From ef4a4b02af7d5dc5300096895dc0dba3d42bff24 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Wed, 30 Nov 2022 11:36:58 +0100 Subject: [PATCH] Fix linting --- fast/stages/02-networking-nva/README.md | 2 +- fast/stages/02-networking-peering/README.md | 2 +- .../02-networking-separate-envs/README.md | 2 +- fast/stages/02-networking-vpn/README.md | 2 +- modules/net-vpn-ha/README.md | 36 ++++++++----------- modules/net-vpn-ha/variables.tf | 6 ++-- 6 files changed, 23 insertions(+), 27 deletions(-) diff --git a/fast/stages/02-networking-nva/README.md b/fast/stages/02-networking-nva/README.md index a72519b50..ca4d3bcae 100644 --- a/fast/stages/02-networking-nva/README.md +++ b/fast/stages/02-networking-nva/README.md @@ -387,7 +387,7 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS | [region_trigram](variables.tf#L183) | Short names for GCP regions. | map(string) | | {…} | | | [router_configs](variables.tf#L192) | Configurations for CRs and onprem routers. | map(object({…})) | | {…} | | | [service_accounts](variables.tf#L215) | Automation service accounts in name => email format. | object({…}) | | null | 01-resman | -| [vpn_onprem_configs](variables.tf#L229) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | +| [vpn_onprem_configs](variables.tf#L229) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | ## Outputs diff --git a/fast/stages/02-networking-peering/README.md b/fast/stages/02-networking-peering/README.md index f6a828099..c7829f0fb 100644 --- a/fast/stages/02-networking-peering/README.md +++ b/fast/stages/02-networking-peering/README.md @@ -311,7 +311,7 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS | [region_trigram](variables.tf#L166) | Short names for GCP regions. | map(string) | | {…} | | | [router_onprem_configs](variables.tf#L175) | Configurations for routers used for onprem connectivity. | map(object({…})) | | {…} | | | [service_accounts](variables.tf#L193) | Automation service accounts in name => email format. | object({…}) | | null | 01-resman | -| [vpn_onprem_configs](variables.tf#L207) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | +| [vpn_onprem_configs](variables.tf#L207) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | ## Outputs diff --git a/fast/stages/02-networking-separate-envs/README.md b/fast/stages/02-networking-separate-envs/README.md index a874311a9..66b31646e 100644 --- a/fast/stages/02-networking-separate-envs/README.md +++ b/fast/stages/02-networking-separate-envs/README.md @@ -252,7 +252,7 @@ You're now ready to run `terraform init` and `apply`. | [psa_ranges](variables.tf#L129) | IP ranges used for Private Service Access (e.g. CloudSQL). | object({…}) | | null | | | [router_onprem_configs](variables.tf#L166) | Configurations for routers used for onprem connectivity. | map(object({…})) | | {…} | | | [service_accounts](variables.tf#L189) | Automation service accounts in name => email format. | object({…}) | | null | 01-resman | -| [vpn_onprem_configs](variables.tf#L201) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | +| [vpn_onprem_configs](variables.tf#L201) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | ## Outputs diff --git a/fast/stages/02-networking-vpn/README.md b/fast/stages/02-networking-vpn/README.md index 8a884c09b..047a1189c 100644 --- a/fast/stages/02-networking-vpn/README.md +++ b/fast/stages/02-networking-vpn/README.md @@ -336,7 +336,7 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS | [router_onprem_configs](variables.tf#L175) | Configurations for routers used for onprem connectivity. | map(object({…})) | | {…} | | | [router_spoke_configs](variables-vpn.tf#L18) | Configurations for routers used for internal connectivity. | map(object({…})) | | {…} | | | [service_accounts](variables.tf#L193) | Automation service accounts in name => email format. | object({…}) | | null | 01-resman | -| [vpn_onprem_configs](variables.tf#L207) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | +| [vpn_onprem_configs](variables.tf#L207) | VPN gateway configuration for onprem interconnection. | map(object({…})) | | {…} | | | [vpn_spoke_configs](variables-vpn.tf#L37) | VPN gateway configuration for spokes. | map(object({…})) | | {…} | | ## Outputs diff --git a/modules/net-vpn-ha/README.md b/modules/net-vpn-ha/README.md index be09a8e06..1c1a23ce2 100644 --- a/modules/net-vpn-ha/README.md +++ b/modules/net-vpn-ha/README.md @@ -126,18 +126,12 @@ module "vpn_ha" { |---|---|:---:|:---:|:---:| | [name](variables.tf#L17) | VPN Gateway name (if an existing VPN Gateway is not used), and prefix used for dependent resources. | string | ✓ | | | [network](variables.tf#L22) | VPC used for the gateway and routes. | string | ✓ | | -| [project_id](variables.tf#L45) | Project where resources will be created. | string | ✓ | | -| [region](variables.tf#L50) | Region used for resources. | string | ✓ | | -| [peer_external_gateway](variables.tf#L27) | Configuration of an external VPN gateway to which this VPN is connected. | object({…}) | | null | -| [peer_gcp_gateway](variables.tf#L39) | Self Link URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. | string | | null | -| [route_priority](variables.tf#L55) | Route priority, defaults to 1000. | number | | 1000 | -| [router_advertise_config](variables.tf#L61) | Router custom advertisement configuration, ip_ranges is a map of address ranges and descriptions. | object({…}) | | null | -| [router_asn](variables.tf#L71) | Router ASN used for auto-created router. | number | | 64514 | -| [router_create](variables.tf#L77) | Create router. | bool | | true | -| [router_name](variables.tf#L83) | Router name used for auto created router, or to specify an existing router to use if `router_create` is set to `true`. Leave blank to use VPN name for auto created router. | string | | "" | -| [tunnels](variables.tf#L89) | VPN tunnel configurations, bgp_peer_options is usually null. | map(object({…})) | | {} | -| [vpn_gateway](variables.tf#L114) | HA VPN Gateway Self Link for using an existing HA VPN Gateway, leave empty if `vpn_gateway_create` is set to `true`. | string | | null | -| [vpn_gateway_create](variables.tf#L120) | Create HA VPN Gateway. | bool | | true | +| [peer_gateway](variables.tf#L27) | Configuration of the (external or GCP) peer gateway. | object({…}) | ✓ | | +| [project_id](variables.tf#L43) | Project where resources will be created. | string | ✓ | | +| [region](variables.tf#L48) | Region used for resources. | string | ✓ | | +| [router_config](variables.tf#L53) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | object({…}) | ✓ | | +| [tunnels](variables.tf#L68) | VPN tunnel configurations, bgp_peer_options is usually null. | map(object({…})) | | {} | +| [vpn_gateway](variables.tf#L95) | Self link of an existing HA VPN Gateway to use. Set to null to create new VPN Gateway. | string | | null | ## Outputs @@ -145,14 +139,14 @@ module "vpn_ha" { |---|---|:---:| | [bgp_peers](outputs.tf#L18) | BGP peer resources. | | | [external_gateway](outputs.tf#L25) | External VPN gateway resource. | | -| [gateway](outputs.tf#L34) | VPN gateway resource (only if auto-created). | | -| [name](outputs.tf#L43) | VPN gateway name (only if auto-created). . | | -| [random_secret](outputs.tf#L52) | Generated secret. | | -| [router](outputs.tf#L57) | Router resource (only if auto-created). | | -| [router_name](outputs.tf#L66) | Router name. | | -| [self_link](outputs.tf#L71) | HA VPN gateway self link. | | -| [tunnel_names](outputs.tf#L76) | VPN tunnel names. | | -| [tunnel_self_links](outputs.tf#L84) | VPN tunnel self links. | | -| [tunnels](outputs.tf#L92) | VPN tunnel resources. | | +| [gateway](outputs.tf#L30) | VPN gateway resource (only if auto-created). | | +| [name](outputs.tf#L35) | VPN gateway name (only if auto-created). . | | +| [random_secret](outputs.tf#L40) | Generated secret. | | +| [router](outputs.tf#L45) | Router resource (only if auto-created). | | +| [router_name](outputs.tf#L50) | Router name. | | +| [self_link](outputs.tf#L55) | HA VPN gateway self link. | | +| [tunnel_names](outputs.tf#L60) | VPN tunnel names. | | +| [tunnel_self_links](outputs.tf#L68) | VPN tunnel self links. | | +| [tunnels](outputs.tf#L76) | VPN tunnel resources. | | diff --git a/modules/net-vpn-ha/variables.tf b/modules/net-vpn-ha/variables.tf index 8f24b6cbc..f8ecd151f 100644 --- a/modules/net-vpn-ha/variables.tf +++ b/modules/net-vpn-ha/variables.tf @@ -25,6 +25,7 @@ variable "network" { } variable "peer_gateway" { + description = "Configuration of the (external or GCP) peer gateway." type = object({ external = optional(object({ redundancy_type = string @@ -34,8 +35,8 @@ variable "peer_gateway" { }) nullable = false validation { - condition = var.peer_gateway.external != null || var.peer_gateway.gcp != null - error_message = "TODO" + condition = (var.peer_gateway.external != null) != (var.peer_gateway.gcp != null) + error_message = "Peer gateway configuration must define exactly one between `external` and `gcp`." } } @@ -50,6 +51,7 @@ variable "region" { } variable "router_config" { + description = "Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router." type = object({ create = optional(bool, true) asn = number