Conditionally generate tfvars for non-core accounts

scripts/provision-environment-directories.sh

@@ -33,6 +33,7 @@ provision_environment_directories() {
   networking_definitions=$(jq -n '[ inputs | { subnet_sets: .cidr.subnet_sets | to_entries | map_values(.value + { set: .key, "business-unit": input_filename | ltrimstr("environments-networks/") | rtrimstr(".json") | split("-")[0] } ) } ]' "$networkdir"/*.json)
 
   for file in ${environments}/*.json; do
+    account_type=$(jq -r '."account-type"' "$file")
     application_name=$(basename "$file" .json)
     directory=$basedir/$application_name
 
@@ -77,7 +78,10 @@ provision_environment_directories() {
       RAW_OUTPUT=`jq -n --arg APPLICATION_NAME "$application_name" '{ "business-unit": "", "set": "", "application": $APPLICATION_NAME }'`
     fi
     # wrap raw json output with a header and store the result in the applications folder
-    jq -rn --argjson DATA "${RAW_OUTPUT}" '{ networking: [ $DATA ] }' > "$directory"/networking.auto.tfvars.json
+    # Only populate networking.auto.tfvars.json if account type is not core
+    if [ "$account_type" != "core" ]; then
+      jq -rn --argjson DATA "${RAW_OUTPUT}" '{ networking: [ $DATA ] }' > "$directory"/networking.auto.tfvars.json
+    fi
   done
 }
 

scripts/provision-member-directories.sh

@@ -45,6 +45,8 @@ provision_environment_directories() {
     echo "This is file: $file"
     application_name=$(basename "$file" .json)
     echo "This is the application name: $application_name"
+    account_type=$(jq -r '."account-type"' "$file")
+    echo "This is a " $account_type " account"
     directory=$basedir/$application_name
     echo "This is the directory: $directory"
     account_type=$(jq -r '."account-type"' ${environment_json_dir}/${application_name}.json)
@@ -93,7 +95,10 @@ provision_environment_directories() {
       RAW_OUTPUT=`jq -n --arg APPLICATION_NAME "$application_name" '{ "business-unit": "", "set": "", "application": $APPLICATION_NAME }'`
     fi
     # wrap raw json output with a header and store the result in the applications folder
-    jq -rn --argjson DATA "${RAW_OUTPUT}" '{ networking: [ $DATA ] }' > "$directory"/networking.auto.tfvars.json
+    # Only populate networking.auto.tfvars.json if account type is not core
+    if [ "$account_type" != "core" ]; then
+      jq -rn --argjson DATA "${RAW_OUTPUT}" '{ networking: [ $DATA ] }' > "$directory"/networking.auto.tfvars.json
+    fi
   done
 }
 

terraform/environments/core-logging/base_variables.tf

@@ -1,5 +1,10 @@
 variable "networking" {
-
   type = list(any)
-
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-logging"
+    }
+  ]
 }

terraform/environments/core-network-services/base_variables.tf

@@ -1,5 +1,10 @@
 variable "networking" {
-
   type = list(any)
-
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-network-services"
+    }
+  ]
 }

terraform/environments/core-sandbox/base_variables.tf

@@ -18,7 +18,12 @@ variable "account_name" {
 
 
 variable "networking" {
-
-  type = list(any)
-
+  type    = list(any)
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-sandbox"
+    }
+  ]
 }

terraform/environments/core-sandbox/locals.tf

@@ -20,8 +20,6 @@ locals {
     owner         = "Modernisation Platform: [email protected]"
   }
 
-  json_data = jsondecode(file("networking.auto.tfvars.json"))
-
   acm_pca = [substr(terraform.workspace, length(local.application_name), length(terraform.workspace)) == "-production" || substr(terraform.workspace, length(local.application_name), length(terraform.workspace)) == "-preproduction" ? "acm-pca-live" : "acm-pca-non-live"]
 
 }

terraform/environments/core-sandbox/playground.tf

@@ -1,32 +1,11 @@
 data "aws_caller_identity" "current" {}
 
-module "ram-principal-association" {
-
-  count = (var.networking[0].set == "") ? 0 : 1
-
-  source = "../../modules/ram-principal-association"
-
-  providers = {
-    aws.share-acm    = aws.core-network-services
-    aws.share-host   = aws.core-vpc
-    aws.share-tenant = aws
-  }
-  principal   = data.aws_caller_identity.current.account_id
-  vpc_name    = var.networking[0].business-unit
-  subnet_set  = var.networking[0].set
-  acm_pca     = "acm-pca-${local.is_live[0]}"
-  environment = local.environment
-
-}
-
 data "aws_ami_ids" "example" {
   owners     = ["self"]
-  name_regex = "^(?!oracle-linux-5.11)*"
-  # filter {
-  #   name   = "name"
-  #   values = ["oracle-linux-5.11*"]
-  # }
-
+   filter {
+     name   = "name"
+     values = ["oracle-linux-5.11*"]
+   }
 }
 
 output "amis" {

terraform/environments/core-security/base_variables.tf

@@ -1,5 +1,10 @@
 variable "networking" {
-
   type = list(any)
-
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-security"
+    }
+  ]
 }

terraform/environments/core-shared-services/base_variables.tf

@@ -1,7 +1,12 @@
 variable "networking" {
-
   type = list(any)
-
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-shared-services"
+    }
+  ]
 }
 
 variable "app_name" {

terraform/environments/core-vpc/base_variables.tf

@@ -1,5 +1,10 @@
 variable "networking" {
-
   type = list(any)
-
+  default = [
+    {
+      "business-unit": "",
+      "set": "",
+      "application": "core-vpc"
+    }
+  ]
 }