From c2b41dc3f9bb6d9bbf30a0266d86fe4197ee787a Mon Sep 17 00:00:00 2001 From: Karim Naufal Date: Sat, 24 Feb 2024 10:16:54 +0100 Subject: [PATCH 1/2] allow submission of the new generated terraform docs via PR as apparent way to add an exception for the workflows via the ruleset --- .github/workflows/generate-docs.yaml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate-docs.yaml b/.github/workflows/generate-docs.yaml index 96958a96..1cba95d0 100644 --- a/.github/workflows/generate-docs.yaml +++ b/.github/workflows/generate-docs.yaml @@ -12,12 +12,23 @@ jobs: - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.ref }} + fetch-depth: 0 # Necessary to fetch all history for create-pull-request to work correctly - name: Render terraform docs and push changes back to PR uses: terraform-docs/gh-actions@main with: working-dir: . - git-push: "true" output-file: docs/terraform.md output-method: inject config-file: ".terraform-docs.yml" + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v6 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update Terraform documentation + title: "[AUTO] Update Terraform Documentation" + body: "Automated changes by GitHub Actions" + branch: "docs/update-${{ github.head_ref }}" + labels: documentation + team_reviewers: Core # Specify the team Core for review From db745d86b4f85267307635a363beff1bbe839419 Mon Sep 17 00:00:00 2001 From: mysticaltech <518555+mysticaltech@users.noreply.github.com> Date: Sat, 24 Feb 2024 09:18:51 +0000 Subject: [PATCH 2/2] Update Terraform documentation --- docs/terraform.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/docs/terraform.md b/docs/terraform.md index 7680967f..25a93f90 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -4,7 +4,7 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.0 | -| [github](#requirement\_github) | >= 5.38.0, < 5.41.0 | +| [github](#requirement\_github) | >= 5.44.0 | | [hcloud](#requirement\_hcloud) | >= 1.43.0 | | [local](#requirement\_local) | >= 2.4.0 | | [remote](#requirement\_remote) | >= 0.1.2 | @@ -14,7 +14,7 @@ | Name | Version | |------|---------| | [cloudinit](#provider\_cloudinit) | n/a | -| [github](#provider\_github) | >= 5.38.0, < 5.41.0 | +| [github](#provider\_github) | >= 5.44.0 | | [hcloud](#provider\_hcloud) | >= 1.43.0 | | [local](#provider\_local) | >= 2.4.0 | | [null](#provider\_null) | n/a | @@ -44,7 +44,9 @@ | [hcloud_network_subnet.agent](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/network_subnet) | resource | | [hcloud_network_subnet.control_plane](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/network_subnet) | resource | | [hcloud_placement_group.agent](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/placement_group) | resource | +| [hcloud_placement_group.agent_named](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/placement_group) | resource | | [hcloud_placement_group.control_plane](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/placement_group) | resource | +| [hcloud_placement_group.control_plane_named](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/placement_group) | resource | | [hcloud_ssh_key.k3s](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/ssh_key) | resource | | [hcloud_volume.longhorn_volume](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/volume) | resource | | [local_file.cert_manager_values](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource | @@ -67,7 +69,6 @@ | [null_resource.kustomization](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.kustomization_user](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.kustomization_user_deploy](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [null_resource.kustomization_user_setup](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [random_password.k3s_token](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource | | [random_password.rancher_bootstrap](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource | | [cloudinit_config.autoscaler_config](https://registry.terraform.io/providers/hashicorp/cloudinit/latest/docs/data-sources/config) | data source | @@ -90,7 +91,8 @@ | [additional\_k3s\_environment](#input\_additional\_k3s\_environment) | Additional environment variables for the k3s binary. See for example https://docs.k3s.io/advanced#configuring-an-http-proxy . | `map(any)` | `{}` | no | | [additional\_tls\_sans](#input\_additional\_tls\_sans) | Additional TLS SANs to allow connection to control-plane through it. | `list(string)` | `[]` | no | | [address\_for\_connectivity\_test](#input\_address\_for\_connectivity\_test) | Before installing k3s, we actually verify that there is internet connectivity. By default we ping 1.1.1.1, but if you use a proxy, you may simply want to ping that proxy instead (assuming that the proxy has its own checks for internet connectivity). | `string` | `"1.1.1.1"` | no | -| [agent\_nodepools](#input\_agent\_nodepools) | Number of agent nodes. | 
list(object({
    name                 = string
    server_type          = string
    location             = string
    backups              = optional(bool)
    floating_ip          = optional(bool)
    labels               = list(string)
    taints               = list(string)
    count                = number
    longhorn_volume_size = optional(number)
    swap_size            = optional(string, "")
    zram_size            = optional(string, "")
    kubelet_args         = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
  }))
| `[]` | no | +| [agent\_nodepools](#input\_agent\_nodepools) | Number of agent nodes. | 
list(object({
    name                       = string
    server_type                = string
    location                   = string
    backups                    = optional(bool)
    floating_ip                = optional(bool)
    labels                     = list(string)
    taints                     = list(string)
    count                      = number
    longhorn_volume_size       = optional(number)
    swap_size                  = optional(string, "")
    zram_size                  = optional(string, "")
    kubelet_args               = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
    selinux                    = optional(bool, true)
    placement_group_compat_idx = optional(number, 0)
    placement_group            = optional(string, null)
  }))
| `[]` | no | +| [agent\_nodes\_custom\_config](#input\_agent\_nodes\_custom\_config) | Custom agent nodes configuration. | `any` | `{}` | no | | [allow\_scheduling\_on\_control\_plane](#input\_allow\_scheduling\_on\_control\_plane) | Whether to allow non-control-plane workloads to run on the control-plane nodes. | `bool` | `false` | no | | [automatically\_upgrade\_k3s](#input\_automatically\_upgrade\_k3s) | Whether to automatically upgrade k3s based on the selected channel. | `bool` | `true` | no | | [automatically\_upgrade\_os](#input\_automatically\_upgrade\_os) | Whether to enable or disable automatic os updates. Defaults to true. Should be disabled for single-node clusters | `bool` | `true` | no | @@ -106,7 +108,7 @@ | [cilium\_ipv4\_native\_routing\_cidr](#input\_cilium\_ipv4\_native\_routing\_cidr) | Used when Cilium is configured in native routing mode. The CNI assumes that the underlying network stack will forward packets to this destination without the need to apply SNAT. Default: value of "cluster\_ipv4\_cidr" | `string` | `null` | no | | [cilium\_routing\_mode](#input\_cilium\_routing\_mode) | Set native-routing mode ("native") or tunneling mode ("tunnel"). | `string` | `"tunnel"` | no | | [cilium\_values](#input\_cilium\_values) | Additional helm values file to pass to Cilium as 'valuesContent' at the HelmChart. | `string` | `""` | no | -| [cilium\_version](#input\_cilium\_version) | Version of Cilium. | `string` | `"1.14.4"` | no | +| [cilium\_version](#input\_cilium\_version) | Version of Cilium. | `string` | `"1.15.1"` | no | | [cluster\_autoscaler\_extra\_args](#input\_cluster\_autoscaler\_extra\_args) | Extra arguments for the Cluster Autoscaler deployment. | `list(string)` | `[]` | no | | [cluster\_autoscaler\_image](#input\_cluster\_autoscaler\_image) | Image of Kubernetes Cluster Autoscaler for Hetzner Cloud to be used. | `string` | `"ghcr.io/kube-hetzner/autoscaler/cluster-autoscaler"` | no | | [cluster\_autoscaler\_log\_level](#input\_cluster\_autoscaler\_log\_level) | Verbosity level of the logs for cluster-autoscaler | `number` | `4` | no | @@ -119,16 +121,19 @@ | [cni\_plugin](#input\_cni\_plugin) | CNI plugin for k3s. | `string` | `"flannel"` | no | | [control\_plane\_lb\_enable\_public\_interface](#input\_control\_plane\_lb\_enable\_public\_interface) | Enable or disable public interface for the control plane load balancer . Defaults to true. | `bool` | `true` | no | | [control\_plane\_lb\_type](#input\_control\_plane\_lb\_type) | The type of load balancer to use for the control plane load balancer. Defaults to lb11, which is the cheapest one. | `string` | `"lb11"` | no | -| [control\_plane\_nodepools](#input\_control\_plane\_nodepools) | Number of control plane nodes. | 
list(object({
    name         = string
    server_type  = string
    location     = string
    backups      = optional(bool)
    labels       = list(string)
    taints       = list(string)
    count        = number
    swap_size    = optional(string, "")
    zram_size    = optional(string, "")
    kubelet_args = optional(list(string), ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
  }))
| `[]` | no | +| [control\_plane\_nodepools](#input\_control\_plane\_nodepools) | Number of control plane nodes. | 
list(object({
    name                       = string
    server_type                = string
    location                   = string
    backups                    = optional(bool)
    labels                     = list(string)
    taints                     = list(string)
    count                      = number
    swap_size                  = optional(string, "")
    zram_size                  = optional(string, "")
    kubelet_args               = optional(list(string), ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
    selinux                    = optional(bool, true)
    placement_group_compat_idx = optional(number, 0)
    placement_group            = optional(string, null)
  }))
| `[]` | no | | [control\_planes\_custom\_config](#input\_control\_planes\_custom\_config) | Custom control plane configuration e.g to allow etcd monitoring. | `any` | `{}` | no | | [create\_kubeconfig](#input\_create\_kubeconfig) | Create the kubeconfig as a local file resource. Should be disabled for automatic runs. | `bool` | `true` | no | | [create\_kustomization](#input\_create\_kustomization) | Create the kustomization backup as a local file resource. Should be disabled for automatic runs. | `bool` | `true` | no | | [csi\_driver\_smb\_values](#input\_csi\_driver\_smb\_values) | Additional helm values file to pass to csi-driver-smb as 'valuesContent' at the HelmChart. | `string` | `""` | no | | [disable\_hetzner\_csi](#input\_disable\_hetzner\_csi) | Disable hetzner csi driver. | `bool` | `false` | no | +| [disable\_kube\_proxy](#input\_disable\_kube\_proxy) | Disable kube-proxy in K3s (default false). | `bool` | `false` | no | | [disable\_network\_policy](#input\_disable\_network\_policy) | Disable k3s default network policy controller (default false, automatically true for calico and cilium). | `bool` | `false` | no | +| [disable\_selinux](#input\_disable\_selinux) | Disable SELinux on all nodes. | `bool` | `false` | no | | [dns\_servers](#input\_dns\_servers) | IP Addresses to use for the DNS Servers, set to an empty list to use the ones provided by Hetzner. The length is limited to 3 entries, more entries is not supported by kubernetes | `list(string)` | 
[
  "185.12.64.1",
  "185.12.64.2",
  "2a01:4ff:ff00::add:1"
]
| no | | [enable\_cert\_manager](#input\_enable\_cert\_manager) | Enable cert manager. | `bool` | `true` | no | | [enable\_csi\_driver\_smb](#input\_enable\_csi\_driver\_smb) | Whether or not to enable csi-driver-smb. | `bool` | `false` | no | +| [enable\_iscsid](#input\_enable\_iscsid) | This is always true when enable\_longhorn=true, however, you may also want this enabled if you perform your own installation of longhorn after this module runs. | `bool` | `false` | no | | [enable\_klipper\_metal\_lb](#input\_enable\_klipper\_metal\_lb) | Use klipper load balancer. | `bool` | `false` | no | | [enable\_local\_storage](#input\_enable\_local\_storage) | Whether to enable or disable k3s local-storage. | `bool` | `false` | no | | [enable\_longhorn](#input\_enable\_longhorn) | Whether or not to enable Longhorn. | `bool` | `false` | no |