Eliminate the hardcoding of IP addresses in "3-networks hub & spoke" - use module variables and tfvars

[mromascanu123]

TL;DR

Examples envs/development/main.tf envs/non-production/main.tf
envs/production/main.tf
locals ... module "base_env" { ... enable_partner_interconnect = false base_private_service_connect_ip = "10.17.0.2" restricted_private_service_connect_ip = "10.17.0.6"

Also as an example in envs/shared/hierarchical_firewall.tf module "hierarchical_firewall_policy" { rules = { envs/shared/net-hubs-transitivity.tf, envs/shared/net-hubs.tf : in locals

etc...

Terraform Resources

No response

Detailed design

Ideally provide top level configuration propagated to modules
Or at least package top-level tfvar, included beneath,  files with instructions on parameterization

Additional information

No response

[obriensystems]

Prioritizing....

[mromascanu123]

It is much more hardcoding around - hundreds of instances of it deep down in the code: 48 occurrences in the main.tf under 3-networks-hub-and-spoke/envs/ (development, production and non-production) 37 occurrences under 3-networks-hub-and-spoke/envs/shared/dns-hub.tf (dns-hub.tf, hierarchical_firewall.tf, net-hub-transitivity.tf, net-hubs.tf) and 14 more under 3-networks-hub-and-spoke/modules Similarly under 3-networks-dual-svpc

Then under 4-projects the subnet IP range is hardcodes in main.tf for each of the environments (development, production, non-production) for each of business_unit_1 and _2

All this hardcoding must be replaced with var-based expressions

And I would suggest to label it not as "enhancement" but "fixing poor coding practice"

[fmichaelobrien]

stale bot timer restart - https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/.github/workflows/stale.yml#L21

[sleighton2022]

Put as part of backlog for #1226