upgrade to Terraform 0.12

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Makefile

@@ -2,38 +2,36 @@
 
 OS = $(strip $(shell uname -s))
 ARCH = linux_amd64
-PLATFORM = linux
 ifeq ($(OS),Darwin)
 	ARCH = darwin_amd64
-	PLATFORM = darwin
 endif
 
 PLUGIN_DIR = ~/.terraform.d/plugins
 
 PROVIDER_NAME = terraform-provider-ansible
-PROVIDER_VERSION = v0.0.4
+PROVIDER_VERSION = v1.0.3
 PROVIDER_ARCHIVE = $(PROVIDER_NAME)-$(ARCH).zip
 PROVIDER_URL = https://github.com/nbering/terraform-provider-ansible/releases/download/$(PROVIDER_VERSION)/$(PROVIDER_ARCHIVE)
 
 PROVISIONER_NAME = terraform-provisioner-ansible
-PROVISIONER_VERSION = v2.0.0
+PROVISIONER_VERSION = v2.3.0
 PROVISIONER_ARCHIVE = $(PROVISIONER_NAME)-$(subst _,-,$(ARCH))_$(PROVISIONER_VERSION)
 PROVISIONER_URL = https://github.com/radekg/terraform-provisioner-ansible/releases/download/$(PROVISIONER_VERSION)/$(PROVISIONER_ARCHIVE)
 
-all: requirements install-provider install-provisioner secrets
+all: requirements install-provider install-provisioner secrets init-terraform
-	echo "Success!"
+	@echo "Success!"
 
 plugins: install-provider install-provisioner
 
 requirements:
 	ansible-galaxy install --ignore-errors --force -r ansible/requirements.yml
 
-install-unzip:
+check-unzip:
-	ifeq (, $(shell which unzip)) \
+ifeq (, $(shell which unzip))
- 		$(error "No unzip in PATH, consider doing apt install unzip") \
+	$(error "No unzip in PATH, consider doing apt install unzip")
- 	endif
+endif
 
-install-provider:
+install-provider: check-unzip
 	if [ ! -e $(PLUGIN_DIR)/$(ARCH)/$(PROVIDER_NAME)_$(PROVIDER_VERSION) ]; then \
 		mkdir -p $(PLUGIN_DIR); \
 		wget $(PROVIDER_URL) -P $(PLUGIN_DIR); \
@@ -47,13 +45,16 @@ install-provisioner:
 		chmod +x $(PLUGIN_DIR)/$(ARCH)/$(PROVISIONER_NAME)_$(PROVISIONER_VERSION); \
 	fi
 
+init-terraform:
+	terraform init -upgrade=true
+
 secrets:
 	pass services/consul/ca-crt > ansible/files/consul-ca.crt
 	pass services/consul/ca-key > ansible/files/consul-ca.key
 	pass services/consul/client-crt > ansible/files/consul-client.crt
 	pass services/consul/client-key > ansible/files/consul-client.key
-	pass cloud/GoogleCloud/json > google-cloud.json
+	echo "Saving secrets to: terraform.tfvars"
-	echo "\
+	@echo "\
 # secrets extracted from password-store\n\
 cloudflare_token    = \"$(shell pass cloud/Cloudflare/token)\"\n\
 cloudflare_email    = \"$(shell pass cloud/Cloudflare/email)\"\n\

main.tf

@@ -1,11 +1,12 @@
 /* DERIVED --------------------------------------*/
 provider "cloudflare" {
-  email  = "${var.cloudflare_email}"
+  email  = var.cloudflare_email
-  token  = "${var.cloudflare_token}"
+  token  = var.cloudflare_token
-  org_id = "${var.cloudflare_org_id}"
+  org_id = var.cloudflare_org_id
 }
+
 provider "google" {
-  credentials = "${file("google-cloud.json")}"
+  credentials = file("google-cloud.json")
   project     = "russia-servers"
   region      = "us-central1"
 }
@@ -14,10 +15,12 @@ provider "google" {
 
 terraform {
   backend "consul" {
-    address   = "https://consul.statusim.net:8400"
+    address = "https://consul.statusim.net:8400"
-    lock      = true
+    lock    = true
+
     /* KV store has a limit of 512KB */
-    gzip      = true
+    gzip = true
+
     /* WARNING This needs to be changed for every repo. */
     path      = "terraform/faucet/"
     ca_file   = "ansible/files/consul-ca.crt"
@@ -29,43 +32,47 @@ terraform {
 /* RESOURCES ------------------------------------*/
 
 module "main" {
-  source    = "github.com/status-im/infra-tf-google-cloud"
+  source     = "github.com/status-im/infra-tf-google-cloud"
-  name      = "master"
+  name       = "master"
-  env       = "faucet"
+  env        = "faucet"
-  group     = "faucet-master"
+  group      = "faucet-master"
-  type      = "n1-standard-1"
+  type       = "n1-standard-1"
-  count     = 1
+  host_count = 1
-  vol_size  = 10
+  vol_size   = 10
-  domain    = "${var.domain}"
+  domain     = var.domain
   open_ports = [
-    "80-80",   /* HTTP */
+    "80",    /* HTTP */
-    "443-443", /* HTTPS */
+    "443",   /* HTTPS */
-    "30303"    /* GETH */
+    "30303", /* GETH */
   ]
 }
 
 /* DNS Entries for faucet APIs */
 
 resource "cloudflare_record" "main-ropsten" {
-  domain  = "${var.public_domain}"
+  domain  = var.public_domain
   name    = "faucet-ropsten"
-  value   = "${module.main.public_ips[0]}"
   type    = "A"
   proxied = true
+  value   = module.main.public_ips[count.index]
+  count   = length(module.main.public_ips)
 }
 
 resource "cloudflare_record" "main-rinkeby" {
-  domain  = "${var.public_domain}"
+  domain  = var.public_domain
   name    = "faucet-rinkeby"
-  value   = "${module.main.public_ips[0]}"
   type    = "A"
   proxied = true
+  value   = module.main.public_ips[count.index]
+  count   = length(module.main.public_ips)
 }
 
 resource "cloudflare_record" "main-goerli" {
-  domain  = "${var.public_domain}"
+  domain  = var.public_domain
   name    = "faucet-goerli"
-  value   = "${module.main.public_ips[0]}"
   type    = "A"
   proxied = true
+  value   = module.main.public_ips[count.index]
+  count   = length(module.main.public_ips)
 }
+

variables.tf

@@ -1,25 +1,26 @@
 /* REQUIRED -------------------------------------*/
 
-variable cloudflare_token {
+variable "cloudflare_token" {
   description = "Token for interacting with Cloudflare API."
 }
 
-variable cloudflare_email {
+variable "cloudflare_email" {
   description = "Email address of Cloudflare account."
 }
 
-variable cloudflare_org_id {
+variable "cloudflare_org_id" {
   description = "ID of the CloudFlare organization."
 }
 
 /* GENERAL --------------------------------------*/
 
-variable public_domain {
+variable "public_domain" {
   description = "Domain under which the public sites go."
   default     = "status.im"
 }
 
-variable domain {
+variable "domain" {
   description = "DNS Domain to update"
   default     = "statusim.net"
 }
+

versions.tf

@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}