feat: extra_configs variable to override helm_release attributes

feat: added output variables for addons fix: default value file was being created after every terraform apply fix: added dependency in between kiali and istio-ingress fix: tf-lint warnings
clouddrove · Aug 22, 2023 · 1f1c84e · 1f1c84e
1 parent 1d61304
commit 1f1c84e
Show file tree

Hide file tree

Showing 22 changed files with 42 additions and 83 deletions.
diff --git a/_examples/basic/locals.tf b/_examples/basic/locals.tf
@@ -1,16 +1,18 @@
 
 locals {
 
-  name   = "tf-helm-addons"
-  region = "us-east-1"
+  name        = "tf-helm-addons"
+  environment = "test"
+  region      = "us-east-1"
 
   vpc_cidr = "10.0.0.0/16"
   azs      = slice(data.aws_availability_zones.available.names, 0, 3)
 
   tags = {
-    Example    = local.name
-    GithubRepo = "terraform-helm-eks-addons"
-    GithubOrg  = "clouddrove"
+    Name        = local.name
+    Environment = local.environment
+    GithubRepo  = "terraform-helm-eks-addons"
+    GithubOrg   = "clouddrove"
   }
   cluster_version = "1.26"
 }
diff --git a/_examples/basic/variables.tf b/_examples/basic/variables.tf
@@ -9,18 +9,15 @@ variable "region" {
 }
 
 variable "cluster_endpoint_public_access" {
-  type    = bool
-  default = true
+  type        = bool
+  default     = true
+  description = "Indicates whether or not the Amazon EKS public API server endpoint is enabled"
 }
 
 variable "cluster_endpoint_private_access" {
-  type    = bool
-  default = true
-}
-
-variable "iam_role_use_name_prefix" {
-  type    = string
-  default = "terraform-helm-eks-addons"
+  type        = bool
+  default     = true
+  description = "Indicates whether or not the Amazon EKS private API server endpoint is enabled"
 }
 
 variable "token" {
@@ -37,6 +34,7 @@ variable "istio_manifests" {
     istio_ingress_manifest_file_path = "./config/istio/ingress.yaml"
     istio_gateway_manifest_file_path = "./config/istio/gateway.yaml"
   }
+  description = "Path to yaml manifests to create Ingress and Gateway with specified host"
 }
 
 variable "kiali_manifests" {
@@ -46,9 +44,9 @@ variable "kiali_manifests" {
   default = {
     kiali_virtualservice_file_path = "./config/kiali/kiali_vs.yaml"
   }
+  description = "Path to VirtualService manifest for kiali-dashboard"
 }
 
-#--------------EXTERNAL SECRET---------------
 variable "externalsecrets_manifests" {
   type = object({
     secret_store_manifest_file_path     = string
@@ -60,10 +58,5 @@ variable "externalsecrets_manifests" {
     external_secrets_manifest_file_path = "./config/external-secret/external-secret.yaml"
     secret_manager_name                 = "external_secrets"
   }
-}
-
-#--------------INGRESS NGINX------------
-variable "nginx_ingress_extra_configs" {
-  type    = any
-  default = {}
+  description = "yaml manifest file path to create ExternalSecret, SecretStore and custome SecretManger name"
 }
diff --git a/_examples/complete/config/external-secret/external-secret.yaml b/_examples/complete/config/external-secret/external-secret.yaml
@@ -14,5 +14,5 @@ spec:
   data:
   - secretKey: do_not_delete_this_key        # -- AWS Secret-Manager secret key
     remoteRef:
-      key: external_secrets-test6                  # -- Same as 'externalsecrets_manifest["secret_manager_name"]
+      key: external_secrets                  # -- Same as 'externalsecrets_manifest["secret_manager_name"]
       property: do_not_delete_this_key       # -- AWS Secret-Manager secret key
diff --git a/_examples/complete/locals.tf b/_examples/complete/locals.tf
@@ -1,17 +1,18 @@
 
 locals {
 
-  # name   = "tf-helm-eks-addons"
-  name   = "es-addon-test6"
-  region = "us-east-1"
+  name        = "tf-helm-eks-addons"
+  environment = "test"
+  region      = "us-east-1"
 
   vpc_cidr = "10.0.0.0/16"
   azs      = slice(data.aws_availability_zones.available.names, 0, 3)
 
   tags = {
-    Example    = local.name
-    GithubRepo = "terraform-helm-eks-addons"
-    GithubOrg  = "clouddrove"
+    Name        = local.name
+    Environment = local.environment
+    GithubRepo  = "terraform-helm-eks-addons"
+    GithubOrg   = "clouddrove"
   }
   cluster_version = "1.26"
 }
diff --git a/_examples/complete/variables.tf b/_examples/complete/variables.tf
@@ -66,7 +66,7 @@ variable "externalsecrets_manifests" {
   default = {
     secret_store_manifest_file_path     = "./config/external-secret/secret-store.yaml"
     external_secrets_manifest_file_path = "./config/external-secret/external-secret.yaml"
-    secret_manager_name                 = "external_secrets-test6"
+    secret_manager_name                 = "external_secrets"
   }
 }
 

diff --git a/addons/aws-ebs-csi-driver/locals.tf b/addons/aws-ebs-csi-driver/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.aws_ebs_csi_driver_extra_configs.chart, local.name)
     repository                 = try(var.aws_ebs_csi_driver_extra_configs.repository, "https://kubernetes-sigs.github.io/aws-ebs-csi-driver")
     version                    = try(var.aws_ebs_csi_driver_extra_configs.version, "2.20.0")
     namespace                  = try(var.aws_ebs_csi_driver_extra_configs.namespace, "kube-system")

diff --git a/addons/aws-efs-csi-driver/locals.tf b/addons/aws-efs-csi-driver/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.aws_efs_csi_driver_extra_configs.chart, local.name)
     repository                 = try(var.aws_efs_csi_driver_extra_configs.repository, "https://kubernetes-sigs.github.io/aws-efs-csi-driver/")
     version                    = try(var.aws_efs_csi_driver_extra_configs.version, "2.4.4")
     namespace                  = try(var.aws_efs_csi_driver_extra_configs.namespace, "kube-system")

diff --git a/addons/aws-load-balancer-controller/locals.tf b/addons/aws-load-balancer-controller/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.aws_load_balancer_controller_extra_configs.chart, local.name)
     repository                 = try(var.aws_load_balancer_controller_extra_configs.repository, "https://aws.github.io/eks-charts")
     version                    = try(var.aws_load_balancer_controller_extra_configs.version, "1.5.3")
     namespace                  = try(var.aws_load_balancer_controller_extra_configs.namespace, "kube-system")

diff --git a/addons/aws-node-termination-handler/locals.tf b/addons/aws-node-termination-handler/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.aws_node_termination_handler_extra_configs.chart, local.name)
     repository                 = try(var.aws_node_termination_handler_extra_configs.repository, "https://aws.github.io/eks-charts/")
     version                    = try(var.aws_node_termination_handler_extra_configs.version, "0.21.0")
     namespace                  = try(var.aws_node_termination_handler_extra_configs.namespace, "kube-system")

diff --git a/addons/calico-tigera/locals.tf b/addons/calico-tigera/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.calico_tigera_extra_configs.chart, local.name)
     repository                 = try(var.calico_tigera_extra_configs.repository, "https://docs.tigera.io/calico/charts")
     version                    = try(var.calico_tigera_extra_configs.version, "v3.26.1")
     namespace                  = try(var.calico_tigera_extra_configs.namespace, "calico-system")

diff --git a/addons/cluster-autoscaler/locals.tf b/addons/cluster-autoscaler/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.cluster_autoscaler_extra_configs.chart, local.name)
     repository                 = try(var.cluster_autoscaler_extra_configs.repository, "https://kubernetes.github.io/autoscaler")
     version                    = try(var.cluster_autoscaler_extra_configs.version, "9.29.0")
     namespace                  = try(var.cluster_autoscaler_extra_configs.namespace, "kube-system")

diff --git a/addons/external-secrets/locals.tf b/addons/external-secrets/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.external_secrets_extra_configs.chart, local.name)
     repository                 = try(var.external_secrets_extra_configs.repository, "https://charts.external-secrets.io/")
     version                    = try(var.external_secrets_extra_configs.version, "0.9.2")
     namespace                  = try(var.external_secrets_extra_configs.namespace, "kube-system")

diff --git a/addons/ingress-nginx/README.md b/addons/ingress-nginx/README.md
@@ -12,7 +12,7 @@ user can change this behaviour according to their need. They just have to change
 - if user wants to change `namespace`, `chart version`, `timeout`, `atomic`  and other helm artributes, A complete list of artributes is also given here [here](https://github.com/clouddrove/terraform-aws-eks-addons/blob/master/addons/helm/main.tf#L3-L32). then they can change this in `/_example/complate/variable.tf` at 
 ```bash
 #--------------INGRESS NGINX------------
-variable "nginx_ingress_extra_configs" {
+variable "ingress_nginx_extra_configs" {
   type = any
   default = {}
 }
@@ -25,7 +25,7 @@ module "addons" {
   eks_cluster_name = module.eks.cluster_name
 
    ingress_nginx                  = true
-   nginx_ingress_extra_configs    = var.nginx_ingress_extra_configs
+   ingress_nginx_extra_configs    = var.ingress_nginx_extra_configs
    ingress_nginx_helm_config      = { values = ["${file("./config/override-ingress-nginx.yaml")}"] }
 }
 ```
@@ -38,5 +38,5 @@ module "addons" {
 | eks_cluster_name | Name of Kubernetes Cluster in which you want to install Ingress Nginx |  | Yes |
 | ingress_nginx | To install  Ingress-Nginx helmchart set this to true | false | Yes |
 | ingress_nginx_helm_config | Provide path to override-values.yaml of ingress_nginx | { values = ["${file("./config/override-ingress-nginx.yaml")}"] } | No |
-| nginx_ingress_extra_configs | To override additional helm artributes like `namespace`, `version` and other artributes |   | No |
+| ingress_nginx_extra_configs | To override additional helm artributes like `namespace`, `version` and other artributes |   | No |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/addons/ingress-nginx/locals.tf b/addons/ingress-nginx/locals.tf
@@ -3,8 +3,8 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
-    repository                 = "https://kubernetes.github.io/ingress-nginx"
+    chart                      = try(var.ingress_nginx_extra_configs.chart, local.name)
+    repository                 = try(var.ingress_nginx_extra_configs.repository, "https://kubernetes.github.io/ingress-nginx")
     version                    = try(var.ingress_nginx_extra_configs.version, "4.6.1")
     namespace                  = try(var.ingress_nginx_extra_configs.namespace, "kube-system")
     description                = "Nginx Ingress helm Chart deployment configuration"

diff --git a/addons/istio-ingress/locals.tf b/addons/istio-ingress/locals.tf
@@ -21,12 +21,6 @@ locals {
     }
   }
 
-  # istio_ingress = {
-  #   helm_config = merge(
-  #     var.istio_ingress_default_helm_config,
-  #     var.helm_config
-  #   )
-  # }
   default_helm_config = {
     name        = "istio-ingressgateway"
     chart       = "gateway"

diff --git a/addons/istio-ingress/outputs.tf b/addons/istio-ingress/outputs.tf
@@ -1,15 +1,3 @@
-# output "namespace" {
-#   value = var.istio_ingress_default_helm_config.namespace
-# }
-
-# output "chart_version" {
-#   value = var.istio_ingress_default_helm_config.version
-# }
-
-# output "repository" {
-#   value = var.istio_ingress_default_helm_config.repository
-# }
-
 output "namespace" {
   value = local.default_helm_config.namespace
 }

diff --git a/addons/istio-ingress/variables.tf b/addons/istio-ingress/variables.tf
@@ -52,25 +52,6 @@ variable "istio_manifests" {
   })
 }
 
-# variable "istio_ingress_default_helm_config" {
-#   type = object({
-#     name        = string
-#     chart       = string
-#     repository  = string
-#     version     = string
-#     namespace   = string
-#     description = string
-#   })
-#   default = {
-#     name        = "istio-ingressgateway"
-#     chart       = "gateway"
-#     repository  = "https://istio-release.storage.googleapis.com/charts"
-#     version     = "1.18.0"
-#     namespace   = "istio-system"
-#     description = "Istio Ingress helm Chart deployment configuration"
-#   }
-# }
-
 variable "istio_ingress_extra_configs" {
   description = "Override attributes of helm_release terraform resource"
   type        = any

diff --git a/addons/karpenter/locals.tf b/addons/karpenter/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.karpenter_extra_configs.chart, local.name)
     repository                 = try(var.karpenter_extra_configs.repository, "https://charts.karpenter.sh/")
     version                    = try(var.karpenter_extra_configs.version, "0.16.3")
     namespace                  = try(var.karpenter_extra_configs.namespace, "kube-system")

diff --git a/addons/kiali-server/locals.tf b/addons/kiali-server/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.kiali_server_extra_configs.chart, local.name)
     repository                 = try(var.kiali_server_extra_configs.repository, "https://kiali.org/helm-charts")
     version                    = try(var.kiali_server_extra_configs.version, "1.71.0")
     namespace                  = try(var.kiali_server_extra_configs.namespace, "istio-system")

diff --git a/addons/kubeclarity/locals.tf b/addons/kubeclarity/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.kubeclarity_extra_configs.chart, local.name)
     repository                 = try(var.kubeclarity_extra_configs.repository, "https://openclarity.github.io/kubeclarity")
     version                    = try(var.kubeclarity_extra_configs.version, "v2.19.0")
     namespace                  = try(var.kubeclarity_extra_configs.namespace, "kubeclarity")

diff --git a/addons/metrics-server/locals.tf b/addons/metrics-server/locals.tf
@@ -3,7 +3,7 @@ locals {
 
   default_helm_config = {
     name                       = local.name
-    chart                      = local.name
+    chart                      = try(var.metrics_server_extra_configs.chart, local.name)
     repository                 = try(var.metrics_server_extra_configs.repository, "https://kubernetes-sigs.github.io/metrics-server/")
     version                    = try(var.metrics_server_extra_configs.version, "3.8.2")
     namespace                  = try(var.metrics_server_extra_configs.namespace, "kube-system")

diff --git a/modules/irsa/main.tf b/modules/irsa/main.tf
@@ -35,7 +35,7 @@ resource "kubernetes_service_account_v1" "irsa" {
 resource "aws_iam_role" "irsa" {
   count = var.irsa_iam_policies != null ? 1 : 0
 
-  name        = var.irsa_iam_role_name
+  name        = try(var.irsa_iam_role_name, "${var.kubernetes_service_account}-iam-role")
   description = "AWS IAM Role for the Kubernetes service account ${var.kubernetes_service_account}."
   assume_role_policy = jsonencode({
     "Version" : "2012-10-17",