From fe130f6202dd0163380b137d893311a8c7e02870 Mon Sep 17 00:00:00 2001 From: Himanshu Ahirwar <83774016+h1manshu98@users.noreply.github.com> Date: Tue, 8 Aug 2023 02:23:24 +0530 Subject: [PATCH] fix: The argument "addonanme_manifests" is required, but no definition was found. (#17) feat: Updated Readme.md --- README.md | 3 ++- .../external-secret/external-secret.yaml | 18 +++++++++++++++ .../config/external-secret/secret-store.yaml | 14 +++++++++++ .../basic/config/external-secret/usage.yaml | 23 +++++++++++++++++++ _examples/basic/main.tf | 8 +++---- _examples/basic/variables.tf | 2 +- _examples/complete/main.tf | 16 ++++++------- _examples/complete/variables.tf | 2 +- addons/aws-ebs-csi-driver/README.md | 6 +++-- addons/aws-efs-csi-driver/README.md | 6 +++-- addons/aws-load-balancer-controller/README.md | 6 +++-- addons/aws-node-termination-handler/README.md | 6 +++-- addons/calico-tigera/README.md | 6 +++-- addons/calico-tigera/main.tf | 6 ++--- addons/calico-tigera/versions.tf | 8 +++++++ addons/cluster-autoscaler/README.md | 6 +++-- addons/external-secrets/README.md | 6 +++-- .../external-secret/external-secret.yaml | 18 +++++++++++++++ .../override-values.yaml} | 11 ++------- .../config/external-secret/secret-store.yaml | 14 +++++++++++ .../config/external-secret/usage.yaml | 23 +++++++++++++++++++ addons/external-secrets/main.tf | 10 ++++---- addons/external-secrets/variables.tf | 2 +- addons/istio-ingress/README.md | 6 +++-- addons/karpenter/README.md | 6 +++-- addons/kiali-server/README.md | 6 +++-- addons/kiali-server/main.tf | 22 ------------------ addons/metrics-server/README.md | 6 +++-- main.tf | 16 ++++++------- variables.tf | 16 ++++++++++++- 30 files changed, 211 insertions(+), 87 deletions(-) create mode 100644 _examples/basic/config/external-secret/external-secret.yaml create mode 100644 _examples/basic/config/external-secret/secret-store.yaml create mode 100644 _examples/basic/config/external-secret/usage.yaml create mode 100644 addons/external-secrets/config/external-secret/external-secret.yaml rename addons/external-secrets/config/{external_secrets.yaml => external-secret/override-values.yaml} (64%) create mode 100644 addons/external-secrets/config/external-secret/secret-store.yaml create mode 100644 addons/external-secrets/config/external-secret/usage.yaml diff --git a/README.md b/README.md index 7cf291f..d11307f 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,8 @@ No outputs. ```bash module "addons" { - source = "../../addons" + source = "clouddrove/eks-addons/aws" + version = "0.0.1" depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name diff --git a/_examples/basic/config/external-secret/external-secret.yaml b/_examples/basic/config/external-secret/external-secret.yaml new file mode 100644 index 0000000..0f75081 --- /dev/null +++ b/_examples/basic/config/external-secret/external-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: external-secret # -- Provide external secret name + namespace: kube-system # -- Do not change this namespace field +spec: + refreshInterval: 1h + secretStoreRef: + name: external-secrets-store # -- Provide previously created secret store name + kind: SecretStore + target: + name: externalsecret-data # -- Name of secret which will contain data specified below + creationPolicy: Owner + data: + - secretKey: do_not_delete_this_key # -- AWS Secret-Manager secret key + remoteRef: + key: addon-external_secrets # -- Same as 'externalsecrets_manifest["secret_manager_name"] + property: do_not_delete_this_key # -- AWS Secret-Manager secret key \ No newline at end of file diff --git a/_examples/basic/config/external-secret/secret-store.yaml b/_examples/basic/config/external-secret/secret-store.yaml new file mode 100644 index 0000000..95b2ccc --- /dev/null +++ b/_examples/basic/config/external-secret/secret-store.yaml @@ -0,0 +1,14 @@ +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: external-secrets-store # -- Provide secret store name + namespace: kube-system # -- Do not change this namespace name +spec: + provider: + aws: + service: SecretsManager + region: us-east-1 # -- Provoide your cluster region + auth: + jwt: + serviceAccountRef: + name: external-secrets-sa # -- Do not change this name field \ No newline at end of file diff --git a/_examples/basic/config/external-secret/usage.yaml b/_examples/basic/config/external-secret/usage.yaml new file mode 100644 index 0000000..e6f2676 --- /dev/null +++ b/_examples/basic/config/external-secret/usage.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: ubuntu-pod + namespace: kube-system # -- keep this namespace same as ExternalSecret namespace + labels: + app: ubuntu-pod +spec: + containers: + - image: ubuntu + command: + - "sleep" + - "604800" + imagePullPolicy: IfNotPresent + name: ubuntu-pod + env: + - name: USER_1 # -- Environment variable of pod + valueFrom: + secretKeyRef: + name: externalsecret-data # -- kubernetes secret name + key: do_not_delete_this_key # -- Same as spec.data.secretKey field of ExternalSecret + optional: false + restartPolicy: Always \ No newline at end of file diff --git a/_examples/basic/main.tf b/_examples/basic/main.tf index 53b7280..4239571 100644 --- a/_examples/basic/main.tf +++ b/_examples/basic/main.tf @@ -199,14 +199,14 @@ module "addons" { aws_node_termination_handler = true aws_efs_csi_driver = true aws_ebs_csi_driver = true - karpenter = true - calico_tigera = true + karpenter = false + calico_tigera = false kiali_server = true kiali_manifests = var.kiali_manifests - external_secrets = true - externalsecrets_manifest = var.externalsecrets_manifest + external_secrets = true + externalsecrets_manifests = var.externalsecrets_manifests istio_ingress = true istio_manifests = var.istio_manifests diff --git a/_examples/basic/variables.tf b/_examples/basic/variables.tf index 5189b84..74c7d66 100644 --- a/_examples/basic/variables.tf +++ b/_examples/basic/variables.tf @@ -51,7 +51,7 @@ variable "kiali_manifests" { } #--------------EXTERNAL SECRET--------------- -variable "externalsecrets_manifest" { +variable "externalsecrets_manifests" { type = object({ secret_store_manifest_file_path = string external_secrets_manifest_file_path = string diff --git a/_examples/complete/main.tf b/_examples/complete/main.tf index 3c4f9c9..db2a400 100644 --- a/_examples/complete/main.tf +++ b/_examples/complete/main.tf @@ -197,20 +197,20 @@ module "addons" { # -- Enable Addons metrics_server = true cluster_autoscaler = true - karpenter = true aws_load_balancer_controller = true aws_node_termination_handler = true aws_efs_csi_driver = true aws_ebs_csi_driver = true - calico_tigera = true + karpenter = false + calico_tigera = false # -- Addons with mandatory variable - istio_ingress = true - istio_manifests = var.istio_manifests - kiali_server = true - kiali_manifests = var.kiali_manifests - external_secrets = true - externalsecrets_manifest = var.externalsecrets_manifest + istio_ingress = true + istio_manifests = var.istio_manifests + kiali_server = true + kiali_manifests = var.kiali_manifests + external_secrets = true + externalsecrets_manifests = var.externalsecrets_manifests # -- Path of override-values.yaml file metrics_server_helm_config = { values = ["${file("./config/override-metrics-server.yaml")}"] } diff --git a/_examples/complete/variables.tf b/_examples/complete/variables.tf index bde89c3..37faef4 100644 --- a/_examples/complete/variables.tf +++ b/_examples/complete/variables.tf @@ -59,7 +59,7 @@ variable "kiali_manifests" { } # ------------------ EXTERNAL SECRETS ----------------------- -variable "externalsecrets_manifest" { +variable "externalsecrets_manifests" { type = object({ secret_store_manifest_file_path = string external_secrets_manifest_file_path = string diff --git a/addons/aws-ebs-csi-driver/README.md b/addons/aws-ebs-csi-driver/README.md index 50b7589..1524a4c 100644 --- a/addons/aws-ebs-csi-driver/README.md +++ b/addons/aws-ebs-csi-driver/README.md @@ -8,8 +8,10 @@ The [Amazon Elastic Block Store Container Storage](https://aws.amazon.com/ebs/) Below terraform script shows how to use AWS EBS CSI Driver Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name aws_ebs_csi_driver = true diff --git a/addons/aws-efs-csi-driver/README.md b/addons/aws-efs-csi-driver/README.md index 64cd896..a8097e2 100644 --- a/addons/aws-efs-csi-driver/README.md +++ b/addons/aws-efs-csi-driver/README.md @@ -10,8 +10,10 @@ Amazon EFS CSI driver supports dynamic provisioning and static provisioning. Cur Below terraform script shows how to use AWS EFS CSI Driver Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name aws_efs_csi_driver = true diff --git a/addons/aws-load-balancer-controller/README.md b/addons/aws-load-balancer-controller/README.md index d2e8ade..4f41751 100644 --- a/addons/aws-load-balancer-controller/README.md +++ b/addons/aws-load-balancer-controller/README.md @@ -10,8 +10,10 @@ AWS Load Balancer controller manages the following AWS resources Below terraform script shows how to use AWS Load Balancer Controller Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name aws_load_balancer_controller = true diff --git a/addons/aws-node-termination-handler/README.md b/addons/aws-node-termination-handler/README.md index 4f0a348..40c5742 100644 --- a/addons/aws-node-termination-handler/README.md +++ b/addons/aws-node-termination-handler/README.md @@ -8,8 +8,10 @@ The AWS Node Termination Handler (NTH) project ensures that the Kubernetes contr Below terraform script shows how to use Node Termination Handler Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name aws_node_termination_handler = true diff --git a/addons/calico-tigera/README.md b/addons/calico-tigera/README.md index 35f271b..e7dd5f7 100644 --- a/addons/calico-tigera/README.md +++ b/addons/calico-tigera/README.md @@ -16,8 +16,10 @@ For multi-tenant Kubernetes environments where isolation of tenants from each ot ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name calico_tigera = true diff --git a/addons/calico-tigera/main.tf b/addons/calico-tigera/main.tf index dfb43fc..25c149e 100644 --- a/addons/calico-tigera/main.tf +++ b/addons/calico-tigera/main.tf @@ -17,9 +17,7 @@ resource "kubernetes_namespace" "this" { } } -resource "null_resource" "calico_node" { +resource "kubectl_manifest" "calico_node" { depends_on = [data.aws_eks_cluster.eks_cluster] - provisioner "local-exec" { - command = "kubectl apply -f ../../addons/calico-tigera/config/calico-deployment.yaml" - } + yaml_body = file("../../addons/calico-tigera/config/calico-deployment.yaml") } \ No newline at end of file diff --git a/addons/calico-tigera/versions.tf b/addons/calico-tigera/versions.tf index 55fba73..5f011d1 100644 --- a/addons/calico-tigera/versions.tf +++ b/addons/calico-tigera/versions.tf @@ -6,5 +6,13 @@ terraform { source = "hashicorp/kubernetes" version = ">= 2.10" } + helm = { + source = "hashicorp/helm" + version = ">= 2.6" + } + kubectl = { + source = "gavinbunney/kubectl" + version = ">= 1.7.0" + } } } diff --git a/addons/cluster-autoscaler/README.md b/addons/cluster-autoscaler/README.md index cd63ee0..0066ac3 100644 --- a/addons/cluster-autoscaler/README.md +++ b/addons/cluster-autoscaler/README.md @@ -9,8 +9,10 @@ Cluster Autoscaler is a tool that automatically adjusts the size of the Kubernet Below terraform script shows how to use Cluster Autoscaler Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name cluster_autoscaler = true diff --git a/addons/external-secrets/README.md b/addons/external-secrets/README.md index 591e15b..99f4ab5 100644 --- a/addons/external-secrets/README.md +++ b/addons/external-secrets/README.md @@ -38,8 +38,10 @@ variable "externalsecrets_manifest" { Calling `externalsecrets_manifest` variable in main.tf as below - ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name external_secrets = true diff --git a/addons/external-secrets/config/external-secret/external-secret.yaml b/addons/external-secrets/config/external-secret/external-secret.yaml new file mode 100644 index 0000000..0f75081 --- /dev/null +++ b/addons/external-secrets/config/external-secret/external-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: external-secret # -- Provide external secret name + namespace: kube-system # -- Do not change this namespace field +spec: + refreshInterval: 1h + secretStoreRef: + name: external-secrets-store # -- Provide previously created secret store name + kind: SecretStore + target: + name: externalsecret-data # -- Name of secret which will contain data specified below + creationPolicy: Owner + data: + - secretKey: do_not_delete_this_key # -- AWS Secret-Manager secret key + remoteRef: + key: addon-external_secrets # -- Same as 'externalsecrets_manifest["secret_manager_name"] + property: do_not_delete_this_key # -- AWS Secret-Manager secret key \ No newline at end of file diff --git a/addons/external-secrets/config/external_secrets.yaml b/addons/external-secrets/config/external-secret/override-values.yaml similarity index 64% rename from addons/external-secrets/config/external_secrets.yaml rename to addons/external-secrets/config/external-secret/override-values.yaml index bba530b..b10bafc 100644 --- a/addons/external-secrets/config/external_secrets.yaml +++ b/addons/external-secrets/config/external-secret/override-values.yaml @@ -1,5 +1,3 @@ -## Node affinity for particular node in which labels key is "Infra-Services" and value is "true" - affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -9,16 +7,11 @@ affinity: operator: In values: - "critical" - ## Using limits and requests - resources: limits: - cpu: 200m + cpu: 300m memory: 250Mi requests: cpu: 50m - memory: 150Mi - -podAnnotations: - co.elastic.logs/enabled: "true" + memory: 150Mi \ No newline at end of file diff --git a/addons/external-secrets/config/external-secret/secret-store.yaml b/addons/external-secrets/config/external-secret/secret-store.yaml new file mode 100644 index 0000000..95b2ccc --- /dev/null +++ b/addons/external-secrets/config/external-secret/secret-store.yaml @@ -0,0 +1,14 @@ +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: external-secrets-store # -- Provide secret store name + namespace: kube-system # -- Do not change this namespace name +spec: + provider: + aws: + service: SecretsManager + region: us-east-1 # -- Provoide your cluster region + auth: + jwt: + serviceAccountRef: + name: external-secrets-sa # -- Do not change this name field \ No newline at end of file diff --git a/addons/external-secrets/config/external-secret/usage.yaml b/addons/external-secrets/config/external-secret/usage.yaml new file mode 100644 index 0000000..e6f2676 --- /dev/null +++ b/addons/external-secrets/config/external-secret/usage.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: ubuntu-pod + namespace: kube-system # -- keep this namespace same as ExternalSecret namespace + labels: + app: ubuntu-pod +spec: + containers: + - image: ubuntu + command: + - "sleep" + - "604800" + imagePullPolicy: IfNotPresent + name: ubuntu-pod + env: + - name: USER_1 # -- Environment variable of pod + valueFrom: + secretKeyRef: + name: externalsecret-data # -- kubernetes secret name + key: do_not_delete_this_key # -- Same as spec.data.secretKey field of ExternalSecret + optional: false + restartPolicy: Always \ No newline at end of file diff --git a/addons/external-secrets/main.tf b/addons/external-secrets/main.tf index 68a071d..69574e0 100644 --- a/addons/external-secrets/main.tf +++ b/addons/external-secrets/main.tf @@ -74,19 +74,19 @@ data "aws_iam_policy_document" "iam-policy" { "secretsmanager:DescribeSecret", ] resources = [ - "arn:aws:secretsmanager:${data.aws_region.current.name}:${var.account_id}:secret:${var.externalsecrets_manifest.secret_manager_name}*", + "arn:aws:secretsmanager:${data.aws_region.current.name}:${var.account_id}:secret:${var.externalsecrets_manifests.secret_manager_name}*", ] } } resource "kubectl_manifest" "secret_store" { depends_on = [module.helm_addon] - yaml_body = file("${var.externalsecrets_manifest.secret_store_manifest_file_path}") + yaml_body = file("${var.externalsecrets_manifests.secret_store_manifest_file_path}") } resource "kubectl_manifest" "external_secrets" { depends_on = [kubectl_manifest.secret_store, module.secrets_manager] - yaml_body = file("${var.externalsecrets_manifest.external_secrets_manifest_file_path}") + yaml_body = file("${var.externalsecrets_manifests.external_secrets_manifest_file_path}") } module "secrets_manager" { @@ -96,8 +96,8 @@ module "secrets_manager" { name = "secrets-manager" secrets = [ { - name = "${var.externalsecrets_manifest.secret_manager_name}" - description = "This is a key/value secret" + name = "${var.externalsecrets_manifests.secret_manager_name}" + description = "AWS EKS external-secrets helm addon." secret_key_value = { do_not_delete_this_key = "do_not_delete_this_value" } diff --git a/addons/external-secrets/variables.tf b/addons/external-secrets/variables.tf index b5ae085..75a5938 100644 --- a/addons/external-secrets/variables.tf +++ b/addons/external-secrets/variables.tf @@ -36,7 +36,7 @@ variable "addon_context" { } # ------------------ EXTERNAL SECRETS ----------------------- -variable "externalsecrets_manifest" { +variable "externalsecrets_manifests" { type = object({ secret_store_manifest_file_path = string external_secrets_manifest_file_path = string diff --git a/addons/istio-ingress/README.md b/addons/istio-ingress/README.md index ec2224b..647b6a9 100644 --- a/addons/istio-ingress/README.md +++ b/addons/istio-ingress/README.md @@ -7,8 +7,10 @@ Istio is a service mesh—a modernized service networking layer that provides a Below terraform script shows how to use Istio-Ingress Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name istio_ingress = true diff --git a/addons/karpenter/README.md b/addons/karpenter/README.md index 2bd8485..c3ba994 100644 --- a/addons/karpenter/README.md +++ b/addons/karpenter/README.md @@ -7,8 +7,10 @@ Karpenter simplifies Kubernetes infrastructure with the right nodes at the right Below terraform script shows how to use Karpenter Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name karpenter = true diff --git a/addons/kiali-server/README.md b/addons/kiali-server/README.md index 4ff4d48..da6a220 100644 --- a/addons/kiali-server/README.md +++ b/addons/kiali-server/README.md @@ -8,8 +8,10 @@ Below terraform script shows how to use Kiali-Server Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name kiali_server = true diff --git a/addons/kiali-server/main.tf b/addons/kiali-server/main.tf index b4e3ec1..a1bcca9 100644 --- a/addons/kiali-server/main.tf +++ b/addons/kiali-server/main.tf @@ -7,28 +7,6 @@ module "helm_addon" { } -# resource "null_resource" "kiali_token" { -# depends_on = [module.helm_addon] -# provisioner "local-exec" { -# command = "kubectl apply -f ../../addons/${local.name}/config/kiali_secret.yaml -n ${local.default_helm_config.namespace}" -# } -# } - -# resource "null_resource" "kiali_virtualservice" { -# depends_on = [module.helm_addon] -# provisioner "local-exec" { -# command = "kubectl apply -f ${var.kiali_manifests.kiali_virtualservice_file_path} -n ${local.default_helm_config.namespace}" -# } -# } - -# resource "null_resource" "enable_monitoring" { -# count = var.kiali_manifests.enable_monitoring ? 1 : 0 -# depends_on = [null_resource.kiali_virtualservice] -# provisioner "local-exec" { -# command = "kubectl apply -f ../../addons/${local.name}/config/monitoring/grafana.yaml -f ../../addons/${local.name}/config/monitoring/jaeger.yaml -f ../../addons/${local.name}/config/monitoring/prometheus.yaml -n ${local.default_helm_config.namespace}" -# } -# } -############################################################## resource "kubectl_manifest" "kiali_token" { depends_on = [module.helm_addon] yaml_body = file("../../addons/${local.name}/config/kiali_secret.yaml") diff --git a/addons/metrics-server/README.md b/addons/metrics-server/README.md index c2e7f96..2a4425c 100644 --- a/addons/metrics-server/README.md +++ b/addons/metrics-server/README.md @@ -7,8 +7,10 @@ Metrics Server collects resource metrics from Kubelets and exposes them in Kuber Below terraform script shows how to use Metrics-Server Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf). ```bash module "addons" { - source = "../../" - depends_on = [null_resource.kubectl] + source = "clouddrove/eks-addons/aws" + version = "0.0.1" + + depends_on = [module.eks.cluster_id] eks_cluster_name = module.eks.cluster_name metrics_server = true diff --git a/main.tf b/main.tf index 07faf89..2f79ae0 100644 --- a/main.tf +++ b/main.tf @@ -95,12 +95,12 @@ module "calico_tigera" { } module "external_secrets" { - count = var.external_secrets ? 1 : 0 - source = "./addons/external-secrets" - helm_config = var.external_secrets_helm_config != null ? var.external_secrets_helm_config : { values = ["${file("../../addons/external-secrets/config/external_secrets.yaml")}"] } - manage_via_gitops = var.manage_via_gitops - addon_context = local.addon_context - eks_cluster_name = data.aws_eks_cluster.eks_cluster.name - account_id = data.aws_caller_identity.current.account_id - externalsecrets_manifest = var.externalsecrets_manifest + count = var.external_secrets ? 1 : 0 + source = "./addons/external-secrets" + helm_config = var.external_secrets_helm_config != null ? var.external_secrets_helm_config : { values = ["${file("../../addons/external-secrets/config/external-secret/override-values.yaml")}"] } + manage_via_gitops = var.manage_via_gitops + addon_context = local.addon_context + eks_cluster_name = data.aws_eks_cluster.eks_cluster.name + account_id = data.aws_caller_identity.current.account_id + externalsecrets_manifests = var.externalsecrets_manifests } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 70ca9fc..301cfe4 100644 --- a/variables.tf +++ b/variables.tf @@ -107,6 +107,10 @@ variable "istio_manifests" { istio_ingress_manifest_file_path = string istio_gateway_manifest_file_path = string }) + default = { + istio_ingress_manifest_file_path = "./addons/istio-ingress/config/manifest/ingress.yaml" + istio_gateway_manifest_file_path = "./addons/istio-ingress/config/manifest/gateway.yaml" + } } #-----------KAILI DASHBOARD----------------------- @@ -122,11 +126,16 @@ variable "kiali_server_helm_config" { default = null } + variable "kiali_manifests" { type = object({ kiali_virtualservice_file_path = string enable_monitoring = bool }) + default = { + kiali_virtualservice_file_path = "./addons/kiali-server/config/kiali_vs.yaml" + enable_monitoring = true + } } #-----------CALICO TOGERA -------------------------- @@ -154,12 +163,17 @@ variable "external_secrets_helm_config" { default = null } -variable "externalsecrets_manifest" { +variable "externalsecrets_manifests" { type = object({ secret_store_manifest_file_path = string external_secrets_manifest_file_path = string secret_manager_name = string }) + default = { + secret_store_manifest_file_path = "./addons/external-secrets/config/external-secret/secret-store.yaml" + external_secrets_manifest_file_path = "./addons/external-secrets/config/external-secret/external-secret.yaml" + secret_manager_name = "addon-external_secrets" + } } #-----------COMMON VARIABLES -----------------------