Merge pull request #51 from lorengordon/implicit-dependencies

plus3it · Jun 10, 2020 · 047e89d · 047e89d
2 parents 2bfb951 + c9a17e6
commit 047e89d
Show file tree

Hide file tree

Showing 6 changed files with 126 additions and 4 deletions.
diff --git a/.bumpversion.cfg b/.bumpversion.cfg
@@ -1,7 +1,6 @@
 [bumpversion]
-current_version = 0.1.1
+current_version = 0.2.0
 commit = True
 message = Bumps version to {new_version}
 tag = False
 tag_name = {new_version}
-
diff --git a/README.md b/README.md
@@ -21,12 +21,14 @@ No requirements.
 |------|---------|
 | aws | n/a |
 | aws.owner | n/a |
+| null | n/a |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | create\_tgw\_attachment | Controls whether to create the TGW attachment | `bool` | `true` | no |
+| dependencies | List of resource dependencies to force terraform to wait until they are done | `list(string)` | `[]` | no |
 | dns\_support | (Optional) Whether DNS support is enabled. Valid values: disable, enable. | `string` | `"enable"` | no |
 | name | The name of the TGW attachment for tagging purposes | `string` | `null` | no |
 | owner\_routes | List of AWS route objects to create with the "owner" provider. Each route will be created with a target of the transit gateway. | <pre>list(object({<br>    route_table_id              = string<br>    destination_cidr_block      = string<br>    destination_ipv6_cidr_block = string<br>  }))</pre> | `[]` | no |

diff --git a/main.tf b/main.tf
@@ -14,6 +14,8 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "this" {
   vpc_id             = var.vpc_id
   dns_support        = var.dns_support
   tags               = merge(var.tags, map("Name", var.name))
+
+  depends_on = [null_resource.dependencies]
 }
 
 resource "aws_ec2_transit_gateway_vpc_attachment_accepter" "this" {
@@ -47,6 +49,14 @@ resource "aws_route" "owner" {
   transit_gateway_id          = local.transit_gateway_id
 }
 
+resource "null_resource" "dependencies" {
+  count = var.create_tgw_attachment ? 1 : 0
+
+  triggers = {
+    this = join(",", var.dependencies)
+  }
+}
+
 data "aws_caller_identity" "this" {
   count = var.create_tgw_attachment ? 1 : 0
 }

diff --git a/tests/create_attachment_ram_share/main.tf b/tests/create_attachment_ram_share/main.tf
@@ -0,0 +1,105 @@
+terraform {
+  required_version = "~> 0.12.0"
+}
+
+provider aws {
+  region = "us-east-1"
+}
+
+provider aws {
+  region  = "us-east-1"
+  alias   = "owner"
+  profile = "owner"
+}
+
+module "create_attachment" {
+  source = "../../"
+
+  providers = {
+    aws       = aws
+    aws.owner = aws.owner
+  }
+
+  create_tgw_attachment = true
+  name                  = "tardigrade-tgw-${local.test_id}"
+  routes                = local.routes
+  subnet_ids            = module.vpc.private_subnets
+  transit_gateway_id    = aws_ec2_transit_gateway.this.id
+  vpc_id                = module.vpc.vpc_id
+
+  dependencies = [
+    aws_ram_resource_association.this.id,
+  ]
+}
+
+module "vpc" {
+  source = "git::https://github.com/terraform-aws-modules/terraform-aws-vpc.git?ref=v2.15.0"
+
+  providers = {
+    aws = aws
+  }
+
+  name            = "tardigrade-tgw-${local.test_id}"
+  cidr            = "10.0.0.0/16"
+  azs             = ["us-east-1a", "us-east-1b"]
+  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
+}
+
+resource "aws_ram_resource_share" "this" {
+  provider = aws.owner
+
+  name                      = "tardigrade-tgw-${local.test_id}"
+  allow_external_principals = true
+
+  tags = {
+    Environment = "testing"
+  }
+}
+
+resource "aws_ec2_transit_gateway" "this" {
+  provider = aws.owner
+
+  description = "tardigrade-tgw-${local.test_id}"
+}
+
+resource "aws_ram_resource_association" "this" {
+  provider = aws.owner
+
+  resource_arn       = aws_ec2_transit_gateway.this.arn
+  resource_share_arn = aws_ram_resource_share.this.arn
+}
+
+resource "aws_ram_principal_association" "this" {
+  count    = local.create_ram_principal_association ? 1 : 0
+  provider = aws.owner
+
+  principal          = data.aws_caller_identity.this.account_id
+  resource_share_arn = aws_ram_resource_share.this.arn
+}
+
+resource "random_string" "this" {
+  length  = 6
+  upper   = false
+  special = false
+  number  = false
+}
+
+data "aws_caller_identity" "this" {}
+
+data "aws_caller_identity" "owner" {
+  provider = aws.owner
+}
+
+locals {
+  test_id                          = random_string.this.result
+  create_ram_principal_association = data.aws_caller_identity.this.account_id != data.aws_caller_identity.owner.account_id
+  remote_ipv4_cidr                 = "10.1.0.0/16"
+
+  routes = [for rt in concat(module.vpc.public_route_table_ids, module.vpc.private_route_table_ids) :
+    {
+      route_table_id              = rt
+      destination_cidr_block      = local.remote_ipv4_cidr
+      destination_ipv6_cidr_block = null
+    }
+  ]
+}
diff --git a/tests/no_attachment/main.tf b/tests/no_attachment/main.tf
@@ -16,8 +16,8 @@ module "create_attachment" {
   source = "../../"
 
   providers = {
-    aws       = "aws"
-    aws.owner = "aws.owner"
+    aws       = aws
+    aws.owner = aws.owner
   }
 
   create_tgw_attachment = false

diff --git a/variables.tf b/variables.tf
@@ -4,6 +4,12 @@ variable "create_tgw_attachment" {
   default     = true
 }
 
+variable "dependencies" {
+  description = "List of resource dependencies to force terraform to wait until they are done"
+  default     = []
+  type        = list(string)
+}
+
 variable "name" {
   description = "The name of the TGW attachment for tagging purposes"
   type        = string