feat: Random suffix to s3 bucket (cattle-ops#252)

* Set a random suffix on the bucket name for easy recreation * Add new module option to main module * Update readme * Fix oopsy while copy pasting * Replace a tab with 2 spaces * Use format() for both string formattings * Make the linter happy * Rename variable * Set a count on random_string so it's only used when applicable * update readme for cache module * Update modules/cache/variables.tf Co-authored-by: Niek Palm <[email protected]> * Update modules/cache/main.tf Co-authored-by: Niek Palm <[email protected]> * Update modules/cache/main.tf Co-authored-by: Niek Palm <[email protected]> Co-authored-by: Niek Palm <[email protected]>
g-psantos · Oct 12, 2020 · d38b078 · d38b078
1 parent b97e888
commit d38b078
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -276,6 +276,7 @@ terraform destroy
 | cache\_bucket | Configuration to control the creation of the cache bucket. By default the bucket will be created and used as shared cache. To use the same cache across multiple runners disable the creation of the cache and provide a policy and bucket name. See the public runner example for more details. | `map` | <pre>{<br> "bucket": "",<br> "create": true,<br> "policy": ""<br>}</pre> | no |
 | cache\_bucket\_name\_include\_account\_id | Boolean to add current account ID to cache bucket name. | `bool` | `true` | no |
 | cache\_bucket\_prefix | Prefix for s3 cache bucket name. | `string` | `""` | no |
+| cache\_bucket\_set\_random\_suffix | Boolean used to append a random string to the bucket name | `bool` | `false` | no |
 | cache\_bucket\_versioning | Boolean used to enable versioning on the cache bucket, false by default. | `bool` | `false` | no |
 | cache\_expiration\_days | Number of days before cache objects expires. | `number` | `1` | no |
 | cache\_shared | Enables cache sharing between runners, false by default. | `bool` | `false` | no |

diff --git a/main.tf b/main.tf
@@ -243,6 +243,7 @@ module "cache" {
  create_cache_bucket = var.cache_bucket["create"]
  cache_bucket_prefix = var.cache_bucket_prefix
  cache_bucket_name_include_account_id = var.cache_bucket_name_include_account_id
+ cache_bucket_set_random_suffix = var.cache_bucket_set_random_suffix
  cache_bucket_versioning = var.cache_bucket_versioning
  cache_expiration_days = var.cache_expiration_days
 }

diff --git a/modules/cache/README.md b/modules/cache/README.md
@@ -4,7 +4,7 @@ This sub module creates an S3 bucket for build caches. The cache will have by de
 
 ## Usages
 
-``` 
+```
 
 module "cache" {
  source = "https://github.com/npalm/terraform-aws-gitlab-runner/tree/move-cache-to-moudle/cache"
@@ -44,6 +44,7 @@ module "runner" {
 | arn\_format | ARN format to be used. May be changed to support deployment in GovCloud/China regions. | `string` | `"arn:aws"` | no |
 | cache\_bucket\_name\_include\_account\_id | Boolean to add current account ID to cache bucket name. | `bool` | `true` | no |
 | cache\_bucket\_prefix | Prefix for s3 cache bucket name. | `string` | `""` | no |
+| cache\_bucket\_set\_suffix | `bool` | `false` | no |
 | cache\_bucket\_versioning | Boolean used to enable versioning on the cache bucket, false by default. | `string` | `"false"` | no |
 | cache\_expiration\_days | Number of days before cache objects expires. | `number` | `1` | no |
 | cache\_lifecycle\_clear | Enable the rule to cleanup the cache for expired objects. | `bool` | `true` | no |
@@ -60,4 +61,4 @@ module "runner" {
 | bucket | Name of the created bucket. |
 | policy\_arn | Policy for users of the cache (bucket). |
 
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/modules/cache/main.tf b/modules/cache/main.tf
@@ -1,5 +1,6 @@
 data "aws_caller_identity" "current" {}
 
+
 locals {
  tags = merge(
  {
@@ -11,7 +12,15 @@ locals {
  var.tags,
  )
 
- cache_bucket_name = var.cache_bucket_name_include_account_id ? "${var.cache_bucket_prefix}${data.aws_caller_identity.current.account_id}-gitlab-runner-cache" : "${var.cache_bucket_prefix}-gitlab-runner-cache"
+ cache_bucket_string = var.cache_bucket_name_include_account_id ? format("%s%s-gitlab-runner-cache", var.cache_bucket_prefix, data.aws_caller_identity.current.account_id) : format("%s-gitlab-runner-cache", var.cache_bucket_prefix)
+ cache_bucket_name = var.cache_bucket_set_random_suffix ? format("%s-%s", local.cache_bucket_string, random_string.s3_suffix[0].result) : local.cache_bucket_string
+}
+
+resource "random_string" "s3_suffix" {
+ count = var.cache_bucket_set_random_suffix ? 1 : 0
+ length = 8
+ upper = false
+ special = false
 }
 
 resource "aws_s3_bucket" "build_cache" {

diff --git a/modules/cache/variables.tf b/modules/cache/variables.tf
@@ -9,6 +9,12 @@ variable "cache_bucket_prefix" {
  default = ""
 }
 
+variable "cache_bucket_set_random_suffix" {
+ description = "Random string suffix for s3 cache bucket"
+ type = bool
+ default = false
+}
+
 variable "cache_bucket_name_include_account_id" {
  description = "Boolean to add current account ID to cache bucket name."
  type = bool

diff --git a/variables.tf b/variables.tf
@@ -308,6 +308,12 @@ variable "cache_bucket_name_include_account_id" {
  default = true
 }
 
+variable "cache_bucket_set_random_suffix" {
+ description = "Append the cache bucket name with a random string suffix"
+ type = bool
+ default = false
+}
+
 variable "cache_bucket_versioning" {
  description = "Boolean used to enable versioning on the cache bucket, false by default."
  type = bool