Executor Improvements Part 01 (#71)

* generate random UUID for prefix variable

* Update CHANGELOG.md

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [UNRELEASED]
 
+### Added
+
+- Generate random UUID for prefix variable to avoid name conflicting deployed resources
+
 ## [0.33.0] - 2023-11-21
 
 ### Changed

covalent_ecs_plugin/assets/infra/iam.tf

@@ -10,7 +10,7 @@ data "aws_iam_policy_document" "ecs_tasks_execution_role" {
 }
 
 resource "aws_iam_role" "ecs_tasks_execution_role" {
-  name               = "${var.prefix}-task-execution-role"
+  name               = "${local.prefix}-task-execution-role"
   assume_role_policy = data.aws_iam_policy_document.ecs_tasks_execution_role.json
 }
 
@@ -20,7 +20,7 @@ resource "aws_iam_role_policy_attachment" "ecs_tasks_execution_role" {
 }
 
 resource "aws_iam_role_policy" "task_policy" {
-  name = "${var.prefix}-task-policy"
+  name = "${local.prefix}-task-policy"
   role = aws_iam_role.task_role.id
 
   policy = jsonencode({
@@ -49,7 +49,7 @@ resource "aws_iam_role_policy" "task_policy" {
 }
 
 resource "aws_iam_role" "task_role" {
-  name = "${var.prefix}-task-role"
+  name = "${local.prefix}-task-role"
 
   assume_role_policy = jsonencode({
     "Version" : "2012-10-17",

covalent_ecs_plugin/assets/infra/main.tf

@@ -14,12 +14,26 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-provider "aws" {
-  region = var.aws_region
+provider "aws" {}
+
+data "aws_region" "current" {}
+
+resource "random_string" "default_prefix" {
+  length  = 9
+  upper   = false
+  special = false
+}
+
+locals {
+  prefix      = var.prefix == "" ? random_string.default_prefix.result : var.prefix
+  subnet_id   = var.subnet_id == "" ? aws_default_subnet.default.id : var.subnet_id
+  credentials = var.credentials == "" ? pathexpand("~/.aws/credentials") : var.credentials
+  profile     = var.profile == "" ? "default" : var.profile
+  region      = var.region == "" ? data.aws_region.current.name : var.region
 }
 
 resource "aws_s3_bucket" "bucket" {
-  bucket = "${var.prefix}-bucket"
+  bucket        = "${local.prefix}-bucket"
   force_destroy = true
 }
 
@@ -38,7 +52,7 @@ resource "aws_s3_bucket_acl" "bucket_acl" {
 }
 
 resource "aws_ecr_repository" "ecr_repository" {
-  name                 = "${var.prefix}-ecr-repo"
+  name                 = "${local.prefix}-ecr-repo"
   image_tag_mutability = "IMMUTABLE"
 
   force_delete = true
@@ -49,45 +63,45 @@ resource "aws_ecr_repository" "ecr_repository" {
 }
 
 resource "aws_cloudwatch_log_group" "log_group" {
-  name = "${var.prefix}-log-group"
+  name = "${local.prefix}-log-group"
 }
 
 resource "aws_ecs_cluster" "ecs_cluster" {
-  name = "${var.prefix}-ecs-cluster"
+  name = "${local.prefix}-ecs-cluster"
 
   configuration {
     execute_command_configuration {
-      logging    = "OVERRIDE"
+      logging = "OVERRIDE"
       log_configuration {
-        cloud_watch_log_group_name     = aws_cloudwatch_log_group.log_group.name
+        cloud_watch_log_group_name = aws_cloudwatch_log_group.log_group.name
       }
     }
   }
 }
 
 # Executor Covalent config section
-data template_file executor_config {
-  template = "${file("${path.module}/ecs.conf.tftpl")}"
+data "template_file" "executor_config" {
+  template = file("${path.module}/ecs.conf.tftpl")
 
   vars = {
-    credentials=var.credentials
-    profile=var.profile
-    region=var.aws_region
-    s3_bucket_name=aws_s3_bucket.bucket.id
-    ecs_cluster_name=aws_ecs_cluster.ecs_cluster.name
-    ecs_task_execution_role_name=aws_iam_role.ecs_tasks_execution_role.name
-    ecs_task_role_name=aws_iam_role.task_role.name
-    ecs_task_subnet_id=module.vpc.public_subnets[0]
-    ecs_task_security_group_id=aws_security_group.sg.id
-    ecs_task_log_group_name=aws_cloudwatch_log_group.log_group.name
-    vcpu=var.vcpus
-    memory=var.memory
-    cache_dir=var.cache_dir
-    poll_freq=var.poll_freq
+    credentials                  = var.credentials
+    profile                      = var.profile
+    region                       = var.region
+    s3_bucket_name               = aws_s3_bucket.bucket.id
+    ecs_cluster_name             = aws_ecs_cluster.ecs_cluster.name
+    ecs_task_execution_role_name = aws_iam_role.ecs_tasks_execution_role.name
+    ecs_task_role_name           = aws_iam_role.task_role.name
+    ecs_task_subnet_id           = module.vpc.public_subnets[0]
+    ecs_task_security_group_id   = aws_security_group.sg.id
+    ecs_task_log_group_name      = aws_cloudwatch_log_group.log_group.name
+    vcpu                         = var.vcpus
+    memory                       = var.memory
+    cache_dir                    = var.cache_dir
+    poll_freq                    = var.poll_freq
   }
 }
 
-resource local_file executor_config {
-  content = data.template_file.executor_config.rendered
+resource "local_file" "executor_config" {
+  content  = data.template_file.executor_config.rendered
   filename = "${path.module}/ecs.conf"
 }

covalent_ecs_plugin/assets/infra/networking.tf

@@ -22,7 +22,7 @@ module "vpc" {
   name = "${var.prefix}-vpc"
   cidr = var.vpc_cidr
 
-  azs = ["${var.aws_region}a"]
+  azs = ["${var.region}a"]
 
   public_subnets = [
     cidrsubnet(var.vpc_cidr, 0, 0)

covalent_ecs_plugin/assets/infra/variables.tf

@@ -15,11 +15,11 @@
 # limitations under the License.
 
 variable "prefix" {
-  default     = "covalent-ecs-ft"
+  default     = ""
   description = "Name used to prefix AWS resources"
 }
 
-variable "aws_region" {
+variable "region" {
   default     = "us-east-1"
   description = "Region in which Covalent is deployed"
 }