Page MenuHomePhabricator

[terraform] add Tunnelbroker configuration variable to self-host
ClosedPublic

Authored by will on Jul 11 2024, 4:32 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Nov 23, 7:47 AM
Unknown Object (File)
Sun, Nov 17, 10:10 PM
Unknown Object (File)
Sun, Nov 17, 7:05 PM
Unknown Object (File)
Tue, Nov 12, 7:01 PM
Unknown Object (File)
Tue, Nov 12, 4:59 AM
Unknown Object (File)
Tue, Nov 12, 4:44 AM
Unknown Object (File)
Tue, Nov 12, 4:36 AM
Unknown Object (File)
Mon, Nov 11, 10:06 PM
Subscribers

Details

Summary

This adds a way to specify the terraform url in a self-hosted keyserver by setting the tunnelbroker url as an env variable

Depends on D12724

Test Plan

Tested with a keyserver with prod and staging credentials with corresponding tunnelbroker url and successfully connected.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

services/terraform/self-host/keyserver_secondary.tf
94–106 ↗(On Diff #42225)

@varun So the way we specify these variables in terraform is in the terraform.tfvars file. I made it so that all you had to do was include a single value for both the identity and tunnelbroker addresses to make it easier for the user:

identity_socket_address    = "https://identity.commtechnologies.org:50054"
tunnelbroker_url           = "wss://tunnelbroker.commtechnologies.org:51001"

I'm realizing, however, that if we were to ever change the type of the json in COMM_JSONCONFIG_secrets_identity_service_config and COMM_JSONCONFIG_facts_tunnelbroker, this would break our self-host config, hence why we likely configure the actual environmental variables (and their files) as the full JSON

Do you think we need to make the same change here, or do we not expect to change these json types

will requested review of this revision.Jul 11 2024, 4:48 AM
bartek added 1 blocking reviewer(s): varun.

Adding @varun as blocking to answer the inline comment

services/terraform/self-host/keyserver_secondary.tf
94–106 ↗(On Diff #42225)

I've decided on having users inputing the json themselves. This pairs well with my new approach of using terraform.tfvars.json instead of terraform.tfvars as now the entire configuration is json

varun added inline comments.
services/terraform/self-host/keyserver_secondary.tf
94–106 ↗(On Diff #42225)

accepting, conditional on will taking his new approach here

This revision is now accepted and ready to land.Jul 17 2024, 2:17 PM
will retitled this revision from [terraform] add terraform configuration variable to self-host to [terraform] add Tunnelbroker configuration variable to self-host.Jul 17 2024, 4:42 PM

Going to make turning tunnelbroker url and identity socket address into json objects into a follow up

https://linear.app/comm/issue/ENG-8844/make-identity-and-tunnelbroker-url-terraform-env-vars-json-objects