Commit 5b4af180 authored by Craig Furman's avatar Craig Furman

Merge branch 'craigf/0.12upgrade-ops' into 'master'

Upgrade ops to Terraform 0.12

See merge request !1025
parents dbf8d9d0 728bfdc2
This diff is collapsed.
......@@ -4,8 +4,8 @@
# services
resource "google_compute_url_map" "monitoring-lb" {
name = "${format("%v-monitoring-lb", var.environment)}"
default_service = "${module.prometheus.google_compute_backend_service_self_link}"
name = format("%v-monitoring-lb", var.environment)
default_service = module.prometheus.google_compute_backend_service_self_link
host_rule {
hosts = ["prometheus.ops.gitlab.net"]
......@@ -14,11 +14,11 @@ resource "google_compute_url_map" "monitoring-lb" {
path_matcher {
name = "prometheus"
default_service = "${module.prometheus.google_compute_backend_service_self_link}"
default_service = module.prometheus.google_compute_backend_service_self_link
path_rule {
paths = ["/*"]
service = "${module.prometheus.google_compute_backend_service_self_link}"
service = module.prometheus.google_compute_backend_service_self_link
}
}
......@@ -30,11 +30,11 @@ resource "google_compute_url_map" "monitoring-lb" {
}
path_matcher {
name = "prometheus-app"
default_service = "${module.prometheus-app.google_compute_backend_service_self_link}"
default_service = module.prometheus-app.google_compute_backend_service_self_link
path_rule {
paths = ["/*"]
service = "${module.prometheus-app.google_compute_backend_service_self_link}"
service = module.prometheus-app.google_compute_backend_service_self_link
}
}
......@@ -46,11 +46,11 @@ resource "google_compute_url_map" "monitoring-lb" {
}
path_matcher {
name = "alerts"
default_service = "${module.alerts.google_compute_backend_service_self_link}"
default_service = module.alerts.google_compute_backend_service_self_link
path_rule {
paths = ["/*"]
service = "${module.alerts.google_compute_backend_service_self_link}"
service = module.alerts.google_compute_backend_service_self_link
}
}
......@@ -62,11 +62,12 @@ resource "google_compute_url_map" "monitoring-lb" {
}
path_matcher {
name = "thanos-query"
default_service = "${module.thanos-query.google_compute_backend_service_self_link}"
default_service = module.thanos-query.google_compute_backend_service_self_link
path_rule {
paths = ["/*"]
service = "${module.thanos-query.google_compute_backend_service_self_link}"
service = module.thanos-query.google_compute_backend_service_self_link
}
}
}
......@@ -14,7 +14,7 @@ resource "google_service_account" "ops-ci" {
resource "google_storage_bucket" "gitlab-configs" {
name = "gitlab-configs"
versioning = {
versioning {
enabled = "true"
}
......@@ -87,10 +87,11 @@ resource "google_kms_key_ring_iam_binding" "gitlab-shared-configs-RO" {
resource "google_kms_crypto_key" "config" {
name = "config"
key_ring = "${google_kms_key_ring.gitlab-shared-configs.self_link}"
key_ring = google_kms_key_ring.gitlab-shared-configs.self_link
rotation_period = "7776000s"
lifecycle {
prevent_destroy = true
}
}
......@@ -18,18 +18,32 @@ variable "bootstrap_script_version" {
default = 8
}
variable "oauth2_client_id_log_proxy" {}
variable "oauth2_client_secret_log_proxy" {}
variable "oauth2_client_id_dashboards" {}
variable "oauth2_client_secret_dashboards" {}
variable "oauth2_client_id_gitlab_ops" {}
variable "oauth2_client_secret_gitlab_ops" {}
variable "oauth2_client_id_log_proxy" {
}
variable "oauth2_client_secret_log_proxy" {
}
variable "oauth2_client_id_dashboards" {
}
variable "oauth2_client_secret_dashboards" {
}
variable "oauth2_client_id_gitlab_ops" {
}
variable "oauth2_client_secret_gitlab_ops" {
}
variable "oauth2_client_id_monitoring" {
}
variable "oauth2_client_id_monitoring" {}
variable "oauth2_client_secret_monitoring" {}
variable "oauth2_client_secret_monitoring" {
}
variable "machine_types" {
type = "map"
type = map(string)
default = {
"alerts" = "n1-standard-1"
......@@ -60,7 +74,7 @@ variable "machine_types" {
}
variable "monitoring_hosts" {
type = "map"
type = map(list(string))
default = {
"names" = ["alerts", "prometheus", "prometheus-app", "thanos-query"]
......@@ -69,7 +83,7 @@ variable "monitoring_hosts" {
}
variable "service_account_email" {
type = "string"
type = string
default = "terraform@gitlab-ops.iam.gserviceaccount.com"
}
......@@ -78,7 +92,7 @@ variable "service_account_email" {
# 10.250.0.0/16
variable "subnetworks" {
type = "map"
type = map(string)
default = {
"logging" = "10.250.1.0/24"
......@@ -108,7 +122,7 @@ variable "subnetworks" {
}
variable "public_ports" {
type = "map"
type = map(list(string))
default = {
"log-proxy" = []
......@@ -129,7 +143,7 @@ variable "public_ports" {
}
variable "node_count" {
type = "map"
type = map(string)
default = {
"alerts" = 2
......@@ -151,18 +165,17 @@ variable "node_count" {
}
variable "chef_provision" {
type = "map"
type = map(string)
description = "Configuration details for chef server"
default = {
bootstrap_bucket = "gitlab-ops-chef-bootstrap"
bootstrap_key = "gitlab-ops-bootstrap-validation"
bootstrap_keyring = "gitlab-ops-bootstrap"
server_url = "https://chef.gitlab.com/organizations/gitlab/"
user_name = "gitlab-ci"
user_key_path = ".chef.pem"
version = "14.13.11"
server_url = "https://chef.gitlab.com/organizations/gitlab/"
user_name = "gitlab-ci"
user_key_path = ".chef.pem"
version = "14.13.11"
}
}
......@@ -171,7 +184,7 @@ variable "monitoring_cert_link" {
}
variable "lb_fqdns_bastion" {
type = "list"
type = list(string)
default = ["lb-bastion.ops.gitlab.com"]
}
......@@ -204,7 +217,7 @@ variable "network_pre" {
}
variable "tcp_lbs_bastion" {
type = "map"
type = map(list(string))
default = {
"names" = ["ssh"]
......@@ -214,7 +227,7 @@ variable "tcp_lbs_bastion" {
}
variable "tcp_lbs_sentry" {
type = "map"
type = map(list(string))
default = {
"names" = ["http", "https"]
......@@ -225,7 +238,7 @@ variable "tcp_lbs_sentry" {
}
variable "tcp_lbs_aptly" {
type = "map"
type = map(list(string))
default = {
"names" = ["http", "https"]
......@@ -259,7 +272,7 @@ variable "dashboards_gitlab_com_cert_link" {
}
variable "gcs_service_account_email" {
type = "string"
type = string
default = "gitlab-object-storage@gitlab-ops.iam.gserviceaccount.com"
}
......@@ -267,22 +280,22 @@ variable "gcs_service_account_email" {
# in https://gitlab.com/gitlab-restore/postgres-gprd
variable "gcs_postgres_backup_service_account" {
type = "string"
type = string
default = "postgres-wal-archive@gitlab-ops.iam.gserviceaccount.com"
}
variable "gcs_postgres_restore_service_account" {
type = "string"
type = string
default = "postgres-automated-backup-test@gitlab-restore.iam.gserviceaccount.com"
}
variable "gcs_postgres_backup_kms_key_id" {
type = "string"
type = string
default = "projects/gitlab-ops/locations/global/keyRings/gitlab-secrets/cryptoKeys/ops-postgres-wal-archive"
}
variable "postgres_backup_retention_days" {
type = "string"
type = string
default = "5"
}
......@@ -291,7 +304,7 @@ variable "postgres_backup_retention_days" {
#######################
variable "pubsubbeats" {
type = "map"
type = map(list(string))
default = {
"names" = ["gitaly", "haproxy", "pages", "postgres", "production", "system", "workhorse", "rspec", "sidekiq", "api", "nginx", "gitlab-shell", "shell", "rails", "unstructured", "unicorn", "application", "registry", "redis", "consul", "runner"]
......@@ -302,36 +315,37 @@ variable "pubsubbeats" {
### Object Storage Configuration
variable "artifact_age" {
type = "string"
type = string
default = "30"
}
variable "upload_age" {
type = "string"
type = string
default = "30"
}
variable "lfs_object_age" {
type = "string"
type = string
default = "30"
}
variable "package_repo_age" {
type = "string"
type = string
default = "30"
}
variable "storage_class" {
type = "string"
type = string
default = "MULTI_REGIONAL"
}
variable "storage_log_age" {
type = "string"
type = string
default = "7"
}
variable "gcs_storage_analytics_group_email" {
type = "string"
type = string
default = "cloud-storage-analytics@google.com"
}
terraform {
required_version = ">= 0.12"
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment