Skip to content

feat: switch to ovh provider for buckets #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fredleger merged 5 commits into from
Mar 17, 2026
Merged

feat: switch to ovh provider for buckets #85

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3475e56
feat: switch to ovh provider for buckets
ffederighi Nov 10, 2025
94941dc
Update ovh/bucket/variables.tf
Libr4rian Mar 15, 2026
2090bbc
Update ovh/bucket/variables.tf
Libr4rian Mar 15, 2026
232cbeb
Update ovh/bucket/README.md
Libr4rian Mar 15, 2026
16f7714
chore: apply suggestions from code review
fredleger Mar 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions ovh/bucket/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,14 @@ Create a S3 compatible object storage bucket and policy for a user with write ac
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.3 |
| <a name="requirement_openstack"></a> [openstack](#requirement\_openstack) | ~> 1.49.0 |
| <a name="requirement_ovh"></a> [ovh](#requirement\_ovh) | ~> 0.26.0 |
| <a name="requirement_ovh"></a> [ovh](#requirement\_ovh) | ~> 2.1 |
| <a name="requirement_time"></a> [time](#requirement\_time) | ~> 0.9.1 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_openstack"></a> [openstack](#provider\_openstack) | ~> 1.49.0 |
| <a name="provider_ovh"></a> [ovh](#provider\_ovh) | ~> 2.1 |
| <a name="provider_time"></a> [time](#provider\_time) | ~> 0.9.1 |

## Modules
Expand All @@ -27,19 +26,21 @@ No modules.

| Name | Type |
|------|------|
| [openstack_objectstorage_container_v1.bucket](https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/objectstorage_container_v1) | resource |
| [ovh_cloud_project_storage.storage](https://registry.terraform.io/providers/ovh/ovh/latest/docs/resources/cloud_project_storage) | resource |
| [time_static.last_update](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/static) | resource |
| [openstack_identity_auth_scope_v3.current](https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/data-sources/identity_auth_scope_v3) | data source |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_cloud_project_id"></a> [cloud\_project\_id](#input\_cloud\_project\_id) | Cloud project ID for this bucket | `string` | n/a | yes |
| <a name="input_customer"></a> [customer](#input\_customer) | Customer applied to this instance | `string` | `""` | no |
| <a name="input_encryption_enabled"></a> [encryption\_enabled](#input\_encryption\_enabled) | A boolean that indicates whether this bucket has encryption enabled. | `string` | `true` | no |
| <a name="input_name"></a> [name](#input\_name) | Name applied to this instance | `string` | `""` | no |
| <a name="input_ovh_write_user"></a> [ovh\_write\_user](#input\_ovh\_write\_user) | OVH user name who will have write access to the bucket | `string` | n/a | yes |
| <a name="input_region"></a> [region](#input\_region) | OVH region | `string` | `"GRA"` | no |
| <a name="input_owner_id"></a> [owner\_id](#input\_owner\_id) | Container owner user ID for this bucket | `string` | `""` | no |
| <a name="input_region_name"></a> [region\_name](#input\_region\_name) | Region (in uppercase) applied to this bucket | `string` | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | Tags applied to this instance | `map(string)` | <pre>{<br> "ManagedBy": "terraform"<br>}</pre> | no |
| <a name="input_versioning_enabled"></a> [versioning\_enabled](#input\_versioning\_enabled) | A boolean that indicates whether this bucket has versioning enabled. | `bool` | `true` | no |

## Outputs

Expand Down
28 changes: 11 additions & 17 deletions ovh/bucket/bucket.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,12 @@
data "openstack_identity_auth_scope_v3" "current" {
name = "current"
}

resource "openstack_objectstorage_container_v1" "bucket" {
name = var.name
region = var.region
metadata = local.interpolated_tags
content_type = "application/json"
container_read = join(":", [
data.openstack_identity_auth_scope_v3.current.project_id,
var.ovh_write_user,
])
container_write = join(":", [
data.openstack_identity_auth_scope_v3.current.project_id,
var.ovh_write_user,
])
resource "ovh_cloud_project_storage" "storage" {
name = var.name
service_name = var.cloud_project_id
region_name = var.region_name
owner_id = var.owner_id
versioning = var.versioning_enabled ? {
status = "enabled"
} : null
encryption = var.encryption_enabled ? {
sse_algorithm = "AES256"
} : null
}
2 changes: 1 addition & 1 deletion ovh/bucket/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ locals {
},
var.tags
)
s3_region = lower(element(regex("(.*)[[:digit:]]?$", var.region), 0))
s3_region = lower(element(regex("(.*)[[:digit:]]?$", var.region_name), 0))
}

resource "time_static" "last_update" {
Expand Down
4 changes: 2 additions & 2 deletions ovh/bucket/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
output "bucket" {
value = {
"url" = "s3://${openstack_objectstorage_container_v1.bucket.name}",
"url" = "s3://${ovh_cloud_project_storage.storage.name}",
"endpoint_url" = "https://s3.${local.s3_region}.cloud.ovh.net"
"region" = local.s3_region,
"name" = openstack_objectstorage_container_v1.bucket.name,
"name" = ovh_cloud_project_storage.storage.name,
}
}
6 changes: 1 addition & 5 deletions ovh/bucket/providers.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,7 @@ terraform {
}
ovh = {
source = "ovh/ovh"
version = "~> 0.26.0"
}
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.49.0"
version = "~> 2.1"
}
}
}
30 changes: 21 additions & 9 deletions ovh/bucket/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,30 @@ variable "tags" {
}

# bellow are specific modules variables
variable "region" {
variable "region_name" {
description = "Region (in uppercase) applied to this bucket"
type = string
description = "OVH region"
default = "GRA"
}

# variable "ovh_service_name" {
# description = "OVH service name"
# type = string
# }
variable "cloud_project_id" {
description = "Cloud project ID for this bucket"
type = string
}

variable "owner_id" {
description = "Container owner user ID for this bucket"
type = string
default = ""
}

variable "versioning_enabled" {
description = "A boolean that indicates whether this bucket has versioning enabled."
type = bool
default = true
}

variable "ovh_write_user" {
description = "OVH user name who will have write access to the bucket"
variable "encryption_enabled" {
description = "A boolean that indicates whether this bucket has encryption enabled."
type = string
default = true
}
Loading