fix: dependency issues in deploy module (#128)

matttrach · web-flow · commit 611400b718ba · 2025-10-21T01:09:35.000-05:00
Signed-off-by: matttrach &lt;matt.trachier@suse.com&gt;
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
diff --git a/examples/downstream/modules/downstream/main.tf b/examples/downstream/modules/downstream/main.tf
@@ -15,24 +15,26 @@ locals {
   subnet_id         = var.subnet_id
   security_group_id = var.security_group_id
   lbsg              = sort(var.load_balancer_security_groups)
+  # load balancers only have 2 security groups, the project and its own
+  # this eliminates the project security group to just return the load balancer's security group
   load_balancer_security_group_id = [
     for i in range(length(local.lbsg)) :
     local.lbsg[i] if local.lbsg[i] != local.security_group_id
-    # load balancers only have 2 security groups, the project and its own
-    # this eliminates the project security group to just return the load balancer's security group
   ][0]
   downstream_security_group_name = "${local.cluster_name}-sgroup"
   # node info
   aws_instance_type = var.aws_instance_type
   ami_id            = var.ami_id
   ami_ssh_user      = var.ami_ssh_user
   node_count        = var.node_count
-  node_ips          = { for i in range(local.node_count) : tostring(i) => data.aws_instances.rke2_instance_nodes.public_ips[i] }
-  node_id           = "${local.cluster_name}-nodes"
-  ami_admin_group   = (var.ami_admin_group != "" ? var.ami_admin_group : "tty")
-  runner_ip         = (var.direct_node_access != null ? var.direct_node_access.runner_ip : "10.1.1.1") # the IP running Terraform
-  ssh_access_key    = (var.direct_node_access != null ? var.direct_node_access.ssh_access_key : "fake123abc")
-  ssh_access_user   = (var.direct_node_access != null ? var.direct_node_access.ssh_access_user : "fake")
+  # if the IPs aren't found, then this should fail
+  node_ips        = { for i in range(local.node_count) : tostring(i) => data.aws_instances.rke2_instance_nodes.public_ips[i] }
+  node_id         = "${local.cluster_name}-nodes"
+  node_wait_time  = "${tostring(local.node_count * 60)}s" # 60 seconds per node
+  ami_admin_group = (var.ami_admin_group != "" ? var.ami_admin_group : "tty")
+  runner_ip       = (var.direct_node_access != null ? var.direct_node_access.runner_ip : "10.1.1.1") # the IP running Terraform
+  ssh_access_key  = (var.direct_node_access != null ? var.direct_node_access.ssh_access_key : "fake123abc")
+  ssh_access_user = (var.direct_node_access != null ? var.direct_node_access.ssh_access_user : "fake")
   # rke2 info
   rke2_version = var.rke2_version
 }
@@ -207,7 +209,7 @@ resource "time_sleep" "wait_for_nodes" {
     rancher2_machine_config_v2.all_in_one,
     terraform_data.patch_machine_configs,
   ]
-  create_duration = "120s"
+  create_duration = local.node_wait_time
 }
 
 data "aws_instances" "rke2_instance_nodes" {
diff --git a/examples/downstream_splitrole/main.tf b/examples/downstream_splitrole/main.tf
@@ -41,7 +41,7 @@ locals {
   email                 = (var.email != "" ? var.email : "${local.identifier}@${local.zone}")
   helm_chart_values = {
     "hostname"                                            = "${local.domain}.${local.zone}"
-    "replicas"                                            = "1"
+    "replicas"                                            = "1" # because we are only deploying one Rancher node
     "bootstrapPassword"                                   = "admin"
     "ingress.enabled"                                     = "true"
     "ingress.tls.source"                                  = "letsEncrypt"
diff --git a/examples/downstream_splitrole/modules/downstream/main.tf b/examples/downstream_splitrole/modules/downstream/main.tf
@@ -16,10 +16,12 @@ locals {
   downstream_security_group_name  = var.downstream_security_group_name
   load_balancer_security_group_id = var.load_balancer_security_group_id
   # node info
-  node_info       = var.node_info
-  node_count      = sum([for i in range(length(local.node_info)) : local.node_info[keys(local.node_info)[i]].quantity])
+  node_info  = var.node_info
+  node_count = sum([for i in range(length(local.node_info)) : local.node_info[keys(local.node_info)[i]].quantity])
+  # if the IPs aren't found, then this should fail
   node_ips        = { for i in range(local.node_count) : tostring(i) => data.aws_instances.rke2_instance_nodes.public_ips[i] }
   node_id         = "${local.cluster_name}-nodes"
+  node_wait_time  = "${tostring(local.node_count * 60)}s"                                            # 60 seconds per node
   runner_ip       = (var.direct_node_access != null ? var.direct_node_access.runner_ip : "10.1.1.1") # the IP running Terraform
   ssh_access_key  = (var.direct_node_access != null ? var.direct_node_access.ssh_access_key : "fake123abc")
   ssh_access_user = (var.direct_node_access != null ? var.direct_node_access.ssh_access_user : "fake")
@@ -118,7 +120,7 @@ resource "time_sleep" "wait_for_nodes" {
     rancher2_machine_config_v2.nodes,
     terraform_data.patch_machine_configs,
   ]
-  create_duration = "120s"
+  create_duration = local.node_wait_time
 }
 
 data "aws_instances" "rke2_instance_nodes" {
diff --git a/examples/prod/main.tf b/examples/prod/main.tf
@@ -32,7 +32,7 @@ locals {
   local_file_path      = var.file_path
   runner_ip            = chomp(data.http.myip.response_body) # "runner" is the server running Terraform
   rancher_version      = var.rancher_version
-  cert_manager_version = "1.18.1"
+  cert_manager_version = "1.18.3"
   os                   = "sle-micro-61"
   helm_chart_values = {
     "hostname"                                            = "${local.domain}.${local.zone}"
@@ -88,7 +88,7 @@ module "rancher" {
       size            = "xl"
       os              = local.os
       indirect_access = false
-      initial         = true # this will set the first server as the inital node
+      initial         = true # this will set the first server as the initial node
     }
     "db2" = {
       type            = "database"
@@ -145,15 +145,15 @@ module "rancher" {
       os              = local.os
       indirect_access = true
       initial         = false
-    },
+    }
   }
   # rancher
   cert_manager_version       = local.cert_manager_version
   cert_use_strategy          = "rancher"
   cert_manager_configuration = local.cert_manager_config
   rancher_version            = local.rancher_version
-  acme_server_url            = local.acme_server_url
   rancher_helm_chart_values  = local.helm_chart_values
+  acme_server_url            = local.acme_server_url
 }
 
 provider "rancher2" {
diff --git a/modules/deploy/main.tf b/modules/deploy/main.tf
@@ -39,6 +39,10 @@ resource "file_local_directory" "tf_data_dir" {
 
 ### Template Files ###
 data "file_local" "template_files" {
+  depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
+  ]
   for_each  = local.template_file_map
   directory = dirname(each.value)
   name      = each.key
@@ -138,6 +142,8 @@ resource "file_local" "instantiate_envrc_snapshot" {
 ## Deploy ##
 resource "file_local" "generate_destroy" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
@@ -153,6 +159,8 @@ resource "file_local" "generate_destroy" {
 }
 resource "terraform_data" "destroy" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
@@ -174,6 +182,8 @@ resource "terraform_data" "destroy" {
 
 resource "file_local" "generate_create" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
@@ -192,6 +202,8 @@ resource "file_local" "generate_create" {
 }
 resource "terraform_data" "create" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
@@ -215,6 +227,11 @@ resource "terraform_data" "create" {
 
 resource "file_local_snapshot" "persist_state" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
+    file_local.instantiate_envrc_snapshot,
+    file_local.instantiate_inputs_snapshot,
+    file_local.instantiate_tpl_snapshot,
     terraform_data.destroy,
     terraform_data.create,
   ]
@@ -224,6 +241,11 @@ resource "file_local_snapshot" "persist_state" {
 }
 resource "file_local" "instantiate_state" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
+    file_local.instantiate_envrc_snapshot,
+    file_local.instantiate_inputs_snapshot,
+    file_local.instantiate_tpl_snapshot,
     terraform_data.destroy,
     terraform_data.create,
     file_local_snapshot.persist_state,
@@ -235,6 +257,11 @@ resource "file_local" "instantiate_state" {
 
 resource "file_local_snapshot" "persist_outputs" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
+    file_local.instantiate_envrc_snapshot,
+    file_local.instantiate_inputs_snapshot,
+    file_local.instantiate_tpl_snapshot,
     terraform_data.destroy,
     terraform_data.create,
   ]
@@ -244,6 +271,11 @@ resource "file_local_snapshot" "persist_outputs" {
 }
 resource "file_local" "instantiate_outputs" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
+    file_local.instantiate_envrc_snapshot,
+    file_local.instantiate_inputs_snapshot,
+    file_local.instantiate_tpl_snapshot,
     terraform_data.destroy,
     terraform_data.create,
     file_local_snapshot.persist_outputs,
@@ -258,6 +290,8 @@ resource "file_local" "instantiate_outputs" {
 #  to rebuild the template and state file before running the create script
 resource "terraform_data" "create_after_persist" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
@@ -281,6 +315,8 @@ resource "terraform_data" "create_after_persist" {
 
 resource "terraform_data" "destroy_end" {
   depends_on = [
+    file_local_directory.deploy_path,
+    file_local_directory.tf_data_dir,
     file_local.instantiate_envrc_snapshot,
     file_local.instantiate_inputs_snapshot,
     file_local.instantiate_tpl_snapshot,
diff --git a/run_tests.sh b/run_tests.sh
@@ -85,17 +85,20 @@ EOF
   else
     package_pattern="..."
   fi
+  # We need both -p and -parallel, as -p sets the number of packages to test in parallel, and -parallel sets the number of tests to run in parallel.
+  # By setting both to 1, we ensure that tests are run sequentially, which can help avoid AWS rate limiting issues. I does increase the runtime significantly though.
   # shellcheck disable=SC2086
   gotestsum \
     --format=standard-verbose \
     --jsonfile "/tmp/${IDENTIFIER}_test.log" \
     --post-run-command "sh /tmp/${IDENTIFIER}_test-processor" \
     --packages "$REPO_ROOT/$TEST_DIR/$package_pattern" \
     -- \
-    -parallel=2 \
     -count=1 \
-    -failfast=1 \
+    -p=1 \
+    -parallel=1 \
     -timeout=300m \
+    -failfast \
     $rerun_flag \
     $specific_test_flag
 
diff --git a/test/tests/three/basic_test.go b/test/tests/three/basic_test.go
@@ -1,4 +1,4 @@
-package one
+package three
 
 import (
 	"os"
diff --git a/test/tests/three/state_test.go b/test/tests/three/state_test.go
@@ -1,4 +1,4 @@
-package one
+package three
 
 import (
 	"os"

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-package one`
	`1`	`+package three`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"os"`