Skip to content

Commit

Permalink
fix: Update TLS to use v3.3 which includes support for linux_arm64 (#147
Browse files Browse the repository at this point in the history 
)

* Update hashicorp/tls to 3.3

* Add missing inputs to google_compute_address.vault.ilb

* Remove deprecated key_algorith as it now infers algorithm from the key.
  • Loading branch information
@burninmedia
burninmedia authored Apr 21, 2022
1 parent 7d1a376 commit 9236c4a
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 5 deletions.
3 changes: 0 additions & 3 deletions modules/cluster/crypto.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,6 @@ resource "tls_private_key" "root" {
resource "tls_self_signed_cert" "root" {
count = local.manage_tls_count

key_algorithm = tls_private_key.root[0].algorithm
private_key_pem = tls_private_key.root[0].private_key_pem

subject {
Expand Down Expand Up @@ -94,7 +93,6 @@ resource "tls_private_key" "vault-server" {
resource "tls_cert_request" "vault-server" {
count = local.manage_tls_count

key_algorithm = tls_private_key.vault-server[0].algorithm
private_key_pem = tls_private_key.vault-server[0].private_key_pem

dns_names = var.tls_dns_names
Expand All @@ -113,7 +111,6 @@ resource "tls_locally_signed_cert" "vault-server" {
count = local.manage_tls_count

cert_request_pem = tls_cert_request.vault-server[0].cert_request_pem
ca_key_algorithm = tls_private_key.root[0].algorithm
ca_private_key_pem = tls_private_key.root[0].private_key_pem
ca_cert_pem = tls_self_signed_cert.root[0].cert_pem

Expand Down
2 changes: 1 addition & 1 deletion modules/cluster/versions.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ terraform {

tls = {
source = "hashicorp/tls"
version = "~> 2.1"
version = "~> 3.3"
}

google = {
Expand Down
3 changes: 2 additions & 1 deletion network.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
* limitations under the License.
*/


#
# This file contains the networking bits.
#
Expand All @@ -38,6 +37,8 @@ resource "google_compute_address" "vault_ilb" {
subnetwork = local.subnet
name = "vault-ilb"
address_type = "INTERNAL"
project = var.project_id
region = var.region

depends_on = [google_project_service.service]
}
Expand Down

0 comments on commit 9236c4a

Please sign in to comment.