refactor: clean up unneeded configuration

saumitra-dev · saumitra-dev · commit de7b2edb4cbe · 2024-07-31T11:07:00.000+05:30
Improve `lookup` function conditional logic to account for edge cases. Extract complex conditional logic to `locals`.
diff --git a/main.tf b/main.tf
@@ -5,6 +5,30 @@ locals {
     try(module.acm[0].imported_acm_certificates_arns, {}),
     try(module.acm[0].private_ca_issued_acm_certificates_arns, {})
   ) : {}
+
+  # ALB
+  alb_target_groups = {
+    for k, v in try(var.load_balancer.target_groups, {}) :
+    k => merge(
+      {
+        vpc_id = var.vpc_id
+      },
+      v
+    )
+  }
+  alb_listeners = {
+    for k, v in try(var.load_balancer.listeners, {}) :
+    k => merge(
+      {
+        certificate_arn = lookup(
+          local.acm_certificates_arns,
+          try(v.certificate, null) != null ? try(v.certificate, "") : "",
+          null
+        ) != null ? local.acm_certificates_arns[try(v.certificate, null)] : try(v.certificate_arn, null)
+      },
+      v
+    )
+  }
 }
 
 ################################################################################
@@ -38,7 +62,7 @@ resource "aws_ecs_service" "this" {
       elb_name = try(load_balancer.value.elb_name, null)
       target_group_arn = lookup(
         try(module.alb[0].target_groups_arns, {}),
-        try(load_balancer.value.target_group, ""),
+        try(load_balancer.value.target_group, null) != null ? try(load_balancer.value.target_group, "") : "",
         null
       ) != null ? try(module.alb[0].target_groups_arns, {})[try(load_balancer.value.target_group, null)] : try(load_balancer.value.target_group_arn, null)
       container_name = load_balancer.value.container_name
@@ -69,16 +93,6 @@ resource "aws_ecs_service" "this" {
         content {
           log_driver = var.service.service_connect_configuration.log_configuration.log_driver
           options    = try(var.service.service_connect_configuration.log_configuration.options, null)
-
-          dynamic "secret_option" {
-            for_each = try(var.service.service_connect_configuration.log_configuration.secret_option, [])
-            iterator = secret_option
-
-            content {
-              name       = secret_option.value.name
-              value_from = secret_option.value.value_from
-            }
-          }
         }
       }
 
@@ -99,28 +113,6 @@ resource "aws_ecs_service" "this" {
               dns_name = try(service.client_alias.dns_name, null)
             }
           }
-
-          dynamic "timeout" {
-            for_each = length(try(service.value.timeout, {})) > 0 ? [1] : []
-
-            content {
-              idle_timeout_seconds        = try(service.value.timeout.idle_timeout_seconds, null)
-              per_request_timeout_seconds = try(service.value.timeout.per_request_timeout_seconds, null)
-            }
-          }
-
-          dynamic "tls" {
-            for_each = length(try(service.value.tls, {})) > 0 ? [1] : []
-
-            content {
-              kms_key  = try(service.value.tls.kms_key, null)
-              role_arn = try(service.value.tls.role_arn, null)
-
-              issuer_cert_authority {
-                aws_pca_authority_arn = try(service.value.tls.issuer_cert_authority.aws_pca_authority_arn, null)
-              }
-            }
-          }
         }
       }
     }
@@ -235,22 +227,9 @@ module "alb" {
   preserve_host_header       = try(var.load_balancer.preserve_host_header, null)
   enable_deletion_protection = try(var.load_balancer.enable_deletion_protection, null)
 
-  target_groups = {
-    for k, v in try(var.load_balancer.target_groups, {}) :
-    k => merge({
-      vpc_id = var.vpc_id
-    }, v)
-  }
+  target_groups = local.alb_target_groups
 
-  listeners = {
-    for k, v in try(var.load_balancer.listeners, {}) :
-    k => merge(
-      {
-        certificate_arn = lookup(local.acm_certificates_arns, try(v.certificate, ""), null) != null ? local.acm_certificates_arns[try(v.certificate, null)] : try(v.certificate_arn, null)
-      },
-      v
-    )
-  }
+  listeners = local.alb_listeners
 
   listener_rules = try(var.load_balancer.listener_rules, {})
 
diff --git a/modules/acm/main.tf b/modules/acm/main.tf
@@ -5,10 +5,10 @@
 resource "aws_acm_certificate" "amazon_issued" {
   for_each = var.amazon_issued_certificates
 
-  domain_name               = each.value.domain_name
-  subject_alternative_names = each.value.subject_alternative_names
-  validation_method         = each.value.validation_method
-  key_algorithm             = each.value.key_algorithm
+  domain_name               = try(each.value.domain_name, null)
+  subject_alternative_names = try(each.value.subject_alternative_names, null)
+  validation_method         = try(each.value.validation_method, null)
+  key_algorithm             = try(each.value.key_algorithm, null)
 
   dynamic "validation_option" {
     for_each = try(each.value.validation_option, null) != null ? [1] : []
@@ -33,9 +33,9 @@ resource "aws_acm_certificate" "amazon_issued" {
 resource "aws_acm_certificate" "imported" {
   for_each = var.imported_certificates
 
-  private_key       = each.value.private_key
-  certificate_body  = each.value.certificate_body
-  certificate_chain = each.value.certificate_chain
+  private_key       = try(each.value.private_key, null)
+  certificate_body  = try(each.value.certificate_body, null)
+  certificate_chain = try(each.value.certificate_chain, null)
 
   lifecycle {
     create_before_destroy = true
diff --git a/modules/alb/main.tf b/modules/alb/main.tf
@@ -7,15 +7,12 @@ locals {
 ################################################################################
 
 resource "aws_lb" "this" {
-  name               = var.name
-  load_balancer_type = local.load_balancer_type
-  internal           = var.internal
-
-  subnets         = var.subnets_ids
-  security_groups = var.security_groups_ids
-
-  preserve_host_header = var.preserve_host_header
-
+  name                       = try(var.name, null)
+  load_balancer_type         = try(local.load_balancer_type, null)
+  internal                   = try(var.internal, null)
+  subnets                    = var.subnets_ids
+  security_groups            = var.security_groups_ids
+  preserve_host_header       = var.preserve_host_header
   enable_deletion_protection = var.enable_deletion_protection
 
   tags = var.tags
@@ -28,11 +25,11 @@ resource "aws_lb" "this" {
 resource "aws_lb_target_group" "this" {
   for_each = var.target_groups
 
-  name        = each.value.name
-  vpc_id      = each.value.vpc_id
-  port        = each.value.port
-  protocol    = each.value.protocol
-  target_type = each.value.target_type
+  name        = try(each.value.name, null)
+  vpc_id      = try(each.value.vpc_id, null)
+  port        = try(each.value.port, null)
+  protocol    = try(each.value.protocol, null)
+  target_type = try(each.value.target_type, null)
 
   dynamic "health_check" {
     for_each = try(each.value.health_check, null) != null ? [1] : []
@@ -62,10 +59,10 @@ resource "aws_lb_listener" "this" {
 
   load_balancer_arn = aws_lb.this.arn
 
-  certificate_arn = each.value.certificate_arn
-  port            = each.value.port
-  protocol        = each.value.protocol
-  ssl_policy      = each.value.ssl_policy
+  certificate_arn = try(each.value.certificate_arn, null)
+  port            = try(each.value.port, null)
+  protocol        = try(each.value.protocol, null)
+  ssl_policy      = try(each.value.ssl_policy, null)
 
   dynamic "default_action" {
     for_each = each.value.default_action
@@ -74,7 +71,7 @@ resource "aws_lb_listener" "this" {
     content {
       type             = default_action.value.type
       target_group_arn = aws_lb_target_group.this[default_action.value.target_group].arn
-      order            = default_action.value.order
+      order            = try(default_action.value.order, null)
 
       dynamic "fixed_response" {
         for_each = try(default_action.value.fixed_response, null) != null ? [1] : []
@@ -96,7 +93,7 @@ resource "aws_lb_listener" "this" {
 
             content {
               arn    = target_group.value.arn
-              weight = target_group.value.weight
+              weight = try(target_group.value.weight, null)
             }
           }
 
@@ -105,7 +102,7 @@ resource "aws_lb_listener" "this" {
 
             content {
               duration = default_action.value.forward.stickiness.duration
-              enabled  = try(default_action.value.forward.stickiness.enabled, false)
+              enabled  = try(default_action.value.forward.stickiness.enabled, null)
             }
           }
         }
@@ -146,7 +143,7 @@ resource "aws_lb_listener_rule" "this" {
       type = action.value.type
       target_group_arn = lookup(
         aws_lb_target_group.this,
-        try(action.value.target_group, ""),
+        try(action.value.target_group, null) != null ? try(action.value.target_group, "") : "",
         null
       ) != null ? aws_lb_target_group.this[try(action.value.target_group, null)].arn : null
 
diff --git a/modules/capacity-provider/main.tf b/modules/capacity-provider/main.tf
@@ -14,18 +14,18 @@ resource "aws_ecs_capacity_provider" "this" {
       for_each = try(each.value.managed_scaling, null) != null ? [1] : []
 
       content {
-        instance_warmup_period    = each.value.managed_scaling.instance_warmup_period
-        status                    = each.value.managed_scaling.status
-        target_capacity           = each.value.managed_scaling.target_capacity
-        minimum_scaling_step_size = each.value.managed_scaling.minimum_scaling_step_size
-        maximum_scaling_step_size = each.value.managed_scaling.maximum_scaling_step_size
+        instance_warmup_period    = try(each.value.managed_scaling.instance_warmup_period, null)
+        status                    = try(each.value.managed_scaling.status, null)
+        target_capacity           = try(each.value.managed_scaling.target_capacity, null)
+        minimum_scaling_step_size = try(each.value.managed_scaling.minimum_scaling_step_size, null)
+        maximum_scaling_step_size = try(each.value.managed_scaling.maximum_scaling_step_size, null)
       }
     }
 
-    managed_termination_protection = each.value.managed_termination_protection
+    managed_termination_protection = try(each.value.managed_termination_protection, null)
   }
 
-  tags = each.value.tags
+  tags = try(each.value.tags, {})
 }
 
 ################################################################################
@@ -43,8 +43,8 @@ resource "aws_ecs_cluster_capacity_providers" "this" {
 
     content {
       capacity_provider = aws_ecs_capacity_provider.this[default_capacity_provider_strategies.value.capacity_provider].name
-      base              = default_capacity_provider_strategies.value.base
-      weight            = default_capacity_provider_strategies.value.weight
+      base              = try(default_capacity_provider_strategies.value.base, null)
+      weight            = try(default_capacity_provider_strategies.value.weight, null)
     }
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -14,18 +14,18 @@ resource "aws_ecs_capacity_provider" "this" {`
`14`	`14`	`for_each = try(each.value.managed_scaling, null) != null ? [1] : []`
`15`	`15`
`16`	`16`	`content {`
`17`		`- instance_warmup_period = each.value.managed_scaling.instance_warmup_period`
`18`		`- status = each.value.managed_scaling.status`
`19`		`- target_capacity = each.value.managed_scaling.target_capacity`
`20`		`- minimum_scaling_step_size = each.value.managed_scaling.minimum_scaling_step_size`
`21`		`- maximum_scaling_step_size = each.value.managed_scaling.maximum_scaling_step_size`
	`17`	`+ instance_warmup_period = try(each.value.managed_scaling.instance_warmup_period, null)`
	`18`	`+ status = try(each.value.managed_scaling.status, null)`
	`19`	`+ target_capacity = try(each.value.managed_scaling.target_capacity, null)`
	`20`	`+ minimum_scaling_step_size = try(each.value.managed_scaling.minimum_scaling_step_size, null)`
	`21`	`+ maximum_scaling_step_size = try(each.value.managed_scaling.maximum_scaling_step_size, null)`
`22`	`22`	`}`
`23`	`23`	`}`
`24`	`24`
`25`		`- managed_termination_protection = each.value.managed_termination_protection`
	`25`	`+ managed_termination_protection = try(each.value.managed_termination_protection, null)`
`26`	`26`	`}`
`27`	`27`
`28`		`- tags = each.value.tags`
	`28`	`+ tags = try(each.value.tags, {})`
`29`	`29`	`}`
`30`	`30`
`31`	`31`	`################################################################################`
`@@ -43,8 +43,8 @@ resource "aws_ecs_cluster_capacity_providers" "this" {`
`43`	`43`
`44`	`44`	`content {`
`45`	`45`	`capacity_provider = aws_ecs_capacity_provider.this[default_capacity_provider_strategies.value.capacity_provider].name`
`46`		`- base = default_capacity_provider_strategies.value.base`
`47`		`- weight = default_capacity_provider_strategies.value.weight`
	`46`	`+ base = try(default_capacity_provider_strategies.value.base, null)`
	`47`	`+ weight = try(default_capacity_provider_strategies.value.weight, null)`
`48`	`48`	`}`
`49`	`49`	`}`
`50`	`50`	`}`