From 1f1c84e2c36413c9722bba5deda6d667b5dc84e2 Mon Sep 17 00:00:00 2001 From: Himanshu Ahirwar Date: Wed, 23 Aug 2023 00:31:22 +0530 Subject: [PATCH] feat: extra_configs variable to override helm_release attributes feat: added output variables for addons fix: default value file was being created after every terraform apply fix: added dependency in between kiali and istio-ingress fix: tf-lint warnings --- _examples/basic/locals.tf | 12 +++++---- _examples/basic/variables.tf | 25 +++++++------------ .../external-secret/external-secret.yaml | 2 +- _examples/complete/locals.tf | 13 +++++----- _examples/complete/variables.tf | 2 +- addons/aws-ebs-csi-driver/locals.tf | 2 +- addons/aws-efs-csi-driver/locals.tf | 2 +- addons/aws-load-balancer-controller/locals.tf | 2 +- addons/aws-node-termination-handler/locals.tf | 2 +- addons/calico-tigera/locals.tf | 2 +- addons/cluster-autoscaler/locals.tf | 2 +- addons/external-secrets/locals.tf | 2 +- addons/ingress-nginx/README.md | 6 ++--- addons/ingress-nginx/locals.tf | 4 +-- addons/istio-ingress/locals.tf | 6 ----- addons/istio-ingress/outputs.tf | 12 --------- addons/istio-ingress/variables.tf | 19 -------------- addons/karpenter/locals.tf | 2 +- addons/kiali-server/locals.tf | 2 +- addons/kubeclarity/locals.tf | 2 +- addons/metrics-server/locals.tf | 2 +- modules/irsa/main.tf | 2 +- 22 files changed, 42 insertions(+), 83 deletions(-) diff --git a/_examples/basic/locals.tf b/_examples/basic/locals.tf index 3026326..69d025d 100644 --- a/_examples/basic/locals.tf +++ b/_examples/basic/locals.tf @@ -1,16 +1,18 @@ locals { - name = "tf-helm-addons" - region = "us-east-1" + name = "tf-helm-addons" + environment = "test" + region = "us-east-1" vpc_cidr = "10.0.0.0/16" azs = slice(data.aws_availability_zones.available.names, 0, 3) tags = { - Example = local.name - GithubRepo = "terraform-helm-eks-addons" - GithubOrg = "clouddrove" + Name = local.name + Environment = local.environment + GithubRepo = "terraform-helm-eks-addons" + GithubOrg = "clouddrove" } cluster_version = "1.26" } \ No newline at end of file diff --git a/_examples/basic/variables.tf b/_examples/basic/variables.tf index 694b9ce..495d4c9 100644 --- a/_examples/basic/variables.tf +++ b/_examples/basic/variables.tf @@ -9,18 +9,15 @@ variable "region" { } variable "cluster_endpoint_public_access" { - type = bool - default = true + type = bool + default = true + description = "Indicates whether or not the Amazon EKS public API server endpoint is enabled" } variable "cluster_endpoint_private_access" { - type = bool - default = true -} - -variable "iam_role_use_name_prefix" { - type = string - default = "terraform-helm-eks-addons" + type = bool + default = true + description = "Indicates whether or not the Amazon EKS private API server endpoint is enabled" } variable "token" { @@ -37,6 +34,7 @@ variable "istio_manifests" { istio_ingress_manifest_file_path = "./config/istio/ingress.yaml" istio_gateway_manifest_file_path = "./config/istio/gateway.yaml" } + description = "Path to yaml manifests to create Ingress and Gateway with specified host" } variable "kiali_manifests" { @@ -46,9 +44,9 @@ variable "kiali_manifests" { default = { kiali_virtualservice_file_path = "./config/kiali/kiali_vs.yaml" } + description = "Path to VirtualService manifest for kiali-dashboard" } -#--------------EXTERNAL SECRET--------------- variable "externalsecrets_manifests" { type = object({ secret_store_manifest_file_path = string @@ -60,10 +58,5 @@ variable "externalsecrets_manifests" { external_secrets_manifest_file_path = "./config/external-secret/external-secret.yaml" secret_manager_name = "external_secrets" } -} - -#--------------INGRESS NGINX------------ -variable "nginx_ingress_extra_configs" { - type = any - default = {} + description = "yaml manifest file path to create ExternalSecret, SecretStore and custome SecretManger name" } \ No newline at end of file diff --git a/_examples/complete/config/external-secret/external-secret.yaml b/_examples/complete/config/external-secret/external-secret.yaml index e3b657c..a614a1f 100644 --- a/_examples/complete/config/external-secret/external-secret.yaml +++ b/_examples/complete/config/external-secret/external-secret.yaml @@ -14,5 +14,5 @@ spec: data: - secretKey: do_not_delete_this_key # -- AWS Secret-Manager secret key remoteRef: - key: external_secrets-test6 # -- Same as 'externalsecrets_manifest["secret_manager_name"] + key: external_secrets # -- Same as 'externalsecrets_manifest["secret_manager_name"] property: do_not_delete_this_key # -- AWS Secret-Manager secret key \ No newline at end of file diff --git a/_examples/complete/locals.tf b/_examples/complete/locals.tf index e8ec9fb..ee4896d 100644 --- a/_examples/complete/locals.tf +++ b/_examples/complete/locals.tf @@ -1,17 +1,18 @@ locals { - # name = "tf-helm-eks-addons" - name = "es-addon-test6" - region = "us-east-1" + name = "tf-helm-eks-addons" + environment = "test" + region = "us-east-1" vpc_cidr = "10.0.0.0/16" azs = slice(data.aws_availability_zones.available.names, 0, 3) tags = { - Example = local.name - GithubRepo = "terraform-helm-eks-addons" - GithubOrg = "clouddrove" + Name = local.name + Environment = local.environment + GithubRepo = "terraform-helm-eks-addons" + GithubOrg = "clouddrove" } cluster_version = "1.26" } \ No newline at end of file diff --git a/_examples/complete/variables.tf b/_examples/complete/variables.tf index 5cff239..a691fc1 100644 --- a/_examples/complete/variables.tf +++ b/_examples/complete/variables.tf @@ -66,7 +66,7 @@ variable "externalsecrets_manifests" { default = { secret_store_manifest_file_path = "./config/external-secret/secret-store.yaml" external_secrets_manifest_file_path = "./config/external-secret/external-secret.yaml" - secret_manager_name = "external_secrets-test6" + secret_manager_name = "external_secrets" } } diff --git a/addons/aws-ebs-csi-driver/locals.tf b/addons/aws-ebs-csi-driver/locals.tf index cc7a120..2f5aa4e 100644 --- a/addons/aws-ebs-csi-driver/locals.tf +++ b/addons/aws-ebs-csi-driver/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.aws_ebs_csi_driver_extra_configs.chart, local.name) repository = try(var.aws_ebs_csi_driver_extra_configs.repository, "https://kubernetes-sigs.github.io/aws-ebs-csi-driver") version = try(var.aws_ebs_csi_driver_extra_configs.version, "2.20.0") namespace = try(var.aws_ebs_csi_driver_extra_configs.namespace, "kube-system") diff --git a/addons/aws-efs-csi-driver/locals.tf b/addons/aws-efs-csi-driver/locals.tf index cac7d80..b023ba3 100644 --- a/addons/aws-efs-csi-driver/locals.tf +++ b/addons/aws-efs-csi-driver/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.aws_efs_csi_driver_extra_configs.chart, local.name) repository = try(var.aws_efs_csi_driver_extra_configs.repository, "https://kubernetes-sigs.github.io/aws-efs-csi-driver/") version = try(var.aws_efs_csi_driver_extra_configs.version, "2.4.4") namespace = try(var.aws_efs_csi_driver_extra_configs.namespace, "kube-system") diff --git a/addons/aws-load-balancer-controller/locals.tf b/addons/aws-load-balancer-controller/locals.tf index c158049..5a0a551 100644 --- a/addons/aws-load-balancer-controller/locals.tf +++ b/addons/aws-load-balancer-controller/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.aws_load_balancer_controller_extra_configs.chart, local.name) repository = try(var.aws_load_balancer_controller_extra_configs.repository, "https://aws.github.io/eks-charts") version = try(var.aws_load_balancer_controller_extra_configs.version, "1.5.3") namespace = try(var.aws_load_balancer_controller_extra_configs.namespace, "kube-system") diff --git a/addons/aws-node-termination-handler/locals.tf b/addons/aws-node-termination-handler/locals.tf index c3f5ae3..99df1b9 100644 --- a/addons/aws-node-termination-handler/locals.tf +++ b/addons/aws-node-termination-handler/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.aws_node_termination_handler_extra_configs.chart, local.name) repository = try(var.aws_node_termination_handler_extra_configs.repository, "https://aws.github.io/eks-charts/") version = try(var.aws_node_termination_handler_extra_configs.version, "0.21.0") namespace = try(var.aws_node_termination_handler_extra_configs.namespace, "kube-system") diff --git a/addons/calico-tigera/locals.tf b/addons/calico-tigera/locals.tf index f082d77..12ecf17 100644 --- a/addons/calico-tigera/locals.tf +++ b/addons/calico-tigera/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.calico_tigera_extra_configs.chart, local.name) repository = try(var.calico_tigera_extra_configs.repository, "https://docs.tigera.io/calico/charts") version = try(var.calico_tigera_extra_configs.version, "v3.26.1") namespace = try(var.calico_tigera_extra_configs.namespace, "calico-system") diff --git a/addons/cluster-autoscaler/locals.tf b/addons/cluster-autoscaler/locals.tf index b9c49da..01c491c 100644 --- a/addons/cluster-autoscaler/locals.tf +++ b/addons/cluster-autoscaler/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.cluster_autoscaler_extra_configs.chart, local.name) repository = try(var.cluster_autoscaler_extra_configs.repository, "https://kubernetes.github.io/autoscaler") version = try(var.cluster_autoscaler_extra_configs.version, "9.29.0") namespace = try(var.cluster_autoscaler_extra_configs.namespace, "kube-system") diff --git a/addons/external-secrets/locals.tf b/addons/external-secrets/locals.tf index b7dd1d2..94e3083 100644 --- a/addons/external-secrets/locals.tf +++ b/addons/external-secrets/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.external_secrets_extra_configs.chart, local.name) repository = try(var.external_secrets_extra_configs.repository, "https://charts.external-secrets.io/") version = try(var.external_secrets_extra_configs.version, "0.9.2") namespace = try(var.external_secrets_extra_configs.namespace, "kube-system") diff --git a/addons/ingress-nginx/README.md b/addons/ingress-nginx/README.md index 95c9adf..5a46095 100644 --- a/addons/ingress-nginx/README.md +++ b/addons/ingress-nginx/README.md @@ -12,7 +12,7 @@ user can change this behaviour according to their need. They just have to change - if user wants to change `namespace`, `chart version`, `timeout`, `atomic` and other helm artributes, A complete list of artributes is also given here [here](https://github.com/clouddrove/terraform-aws-eks-addons/blob/master/addons/helm/main.tf#L3-L32). then they can change this in `/_example/complate/variable.tf` at ```bash #--------------INGRESS NGINX------------ -variable "nginx_ingress_extra_configs" { +variable "ingress_nginx_extra_configs" { type = any default = {} } @@ -25,7 +25,7 @@ module "addons" { eks_cluster_name = module.eks.cluster_name ingress_nginx = true - nginx_ingress_extra_configs = var.nginx_ingress_extra_configs + ingress_nginx_extra_configs = var.ingress_nginx_extra_configs ingress_nginx_helm_config = { values = ["${file("./config/override-ingress-nginx.yaml")}"] } } ``` @@ -38,5 +38,5 @@ module "addons" { | eks_cluster_name | Name of Kubernetes Cluster in which you want to install Ingress Nginx | | Yes | | ingress_nginx | To install Ingress-Nginx helmchart set this to true | false | Yes | | ingress_nginx_helm_config | Provide path to override-values.yaml of ingress_nginx | { values = ["${file("./config/override-ingress-nginx.yaml")}"] } | No | -| nginx_ingress_extra_configs | To override additional helm artributes like `namespace`, `version` and other artributes | | No | +| ingress_nginx_extra_configs | To override additional helm artributes like `namespace`, `version` and other artributes | | No | diff --git a/addons/ingress-nginx/locals.tf b/addons/ingress-nginx/locals.tf index 5266237..ca62ca1 100644 --- a/addons/ingress-nginx/locals.tf +++ b/addons/ingress-nginx/locals.tf @@ -3,8 +3,8 @@ locals { default_helm_config = { name = local.name - chart = local.name - repository = "https://kubernetes.github.io/ingress-nginx" + chart = try(var.ingress_nginx_extra_configs.chart, local.name) + repository = try(var.ingress_nginx_extra_configs.repository, "https://kubernetes.github.io/ingress-nginx") version = try(var.ingress_nginx_extra_configs.version, "4.6.1") namespace = try(var.ingress_nginx_extra_configs.namespace, "kube-system") description = "Nginx Ingress helm Chart deployment configuration" diff --git a/addons/istio-ingress/locals.tf b/addons/istio-ingress/locals.tf index 83b0747..c917bc3 100644 --- a/addons/istio-ingress/locals.tf +++ b/addons/istio-ingress/locals.tf @@ -21,12 +21,6 @@ locals { } } - # istio_ingress = { - # helm_config = merge( - # var.istio_ingress_default_helm_config, - # var.helm_config - # ) - # } default_helm_config = { name = "istio-ingressgateway" chart = "gateway" diff --git a/addons/istio-ingress/outputs.tf b/addons/istio-ingress/outputs.tf index 007f629..a3832b1 100644 --- a/addons/istio-ingress/outputs.tf +++ b/addons/istio-ingress/outputs.tf @@ -1,15 +1,3 @@ -# output "namespace" { -# value = var.istio_ingress_default_helm_config.namespace -# } - -# output "chart_version" { -# value = var.istio_ingress_default_helm_config.version -# } - -# output "repository" { -# value = var.istio_ingress_default_helm_config.repository -# } - output "namespace" { value = local.default_helm_config.namespace } diff --git a/addons/istio-ingress/variables.tf b/addons/istio-ingress/variables.tf index cc274bb..ea18388 100644 --- a/addons/istio-ingress/variables.tf +++ b/addons/istio-ingress/variables.tf @@ -52,25 +52,6 @@ variable "istio_manifests" { }) } -# variable "istio_ingress_default_helm_config" { -# type = object({ -# name = string -# chart = string -# repository = string -# version = string -# namespace = string -# description = string -# }) -# default = { -# name = "istio-ingressgateway" -# chart = "gateway" -# repository = "https://istio-release.storage.googleapis.com/charts" -# version = "1.18.0" -# namespace = "istio-system" -# description = "Istio Ingress helm Chart deployment configuration" -# } -# } - variable "istio_ingress_extra_configs" { description = "Override attributes of helm_release terraform resource" type = any diff --git a/addons/karpenter/locals.tf b/addons/karpenter/locals.tf index 308e7ff..0b1047e 100644 --- a/addons/karpenter/locals.tf +++ b/addons/karpenter/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.karpenter_extra_configs.chart, local.name) repository = try(var.karpenter_extra_configs.repository, "https://charts.karpenter.sh/") version = try(var.karpenter_extra_configs.version, "0.16.3") namespace = try(var.karpenter_extra_configs.namespace, "kube-system") diff --git a/addons/kiali-server/locals.tf b/addons/kiali-server/locals.tf index 32f8977..c3e77a1 100644 --- a/addons/kiali-server/locals.tf +++ b/addons/kiali-server/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.kiali_server_extra_configs.chart, local.name) repository = try(var.kiali_server_extra_configs.repository, "https://kiali.org/helm-charts") version = try(var.kiali_server_extra_configs.version, "1.71.0") namespace = try(var.kiali_server_extra_configs.namespace, "istio-system") diff --git a/addons/kubeclarity/locals.tf b/addons/kubeclarity/locals.tf index a0d0d21..3c3594a 100644 --- a/addons/kubeclarity/locals.tf +++ b/addons/kubeclarity/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.kubeclarity_extra_configs.chart, local.name) repository = try(var.kubeclarity_extra_configs.repository, "https://openclarity.github.io/kubeclarity") version = try(var.kubeclarity_extra_configs.version, "v2.19.0") namespace = try(var.kubeclarity_extra_configs.namespace, "kubeclarity") diff --git a/addons/metrics-server/locals.tf b/addons/metrics-server/locals.tf index 70ea739..6443b6f 100644 --- a/addons/metrics-server/locals.tf +++ b/addons/metrics-server/locals.tf @@ -3,7 +3,7 @@ locals { default_helm_config = { name = local.name - chart = local.name + chart = try(var.metrics_server_extra_configs.chart, local.name) repository = try(var.metrics_server_extra_configs.repository, "https://kubernetes-sigs.github.io/metrics-server/") version = try(var.metrics_server_extra_configs.version, "3.8.2") namespace = try(var.metrics_server_extra_configs.namespace, "kube-system") diff --git a/modules/irsa/main.tf b/modules/irsa/main.tf index 9bf575b..d69a25f 100644 --- a/modules/irsa/main.tf +++ b/modules/irsa/main.tf @@ -35,7 +35,7 @@ resource "kubernetes_service_account_v1" "irsa" { resource "aws_iam_role" "irsa" { count = var.irsa_iam_policies != null ? 1 : 0 - name = var.irsa_iam_role_name + name = try(var.irsa_iam_role_name, "${var.kubernetes_service_account}-iam-role") description = "AWS IAM Role for the Kubernetes service account ${var.kubernetes_service_account}." assume_role_policy = jsonencode({ "Version" : "2012-10-17",