bugfix: Restore wildcard splats

frenchfrywpepper · frenchfrywpepper · commit d23bf4b353a6 · 2024-07-02T15:51:27.000-04:00
The version of terraform being used by the certification tests does
not support the syntax the way it is currently on main. I need to
modify it to use `.*.` syntax which works perfectly fine, but does
trigger some tflint warnings which we now need to exclude.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+.idea
+*.auto.tfvars.json
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -3,5 +3,7 @@ repos:
     rev: v0.1.23
     hooks:
       - id: tflint
+        args:
+          - '--disable-rule=terraform_deprecated_index'
       - id: terraform-validate
       - id: terraform-fmt
diff --git a/customer-managed/aws/terraform/iam_redpanda_agent.tf b/customer-managed/aws/terraform/iam_redpanda_agent.tf
@@ -254,7 +254,7 @@ data "aws_iam_policy_document" "redpanda_agent1" {
 
         "arn:aws:ec2:*::image/*",
       ],
-    aws_subnet.private[*].arn)
+    aws_subnet.private.*.arn)
   }
 
   statement {
diff --git a/customer-managed/aws/terraform/iam_rpk_user.tf b/customer-managed/aws/terraform/iam_rpk_user.tf
@@ -95,7 +95,7 @@ data "aws_iam_policy_document" "byovpc_rpk_user_1" {
     actions = [
       "ec2:DescribeSubnets",
     ]
-    resources = concat(tolist(aws_subnet.public[*].arn), tolist(aws_subnet.private[*].arn))
+    resources = concat(tolist(aws_subnet.public.*.arn), tolist(aws_subnet.private.*.arn))
   }
 
   statement {
@@ -330,7 +330,7 @@ data "aws_iam_policy_document" "byovpc_rpk_user_2" {
     actions = [
       "ec2:RunInstances",
     ]
-    resources = concat([aws_security_group.redpanda_agent.arn], tolist(aws_subnet.public[*].arn), tolist(aws_subnet.private[*].arn))
+    resources = concat([aws_security_group.redpanda_agent.arn], tolist(aws_subnet.public.*.arn), tolist(aws_subnet.private.*.arn))
   }
 
   statement {
diff --git a/customer-managed/aws/terraform/nat.tf b/customer-managed/aws/terraform/nat.tf
@@ -8,17 +8,17 @@ resource "aws_internet_gateway" "redpanda" {
 
 resource "aws_nat_gateway" "redpanda" {
   allocation_id = aws_eip.nat_gateway.id
-  subnet_id     = aws_subnet.public[*].id[0]
+  subnet_id     = aws_subnet.public[0].id
   depends_on = [
     aws_internet_gateway.redpanda,
   ]
 }
 
 resource "aws_route" "nat" {
   count                  = length(var.private_subnet_cidrs)
-  route_table_id         = aws_route_table.private[*].id[count.index]
+  route_table_id         = aws_route_table.private.*.id[count.index]
   destination_cidr_block = "0.0.0.0/0"
-  nat_gateway_id         = element(aws_nat_gateway.redpanda[*].id, count.index)
+  nat_gateway_id         = aws_nat_gateway.redpanda.id
 }
 
 resource "aws_route" "public" {
diff --git a/customer-managed/aws/terraform/outputs.tf b/customer-managed/aws/terraform/outputs.tf
@@ -51,12 +51,12 @@ output "vpc_arn" {
 }
 
 output "public_subnet_ids" {
-  value       = jsonencode(aws_subnet.public[*].arn)
+  value       = jsonencode(aws_subnet.public.*.arn)
   description = "Public subnets IDs created"
 }
 
 output "private_subnet_ids" {
-  value       = jsonencode(aws_subnet.private[*].arn)
+  value       = jsonencode(aws_subnet.private.*.arn)
   description = "Private subnet IDs created"
 }
 
@@ -91,6 +91,6 @@ output "node_security_group_arn" {
 }
 
 output "byovpc_rpk_user_policy_arns" {
-  value       = values(aws_iam_policy.byovpc_rpk_user)[*].arn
+  value       = jsonencode(values(aws_iam_policy.byovpc_rpk_user).*.arn)
   description = "ARNs of policies associated with the 'rpk user'. Can be used by Redpanda engineers to the assume the role and test provisioning with more limited access."
 }
diff --git a/customer-managed/aws/terraform/routing.tf b/customer-managed/aws/terraform/routing.tf
@@ -21,21 +21,21 @@ resource "aws_main_route_table_association" "vpc-main-route-table" {
 
 resource "aws_route_table_association" "public" {
   count          = length(var.public_subnet_cidrs)
-  subnet_id      = aws_subnet.public[*].id[count.index]
+  subnet_id      = aws_subnet.public[count.index].id
   route_table_id = aws_route_table.main.id
 }
 
 resource "aws_route_table_association" "private" {
   count          = length(var.private_subnet_cidrs)
-  subnet_id      = aws_subnet.private[*].id[count.index]
-  route_table_id = aws_route_table.private[*].id[count.index]
+  subnet_id      = aws_subnet.private[count.index].id
+  route_table_id = aws_route_table.private[count.index].id
 }
 
 # Routes S3 traffic to the local gateway endpoint
 resource "aws_vpc_endpoint_route_table_association" "private_s3" {
   count           = length(var.private_subnet_cidrs)
   vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id  = aws_route_table.private[*].id[count.index]
+  route_table_id  = aws_route_table.private[count.index].id
 }
 
 resource "aws_vpc_endpoint_route_table_association" "public_s3" {

Original file line number	Diff line number	Diff line change
`@@ -254,7 +254,7 @@ data "aws_iam_policy_document" "redpanda_agent1" {`
`254`	`254`
`255`	`255`	`"arn:aws:ec2:::image/",`
`256`	`256`	`],`
`257`		`- aws_subnet.private[*].arn)`
	`257`	`+ aws_subnet.private.*.arn)`
`258`	`258`	`}`
`259`	`259`
`260`	`260`	`statement {`
Original file line number	Diff line number	Diff line change
`@@ -95,7 +95,7 @@ data "aws_iam_policy_document" "byovpc_rpk_user_1" {`
`95`	`95`	`actions = [`
`96`	`96`	`"ec2:DescribeSubnets",`
`97`	`97`	`]`
`98`		`- resources = concat(tolist(aws_subnet.public[].arn), tolist(aws_subnet.private[].arn))`
	`98`	`+ resources = concat(tolist(aws_subnet.public..arn), tolist(aws_subnet.private..arn))`
`99`	`99`	`}`
`100`	`100`
`101`	`101`	`statement {`
`@@ -330,7 +330,7 @@ data "aws_iam_policy_document" "byovpc_rpk_user_2" {`
`330`	`330`	`actions = [`
`331`	`331`	`"ec2:RunInstances",`
`332`	`332`	`]`
`333`		`- resources = concat([aws_security_group.redpanda_agent.arn], tolist(aws_subnet.public[].arn), tolist(aws_subnet.private[].arn))`
	`333`	`+ resources = concat([aws_security_group.redpanda_agent.arn], tolist(aws_subnet.public..arn), tolist(aws_subnet.private..arn))`
`334`	`334`	`}`
`335`	`335`
`336`	`336`	`statement {`
Original file line number	Diff line number	Diff line change
`@@ -8,17 +8,17 @@ resource "aws_internet_gateway" "redpanda" {`
`8`	`8`
`9`	`9`	`resource "aws_nat_gateway" "redpanda" {`
`10`	`10`	`allocation_id = aws_eip.nat_gateway.id`
`11`		`- subnet_id = aws_subnet.public[*].id[0]`
	`11`	`+ subnet_id = aws_subnet.public[0].id`
`12`	`12`	`depends_on = [`
`13`	`13`	`aws_internet_gateway.redpanda,`
`14`	`14`	`]`
`15`	`15`	`}`
`16`	`16`
`17`	`17`	`resource "aws_route" "nat" {`
`18`	`18`	`count = length(var.private_subnet_cidrs)`
`19`		`- route_table_id = aws_route_table.private[*].id[count.index]`
	`19`	`+ route_table_id = aws_route_table.private.*.id[count.index]`
`20`	`20`	`destination_cidr_block = "0.0.0.0/0"`
`21`		`- nat_gateway_id = element(aws_nat_gateway.redpanda[*].id, count.index)`
	`21`	`+ nat_gateway_id = aws_nat_gateway.redpanda.id`
`22`	`22`	`}`
`23`	`23`
`24`	`24`	`resource "aws_route" "public" {`
Original file line number	Diff line number	Diff line change
`@@ -51,12 +51,12 @@ output "vpc_arn" {`
`51`	`51`	`}`
`52`	`52`
`53`	`53`	`output "public_subnet_ids" {`
`54`		`- value = jsonencode(aws_subnet.public[*].arn)`
	`54`	`+ value = jsonencode(aws_subnet.public.*.arn)`
`55`	`55`	`description = "Public subnets IDs created"`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`output "private_subnet_ids" {`
`59`		`- value = jsonencode(aws_subnet.private[*].arn)`
	`59`	`+ value = jsonencode(aws_subnet.private.*.arn)`
`60`	`60`	`description = "Private subnet IDs created"`
`61`	`61`	`}`
`62`	`62`
`@@ -91,6 +91,6 @@ output "node_security_group_arn" {`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`output "byovpc_rpk_user_policy_arns" {`
`94`		`- value = values(aws_iam_policy.byovpc_rpk_user)[*].arn`
	`94`	`+ value = jsonencode(values(aws_iam_policy.byovpc_rpk_user).*.arn)`
`95`	`95`	`description = "ARNs of policies associated with the 'rpk user'. Can be used by Redpanda engineers to the assume the role and test provisioning with more limited access."`
`96`	`96`	`}`