fix(new-api): add tags and filter on them in FW

freeCodeCamp · Jan 14, 2025 · e38f845 · e38f845
1 parent 924ed83
commit e38f845
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 4 deletions.
diff --git a/terraform/ops-standalone/main.tf b/terraform/ops-standalone/main.tf
@@ -39,3 +39,17 @@ data "linode_instances" "prd_oldeworld_jms" {
     values = ["prd_oldeworld_jms"]
   }
 }
+
+data "linode_instances" "stg_oldeworld_api" {
+  filter {
+    name   = "tags"
+    values = ["stg_oldeworld_api", "new"]
+  }
+}
+
+data "linode_instances" "prd_oldeworld_api" {
+  filter {
+    name   = "tags"
+    values = ["prd_oldeworld_api", "new"]
+  }
+}
diff --git a/terraform/ops-standalone/next-00-backoffice.tf b/terraform/ops-standalone/next-00-backoffice.tf
@@ -130,7 +130,13 @@ resource "linode_firewall" "ops_backoffice_firewall" {
     action   = "ACCEPT"
     ipv4 = flatten([
       [for i in data.linode_instances.stg_oldeworld_jms.instances : "${i.private_ip_address}/32"],
-      [for i in data.linode_instances.prd_oldeworld_jms.instances : "${i.private_ip_address}/32"]
+      [for i in data.linode_instances.prd_oldeworld_jms.instances : "${i.private_ip_address}/32"],
+      [for i in data.linode_instances.stg_oldeworld_api.instances :
+        contains(i.tags, "new_api") ? ["${i.private_ip_address}/32"] : []
+      ],
+      [for i in data.linode_instances.prd_oldeworld_api.instances :
+        contains(i.tags, "new_api") ? ["${i.private_ip_address}/32"] : []
+      ]
     ])
   }
 
@@ -141,7 +147,13 @@ resource "linode_firewall" "ops_backoffice_firewall" {
     action   = "ACCEPT"
     ipv4 = flatten([
       [for i in data.linode_instances.stg_oldeworld_jms.instances : "${i.private_ip_address}/32"],
-      [for i in data.linode_instances.prd_oldeworld_jms.instances : "${i.private_ip_address}/32"]
+      [for i in data.linode_instances.prd_oldeworld_jms.instances : "${i.private_ip_address}/32"],
+      [for i in data.linode_instances.stg_oldeworld_api.instances :
+        contains(i.tags, "new_api") ? ["${i.private_ip_address}/32"] : []
+      ],
+      [for i in data.linode_instances.prd_oldeworld_api.instances :
+        contains(i.tags, "new_api") ? ["${i.private_ip_address}/32"] : []
+      ]
     ])
   }
 

diff --git a/terraform/prd-cluster-oldeworld/next-04-api.tf b/terraform/prd-cluster-oldeworld/next-04-api.tf
@@ -9,7 +9,10 @@ resource "linode_instance" "prd_oldeworld_api" {
 
   # NOTE:
   # Value should use '_' as sepratator for compatibility with Ansible Dynamic Inventory
-  tags = ["prd", "oldeworld", "api", "prd_oldeworld_api"]
+  tags = concat(
+    ["prd", "oldeworld", "api", "prd_oldeworld_api"],
+    count.index > 2 ? ["new_api"] : []
+  )
 
   lifecycle {
     ignore_changes = [

diff --git a/terraform/stg-cluster-oldeworld/next-04-api.tf b/terraform/stg-cluster-oldeworld/next-04-api.tf
@@ -9,7 +9,10 @@ resource "linode_instance" "stg_oldeworld_api" {
 
   # NOTE:
   # Value should use '_' as sepratator for compatibility with Ansible Dynamic Inventory
-  tags = ["stg", "oldeworld", "api", "stg_oldeworld_api"]
+  tags = concat(
+    ["stg", "oldeworld", "api", "stg_oldeworld_api"],
+    count.index > 2 ? ["new_api"] : []
+  )
 
   lifecycle {
     ignore_changes = [