autoscaler icon indicating copy to clipboard operation
autoscaler copied to clipboard

Published 20 hours ago verified publisher icon cloudspannerecosystem

Fix: terraform always specify project

Open alexlo03 opened this issue 1 year ago • 5 comments

  • This includes terraform format changes

alexlo03 avatar Sep 09 '24 16:09 alexlo03

Can you split the mac-os (--null -> -0) change into a separate PR please.

Regarding the 'always specify project ID' -- is this causing you issues?

In the TF parent where we call these modules, there is always a Provider section that specifies the default project ID and region globally for he Google provider

eg: https://github.com/cloudspannerecosystem/autoscaler/blob/main/terraform/cloud-functions/per-project/main.tf

provider "google" {
  project = var.project_id
  region  = var.region
}

nielm avatar Sep 16 '24 14:09 nielm

Xargs PR split off: https://github.com/cloudspannerecosystem/autoscaler/pull/392

Re project_id as variable vs project_id as implicit input from Google Provider.

Right now the modules I am updating are split brain on the project_id input. Some of the project_id spec comes from the variable, some come from the implicit Google Provider. This move consolidates to use the variable, which in my opinion is superior.

Some parts of Google has kind of started to understand that the implicit is trouble, so for example many resources will not infer them from the provider. Here is an example: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam

project - (Required) The project id of the target project. This is not inferred from the provider.

Modules like https://github.com/apigee/terraform-modules also don't rely on the provider project.

alexlo03 avatar Sep 19 '24 17:09 alexlo03

Generally in the Google Terraform provider, project is optional, and implicit from the provider config

There are only 9 resources where project is required,

The principle seems to be that project ID is required when you are specifying resources that affect the project itself, such as project level IAM...

nielm avatar Sep 19 '24 17:09 nielm

I may be overstating the direction at the Google Provider level, at the Module level I think it should have one way in. If you think it should be consolidated the other way I think that's a reasonable approach.

alexlo03 avatar Sep 19 '24 18:09 alexlo03

Also I am realizing this may be a breaking change if these modules are used with a provider set to projectA and an project input of projectB (which I think would be "bad" but maybe someone is doing it).

alexlo03 avatar Sep 19 '24 18:09 alexlo03

I think blocked by https://github.com/cloudspannerecosystem/autoscaler/pull/390

alexlo03 avatar Oct 10 '24 12:10 alexlo03

/gcbrun

henrybell avatar Oct 10 '24 13:10 henrybell

Thanks @alexlo03!

henrybell avatar Oct 10 '24 14:10 henrybell