Use locals in terraform

Author: fzarrioracle

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/locals.tf

@@ -11,6 +11,7 @@
 locals {
   ocir_docker_repository = join("", [lower(lookup(data.oci_identity_regions.oci_regions.regions[0], "key")), ".ocir.io"])
   ocir_namespace = lookup(data.oci_objectstorage_namespace.namespace, "namespace")
+  working_dir = "function/oci-datasafe-audit-to-logging"
   namespace = lookup(data.oci_objectstorage_namespace.namespace, "namespace")
   compartment_name = lookup(data.oci_identity_compartment.compartment, "name")
   resource_nc = "-${var.deployment_name}-${var.region}-${var.purpose}-${random_id.tag.hex}"
@@ -21,4 +22,8 @@ locals {
   functionapp_display_name = "${var.FunctionAppNamePrefix}${local.resource_nc}"
   function_display_name = "${var.FunctionNamePrefix}${local.resource_nc}"
   function_invoke_oci_logging_displayname = "${var.FunctionInvokeOCILoggingName}${local.resource_nc}"
+  ocilogging_group_displayname="${var.LogGroupPrefix}${local.resource_nc}"
+  ocilogging_dslog_displayname="${var.LogDataSafeAuditDBNamePrefix}${local.resource_nc}"
+  notificationtopic_name = "${var.NotificationTopicNamePrefix}${local.resource_nc}"
+  alarm_displayname = "${var.AlarmNamePrefix}${local.resource_nc}"
 }

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/logging.tf

@@ -10,11 +10,11 @@
 
 resource "oci_logging_log_group" "log_group" {
   compartment_id = var.compartment_ocid
-  display_name   = "${var.LogGroupPrefix}-${random_id.tag.hex}"
+  display_name   = local.ocilogging_group_displayname
 }
 
 resource "oci_logging_log" "log_datadafe_auditdb" {
-  display_name = "${var.LogDataSafeAuditDBNamePrefix}-${var.deployment_name}-${random_id.tag.hex}"
+  display_name = local.ocilogging_dslog_displayname
   log_group_id = oci_logging_log_group.log_group.id
   log_type     = "CUSTOM"
   is_enabled = true

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/main.tf

@@ -23,22 +23,22 @@ resource "null_resource" "DataSafeAuditDBtoLoggingPush2OCIR" {
 
   provisioner "local-exec" {
     command     = "image=$(docker images | grep oci-datasafe-audit-to-logging | awk -F ' ' '{print $3}') ; docker rmi -f $image &> /dev/null ; echo $image"
-    working_dir = "function/oci-datasafe-audit-to-logging"
+    working_dir = local.working_dir
   }
 
   provisioner "local-exec" {
     command     = "fn build --verbose"
-    working_dir = "function/oci-datasafe-audit-to-logging"
+    working_dir = local.working_dir
   }
 
   provisioner "local-exec" {
-    command     = "image=$(docker images | grep oci-datasafe-audit-to-logging | awk -F ' ' '{print $3}') ; docker tag $image ${local.ocir_docker_repository}/${local.namespace}/${oci_artifacts_container_repository.fn_container_repository.display_name}/oci-datasafe-audit-to-logging:0.0.1"
-    working_dir = "function/oci-datasafe-audit-to-logging"
+    command     = "image=$(docker images | grep oci-datasafe-audit-to-logging | awk -F ' ' '{print $3}') ; docker tag $image ${local.ocir_docker_repository}/${local.namespace}/${oci_artifacts_container_repository.fn_container_repository.display_name}/${local.function_display_name}:0.0.1"
+    working_dir = local.working_dir
  }
 
   provisioner "local-exec" {
-    command     = "docker push ${local.ocir_docker_repository}/${local.namespace}/${oci_artifacts_container_repository.fn_container_repository.display_name}/oci-datasafe-audit-to-logging:0.0.1"
-    working_dir = "function/oci-datasafe-audit-to-logging"
+    command     = "docker push ${local.ocir_docker_repository}/${local.namespace}/${oci_artifacts_container_repository.fn_container_repository.display_name}/${local.function_display_name}:0.0.1"
+    working_dir = local.working_dir
  }
 }
 

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/modules/network/main.tf

@@ -9,18 +9,6 @@
 ################################################################################
 
 
-locals {
-    resource_nc = "-${var.deployment_name}-${var.region}-${var.purpose}-${random_id.tag.hex}"
-    vcn_dns_label = "${var.vcndnslabelprefix}${local.resource_nc}"
-    vcn_displayname = "${var.vcnnameprefix}${local.resource_nc}"
-    service_gw_displayname = "${var.vcnnameservicegatewayprefix}${local.resource_nc}"
-    vcnnameroutingtable_displayname = "${var.vcnnameroutingtableprefix}${local.resource_nc}"
-    dhcpoptions_displayname = "${var.vcnnamedhcpopitonsprefix}${local.resource_nc}"
-    subnet_displayname = "${var.subnetnameprefix}${local.resource_nc}"
-    subnet_dns_label = "${var.subnetdnslabelprefix}${local.resource_nc}"
-    vcn_securitylist_displayname = "${var.vcnnamesecuritylistprefix}${local.resource_nc}"
-}
-
 resource "oci_core_virtual_network" "vcn" {
   cidr_block     = var.VCN-CIDR
   dns_label      = local.vcn_dns_label

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/schedule.tf

@@ -13,7 +13,7 @@
 resource "oci_ons_notification_topic" "schedule_ds_ocilogging_notification_topic" {
     #Required
     compartment_id = var.compartment_ocid
-    name = "${var.NotificationTopicNamePrefix}-${var.deployment_name}-${random_id.tag.hex}"
+    name = local.notificationtopic_name
 }
 
 resource "oci_ons_subscription" "schedule_ds_ocilogging_notification_subscription" {
@@ -28,7 +28,7 @@ resource "oci_monitoring_alarm" "schedule_ds_ocilogging_alarm" {
     #Required
     compartment_id = var.compartment_ocid
     destinations = [oci_ons_notification_topic.schedule_ds_ocilogging_notification_topic.id]
-    display_name = "${var.AlarmNamePrefix}-${var.deployment_name}-${random_id.tag.hex}"
+    display_name = local.alarm_displayname
     is_enabled = "true"
     metric_compartment_id =  var.compartment_ocid
     namespace = "oci_faas"

security/security-design/fn-datasafe-dbaudit-to-oci-logging/terraform/schema.yaml

@@ -136,7 +136,7 @@ variables:
     title: "VCN CIDR"
     description: "Choose VCN's CIDR block where Fn App will be deployed."
 
-  fnsubnet-CIDR:
+  subnet-CIDR:
     type: string
     required: false
     default: "10.0.2.0/24"