Set concrete types

Author: yorinasub17

examples/k8s-namespace-with-service-account/variables.tf

@@ -5,14 +5,17 @@
 
 variable "name" {
   description = "Name of the namespace to be created"
+  type        = string
 }
 
 variable "kubectl_config_context_name" {
   description = "The config context to use when authenticating to the Kubernetes cluster. If empty, defaults to the current context specified in the kubeconfig file."
+  type        = string
   default     = ""
 }
 
 variable "kubectl_config_path" {
   description = "The path to the config file to use for kubectl. If empty, defaults to $HOME/.kube/config"
+  type        = string
   default     = "~/.kube/config"
 }

examples/k8s-tiller-kubergrunt-minikube/variables.tf

@@ -5,14 +5,17 @@
 
 variable "tiller_namespace" {
   description = "The namespace to deploy Tiller into."
+  type        = string
 }
 
 variable "resource_namespace" {
   description = "The namespace where the Helm chart resources will be deployed into by Tiller."
+  type        = string
 }
 
 variable "service_account_name" {
   description = "The name of the service account to use for Tiller."
+  type        = string
 }
 
 variable "tls_subject" {
@@ -58,61 +61,72 @@ variable "client_tls_subject" {
 
 variable "tiller_version" {
   description = "The version of Tiller to deploy."
+  type        = string
   default     = "v2.11.0"
 }
 
 # TLS algorithm configuration
 
 variable "private_key_algorithm" {
   description = "The name of the algorithm to use for private keys. Must be one of: RSA or ECDSA."
+  type        = string
   default     = "ECDSA"
 }
 
 variable "private_key_ecdsa_curve" {
   description = "The name of the elliptic curve to use. Should only be used if var.private_key_algorithm is ECDSA. Must be one of P224, P256, P384 or P521."
+  type        = string
   default     = "P256"
 }
 
 variable "private_key_rsa_bits" {
   description = "The size of the generated RSA key in bits. Should only be used if var.private_key_algorithm is RSA."
-  default     = "2048"
+  type        = number
+  default     = 2048
 }
 
 # Kubectl options
 
 variable "kubectl_config_context_name" {
   description = "The config context to use when authenticating to the Kubernetes cluster. If empty, defaults to the current context specified in the kubeconfig file."
+  type        = string
   default     = ""
 }
 
 variable "kubectl_config_path" {
   description = "The path to the config file to use for kubectl. If empty, defaults to $HOME/.kube/config"
+  type        = string
   default     = "~/.kube/config"
 }
 
 # Helm client config options
 
 variable "configure_helm" {
   description = "Whether or not to configure the local helm client to authenticate to the deployed Tiller instance."
+  type        = bool
   default     = true
 }
 
 variable "helm_home" {
   description = "The path to the home directory for helm that you wish to use for this deployment."
+  type        = string
   default     = ""
 }
 
 variable "helm_client_rbac_user" {
   description = "If set, will setup the local helm client to authenticate using this RBAC user."
+  type        = string
   default     = ""
 }
 
 variable "helm_client_rbac_group" {
   description = "If set, will setup the local helm client to authenticate using this RBAC group."
+  type        = string
   default     = ""
 }
 
 variable "helm_client_rbac_service_account" {
   description = "If set, will setup the local helm client to authenticate using this ServiceAccount. The ServiceAccount should be encoded as NAMESPACE/NAME."
+  type        = string
   default     = ""
 }

modules/k8s-helm-client-tls-certs/variables.tf

@@ -15,18 +15,22 @@ variable "tls_subject" {
 
 variable "ca_tls_certificate_key_pair_secret_namespace" {
   description = "Namespace where the CA certificate key pairs are stored."
+  type        = string
 }
 
 variable "ca_tls_certificate_key_pair_secret_name" {
   description = "Name to use for the Secret resource that stores the CA certificate key pairs."
+  type        = string
 }
 
 variable "tls_certificate_key_pair_secret_namespace" {
   description = "Namespace where the signed TLS certificate key pairs should be stored."
+  type        = string
 }
 
 variable "tls_certificate_key_pair_secret_name" {
   description = "Name to use for the Secret resource that stores the signed TLS certificate key pairs."
+  type        = string
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -38,17 +42,20 @@ variable "tls_certificate_key_pair_secret_name" {
 
 variable "private_key_algorithm" {
   description = "The name of the algorithm to use for private keys. Must be one of: RSA or ECDSA."
+  type        = string
   default     = "ECDSA"
 }
 
 variable "private_key_ecdsa_curve" {
   description = "The name of the elliptic curve to use. Should only be used if var.private_key_algorithm is ECDSA. Must be one of P224, P256, P384 or P521."
+  type        = string
   default     = "P256"
 }
 
 variable "private_key_rsa_bits" {
   description = "The size of the generated RSA key in bits. Should only be used if var.private_key_algorithm is RSA."
-  default     = "2048"
+  type        = number
+  default     = 2048
 }
 
 variable "tls_certs_allowed_uses" {
@@ -76,6 +83,7 @@ variable "tls_certs_ip_addresses" {
 
 variable "validity_period_hours" {
   description = "The number of hours after initial issuing that the certificate will become invalid."
+  type        = number
 
   # 10 years
   default = 87660
@@ -85,16 +93,19 @@ variable "validity_period_hours" {
 
 variable "store_in_kubernetes_secret" {
   description = "Whether or not to store the generated TLS certificate key pairs in Kubernetes Secret."
+  type        = bool
   default     = true
 }
 
 variable "ca_tls_certificate_key_pair_secret_filename_base" {
   description = "Basename used for the TLS certificate files stored in the Secret."
+  type        = string
   default     = "ca"
 }
 
 variable "tls_certificate_key_pair_secret_filename_base" {
   description = "Basename to use for the signed TLS certificate files stored in the Secret."
+  type        = string
   default     = "client"
 }
 

modules/k8s-namespace-roles/variables.tf

@@ -5,6 +5,7 @@
 
 variable "namespace" {
   description = "The name of the namespace where the roles should be created."
+  type        = string
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -26,6 +27,7 @@ variable "annotations" {
 
 variable "create_resources" {
   description = "Set to false to have this module create no resources. This weird parameter exists solely because Terraform does not support conditional modules. Therefore, this is a hack to allow you to conditionally decide if the Namespace roles should be created or not."
+  type        = bool
   default     = true
 }
 

modules/k8s-namespace/variables.tf

@@ -5,6 +5,7 @@
 
 variable "name" {
   description = "The name of the namespace to be created."
+  type        = string
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -26,6 +27,7 @@ variable "annotations" {
 
 variable "create_resources" {
   description = "Set to false to have this module create no resources. This weird parameter exists solely because Terraform does not support conditional modules. Therefore, this is a hack to allow you to conditionally decide if the Namespace should be created or not."
+  type        = bool
   default     = true
 }
 

modules/k8s-service-account/variables.tf

@@ -5,10 +5,12 @@
 
 variable "name" {
   description = "The name of the service account to be created."
+  type        = string
 }
 
 variable "namespace" {
   description = "The namespace where the service account is created."
+  type        = string
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -20,6 +22,7 @@ variable "namespace" {
 # See: https://github.com/hashicorp/terraform/issues/17421
 variable "num_rbac_roles" {
   description = "Number of RBAC roles to bind. This should match the number of items in the list passed to rbac_roles."
+  type        = number
   default     = 0
 }
 
@@ -49,6 +52,7 @@ variable "annotations" {
 
 variable "automount_service_account_token" {
   description = "Whether or not to automatically mount the service account token into the container. This defaults to true."
+  type        = bool
   default     = true
 }
 

modules/k8s-tiller-tls-certs/variables.tf

@@ -21,18 +21,22 @@ variable "signed_tls_subject" {
 
 variable "ca_tls_certificate_key_pair_secret_namespace" {
   description = "Namespace where the CA certificate key pairs should be stored."
+  type        = string
 }
 
 variable "ca_tls_certificate_key_pair_secret_name" {
   description = "Name to use for the Secret resource that stores the CA certificate key pairs."
+  type        = string
 }
 
 variable "signed_tls_certificate_key_pair_secret_namespace" {
   description = "Namespace where the signed TLS certificate key pairs should be stored."
+  type        = string
 }
 
 variable "signed_tls_certificate_key_pair_secret_name" {
   description = "Name to use for the Secret resource that stores the signed TLS certificate key pairs."
+  type        = string
 }
 
 # ---------------------------------------------------------------------------------------------------------------------
@@ -44,17 +48,20 @@ variable "signed_tls_certificate_key_pair_secret_name" {
 
 variable "private_key_algorithm" {
   description = "The name of the algorithm to use for private keys. Must be one of: RSA or ECDSA."
+  type        = string
   default     = "ECDSA"
 }
 
 variable "private_key_ecdsa_curve" {
   description = "The name of the elliptic curve to use. Should only be used if var.private_key_algorithm is ECDSA. Must be one of P224, P256, P384 or P521."
+  type        = string
   default     = "P256"
 }
 
 variable "private_key_rsa_bits" {
   description = "The size of the generated RSA key in bits. Should only be used if var.private_key_algorithm is RSA."
-  default     = "2048"
+  type        = number
+  default     = 2048
 }
 
 variable "ca_tls_certs_allowed_uses" {
@@ -95,6 +102,7 @@ variable "signed_tls_certs_ip_addresses" {
 
 variable "validity_period_hours" {
   description = "The number of hours after initial issuing that the certificate will become invalid."
+  type        = number
 
   # 10 years
   default = 87660
@@ -104,6 +112,7 @@ variable "validity_period_hours" {
 
 variable "ca_tls_certificate_key_pair_secret_filename_base" {
   description = "Basename to use for the TLS certificate files stored in the Secret."
+  type        = string
   default     = "ca"
 }
 
@@ -121,6 +130,7 @@ variable "ca_tls_certificate_key_pair_secret_annotations" {
 
 variable "signed_tls_certificate_key_pair_secret_filename_base" {
   description = "Basename to use for the signed TLS certificate files stored in the Secret."
+  type        = string
   default     = "tls"
 }
 
@@ -138,6 +148,7 @@ variable "signed_tls_certificate_key_pair_secret_annotations" {
 
 variable "create_resources" {
   description = "Set to false to have this module create no resources. This weird parameter exists solely because Terraform does not support conditional modules. Therefore, this is a hack to allow you to conditionally decide if the TLS certs should be created or not."
+  type        = bool
   default     = true
 }