Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Added extension for alternative zone_id's for SAN's #100

Closed
wants to merge 7 commits into from
Closed

feat: Added extension for alternative zone_id's for SAN's #100

wants to merge 7 commits into from

Conversation

ZeePal
Copy link

@ZeePal ZeePal commented Jan 13, 2022

Description

This is a proposed change to keep backwards compatibility while providing functionality to allow subject alternative names to optionally include a different Route53 Zone ID (if not provided assume var.zone_id)

Motivation and Context

Resolves: #21

This is an alternative approach to #91 but to keep extra data objects outside of the module.
This implementation doesnt use data route53 calls and keeps provider & terraform version backwards compatibility while using explicit configuration for the SAN you wish to handle differently.

Breaking Changes

Should be fully backwards compatible.
The try() calls allow both old (strings) and alternative (map) representations of each SAN element.

How Has This Been Tested?

  • I have tested and validated these changes using one or more of the provided examples/* projects

Tested with DNS example and created a DNS example for multiple Route53 zones which was also tested with the below combinations:

  • TF0.12.26 & Provider 2.53
  • TF1.0.10 & Provider 3.71

@ZeePal ZeePal changed the title added extension for alternative zone_id's for SAN's feat: added extension for alternative zone_id's for SAN's Jan 13, 2022
@ZeePal ZeePal changed the title feat: added extension for alternative zone_id's for SAN's feat: Added extension for alternative zone_id's for SAN's Jan 13, 2022
@github-actions
Copy link

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label Feb 16, 2022
@ZeePal
Copy link
Author

ZeePal commented Feb 28, 2022

Hi @antonbabenko , don't wana pressure/rush anything. just commenting to keep the bot from closing :)

@github-actions github-actions bot removed the stale label Mar 1, 2022
@github-actions
Copy link

github-actions bot commented Apr 1, 2022

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label Apr 1, 2022
@FabioAntunes
Copy link

Would be great to get this across.

@ZeePal it seems there are some conflicts I guess meanwhile you can try and solve them?

Please Mr Bot don't close this PR

@github-actions github-actions bot removed the stale label Apr 2, 2022
@ZeePal
Copy link
Author

ZeePal commented Apr 14, 2022

@FabioAntunes srry for the delay, git conflict resolved. be kind for a little longer Mr Bot.

@github-actions
Copy link

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label May 17, 2022
@FabioAntunes
Copy link

Mr bot, don't

@github-actions github-actions bot removed the stale label May 18, 2022
antonbabenko
antonbabenko requested changes Jun 10, 2022
View reviewed changes
variables.tf
@@ -36,7 +36,7 @@ variable "domain_name" {

variable "subject_alternative_names" {
description = "A list of domains that should be SANs in the issued certificate"
type = list(string)
type = any # list(string | map(string))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a belief that this change won't work with terragrunt because of type any. There is a similar issue in Route53 module.

Could you change the type from list(string) to list(map(string)) to prevent the issue?

PS: I have not executed this code yet.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we change from any to list(map(string)) it will no-longer be a backwards compatible change for pure-terraform as they currently provide a list(string).

if we keep the any and follow the terragrunt workaround it will be backwards compatible for pure-terraform but not for terragrunt.

if backwards compatibility is required for both pure-terraform & terragrunt the vars interface will need to be changed (something like a 2nd optional list of zone_ids but this isnt clean/reliable) or we bump major version to use list(map(string)).

if we going to bump the major version to use list(map(string)), do we want to consider any other changes at the same time?

current user input:

subject_alternative_names = [
  "subdomain.mydomain.com",
  "www.subdomain.mydomain.com",
]

user input if list(map(string)) is required but for the same result as above:

subject_alternative_names = [
  {name = "subdomain.mydomain.com"},
  {name = "www.subdomain.mydomain.com"},
]

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hi @antonbabenko , have you had a chance to go over my previous reply & which direction we want to head?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry that it takes more time to process these PRs than one would expect.

I looked into #108 a few days ago, and I think the feature that this PR (#100) adds should be considered and implemented after it.

The main reason to order PRs like this is that users may want to create records using different instances of the providers (zone_id + provider). It will be easier to implement that way and update examples to show a variety of combinations.

@github-actions
Copy link

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label Jul 17, 2022
@FabioAntunes
Copy link

Mr bot, stop trying to close this.

@github-actions github-actions bot removed the stale label Jul 19, 2022
@github-actions
Copy link

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label Aug 19, 2022
@github-actions
Copy link

github-actions bot commented Sep 2, 2022

This PR was automatically closed because of stale in 10 days

@github-actions github-actions bot closed this Sep 2, 2022
@FabioAntunes
Copy link

Can this be reopened?

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@antonbabenko antonbabenko antonbabenko requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow domains to belong to different Route53 zones
3 participants
@ZeePal @FabioAntunes @antonbabenko