Optional vpc (#5)

mickmcgrath13 · web-flow · commit 6bfc19a4a880 · 2022-12-28T11:52:49.000-06:00
* Make vpc optional
diff --git a/action.yaml b/action.yaml
@@ -46,6 +46,10 @@ inputs:
   # create_hosted_zone:
   #   description: "Bool, whether the hosted zone should be created in the action. Default is false"
   #   default: false
+  create_vpc:
+    description: "Bool, whether a VPC should be created in the action. Default is false"
+    default: false
+
 
   # ST2 config
   st2_auth_username:
@@ -87,6 +91,7 @@ runs:
         # CREATE_DOMAIN: ${{ inputs.CREATE_DOMAIN }}
         SUB_DOMAIN: ${{ inputs.sub_domain }}
         # CREATE_HOSTED_ZONE: ${{ inputs.CREATE_HOSTED_ZONE }}
+        CREATE_VPC: ${{ inputs.create_vpc }}
         BITOPS_FAST_FAIL: true
 
         # ST2 config
diff --git a/operations/_scripts/deploy/deploy.sh b/operations/_scripts/deploy/deploy.sh
@@ -55,6 +55,7 @@ docker run --rm --name bitops \
 -e TERRAFORM_DESTROY="${TERRAFORM_DESTROY}" \
 -e TF_STATE_BUCKET="${TF_STATE_BUCKET}" \
 -e DEFAULT_FOLDER_NAME="_default" \
+-e CREATE_VPC="${CREATE_VPC}" \
 -e BITOPS_FAST_FAIL="${BITOPS_FAST_FAIL}" \
 -e ST2_AUTH_USERNAME="${ST2_AUTH_USERNAME}" \
 -e ST2_AUTH_PASSWORD="${ST2_AUTH_PASSWORD}" \
diff --git a/operations/_scripts/generate/generate_tf_vars.sh b/operations/_scripts/generate/generate_tf_vars.sh
@@ -75,6 +75,9 @@ aws_resource_identifier_supershort = \"${GITHUB_IDENTIFIER_SS}\"
 sub_domain_name = \"${SUB_DOMAIN}\"
 domain_name = \"${DOMAIN_NAME}\"
 
+# VPC
+create_vpc = \"${CREATE_VPC}\"
+
 # Region
 region = \"${AWS_DEFAULT_REGION}\"
 
diff --git a/operations/deployment/terraform/main.tf b/operations/deployment/terraform/main.tf
@@ -18,6 +18,7 @@ module "Stackstorm-Single-VM" {
   aws_resource_identifier_supershort=var.aws_resource_identifier_supershort
   sub_domain_name=var.sub_domain_name
   domain_name=var.domain_name
+  create_vpc=var.create_vpc
   #create_domain=var.create_domain
   availability_zones=local.availability_zones
   route53_zone_id=var.route53_zone_id
diff --git a/operations/deployment/terraform/modules/02_networking.tf b/operations/deployment/terraform/modules/02_networking.tf
@@ -1,19 +1,18 @@
- #   TODO: optional based on flag: create_vpc
-resource "aws_vpc" "main" {
+ resource "aws_vpc" "main" {
+ count = var.create_vpc == "true" ? 1 : 0
  cidr_block = var.vpc_cidr
  tags = {
    Name = "${var.aws_resource_identifier}"
  }
 }
- #   TODO: optional based on flag: create_vpc
 resource "aws_internet_gateway" "gw" {
- vpc_id = aws_vpc.main.id
+  count = var.create_vpc == "true" ? 1 : 0
+  vpc_id = aws_vpc.main[0].id
 }
 
-#   TODO: optional based on flag: create_vpc
 # resource "aws_subnet" "private" {
-#   vpc_id            = aws_vpc.main.id
-#   count             = length(var.private_subnets)
+#   vpc_id            = aws_vpc.main[0].id
+#   count             = var.create_vpc == "true" ? length(var.private_subnets) : 0
 #   cidr_block        = element(var.private_subnets, count.index)
 #   availability_zone = element(var.availability_zones, count.index)
 
@@ -23,12 +22,11 @@ resource "aws_internet_gateway" "gw" {
 #   }
 # }
 
-#   TODO: optional based on flag: create_vpc
 resource "aws_subnet" "public" {
-  vpc_id                  = aws_vpc.main.id
+  count = var.create_vpc == "true" ? length(var.public_subnets) : 0
+  vpc_id                  = aws_vpc.main[0].id
   cidr_block              = element(var.public_subnets, count.index)
   availability_zone       = element(var.availability_zones, count.index)
-  count                   = length(var.public_subnets)
   map_public_ip_on_launch = true
 
   tags = {
@@ -37,26 +35,27 @@ resource "aws_subnet" "public" {
   }
 }
 
-#   TODO: optional based on flag: create_vpc
 resource "aws_route_table" "public" {
-  vpc_id = aws_vpc.main.id
+  count = var.create_vpc == "true" ? 1 : 0
+  vpc_id = aws_vpc.main[0].id
 
   tags = {
     Name        = "${var.aws_resource_identifier}"
   }
   
 }
-#   TODO: optional based on flag: create_vpc
+
 resource "aws_route" "public" {
-  route_table_id         = aws_route_table.public.id
+  count = var.create_vpc == "true" ? 1 : 0
+  route_table_id         = aws_route_table.public[0].id
   destination_cidr_block = "0.0.0.0/0"
-  gateway_id             = aws_internet_gateway.gw.id
+  gateway_id             = aws_internet_gateway.gw[0].id
 }
-#   TODO: optional based on flag: create_vpc
+
 resource "aws_route_table_association" "public" {
-  count          = length(var.public_subnets)
+  count = var.create_vpc == "true" ? length(var.public_subnets) : 0
   subnet_id      = element(aws_subnet.public.*.id, count.index)
-  route_table_id = aws_route_table.public.id
+  route_table_id = aws_route_table.public[0].id
 }
 
 
@@ -66,7 +65,7 @@ resource "aws_route_table_association" "public" {
 resource "aws_security_group" "allow_http" {
  name        = "allow_http"
  description = "Allow HTTP traffic"
- vpc_id      = aws_vpc.main.id
+ vpc_id      = var.create_vpc == "true" ? aws_vpc.main[0].id : null
  ingress {
    description = "HTTP"
    from_port   = 80
@@ -85,7 +84,7 @@ resource "aws_security_group" "allow_http" {
 resource "aws_security_group" "allow_https" {
  name        = "allow_https"
  description = "Allow HTTPS traffic"
- vpc_id      = aws_vpc.main.id
+ vpc_id      = var.create_vpc == "true" ? aws_vpc.main[0].id : null
  ingress {
    description = "HTTPS"
    from_port   = 443
@@ -104,7 +103,7 @@ resource "aws_security_group" "allow_https" {
 resource "aws_security_group" "allow_ssh" {
  name        = "allow_ssh"
  description = "Allow SSH traffic"
- vpc_id      = aws_vpc.main.id
+ vpc_id      = var.create_vpc == "true" ? aws_vpc.main[0].id : null
  ingress {
    description = "SSH"
    from_port   = 22
diff --git a/operations/deployment/terraform/modules/03_ec2.tf b/operations/deployment/terraform/modules/03_ec2.tf
@@ -4,8 +4,7 @@ resource "aws_instance" "server" {
  key_name                    = aws_key_pair.deployer.key_name
  associate_public_ip_address = true
  
- #   TODO: handle no subnet_id (see 02_networking.tf) - flag create_vpc
- subnet_id                   = aws_subnet.public.*.id[0]
+ subnet_id                   = var.create_vpc == "true" ? aws_subnet.public.*.id[0] : null
  vpc_security_group_ids      = [aws_security_group.allow_http.id, aws_security_group.allow_https.id, aws_security_group.allow_ssh.id]
  user_data = <<EOF
 #!/bin/bash
diff --git a/operations/deployment/terraform/modules/04_elb.tf b/operations/deployment/terraform/modules/04_elb.tf
@@ -1,6 +1,7 @@
 resource "aws_elb" "vm" {
   name               = "${var.aws_resource_identifier_supershort}"
-  subnets = aws_subnet.public.*.id
+  subnets            = var.create_vpc == "true" ? aws_subnet.public.*.id : null
+  availability_zones = var.create_vpc == "true" ? null : [aws_instance.server.availability_zone]
 
   security_groups = [aws_security_group.allow_http.id, aws_security_group.allow_https.id]
 
diff --git a/operations/deployment/terraform/modules/variables.tf b/operations/deployment/terraform/modules/variables.tf
@@ -88,6 +88,11 @@ variable "domain_name" {
   description = "root domain name without any subdomains"
   default = ""
 }
+variable "create_vpc" {
+  type = string
+  default = "false"
+  description = "Attach public IP to the EC2 instance"
+}
 
 
 
diff --git a/operations/deployment/terraform/variables.tf b/operations/deployment/terraform/variables.tf
@@ -88,6 +88,11 @@ variable "domain_name" {
   description = "root domain name without any subdomains"
   default = ""
 }
+variable "create_vpc" {
+  type = string
+  default = "false"
+  description = "Attach public IP to the EC2 instance"
+}
 
 
 ## NEW NEEDS REVIEW

Original file line number	Diff line number	Diff line change
`@@ -88,6 +88,11 @@ variable "domain_name" {`
`88`	`88`	`description = "root domain name without any subdomains"`
`89`	`89`	`default = ""`
`90`	`90`	`}`
	`91`	`+variable "create_vpc" {`
	`92`	`+ type = string`
	`93`	`+ default = "false"`
	`94`	`+ description = "Attach public IP to the EC2 instance"`
	`95`	`+}`
`91`	`96`
`92`	`97`
`93`	`98`