From ef18f19ec4f844689566561cc8f38edc21afed32 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Mon, 15 Jan 2018 21:27:06 -0800 Subject: [PATCH] Edit digital ocean port range and ordering to suppress diff * Change port range from keyword "all" to "1-65535", which is the same but with digitalocean provider 0.1.3 doesn't produce a diff * Rearrange egress firewall rules to order the Digtial Ocean API and provider returns. In current testing, this fixes the last diff that was present on `terraform plan`. --- digital-ocean/container-linux/kubernetes/network.tf | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/digital-ocean/container-linux/kubernetes/network.tf b/digital-ocean/container-linux/kubernetes/network.tf index b0ce7e8b..fc257a03 100644 --- a/digital-ocean/container-linux/kubernetes/network.tf +++ b/digital-ocean/container-linux/kubernetes/network.tf @@ -22,12 +22,12 @@ resource "digitalocean_firewall" "rules" { }, { protocol = "udp" - port_range = "all" + port_range = "1-65535" source_tags = ["${digitalocean_tag.controllers.name}", "${digitalocean_tag.workers.name}"] }, { protocol = "tcp" - port_range = "all" + port_range = "1-65535" source_tags = ["${digitalocean_tag.controllers.name}", "${digitalocean_tag.workers.name}"] }, ] @@ -35,17 +35,18 @@ resource "digitalocean_firewall" "rules" { # allow all outbound traffic outbound_rule = [ { - protocol = "icmp" + protocol = "tcp" + port_range = "1-65535" destination_addresses = ["0.0.0.0/0", "::/0"] }, { protocol = "udp" - port_range = "all" + port_range = "1-65535" destination_addresses = ["0.0.0.0/0", "::/0"] }, { - protocol = "tcp" - port_range = "all" + protocol = "icmp" + port_range = "1-65535" destination_addresses = ["0.0.0.0/0", "::/0"] }, ]