upgrade for tf v0.12

Author: anarwal

examples/single-node/outputs.tf

@@ -92,5 +92,4 @@ output "bastion_public_eip" {
 
 output "gitlab_private_ip" {
   value = module.gitlab.gitlab_private_ip
-}
-
+}

module/single-node-omnibus/acm.tf

@@ -1,14 +1,14 @@
 resource "aws_acm_certificate" "gitlab_cert" {
-  domain_name       = "${var.dns_name}"
+  domain_name       = var.dns_name
   validation_method = "DNS"
-  tags              = "${module.gitlab_label.tags}"
+  tags              = module.gitlab_label.tags
 
   lifecycle {
     create_before_destroy = true
   }
 }
 
 resource "aws_acm_certificate_validation" "gitlab_cert_validation" {
-  certificate_arn         = "${aws_acm_certificate.gitlab_cert.arn}"
-  validation_record_fqdns = ["${aws_route53_record.cert_validation.fqdn}"]
+  certificate_arn         = aws_acm_certificate.gitlab_cert.arn
+  validation_record_fqdns = [aws_route53_record.cert_validation.fqdn]
 }

module/single-node-omnibus/alb.tf

@@ -1,18 +1,18 @@
 resource "aws_lb" "gitlab_alb" {
   load_balancer_type = "application"
-  idle_timeout       = "${var.gitlab_alb_ideal_timeout}"
+  idle_timeout       = var.gitlab_alb_ideal_timeout
   internal           = false
-  security_groups    = ["${aws_security_group.gitlab_alb.id}"]
+  security_groups    = [aws_security_group.gitlab_alb.id]
   ip_address_type    = "ipv4"
-  subnets            = ["${var.public_subnet_id}"]
-  tags               = "${merge (module.gitlab_label.tags, map ("Role", module.gitlab_label.name ))}"
+  subnets            = var.public_subnet_id
+  tags               = {"Name" = format("%s-alb", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
 }
 
 resource "aws_lb_target_group" "gitlab_alb_tg" {
   port                 = 443
   protocol             = "HTTPS"
-  vpc_id               = "${var.vpc_id}"
-
+  vpc_id               = var.vpc_id
+  tags                 = {"Name" = format("%s-alb-tg", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
   health_check {
     port                = "traffic-port"
     protocol            = "HTTPS"
@@ -26,32 +26,32 @@ resource "aws_lb_target_group" "gitlab_alb_tg" {
 }
 
 resource "aws_lb_listener" "gitlab_alb_https_listener" {
-  load_balancer_arn = "${aws_lb.gitlab_alb.arn}"
+  load_balancer_arn = aws_lb.gitlab_alb.arn
   port              = 443
   protocol          = "HTTPS"
   ssl_policy        = "ELBSecurityPolicy-2016-08"
-  certificate_arn   = "${aws_acm_certificate.gitlab_cert.arn}"
+  certificate_arn   = aws_acm_certificate.gitlab_cert.arn
   default_action {
-    target_group_arn = "${aws_lb_target_group.gitlab_alb_tg.arn}"
+    target_group_arn = aws_lb_target_group.gitlab_alb_tg.arn
     type             = "forward"
   }
 }
 
 
 resource "aws_lb_listener" "gitlab_registry_alb_https_listener" {
-  load_balancer_arn = "${aws_lb.gitlab_alb.arn}"
-  port              = 4000
-  protocol          = "HTTPS"
-  ssl_policy        = "ELBSecurityPolicy-2016-08"
-  certificate_arn   = "${aws_acm_certificate.gitlab_cert.arn}"
+  load_balancer_arn  = aws_lb.gitlab_alb.arn
+  port               = 4000
+  protocol           = "HTTPS"
+  ssl_policy         = "ELBSecurityPolicy-2016-08"
+  certificate_arn    = aws_acm_certificate.gitlab_cert.arn
   default_action {
-    target_group_arn = "${aws_lb_target_group.gitlab_alb_tg.arn}"
+    target_group_arn = aws_lb_target_group.gitlab_alb_tg.arn
     type             = "forward"
   }
 }
 
 resource "aws_lb_target_group_attachment" "gitlab_alb_tg_attachment" {
-  target_group_arn = "${aws_lb_target_group.gitlab_alb_tg.arn}"
-  target_id        = "${aws_instance.gitlab_application.id}"
+  target_group_arn = aws_lb_target_group.gitlab_alb_tg.arn
+  target_id        = aws_instance.gitlab_application.id
   port             = 443
 }

module/single-node-omnibus/bastion.tf

@@ -1,27 +1,15 @@
 resource "aws_instance" "bastion" {
   instance_type   = "t2.micro"
-  subnet_id       = "${data.aws_subnet.public_selected.id}"
-  security_groups = ["${aws_security_group.external_ssh.id}"]
-  key_name        = "${var.ssh_key_name}"
-  ami             = "${data.aws_ami.centos.id}"
-  tags   = "${
-  merge(
-    map(
-       "Name", "${module.gitlab_label.name}-bastion",
-       "Role", "${replace(module.gitlab_label.name, "-", "_")}"
-    )
-  )}"
+  subnet_id       = data.aws_subnet.public_selected.id
+  security_groups = [aws_security_group.external_ssh.id]
+  key_name        = var.ssh_key_name
+  ami             = data.aws_ami.centos.id
+  volume_tags     = { "Name" = format("%s-bastion-ebs", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
+  tags            = { "Name" = format("%s-bastion", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
 }
 
 resource "aws_eip" "bastion" {
-  instance = "${aws_instance.bastion.id}"
+  instance = aws_instance.bastion.id
   vpc      = true
-
-  tags   = "${
-  merge(
-    map(
-       "Name", "${module.gitlab_label.name}-bastion-eip",
-       "Role", "${replace(module.gitlab_label.name, "-", "_")}"
-    )
-  )}"
+  tags     = { "Name" = format("%s-bastion-eip", module.gitlab_label.name), "Environment"= module.gitlab_label.stage}
 }

module/single-node-omnibus/ebs.tf

@@ -1,50 +1,47 @@
 resource "aws_ebs_volume" "gitlab_data" {
-  size              = "${var.gitlab_data_disk_size}"
-  kms_key_id        = "${aws_kms_key.gitlab_kms_key.arn}"
+  size              = var.gitlab_data_disk_size
+  kms_key_id        = aws_kms_key.gitlab_kms_key.arn
   encrypted         = true
   type              = "gp2"
-  availability_zone = "${data.aws_subnet.private_selected.availability_zone}"
-  tags    = "${
-  merge(
-    map(
-      "Name", "${module.gitlab_label.name}_data_disk",
-      "Type", "gitlab-data",
-      "snapshot_policy", "${module.gitlab_label.name}-data daily snapshots",
-      "Snapshot", "true"
-    )
-  )}"
+  availability_zone = data.aws_subnet.private_selected.availability_zone
+  tags  = {
+      "Name" = format("%s-data-disk",module.gitlab_label.name),
+      "Type" = "gitlab-data",
+      "snapshot_policy" = format("%s-data daily snapshots", module.gitlab_label.name),
+      "Snapshot"=  "true"
+  }
 }
 
 resource "aws_volume_attachment" "gitlab_data_attachment" {
-  device_name = "${var.gitlab_data_disk_device_name}"
-  volume_id   = "${aws_ebs_volume.gitlab_data.id}"
-  instance_id = "${aws_instance.gitlab_application.id}"
+  device_name = var.gitlab_data_disk_device_name
+  volume_id   = aws_ebs_volume.gitlab_data.id
+  instance_id = aws_instance.gitlab_application.id
   force_detach = true
 }
 
-resource "aws_dlm_lifecycle_policy" "data" {
+resource "aws_dlm_lifecycle_policy" "gitlab_data_snapshot_policy" {
   description        = "Gitlab Data Volume DLM lifecycle policy"
-  execution_role_arn = "${aws_iam_role.dlm_lifecycle_role.arn}"
+  execution_role_arn = aws_iam_role.dlm_lifecycle_role.arn
   state              = "ENABLED"
 
   policy_details {
     resource_types = ["VOLUME"]
 
     schedule {
-      name = "${module.gitlab_label.name}-data daily snapshots"
+      name = format("%s-data daily snapshots", module.gitlab_label.name)
 
       create_rule {
-        interval      = "${var.snapshot_interval}"
+        interval      = var.snapshot_interval
         interval_unit = "HOURS"
-        times         = ["${var.snapshot_start_time}"]
+        times         = flatten(var.snapshot_start_time)
       }
 
       retain_rule {
-        count = "${var.retain_rule}"
+        count = var.retain_rule
       }
 
       tags_to_add = {
-        Snapshot_type = "${module.gitlab_label.name}-data-daily-snapshot"
+        Snapshot_type = format("%s-data daily snapshots", module.gitlab_label.name)
       }
 
       copy_tags = true

module/single-node-omnibus/ec2.tf

@@ -1,17 +1,12 @@
 resource "aws_instance" "gitlab_application" {
-  ami                         = "${var.gitlab_application_ami}"
+  ami                         = var.gitlab_application_ami
   instance_type               = "m4.xlarge"
-  subnet_id                   = "${data.aws_subnet.private_selected.id}"
-  security_groups             = ["${aws_security_group.internal_ssh.id}", "${aws_security_group.internal_gitlab.id}"]
-  key_name                    = "${var.ssh_key_name}"
-  user_data                   = "${data.template_cloudinit_config.config.rendered}"
+  subnet_id                   = data.aws_subnet.private_selected.id
+  security_groups             = flatten([aws_security_group.internal_ssh.id ,aws_security_group.internal_gitlab.id])
+  key_name                    = var.ssh_key_name
+  user_data                   = data.template_cloudinit_config.config.rendered
   associate_public_ip_address = false
   monitoring                  = true
-  tags   = "${
-  merge(
-    map(
-       "Name", "${module.gitlab_label.name}",
-       "Role", "${replace(module.gitlab_label.name, "-", "_")}"
-    )
-  )}"
+  volume_tags                 = { "Name" = format("%s-instance-ebs", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
+  tags                        = { "Name" = format("%s-instance", module.gitlab_label.name), "Environment" = module.gitlab_label.stage}
 }

module/single-node-omnibus/gitlab-labels.tf

@@ -1,12 +1,9 @@
 module "gitlab_label" {
   source     = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.14.1"
-  namespace  = "${var.namespace}"
-  stage      = "${var.stage}"
-  name       = "${var.name}"
-  attributes = "${var.attributes}"
-  delimiter  = "${var.delimiter}"
-  tags = {
-    "Name"        = "${var.name}"
-    "Environment" = "${var.stage}"
-  }
+  namespace  = var.namespace
+  stage      = var.stage
+  name       = var.name
+  attributes = var.attributes
+  delimiter  = var.delimiter
+  tags       = { "Name" = var.name, "Environment" = var.stage }
 }

module/single-node-omnibus/iam.tf

@@ -1,29 +1,29 @@
 resource "aws_iam_user" "s3_user" {
-  name = "${var.name}"
-  path = "/"
+  name          = module.gitlab_label.name
+  path          = "/"
   force_destroy = "false"
 }
 
 
 resource "aws_iam_user_policy_attachment" "s3_allow_policy" {
-  user       = "${aws_iam_user.s3_user.name}"
-  policy_arn = "${aws_iam_policy.s3_policy.arn}"
+  user       = aws_iam_user.s3_user.name
+  policy_arn = aws_iam_policy.s3_policy.arn
 }
 
 resource "aws_iam_user_policy_attachment" "deny_put_acl" {
-  user       = "${aws_iam_user.s3_user.name}"
-  policy_arn = "${aws_iam_policy.deny_put_acl.arn}"
+  user       = aws_iam_user.s3_user.name
+  policy_arn = aws_iam_policy.deny_put_acl.arn
 }
 
 
 resource "aws_iam_access_key" "s3_access_key" {
-  user  = "${aws_iam_user.s3_user.name}"
+  user  = aws_iam_user.s3_user.name
 }
 
 resource "aws_iam_policy" "s3_policy" {
-  name = "${var.name}_policy"
+  name = format("%s-policy",module.gitlab_label.name)
   path = "/"
-  description = "${var.name}_policy"
+  description = format("%s-policy",module.gitlab_label.name)
   policy =  <<EOF
 {
   "Version": "2012-10-17",
@@ -44,7 +44,7 @@ EOF
 }
 
 resource "aws_iam_policy" "deny_put_acl" {
-  name = "${var.name}_deny_put_acl_policy"
+  name = format("%s-deny-put-acl-policy",module.gitlab_label.name)
   path = "/"
   description = "deny_put_acl"
   policy = <<EOF
@@ -88,7 +88,7 @@ EOF
 
 resource "aws_iam_role_policy" "dlm_lifecycle" {
   name = "dlm-lifecycle-policy"
-  role = "${aws_iam_role.dlm_lifecycle_role.id}"
+  role = aws_iam_role.dlm_lifecycle_role.id
 
   policy = <<EOF
 {

module/single-node-omnibus/kms.tf

@@ -1,11 +1,11 @@
 resource "aws_kms_key" "gitlab_kms_key" {
   description             = "Gitlab KMS key"
   deletion_window_in_days = 10
-  tags                    = "${module.gitlab_label.tags}"
-  enable_key_rotation     = "${var.enable_key_rotation}"
+  tags                    = module.gitlab_label.tags
+  enable_key_rotation     = var.enable_key_rotation
 }
 
 resource "aws_kms_alias" "gitlab_kms_key_alias" {
-  name          = "${coalesce(var.alias, format("alias/%v", module.gitlab_label.id))}"
-  target_key_id = "${aws_kms_key.gitlab_kms_key.key_id}"
+  name          = coalesce(var.alias, format("alias/%v", module.gitlab_label.id))
+  target_key_id = aws_kms_key.gitlab_kms_key.key_id
 }

module/single-node-omnibus/local-resources.tf

@@ -1,10 +1,10 @@
 # use this resource when a module accepts a subnet id as an input variable and needs to, for example, determine the id of the VPC that the subnet belongs to.
 data "aws_subnet" "private_selected" {
-  id = "${element (["${var.private_subnet_id}"], 0)}"
+  id = element(var.private_subnet_id, 0)
 }
 
 data "aws_subnet" "public_selected" {
-  id = "${element (["${var.public_subnet_id}"], 0)}"
+  id = element(var.public_subnet_id, 0)
 }
 
 # Use this data source to get the access to the effective Account ID, User ID, and ARN in which Terraform is authorized.
@@ -49,6 +49,7 @@ data "template_cloudinit_config" "config" {
   part {
     content_type = "text/cloud-config"
     content      = "${data.template_file.gitlab_application_user_data.rendered}"
-  }
+    }
 }
 
+