Lint

Author: Sam Naser

examples/simple_zonal_with_asm/hub.tf

@@ -15,10 +15,10 @@
  */
 
 resource "google_gke_hub_membership" "cluster_membership" {
-  provider = google-beta
-  project = var.project_id
+  provider      = google-beta
+  project       = var.project_id
   membership_id = "${module.gke.name}-membership"
-  endpoint{
+  endpoint {
     gke_cluster {
       resource_link = "//container.googleapis.com/${module.gke.cluster_id}"
     }

examples/simple_zonal_with_asm/main.tf

@@ -57,9 +57,9 @@ module "gke" {
 }
 
 module "asm" {
-  source                    = "../../modules/asm"
-  cluster_name              = module.gke.name
-  cluster_location          = module.gke.location
-  project_id                = var.project_id
-  location                  = module.gke.location
+  source           = "../../modules/asm"
+  cluster_name     = module.gke.name
+  cluster_location = module.gke.location
+  project_id       = var.project_id
+  location         = module.gke.location
 }

modules/asm/main.tf

@@ -16,19 +16,19 @@
 
 locals {
   // GKE release channel is a list with max length 1 https://github.com/hashicorp/terraform-provider-google/blob/9d5f69f9f0f74f1a8245f1a52dd6cffb572bbce4/google/resource_container_cluster.go#L954
-  gke_release_channel = length(data.google_container_cluster.asm_cluster.release_channel) > 0 ? data.google_container_cluster.asm_cluster.release_channel[0].channel : ""
+  gke_release_channel       = length(data.google_container_cluster.asm_cluster.release_channel) > 0 ? data.google_container_cluster.asm_cluster.release_channel[0].channel : ""
   gke_release_channel_fixed = local.gke_release_channel == "UNSPECIFIED" ? "" : local.gke_release_channel
   // In order or precedence, use (1) user specified channel, (2) GKE release channel, and (3) regular channel
-  channel = lower(coalesce(var.channel, local.gke_release_channel_fixed, "regular"))
-  revision_name = "asm-managed${local.channel == "regular" ? "" : "-${local.channel}"}"
+  channel          = lower(coalesce(var.channel, local.gke_release_channel_fixed, "regular"))
+  revision_name    = "asm-managed${local.channel == "regular" ? "" : "-${local.channel}"}"
   mesh_config_name = "istio-${local.revision_name}"
   // CNI should be enabled if either enable_cni or enable_mdp are set
   enable_cni = var.enable_cni || var.enable_mdp
 }
 
 data "google_container_cluster" "asm_cluster" {
-  project = var.project_id
-  name = var.cluster_name
+  project  = var.project_id
+  name     = var.cluster_name
   location = var.cluster_location
 
   // This evaluates during planning phase unless we explicitly require a dependency on
@@ -44,21 +44,21 @@ resource "kubernetes_namespace" "system_namespace" {
 }
 
 resource "kubernetes_config_map" "mesh_config" {
-    metadata {
-      name = local.mesh_config_name
-      namespace = kubernetes_namespace.system_namespace.metadata[0].name
-      labels = {
-        "istio.io/rev" = local.revision_name
-      }
-    }
-    data = {
-      mesh = yamlencode(var.mesh_config)
+  metadata {
+    name      = local.mesh_config_name
+    namespace = kubernetes_namespace.system_namespace.metadata[0].name
+    labels = {
+      "istio.io/rev" = local.revision_name
     }
+  }
+  data = {
+    mesh = yamlencode(var.mesh_config)
+  }
 }
 
 resource "kubernetes_config_map" "asm_options" {
   metadata {
-    name = "asm-options"
+    name      = "asm-options"
     namespace = kubernetes_namespace.system_namespace.metadata[0].name
   }
 
@@ -68,18 +68,18 @@ resource "kubernetes_config_map" "asm_options" {
 }
 
 resource "google_gke_hub_feature" "mesh_feature" {
-  name = "servicemesh"
-  project = var.project_id
+  name     = "servicemesh"
+  project  = var.project_id
   location = "global"
   provider = google-beta
 }
 
 module "cpr" {
-  source  = "terraform-google-modules/gcloud/google//modules/kubectl-wrapper"
+  source = "terraform-google-modules/gcloud/google//modules/kubectl-wrapper"
 
-  project_id                  = var.project_id
-  cluster_name                = var.cluster_name
-  cluster_location            = var.cluster_location
+  project_id       = var.project_id
+  cluster_name     = var.cluster_name
+  cluster_location = var.cluster_location
 
   kubectl_create_command  = "${path.module}/scripts/create_cpr.sh ${local.revision_name} ${local.channel} ${local.enable_cni}"
   kubectl_destroy_command = "${path.module}/scripts/destroy_cpr.sh ${local.revision_name}"

modules/asm/outputs.tf

@@ -15,6 +15,6 @@
  */
 
 output "revision_name" {
-  value = local.revision_name
+  value       = local.revision_name
   description = "The name of the installed managed ASM revision."
 }

modules/asm/scripts/create_cpr.sh

@@ -23,8 +23,17 @@ fi
 
 # Wait for the CRD to get created before creating the CPR.
 readonly CPR_RESOURCE=controlplanerevisions.mesh.cloud.google.com
-for i in {1..6}; do kubectl get crd ${CPR_RESOURCE} && break || sleep 10; done
-kubectl wait --for condition=established --timeout=60s crd/${CPR_RESOURCE}
+for _i in {1..6}; do
+  echo "Ensuring ControlPlaneRevision exists in cluster... attempt ${_i}"
+  if kubectl get crd "${CPR_RESOURCE}"
+  then
+    break
+  else
+    sleep 10
+  fi
+done
+
+kubectl wait --for condition=established --timeout=60s crd/"${CPR_RESOURCE}"
 
 REVISION_NAME=$1; shift
 CHANNEL=$1; shift
@@ -43,4 +52,4 @@ spec:
   channel: "${CHANNEL}"
 EOF
 
-kubectl wait -n istio-system --for=condition=Reconciled controlplanerevision/${REVISION_NAME} --timeout 5m
+kubectl wait -n istio-system --for=condition=Reconciled controlplanerevision/"${REVISION_NAME}" --timeout 5m

modules/asm/scripts/destroy_cpr.sh

@@ -23,6 +23,6 @@ fi
 
 REVISION_NAME=$1; shift
 
-if !kubectl delete controlplanerevision -n istio-system ${REVISION_NAME} ; then
+if ! kubectl delete controlplanerevision -n istio-system "${REVISION_NAME}" ; then
   echo "ControlPlaneRevision ${REVISION_NAME} not found"
 fi

modules/asm/variables.tf

@@ -16,22 +16,22 @@
 
 variable "project_id" {
   description = "The project in which the resource belongs."
-  type = string
+  type        = string
 }
 
 variable "cluster_name" {
   description = "The unique name to identify the cluster in ASM."
-  type = string
+  type        = string
 }
 
 variable "cluster_location" {
   description = "The cluster location for this ASM installation."
-  type = string
+  type        = string
 }
 
 variable "channel" {
   description = "The channel to use for this ASM installation."
-  type = string
+  type        = string
   validation {
     condition = anytrue([
       var.channel == "rapid",
@@ -46,26 +46,26 @@ variable "channel" {
 
 variable "enable_cni" {
   description = "Determines whether to enable CNI for this ASM installation."
-  type = bool
-  default = true
+  type        = bool
+  default     = true
 }
 
 // This should be validated so that it cannot be enabled while CNI is disabled
 // but validating based on other variables is not possible today (https://github.com/hashicorp/terraform/issues/25609)
 variable "enable_mdp" {
   description = "Determines whether to enable Managed Data Plane (MDP) for this ASM installation."
-  type = bool
-  default = true
+  type        = bool
+  default     = true
 }
 
 variable "enable_cross_cluster_service_discovery" {
   description = "Determines whether to enable cross-cluster service discovery between this cluster and other clusters in the fleet."
-  type = bool
-  default = false
+  type        = bool
+  default     = false
 }
 
 variable "mesh_config" {
   description = "MeshConfig specifies configuration available to the control plane. The full list of options can be found at https://istio.io/latest/docs/reference/config/istio.mesh.v1alpha1/#MeshConfig"
-  type = map
-  default = {}
+  type        = map(any)
+  default     = {}
 }