通过terraform导入yaml/json文件时。在不硬编码的情况下关联操作时,是否有引用operation_id ?
我认为没有合适的解决方案。我可以解码yaml文件,我仍然需要通过键/索引引用数组。如果我使用查找或循环数组,我也可以将策略添加到所有api级别,唯一的好处是我可以只针对get;相似. .https://github.com/mikamakusa/terraform/blob/a6959c416104264e828281600bce1ac95e19629c/modules/Azure/APIManagement/api_operation/main.tf
我是否可以创建一个文件夹,其中包含包含xml的文件,以文件名作为操作id和xml,然后我可以遍历创建操作策略的文件
resource "azurerm_api_management_api" "api" {
name = local.api_name
resource_group_name = var.resource_group_name
api_management_name = var.api_management_name
revision = "1"
service_url = "https://www.google.com"
path = "terraform/test"
subscription_required = true
version_set_id = data.azurerm_api_management_api_version_set.api_version_set.id
protocols = ["https"]
import {
content_format = "openapi"
content_value = file("${path.module}/demoapi.yaml")
}
}
# unfortunately have to reference the import operations
module "demooperationpolicy" {
source = "../../apioperationpolicies/demopolicy"
api_name = azurerm_api_management_api.api.name
api_management_name = var.api_management_name
resource_group_name = var.resource_group_name
api_operation_id = **"user-get"**
}
openapi: 3.0.1
info:
title: Demo-Terraform v1.0
description: ''
version: v1.0
servers:
- url: 'https://gateway-dev.apis.uniper.energy/terraform/test/v1.0'
paths:
/value:
get:
summary: Get User Operation
description: Get User Operation
operationId: user-get
responses:
'200':
description: value
post:
summary: Post User Operation
description: Post User Operation
operationId: user-post
responses:
'200':
description: value
delete:
summary: Delete User Operation
description: Delete User Operation
operationId: user-delete
responses:
'200':
description: value
components:
securitySchemes:
apiKeyHeader:
type: apiKey
name: Ocp-Apim-Subscription-Key
in: header
apiKeyQuery:
type: apiKey
name: >-
MUST-NOT-BE-USED-DUE-TO-SECURITY-RISK-CHANGES-TO-BE-AUDITED-8b9e9ebb68f24225
in: query
security:
- apiKeyHeader: []
- apiKeyQuery: []
我采用了以下解决方案,使用操作id作为名称的xml文件,请让我知道是否有更好的解决方案或任何改进此过程的方法
操作策略模块
variable "api_name" {}
variable "api_management_name" {}
variable "resource_group_name" {}
#variable "api_operation_id" {}
resource "azurerm_api_management_api_operation_policy" "policy" {
for_each = fileset(path.module, "/*.xml")
api_name = var.api_name
api_management_name = var.api_management_name
resource_group_name = var.resource_group_name
# operation_id = var.api_operation_id
operation_id = split(".",each.value)[0]
# this could come from a file
xml_content = file("${path.module}/${each.value}")
# xml_content = <<XML
# <policies>
# <inbound>
# <find-and-replace from="xyz" to="abc" />
# </inbound>
# </policies>
# XML
}
模板文件,例如user-post.xml和user-get.xml
<policies>
<inbound>
<find-and-replace from="rst" to="ghi" />
</inbound>
</policies>