From 521f9348922d3703a976f16be8bada45e4118e99 Mon Sep 17 00:00:00 2001 From: taylor Date: Tue, 1 Oct 2024 17:16:54 -0700 Subject: [PATCH 1/2] make sure the instance name is a string --- modules/aws_vpc/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/aws_vpc/main.tf b/modules/aws_vpc/main.tf index d0e2139..1a2291b 100644 --- a/modules/aws_vpc/main.tf +++ b/modules/aws_vpc/main.tf @@ -523,7 +523,7 @@ output "route_53_dns" { output "public_dns" { description = "key is the controller's short name, value is the associated dns name or NLB's dns name" - value = var.use_nlb_and_asg ? { for i, v in aws_lb.controller : local.flattened-instances[i].name => v.dns_name } : { for i, v in aws_instance.controller : local.flattened-instances[i] => v.public_dns } + value = var.use_nlb_and_asg ? { for i, v in aws_lb.controller : local.flattened-instances[i].name => v.dns_name } : { for i, v in aws_instance.controller : tostring(i) => v.public_dns } } output "nlb_to_instance_name" { From 03e9ee2d65cebae7d4b83b7c156ccb0bdb1f1198 Mon Sep 17 00:00:00 2001 From: taylor Date: Tue, 1 Oct 2024 17:18:46 -0700 Subject: [PATCH 2/2] prevent idempotency errors on password hashing --- examples/quickstart/main.tf | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/examples/quickstart/main.tf b/examples/quickstart/main.tf index 2741941..5363207 100644 --- a/examples/quickstart/main.tf +++ b/examples/quickstart/main.tf @@ -29,6 +29,14 @@ data "aws_ssm_parameter" "password" { provider = aws.us-east-2 } +// A hashed variant of the password will be needed when seeding the initial +// administrative user. +// $ mkpasswd -m bcrypt PASSWORD +data "aws_ssm_parameter" "hashed-password" { + name = "/bowtie/admin/hashed-password" + provider = aws.us-east-2 +} + // The cluster synchronization pass key is sensitive and should be handled with // care. data "aws_ssm_parameter" "sync-psk" { @@ -60,7 +68,7 @@ module "bowtie_us_west_2" { init-users = [{ email = var.bowtie_admin_email - hashed_password = format("$bcrypt%s", bcrypt(data.aws_ssm_parameter.password.value)) + hashed_password = format("$bcrypt%s", data.aws_ssm_parameter.hashed-password.value) }] providers = { aws = aws.us-west-2 } @@ -103,7 +111,7 @@ module "bowtie_us_east_2" { init-users = [{ email = var.bowtie_admin_email - hashed_password = format("$bcrypt%s", bcrypt(data.aws_ssm_parameter.password.value)) + hashed_password = format("$bcrypt%s", data.aws_ssm_parameter.hashed-password.value) }] providers = { aws = aws.us-east-2 }