Terraform upgrade module versions (#4446)

* Fix preview provider

* Fix dev provider

* Change template

* Full provider upgrade

* Bump module versions to match upstream repo

* CRLF -> LF

* Remove depreciated recursive_delete

* Missing stray deletion

* terraform fmt

terraform/dev/dev.tf

@@ -15,7 +15,6 @@ module "dev" {
   clamav_instances      = 1
   clamav_memory         = 2048
   clamav_fs_instances   = 1
-  recursive_delete      = true
   json_params = jsonencode(
     {
       "storage" : 50,
@@ -24,7 +23,7 @@ module "dev" {
 }
 
 module "dev-backups-bucket" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
 
   cf_org_name   = var.cf_org_name
   cf_space_name = "dev"

terraform/meta/meta.tf

@@ -41,7 +41,7 @@ locals {
 }
 
 module "s3-backups" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
 
   cf_org_name = local.org_name
   # TODO: This should be the key for the first space that says "is_production =

terraform/preview/preview.tf

@@ -15,7 +15,6 @@ module "preview" {
   clamav_instances      = 1
   clamav_memory         = 2048
   clamav_fs_instances   = 1
-  recursive_delete      = true
   json_params = jsonencode(
     {
       "storage" : 50,
@@ -24,7 +23,7 @@ module "preview" {
 }
 
 module "preview-backups-bucket" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
 
   cf_org_name   = var.cf_org_name
   cf_space_name = "preview"

terraform/shared/modules/cg-logshipper/cg-logshipper.tf

@@ -1,115 +1,114 @@
-data "cloudfoundry_domain" "public" {
-  name = "app.cloud.gov"
-}
-
-data "cloudfoundry_space" "apps" {
-  org_name = var.cf_org_name
-  name     = var.cf_space_name
-}
-
-module "s3-logshipper-storage" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
-
-  cf_org_name      = var.cf_org_name
-  cf_space_name    = var.cf_space_name
-  name             = "log-storage"
-  recursive_delete = false
-  s3_plan_name     = "basic"
-  tags             = ["logshipper-s3"]
-}
-
-resource "cloudfoundry_service_key" "logshipper-s3-service-key" {
-  name             = "fac-to-gsa"
-  service_instance = module.s3-logshipper-storage.bucket_id
-}
-
-resource "cloudfoundry_route" "logshipper" {
-  space    = data.cloudfoundry_space.apps.id
-  domain   = data.cloudfoundry_domain.public.id
-  hostname = "fac-${var.cf_space_name}-${var.name}"
-  # Yields something like: fac-spacename-name
-}
-
-resource "cloudfoundry_user_provided_service" "logshipper_creds" {
-  name  = "cg-logshipper-creds"
-  space = data.cloudfoundry_space.apps.id
-  credentials = {
-    "HTTP_USER" = local.username
-    "HTTP_PASS" = local.password
-  }
-  tags = ["logshipper-creds"]
-}
-
-resource "cloudfoundry_user_provided_service" "logdrain_service" {
-  name             = "fac-logdrain"
-  space            = data.cloudfoundry_space.apps.id
-  syslog_drain_url = local.syslog_drain
-}
-
-resource "random_uuid" "username" {}
-resource "random_password" "password" {
-  length  = 16
-  special = false
-}
-
-locals {
-  username     = random_uuid.username.result
-  password     = random_password.password.result
-  syslog_drain = "https://${local.username}:${local.password}@${cloudfoundry_route.logshipper.hostname}.app.cloud.gov/?drain-type=all"
-  domain       = cloudfoundry_route.logshipper.endpoint
-  app_id       = cloudfoundry_app.cg_logshipper_app.id
-  logdrain_id  = cloudfoundry_user_provided_service.logdrain_service.id
-  sidecar_json = jsonencode(
-    {
-      "name" : "fluentbit",
-      "command" : "/home/vcap/deps/0/apt/opt/fluent-bit/bin/fluent-bit -Y -c fluentbit.conf",
-      "process_types" : ["web"],
-    }
-  )
-}
-
-data "external" "logshipperzip" {
-  program     = ["/bin/sh", "prepare-logshipper.sh"]
-  working_dir = path.module
-  query = {
-    gitref = var.gitref
-  }
-}
-
-resource "cloudfoundry_app" "cg_logshipper_app" {
-  name       = var.name
-  space      = data.cloudfoundry_space.apps.id
-  buildpacks = ["https://github.com/cloudfoundry/apt-buildpack", "nginx_buildpack"]
-  path       = "${path.module}/${data.external.logshipperzip.result.path}"
-  # source_code_hash  = filesha256("${path.module}/${data.external.logshipperzip.result.path}")
-  timeout           = 180
-  disk_quota        = var.disk_quota
-  memory            = var.logshipper_memory
-  instances         = var.logshipper_instances
-  strategy          = "rolling"
-  health_check_type = "process"
-
-  provisioner "local-exec" {
-    command = "cf curl /v3/apps/${self.id}/sidecars  -d '${local.sidecar_json}'"
-  }
-
-  service_binding {
-    service_instance = var.new_relic_id
-  }
-
-  service_binding {
-    service_instance = cloudfoundry_user_provided_service.logshipper_creds.id
-  }
-
-  service_binding {
-    service_instance = module.s3-logshipper-storage.bucket_id
-  }
-
-  routes {
-    route = cloudfoundry_route.logshipper.id
-  }
-
-  environment = {
-    PROXYROUTE = var.https_proxy
-  }
-}
+data "cloudfoundry_domain" "public" {
+  name = "app.cloud.gov"
+}
+
+data "cloudfoundry_space" "apps" {
+  org_name = var.cf_org_name
+  name     = var.cf_space_name
+}
+
+module "s3-logshipper-storage" {
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
+
+  cf_org_name   = var.cf_org_name
+  cf_space_name = var.cf_space_name
+  name          = "log-storage"
+  s3_plan_name  = "basic"
+  tags          = ["logshipper-s3"]
+}
+
+resource "cloudfoundry_service_key" "logshipper-s3-service-key" {
+  name             = "fac-to-gsa"
+  service_instance = module.s3-logshipper-storage.bucket_id
+}
+
+resource "cloudfoundry_route" "logshipper" {
+  space    = data.cloudfoundry_space.apps.id
+  domain   = data.cloudfoundry_domain.public.id
+  hostname = "fac-${var.cf_space_name}-${var.name}"
+  # Yields something like: fac-spacename-name
+}
+
+resource "cloudfoundry_user_provided_service" "logshipper_creds" {
+  name  = "cg-logshipper-creds"
+  space = data.cloudfoundry_space.apps.id
+  credentials = {
+    "HTTP_USER" = local.username
+    "HTTP_PASS" = local.password
+  }
+  tags = ["logshipper-creds"]
+}
+
+resource "cloudfoundry_user_provided_service" "logdrain_service" {
+  name             = "fac-logdrain"
+  space            = data.cloudfoundry_space.apps.id
+  syslog_drain_url = local.syslog_drain
+}
+
+resource "random_uuid" "username" {}
+resource "random_password" "password" {
+  length  = 16
+  special = false
+}
+
+locals {
+  username     = random_uuid.username.result
+  password     = random_password.password.result
+  syslog_drain = "https://${local.username}:${local.password}@${cloudfoundry_route.logshipper.hostname}.app.cloud.gov/?drain-type=all"
+  domain       = cloudfoundry_route.logshipper.endpoint
+  app_id       = cloudfoundry_app.cg_logshipper_app.id
+  logdrain_id  = cloudfoundry_user_provided_service.logdrain_service.id
+  sidecar_json = jsonencode(
+    {
+      "name" : "fluentbit",
+      "command" : "/home/vcap/deps/0/apt/opt/fluent-bit/bin/fluent-bit -Y -c fluentbit.conf",
+      "process_types" : ["web"],
+    }
+  )
+}
+
+data "external" "logshipperzip" {
+  program     = ["/bin/sh", "prepare-logshipper.sh"]
+  working_dir = path.module
+  query = {
+    gitref = var.gitref
+  }
+}
+
+resource "cloudfoundry_app" "cg_logshipper_app" {
+  name       = var.name
+  space      = data.cloudfoundry_space.apps.id
+  buildpacks = ["https://github.com/cloudfoundry/apt-buildpack", "nginx_buildpack"]
+  path       = "${path.module}/${data.external.logshipperzip.result.path}"
+  # source_code_hash  = filesha256("${path.module}/${data.external.logshipperzip.result.path}")
+  timeout           = 180
+  disk_quota        = var.disk_quota
+  memory            = var.logshipper_memory
+  instances         = var.logshipper_instances
+  strategy          = "rolling"
+  health_check_type = "process"
+
+  provisioner "local-exec" {
+    command = "cf curl /v3/apps/${self.id}/sidecars  -d '${local.sidecar_json}'"
+  }
+
+  service_binding {
+    service_instance = var.new_relic_id
+  }
+
+  service_binding {
+    service_instance = cloudfoundry_user_provided_service.logshipper_creds.id
+  }
+
+  service_binding {
+    service_instance = module.s3-logshipper-storage.bucket_id
+  }
+
+  routes {
+    route = cloudfoundry_route.logshipper.id
+  }
+
+  environment = {
+    PROXYROUTE = var.https_proxy
+  }
+}

terraform/shared/modules/env/clamav.tf

@@ -8,7 +8,7 @@ data "docker_registry_image" "clamav" {
 }
 
 module "clamav" {
-  source = "github.com/gsa-tts/terraform-cloudgov//clamav?ref=v0.9.0"
+  source = "github.com/gsa-tts/terraform-cloudgov//clamav?ref=v1.1.0"
 
   # This generates eg "fac-av-staging.apps.internal", avoiding collisions with routes for other projects and spaces
   name           = local.clam_name
@@ -28,7 +28,7 @@ module "clamav" {
 }
 
 module "file_scanner_clamav" {
-  source = "github.com/gsa-tts/terraform-cloudgov//clamav?ref=v0.9.0"
+  source = "github.com/gsa-tts/terraform-cloudgov//clamav?ref=v1.1.0"
 
   # This generates eg "fac-av-staging-fs.apps.internal", avoiding collisions with routes for other projects and spaces
   name           = local.fs_clam_name

terraform/shared/modules/env/env.tf

@@ -1,47 +1,43 @@
 module "database" {
-  source = "github.com/gsa-tts/terraform-cloudgov//database?ref=v0.9.1"
-
-  cf_org_name      = var.cf_org_name
-  cf_space_name    = var.cf_space_name
-  name             = "fac-db"
-  recursive_delete = var.recursive_delete
-  tags             = ["rds"]
-  rds_plan_name    = var.database_plan
-  json_params      = var.json_params
+  source = "github.com/gsa-tts/terraform-cloudgov//database?ref=v1.1.0"
+
+  cf_org_name   = var.cf_org_name
+  cf_space_name = var.cf_space_name
+  name          = "fac-db"
+  tags          = ["rds"]
+  rds_plan_name = var.database_plan
+  json_params   = var.json_params
 }
 
 module "snapshot-database" {
-  source = "github.com/gsa-tts/terraform-cloudgov//database?ref=v0.9.1"
-
-  cf_org_name      = var.cf_org_name
-  cf_space_name    = var.cf_space_name
-  name             = "fac-snapshot-db"
-  recursive_delete = var.recursive_delete
-  tags             = ["rds"]
-  rds_plan_name    = var.database_plan
-  json_params      = var.json_params
+  source = "github.com/gsa-tts/terraform-cloudgov//database?ref=v1.1.0"
+
+  cf_org_name   = var.cf_org_name
+  cf_space_name = var.cf_space_name
+  name          = "fac-snapshot-db"
+  tags          = ["rds"]
+  rds_plan_name = var.database_plan
+  json_params   = var.json_params
 }
 
 module "s3-public" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
-
-  cf_org_name      = var.cf_org_name
-  cf_space_name    = var.cf_space_name
-  name             = "fac-public-s3"
-  recursive_delete = var.recursive_delete
-  s3_plan_name     = "basic-public"
-  tags             = ["s3"]
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
+
+  cf_org_name   = var.cf_org_name
+  cf_space_name = var.cf_space_name
+  name          = "fac-public-s3"
+  s3_plan_name  = "basic-public"
+  tags          = ["s3"]
 }
 
 module "s3-private" {
-  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v0.9.1"
-
-  cf_org_name      = var.cf_org_name
-  cf_space_name    = var.cf_space_name
-  name             = "fac-private-s3"
-  recursive_delete = var.recursive_delete
-  s3_plan_name     = "basic"
-  tags             = ["s3"]
+  source = "github.com/gsa-tts/terraform-cloudgov//s3?ref=v1.1.0"
+
+  cf_org_name   = var.cf_org_name
+  cf_space_name = var.cf_space_name
+  name          = "fac-private-s3"
+  s3_plan_name  = "basic"
+  tags          = ["s3"]
 }
 
 # Stuff used for apps in this space

terraform/shared/modules/env/variables.tf

@@ -38,12 +38,6 @@ variable "database_plan" {
   default = "medium-gp-psql-redundant"
 }
 
-variable "recursive_delete" {
-  type        = bool
-  description = "when true, deletes service bindings attached to the resource (not recommended for production)"
-  default     = false
-}
-
 variable "postgrest_instances" {
   type        = number
   description = "the number of instances of the postgrest application to run (default: 2)"