 times, most recently from a8bdd8d to 2f0e09c Compare July 12, 2023 19:06
@github-actions

This comment was marked as outdated.

Sign in to view
@GaryGSC
Copy link
Member Author

GaryGSC commented Jul 12, 2023

This module restructuring clobbers the existing state, but I don't really want to fill up the template with a bunch of moved blocks.

@GaryGSC GaryGSC requested a review from a team July 12, 2023 19:12
@GaryGSC
Copy link
Member Author

GaryGSC commented Jul 12, 2023
edited

As an example of how to use these environments, navigate to the terraform/app directory and then:

  • aws sso login
  • terraform init -backend-config=dev.s3.tfbackend
  • terraform plan -var-file=dev.tfvars

If you then try switch to production (not that you should really be doing that outside of CI/CD), the CLI will instruct you to call terraform init with either the -migrate-state or -reconfigure. -reconfigure is the correct option here because you're not trying to migrate our dev state to prd. So, it'd look like:

  • aws sso login (but to the prd account this time)
  • terraform init -backend-config=prd.s3.tfbackend -reconfigure
  • terraform plan -var-file=prd.tfvars

This was referenced Jul 12, 2023
Open
Closed
@GaryGSC
Flatten TF module structure via .tfvars/.tfbackend, update to TF …
3f569d1 
…v1.5.3
@GaryGSC
Make terraform init prompt for bucket name instead of defaulting to…
708b61d 
… local backend

This makes it harder to do the wrong thing. With this change, we avoid
a potential footgun when developers use `terraform init` instead of
`terraform init -backend-config=dev.s3.tfbackend`.

This isn't a functional change because we were already using encryption
on everything in our state buckets.
@GaryGSC
Fix Dependabot path to TF, also get TF provider updates
7602118
@GaryGSC GaryGSC force-pushed the simplify-tf-module-structure branch from dd4d37a to 7602118 Compare August 9, 2023 18:02
@GaryGSC
Copy link
Member Author

GaryGSC commented Aug 9, 2023

Rebased on dev.

@stuft2
Copy link
Contributor

stuft2 commented Aug 15, 2023

@jvisker have we talk about this in the cloud guild yet? Are we still discussing it? Do we need to update an ADR before merging?

@GaryGSC
Update docs to reflect change, rename terraform-iac/ to terraform/
454def2 
Docs needed to be updated either way.

I know we've done some bikeshedding on the directory name before. I
didn't previously care whether it was called terraform/, iac/,
terraform-iac/ or anything else. Nowadays, I have a tiny reason to
prefer the name terraform/: it plays nicely with automatic folder
icons. The other options don't.
@GaryGSC
Copy link
Member Author

GaryGSC commented Aug 16, 2023
edited

Updated docs. That needed to happen.

Also renamed terraform-iac/ to terraform/. We're restructuring our TF stuff anyways, so this seemed like a good opportunity to also rename the directory. Why? Calling the directory terraform/ is common enough in the industry that themes can pick up on that (e.g. in VSCode or Chrome):
image

@GaryGSC
Copy link
Member Author

GaryGSC commented Nov 20, 2023

Another tiny reason to rename terraform-iac to terraform: editors treat kebab-case as multiple "words" and so the directory name can't be selected by double-clicking.

@GaryGSC
Merge branch 'dev' into simplify-tf-module-structure
570809e 
# Conflicts:
#	.github/workflows/ci-iac.yml
#	.github/workflows/deploy.yml
#	terraform-iac/cpy/app/cpy-app.tf
#	terraform-iac/cpy/setup/.terraform.lock.hcl
#	terraform-iac/cpy/setup/cpy-setup.tf
#	terraform-iac/dev/app/.terraform.lock.hcl
#	terraform-iac/dev/app/dev-app.tf
#	terraform-iac/dev/setup/.terraform.lock.hcl
#	terraform-iac/dev/setup/dev-setup.tf
#	terraform-iac/prd/app/.terraform.lock.hcl
#	terraform-iac/prd/app/prd-app.tf
#	terraform-iac/prd/setup/prd-setup.tf
#	terraform-iac/stg/app/.terraform.lock.hcl
#	terraform-iac/stg/app/stg-app.tf
#	terraform-iac/stg/setup/.terraform.lock.hcl
#	terraform-iac/stg/setup/stg-setup.tf
#	terraform/app/.terraform.lock.hcl
#	terraform/setup/.terraform.lock.hcl
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jvisker jvisker jvisker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@GaryGSC @stuft2 @jvisker