Skip to content
This repository was archived by the owner on Mar 30, 2026. It is now read-only.

Commit 947f285

Browse files
erezrokahgithub-actions[bot]mnorbury
authored
fix: Remove volume type variable, handle invalid index error (#24)
* fix: Remove volume type, handle invalid index error * docs: update terraform docs * Only use throughput and iops if appropriate type see [docs](https://registry.terraform.io/providers/hashicorp/aws/5.81.0/docs/resources/ebs_volume#throughput-1) * docs: update terraform docs --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Martin Norbury <martin.norbury@gmail.com>
1 parent ba4ba2f commit 947f285

4 files changed

Lines changed: 18 additions & 10 deletions

File tree

.github/workflows/terraform.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ permissions:
1010
contents: write
1111
pull-requests: write
1212
security-events: write
13+
# id-token: write
1314

1415
concurrency:
1516
group: ${{ github.workflow }}-${{ github.ref }}
@@ -169,6 +170,12 @@ jobs:
169170
working-directory: ${{ matrix.example }}
170171

171172
steps:
173+
# - name: Configure AWS credentials
174+
# uses: aws-actions/configure-aws-credentials@v4
175+
# with:
176+
# role-to-assume: "arn:aws:iam::615713231484:role/terraform-cloudquery-modules-repo-role"
177+
# aws-region: us-east-1
178+
172179
- name: Checkout
173180
uses: actions/checkout@v4
174181

@@ -183,3 +190,6 @@ jobs:
183190

184191
- name: Terraform Validate
185192
run: terraform validate
193+
194+
# - name: Terraform Plan
195+
# run: terraform plan

clickhouse/ebs.tf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,8 @@ resource "aws_ebs_volume" "clickhouse" {
33
availability_zone = module.vpc.private_subnet_objects[each.value.subnet_index].availability_zone
44
size = var.clickhouse_volume_size
55
type = var.clickhouse_volume_type
6-
throughput = 125
7-
iops = 3000
6+
throughput = var.clickhouse_volume_type == "gp3" ? 125 : null
7+
iops = contains(["io1", "io2", "gp3"], var.clickhouse_volume_type) ? 3000 : null
88
tags = var.tags
99
}
1010

@@ -20,8 +20,8 @@ resource "aws_ebs_volume" "keeper" {
2020
availability_zone = module.vpc.private_subnet_objects[each.value.subnet_index].availability_zone
2121
size = var.keeper_volume_size
2222
type = var.keeper_volume_type
23-
throughput = 125
24-
iops = 3000
23+
throughput = var.keeper_volume_type == "gp3" ? 125 : null
24+
iops = contains(["io1", "io2", "gp3"], var.keeper_volume_type) ? 3000 : null
2525
tags = var.tags
2626
}
2727

clickhouse/examples/tls-encryption/main.tf

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,9 +46,7 @@ module "secure_clickhouse" {
4646

4747
# Storage configuration
4848
clickhouse_volume_size = 100
49-
clickhouse_volume_type = "gp3"
5049
keeper_volume_size = 20
51-
keeper_volume_type = "gp3"
5250

5351
# AWS specific settings
5452
region = "us-west-2"

clickhouse/main.tf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,8 @@ module "clickhouse_cluster" {
4242
internal_domain = local.internal_domain,
4343
use_external_certs = var.use_external_certs
4444
external_ca_cert = var.use_external_certs ? var.external_ca_cert : ""
45-
ca_secret_arn = var.use_external_certs ? "" : aws_secretsmanager_secret.ca_materials[0].arn
46-
node_secret_arn = var.use_external_certs ? var.external_cert_secret_ids.cluster_nodes[each.key] : aws_secretsmanager_secret.node_certs[each.key].arn
45+
ca_secret_arn = !var.enable_encryption || var.use_external_certs ? "" : aws_secretsmanager_secret.ca_materials[0].arn
46+
node_secret_arn = var.use_external_certs ? var.external_cert_secret_ids.cluster_nodes[each.key] : var.enable_encryption ? aws_secretsmanager_secret.node_certs[each.key].arn : ""
4747
})
4848

4949
metadata_options = {
@@ -84,8 +84,8 @@ module "clickhouse_keeper" {
8484
internal_domain = local.internal_domain,
8585
use_external_certs = var.use_external_certs
8686
external_ca_cert = var.use_external_certs ? var.external_ca_cert : ""
87-
ca_secret_arn = var.use_external_certs ? "" : aws_secretsmanager_secret.ca_materials[0].arn
88-
node_secret_arn = var.use_external_certs ? var.external_cert_secret_ids.cluster_nodes[each.key] : aws_secretsmanager_secret.node_certs[each.key].arn
87+
ca_secret_arn = !var.enable_encryption || var.use_external_certs ? "" : aws_secretsmanager_secret.ca_materials[0].arn
88+
node_secret_arn = var.use_external_certs ? var.external_cert_secret_ids.keeper_nodes[each.key] : var.enable_encryption ? aws_secretsmanager_secret.node_certs[each.key].arn : ""
8989
})
9090

9191
metadata_options = {

0 commit comments

Comments
 (0)