Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TC-5] Add module for private dns zone with vnet links #15

Open
wants to merge 5 commits into
base: devli
Choose a base branch
from
Open

[TC-5] Add module for private dns zone with vnet links #15

wants to merge 5 commits into from

Conversation

lyudmililchev92
Copy link
Contributor

@lyudmililchev92 lyudmililchev92 commented Jan 17, 2025
edited by jira bot
Loading

TC-5 Add module for private dns zone with vnet links

mitiko
mitiko requested changes Jan 17, 2025
View reviewed changes
Copy link
Member

@mitiko mitiko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Be more consistent. Be considerate that people will us the example as documentation until such is provided and the examples must contain ready-to-go working configuration.

examples/private_dns_zones.tfvars
storage_account_blob = {
resource_kind = "storage_blob"
resource_group_ref = "rg_test"
vnet_ref = ["vnet_test", "vnet_test2"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rename to vnet_refs. Also the vnet object is not a child of the private dns zone. Rename this field to something that reflects the fact that we're linking with the vnets.

examples/private_dns_zones.tfvars
@@ -0,0 +1,44 @@
private_dns_zones = {
storage_account_blob = {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rename to pdns_storage_account_blob

examples/private_dns_zones.tfvars
cidr = ["10.1.0.0/16"]
subnets = {
snet_app_02 = {
name = "snet-app"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This example will not work if the subnets are named the same :)

src/modules/_networking/private_dns_zone/_locals.tf
var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {},
try(var.settings.tags, {})
)
vnet_ids = {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This object is called vnet_ids but it holds names and ids. Reconsider.

src/modules/_networking/private_dns_zone/_locals.tf
locals {
# local object used to map possible private dns zoone names
zone_names = {
"storage_blob" = "privatelink.blob.core.windows.net"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

storage_blob is the only name in this map that is not plural. Consistency is key. Reconsider.

src/modules/_networking/private_dns_zone/private_dns_zone_group.tf
@@ -0,0 +1,5 @@
resource "azurerm_private_dns_zone" "main" {
name = try(local.zone_names[var.settings.resource_kind], var.settings.name)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Experience shows that the name field is not used in practice. I recommend relying completely on the local object instead. We'll modify the module to be able to override the name, once such a case emerges.

src/modules/_networking/private_dns_zone/private_dns_zone_group.tf
resource "azurerm_private_dns_zone" "main" {
name = try(local.zone_names[var.settings.resource_kind], var.settings.name)
resource_group_name = local.resource_group_name
tags = try(local.tags, null)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this will never fail. local.tags is enough.

src/networking.tf
source = "./modules/_networking/private_dns_zone"
for_each = var.private_dns_zones

global_settings = var.global_settings
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this must be local.global_settings for consistency with the rest of the modules

@mitiko mitiko changed the title TC-5 Add module for private dns zone with vnet links [TC-5] Add module for private dns zone with vnet links Jan 17, 2025
This was referenced Jan 17, 2025
Merged
Open
@lyudmililchev92 lyudmililchev92 changed the base branch from main to devli January 17, 2025 15:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mitiko mitiko mitiko requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lyudmililchev92 @mitiko