search

defenseunicorns / delivery-aws-iac

Apache License 2.0
16 stars 5 forks source link

Self managed node groups example fails when keycloak isn't enabled/variable validation in testing #276

Closed JaseKoonce closed 1 year ago

JaseKoonce commented 1 year ago

Description

Because the Keycloak key is enabled or disabled based on a count, this statement:

    keycloak_ng_sso = {
      platform      = "bottlerocket"
      ami_id        = data.aws_ami.eks_default_bottlerocket.id
      instance_type = "m5.large"
      min_size      = 2
      max_size      = 2
      desired_size  = 2
      key_name      = module.key_pair[0].key_pair_name

will returns this error if var.keycloak_enabled=false:

│   on main.tf line 133, in locals:
│  133:       key_name      = module.key_pair[0].key_pair_name
│     ├────────────────
│     │ module.key_pair is empty tuple
│ 
│ The given key does not identify an element in this collection value: the collection has no elements.

A possible fix is replacing key_name = module.key_pair[0].key_pair_name with key_name = var.keycloak_enabled ? module.key_pair[0].key_pair_name : null.

Completion

Completion of this issue would be the ability to deploy the example with var.keycloak_enabled=false.

JaseKoonce commented 1 year ago

Expanding this issue to include adding a e2e test for validating that variables (currently just kecloak_enabled, but could easily be extended to include others) work when both true/false empty/full.