search

iits-consulting / terraform-opentelekomcloud-project-factory

This repository helps to create an OTC-based cloud-native infrastructure landscape with Kubernetes, load balancers, VPCs, etc. With these modules, we provide you a rocket start while you can still deep-dive into detailed configuration later.
GNU General Public License v3.0
83 stars 20 forks source link

request for depends_on keycloak module #60

Closed generalpax closed 1 year ago

generalpax commented 1 year ago

i would like to add dependencies to create keycloak server first or something else:

changed and tested:

keycloak_idp.tf

resource "opentelekomcloud_identity_protocol_v3" "saml" {
  protocol    = "saml"
  provider_id = opentelekomcloud_identity_provider_v3.provider.id
  mapping_id  = opentelekomcloud_identity_mapping_v3.mapping.id

  metadata {
    domain_id = data.opentelekomcloud_identity_project_v3.current.domain_id
    metadata  = data.curl.saml_descriptor.response
  }

  depends_on = [ var.otc_tf_dependencies ]
}

variables.tf

variable "otc_tf_dependencies" {
  type        = list
  description = "The list of ressource dependencies. For example the compute instance which is configured outside of the module: opentelekomcloud_compute_instance_v2"
}

idp.tf

module "otc_keycloak_sso" {
    source               = "registry.terraform.io/iits-consulting/project-factory/opentelekomcloud//modules/keycloak_sso"
    ...
    otc_tf_dependencies = [ opentelekomcloud_compute_instance_v2.keycloak ]
   ...
canaykin commented 1 year ago

Greetings,

This can simply be achieved by adding depends_on to the module call:

module "otc_keycloak_sso" {
    source               = "registry.terraform.io/iits-consulting/project-factory/opentelekomcloud//modules/keycloak_sso"
    ...
    depends_on = [ opentelekomcloud_compute_instance_v2.keycloak ]
   ...

The code you provided is a workaround from the past before the module dependency syntax was added (version 0.13). It achieves this by using explicit dependency syntax depends on to extend an implicit dependency.

In more detail,

depends_on = [ var.otc_tf_dependencies ]

this will create an explicit dependency between the resource and the variable, not what is inside the variable.

The second part;

module "otc_keycloak_sso" {
    source               = "registry.terraform.io/iits-consulting/project-factory/opentelekomcloud//modules/keycloak_sso"
    ...
    otc_tf_dependencies = [ opentelekomcloud_compute_instance_v2.keycloak ]
   ...

creates an implicit dependency between the values passed to the module variable otc_tf_dependencies, namely, resource opentelekomcloud_compute_instance_v2.keycloak and the variable itself. The complete dependency chain becomes:

opentelekomcloud_identity_protocol_v3.saml = explicit => var.otc_tf_dependencies = implicit => opentelekomcloud_compute_instance_v2.keycloak

this does accomplish the goal of granular dependency control between modules but is essentially a hack designed to overcome the limitations of old terraform versions.

Since there is the much simpler and readble option to create module level dependencies, I am unsure if this is really needed.

Best, Can