diff --git a/CHANGELOG.md b/CHANGELOG.md index cff90fe..00f9c88 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [UNRELEASED] +### Added + +- Generate random UUID for prefix variable to avoid name conflicting deployed resources + ## [0.33.0] - 2023-11-21 ### Changed diff --git a/covalent_ecs_plugin/assets/infra/iam.tf b/covalent_ecs_plugin/assets/infra/iam.tf index aba1376..6d607fd 100644 --- a/covalent_ecs_plugin/assets/infra/iam.tf +++ b/covalent_ecs_plugin/assets/infra/iam.tf @@ -10,7 +10,7 @@ data "aws_iam_policy_document" "ecs_tasks_execution_role" { } resource "aws_iam_role" "ecs_tasks_execution_role" { - name = "${var.prefix}-task-execution-role" + name = "${local.prefix}-task-execution-role" assume_role_policy = data.aws_iam_policy_document.ecs_tasks_execution_role.json } @@ -20,7 +20,7 @@ resource "aws_iam_role_policy_attachment" "ecs_tasks_execution_role" { } resource "aws_iam_role_policy" "task_policy" { - name = "${var.prefix}-task-policy" + name = "${local.prefix}-task-policy" role = aws_iam_role.task_role.id policy = jsonencode({ @@ -49,7 +49,7 @@ resource "aws_iam_role_policy" "task_policy" { } resource "aws_iam_role" "task_role" { - name = "${var.prefix}-task-role" + name = "${local.prefix}-task-role" assume_role_policy = jsonencode({ "Version" : "2012-10-17", diff --git a/covalent_ecs_plugin/assets/infra/main.tf b/covalent_ecs_plugin/assets/infra/main.tf index 41ad381..baf17a5 100644 --- a/covalent_ecs_plugin/assets/infra/main.tf +++ b/covalent_ecs_plugin/assets/infra/main.tf @@ -14,12 +14,26 @@ # See the License for the specific language governing permissions and # limitations under the License. -provider "aws" { - region = var.aws_region +provider "aws" {} + +data "aws_region" "current" {} + +resource "random_string" "default_prefix" { + length = 9 + upper = false + special = false +} + +locals { + prefix = var.prefix == "" ? random_string.default_prefix.result : var.prefix + subnet_id = var.subnet_id == "" ? aws_default_subnet.default.id : var.subnet_id + credentials = var.credentials == "" ? pathexpand("~/.aws/credentials") : var.credentials + profile = var.profile == "" ? "default" : var.profile + region = var.region == "" ? data.aws_region.current.name : var.region } resource "aws_s3_bucket" "bucket" { - bucket = "${var.prefix}-bucket" + bucket = "${local.prefix}-bucket" force_destroy = true } @@ -38,7 +52,7 @@ resource "aws_s3_bucket_acl" "bucket_acl" { } resource "aws_ecr_repository" "ecr_repository" { - name = "${var.prefix}-ecr-repo" + name = "${local.prefix}-ecr-repo" image_tag_mutability = "IMMUTABLE" force_delete = true @@ -49,45 +63,45 @@ resource "aws_ecr_repository" "ecr_repository" { } resource "aws_cloudwatch_log_group" "log_group" { - name = "${var.prefix}-log-group" + name = "${local.prefix}-log-group" } resource "aws_ecs_cluster" "ecs_cluster" { - name = "${var.prefix}-ecs-cluster" + name = "${local.prefix}-ecs-cluster" configuration { execute_command_configuration { - logging = "OVERRIDE" + logging = "OVERRIDE" log_configuration { - cloud_watch_log_group_name = aws_cloudwatch_log_group.log_group.name + cloud_watch_log_group_name = aws_cloudwatch_log_group.log_group.name } } } } # Executor Covalent config section -data template_file executor_config { - template = "${file("${path.module}/ecs.conf.tftpl")}" +data "template_file" "executor_config" { + template = file("${path.module}/ecs.conf.tftpl") vars = { - credentials=var.credentials - profile=var.profile - region=var.aws_region - s3_bucket_name=aws_s3_bucket.bucket.id - ecs_cluster_name=aws_ecs_cluster.ecs_cluster.name - ecs_task_execution_role_name=aws_iam_role.ecs_tasks_execution_role.name - ecs_task_role_name=aws_iam_role.task_role.name - ecs_task_subnet_id=module.vpc.public_subnets[0] - ecs_task_security_group_id=aws_security_group.sg.id - ecs_task_log_group_name=aws_cloudwatch_log_group.log_group.name - vcpu=var.vcpus - memory=var.memory - cache_dir=var.cache_dir - poll_freq=var.poll_freq + credentials = var.credentials + profile = var.profile + region = var.region + s3_bucket_name = aws_s3_bucket.bucket.id + ecs_cluster_name = aws_ecs_cluster.ecs_cluster.name + ecs_task_execution_role_name = aws_iam_role.ecs_tasks_execution_role.name + ecs_task_role_name = aws_iam_role.task_role.name + ecs_task_subnet_id = module.vpc.public_subnets[0] + ecs_task_security_group_id = aws_security_group.sg.id + ecs_task_log_group_name = aws_cloudwatch_log_group.log_group.name + vcpu = var.vcpus + memory = var.memory + cache_dir = var.cache_dir + poll_freq = var.poll_freq } } -resource local_file executor_config { - content = data.template_file.executor_config.rendered +resource "local_file" "executor_config" { + content = data.template_file.executor_config.rendered filename = "${path.module}/ecs.conf" } diff --git a/covalent_ecs_plugin/assets/infra/networking.tf b/covalent_ecs_plugin/assets/infra/networking.tf index 43983ef..75c0f1a 100644 --- a/covalent_ecs_plugin/assets/infra/networking.tf +++ b/covalent_ecs_plugin/assets/infra/networking.tf @@ -22,7 +22,7 @@ module "vpc" { name = "${var.prefix}-vpc" cidr = var.vpc_cidr - azs = ["${var.aws_region}a"] + azs = ["${var.region}a"] public_subnets = [ cidrsubnet(var.vpc_cidr, 0, 0) diff --git a/covalent_ecs_plugin/assets/infra/variables.tf b/covalent_ecs_plugin/assets/infra/variables.tf index 7f6b25a..3f112b1 100644 --- a/covalent_ecs_plugin/assets/infra/variables.tf +++ b/covalent_ecs_plugin/assets/infra/variables.tf @@ -15,11 +15,11 @@ # limitations under the License. variable "prefix" { - default = "covalent-ecs-ft" + default = "" description = "Name used to prefix AWS resources" } -variable "aws_region" { +variable "region" { default = "us-east-1" description = "Region in which Covalent is deployed" }