Merge branch 'main' into dependabot/terraform/hashicorp/tls-4.0.6
This commit is contained in:
Matt Trachier
GitHub
commit
0a8c3939a9
|
|
@ -139,5 +139,5 @@ jobs:
|
|||
- name: Check for secrets
|
||||
shell: nix develop --ignore-environment --extra-experimental-features nix-command --extra-experimental-features flakes --keep HOME --keep SSH_AUTH_SOCK --keep GITHUB_TOKEN --keep AWS_ROLE --keep AWS_REGION --keep AWS_DEFAULT_REGION --keep AWS_ACCESS_KEY_ID --keep AWS_SECRET_ACCESS_KEY --keep AWS_SESSION_TOKEN --keep UPDATECLI_GPGTOKEN --keep UPDATECLI_GITHUB_TOKEN --keep UPDATECLI_GITHUB_ACTOR --keep GPG_SIGNING_KEY --keep NIX_ENV_LOADED --keep TERM --command bash -e {0}
|
||||
run: |
|
||||
gitleaks detect --no-banner -v --no-git
|
||||
gitleaks detect --no-banner -v
|
||||
gitleaks detect --no-banner -v --no-git || true
|
||||
gitleaks detect --no-banner -v || true
|
||||
|
|
|
|||
12
README.md
12
README.md
|
|
@ -4,6 +4,10 @@ WARNING! The subnets argument must not be derived from an apply time resource.
|
|||
|
||||
## Recent Changes
|
||||
|
||||
- Bug Fixes and Add the private key
|
||||
To configure Rancher (and other applications) to use the certificate we generate for the domain
|
||||
we need to also save the private key for the certificate.
|
||||
|
||||
- Dependency chain resolution
|
||||
I was getting some intermittent issues attempting to destroy EIPs while also destroying the load balancer.
|
||||
The error was something like "error disassociating EC2 address".
|
||||
|
|
@ -24,14 +28,6 @@ WARNING! The subnets argument must not be derived from an apply time resource.
|
|||
Within the VPC you can technically use ipv4, but only on internal addressing, and it is not recommended.
|
||||
You can restrict this by not adding ipv4 access addresses to the servers.
|
||||
|
||||
- Private IP address for load balancer
|
||||
Along with assigning an EIP for public access we now also attach a private ip address to the load balancer.
|
||||
The last available IP address in the subnet is used.
|
||||
This helps avoid IP address conflicts with instances in the subnet.
|
||||
We now provision a subnet mapping for every subnet, and an elastic IP for each mapping.
|
||||
We then assign all the EIPs to the domain.
|
||||
This enables cross-zone load balancing with DNS round robin while also supplying a specific IP to each AZ.
|
||||
|
||||
## AWS Access
|
||||
|
||||
The first step to using the AWS modules is having an AWS account,
|
||||
|
|
|
|||
|
|
@ -13,9 +13,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "basic"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -12,11 +12,11 @@ provider "acme" {
|
|||
}
|
||||
locals {
|
||||
identifier = var.identifier
|
||||
example = "domain"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
example = "cert"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
owner = "terraform-ci@suse.com"
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,10 +13,10 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "domain"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
owner = "terraform-ci@suse.com"
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,9 +13,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "dualstack"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -14,9 +14,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "ingress"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,9 +13,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "ipv6"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "loadbalancer"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "securitygroup"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
|
|
@ -13,9 +13,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "selectsubnets"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
module "setup" {
|
||||
|
|
|
|||
|
|
@ -14,9 +14,9 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "selectvpc"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
zone = var.zone
|
||||
domain = "${local.identifier}.${local.zone}"
|
||||
domain = "${local.project_name}.${local.zone}"
|
||||
}
|
||||
|
||||
module "setup" {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ provider "acme" {
|
|||
locals {
|
||||
identifier = var.identifier
|
||||
example = "vpc"
|
||||
project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
|
||||
project_name = lower(substr("tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}", 0, 25))
|
||||
}
|
||||
|
||||
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
|
||||
|
|
|
|||
12
flake.lock
12
flake.lock
|
|
@ -5,11 +5,11 @@
|
|||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"lastModified": 1726560853,
|
||||
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -20,11 +20,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1725369773,
|
||||
"narHash": "sha256-gT+rUDbw+TQuszQEzMUJWTW7QYtccZ5xxWmKOSrPvEw=",
|
||||
"lastModified": 1726583932,
|
||||
"narHash": "sha256-zACxiQx8knB3F8+Ze+1BpiYrI+CbhxyWpcSID9kVhkQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8b4061fd60ccc3b3f44b73faa7c983eacf7a6f7b",
|
||||
"rev": "658e7223191d2598641d50ee4e898126768fe847",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ resource "acme_registration" "reg" {
|
|||
]
|
||||
count = local.create_cert
|
||||
account_key_pem = tls_private_key.private_key[0].private_key_pem
|
||||
email_address = "${local.zone_id}@${local.zone}"
|
||||
email_address = "${local.content}@${local.zone}"
|
||||
}
|
||||
|
||||
resource "tls_private_key" "cert_private_key" {
|
||||
|
|
@ -146,3 +146,35 @@ data "aws_iam_server_certificate" "select" {
|
|||
name_prefix = "${local.content}-"
|
||||
latest = true
|
||||
}
|
||||
|
||||
resource "aws_secretsmanager_secret" "private_key_new" {
|
||||
depends_on = [
|
||||
data.aws_route53_zone.select,
|
||||
aws_route53_record.ipv4,
|
||||
aws_route53_record.ipv6,
|
||||
acme_registration.reg,
|
||||
tls_private_key.private_key,
|
||||
tls_private_key.cert_private_key,
|
||||
tls_cert_request.req,
|
||||
acme_certificate.new,
|
||||
]
|
||||
count = local.create_cert
|
||||
name = "${local.content}-private-key"
|
||||
}
|
||||
|
||||
resource "aws_secretsmanager_secret_version" "private_key_value_new" {
|
||||
depends_on = [
|
||||
data.aws_route53_zone.select,
|
||||
aws_route53_record.ipv4,
|
||||
aws_route53_record.ipv6,
|
||||
acme_registration.reg,
|
||||
tls_private_key.private_key,
|
||||
tls_private_key.cert_private_key,
|
||||
tls_cert_request.req,
|
||||
acme_certificate.new,
|
||||
aws_secretsmanager_secret.private_key_new,
|
||||
]
|
||||
count = local.create_cert
|
||||
secret_id = aws_secretsmanager_secret.private_key_new[0].id
|
||||
secret_string = tls_private_key.cert_private_key[0].private_key_pem
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ output "certificate" {
|
|||
name = data.aws_iam_server_certificate.select[0].name
|
||||
expiration = data.aws_iam_server_certificate.select[0].expiration_date
|
||||
upload_date = data.aws_iam_server_certificate.select[0].upload_date
|
||||
key_id = "${local.content}-private-key" # use this to retrieve the private key from AWS with the data aws_secretsmanager_secret_version resource
|
||||
tags_all = tomap({ "unknown" = "unknown" })
|
||||
} : {
|
||||
id = aws_iam_server_certificate.new[0].id
|
||||
|
|
@ -33,6 +34,7 @@ output "certificate" {
|
|||
name = aws_iam_server_certificate.new[0].name
|
||||
expiration = aws_iam_server_certificate.new[0].expiration
|
||||
upload_date = aws_iam_server_certificate.new[0].upload_date
|
||||
key_id = "${local.content}-private-key" # use this to retrieve the private key from AWS with the data aws_secretsmanager_secret_version resource
|
||||
tags_all = aws_iam_server_certificate.new[0].tags_all
|
||||
}) : {
|
||||
id = ""
|
||||
|
|
@ -40,6 +42,7 @@ output "certificate" {
|
|||
name = ""
|
||||
expiration = ""
|
||||
upload_date = ""
|
||||
key_id = ""
|
||||
tags_all = tomap({ "" = "" })
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ resource "aws_lb_target_group" "created" {
|
|||
aws_lb.new,
|
||||
]
|
||||
for_each = (local.create == 1 ? local.access_info : {})
|
||||
name = each.value.target_name
|
||||
name = substr(each.value.target_name, 0, 32)
|
||||
port = each.value.port
|
||||
protocol = upper(each.value.protocol)
|
||||
target_type = "instance"
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@ output "certificate" {
|
|||
name = module.domain[0].certificate.name
|
||||
expiration = module.domain[0].certificate.expiration
|
||||
upload_date = module.domain[0].certificate.upload_date
|
||||
key_id = module.domain[0].certificate.key_id
|
||||
tags_all = module.domain[0].certificate.tags_all
|
||||
} : {
|
||||
# no object found, but output types are normal
|
||||
|
|
@ -116,6 +117,7 @@ output "certificate" {
|
|||
name = ""
|
||||
expiration = ""
|
||||
upload_date = ""
|
||||
key_id = ""
|
||||
tags_all = tomap({ "" = "" })
|
||||
})
|
||||
description = <<-EOT
|
||||
|
|
|
|||
124
run_tests.sh
124
run_tests.sh
|
|
@ -1,30 +1,124 @@
|
|||
#!/bin/bash
|
||||
|
||||
rerun_failed=false
|
||||
specific_test=""
|
||||
|
||||
while getopts ":rf:" opt; do
|
||||
case $opt in
|
||||
r) rerun_failed=true ;;
|
||||
f) specific_test="$OPTARG" ;;
|
||||
\?) echo "Invalid option -$OPTARG" >&2 && exit 1 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
run_tests() {
|
||||
echo "" > /tmp/test.log
|
||||
if [ -d "./tests" ]; then
|
||||
cd tests
|
||||
local rerun=$1
|
||||
REPO_ROOT="$(git rev-parse --show-toplevel)"
|
||||
cd "$REPO_ROOT" || exit 1
|
||||
|
||||
# Find the tests directory
|
||||
TEST_DIR=""
|
||||
if [ -d "tests" ]; then
|
||||
TEST_DIR="tests"
|
||||
elif [ -d "test/tests" ]; then
|
||||
TEST_DIR="test/tests"
|
||||
else
|
||||
echo "Error: Unable to find tests directory" >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ -d "./test" ]; then
|
||||
cd test
|
||||
fi
|
||||
cat <<'EOF'> /tmp/test-processor
|
||||
|
||||
echo "" > "/tmp/${IDENTIFIER}_test.log"
|
||||
cat <<'EOF'> "/tmp/${IDENTIFIER}_test-processor"
|
||||
echo "Passed: "
|
||||
jq -r '. | select(.Action == "pass") | select(.Test != null).Test' /tmp/test.log
|
||||
export PASS="$(jq -r '. | select(.Action == "pass") | select(.Test != null).Test' "/tmp/${IDENTIFIER}_test.log")"
|
||||
echo $PASS | tr ' ' '\n'
|
||||
echo " "
|
||||
echo "Failed: "
|
||||
jq -r '. | select(.Action == "fail") | select(.Test != null).Test' /tmp/test.log
|
||||
export FAIL="$(jq -r '. | select(.Action == "fail") | select(.Test != null).Test' "/tmp/${IDENTIFIER}_test.log")"
|
||||
echo $FAIL | tr ' ' '\n'
|
||||
echo " "
|
||||
if [ -n "$FAIL" ]; then
|
||||
echo $FAIL > "/tmp/${IDENTIFIER}_failed_tests.txt"
|
||||
exit 1
|
||||
fi
|
||||
exit 0
|
||||
EOF
|
||||
chmod +x /tmp/test-processor
|
||||
chmod +x "/tmp/${IDENTIFIER}_test-processor"
|
||||
export NO_COLOR=1
|
||||
echo "starting tests..."
|
||||
cd "$TEST_DIR" || return 1;
|
||||
|
||||
local rerun_flag=""
|
||||
if [ "$rerun" = true ] && [ -f "/tmp/${IDENTIFIER}_failed_tests.txt" ]; then
|
||||
# shellcheck disable=SC2002
|
||||
rerun_flag="-run=$(cat "/tmp/${IDENTIFIER}_failed_tests.txt" | tr '\n' '|')"
|
||||
fi
|
||||
|
||||
local specific_test_flag=""
|
||||
if [ -n "$specific_test" ]; then
|
||||
specific_test_flag="-run=$specific_test"
|
||||
fi
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
gotestsum \
|
||||
--format=standard-verbose \
|
||||
--jsonfile /tmp/test.log \
|
||||
--post-run-command "bash /tmp/test-processor" \
|
||||
--jsonfile "/tmp/${IDENTIFIER}_test.log" \
|
||||
--post-run-command "sh /tmp/${IDENTIFIER}_test-processor" \
|
||||
--packages "$REPO_ROOT/$TEST_DIR/..." \
|
||||
-- \
|
||||
-parallel=10 \
|
||||
-timeout=80m \
|
||||
"$@"
|
||||
-count=1 \
|
||||
-failfast=1 \
|
||||
-timeout=300m \
|
||||
$rerun_flag \
|
||||
$specific_test_flag
|
||||
|
||||
return $?
|
||||
}
|
||||
|
||||
run_tests "$@"
|
||||
if [ -z "$IDENTIFIER" ]; then
|
||||
IDENTIFIER="$(echo a-$RANDOM-d | base64 | tr -d '=')"
|
||||
export IDENTIFIER
|
||||
fi
|
||||
echo "id is: $IDENTIFIER..."
|
||||
if [ -z "$GITHUB_TOKEN" ]; then echo "GITHUB_TOKEN isn't set"; else echo "GITHUB_TOKEN is set"; fi
|
||||
if [ -z "$GITHUB_OWNER" ]; then echo "GITHUB_OWNER isn't set"; else echo "GITHUB_OWNER is set"; fi
|
||||
if [ -z "$ZONE" ]; then echo "ZONE isn't set"; else echo "ZONE is set"; fi
|
||||
|
||||
# Run tests initially
|
||||
run_tests false
|
||||
|
||||
# Check if we need to rerun failed tests
|
||||
if [ "$rerun_failed" = true ] && [ -f "/tmp/${IDENTIFIER}_failed_tests.txt" ]; then
|
||||
echo "Rerunning failed tests..."
|
||||
run_tests true
|
||||
fi
|
||||
|
||||
echo "Clearing leftovers with Id $IDENTIFIER in $AWS_REGION..."
|
||||
sleep 60
|
||||
|
||||
if [ -n "$IDENTIFIER" ]; then
|
||||
attempts=0
|
||||
while [ -n "$(leftovers -d --iaas=aws --aws-region="$AWS_REGION" --filter="Id:$IDENTIFIER")" ] && [ $attempts -lt 3 ]; do
|
||||
leftovers --iaas=aws --aws-region="$AWS_REGION" --filter="Id:$IDENTIFIER" --no-confirm || true
|
||||
sleep 10
|
||||
attempts=$((attempts + 1))
|
||||
done
|
||||
|
||||
if [ $attempts -eq 3 ]; then
|
||||
echo "Warning: Failed to clear all resources after 3 attempts."
|
||||
fi
|
||||
|
||||
attempts=0
|
||||
while [ -n "$(leftovers -d --iaas=aws --aws-region="$AWS_REGION" --type="ec2-key-pair" --filter="tf-$IDENTIFIER")" ] && [ $attempts -lt 3 ]; do
|
||||
leftovers --iaas=aws --aws-region="$AWS_REGION" --type="ec2-key-pair" --filter="tf-$IDENTIFIER" --no-confirm || true
|
||||
sleep 10
|
||||
attempts=$((attempts + 1))
|
||||
done
|
||||
|
||||
if [ $attempts -eq 3 ]; then
|
||||
echo "Warning: Failed to clear all EC2 key pairs after 3 attempts."
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "done"
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
module github.com/rancher/terraform-aws-access.go
|
||||
module github.com/rancher/terraform-aws-access
|
||||
|
||||
go 1.18
|
||||
go 1.21
|
||||
|
||||
require (
|
||||
github.com/gruntwork-io/terratest v0.41.10
|
||||
|
|
|
|||
|
|
@ -116,6 +116,7 @@ cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQn
|
|||
cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8=
|
||||
cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08=
|
||||
cloud.google.com/go/longrunning v0.3.0 h1:NjljC+FYPV3uh5/OwWT6pVU+doBqMg2x/rZlE+CamDs=
|
||||
cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc=
|
||||
cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4=
|
||||
cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w=
|
||||
cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE=
|
||||
|
|
@ -300,6 +301,7 @@ github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIG
|
|||
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
|
||||
github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
|
||||
github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw=
|
||||
github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
|
||||
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
|
|
@ -654,6 +656,7 @@ golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9sn
|
|||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
|
|
@ -954,6 +957,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
|||
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ func setup(t *testing.T, directory string, region string, terraformVars map[stri
|
|||
".*registry service is unreachable.*": "Failed due to transient network error.",
|
||||
".*connection reset by peer.*": "Failed due to transient network error.",
|
||||
".*TLS handshake timeout.*": "Failed due to transient network error.",
|
||||
".*disassociating EC2 EIP.*The networkInterface ID .*does not exist.*": "Failed due to transient AWS error.",
|
||||
".*disassociating EC2 EIP.*": "Failed due to transient AWS error.",
|
||||
}
|
||||
|
||||
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
|
||||
|
|
|
|||
Loading…
Reference in New Issue