alphagov · LeePorte · Aug 16, 2022
@@ -49,10 +49,8 @@ resource "aws_db_instance" "concourse_grafana_db" {
   ca_cert_identifier        = "rds-ca-2019"
 }
 
-data "template_file" "concourse_grafana_container_def" {
-  template = file("${path.module}/files/grafana-container-def.json")
-
-  vars = {
+variable concourse_grafana_container_def {
+  default = {
     deployment                   = var.deployment
     grafana_url                  = local.grafana_url
     database_host                = aws_db_instance.concourse_grafana_db.endpoint
@@ -63,7 +61,7 @@ data "template_file" "concourse_grafana_container_def" {
 
 resource "aws_ecs_task_definition" "concourse_grafana_task_def" {
   family                   = "${var.deployment}-concourse-grafana"
-  container_definitions    = data.template_file.concourse_grafana_container_def.rendered
+  container_definitions    = templatefile("${path.module}/files/grafana-container-def.json" var.concourse_grafana_container_def)
   execution_role_arn       = aws_iam_role.concourse_grafana_execution.arn
   task_role_arn            = aws_iam_role.concourse_grafana_task.arn
   network_mode             = "awsvpc"

@@ -1,11 +1,3 @@
-data "template_file" "concourse_prometheus_config" {
-  template = file("${path.module}/files/prometheus.yml")
-
-  vars = {
-    deployment = var.deployment
-  }
-}
-
 resource "aws_cloudwatch_log_group" "prometheus" {
   name = "${var.deployment}-prometheus"
 }
@@ -16,20 +8,18 @@ locals {
 
 data "aws_region" "current" {}
 
-data "template_file" "prometheus_task_definition" {
-  template = file("${path.module}/files/prometheus-task-definition.json")
-  vars = {
-    data_volume_name             = local.data_volume_name
-    log_group_name               = aws_cloudwatch_log_group.prometheus.name
-    log_group_region             = data.aws_region.current.name
-    config_base64                = base64encode(data.template_file.concourse_prometheus_config.rendered)
+variable prometheus_vars {
+  default = {
+    data_volume_name = local.data_volume_name,
+    log_group_name = aws_cloudwatch_log_group.prometheus.name,
+    log_group_region = data.aws_region.current.name,
+    config_base64 = base64encode(templatefile("${path.module}/files/prometheus.yml", {deployment = var.deployment})),
     prometheus_entrypoint_base64 = base64encode(file("${path.module}/files/prometheus-entrypoint.sh"))
   }
 }
-
 resource "aws_ecs_task_definition" "prometheus" {
   family                   = "${var.deployment}-prometheus"
-  container_definitions    = data.template_file.prometheus_task_definition.rendered
+  container_definitions    = templatefile("${path.module}/files/prometheus-task-definition.json", var.prometheus_vars)
   requires_compatibilities = ["FARGATE"]
   cpu                      = 512
   memory                   = 1024

@@ -10,10 +10,8 @@ data "aws_ami" "ubuntu_focal" {
   }
 }
 
-data "template_file" "concourse_prometheus_cloud_init" {
-  template = file("${path.module}/files/prometheus-init.sh")
-
-  vars = {
+variable concourse_prometheus_cloud_init {
+  default = {
     deployment       = var.deployment
     data_volume_size = var.prometheus_volume_size
   }
@@ -35,7 +33,7 @@ resource "aws_instance" "concourse_prometheus" {
 
   iam_instance_profile = aws_iam_instance_profile.concourse_prometheus.name
 
-  user_data = data.template_file.concourse_prometheus_cloud_init.rendered
+  user_data = templatefile("${path.module}/files/prometheus-init.sh", var.concourse_prometheus_cloud_init)
 
   root_block_device {
     volume_size = 20

@@ -10,20 +10,18 @@ data "aws_ami" "ubuntu_focal" {
   }
 }
 
-data "template_file" "concourse_web_cloud_init" {
-  template = file("${path.module}/files/web-init.sh")
-
-  vars = {
-    deployment                              = var.deployment
-    main_team_github_team                   = var.main_team_github_team
-    main_team_pipeline_operator_github_team = var.main_team_pipeline_operator_github_team
-    concourse_external_url                  = aws_route53_record.concourse_public_deployment.fqdn
-    concourse_db_url                        = aws_route53_record.concourse_private_db.fqdn
-    concourse_version                       = var.concourse_version
-    concourse_sha1                          = var.concourse_sha1
-    concourse_web_bucket                    = aws_s3_bucket.concourse_web.bucket
-    worker_keys_s3_object_key               = aws_s3_bucket_object.concourse_web_team_authorized_worker_keys.id
-    concourse_web_syslog_log_group_name     = local.concourse_web_syslog_log_group_name
+variable concourse_web_vars {
+  default = {
+    deployment = var.deployment,
+    main_team_github_team = var.main_team_github_team,
+    main_team_pipeline_operator_github_team = var.main_team_pipeline_operator_github_team,
+    concourse_external_url = aws_route53_record.concourse_public_deployment.fqdn,
+    concourse_db_url = aws_route53_record.concourse_private_db.fqdn,
+    concourse_version  = var.concourse_version,
+    concourse_sha1 = var.concourse_sha1,
+    concourse_web_bucket = aws_s3_bucket.concourse_web.bucket,
+    worker_keys_s3_object_key = aws_s3_bucket_object.concourse_web_team_authorized_worker_keys.id,
+    concourse_web_syslog_log_group_name = local.concourse_web_syslog_log_group_name,
   }
 }
 
@@ -38,7 +36,7 @@ resource "aws_launch_template" "concourse_web" {
   instance_type          = var.instance_type
   vpc_security_group_ids = [aws_security_group.concourse_web.id]
 
-  user_data = base64encode(data.template_file.concourse_web_cloud_init.rendered)
+  user_data = base64encode(templatefilefile("${path.module}/files/web-init.sh", var.concourse_web_vars))
 
   block_device_mappings {
     device_name = "/dev/sda1"

@@ -10,15 +10,13 @@ data "aws_ami" "ubuntu_focal" {
   }
 }
 
-data "template_file" "concourse_worker_cloud_init" {
-  template = file("${path.module}/files/worker-init.sh")
-
-  vars = {
-    deployment            = var.deployment
-    worker_team_name      = var.name
-    concourse_host        = local.concourse_url
-    concourse_version     = var.concourse_version
-    concourse_sha1        = var.concourse_sha1
+variable concourse_worker_vars {
+  default = {
+    deployment = var.deployment,
+    worker_team_name = var.name,
+    concourse_host = local.concourse_url,
+    concourse_version = var.concourse_version,
+    concourse_sha1 = var.concourse_sha1,
     syslog_log_group_name = "/${var.deployment}/concourse/worker"
   }
 }
@@ -30,7 +28,7 @@ resource "aws_launch_template" "concourse_worker" {
   instance_type          = var.instance_type
   vpc_security_group_ids = var.security_group_ids
 
-  user_data = base64encode(data.template_file.concourse_worker_cloud_init.rendered)
+  user_data = base64encode(templatefile("${path.module}/files/worker-init.sh", var.concourse_worker_vars ))
 
   block_device_mappings {
     device_name = "/dev/sda1"