From 20a7c64c9a7a3c8ef41a7fdcb0f65503988364b9 Mon Sep 17 00:00:00 2001 From: Ryan Boehning <1250684+ryboe@users.noreply.github.com> Date: Sat, 5 Dec 2020 17:47:36 -0800 Subject: [PATCH] Update files for Terraform v0.14 (#1) * Upgrade db from Postgres 11 -> 13 * Upgrade tfe and google provider plugins * Remove google-beta provider since it's no longer needed * Add .terraform-version file to support tfenv * Add .vscode/ settings to play nice with VSCode * Clean up .gitignore --- .gitignore | 40 ++++++---------------------------------- .terraform-version | 1 + .terraform.lock.hcl | 38 ++++++++++++++++++++++++++++++++++++++ .vscode/extensions.json | 5 +++++ .vscode/settings.json | 8 ++++++++ README.md | 4 +++- main.tf | 30 ++++++++++-------------------- modules/db/main.tf | 2 +- versions.tf | 3 +++ 9 files changed, 75 insertions(+), 56 deletions(-) create mode 100644 .terraform-version create mode 100755 .terraform.lock.hcl create mode 100644 .vscode/extensions.json create mode 100644 .vscode/settings.json create mode 100644 versions.tf diff --git a/.gitignore b/.gitignore index 7b840f0..a9866c6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,36 +1,8 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files -*.tfstate -*.tfstate.* - -# Crash log files -crash.log - -# Ignore any .tfvars files that are generated automatically for each Terraform run. Most -# .tfvars files are managed as part of configuration and so should be included in -# version control. -# -# example.tfvars - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json *_override.tf *_override.tf.json - -# Include override files you do wish to add to version control using negated pattern -# -# !example_override.tf - -# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -# example: *tfplan* - -# This file is created by init_dev_cluster.sh and contains a workspace name that -# is unique to the developer. -terraform/development/backend.hcl - -api/target -.terraform/ +*.tfstate +*.tfstate.* +**/.terraform/* +crash.log +override.tf +override.tf.json diff --git a/.terraform-version b/.terraform-version new file mode 100644 index 0000000..a803cc2 --- /dev/null +++ b/.terraform-version @@ -0,0 +1 @@ +0.14.0 diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100755 index 0000000..530f2ef --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,38 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/google" { + version = "3.49.0" + constraints = ">= 3.49.0" + hashes = [ + "h1:r9DGN02xsR8k9hFqt37Yt7GjwVx34SJXqanR2igjm9Y=", + "zh:00ea68b3a3b6e11ea469f47ee949c7f8f5751f935a3366152f9d3c6660c27e9b", + "zh:1ef3efc2e81fa31ceb04e39ae25acd0f061629f104827e127bdb4345e95f37d0", + "zh:6bf00943baa776adef0bbc914886359cf95c505b0494f3936cedac5cd1e01a00", + "zh:7d2cce5a9be476d8eee67435d854d094f82b5814a0e34964d10f28c1e88a2c8f", + "zh:841d074e3fb06f0df7c930bc0c4a9733ce0c5f1a19d6af98632a7931d2ca6a59", + "zh:8920ccd27c8904fcf5d701d71baee4f64d9d6f1383e66c4673909d9c53895057", + "zh:91d4479d2d461ad582d127d47aa7094bd74a1278cc8d78ad36a1c4f31301f4f0", + "zh:a97c19cdb42b5f7e4e297183d60eaa45843ee7b0adde1120e47026c4cae456c1", + "zh:cbd862cc4d21866bb832e3e7fe4e6ed959f5e5363bcf3d74e476b42fec716efe", + "zh:ec3c63ba6db74b353fafff6aedbb30e3eb1a4e5c856b4920c7ffa10d7081cbbd", + ] +} + +provider "registry.terraform.io/hashicorp/tfe" { + version = "0.23.0" + constraints = ">= 0.23.0" + hashes = [ + "h1:uL/ncubyON0u4VZTRwIBdT+lzsOEloDraZUwVhh5M3g=", + "zh:229d02658c011c184c63eecbdb0af5e1366d14dfab78862345b6d907c2e253e5", + "zh:4aac896b2570ad6fd96a7a297c3e67cf60cea7b4ef3c845d0fe432c739c665fa", + "zh:58638104a55cd0ad413d81a4b022d155658e70ea2f07d4b70298e7238a016f20", + "zh:63f36714ec2cc23d74f8b90eb4e71168071ac84036fbd21612fa92dc2349c911", + "zh:6db95efac6cd067892753edfc18bfa24a8ac46088c751ae86efd78e54f4d3938", + "zh:7750f7f552e30c3b930375f3aeb202ad527723344df7a80a6e20eb37f7918d68", + "zh:a5052ec512d77b079b8e734528f1859a113254fdb7d48646e9f69dfba670e09b", + "zh:a64f492553ba2c9176f620f419464c1409fe5a277b75e268cc5418df74c25d4e", + "zh:c29b855c789edbc6d7f4601e6ff0462476c8a554937c57ff49fb9fbeaa41328a", + "zh:e17469b18f6e2156d5d941a46d402423bc88b3ed7e097022fd906c09ee66d033", + ] +} diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000..9d47f67 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,5 @@ +{ + "recommendations": [ + "hashicorp.terraform", + ] +} diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..77b983f --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,8 @@ +{ + "files.exclude": { + "**/.terraform/": true, + }, + "files.insertFinalNewline": true, + "files.trimFinalNewlines": true, + "files.trimTrailingWhitespace": true, +} diff --git a/README.md b/README.md index 2c6f814..546fbf2 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,8 @@ This repo demonstrates how to create a Cloud SQL DB with a private IP address only, and connect to it with [Cloud SQL Proxy](https://cloud.google.com/sql/docs/postgres/sql-proxy). The full explanation of how this works can be found in [this blog post](https://medium.com/@ryanboehning/how-to-deploy-a-cloud-sql-db-with-a-private-ip-only-using-terraform-e184b08eca64). +Terraform v0.14.0 or higher is required. + ## Deploy the db and Cloud SQL Proxy ```bash @@ -31,5 +33,5 @@ gcloud compute os-login ssh-keys add --key-file=~/.ssh/id_rsa.pub --ttl=365d gcloud compute os-login describe-profile | grep username # psql into your private db -ssh -t @ docker run --rm --network=host -it postgres:11-alpine psql -U postgres -h localhost +ssh -t @ docker run --rm --network=host -it postgres:13-alpine psql -U postgres -h localhost ``` diff --git a/main.tf b/main.tf index c1572d7..ac983b3 100644 --- a/main.tf +++ b/main.tf @@ -1,11 +1,16 @@ // root module terraform { - required_version = "~> 0.12.24" + required_version = ">= 0.14.0" required_providers { - tfe = "~> 0.16.0" - google = "~> 3.17.0" - google-beta = "~> 3.17.0" # for enabling private services access + tfe = { + source = "hashicorp/tfe" + version = ">= 0.23.0" + } + google = { + source = "hashicorp/google" + version = ">= 3.49.0" + } } backend "remote" { organization = "my-terraform-cloud-org" @@ -17,7 +22,7 @@ terraform { locals { db_username = "my_user" # Postgres username - gcp_project_name = "norse-baton-274601" + gcp_project_name = "my-gcp-project-274601" gcp_region = "us-central1" gcp_zone = "us-central1-b" } @@ -28,28 +33,13 @@ provider "google" { zone = local.gcp_zone } -provider "google-beta" { - project = local.gcp_project_name - region = local.gcp_region - zone = local.gcp_zone -} - module "vpc" { - # Override the default google provider with the google-beta provider. We need - # the beta provider to enable setting a private IP for the db. - providers = { - google = google-beta - } source = "./modules/vpc" name = "main-vpc" } module "db" { - providers = { - google = google-beta - } - source = "./modules/db" disk_size = 10 diff --git a/modules/db/main.tf b/modules/db/main.tf index 8785851..5899ad9 100644 --- a/modules/db/main.tf +++ b/modules/db/main.tf @@ -7,7 +7,7 @@ resource "google_sql_database" "main" { resource "google_sql_database_instance" "main_primary" { name = "main-primary" - database_version = "POSTGRES_11" + database_version = "POSTGRES_13" depends_on = [var.db_depends_on] settings { diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..5e4ce43 --- /dev/null +++ b/versions.tf @@ -0,0 +1,3 @@ +terraform { + required_version = ">= 0.14" +}