terraform: align infrastructure module attributes (#2703)

* all vars have snail_case

* make iam schema consistent

* infrastructure schema

* terraform: update AWS infrastructure module

* fix ci

* terraform: update AWS infrastructure module

* terraform: update AWS IAM module

* terraform: update Azure Infrastructure module inputs

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update Azure IAM module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update GCP infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update GCP IAM module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update OpenStack Infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: update QEMU Infrastructure module

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-module: fix input name

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: tidy

* cli: ignore whitespace in Terraform variable tests

* terraform-module: fix AWS output names

* terraform-module: fix output references

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform: rename `api_server_cert_sans`

* Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* fix self-managed

* terraform: revert AWS modules output file renaming

* terraform: remove duplicate varable declaration

* terraform: rename Azure location field

* ci: adjust output name in self-managed e2e test

* e2e: continuously print output in upgrade test

* e2e: write to output variables

* cli: migrate IAM variable names

* cli: make `location` field optional

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

terraform/infrastructure/openstack/main.tf

@@ -23,7 +23,7 @@ data "openstack_identity_auth_scope_v3" "scope" {
 locals {
   uid                    = random_id.uid.hex
   name                   = "${var.name}-${local.uid}"
-  initSecretHash         = random_password.initSecret.bcrypt_hash
+  init_secret_hash       = random_password.init_secret.bcrypt_hash
   ports_node_range_start = "30000"
   ports_node_range_end   = "32767"
   ports_kubernetes       = "6443"
@@ -49,15 +49,15 @@ resource "random_id" "uid" {
   byte_length = 4
 }
 
-resource "random_password" "initSecret" {
+resource "random_password" "init_secret" {
   length           = 32
   special          = true
   override_special = "_%@"
 }
 
-resource "openstack_images_image_v2" "constellation_os_image" {
+resource "openstack_images_image_v2" "image_id" {
   name             = local.name
-  image_source_url = var.image_url
+  image_source_url = var.image_id
   web_download     = var.direct_download
   container_format = "bare"
   disk_format      = "raw"
@@ -168,13 +168,13 @@ module "instance_group" {
   disk_size                  = each.value.state_disk_size
   state_disk_type            = each.value.state_disk_type
   availability_zone          = each.value.zone
-  image_id                   = openstack_images_image_v2.constellation_os_image.image_id
+  image_id                   = openstack_images_image_v2.image_id.image_id
   flavor_id                  = each.value.flavor_id
   security_groups            = [openstack_compute_secgroup_v2.vpc_secgroup.id]
   tags                       = local.tags
   uid                        = local.uid
   network_id                 = openstack_networking_network_v2.vpc_network.id
-  init_secret_hash           = local.initSecretHash
+  init_secret_hash           = local.init_secret_hash
   identity_internal_url      = local.identity_internal_url
   openstack_username         = var.openstack_username
   openstack_password         = var.openstack_password

terraform/infrastructure/openstack/modules/instance_group/outputs.tf

@@ -1,11 +1,9 @@
-output "instance_group" {
-  value = local.name
-}
-
 output "ips" {
-  value = openstack_compute_instance_v2.instance_group_member.*.access_ip_v4
+  value       = openstack_compute_instance_v2.instance_group_member.*.access_ip_v4
+  description = "Public IP addresses of the instances."
 }
 
 output "instance_ids" {
-  value = openstack_compute_instance_v2.instance_group_member.*.id
+  value       = openstack_compute_instance_v2.instance_group_member.*.id
+  description = "IDs of the instances."
 }

terraform/infrastructure/openstack/modules/instance_group/variables.tf

@@ -1,16 +1,11 @@
-variable "node_group_name" {
-  type        = string
-  description = "Constellation name for the node group (used for configuration and CSP-independent naming)."
-}
-
 variable "base_name" {
   type        = string
   description = "Base name of the instance group."
 }
 
-variable "uid" {
+variable "node_group_name" {
   type        = string
-  description = "Unique ID of the Constellation."
+  description = "Constellation name for the instance group (used for configuration and CSP-independent naming)."
 }
 
 variable "role" {
@@ -22,14 +17,24 @@ variable "role" {
   }
 }
 
+variable "tags" {
+  type        = list(string)
+  description = "Tags to attach to each node."
+}
+
+variable "uid" {
+  type        = string
+  description = "Unique ID of the Constellation."
+}
+
 variable "initial_count" {
   type        = number
-  description = "Number of instances in the instance group."
+  description = "Number of instances in this instance group."
 }
 
 variable "image_id" {
   type        = string
-  description = "Image ID for the nodes."
+  description = "OS Image reference for the cluster's nodes."
 }
 
 variable "flavor_id" {
@@ -42,24 +47,19 @@ variable "security_groups" {
   description = "Security groups to place the nodes in."
 }
 
-variable "tags" {
-  type        = list(string)
-  description = "Tags to attach to each node."
-}
-
 variable "disk_size" {
   type        = number
-  description = "Disk size for the nodes, in GiB."
+  description = "Disk size for the state disk of the nodes [GB]."
 }
 
 variable "state_disk_type" {
   type        = string
-  description = "Disk/volume type to be used."
+  description = "Type of the state disk."
 }
 
 variable "availability_zone" {
   type        = string
-  description = "The availability zone to deploy the nodes in."
+  description = "Availability zone to deploy the nodes in."
 }
 
 variable "network_id" {

terraform/infrastructure/openstack/modules/loadbalancer/variables.tf

@@ -1,25 +1,25 @@
 variable "name" {
   type        = string
-  description = "Base name of the load balancer rule."
+  description = "Base name of the load balancer."
 }
 
 variable "member_ips" {
   type        = list(string)
-  description = "The IP addresses of the members of the load balancer pool."
+  description = "IP addresses of the members of the load balancer pool."
   default     = []
 }
 
 variable "loadbalancer_id" {
   type        = string
-  description = "The ID of the load balancer."
+  description = "ID of the load balancer."
 }
 
 variable "subnet_id" {
   type        = string
-  description = "The ID of the members subnet."
+  description = "ID of the members subnet."
 }
 
 variable "port" {
   type        = number
-  description = "The port on which to listen for incoming traffic."
+  description = "Port to listen on incoming traffic."
 }

terraform/infrastructure/openstack/outputs.tf

@@ -1,28 +1,37 @@
+# Outputs common to all CSPs
+
 output "out_of_cluster_endpoint" {
-  value = openstack_networking_floatingip_v2.public_ip.address
+  value       = openstack_networking_floatingip_v2.public_ip.address
+  description = "External endpoint for the Kubernetes API server. Only varies from the `in_cluster_endpoint` when using an internal load balancer."
 }
 
 output "in_cluster_endpoint" {
-  value = openstack_networking_floatingip_v2.public_ip.address
+  value       = openstack_networking_floatingip_v2.public_ip.address
+  description = "Internal endpoint for the Kubernetes API server."
 }
 
 output "api_server_cert_sans" {
-  value = sort(concat([openstack_networking_floatingip_v2.public_ip.address], var.custom_endpoint == "" ? [] : [var.custom_endpoint]))
+  value       = sort(concat([openstack_networking_floatingip_v2.public_ip.address], var.custom_endpoint == "" ? [] : [var.custom_endpoint]))
+  description = "List of Subject Alternative Names (SANs) for the API server certificate."
 }
 
 output "uid" {
-  value = local.uid
+  value       = local.uid
+  description = "Unique Identifier (UID) of the cluster."
 }
 
-output "initSecret" {
-  value     = random_password.initSecret.result
-  sensitive = true
+output "init_secret" {
+  value       = random_password.init_secret.result
+  sensitive   = true
+  description = "Initialization secret to authenticate the bootstrapping node."
 }
 
 output "name" {
-  value = local.name
+  value       = local.name
+  description = "Unique name of the Constellation cluster, comprised by name and UID."
 }
 
-output "ip_cidr_nodes" {
-  value = local.cidr_vpc_subnet_nodes
+output "ip_cidr_node" {
+  value       = local.cidr_vpc_subnet_nodes
+  description = "CIDR block of the node network."
 }

terraform/infrastructure/openstack/variables.tf

@@ -1,3 +1,10 @@
+# Variables common to all CSPs
+
+variable "name" {
+  type        = string
+  default     = "constell"
+  description = "Base name of the cluster."
+}
 variable "node_groups" {
   type = map(object({
     role            = string
@@ -16,31 +23,39 @@ variable "node_groups" {
   description = "A map of node group names to node group configurations."
 }
 
+variable "image_id" {
+  type        = string
+  description = "OS image URL for the cluster's nodes."
+}
+
+variable "debug" {
+  type        = bool
+  default     = false
+  description = "DO NOT USE IN PRODUCTION. Enable debug mode. This opens up a debugd port that can be used to deploy a custom bootstrapper."
+}
+
+variable "custom_endpoint" {
+  type        = string
+  default     = ""
+  description = "Custom endpoint to use for the Kubernetes API server. If not set, the default endpoint will be used."
+}
+
+# OpenStack-specific variables
+
 variable "cloud" {
   type        = string
   default     = null
-  description = "The cloud to use within the OpenStack \"clouds.yaml\" file. Optional. If not set, environment variables are used."
-}
-
-variable "name" {
-  type        = string
-  default     = "constell"
-  description = "Base name of the cluster."
-}
-
-variable "image_url" {
-  type        = string
-  description = "The image to use for cluster nodes."
+  description = "Cloud to use within the OpenStack \"clouds.yaml\" file. Optional. If not set, environment variables are used."
 }
 
 variable "direct_download" {
   type        = bool
-  description = "If enabled, downloads OS image directly from source URL to OpenStack. Otherwise, downloads image to local machine and uploads to OpenStack."
+  description = "Download OS image directly from source URL to OpenStack. Otherwise, the image is downloaded to the local machine and uploads to OpenStack."
 }
 
 variable "floating_ip_pool_id" {
   type        = string
-  description = "The pool (network name) to use for floating IPs."
+  description = "Pool (network name) to use for floating IPs."
 }
 
 variable "openstack_user_domain_name" {
@@ -57,15 +72,3 @@ variable "openstack_password" {
   type        = string
   description = "OpenStack password."
 }
-
-variable "debug" {
-  type        = bool
-  default     = false
-  description = "Enable debug mode. This opens up a debugd port that can be used to deploy a custom bootstrapper."
-}
-
-variable "custom_endpoint" {
-  type        = string
-  default     = ""
-  description = "Custom endpoint to use for the Kubernetes apiserver. If not set, the default endpoint will be used."
-}