NotificationsYou must be signed in to change notification settings
Fork1k
Star11.1k

Commitb90bc7c

authored

feat: use cloud secret for DNS token in scaletest TF (#19466)

Removes the requirement to obtain a Cloudflare DNS token from our scaletest/terraform/action builds. Instead, by default, we pull the token from Google Secrets Manager and use the `scaletest.dev` DNS domain.Removes cloudflare_email as this was unneeded. Removes the cloudflare_zone_id and instead pulls it from a data source via the Cloudflare API.closescoder/internal#839

1 parenta71e5cc commitb90bc7cCopy full SHA for b90bc7c

File tree

3 files changed

+16

-11

lines changed

scaletest/terraform/action

3 files changed

+16

-11

lines changed

`‎scaletest/terraform/action/cf_dns.tf‎`

Lines changed: 5 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,10 @@`
	`1`	`+data"cloudflare_zone""domain" {`
	`2`	`+name=var.cloudflare_domain`
	`3`	`+}`
	`4`	`+`
`1`	`5`	`resource"cloudflare_record""coder" {`
`2`	`6`	`for_each=local.deployments`
`3`		`-zone_id=var.cloudflare_zone_id`
	`7`	`+zone_id=data.cloudflare_zone.domain.zone_id`
`4`	`8`	`name=each.value.subdomain`
`5`	`9`	`content=google_compute_address.coder[each.key].address`
`6`	`10`	`type="A"`

`‎scaletest/terraform/action/main.tf‎`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -46,8 +46,13 @@ terraform {`
`46`	`46`	`provider"google" {`
`47`	`47`	`}`
`48`	`48`
	`49`	`+data"google_secret_manager_secret_version_access""cloudflare_api_token_dns" {`
	`50`	`+secret="cloudflare-api-token-dns"`
	`51`	`+project=var.project_id`
	`52`	`+}`
	`53`	`+`
`49`	`54`	`provider"cloudflare" {`
`50`		`-api_token=var.cloudflare_api_token`
	`55`	`+api_token=coalesce(var.cloudflare_api_token, data.google_secret_manager_secret_version_access.cloudflare_api_token_dns.secret_data)`
`51`	`56`	`}`
`52`	`57`
`53`	`58`	`provider"kubernetes" {`

`‎scaletest/terraform/action/vars.tf‎`

Lines changed: 5 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@ variable "scenario" {`
`13`	`13`	`// GCP`
`14`	`14`	`variable"project_id" {`
`15`	`15`	`description="The project in which to provision resources"`
	`16`	`+default="coder-scaletest"`
`16`	`17`	`}`
`17`	`18`
`18`	`19`	`variable"k8s_version" {`
`@@ -24,19 +25,14 @@ variable "k8s_version" {`
`24`	`25`	`variable"cloudflare_api_token" {`
`25`	`26`	`description="Cloudflare API token."`
`26`	`27`	`sensitive=true`
`27`		`-}`
`28`		`-`
`29`		`-variable"cloudflare_email" {`
`30`		`-description="Cloudflare email address."`
`31`		`-sensitive=true`
	`28`	`+# only override if you want to change the cloudflare_domain; pulls the token for scaletest.dev from Google Secrets`
	`29`	`+# Manager if null.`
	`30`	`+default=null`
`32`	`31`	`}`
`33`	`32`
`34`	`33`	`variable"cloudflare_domain" {`
`35`	`34`	`description="Cloudflare coder domain."`
`36`		`-}`
`37`		`-`
`38`		`-variable"cloudflare_zone_id" {`
`39`		`-description="Cloudflare zone ID."`
	`35`	`+default="scaletest.dev"`
`40`	`36`	`}`
`41`	`37`
`42`	`38`	`// Coder`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitb90bc7c

File tree

3 files changed

3 files changed

`‎scaletest/terraform/action/cf_dns.tf‎`

`‎scaletest/terraform/action/main.tf‎`

`‎scaletest/terraform/action/vars.tf‎`

0 commit comments