From 090cb468ed1c5e21e8289f50661c478a3f74a077 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Tue, 16 Jan 2024 17:55:46 -0500 Subject: [PATCH 1/2] networking: Allow configurable netnum offsets. Previously this would try to assign a CIDR block starting from 1. e.g. given cidr = "10.0.0.0/8" and regions = ["a", "b"], you would get: a: "10.1.0.0/16" b: "10.2.0.0/16" Since this always starts at 1, this makes it difficult to be able to select a subnet range. This change adds a field to start subnet numbering at a specific number (starting at 0). e.g. with the previous example and netnum_offset = 10, you would now get: a: "10.10.0.0/16" b: "10.11.0.0/16" --- modules/networking/main.tf | 4 ++-- modules/networking/variables.tf | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/modules/networking/main.tf b/modules/networking/main.tf index 88a96487..b9646358 100644 --- a/modules/networking/main.tf +++ b/modules/networking/main.tf @@ -20,7 +20,7 @@ resource "google_compute_route" "egress-inet" { // which we will use to operate Cloud Run services. resource "google_compute_subnetwork" "regional" { for_each = { - for region in var.regions : region => 1 + index(var.regions, region) + for region in var.regions : region => index(var.regions, region) } name = "${var.name}-${each.key}" @@ -30,5 +30,5 @@ resource "google_compute_subnetwork" "regional" { network = google_compute_network.this.id region = each.key - ip_cidr_range = cidrsubnet(var.cidr, 8, each.value) + ip_cidr_range = cidrsubnet(var.cidr, 8, var.netnum_offset + each.value) } diff --git a/modules/networking/variables.tf b/modules/networking/variables.tf index f7b0f3de..1a52ff92 100644 --- a/modules/networking/variables.tf +++ b/modules/networking/variables.tf @@ -14,3 +14,13 @@ variable "regions" { variable "cidr" { default = "10.0.0.0/8" } + +variable "netnum_offset" { + type = number + default = 0 + validation { + condition = var.netnum_offset >= 0 && var.netnum_offset <= 255 + error_message = "value must be between 0 and 255" + } + description = "cidrsubnet netnum offset for the subnet. See https://developer.hashicorp.com/terraform/language/functions/cidrsubnet for more details" +} From 7fe529617085da75ce9ef5a95af0302f308903a4 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Tue, 16 Jan 2024 18:23:59 -0500 Subject: [PATCH 2/2] Update docs. --- hack/update-docs.sh | 1 + modules/networking/README.md | 1 + 2 files changed, 2 insertions(+) diff --git a/hack/update-docs.sh b/hack/update-docs.sh index 8a8ca2b0..f100612e 100755 --- a/hack/update-docs.sh +++ b/hack/update-docs.sh @@ -8,5 +8,6 @@ for d in `find . -name '*.tf' -exec dirname {} \; | sort | uniq`; do terraform-docs markdown table \ --output-file README.md \ --output-mode inject \ + --lockfile=false \ $d done diff --git a/modules/networking/README.md b/modules/networking/README.md index 5cabe8ab..6e464e3c 100644 --- a/modules/networking/README.md +++ b/modules/networking/README.md @@ -62,6 +62,7 @@ No modules. |------|-------------|------|---------|:--------:| | [cidr](#input\_cidr) | n/a | `string` | `"10.0.0.0/8"` | no | | [name](#input\_name) | n/a | `string` | n/a | yes | +| [netnum\_offset](#input\_netnum\_offset) | cidrsubnet netnum offset for the subnet. See https://developer.hashicorp.com/terraform/language/functions/cidrsubnet for more details | `number` | `0` | no | | [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes | | [regions](#input\_regions) | The list of regions in which to provision subnets suitable for use with Cloud Run direct VPC egress. | `list(string)` | n/a | yes |