Merge pull request #3000 from uktrade/refactor/terraform-template-file

refactor: move from template_file to templatefile

infra/ecs_main_admin.tf

@@ -153,7 +153,10 @@ resource "aws_service_discovery_service" "admin" {
 
 resource "aws_ecs_task_definition" "admin" {
   family                   = "${var.prefix}-admin"
-  container_definitions    = "${data.template_file.admin_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_admin_container_definitions.json",
+    merge(local.admin_container_vars, tomap({"container_command" = "[\"/dataworkspace/start.sh\"]"}))
+  )
   execution_role_arn       = "${aws_iam_role.admin_task_execution.arn}"
   task_role_arn            = "${aws_iam_role.admin_task.arn}"
   network_mode             = "awsvpc"
@@ -168,12 +171,6 @@ resource "aws_ecs_task_definition" "admin" {
   }
 }
 
-data "template_file" "admin_container_definitions" {
-  template = "${file("${path.module}/ecs_main_admin_container_definitions.json")}"
-
-  vars = "${merge(local.admin_container_vars, tomap({"container_command" = "[\"/dataworkspace/start.sh\"]"}))}"
-}
-
 data "external" "admin_current_tag" {
   program = ["${path.module}/container-tag.sh"]
 
@@ -202,7 +199,10 @@ resource "aws_ecs_service" "admin_celery" {
 
 resource "aws_ecs_task_definition" "admin_celery" {
   family                   = "${var.prefix}-admin-celery"
-  container_definitions    = "${data.template_file.admin_celery_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_admin_container_definitions.json",
+    merge(local.admin_container_vars, tomap({"container_command" = "[\"/dataworkspace/start-celery.sh\"]"}))
+  )
   execution_role_arn       = "${aws_iam_role.admin_task_execution.arn}"
   task_role_arn            = "${aws_iam_role.admin_task.arn}"
   network_mode             = "awsvpc"
@@ -217,12 +217,6 @@ resource "aws_ecs_task_definition" "admin_celery" {
   }
 }
 
-data "template_file" "admin_celery_container_definitions" {
-  template = "${file("${path.module}/ecs_main_admin_container_definitions.json")}"
-
-  vars = "${merge(local.admin_container_vars, tomap({"container_command" = "[\"/dataworkspace/start-celery.sh\"]"}))}"
-}
-
 resource "random_string" "admin_secret_key" {
   length = 256
   special = false

infra/ecs_main_dns_rewrite_proxy.tf

@@ -74,7 +74,24 @@ data "external" "dns_rewrite_proxy_current_tag" {
 
 resource "aws_ecs_task_definition" "dns_rewrite_proxy" {
   family                = "${var.prefix}-dns-rewrite-proxy"
-  container_definitions = "${data.template_file.dns_rewrite_proxy_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_dns_rewrite_proxy_container_definitions.json", {
+      container_image    = "${aws_ecr_repository.dns_rewrite_proxy.repository_url}:${data.external.dns_rewrite_proxy_current_tag.result.tag}"
+      container_name     = "${local.dns_rewrite_proxy_container_name}"
+      container_cpu      = "${local.dns_rewrite_proxy_container_cpu}"
+      container_memory   = "${local.dns_rewrite_proxy_container_memory}"
+
+      log_group  = "${aws_cloudwatch_log_group.dns_rewrite_proxy.name}"
+      log_region = "${data.aws_region.aws_region.name}"
+
+      dns_server   = "${cidrhost(aws_vpc.main.cidr_block, 2)}"
+      aws_region   = "${data.aws_region.aws_region.name}"
+      aws_ec2_host = "ec2.${data.aws_region.aws_region.name}.amazonaws.com"
+      vpc_id       = "${aws_vpc.notebooks.id}"
+      aws_route53_zone = "${var.aws_route53_zone}"
+      ip_address   = "${aws_lb.dns_rewrite_proxy.subnet_mapping.*.private_ipv4_address[0]}"
+    }
+  )
   execution_role_arn    = "${aws_iam_role.dns_rewrite_proxy_task_execution.arn}"
   task_role_arn         = "${aws_iam_role.dns_rewrite_proxy_task.arn}"
   network_mode          = "awsvpc"
@@ -89,27 +106,6 @@ resource "aws_ecs_task_definition" "dns_rewrite_proxy" {
   }
 }
 
-data "template_file" "dns_rewrite_proxy_container_definitions" {
-  template = "${file("${path.module}/ecs_main_dns_rewrite_proxy_container_definitions.json")}"
-
-  vars = {
-    container_image    = "${aws_ecr_repository.dns_rewrite_proxy.repository_url}:${data.external.dns_rewrite_proxy_current_tag.result.tag}"
-    container_name     = "${local.dns_rewrite_proxy_container_name}"
-    container_cpu      = "${local.dns_rewrite_proxy_container_cpu}"
-    container_memory   = "${local.dns_rewrite_proxy_container_memory}"
-
-    log_group  = "${aws_cloudwatch_log_group.dns_rewrite_proxy.name}"
-    log_region = "${data.aws_region.aws_region.name}"
-
-    dns_server   = "${cidrhost(aws_vpc.main.cidr_block, 2)}"
-    aws_region   = "${data.aws_region.aws_region.name}"
-    aws_ec2_host = "ec2.${data.aws_region.aws_region.name}.amazonaws.com"
-    vpc_id       = "${aws_vpc.notebooks.id}"
-    aws_route53_zone = "${var.aws_route53_zone}"
-    ip_address   = "${aws_lb.dns_rewrite_proxy.subnet_mapping.*.private_ipv4_address[0]}"
-  }
-}
-
 resource "aws_cloudwatch_log_group" "dns_rewrite_proxy" {
   name              = "${var.prefix}-dns-rewrite-proxy"
   retention_in_days = "3653"

infra/ecs_main_dns_rewrite_proxy_new.tf

@@ -64,7 +64,24 @@ resource "aws_ecs_service" "dns_rewrite_proxy_new" {
 
 resource "aws_ecs_task_definition" "dns_rewrite_proxy_new" {
   family                = "${var.prefix}-dns-rewrite-proxy-new"
-  container_definitions = "${data.template_file.dns_rewrite_proxy_container_definitions_new.rendered}"
+  container_definitions    = templatefile(
+      "${path.module}/ecs_main_dns_rewrite_proxy_container_definitions.json", {
+      container_image    = "${aws_ecr_repository.dns_rewrite_proxy.repository_url}:${data.external.dns_rewrite_proxy_current_tag.result.tag}"
+      container_name     = "${local.dns_rewrite_proxy_container_name}"
+      container_cpu      = "${local.dns_rewrite_proxy_container_cpu}"
+      container_memory   = "${local.dns_rewrite_proxy_container_memory}"
+
+      log_group  = "${aws_cloudwatch_log_group.dns_rewrite_proxy.name}"
+      log_region = "${data.aws_region.aws_region.name}"
+
+      dns_server   = "${cidrhost(aws_vpc.main.cidr_block, 2)}"
+      aws_region   = "${data.aws_region.aws_region.name}"
+      aws_ec2_host = "ec2.${data.aws_region.aws_region.name}.amazonaws.com"
+      vpc_id       = "${aws_vpc.notebooks.id}"
+      aws_route53_zone = "${var.aws_route53_zone}"
+      ip_address   = "${aws_lb.dns_rewrite_proxy_new.subnet_mapping.*.private_ipv4_address[0]}"
+    }
+  )
   execution_role_arn    = "${aws_iam_role.dns_rewrite_proxy_task_execution.arn}"
   task_role_arn         = "${aws_iam_role.dns_rewrite_proxy_task.arn}"
   network_mode          = "awsvpc"
@@ -78,24 +95,3 @@ resource "aws_ecs_task_definition" "dns_rewrite_proxy_new" {
     ]
   }
 }
-
-data "template_file" "dns_rewrite_proxy_container_definitions_new" {
-  template = "${file("${path.module}/ecs_main_dns_rewrite_proxy_container_definitions.json")}"
-
-  vars = {
-    container_image    = "${aws_ecr_repository.dns_rewrite_proxy.repository_url}:${data.external.dns_rewrite_proxy_current_tag.result.tag}"
-    container_name     = "${local.dns_rewrite_proxy_container_name}"
-    container_cpu      = "${local.dns_rewrite_proxy_container_cpu}"
-    container_memory   = "${local.dns_rewrite_proxy_container_memory}"
-
-    log_group  = "${aws_cloudwatch_log_group.dns_rewrite_proxy.name}"
-    log_region = "${data.aws_region.aws_region.name}"
-
-    dns_server   = "${cidrhost(aws_vpc.main.cidr_block, 2)}"
-    aws_region   = "${data.aws_region.aws_region.name}"
-    aws_ec2_host = "ec2.${data.aws_region.aws_region.name}.amazonaws.com"
-    vpc_id       = "${aws_vpc.notebooks.id}"
-    aws_route53_zone = "${var.aws_route53_zone}"
-    ip_address   = "${aws_lb.dns_rewrite_proxy_new.subnet_mapping.*.private_ipv4_address[0]}"
-  }
-}

infra/ecs_main_flower.tf

@@ -26,7 +26,19 @@ resource "aws_ecs_service" "flower" {
 
 resource "aws_ecs_task_definition" "flower_service" {
   family                   = "${var.prefix}-flower"
-  container_definitions    = "${data.template_file.flower_service_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_flower_container_definitions.json", {
+      container_image = "${aws_ecr_repository.flower.repository_url}:master"
+      container_name  = "flower"
+      log_group       = "${aws_cloudwatch_log_group.flower.name}"
+      log_region      = "${data.aws_region.aws_region.name}"
+      cpu             = "${local.flower_container_cpu}"
+      memory          = "${local.flower_container_memory}"
+      redis_url       = "redis://${aws_elasticache_cluster.admin.cache_nodes.0.address}:6379"
+      flower_username = "${var.flower_username}"
+      flower_password = "${var.flower_password}"
+    }
+  )
   execution_role_arn       = "${aws_iam_role.flower_task_execution.arn}"
   task_role_arn            = "${aws_iam_role.flower_task.arn}"
   network_mode             = "awsvpc"
@@ -41,22 +53,6 @@ resource "aws_ecs_task_definition" "flower_service" {
   }
 }
 
-data "template_file" "flower_service_container_definitions" {
-  template = "${file("${path.module}/ecs_main_flower_container_definitions.json")}"
-
-  vars = {
-    container_image = "${aws_ecr_repository.flower.repository_url}:master"
-    container_name  = "flower"
-    log_group       = "${aws_cloudwatch_log_group.flower.name}"
-    log_region      = "${data.aws_region.aws_region.name}"
-    cpu             = "${local.flower_container_cpu}"
-    memory          = "${local.flower_container_memory}"
-    redis_url       = "redis://${aws_elasticache_cluster.admin.cache_nodes.0.address}:6379"
-    flower_username = "${var.flower_username}"
-    flower_password = "${var.flower_password}"
-  }
-}
-
 resource "aws_cloudwatch_log_group" "flower" {
   name              = "${var.prefix}-flower"
   retention_in_days = "3653"

infra/ecs_main_gitlab.tf

@@ -55,7 +55,42 @@ resource "aws_service_discovery_service" "gitlab" {
 
 resource "aws_ecs_task_definition" "gitlab" {
   family                   = "${var.prefix}-gitlab"
-  container_definitions    = "${data.template_file.gitlab_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_gitlab_container_definitions.json", {
+      container_image   = "${aws_ecr_repository.gitlab.repository_url}:master"
+      container_name    = "gitlab"
+      log_group         = "${aws_cloudwatch_log_group.gitlab.name}"
+      log_region        = "${data.aws_region.aws_region.name}"
+
+      memory = "${var.gitlab_memory}"
+      cpu = "${var.gitlab_cpu}"
+
+      gitlab_omnibus_config = "${jsonencode(
+        templatefile(
+            "${path.module}/ecs_main_gitlab_container_definitions_GITLAB_OMNIBUS_CONFIG.rb", {
+            external_domain = "${var.gitlab_domain}"
+            db__host        = "${aws_rds_cluster.gitlab.endpoint}"
+            db__name        = "${aws_rds_cluster.gitlab.database_name}"
+            db__password    = "${random_string.aws_db_instance_gitlab_password.result}"
+            db__port        = "${aws_rds_cluster.gitlab.port}"
+            db__user        = "${aws_rds_cluster.gitlab.master_username}"
+
+            redis__host     = "${aws_elasticache_cluster.gitlab_redis.cache_nodes.0.address}"
+            redis__port     = "${aws_elasticache_cluster.gitlab_redis.cache_nodes.0.port}"
+
+            bucket__region  = "${aws_s3_bucket.gitlab.region}"
+            bucket__domain  = "${aws_s3_bucket.gitlab.bucket_regional_domain_name}"
+
+            sso__id     = "${var.gitlab_sso_id}"
+            sso__secret = "${var.gitlab_sso_secret}"
+            sso__domain = "${var.gitlab_sso_domain}"
+          }
+        )
+      )}"
+      bucket                = "${aws_s3_bucket.gitlab.id}"
+      bucket_region         = "${aws_s3_bucket.gitlab.region}"
+    }
+  )
   execution_role_arn       = "${aws_iam_role.gitlab_task_execution.arn}"
   task_role_arn            = "${aws_iam_role.gitlab_task.arn}"
   network_mode             = "awsvpc"
@@ -75,47 +110,6 @@ resource "aws_ecs_task_definition" "gitlab" {
   }
 }
 
-data "template_file" "gitlab_container_definitions" {
-  template = "${file("${path.module}/ecs_main_gitlab_container_definitions.json")}"
-
-  vars = {
-    container_image   = "${aws_ecr_repository.gitlab.repository_url}:master"
-    container_name    = "gitlab"
-    log_group         = "${aws_cloudwatch_log_group.gitlab.name}"
-    log_region        = "${data.aws_region.aws_region.name}"
-
-    memory = "${var.gitlab_memory}"
-    cpu = "${var.gitlab_cpu}"
-
-    gitlab_omnibus_config = "${jsonencode("${data.template_file.gitlab_container_definitions_gitlab_omnibus_config.rendered}")}"
-    bucket                = "${aws_s3_bucket.gitlab.id}"
-    bucket_region         = "${aws_s3_bucket.gitlab.region}"
-  }
-}
-
-data "template_file" "gitlab_container_definitions_gitlab_omnibus_config" {
-  template = "${file("${path.module}/ecs_main_gitlab_container_definitions_GITLAB_OMNIBUS_CONFIG.rb")}"
-
-  vars = {
-    external_domain = "${var.gitlab_domain}"
-    db__host        = "${aws_rds_cluster.gitlab.endpoint}"
-    db__name        = "${aws_rds_cluster.gitlab.database_name}"
-    db__password    = "${random_string.aws_db_instance_gitlab_password.result}"
-    db__port        = "${aws_rds_cluster.gitlab.port}"
-    db__user        = "${aws_rds_cluster.gitlab.master_username}"
-
-    redis__host     = "${aws_elasticache_cluster.gitlab_redis.cache_nodes.0.address}"
-    redis__port     = "${aws_elasticache_cluster.gitlab_redis.cache_nodes.0.port}"
-
-    bucket__region  = "${aws_s3_bucket.gitlab.region}"
-    bucket__domain  = "${aws_s3_bucket.gitlab.bucket_regional_domain_name}"
-
-    sso__id     = "${var.gitlab_sso_id}"
-    sso__secret = "${var.gitlab_sso_secret}"
-    sso__domain = "${var.gitlab_sso_domain}"
-  }
-}
-
 resource "aws_cloudwatch_log_group" "gitlab" {
   name              = "${var.prefix}-gitlab"
   retention_in_days = "3653"

infra/ecs_main_healthcheck.tf

@@ -58,7 +58,21 @@ resource "aws_service_discovery_service" "healthcheck" {
 
 resource "aws_ecs_task_definition" "healthcheck" {
   family                   = "${var.prefix}-healthcheck"
-  container_definitions    = "${data.template_file.healthcheck_container_definitions.rendered}"
+  container_definitions    = templatefile(
+    "${path.module}/ecs_main_healthcheck_container_definitions.json", {
+      container_image   = "${aws_ecr_repository.healthcheck.repository_url}:${data.external.healthcheck_current_tag.result.tag}"
+      container_name    = "${local.healthcheck_container_name}"
+      container_port    = "${local.healthcheck_container_port}"
+      container_cpu     = "${local.healthcheck_container_cpu}"
+      container_memory  = "${local.healthcheck_container_memory}"
+
+      log_group  = "${aws_cloudwatch_log_group.healthcheck.name}"
+      log_region = "${data.aws_region.aws_region.name}"
+
+      port = "${local.healthcheck_container_port}"
+      url = "https://${var.admin_domain}/healthcheck"
+    }
+  )
   execution_role_arn       = "${aws_iam_role.healthcheck_task_execution.arn}"
   task_role_arn            = "${aws_iam_role.healthcheck_task.arn}"
   network_mode             = "awsvpc"
@@ -73,24 +87,6 @@ resource "aws_ecs_task_definition" "healthcheck" {
   }
 }
 
-data "template_file" "healthcheck_container_definitions" {
-  template = "${file("${path.module}/ecs_main_healthcheck_container_definitions.json")}"
-
-  vars = {
-    container_image   = "${aws_ecr_repository.healthcheck.repository_url}:${data.external.healthcheck_current_tag.result.tag}"
-    container_name    = "${local.healthcheck_container_name}"
-    container_port    = "${local.healthcheck_container_port}"
-    container_cpu     = "${local.healthcheck_container_cpu}"
-    container_memory  = "${local.healthcheck_container_memory}"
-
-    log_group  = "${aws_cloudwatch_log_group.healthcheck.name}"
-    log_region = "${data.aws_region.aws_region.name}"
-
-    port = "${local.healthcheck_container_port}"
-    url = "https://${var.admin_domain}/healthcheck"
-  }
-}
-
 resource "aws_cloudwatch_log_group" "healthcheck" {
   name              = "${var.prefix}-healthcheck"
   retention_in_days = "3653"