I’m trying to bring together three Terraform modules° that comprise a webapp. Separately the modules deploy OK, and my goal now is to arrange things so there’s one terraform apply
to run.
A problem seems to arise when module A generates values at apply
time that module B needs to know about, and vice versa. Were it strictly a linear dependency situation I imagine I could get away with output
to pass values on, but in this case AFAICT, the generated values needs to traverse across modules back and forth.
I’ll try to explain my conundrum with an example. As you may know, typically you need CORS config when BE and FE live on separate origins. The BE needs to be configured with the origin of the FE, and vice versa.
For reasons outside of my control°° I’m using the random_id
module to append a random id to certain names (similar to Kubernetes). For example:
# Backend
resource "random_id" "instance_suffix" {
byte_length = 2
}
resource "azurerm_app_service" "backend" {
name = "mybackend-${random_id.instance_suffix.hex}"
...
}
# Frontend
...
resource "azurerm_app_service" "frontend" {
name = "myfrontend-${random_id.instance_suffix.hex}"
...
}
becomes e.g.
BE name: “mybackend-ab23.azurewebsites.net”
FE name: “myfrontend-ed78.azurewebsites.net”
Ultimately the FE should have the correct BE origin, something like:
# Frontend
resource "azurerm_app_service" "frontend" {
...
cors = [ "https://mybackend-ab23.azurewebsites.net" ]
...
}
but not sure how I should write that into my FE module. Is there a way to use a local
?
A data
value? Not sure.
It doesn’t seem very declarative/idiomatic to configure CORS in some kind of “final pass” when both values are known, but if that’s necessary happy to try.
Been reading https://www.terraform.io/docs/configuration/expressions.html#values-not-yet-known but not sure it applies.
Hoping there is a best practice on this.
Appreciate your insight!
° The three modules are: a static FE, BE, and DB. Running on Azure.
°° Azure uses a global shared namespace for certain public facing things