Skip to content

feat: separate external public/private subnet ids #43

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: separate external public/private subnet ids #43

wants to merge 1 commit into from

Conversation

@jochem725
Copy link

@jochem725 jochem725 commented Oct 24, 2025
edited by coderabbitai bot
Loading

what

  • Separate the subnet id parameter into public and private subnet ids

why

  • In order to spawn both public and private workers when the networking_stack is set to external we need to pass both private and public subnets. A single parameter makes this difficult with atmos; this fix allows easier specification.
  • More recent versions of runs-on split the subnets as well (https://runs-on.com/configuration/stack-config/#externalvpcpublicsubnetids)

references

Summary by CodeRabbit

  • New Features
    • Subnet configuration now requires separate public and private subnet parameters instead of a combined list.

@coderabbitai
Copy link

coderabbitai bot commented Oct 24, 2025
edited
Loading

Walkthrough

The pull request refactors subnet handling in a Terraform module by splitting a single subnet_ids variable into two distinct variables: public_subnet_ids and private_subnet_ids. The main configuration now concatenates these subnets and passes them through a remapped parameter structure.

Changes

Cohort / File(s) Summary
Variable Restructuring
src/variables.tf		 Replaced single subnet_ids variable with two new variables: public_subnet_ids (nullable, default null) and private_subnet_ids (nullable, default null), both of type list(string)
Local and Parameter Wiring
src/main.tf		 Modified subnet_ids local to concatenate public and private subnets; added external_vpc_subnet_ids local that maps concatenated subnets to an "ExternalVpcSubnetIds" key; updated parameter merge to pass external_vpc_subnet_ids instead of subnet_ids

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested labels

major

Suggested reviewers

  • Benbentwo
  • milldr

Poem

🐰 Two subnets emerge where one stood before,
Public paths and private doors,
Concatenated flows through new parameter gates—
Infrastructure splits, coordination awaits! 🌐

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The pull request title "feat: separate external public/private subnet ids" directly and accurately describes the primary change in the changeset. The modifications across both src/variables.tf and src/main.tf involve refactoring the single subnet_ids parameter into two distinct parameters: public_subnet_ids and private_subnet_ids. The title is specific, concise (49 characters, 6 words), and clearly communicates the core intent without vague terminology or noise. It aligns with the PR objectives and enables reviewers to quickly understand the main change.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mergify mergify bot requested review from a team October 24, 2025 08:51
@mergify
Copy link

mergify bot commented Oct 24, 2025

Important

Do not edit the README.md directly. It's auto-generated from the README.yaml

Please update the README.yaml file instead.

Could you fix it @jochem725? 🙏

@mergify mergify bot added the triage Needs triage label Oct 24, 2025
@jochem725 jochem725 force-pushed the feature/allow-specifying-external-public-private-subnet-ids branch from dca5aa5 to e985555 Compare October 24, 2025 09:06
@mergify mergify bot added the needs-test Needs testing label Oct 24, 2025
coderabbitai[bot]
coderabbitai bot reviewed Oct 24, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
src/main.tf (1)

74-75: Fix typo in comment.

Line 74 contains a typo: "batties included" should likely be "batteries included" or possibly another phrase. Please correct.

src/variables.tf (1)

59-71: Enhance variable descriptions with context about networking_stack dependency.

The variable descriptions are minimal and don't explain the relationship to networking_stack or when these variables should be used. Consider enriching the descriptions to clarify:

  1. These are only applicable when networking_stack = "external"
  2. Whether one, both, or neither can be specified
  3. The purpose of splitting into public vs. private (allows spawning workers in different subnet types)

Example enhancement:

variable "public_subnet_ids" {
  type        = list(string)
  description = "Public subnet IDs for external VPC networking stack. Used when networking_stack is set to 'external' to spawn public workers. Leave null when using embedded networking."
  nullable    = true
  default     = null
}

variable "private_subnet_ids" {
  type        = list(string)
  description = "Private subnet IDs for external VPC networking stack. Used when networking_stack is set to 'external' to spawn private workers. Leave null when using embedded networking."
  nullable    = true
  default     = null
}
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dca5aa5 and e985555.

📒 Files selected for processing (2)
  • src/main.tf (3 hunks)
  • src/variables.tf (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Summary
🔇 Additional comments (2)
src/main.tf (1)

6-7: Verify subnet concatenation order aligns with runs-on expectations.

The code concatenates public subnets first, then private subnets. Confirm this ordering is intentional and expected by the runs-on template, particularly if the template has specific expectations about subnet positioning or purpose.

src/variables.tf (1)

59-71: Verify validation strategy for external networking requirements.

The PR objectives mention allowing users to spawn both public and private workers, but there's currently no validation to:

  1. Require at least one subnet when networking_stack = "external"
  2. Prevent users from specifying subnets when using networking_stack = "embedded" (though harmless, it could be confusing)

Confirm whether validation should be added to catch configuration errors earlier (at Terraform plan time) rather than at CloudFormation deployment time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

needs-test Needs testing triage Needs triage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jochem725