feat: add env tags to supported resources automatically

can be used for filtering in Ansible
phandox · Mar 24, 2023 · 26c6282 · 26c6282
1 parent 4a18336
commit 26c6282
Show file tree

Hide file tree

Showing 7 changed files with 60 additions and 43 deletions.
diff --git a/infra-modules/common-firewall/main.tf b/infra-modules/common-firewall/main.tf
@@ -15,17 +15,17 @@ resource "digitalocean_firewall" "egress-internet-fw" {
   tags = [digitalocean_tag.egress-internet-fw.id]
 
   outbound_rule {
-    protocol = "tcp"
-    port_range = "1-65535"
+    protocol              = "tcp"
+    port_range            = "1-65535"
     destination_addresses = ["0.0.0.0/0"]
   }
   outbound_rule {
-    protocol = "udp"
-    port_range = "53"
+    protocol              = "udp"
+    port_range            = "53"
     destination_addresses = ["0.0.0.0/0"]
   }
   outbound_rule {
-    protocol = "icmp"
+    protocol              = "icmp"
     destination_addresses = ["0.0.0.0/0"]
   }
 }
@@ -34,15 +34,15 @@ resource "digitalocean_firewall" "ingress-ssh" {
   name = "ingress-ssh-${var.env}"
   tags = [digitalocean_tag.ssh-fw.id]
   inbound_rule {
-    protocol = "tcp"
-    port_range = "22"
+    protocol         = "tcp"
+    port_range       = "22"
     source_addresses = ["0.0.0.0/0"]
   }
 }
 
 output "fw-tags" {
   value = {
-    ssh = digitalocean_tag.ssh-fw.id
+    ssh             = digitalocean_tag.ssh-fw.id
     internet-egress = digitalocean_tag.egress-internet-fw.id
   }
   description = "Tags for droplets, available to be attached"

diff --git a/infra-modules/doks/main.tf b/infra-modules/doks/main.tf
@@ -13,5 +13,5 @@ module "doks" {
   region                        = var.region
   size                          = var.size
   vpc_uuid                      = var.vpc_uuid
-  tags                          = var.tags
-}
+  tags                          = concat(var.tags, [var.env])
+}
diff --git a/infra-modules/doks/variables.tf b/infra-modules/doks/variables.tf
@@ -3,9 +3,9 @@ variable "cluster_name" {
 }
 
 variable "k8s_version_prefix" {
-  type = string
+  type        = string
   description = "Major.minor version to pin the cluster to. (example - '1.25.')"
-  default = "1.25."
+  default     = "1.25."
 }
 
 variable "region" {
@@ -14,15 +14,20 @@ variable "region" {
 
 variable "size" {
   default = "s-1vcpu-2gb"
-  type = string
+  type    = string
 }
 variable "vpc_uuid" {
-  type = string
+  type        = string
   description = "Private VPC network where cluster should be"
 }
 
+variable "env" {
+  type        = string
+  description = "K8S cluster environment"
+}
+
 variable "tags" {
-  type = list(string)
-  default = []
+  type        = list(string)
+  default     = []
   description = "Tags applied on cluster"
 }
diff --git a/infra-modules/postgres-vm/main.tf b/infra-modules/postgres-vm/main.tf
@@ -14,7 +14,7 @@ resource "digitalocean_droplet" "psql-vm" {
   backups    = false
   monitoring = true
   ssh_keys   = var.ssh_keys
-  tags       = concat([digitalocean_tag.psql-fw.id], var.tags)
+  tags       = concat([digitalocean_tag.psql-fw.id, var.env], var.tags)
   vpc_uuid   = var.vpc.id
   user_data  = file("startup-script.yaml")
 }

diff --git a/infra-modules/volumes/main.tf b/infra-modules/volumes/main.tf
@@ -1,34 +1,10 @@
-variable "name" {
-  type        = string
-  description = "Name of network volume"
-}
-variable "region" {
-  type        = string
-  default     = "fra1"
-  description = "Region of network volume. Must match droplet"
-}
-variable "size" {
-  default     = 1
-  type        = number
-  description = "Volume size in GiB"
-}
-
-variable "fs_label" {
-  default     = "example"
-  type        = string
-  description = "Filesystem label for volume, useful for mounting"
-
-  validation {
-    condition = length(var.fs_label) <= 16
-    error_message = "Max 16 characters for FS label for ext4 filesystem"
-  }
-}
 resource "digitalocean_volume" "volume" {
   name                     = var.name
   region                   = var.region
   size                     = var.size
   initial_filesystem_type  = "ext4"
   initial_filesystem_label = var.fs_label
+  tags                     = concat(var.tags, [var.env])
 }
 
 output "volume_id" {

diff --git a/infra-modules/volumes/variables.tf b/infra-modules/volumes/variables.tf
@@ -0,0 +1,36 @@
+variable "name" {
+  type        = string
+  description = "Name of network volume"
+}
+variable "region" {
+  type        = string
+  default     = "fra1"
+  description = "Region of network volume. Must match droplet"
+}
+variable "size" {
+  default     = 1
+  type        = number
+  description = "Volume size in GiB"
+}
+
+variable "env" {
+  type        = string
+  description = "Environment for volume"
+}
+
+variable "fs_label" {
+  default     = "example"
+  type        = string
+  description = "Filesystem label for volume, useful for mounting"
+
+  validation {
+    condition     = length(var.fs_label) <= 16
+    error_message = "Max 16 characters for FS label for ext4 filesystem"
+  }
+}
+
+variable "tags" {
+  default     = []
+  type        = list(string)
+  description = "Additional tags to be assigned on volume"
+}
diff --git a/infra-modules/vpc/main.tf b/infra-modules/vpc/main.tf
@@ -41,7 +41,7 @@ resource "digitalocean_vpc" "vpc" {
 
 output "vpc" {
   value = {
-    id = digitalocean_vpc.vpc.id
+    id       = digitalocean_vpc.vpc.id
     ip_range = digitalocean_vpc.vpc.ip_range
   }
   description = "VPC values to pass for FW and Droplet resources"