[terraform] add Tunnelbroker configuration variable to self-host
ClosedPublic
Actions

Authored by will on Jul 11 2024, 4:32 AM.

Details

Reviewers

varun
bartek

Commits

rCOMM53ab9d933f19: [terraform] add Tunnelbroker configuration variable to self-host

Summary

This adds a way to specify the terraform url in a self-hosted keyserver by setting the tunnelbroker url as an env variable

Depends on D12724

Test Plan

Tested with a keyserver with prod and staging credentials with corresponding tunnelbroker url and successfully connected.

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

will created this revision.Jul 11 2024, 4:32 AM

Herald added subscribers: tomek, ashoat. · View Herald TranscriptJul 11 2024, 4:32 AM

will edited the summary of this revision. (Show Details)Jul 11 2024, 4:32 AM

will added a parent revision: D12724: [keyserver] add `aws` proxy type for self-hosted keyservers.

will added inline comments.Jul 11 2024, 4:37 AM

services/terraform/self-host/keyserver_secondary.tf
94–106 ↗	(On Diff #42225)	@varun So the way we specify these variables in terraform is in the `terraform.tfvars` file. I made it so that all you had to do was include a single value for both the identity and tunnelbroker addresses to make it easier for the user: identity_socket_address = "https://identity.commtechnologies.org:50054" tunnelbroker_url = "wss://tunnelbroker.commtechnologies.org:51001" I'm realizing, however, that if we were to ever change the type of the json in `COMM_JSONCONFIG_secrets_identity_service_config` and `COMM_JSONCONFIG_facts_tunnelbroker`, this would break our self-host config, hence why we likely configure the actual environmental variables (and their files) as the full JSON Do you think we need to make the same change here, or do we not expect to change these json types

Harbormaster completed remote builds in B30283: Diff 42225.Jul 11 2024, 4:48 AM

will requested review of this revision.Jul 11 2024, 4:48 AM

will added a child revision: D12729: [terraform] Make number of secondary nodes configured by the user.Jul 11 2024, 10:07 AM

Adding @varun as blocking to answer the inline comment

will added inline comments.Jul 17 2024, 12:38 PM

services/terraform/self-host/keyserver_secondary.tf
94–106 ↗	(On Diff #42225)	I've decided on having users inputing the json themselves. This pairs well with my new approach of using `terraform.tfvars.json` instead of `terraform.tfvars` as now the entire configuration is json

varun accepted this revision.Jul 17 2024, 2:17 PM

varun added inline comments.

services/terraform/self-host/keyserver_secondary.tf
94–106 ↗	(On Diff #42225)	accepting, conditional on will taking his new approach here

This revision is now accepted and ready to land.Jul 17 2024, 2:17 PM

will retitled this revision from [terraform] add terraform configuration variable to self-host to [terraform] add Tunnelbroker configuration variable to self-host.Jul 17 2024, 4:42 PM

Going to make turning tunnelbroker url and identity socket address into json objects into a follow up

https://linear.app/comm/issue/ENG-8844/make-identity-and-tunnelbroker-url-terraform-env-vars-json-objects

Closed by commit rCOMM53ab9d933f19: [terraform] add Tunnelbroker configuration variable to self-host (authored by will). · Explain WhyJul 17 2024, 7:03 PM

This revision was automatically updated to reflect the committed changes.

will added a commit: rCOMM53ab9d933f19: [terraform] add Tunnelbroker configuration variable to self-host.