multi-arch-builders/tofu: Add conditional statement for networking

ravanelli · dustymabe · commit 788477bde9a8 · 2023-11-01T10:12:42.000-04:00
For rhcos we already have pre-existing networking
configurations, including VPC, subnets, and other
settings. Since we lack the permissions to create
new ones, let's use a conditional 'count' statement
to ensure tofu doesn't attempt to create additional
networking resources.

Signed-off-by: Renata &lt;rravanel@redhat.com&gt;
diff --git a/multi-arch-builders/provisioning/aarch64/main.tf b/multi-arch-builders/provisioning/aarch64/main.tf
@@ -117,7 +117,7 @@ variable "rhcos_aws_subnet_internal" {
 # If we are RHCOS we'll be using an already existing VPC/subnet rather
 # than the newly created one.
 locals {
-  aws_vpc_id = var.distro == "rhcos" ? var.rhcos_aws_vpc_prod : aws_vpc.vpc.id
+  aws_vpc_id = var.distro == "rhcos" ? var.rhcos_aws_vpc_prod : aws_vpc.vpc[0].id
   aws_subnet_id = var.distro == "rhcos" ? var.rhcos_aws_subnet_internal : aws_subnet.private_subnets[0].id
 }
 
diff --git a/multi-arch-builders/provisioning/aarch64/networks.tf b/multi-arch-builders/provisioning/aarch64/networks.tf
@@ -1,12 +1,14 @@
 resource "aws_vpc" "vpc" {
+  count = var.distro == "fcos" ? 1 : 0
   cidr_block           = "172.31.0.0/16"
   tags = {
     Name = "${var.project}-vpc"
   }
 }
 
 resource "aws_internet_gateway" "gw" {
-  vpc_id   = aws_vpc.vpc.id
+  count = var.distro == "fcos" ? 1 : 0
+  vpc_id   = aws_vpc.vpc[0].id
 }
 
 data "aws_availability_zones" "azs" {
@@ -20,8 +22,8 @@ variable "private_subnet_cidrs" {
 }
 
 resource "aws_subnet" "private_subnets" {
- count      = length(data.aws_availability_zones.azs.names)
- vpc_id     = aws_vpc.vpc.id
+ count      = var.distro == "fcos" ? length(data.aws_availability_zones.azs.names) : 0
+ vpc_id     = aws_vpc.vpc[0].id
  cidr_block = element(var.private_subnet_cidrs, count.index)
  availability_zone = element(data.aws_availability_zones.azs.names, count.index)
  tags = {
@@ -31,17 +33,19 @@ resource "aws_subnet" "private_subnets" {
 
 
 resource "aws_route_table" "internet_route" {
-  vpc_id   = aws_vpc.vpc.id
+  count = var.distro == "fcos" ? 1 : 0
+  vpc_id   = aws_vpc.vpc[0].id
   route {
     cidr_block = "0.0.0.0/0"
-    gateway_id = aws_internet_gateway.gw.id
+    gateway_id = aws_internet_gateway.gw[0].id
   }
   tags = {
     Name = "${var.project}-ig"
   }
 }
 
 resource "aws_main_route_table_association" "public-set-main-default-rt-assoc" {
-  vpc_id         = aws_vpc.vpc.id
-  route_table_id = aws_route_table.internet_route.id
+  count = var.distro == "fcos" ? 1 : 0
+  vpc_id         = aws_vpc.vpc[0].id
+  route_table_id = aws_route_table.internet_route[0].id
 }

Original file line number	Diff line number	Diff line change
`@@ -117,7 +117,7 @@ variable "rhcos_aws_subnet_internal" {`
`117`	`117`	`# If we are RHCOS we'll be using an already existing VPC/subnet rather`
`118`	`118`	`# than the newly created one.`
`119`	`119`	`locals {`
`120`		`- aws_vpc_id = var.distro == "rhcos" ? var.rhcos_aws_vpc_prod : aws_vpc.vpc.id`
	`120`	`+ aws_vpc_id = var.distro == "rhcos" ? var.rhcos_aws_vpc_prod : aws_vpc.vpc[0].id`
`121`	`121`	`aws_subnet_id = var.distro == "rhcos" ? var.rhcos_aws_subnet_internal : aws_subnet.private_subnets[0].id`
`122`	`122`	`}`
`123`	`123`
Original file line number	Diff line number	Diff line change
`@@ -1,12 +1,14 @@`
`1`	`1`	`resource "aws_vpc" "vpc" {`
	`2`	`+ count = var.distro == "fcos" ? 1 : 0`
`2`	`3`	`cidr_block = "172.31.0.0/16"`
`3`	`4`	`tags = {`
`4`	`5`	`Name = "${var.project}-vpc"`
`5`	`6`	`}`
`6`	`7`	`}`
`7`	`8`
`8`	`9`	`resource "aws_internet_gateway" "gw" {`
`9`		`- vpc_id = aws_vpc.vpc.id`
	`10`	`+ count = var.distro == "fcos" ? 1 : 0`
	`11`	`+ vpc_id = aws_vpc.vpc[0].id`
`10`	`12`	`}`
`11`	`13`
`12`	`14`	`data "aws_availability_zones" "azs" {`
`@@ -20,8 +22,8 @@ variable "private_subnet_cidrs" {`
`20`	`22`	`}`
`21`	`23`
`22`	`24`	`resource "aws_subnet" "private_subnets" {`
`23`		`- count = length(data.aws_availability_zones.azs.names)`
`24`		`- vpc_id = aws_vpc.vpc.id`
	`25`	`+ count = var.distro == "fcos" ? length(data.aws_availability_zones.azs.names) : 0`
	`26`	`+ vpc_id = aws_vpc.vpc[0].id`
`25`	`27`	`cidr_block = element(var.private_subnet_cidrs, count.index)`
`26`	`28`	`availability_zone = element(data.aws_availability_zones.azs.names, count.index)`
`27`	`29`	`tags = {`
`@@ -31,17 +33,19 @@ resource "aws_subnet" "private_subnets" {`
`31`	`33`
`32`	`34`
`33`	`35`	`resource "aws_route_table" "internet_route" {`
`34`		`- vpc_id = aws_vpc.vpc.id`
	`36`	`+ count = var.distro == "fcos" ? 1 : 0`
	`37`	`+ vpc_id = aws_vpc.vpc[0].id`
`35`	`38`	`route {`
`36`	`39`	`cidr_block = "0.0.0.0/0"`
`37`		`- gateway_id = aws_internet_gateway.gw.id`
	`40`	`+ gateway_id = aws_internet_gateway.gw[0].id`
`38`	`41`	`}`
`39`	`42`	`tags = {`
`40`	`43`	`Name = "${var.project}-ig"`
`41`	`44`	`}`
`42`	`45`	`}`
`43`	`46`
`44`	`47`	`resource "aws_main_route_table_association" "public-set-main-default-rt-assoc" {`
`45`		`- vpc_id = aws_vpc.vpc.id`
`46`		`- route_table_id = aws_route_table.internet_route.id`
	`48`	`+ count = var.distro == "fcos" ? 1 : 0`
	`49`	`+ vpc_id = aws_vpc.vpc[0].id`
	`50`	`+ route_table_id = aws_route_table.internet_route[0].id`
`47`	`51`	`}`