make app_name and deploy_id autogenerated

Author: grantneumanoracle

terraform/database.tf

@@ -15,7 +15,7 @@ resource "oci_database_autonomous_database" "autonomous_database" {
   data_safe_status         = var.autonomous_database_data_safe_status
   db_version               = var.autonomous_database_db_version
   db_name                  = "${local.db.app_name_for_db}${local.oke.deploy_id}"
-  display_name             = "${var.app_name} Db (${local.oke.deploy_id})"
+  display_name             = "${local.app_name} Db (${local.oke.deploy_id})"
   license_model            = var.autonomous_database_license_model
   is_auto_scaling_enabled  = var.autonomous_database_is_auto_scaling_enabled
   is_free_tier             = var.autonomous_database_is_free_tier
@@ -33,27 +33,27 @@ resource "oci_database_autonomous_database_wallet" "autonomous_database_wallet"
   base64_encode_content  = true
 
   count = 1
-#  depends_on = [oci_database_autonomous_database.autonomous_database]
+  #  depends_on = [oci_database_autonomous_database.autonomous_database]
 }
 
 resource "kubernetes_secret" "oadb-admin" {
   metadata {
-    name      = var.oadb_admin_secret_name
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = var.oadb_admin_secret_name
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
   data = {
     oadb_admin_pw = random_string.autonomous_database_admin_password.result
   }
   type = "Opaque"
 
   count = 1
-#  depends_on = [oci_database_autonomous_database.autonomous_database]
+  #  depends_on = [oci_database_autonomous_database.autonomous_database]
 }
 
 resource "kubernetes_secret" "oadb-connection" {
   metadata {
-    name      = var.oadb_connection_secret_name
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = var.oadb_connection_secret_name
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
   data = {
     oadb_wallet_pw = random_string.autonomous_database_wallet_password.result
@@ -62,23 +62,23 @@ resource "kubernetes_secret" "oadb-connection" {
   type = "Opaque"
 
   count = 1
-#  depends_on = [oci_database_autonomous_database.autonomous_database]
+  #  depends_on = [oci_database_autonomous_database.autonomous_database]
 
 }
 
 ### OADB Wallet extraction <>
 resource "kubernetes_secret" "oadb_wallet_zip" {
   metadata {
-    name      = "oadb-wallet-zip"
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = "oadb-wallet-zip"
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
   data = {
     wallet = oci_database_autonomous_database_wallet.autonomous_database_wallet[0].content
   }
   type = "Opaque"
 
   count = 1
-#  depends_on = [oci_database_autonomous_database.autonomous_database,oci_database_autonomous_database_wallet.autonomous_database_wallet]
+  #  depends_on = [oci_database_autonomous_database.autonomous_database,oci_database_autonomous_database_wallet.autonomous_database_wallet]
 
 }
 
@@ -89,10 +89,10 @@ resource "kubernetes_cluster_role" "secret_creator" {
   rule {
     api_groups = [""]
     resources  = ["secrets"]
-    verbs      = ["create","delete"]
+    verbs      = ["create", "delete"]
   }
 
-#  count = var.mushop_mock_mode_all ? 0 : 1
+  #  count = var.mushop_mock_mode_all ? 0 : 1
   count = 1
 }
 
@@ -106,46 +106,46 @@ resource "kubernetes_cluster_role_binding" "wallet_extractor_crb" {
     name      = kubernetes_cluster_role.secret_creator[0].metadata.0.name
   }
   subject {
-    kind      = "ServiceAccount"
-    name      = kubernetes_service_account.wallet_extractor_sa[0].metadata.0.name
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    kind = "ServiceAccount"
+    name = kubernetes_service_account.wallet_extractor_sa[0].metadata.0.name
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
 
-#  count = var.mushop_mock_mode_all ? 0 : 1
+  #  count = var.mushop_mock_mode_all ? 0 : 1
   count = 1
 }
 
 resource "kubernetes_service_account" "wallet_extractor_sa" {
   metadata {
-    name      = "wallet-extractor-sa"
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = "wallet-extractor-sa"
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
   secret {
     name = "wallet-extractor-sa-token"
   }
 
-#  count = var.mushop_mock_mode_all ? 0 : 1
+  #  count = var.mushop_mock_mode_all ? 0 : 1
   count = 1
 }
 
 resource "kubernetes_secret" "wallet_extractor_sa" {
   metadata {
-    name      = "wallet-extractor-sa-token"
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = "wallet-extractor-sa-token"
+    #    namespace = kubernetes_namespace.mushop_namespace.id
     annotations = {
       "kubernetes.io/service-account.name" = kubernetes_service_account.wallet_extractor_sa.0.metadata.0.name
     }
   }
   type = "kubernetes.io/service-account-token"
 
-#  count = var.mushop_mock_mode_all ? 0 : 1
+  #  count = var.mushop_mock_mode_all ? 0 : 1
   count = 1
 }
 
 resource "kubernetes_job" "wallet_extractor_job" {
   metadata {
-    name      = "wallet-extractor-job"
-#    namespace = kubernetes_namespace.mushop_namespace.id
+    name = "wallet-extractor-job"
+    #    namespace = kubernetes_namespace.mushop_namespace.id
   }
   spec {
     template {
@@ -206,15 +206,15 @@ resource "kubernetes_job" "wallet_extractor_job" {
     ttl_seconds_after_finished = 120
   }
 
-  wait_for_completion        = true
+  wait_for_completion = true
   timeouts {
     create = "20m"
     update = "20m"
   }
 
-#  depends_on = [kubernetes_deployment.cluster_autoscaler_deployment]
+  #  depends_on = [kubernetes_deployment.cluster_autoscaler_deployment]
   depends_on = [oci_database_autonomous_database_wallet.autonomous_database_wallet]
 
-#  count = var.mushop_mock_mode_all ? 0 : 1
+  #  count = var.mushop_mock_mode_all ? 0 : 1
   count = 1
 }

terraform/later.tf

@@ -48,7 +48,7 @@
 #### OCI Service User
 #resource "oci_identity_user" "oci_service_user" {
 #  compartment_id = var.tenancy_ocid
-#  description    = "${var.app_name} Service User for deployment ${random_string.deploy_id.result}"
+#  description    = "${local.app_name} Service User for deployment ${random_string.deploy_id.result}"
 #  name           = "${local.app_name_normalized}-service-user-${random_string.deploy_id.result}"
 #
 #  provider = oci.home_region
@@ -57,7 +57,7 @@
 #}
 #resource "oci_identity_group" "oci_service_user" {
 #  compartment_id = var.tenancy_ocid
-#  description    = "${var.app_name} Service User Group for deployment ${random_string.deploy_id.result}"
+#  description    = "${local.app_name} Service User Group for deployment ${random_string.deploy_id.result}"
 #  name           = "${local.app_name_normalized}-service-user-group-${random_string.deploy_id.result}"
 #
 #  provider = oci.home_region
@@ -112,7 +112,7 @@
 
 #resource "oci_functions_application" "app_function" {
 #  compartment_id = local.oke_compartment_ocid
-#  display_name   = "${var.app_name} Application (${random_string.deploy_id.result})"
+#  display_name   = "${local.app_name} Application (${random_string.deploy_id.result})"
 #  subnet_ids     = [oci_core_subnet.apigw_fn_subnet.0.id, ]
 #
 #  config     = {}
@@ -162,7 +162,7 @@
 #  compartment_id = local.oke_compartment_ocid
 #  endpoint_type  = "PUBLIC"
 #  subnet_id      = oci_core_subnet.apigw_fn_subnet.0.id
-#  display_name   = "${var.app_name} API Gateway (${random_string.deploy_id.result})"
+#  display_name   = "${local.app_name} API Gateway (${random_string.deploy_id.result})"
 #
 #  response_cache_details {
 #    type = "NONE"

terraform/locals.tf

@@ -2,6 +2,10 @@ locals {
 
   ts = timestamp()
 
+  app_name = random_string.generated_workspace_name.result
+
+  deploy_id = random_string.generated_deployment_name.result
+
   app = {
     backend_service_name         = "corrino-cp"
     backend_service_name_origin  = "http://corrino-cp"
@@ -25,8 +29,8 @@ locals {
       format("Registration ID  : %s", random_string.registration_id.result),
       format("Deploy DateTime  : %s", local.ts),
       format("Administrator    : %s", var.corrino_admin_email),
-      format("Workspace Name   : %s", var.app_name),
-      format("Deploy ID        : %s", var.deploy_id),
+      format("Workspace Name   : %s", local.app_name),
+      format("Deploy ID        : %s", local.deploy_id),
       format("Corrino Version  : %s", var.corrino_version),
       format("FQDN             : %s", local.fqdn.name),
       format("Tenancy OCID     : %s", local.oci.tenancy_id),
@@ -42,12 +46,12 @@ locals {
   }
 
   oke = {
-    deploy_id    = var.deploy_id
+    deploy_id    = local.deploy_id
     cluster_ocid = var.existent_oke_cluster_id
   }
 
   db = {
-    app_name_for_db = regex("[[:alnum:]]{1,10}", var.app_name)
+    app_name_for_db = regex("[[:alnum:]]{1,10}", local.app_name)
   }
 
   addon = {

terraform/oke.tf

@@ -3,7 +3,7 @@
 #
 
 module "oke-quickstart" {
-#  source = "github.com/oracle-quickstart/terraform-oci-corrino?ref=0.9.0"
+  #  source = "github.com/oracle-quickstart/terraform-oci-corrino?ref=0.9.0"
   source = "./modules/corrino"
 
   providers = {
@@ -18,8 +18,8 @@ module "oke-quickstart" {
 
   # Note: Just few arguments are showing here to simplify the basic example. All other arguments are using default values.
   # App Name to identify deployment. Used for naming resources.
-  app_name = var.app_name
-  deploy_id = var.deploy_id
+  app_name  = local.app_name
+  deploy_id = local.deploy_id
 
   # Freeform Tags + Defined Tags. Tags are applied to all resources.
   tag_values = { "freeformTags" = { "Environment" = "Development", "DeploymentType" = "basic", "QuickstartExample" = "basic-cluster" }, "definedTags" = {} }
@@ -36,27 +36,27 @@ module "oke-quickstart" {
   vcn_cidr_blocks = "10.22.0.0/16"
 
   metrics_server_enabled = var.metrics_server_enabled
-  ingress_nginx_enabled = var.ingress_nginx_enabled
-  cert_manager_enabled = var.cert_manager_enabled
-  prometheus_enabled = var.prometheus_enabled
-  grafana_enabled = var.grafana_enabled
+  ingress_nginx_enabled  = var.ingress_nginx_enabled
+  cert_manager_enabled   = var.cert_manager_enabled
+  prometheus_enabled     = var.prometheus_enabled
+  grafana_enabled        = var.grafana_enabled
 
-  create_new_oke_cluster = false
+  create_new_oke_cluster  = false
   existent_oke_cluster_id = var.existent_oke_cluster_id
 
-  create_new_vcn = false
+  create_new_vcn    = false
   existent_vcn_ocid = var.existent_vcn_ocid
 
   create_new_compartment_for_oke = false
-  existent_vcn_compartment_ocid = var.compartment_ocid
+  existent_vcn_compartment_ocid  = var.compartment_ocid
 
   create_vault_policies_for_group = false
 
-  create_subnets                                     = false
-  existent_oke_k8s_endpoint_subnet_ocid              = var.existent_oke_k8s_endpoint_subnet_ocid
-  existent_oke_nodes_subnet_ocid                     = var.existent_oke_nodes_subnet_ocid
-  existent_oke_load_balancer_subnet_ocid             = var.existent_oke_load_balancer_subnet_ocid
-#  existent_oke_vcn_native_pod_networking_subnet_ocid = "" # Optional. Existent VCN Native POD Networking subnet if the CNI Type is "OCI_VCN_IP_NATIVE"
+  create_subnets                         = false
+  existent_oke_k8s_endpoint_subnet_ocid  = var.existent_oke_k8s_endpoint_subnet_ocid
+  existent_oke_nodes_subnet_ocid         = var.existent_oke_nodes_subnet_ocid
+  existent_oke_load_balancer_subnet_ocid = var.existent_oke_load_balancer_subnet_ocid
+  #  existent_oke_vcn_native_pod_networking_subnet_ocid = "" # Optional. Existent VCN Native POD Networking subnet if the CNI Type is "OCI_VCN_IP_NATIVE"
 
 }
 

terraform/outputs.tf

@@ -102,7 +102,7 @@ output "corrino_source_code" {
   value = "https://github.com/oracle-quickstart/corrino/"
 }
 output "corrino_version" {
-#  value = file("${path.module}/VERSION")
+  #  value = file("${path.module}/VERSION")
   value = local.versions.corrino_version
 }
 
@@ -113,19 +113,19 @@ output "corrino_version" {
 output "corrino_api_url" {
   value       = format("https://${local.public_endpoint.api}")
   description = "API Service"
-  depends_on = [module.oke-quickstart.helm_release_ingress_nginx]
+  depends_on  = [module.oke-quickstart.helm_release_ingress_nginx]
 }
 
 output "corrino_portal_url" {
   value       = format("https://${local.public_endpoint.portal}")
   description = "Portal Service"
-  depends_on = [module.oke-quickstart.helm_release_ingress_nginx]
+  depends_on  = [module.oke-quickstart.helm_release_ingress_nginx]
 }
 
 output "corrino_grafana_url" {
   value       = var.grafana_enabled ? format("https://${local.public_endpoint.grafana}") : null
   description = "Grafana Service"
-  depends_on = [module.oke-quickstart.helm_release_ingress_nginx]
+  depends_on  = [module.oke-quickstart.helm_release_ingress_nginx]
 }
 
 output "grafana_admin_username" {
@@ -147,15 +147,23 @@ output "grafana_admin_password" {
 output "corrino_prometheus_url" {
   value       = var.prometheus_enabled ? format("https://${local.public_endpoint.prometheus}") : null
   description = "Prometheus Service"
-  depends_on = [module.oke-quickstart.helm_release_ingress_nginx]
+  depends_on  = [module.oke-quickstart.helm_release_ingress_nginx]
 }
 
 output "corrino_mlflow_url" {
   value       = var.mlflow_enabled ? format("https://${local.public_endpoint.mlflow}") : null
   description = "MLflow Service"
-  depends_on = [module.oke-quickstart.helm_release_ingress_nginx]
+  depends_on  = [module.oke-quickstart.helm_release_ingress_nginx]
 }
 
 output "autonomous_database_password" {
   value = random_string.autonomous_database_admin_password.result
+}
+
+output "app_name" {
+  value = random_string.generated_workspace_name.result
+}
+
+output "deploy_id" {
+  value = random_string.generated_deployment_name.result
 }

terraform/policies.tf

@@ -1,29 +1,29 @@
 # Get compartment name for policy
 data "oci_identity_compartment" "oci_compartment" {
-    id = var.compartment_ocid
+  id = var.compartment_ocid
 }
 
 # Define the dynamic group
 resource "oci_identity_dynamic_group" "dyn_group" {
-  provider       = oci.home_region 
-  name           = "${var.app_name}-instance-dg"
+  provider       = oci.home_region
+  name           = "${local.app_name}-instance-dg"
   description    = "Dynamic group for OKE instances across the tenancy"
   compartment_id = var.tenancy_ocid
   matching_rule  = "ALL {instance.compartment.id = '${var.compartment_ocid}'}"
-  count = var.policy_creation_enabled ? 1 : 0
+  count          = var.policy_creation_enabled ? 1 : 0
 }
 
 # Define the IAM policy
 resource "oci_identity_policy" "oke_instances_tenancy_policy" {
   provider       = oci.home_region
-  name           = "${var.app_name}-dg-inst-policy"
+  name           = "${local.app_name}-dg-inst-policy"
   description    = "Tenancy-level policy to grant needed permissions to the dynamic group"
   compartment_id = var.tenancy_ocid
 
   statements = [
     "Allow dynamic-group 'Default'/'${oci_identity_dynamic_group.dyn_group[0].name}' to manage all-resources in compartment ${data.oci_identity_compartment.oci_compartment.name}",
     "Allow dynamic-group 'Default'/'${oci_identity_dynamic_group.dyn_group[0].name}' to use all-resources in tenancy",
   ]
-  count = var.policy_creation_enabled ? 1 : 0
+  count      = var.policy_creation_enabled ? 1 : 0
   depends_on = [oci_identity_dynamic_group.dyn_group]
 }