fix: typos and minor issues

matttrach · matttrach · commit d102606b3a59 · 2026-05-20T16:29:58.000-05:00
Signed-off-by: matttrach &lt;matt.trachier@suse.com&gt;
diff --git a/.gitignore b/.gitignore
@@ -32,3 +32,4 @@ run.sh
 static_files.txt
 * copy
 *.tfbackend
+*.log
diff --git a/README.md b/README.md
@@ -43,7 +43,7 @@ These tools will need to be installed on the machine running Terraform:
 - helm (v3)
 - git
 - awscli (if using ipv6)
-- age (encrytion tool used for storing env secrets when necessary) https://github.com/filosottile/age
+- age (encryption tool used for storing env secrets when necessary) https://github.com/filosottile/age
 
 Check out the flake.nix file for a list of packages that we use when developing and testing.
 
diff --git a/examples/prod/main.tf b/examples/prod/main.tf
@@ -31,7 +31,7 @@ locals {
   acme_server_url      = var.acme_server_url
   owner                = var.owner
   rke2_version         = var.rke2_version
-  rke2_minor           = split(".", local.rke2_version)[1]
+  rke2_minor           = tonumber(split(".", local.rke2_version)[1])
   default_ingress      = local.rke2_minor >= 35 ? "traefik" : "nginx"
   local_file_path      = var.file_path
   runner_ip            = chomp(data.http.myip.response_body) # "runner" is the server running Terraform
diff --git a/flake.nix b/flake.nix
@@ -142,7 +142,7 @@
           devShells.default = pkgs.mkShell {
             buildInputs = [ devShellPackage ];
             shellHook = ''
-              while read word; do echo -e "*$word\n#" | aspell -a --dont-validate-words 2&>/dev/null; done < aspell_custom.txt
+              while read word; do echo -e "*$word\n#" | aspell -a --dont-validate-words 2>/dev/null; done < aspell_custom.txt
               export PS1="nix:# ";
             '';
           };
diff --git a/get-pr-comments.sh b/get-pr-comments.sh
@@ -0,0 +1,8 @@
+# This gets all of the comments for a PR, helpful when writing with an agent.
+# Expects your environment to have GITHUB_TOKEN with a PAT that can access the API.
+PROJECT="rancher/terraform-rancher2-aws"
+PULL_ID=$1
+curl -s -H "Authorization: Bearer $GITHUB_TOKEN" \
+  -H "Accept: application/vnd.github+json" \
+  "https://api.github.com/repos/$PROJECT/pulls/${PULL_ID}/comments" | \
+  jq -r '.[] | "File: \(.path)\nLine: \(.line)\nDiff:\n\(.diff_hunk)\n\nComment:\n\(.body)\n\n========================================\n"'
diff --git a/modules/deploy/create.sh.tpl b/modules/deploy/create.sh.tpl
@@ -50,11 +50,11 @@ fi
 # Set up plugin cache directory
 # shellcheck disable=SC2154
 if [ ! -d "${plugin_cache}" ]; then
-  install -d "$TF_PLUGIN_CACHE_DIR"
+  install -d "${plugin_cache}"
 fi
 if [ -n "$TF_PLUGIN_CACHE_DIR" ]; then
     # shellcheck disable=SC2154
-    cp -r "$TF_PLUGIN_CACHE_DIR" "${plugin_cache}"
+    cp -a "$TF_PLUGIN_CACHE_DIR/." "${plugin_cache}/" 2>/dev/null || true
 fi
 # shellcheck disable=SC2154
 export TF_PLUGIN_CACHE_DIR="${plugin_cache}"
diff --git a/modules/deploy/destroy.sh.tpl b/modules/deploy/destroy.sh.tpl
@@ -49,12 +49,12 @@ fi
 # Set up plugin cache directory
 # shellcheck disable=SC2154
 if [ ! -d "${plugin_cache}" ]; then
-  install -d "$TF_PLUGIN_CACHE_DIR"
+  install -d "${plugin_cache}"
 fi
 
 if [ -n "$TF_PLUGIN_CACHE_DIR" ]; then
   # shellcheck disable=SC2154
-  cp -r "$TF_PLUGIN_CACHE_DIR" "${plugin_cache}"
+  cp -a "$TF_PLUGIN_CACHE_DIR/." "${plugin_cache}/" 2>/dev/null || true
 fi
 
 # shellcheck disable=SC2154
diff --git a/modules/deploy/main.tf b/modules/deploy/main.tf
@@ -119,7 +119,7 @@ resource "file_local" "write_tmp_inputs" {
   directory   = local.tf_data_dir
   name        = "inputs.tmp"
   contents    = local.inputs
-  permissions = "0755"
+  permissions = "0600"
 }
 resource "file_local_snapshot" "persist_inputs" {
   depends_on = [
@@ -140,9 +140,10 @@ resource "file_local" "instantiate_inputs_snapshot" {
     file_local.write_tmp_inputs,
     file_local_snapshot.persist_inputs,
   ]
-  directory = local.deploy_path
-  name      = "inputs.tfvars"
-  contents  = base64decode(file_local_snapshot.persist_inputs.snapshot)
+  directory   = local.deploy_path
+  name        = "inputs.tfvars"
+  contents    = base64decode(file_local_snapshot.persist_inputs.snapshot)
+  permissions = "0600"
 }
 
 ### Environment Variables ###
@@ -155,7 +156,7 @@ resource "file_local" "write_tmp_env" {
   directory   = local.tf_data_dir
   name        = "env.tmp"
   contents    = local.export_contents
-  permissions = "0644"
+  permissions = "0600"
 }
 resource "file_local_snapshot" "persist_envrc" {
   depends_on = [
@@ -179,7 +180,7 @@ resource "file_local" "instantiate_envrc_snapshot" {
   directory   = local.deploy_path
   name        = "envrc"
   contents    = base64decode(file_local_snapshot.persist_envrc.snapshot)
-  permissions = "0644"
+  permissions = "0600"
 }
 
 ## Generated Files ##
@@ -236,8 +237,8 @@ resource "terraform_data" "destroy" {
     when = destroy
     # no changing the directory or this won't work on different machines!
     command = <<-EOT
-      # if the original filesystem is wiped out, the destroy script may not exist on a consequetive apply (not the first apply)
-      # in which case we need the generate_destroy resoruce to regenerate the destroy script, and the destroy_end resource will hande the destroy.
+      # if the original filesystem is wiped out, the destroy script may not exist on a consecutive apply (not the first apply)
+      # in which case we need the generate_destroy resource to regenerate the destroy script, and the destroy_end resource will handle the destroy.
       if [ -f ${self.triggers_replace.dp}/destroy.sh ]; then
         ${self.triggers_replace.dp}/destroy.sh
       fi
diff --git a/modules/deploy/variables.tf b/modules/deploy/variables.tf
@@ -108,7 +108,7 @@ variable "jitter_min" {
   description = <<-EOT
     Number of seconds min to wait before running apply.
     This is part of a range of seconds that will be randomly selected to wait in order to prevent 
-      file cache override curruption from multiple terraform instances running at the same time.
+      file cache override corruption from multiple terraform instances running at the same time.
   EOT
   default     = 0
 }
@@ -117,7 +117,7 @@ variable "jitter_max" {
   description = <<-EOT
     Number of seconds max to wait before running apply.
     This is part of a range of seconds that will be randomly selected to wait in order to prevent 
-      file cache override curruption from multiple terraform instances running at the same time.
+      file cache override corruption from multiple terraform instances running at the same time.
   EOT
   default     = 0
 }
diff --git a/modules/install_rancher/rancher/main.tf b/modules/install_rancher/rancher/main.tf
@@ -5,7 +5,7 @@ locals {
   rancher_helm_channel      = var.rancher_helm_channel
   rancher_version           = replace(var.rancher_version, "v", "") # don't include the v
   rke2_version              = var.rke2_version
-  rke2_minor                = split(".", local.rke2_version)[1]
+  rke2_minor                = tonumber(split(".", local.rke2_version)[1])
   helm_chart_use_strategy   = var.rancher_helm_chart_use_strategy
   rancher_helm_chart_values = jsondecode(base64decode(var.rancher_helm_chart_values))
   default_hc_values = {
diff --git a/modules/install_rancher/rancher/variables.tf b/modules/install_rancher/rancher/variables.tf
@@ -20,7 +20,7 @@ variable "rancher_version" {
 variable "rke2_version" {
   type        = string
   description = <<-EOT
-    The version of rke2 powering the cliuster.
+    The version of rke2 powering the cluster.
     This is used for determining ingress configuration.
   EOT
 }
diff --git a/modules/install_rancher/rancher_externalTLS/main.tf b/modules/install_rancher/rancher_externalTLS/main.tf
@@ -4,7 +4,7 @@ locals {
   rancher_helm_channel      = var.rancher_helm_channel
   rancher_version           = replace(var.rancher_version, "v", "") # don't include the v
   rke2_version              = var.rke2_version
-  rke2_minor                = split(".", local.rke2_version)[1]
+  rke2_minor                = tonumber(split(".", local.rke2_version)[1])
   default_ingress           = (local.rke2_minor >= 35 ? "traefik" : "nginx")
   helm_chart_use_strategy   = var.rancher_helm_chart_use_strategy
   rancher_helm_chart_values = jsondecode(base64decode(var.rancher_helm_chart_values))
diff --git a/modules/install_rancher/rancher_externalTLS/variables.tf b/modules/install_rancher/rancher_externalTLS/variables.tf
@@ -20,7 +20,7 @@ variable "rancher_version" {
 variable "rke2_version" {
   type        = string
   description = <<-EOT
-    The version of rke2 powering the cliuster.
+    The version of rke2 powering the cluster.
     This is used for determining ingress configuration.
   EOT
 }
diff --git a/modules/install_rancher/variables.tf b/modules/install_rancher/variables.tf
@@ -47,7 +47,7 @@ variable "rancher_version" {
 variable "rke2_version" {
   type        = string
   description = <<-EOT
-    The version of rke2 powering the cliuster.
+    The version of rke2 powering the cluster.
     This is used for determining ingress configuration.
   EOT
 }
