From 6d1121e1f0fde9f4d4401b640476d0d817236b90 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Thu, 27 Oct 2022 11:44:22 -0400 Subject: [PATCH] feat: Update addons to latest supported versions --- .github/workflows/pre-commit.yaml | 2 +- examples/ai-ml/ray/main.tf | 2 +- examples/analytics/spark-k8s-operator/main.tf | 2 +- .../observability/amp-amg-opensearch/data.tf | 2 +- locals.tf | 4 +- .../outputs.tf | 2 +- .../self-managed-launch-templates.tf | 2 +- modules/aws-eks-teams/main.tf | 2 +- modules/irsa/main.tf | 2 +- modules/kubernetes-addons/agones/locals.tf | 4 +- modules/kubernetes-addons/airflow/main.tf | 3 +- .../kubernetes-addons/argo-rollouts/locals.tf | 5 +- modules/kubernetes-addons/argocd/locals.tf | 6 +- .../aws-cloudwatch-metrics/locals.tf | 1 + .../aws-ebs-csi-driver/main.tf | 3 +- .../aws-efs-csi-driver/locals.tf | 4 +- .../aws-for-fluentbit/locals.tf | 3 +- .../aws-fsx-csi-driver/locals.tf | 4 +- .../aws-load-balancer-controller/locals.tf | 4 +- .../aws-node-termination-handler/locals.tf | 17 ++-- .../aws-privateca-issuer/data.tf | 2 +- .../aws-privateca-issuer/locals.tf | 7 +- modules/kubernetes-addons/calico/README.md | 2 - modules/kubernetes-addons/calico/locals.tf | 23 ----- modules/kubernetes-addons/calico/main.tf | 23 ++++- modules/kubernetes-addons/calico/outputs.tf | 2 +- modules/kubernetes-addons/calico/values.yaml | 2 - modules/kubernetes-addons/calico/versions.tf | 11 --- .../cert-manager-csi-driver/README.md | 1 - .../cert-manager-csi-driver/locals.tf | 23 ----- .../cert-manager-csi-driver/main.tf | 14 ++- .../cert-manager-csi-driver/outputs.tf | 2 +- .../cert-manager-csi-driver/versions.tf | 7 -- .../kubernetes-addons/cert-manager/locals.tf | 3 +- .../kubernetes-addons/chaos-mesh/README.md | 2 - .../kubernetes-addons/chaos-mesh/locals.tf | 21 ----- modules/kubernetes-addons/chaos-mesh/main.tf | 18 +++- .../kubernetes-addons/chaos-mesh/outputs.tf | 2 +- .../kubernetes-addons/chaos-mesh/versions.tf | 11 --- modules/kubernetes-addons/cilium/README.md | 2 - modules/kubernetes-addons/cilium/locals.tf | 23 ----- modules/kubernetes-addons/cilium/main.tf | 25 +++++- modules/kubernetes-addons/cilium/outputs.tf | 2 +- modules/kubernetes-addons/cilium/values.yaml | 4 - modules/kubernetes-addons/cilium/versions.tf | 11 --- .../cluster-autoscaler/main.tf | 1 + .../cluster-proportional-autoscaler/README.md | 1 - .../cluster-proportional-autoscaler/locals.tf | 30 ------- .../cluster-proportional-autoscaler/main.tf | 21 +++-- .../outputs.tf | 2 +- .../versions.tf | 7 -- .../kubernetes-addons/crossplane/locals.tf | 3 +- .../csi-secrets-store-provider-aws/locals.tf | 23 ----- .../csi-secrets-store-provider-aws/main.tf | 30 +++++-- .../csi-secrets-store-provider-aws/outputs.tf | 2 +- .../variables.tf | 6 +- .../versions.tf | 4 - .../datadog-operator/main.tf | 1 + .../kubernetes-addons/external-dns/data.tf | 25 ------ .../kubernetes-addons/external-dns/locals.tf | 50 ----------- .../kubernetes-addons/external-dns/main.tf | 88 +++++++++++++++++-- .../external-dns/values.yaml | 3 - .../external-secrets/locals.tf | 21 ++--- .../kubernetes-addons/gatekeeper/README.md | 3 - .../kubernetes-addons/gatekeeper/locals.tf | 28 ------ modules/kubernetes-addons/gatekeeper/main.tf | 30 ++++++- .../kubernetes-addons/gatekeeper/versions.tf | 15 ---- modules/kubernetes-addons/grafana/README.md | 2 - modules/kubernetes-addons/grafana/locals.tf | 3 +- modules/kubernetes-addons/grafana/versions.tf | 8 -- .../kubernetes-addons/ingress-nginx/locals.tf | 27 ------ .../kubernetes-addons/ingress-nginx/main.tf | 41 +++++---- .../ingress-nginx/outputs.tf | 2 +- .../ingress-nginx/values.yaml | 0 modules/kubernetes-addons/karpenter/locals.tf | 41 ++++----- .../kubernetes-addons/karpenter/values.yaml | 6 -- modules/kubernetes-addons/keda/locals.tf | 22 ++--- .../kube-prometheus-stack/locals.tf | 23 ----- .../kube-prometheus-stack/main.tf | 34 +++++-- .../kube-prometheus-stack/values.yaml | 17 ++-- .../kube-prometheus-stack/variables.tf | 4 +- .../kube-prometheus-stack/versions.tf | 4 - modules/kubernetes-addons/kubecost/README.md | 3 - modules/kubernetes-addons/kubecost/locals.tf | 25 ------ modules/kubernetes-addons/kubecost/main.tf | 19 +++- modules/kubernetes-addons/kubecost/outputs.tf | 2 +- .../kubernetes-addons/kubecost/values.yaml | 3 +- .../kubernetes-addons/kubecost/versions.tf | 15 ---- .../kuberay-operator/main.tf | 3 +- .../kubernetes-dashboard/locals.tf | 5 +- modules/kubernetes-addons/kyverno/main.tf | 5 +- .../local-volume-provisioner/README.md | 2 - .../local-volume-provisioner/versions.tf | 11 --- .../metrics-server/locals.tf | 3 +- .../nvidia-device-plugin/locals.tf | 6 +- .../opentelemetry-operator/locals.tf | 5 +- modules/kubernetes-addons/prometheus/main.tf | 3 +- modules/kubernetes-addons/promtail/README.md | 2 - modules/kubernetes-addons/promtail/locals.tf | 22 ----- modules/kubernetes-addons/promtail/main.tf | 18 +++- modules/kubernetes-addons/promtail/outputs.tf | 2 +- .../kubernetes-addons/promtail/versions.tf | 11 --- modules/kubernetes-addons/reloader/README.md | 1 - modules/kubernetes-addons/reloader/locals.tf | 25 ------ modules/kubernetes-addons/reloader/main.tf | 24 ++++- .../kubernetes-addons/reloader/versions.tf | 7 -- .../secrets-store-csi-driver/locals.tf | 7 +- .../secrets-store-csi-driver/versions.tf | 4 - .../smb-csi-driver/README.md | 2 - .../smb-csi-driver/locals.tf | 20 ----- .../kubernetes-addons/smb-csi-driver/main.tf | 17 +++- .../smb-csi-driver/outputs.tf | 2 +- .../smb-csi-driver/versions.tf | 11 --- .../spark-history-server/README.md | 1 - .../spark-history-server/locals.tf | 1 - .../spark-history-server/versions.tf | 7 -- .../spark-k8s-operator/locals.tf | 23 ----- .../spark-k8s-operator/main.tf | 36 +++++--- .../spark-k8s-operator/outputs.tf | 2 +- .../kubernetes-addons/tetrate-istio/locals.tf | 1 - modules/kubernetes-addons/traefik/locals.tf | 25 ------ modules/kubernetes-addons/traefik/main.tf | 37 +++++--- modules/kubernetes-addons/traefik/outputs.tf | 2 +- modules/kubernetes-addons/velero/main.tf | 4 +- modules/kubernetes-addons/vpa/locals.tf | 25 ------ modules/kubernetes-addons/vpa/main.tf | 36 +++++--- modules/kubernetes-addons/vpa/outputs.tf | 2 +- modules/kubernetes-addons/vpa/values.yaml | 14 --- modules/kubernetes-addons/yunikorn/locals.tf | 9 +- outputs.tf | 12 +-- 130 files changed, 559 insertions(+), 908 deletions(-) delete mode 100644 modules/kubernetes-addons/calico/locals.tf delete mode 100644 modules/kubernetes-addons/calico/values.yaml delete mode 100644 modules/kubernetes-addons/cert-manager-csi-driver/locals.tf delete mode 100644 modules/kubernetes-addons/chaos-mesh/locals.tf delete mode 100644 modules/kubernetes-addons/cilium/locals.tf delete mode 100644 modules/kubernetes-addons/cilium/values.yaml delete mode 100644 modules/kubernetes-addons/cluster-proportional-autoscaler/locals.tf delete mode 100644 modules/kubernetes-addons/csi-secrets-store-provider-aws/locals.tf delete mode 100644 modules/kubernetes-addons/external-dns/data.tf delete mode 100644 modules/kubernetes-addons/external-dns/locals.tf delete mode 100644 modules/kubernetes-addons/external-dns/values.yaml delete mode 100644 modules/kubernetes-addons/gatekeeper/locals.tf delete mode 100644 modules/kubernetes-addons/ingress-nginx/locals.tf delete mode 100644 modules/kubernetes-addons/ingress-nginx/values.yaml delete mode 100644 modules/kubernetes-addons/karpenter/values.yaml delete mode 100644 modules/kubernetes-addons/kube-prometheus-stack/locals.tf delete mode 100644 modules/kubernetes-addons/kubecost/locals.tf delete mode 100644 modules/kubernetes-addons/promtail/locals.tf delete mode 100644 modules/kubernetes-addons/reloader/locals.tf delete mode 100644 modules/kubernetes-addons/smb-csi-driver/locals.tf delete mode 100644 modules/kubernetes-addons/spark-k8s-operator/locals.tf delete mode 100644 modules/kubernetes-addons/traefik/locals.tf delete mode 100644 modules/kubernetes-addons/vpa/locals.tf delete mode 100644 modules/kubernetes-addons/vpa/values.yaml diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index f39fe6d4cf..0fbede9759 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -13,7 +13,7 @@ env: TERRAFORM_DOCS_VERSION: v0.16.0 TFSEC_VERSION: v1.22.0 TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache - TFLINT_VERSION: v0.38.1 + TFLINT_VERSION: v0.42.1 concurrency: group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' diff --git a/examples/ai-ml/ray/main.tf b/examples/ai-ml/ray/main.tf index 9050c7b0f6..8b07bedc25 100644 --- a/examples/ai-ml/ray/main.tf +++ b/examples/ai-ml/ray/main.tf @@ -210,7 +210,7 @@ module "s3_bucket" { data "aws_iam_policy_document" "irsa_policy" { statement { actions = ["s3:ListBucket"] - resources = ["${module.s3_bucket.s3_bucket_arn}"] + resources = [module.s3_bucket.s3_bucket_arn] } statement { actions = ["s3:*Object"] diff --git a/examples/analytics/spark-k8s-operator/main.tf b/examples/analytics/spark-k8s-operator/main.tf index 1f93f75d88..644f81d103 100644 --- a/examples/analytics/spark-k8s-operator/main.tf +++ b/examples/analytics/spark-k8s-operator/main.tf @@ -364,7 +364,7 @@ module "eks_blueprints_kubernetes_addons" { aws_for_fluent_bit_cw_log_group = "/${module.eks_blueprints.eks_cluster_id}/worker-fluentbit-logs" # Optional create_namespace = true values = [templatefile("${path.module}/helm-values/aws-for-fluentbit-values.yaml", { - region = "${data.aws_region.current.id}" + region = data.aws_region.current.id aws_for_fluent_bit_cw_log = "/${module.eks_blueprints.eks_cluster_id}/worker-fluentbit-logs" })] set = [ diff --git a/examples/observability/amp-amg-opensearch/data.tf b/examples/observability/amp-amg-opensearch/data.tf index 490870eac2..4229b4023b 100644 --- a/examples/observability/amp-amg-opensearch/data.tf +++ b/examples/observability/amp-amg-opensearch/data.tf @@ -40,7 +40,7 @@ data "aws_iam_policy_document" "opensearch_access_policy" { sid = "AdminDomainLevelAccessToOpenSearch" effect = "Allow" resources = [ - "${aws_elasticsearch_domain.opensearch.arn}", + aws_elasticsearch_domain.opensearch.arn, "${aws_elasticsearch_domain.opensearch.arn}/*", ] actions = ["es:*"] diff --git a/locals.tf b/locals.tf index 5553370daa..0cf4b4cc3b 100644 --- a/locals.tf +++ b/locals.tf @@ -124,7 +124,7 @@ locals { platform_teams_config_map = length(var.platform_teams) > 0 ? [ for platform_team_name, platform_team_data in var.platform_teams : { rolearn : "arn:${local.partition}:iam::${local.account_id}:role/${module.aws_eks.cluster_id}-${platform_team_name}-access" - username : "${platform_team_name}" + username : platform_team_name groups : [ "system:masters" ] @@ -135,7 +135,7 @@ locals { application_teams_config_map = length(var.application_teams) > 0 ? [ for team_name, team_data in var.application_teams : { rolearn : "arn:${local.partition}:iam::${local.account_id}:role/${module.aws_eks.cluster_id}-${team_name}-access" - username : "${team_name}" + username : team_name groups : [ "${team_name}-group" ] diff --git a/modules/aws-eks-self-managed-node-groups/outputs.tf b/modules/aws-eks-self-managed-node-groups/outputs.tf index 863b465f35..67b0648204 100644 --- a/modules/aws-eks-self-managed-node-groups/outputs.tf +++ b/modules/aws-eks-self-managed-node-groups/outputs.tf @@ -1,6 +1,6 @@ output "self_managed_nodegroup_name" { description = "EKS Self Managed node group id" - value = local.self_managed_node_group["node_group_name"].* + value = local.self_managed_node_group["node_group_name"][*] } output "self_managed_nodegroup_iam_role_arns" { diff --git a/modules/aws-eks-self-managed-node-groups/self-managed-launch-templates.tf b/modules/aws-eks-self-managed-node-groups/self-managed-launch-templates.tf index fbf44ad05a..880d25dd18 100644 --- a/modules/aws-eks-self-managed-node-groups/self-managed-launch-templates.tf +++ b/modules/aws-eks-self-managed-node-groups/self-managed-launch-templates.tf @@ -3,7 +3,7 @@ module "launch_template_self_managed_ng" { eks_cluster_id = var.context.eks_cluster_id launch_template_config = { - "${local.lt_self_managed_group_map_key}" = { + (local.lt_self_managed_group_map_key) = { ami = local.custom_ami_id launch_template_os = local.self_managed_node_group["launch_template_os"] launch_template_prefix = local.self_managed_node_group["node_group_name"] diff --git a/modules/aws-eks-teams/main.tf b/modules/aws-eks-teams/main.tf index 4cde7e2aa8..01478fc7dd 100644 --- a/modules/aws-eks-teams/main.tf +++ b/modules/aws-eks-teams/main.tf @@ -129,7 +129,7 @@ resource "aws_iam_role" "team_sa_irsa" { { "Effect" : "Allow", "Principal" : { - "Federated" : "${local.eks_oidc_provider_arn}" + "Federated" : local.eks_oidc_provider_arn }, "Action" : "sts:AssumeRoleWithWebIdentity", "Condition" : { diff --git a/modules/irsa/main.tf b/modules/irsa/main.tf index 7c12a58cad..82d07d1d3e 100644 --- a/modules/irsa/main.tf +++ b/modules/irsa/main.tf @@ -43,7 +43,7 @@ resource "aws_iam_role" "irsa" { { "Effect" : "Allow", "Principal" : { - "Federated" : "${var.eks_oidc_provider_arn}" + "Federated" : var.eks_oidc_provider_arn }, "Action" : "sts:AssumeRoleWithWebIdentity", "Condition" : { diff --git a/modules/kubernetes-addons/agones/locals.tf b/modules/kubernetes-addons/agones/locals.tf index 37c043a78b..a6b732cbb0 100644 --- a/modules/kubernetes-addons/agones/locals.tf +++ b/modules/kubernetes-addons/agones/locals.tf @@ -2,13 +2,13 @@ locals { name = "agones" namespace = "agones-system" + # https://github.com/googleforgames/agones/blob/main/install/helm/agones/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://agones.dev/chart/stable" - version = "1.23.0" + version = "1.27.0" namespace = local.namespace - timeout = "1200" description = "Agones Gaming Server Helm Chart deployment configuration" values = local.default_helm_values gameserver_minport = 7000 diff --git a/modules/kubernetes-addons/airflow/main.tf b/modules/kubernetes-addons/airflow/main.tf index ab74c4a6f7..4da9e1f6f2 100644 --- a/modules/kubernetes-addons/airflow/main.tf +++ b/modules/kubernetes-addons/airflow/main.tf @@ -1,11 +1,12 @@ locals { name = "airflow" + # https://github.com/apache/airflow/blob/main/chart/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://airflow.apache.org" - version = "1.6.0" + version = "1.7.0" namespace = local.name create_namespace = true values = [templatefile("${path.module}/values.yaml", {})] diff --git a/modules/kubernetes-addons/argo-rollouts/locals.tf b/modules/kubernetes-addons/argo-rollouts/locals.tf index 2d003c9ad8..45c50891b4 100644 --- a/modules/kubernetes-addons/argo-rollouts/locals.tf +++ b/modules/kubernetes-addons/argo-rollouts/locals.tf @@ -1,15 +1,14 @@ locals { name = "argo-rollouts" + # https://github.com/argoproj/argo-helm/blob/main/charts/argo-rollouts/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://argoproj.github.io/argo-helm" - version = "2.16.0" + version = "2.21.1" namespace = local.name description = "Argo Rollouts AddOn Helm Chart" - values = [] - timeout = "1200" } helm_config = merge( diff --git a/modules/kubernetes-addons/argocd/locals.tf b/modules/kubernetes-addons/argocd/locals.tf index 57511c1ac4..7b6f859ac5 100644 --- a/modules/kubernetes-addons/argocd/locals.tf +++ b/modules/kubernetes-addons/argocd/locals.tf @@ -1,16 +1,16 @@ locals { - default_helm_values = [templatefile("${path.module}/values.yaml", {})] + default_helm_values = [file("${path.module}/values.yaml")] name = "argo-cd" namespace = "argocd" + # https://github.com/argoproj/argo-helm/blob/main/charts/argo-cd/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://argoproj.github.io/argo-helm" - version = "4.9.14" + version = "5.8.3" namespace = local.namespace - timeout = 1200 create_namespace = true values = local.default_helm_values description = "The ArgoCD Helm Chart deployment configuration" diff --git a/modules/kubernetes-addons/aws-cloudwatch-metrics/locals.tf b/modules/kubernetes-addons/aws-cloudwatch-metrics/locals.tf index 9a54a4b197..029a2eb226 100644 --- a/modules/kubernetes-addons/aws-cloudwatch-metrics/locals.tf +++ b/modules/kubernetes-addons/aws-cloudwatch-metrics/locals.tf @@ -3,6 +3,7 @@ locals { namespace = "amazon-cloudwatch" service_account_name = "cloudwatch-agent" + # https://github.com/aws/eks-charts/blob/master/stable/aws-cloudwatch-metrics/Chart.yaml default_helm_config = { name = local.name chart = local.name diff --git a/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf b/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf index 243f22c2f7..3f83511a10 100644 --- a/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf +++ b/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf @@ -31,11 +31,12 @@ module "helm_addon" { source = "../helm-addon" count = var.enable_self_managed_aws_ebs_csi_driver && !var.enable_amazon_eks_aws_ebs_csi_driver ? 1 : 0 + # https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/charts/aws-ebs-csi-driver/Chart.yaml helm_config = merge({ name = local.name description = "The Amazon Elastic Block Store Container Storage Interface (CSI) Driver provides a CSI interface used by Container Orchestrators to manage the lifecycle of Amazon EBS volumes." chart = local.name - version = "2.12.0" + version = "2.12.1" repository = "https://kubernetes-sigs.github.io/aws-ebs-csi-driver" namespace = local.namespace values = [ diff --git a/modules/kubernetes-addons/aws-efs-csi-driver/locals.tf b/modules/kubernetes-addons/aws-efs-csi-driver/locals.tf index f05a8336db..807a0ea39b 100644 --- a/modules/kubernetes-addons/aws-efs-csi-driver/locals.tf +++ b/modules/kubernetes-addons/aws-efs-csi-driver/locals.tf @@ -3,13 +3,13 @@ locals { service_account_name = "efs-csi-sa" namespace = "kube-system" + # https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/charts/aws-efs-csi-driver/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://kubernetes-sigs.github.io/aws-efs-csi-driver/" - version = "2.2.6" + version = "2.2.9" namespace = local.namespace - values = [] description = "The AWS EFS CSI driver Helm chart deployment configuration" } diff --git a/modules/kubernetes-addons/aws-for-fluentbit/locals.tf b/modules/kubernetes-addons/aws-for-fluentbit/locals.tf index ea5afb7d13..5435de737e 100644 --- a/modules/kubernetes-addons/aws-for-fluentbit/locals.tf +++ b/modules/kubernetes-addons/aws-for-fluentbit/locals.tf @@ -14,11 +14,12 @@ locals { } ] + # https://github.com/aws/eks-charts/blob/master/stable/aws-for-fluent-bit/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://aws.github.io/eks-charts" - version = "0.1.18" + version = "0.1.21" namespace = local.name values = local.default_helm_values description = "aws-for-fluentbit Helm Chart deployment configuration" diff --git a/modules/kubernetes-addons/aws-fsx-csi-driver/locals.tf b/modules/kubernetes-addons/aws-fsx-csi-driver/locals.tf index 4bdf070e29..6e0f4eaf82 100644 --- a/modules/kubernetes-addons/aws-fsx-csi-driver/locals.tf +++ b/modules/kubernetes-addons/aws-fsx-csi-driver/locals.tf @@ -3,13 +3,13 @@ locals { service_account_name = "fsx-csi-sa" namespace = "kube-system" + # https://github.com/kubernetes-sigs/aws-fsx-csi-driver/blob/master/charts/aws-fsx-csi-driver/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://kubernetes-sigs.github.io/aws-fsx-csi-driver/" - version = "1.4.2" + version = "1.4.4" namespace = local.namespace - values = [] description = "The Amazon FSx for Lustre CSI driver Helm chart deployment configuration" } diff --git a/modules/kubernetes-addons/aws-load-balancer-controller/locals.tf b/modules/kubernetes-addons/aws-load-balancer-controller/locals.tf index d099bd1a77..fc189ced05 100644 --- a/modules/kubernetes-addons/aws-load-balancer-controller/locals.tf +++ b/modules/kubernetes-addons/aws-load-balancer-controller/locals.tf @@ -2,13 +2,13 @@ locals { name = "aws-load-balancer-controller" service_account_name = "${local.name}-sa" + # https://github.com/aws/eks-charts/blob/master/stable/aws-load-balancer-controller/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://aws.github.io/eks-charts" - version = "1.4.3" + version = "1.4.5" namespace = "kube-system" - timeout = "1200" values = local.default_helm_values description = "aws-load-balancer-controller Helm Chart for ingress resources" } diff --git a/modules/kubernetes-addons/aws-node-termination-handler/locals.tf b/modules/kubernetes-addons/aws-node-termination-handler/locals.tf index edc5db66e3..e8dc9b5a7a 100644 --- a/modules/kubernetes-addons/aws-node-termination-handler/locals.tf +++ b/modules/kubernetes-addons/aws-node-termination-handler/locals.tf @@ -3,16 +3,15 @@ locals { name = "aws-node-termination-handler" service_account_name = "${local.name}-sa" + # https://github.com/aws/eks-charts/blob/master/stable/aws-node-termination-handler/Chart.yaml default_helm_config = { - name = local.name - chart = local.name - repository = "https://aws.github.io/eks-charts" - version = "0.18.5" - namespace = local.namespace - timeout = "1200" - create_namespace = false - description = "AWS Node Termination Handler Helm Chart" - values = local.default_helm_values + name = local.name + chart = local.name + repository = "https://aws.github.io/eks-charts" + version = "0.19.3" + namespace = local.namespace + description = "AWS Node Termination Handler Helm Chart" + values = local.default_helm_values } helm_config = merge( diff --git a/modules/kubernetes-addons/aws-privateca-issuer/data.tf b/modules/kubernetes-addons/aws-privateca-issuer/data.tf index c15686458f..f6845d5867 100644 --- a/modules/kubernetes-addons/aws-privateca-issuer/data.tf +++ b/modules/kubernetes-addons/aws-privateca-issuer/data.tf @@ -1,7 +1,7 @@ data "aws_iam_policy_document" "aws_privateca_issuer" { statement { effect = "Allow" - resources = ["${var.aws_privateca_acmca_arn}"] + resources = [var.aws_privateca_acmca_arn] actions = [ "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificate", diff --git a/modules/kubernetes-addons/aws-privateca-issuer/locals.tf b/modules/kubernetes-addons/aws-privateca-issuer/locals.tf index 9ac51ad3e9..893f84e255 100644 --- a/modules/kubernetes-addons/aws-privateca-issuer/locals.tf +++ b/modules/kubernetes-addons/aws-privateca-issuer/locals.tf @@ -2,19 +2,16 @@ locals { name = "aws-privateca-issuer" service_account_name = "${local.name}-sa" + # https://github.com/cert-manager/aws-privateca-issuer/blob/main/charts/aws-pca-issuer/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://cert-manager.github.io/aws-privateca-issuer" version = "1.2.2" namespace = local.name - description = "AWS PCA Issuer helm Chart deployment configuration." - values = local.default_helm_values - timeout = "1200" + description = "AWS PCA Issuer helm Chart deployment configuration" } - default_helm_values = [] - helm_config = merge( local.default_helm_config, var.helm_config diff --git a/modules/kubernetes-addons/calico/README.md b/modules/kubernetes-addons/calico/README.md index 6668e8f1ff..028e9034fb 100644 --- a/modules/kubernetes-addons/calico/README.md +++ b/modules/kubernetes-addons/calico/README.md @@ -9,8 +9,6 @@ For more details checkout [calico](https://projectcalico.docs.tigera.io/getting- | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/calico/locals.tf b/modules/kubernetes-addons/calico/locals.tf deleted file mode 100644 index a34ff501ae..0000000000 --- a/modules/kubernetes-addons/calico/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - default_helm_config = { - name = "calico" - chart = "tigera-operator" - repository = "https://docs.projectcalico.org/charts" - version = "v3.24.1" - namespace = "tigera-operator" - values = local.default_helm_values - create_namespace = true - description = "calico helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/calico/main.tf b/modules/kubernetes-addons/calico/main.tf index d03500f57c..bb778791c7 100644 --- a/modules/kubernetes-addons/calico/main.tf +++ b/modules/kubernetes-addons/calico/main.tf @@ -1,6 +1,25 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/projectcalico/calico/blob/master/charts/tigera-operator/Chart.yaml + helm_config = merge( + { + name = "calico" + chart = "tigera-operator" + repository = "https://docs.projectcalico.org/charts" + version = "v3.24.3" + namespace = "tigera-operator" + values = [ + <<-EOT + installation: + kubernetesProvider: "EKS" + EOT + ] + create_namespace = true + description = "calico helm Chart deployment configuration" + }, + var.helm_config + ) manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/calico/outputs.tf b/modules/kubernetes-addons/calico/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/calico/outputs.tf +++ b/modules/kubernetes-addons/calico/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/calico/values.yaml b/modules/kubernetes-addons/calico/values.yaml deleted file mode 100644 index 0c034181c3..0000000000 --- a/modules/kubernetes-addons/calico/values.yaml +++ /dev/null @@ -1,2 +0,0 @@ -installation: - kubernetesProvider: "EKS" diff --git a/modules/kubernetes-addons/calico/versions.tf b/modules/kubernetes-addons/calico/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/calico/versions.tf +++ b/modules/kubernetes-addons/calico/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/cert-manager-csi-driver/README.md b/modules/kubernetes-addons/cert-manager-csi-driver/README.md index 4056679352..9286c9468e 100644 --- a/modules/kubernetes-addons/cert-manager-csi-driver/README.md +++ b/modules/kubernetes-addons/cert-manager-csi-driver/README.md @@ -4,7 +4,6 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [helm](#requirement\_helm) | >= 2.4.1 | ## Providers diff --git a/modules/kubernetes-addons/cert-manager-csi-driver/locals.tf b/modules/kubernetes-addons/cert-manager-csi-driver/locals.tf deleted file mode 100644 index c3fd8d3289..0000000000 --- a/modules/kubernetes-addons/cert-manager-csi-driver/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - name = "cert-manager-csi-driver" - namespace = "cert-manager" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://charts.jetstack.io" - version = "v0.4.2" - namespace = local.namespace - description = "Cert Manager CSI Driver Add-on" - values = [] - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/cert-manager-csi-driver/main.tf b/modules/kubernetes-addons/cert-manager-csi-driver/main.tf index b846ae9538..027b5238cb 100644 --- a/modules/kubernetes-addons/cert-manager-csi-driver/main.tf +++ b/modules/kubernetes-addons/cert-manager-csi-driver/main.tf @@ -1,7 +1,19 @@ module "helm_addon" { source = "../helm-addon" + # https://github.com/cert-manager/csi-driver/blob/main/deploy/charts/csi-driver/Chart.yaml + helm_config = merge( + { + name = "cert-manager-csi-driver" + chart = "cert-manager-csi-driver" + repository = "https://charts.jetstack.io" + version = "v0.4.2" + namespace = "cert-manager" + description = "Cert Manager CSI Driver Add-on" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/cert-manager-csi-driver/outputs.tf b/modules/kubernetes-addons/cert-manager-csi-driver/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/cert-manager-csi-driver/outputs.tf +++ b/modules/kubernetes-addons/cert-manager-csi-driver/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/cert-manager-csi-driver/versions.tf b/modules/kubernetes-addons/cert-manager-csi-driver/versions.tf index 278a4fbb4d..429c0b36d0 100644 --- a/modules/kubernetes-addons/cert-manager-csi-driver/versions.tf +++ b/modules/kubernetes-addons/cert-manager-csi-driver/versions.tf @@ -1,10 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - helm = { - source = "hashicorp/helm" - version = ">= 2.4.1" - } - } } diff --git a/modules/kubernetes-addons/cert-manager/locals.tf b/modules/kubernetes-addons/cert-manager/locals.tf index aabe75f687..5986640382 100644 --- a/modules/kubernetes-addons/cert-manager/locals.tf +++ b/modules/kubernetes-addons/cert-manager/locals.tf @@ -2,11 +2,12 @@ locals { name = "cert-manager" service_account_name = "cert-manager" # AWS PrivateCA is expecting the service account name as `cert-manager` + # https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/Chart.template.yaml default_helm_config = { name = local.name chart = local.name repository = "https://charts.jetstack.io" - version = "v1.9.1" + version = "v1.10.0" namespace = local.name description = "Cert Manager Add-on" values = local.default_helm_values diff --git a/modules/kubernetes-addons/chaos-mesh/README.md b/modules/kubernetes-addons/chaos-mesh/README.md index cd4b4533cb..836287f3fa 100644 --- a/modules/kubernetes-addons/chaos-mesh/README.md +++ b/modules/kubernetes-addons/chaos-mesh/README.md @@ -9,8 +9,6 @@ For more details checkout [Chaos Mesh](https://chaos-mesh.org/docs/production-in | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/chaos-mesh/locals.tf b/modules/kubernetes-addons/chaos-mesh/locals.tf deleted file mode 100644 index 937bdf4711..0000000000 --- a/modules/kubernetes-addons/chaos-mesh/locals.tf +++ /dev/null @@ -1,21 +0,0 @@ -locals { - name = "chaos-mesh" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://charts.chaos-mesh.org" - version = "2.3.1" - namespace = "chaos-testing" - create_namespace = true - description = "chaos mesh helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/chaos-mesh/main.tf b/modules/kubernetes-addons/chaos-mesh/main.tf index d03500f57c..54aeb46cdf 100644 --- a/modules/kubernetes-addons/chaos-mesh/main.tf +++ b/modules/kubernetes-addons/chaos-mesh/main.tf @@ -1,6 +1,20 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/chaos-mesh/chaos-mesh/blob/master/helm/chaos-mesh/Chart.yaml + helm_config = merge( + { + name = "chaos-mesh" + chart = "chaos-mesh" + repository = "https://charts.chaos-mesh.org" + version = "2.4.1" + namespace = "chaos-testing" + create_namespace = true + description = "chaos mesh helm Chart deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/chaos-mesh/outputs.tf b/modules/kubernetes-addons/chaos-mesh/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/chaos-mesh/outputs.tf +++ b/modules/kubernetes-addons/chaos-mesh/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/chaos-mesh/versions.tf b/modules/kubernetes-addons/chaos-mesh/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/chaos-mesh/versions.tf +++ b/modules/kubernetes-addons/chaos-mesh/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/cilium/README.md b/modules/kubernetes-addons/cilium/README.md index 035b38cadc..f546c1a3d5 100644 --- a/modules/kubernetes-addons/cilium/README.md +++ b/modules/kubernetes-addons/cilium/README.md @@ -9,8 +9,6 @@ For more details checkout [cilium](https://docs.cilium.io/en/stable/gettingstart | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/cilium/locals.tf b/modules/kubernetes-addons/cilium/locals.tf deleted file mode 100644 index 657cb5e668..0000000000 --- a/modules/kubernetes-addons/cilium/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - name = "cilium" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://helm.cilium.io/" - version = "1.12.1" - namespace = "kube-system" - values = local.default_helm_values - description = "cilium helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/cilium/main.tf b/modules/kubernetes-addons/cilium/main.tf index d03500f57c..cbd29d8a90 100644 --- a/modules/kubernetes-addons/cilium/main.tf +++ b/modules/kubernetes-addons/cilium/main.tf @@ -1,6 +1,27 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/cilium/cilium/blob/f5c39586866486ab3532f2a3947e50cf7350763d/install/kubernetes/cilium/Chart.yaml + helm_config = merge( + { + name = "cilium" + chart = "cilium" + repository = "https://helm.cilium.io/" + version = "1.12.3" + namespace = "kube-system" + values = [ + <<-EOT + cni: + chainingMode: aws-cni + enableIPv4Masquerade: false + tunnel: disabled + EOT + ] + description = "eBPF-based Networking, Security, and Observability" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/cilium/outputs.tf b/modules/kubernetes-addons/cilium/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/cilium/outputs.tf +++ b/modules/kubernetes-addons/cilium/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/cilium/values.yaml b/modules/kubernetes-addons/cilium/values.yaml deleted file mode 100644 index 5da3fd6e08..0000000000 --- a/modules/kubernetes-addons/cilium/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -cni: - chainingMode: aws-cni -enableIPv4Masquerade: false -tunnel: disabled diff --git a/modules/kubernetes-addons/cilium/versions.tf b/modules/kubernetes-addons/cilium/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/cilium/versions.tf +++ b/modules/kubernetes-addons/cilium/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/cluster-autoscaler/main.tf b/modules/kubernetes-addons/cluster-autoscaler/main.tf index 40b9de2ea3..fdea6f927a 100644 --- a/modules/kubernetes-addons/cluster-autoscaler/main.tf +++ b/modules/kubernetes-addons/cluster-autoscaler/main.tf @@ -9,6 +9,7 @@ module "helm_addon" { manage_via_gitops = var.manage_via_gitops + # https://github.com/kubernetes/autoscaler/blob/master/charts/cluster-autoscaler/Chart.yaml helm_config = merge({ name = local.name chart = local.name diff --git a/modules/kubernetes-addons/cluster-proportional-autoscaler/README.md b/modules/kubernetes-addons/cluster-proportional-autoscaler/README.md index cd97392772..e7968e3d8d 100644 --- a/modules/kubernetes-addons/cluster-proportional-autoscaler/README.md +++ b/modules/kubernetes-addons/cluster-proportional-autoscaler/README.md @@ -10,7 +10,6 @@ For more details checkout [cluster-proportional-autoscaler](https://github.com/k | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | ## Providers diff --git a/modules/kubernetes-addons/cluster-proportional-autoscaler/locals.tf b/modules/kubernetes-addons/cluster-proportional-autoscaler/locals.tf deleted file mode 100644 index 2da06d5318..0000000000 --- a/modules/kubernetes-addons/cluster-proportional-autoscaler/locals.tf +++ /dev/null @@ -1,30 +0,0 @@ -locals { - name = "cluster-proportional-autoscaler" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://kubernetes-sigs.github.io/cluster-proportional-autoscaler" - version = "1.0.0" - namespace = "kube-system" - timeout = "300" - values = local.default_helm_values - set = [] - description = "Cluster Proportional Autoscaler Helm Chart" - } - - set_values = [] - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - default_helm_values = [templatefile("${path.module}/values.yaml", { - operating_system = "linux" - })] - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/cluster-proportional-autoscaler/main.tf b/modules/kubernetes-addons/cluster-proportional-autoscaler/main.tf index 13cbb4217b..1b69f9950d 100644 --- a/modules/kubernetes-addons/cluster-proportional-autoscaler/main.tf +++ b/modules/kubernetes-addons/cluster-proportional-autoscaler/main.tf @@ -1,11 +1,22 @@ -#------------------------------------------------- -# Cluster Proportional Autoscaler Helm Add-on -#------------------------------------------------- module "helm_addon" { source = "../helm-addon" + # https://github.com/kubernetes-sigs/cluster-proportional-autoscaler/blob/master/charts/cluster-proportional-autoscaler/Chart.yaml + helm_config = merge( + { + name = "cluster-proportional-autoscaler" + chart = "cluster-proportional-autoscaler" + repository = "https://kubernetes-sigs.github.io/cluster-proportional-autoscaler" + version = "1.0.1" + namespace = "kube-system" + values = [templatefile("${path.module}/values.yaml", { + operating_system = "linux" + })] + description = "Cluster Proportional Autoscaler Helm Chart" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config - set_values = local.set_values addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/cluster-proportional-autoscaler/outputs.tf b/modules/kubernetes-addons/cluster-proportional-autoscaler/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/cluster-proportional-autoscaler/outputs.tf +++ b/modules/kubernetes-addons/cluster-proportional-autoscaler/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/cluster-proportional-autoscaler/versions.tf b/modules/kubernetes-addons/cluster-proportional-autoscaler/versions.tf index f92f41b9e7..429c0b36d0 100644 --- a/modules/kubernetes-addons/cluster-proportional-autoscaler/versions.tf +++ b/modules/kubernetes-addons/cluster-proportional-autoscaler/versions.tf @@ -1,10 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - } } diff --git a/modules/kubernetes-addons/crossplane/locals.tf b/modules/kubernetes-addons/crossplane/locals.tf index d03014e22d..e2a82c3b64 100644 --- a/modules/kubernetes-addons/crossplane/locals.tf +++ b/modules/kubernetes-addons/crossplane/locals.tf @@ -1,11 +1,12 @@ locals { namespace = "crossplane-system" + # https://github.com/crossplane/crossplane/blob/master/cluster/charts/crossplane/Chart.yaml default_helm_config = { name = "crossplane" chart = "crossplane" repository = "https://charts.crossplane.io/stable/" - version = "1.8.1" + version = "1.10.0" namespace = local.namespace description = "Crossplane Helm chart" values = local.default_helm_values diff --git a/modules/kubernetes-addons/csi-secrets-store-provider-aws/locals.tf b/modules/kubernetes-addons/csi-secrets-store-provider-aws/locals.tf deleted file mode 100644 index d5574cb349..0000000000 --- a/modules/kubernetes-addons/csi-secrets-store-provider-aws/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - name = "csi-secrets-store-provider-aws" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://aws.github.io/eks-charts" - version = "0.0.3" - namespace = local.name - description = "A Helm chart to install the Secrets Store CSI Driver and the AWS Key Management Service Provider inside a Kubernetes cluster." - values = [] - timeout = "1200" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/csi-secrets-store-provider-aws/main.tf b/modules/kubernetes-addons/csi-secrets-store-provider-aws/main.tf index 1ef0ec8471..6eed293d49 100644 --- a/modules/kubernetes-addons/csi-secrets-store-provider-aws/main.tf +++ b/modules/kubernetes-addons/csi-secrets-store-provider-aws/main.tf @@ -1,18 +1,30 @@ +locals { + name = try(var.helm_config.name, "csi-secrets-store-provider-aws") + namespace = try(var.helm_config.namespace, local.name) +} + resource "kubernetes_namespace_v1" "csi_secrets_store_provider_aws" { metadata { - name = local.name - - labels = { - "app.kubernetes.io/managed-by" = "terraform-aws-eks-blueprints" - } + name = local.namespace } } module "helm_addon" { - source = "../helm-addon" + source = "../helm-addon" + + # https://github.com/aws/eks-charts/blob/master/stable/csi-secrets-store-provider-aws/Chart.yaml + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://aws.github.io/eks-charts" + version = "0.0.3" + namespace = kubernetes_namespace_v1.csi_secrets_store_provider_aws.metadata[0].name + description = "A Helm chart to install the Secrets Store CSI Driver and the AWS Key Management Service Provider inside a Kubernetes cluster." + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config addon_context = var.addon_context - - depends_on = [kubernetes_namespace_v1.csi_secrets_store_provider_aws] } diff --git a/modules/kubernetes-addons/csi-secrets-store-provider-aws/outputs.tf b/modules/kubernetes-addons/csi-secrets-store-provider-aws/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/csi-secrets-store-provider-aws/outputs.tf +++ b/modules/kubernetes-addons/csi-secrets-store-provider-aws/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/csi-secrets-store-provider-aws/variables.tf b/modules/kubernetes-addons/csi-secrets-store-provider-aws/variables.tf index e02dc046a9..619698f9a9 100644 --- a/modules/kubernetes-addons/csi-secrets-store-provider-aws/variables.tf +++ b/modules/kubernetes-addons/csi-secrets-store-provider-aws/variables.tf @@ -1,16 +1,17 @@ variable "helm_config" { + description = "CSI Secrets Store Provider AWS Helm Configurations" type = any default = {} - description = "CSI Secrets Store Provider AWS Helm Configurations" } variable "manage_via_gitops" { + description = "Determines if the add-on should be managed via GitOps" type = bool default = false - description = "Determines if the add-on should be managed via GitOps." } variable "addon_context" { + description = "Input configuration for the addon" type = object({ aws_caller_identity_account_id = string aws_caller_identity_arn = string @@ -24,5 +25,4 @@ variable "addon_context" { irsa_iam_role_path = string irsa_iam_permissions_boundary = string }) - description = "Input configuration for the addon" } diff --git a/modules/kubernetes-addons/csi-secrets-store-provider-aws/versions.tf b/modules/kubernetes-addons/csi-secrets-store-provider-aws/versions.tf index d2ddf87cc2..55fba733ab 100644 --- a/modules/kubernetes-addons/csi-secrets-store-provider-aws/versions.tf +++ b/modules/kubernetes-addons/csi-secrets-store-provider-aws/versions.tf @@ -2,10 +2,6 @@ terraform { required_version = ">= 1.0.0" required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } kubernetes = { source = "hashicorp/kubernetes" version = ">= 2.10" diff --git a/modules/kubernetes-addons/datadog-operator/main.tf b/modules/kubernetes-addons/datadog-operator/main.tf index 2d712b3499..89b851ab79 100644 --- a/modules/kubernetes-addons/datadog-operator/main.tf +++ b/modules/kubernetes-addons/datadog-operator/main.tf @@ -5,6 +5,7 @@ locals { module "helm_addon" { source = "../helm-addon" + # https://github.com/DataDog/helm-charts/blob/main/charts/datadog-operator/Chart.yaml helm_config = merge( { name = local.name diff --git a/modules/kubernetes-addons/external-dns/data.tf b/modules/kubernetes-addons/external-dns/data.tf deleted file mode 100644 index f72a272d40..0000000000 --- a/modules/kubernetes-addons/external-dns/data.tf +++ /dev/null @@ -1,25 +0,0 @@ -# TODO - remove at next breaking change -data "aws_route53_zone" "selected" { - name = var.domain_name - private_zone = var.private_zone -} - -data "aws_iam_policy_document" "external_dns_iam_policy_document" { - statement { - effect = "Allow" - resources = distinct(concat( - [data.aws_route53_zone.selected.arn], - var.route53_zone_arns - )) - actions = ["route53:ChangeResourceRecordSets"] - } - - statement { - effect = "Allow" - resources = ["*"] - actions = [ - "route53:ListHostedZones", - "route53:ListResourceRecordSets", - ] - } -} diff --git a/modules/kubernetes-addons/external-dns/locals.tf b/modules/kubernetes-addons/external-dns/locals.tf deleted file mode 100644 index 73a836ce9f..0000000000 --- a/modules/kubernetes-addons/external-dns/locals.tf +++ /dev/null @@ -1,50 +0,0 @@ -locals { - name = "external-dns" - service_account_name = "${local.name}-sa" - - default_helm_config = { - description = "ExternalDNS Helm Chart" - name = local.name - chart = local.name - repository = "https://charts.bitnami.com/bitnami" - version = "6.7.5" - namespace = local.name - values = local.default_helm_values - } - - default_helm_values = [templatefile("${path.module}/values.yaml", { - aws_region = var.addon_context.aws_region_name - })] - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - set_values = concat( - [ - { - name = "serviceAccount.name" - value = local.service_account_name - }, - { - name = "serviceAccount.create" - value = false - } - ], - try(var.helm_config.set_values, []) - ) - - irsa_config = { - kubernetes_namespace = local.helm_config["namespace"] - kubernetes_service_account = local.service_account_name - create_kubernetes_namespace = try(local.helm_config["create_namespace"], true) - create_kubernetes_service_account = true - irsa_iam_policies = concat([aws_iam_policy.external_dns.arn], var.irsa_policies) - } - - argocd_gitops_config = { - enable = true - serviceAccountName = local.service_account_name - } -} diff --git a/modules/kubernetes-addons/external-dns/main.tf b/modules/kubernetes-addons/external-dns/main.tf index 095e4d3e0d..8570c7d859 100644 --- a/modules/kubernetes-addons/external-dns/main.tf +++ b/modules/kubernetes-addons/external-dns/main.tf @@ -1,12 +1,58 @@ -#------------------------------------- -# Helm Add-on -#------------------------------------- +locals { + name = try(var.helm_config.name, "external-dns") + service_account_name = "${local.name}-sa" + + argocd_gitops_config = { + enable = true + serviceAccountName = local.service_account_name + } +} module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config - irsa_config = local.irsa_config - set_values = local.set_values + source = "../helm-addon" + + # https://github.com/bitnami/charts/blob/main/bitnami/external-dns/Chart.yaml + helm_config = merge( + { + description = "ExternalDNS Helm Chart" + name = local.name + chart = local.name + repository = "https://charts.bitnami.com/bitnami" + version = "6.11.2" + namespace = local.name + values = [ + <<-EOT + provider: aws + aws: + region: ${var.addon_context.aws_region_name} + EOT + ] + }, + var.helm_config + ) + + set_values = concat( + [ + { + name = "serviceAccount.name" + value = local.service_account_name + }, + { + name = "serviceAccount.create" + value = false + } + ], + try(var.helm_config.set_values, []) + ) + + irsa_config = { + create_kubernetes_namespace = try(var.helm_config.create_namespace, true) + kubernetes_namespace = try(var.helm_config.namespace, local.name) + create_kubernetes_service_account = true + kubernetes_service_account = local.service_account_name + irsa_iam_policies = concat([aws_iam_policy.external_dns.arn], var.irsa_policies) + } + addon_context = var.addon_context manage_via_gitops = var.manage_via_gitops } @@ -17,7 +63,33 @@ module "helm_addon" { resource "aws_iam_policy" "external_dns" { description = "External DNS IAM policy." - name = "${var.addon_context.eks_cluster_id}-${local.helm_config["name"]}-irsa" + name = "${var.addon_context.eks_cluster_id}-${local.name}-irsa" path = var.addon_context.irsa_iam_role_path policy = data.aws_iam_policy_document.external_dns_iam_policy_document.json } + +# TODO - remove at next breaking change +data "aws_route53_zone" "selected" { + name = var.domain_name + private_zone = var.private_zone +} + +data "aws_iam_policy_document" "external_dns_iam_policy_document" { + statement { + effect = "Allow" + resources = distinct(concat( + [data.aws_route53_zone.selected.arn], + var.route53_zone_arns + )) + actions = ["route53:ChangeResourceRecordSets"] + } + + statement { + effect = "Allow" + resources = ["*"] + actions = [ + "route53:ListHostedZones", + "route53:ListResourceRecordSets", + ] + } +} diff --git a/modules/kubernetes-addons/external-dns/values.yaml b/modules/kubernetes-addons/external-dns/values.yaml deleted file mode 100644 index 6e8a054871..0000000000 --- a/modules/kubernetes-addons/external-dns/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -provider: aws -aws: - region: ${aws_region} diff --git a/modules/kubernetes-addons/external-secrets/locals.tf b/modules/kubernetes-addons/external-secrets/locals.tf index 07b1c97b0f..17cdcaca4b 100644 --- a/modules/kubernetes-addons/external-secrets/locals.tf +++ b/modules/kubernetes-addons/external-secrets/locals.tf @@ -2,19 +2,16 @@ locals { name = "external-secrets" service_account_name = "${local.name}-sa" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://charts.external-secrets.io/" - version = "0.5.9" - namespace = local.name - description = "The External Secrets Operator Helm chart default configuration" - values = null - timeout = "1200" - } - + # https://github.com/external-secrets/external-secrets/blob/main/deploy/charts/external-secrets/Chart.yaml helm_config = merge( - local.default_helm_config, + { + name = local.name + chart = local.name + repository = "https://charts.external-secrets.io/" + version = "0.6.0" + namespace = local.name + description = "The External Secrets Operator Helm chart default configuration" + }, var.helm_config ) diff --git a/modules/kubernetes-addons/gatekeeper/README.md b/modules/kubernetes-addons/gatekeeper/README.md index 78e652c1c2..75f463076b 100644 --- a/modules/kubernetes-addons/gatekeeper/README.md +++ b/modules/kubernetes-addons/gatekeeper/README.md @@ -10,9 +10,6 @@ Gatekeeper is an admission controller that validates requests to create and upda | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [helm](#requirement\_helm) | >= 2.4.1 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/gatekeeper/locals.tf b/modules/kubernetes-addons/gatekeeper/locals.tf deleted file mode 100644 index b32727515e..0000000000 --- a/modules/kubernetes-addons/gatekeeper/locals.tf +++ /dev/null @@ -1,28 +0,0 @@ -locals { - name = "gatekeeper" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://open-policy-agent.github.io/gatekeeper/charts" - version = "3.9.0" - namespace = "gatekeeper-system" - values = [ - <<-EOT - clusterName: ${var.addon_context.eks_cluster_id} - EOT - ] - description = "gatekeeper Helm Chart deployment configuration" - create_namespace = true - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - clusterName = var.addon_context.eks_cluster_id - } -} diff --git a/modules/kubernetes-addons/gatekeeper/main.tf b/modules/kubernetes-addons/gatekeeper/main.tf index 8fe6ffd350..c20e24b0cb 100644 --- a/modules/kubernetes-addons/gatekeeper/main.tf +++ b/modules/kubernetes-addons/gatekeeper/main.tf @@ -1,6 +1,32 @@ +locals { + argocd_gitops_config = { + enable = true + clusterName = var.addon_context.eks_cluster_id + } +} + module "helm_addon" { - source = "../helm-addon" + source = "../helm-addon" + + # https://github.com/open-policy-agent/gatekeeper/blob/master/charts/gatekeeper/Chart.yaml + helm_config = merge( + { + name = "gatekeeper" + chart = "gatekeeper" + description = "gatekeeper Helm Chart deployment configuration" + repository = "https://open-policy-agent.github.io/gatekeeper/charts" + version = "3.10.0" + namespace = "gatekeeper-system" + create_namespace = true + values = [ + <<-EOT + clusterName: ${var.addon_context.eks_cluster_id} + EOT + ] + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/gatekeeper/versions.tf b/modules/kubernetes-addons/gatekeeper/versions.tf index 9ac174272e..429c0b36d0 100644 --- a/modules/kubernetes-addons/gatekeeper/versions.tf +++ b/modules/kubernetes-addons/gatekeeper/versions.tf @@ -1,18 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - helm = { - source = "hashicorp/helm" - version = ">= 2.4.1" - } - } } diff --git a/modules/kubernetes-addons/grafana/README.md b/modules/kubernetes-addons/grafana/README.md index b5c39f4a5c..c47d7d1442 100644 --- a/modules/kubernetes-addons/grafana/README.md +++ b/modules/kubernetes-addons/grafana/README.md @@ -9,8 +9,6 @@ This add-on configures [Grafana Helm Chart](https://github.com/grafana/helm-char |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | | [aws](#requirement\_aws) | >= 3.72 | -| [helm](#requirement\_helm) | >= 2.4.1 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/grafana/locals.tf b/modules/kubernetes-addons/grafana/locals.tf index a16273f942..6e8da844c8 100644 --- a/modules/kubernetes-addons/grafana/locals.tf +++ b/modules/kubernetes-addons/grafana/locals.tf @@ -1,11 +1,12 @@ locals { name = "grafana" + # https://github.com/grafana/helm-charts/blob/main/charts/grafana/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://grafana.github.io/helm-charts" - version = "6.32.1" + version = "6.43.1" namespace = local.name values = local.default_helm_values description = "Grafana Helm Chart deployment configuration" diff --git a/modules/kubernetes-addons/grafana/versions.tf b/modules/kubernetes-addons/grafana/versions.tf index 9ac174272e..f92f41b9e7 100644 --- a/modules/kubernetes-addons/grafana/versions.tf +++ b/modules/kubernetes-addons/grafana/versions.tf @@ -6,13 +6,5 @@ terraform { source = "hashicorp/aws" version = ">= 3.72" } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - helm = { - source = "hashicorp/helm" - version = ">= 2.4.1" - } } } diff --git a/modules/kubernetes-addons/ingress-nginx/locals.tf b/modules/kubernetes-addons/ingress-nginx/locals.tf deleted file mode 100644 index e6ee872aff..0000000000 --- a/modules/kubernetes-addons/ingress-nginx/locals.tf +++ /dev/null @@ -1,27 +0,0 @@ -locals { - name = "ingress-nginx" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://kubernetes.github.io/ingress-nginx" - version = "4.1.4" - namespace = local.name - create_namespace = true - values = local.default_helm_values - set = [] - description = "The NGINX HelmChart Ingress Controller deployment configuration" - wait = false - } - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/ingress-nginx/main.tf b/modules/kubernetes-addons/ingress-nginx/main.tf index 09d42c4ab2..479071879f 100644 --- a/modules/kubernetes-addons/ingress-nginx/main.tf +++ b/modules/kubernetes-addons/ingress-nginx/main.tf @@ -1,24 +1,31 @@ -#------------------------------------- -# Helm Add-on -#------------------------------------- +locals { + name = try(var.helm_config.name, "ingress-nginx") + namespace = try(var.helm_config.namespace, local.name) +} + +resource "kubernetes_namespace_v1" "this" { + count = try(var.helm_config.create_namespace, true) && local.namespace != "kube-system" ? 1 : 0 + + metadata { + name = local.namespace + } +} module "helm_addon" { source = "../helm-addon" + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://kubernetes.github.io/ingress-nginx" + version = "4.1.4" + namespace = try(kubernetes_namespace_v1.this[0].metadata[0].name, local.namespace) + description = "The NGINX HelmChart Ingress Controller deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config addon_context = var.addon_context - - depends_on = [kubernetes_namespace_v1.this] -} - -#------------------------------------- -# Helm Namespace -#------------------------------------- - -resource "kubernetes_namespace_v1" "this" { - count = try(local.helm_config["create_namespace"], true) && local.helm_config["namespace"] != "kube-system" ? 1 : 0 - metadata { - name = local.helm_config["namespace"] - } } diff --git a/modules/kubernetes-addons/ingress-nginx/outputs.tf b/modules/kubernetes-addons/ingress-nginx/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/ingress-nginx/outputs.tf +++ b/modules/kubernetes-addons/ingress-nginx/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/ingress-nginx/values.yaml b/modules/kubernetes-addons/ingress-nginx/values.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/modules/kubernetes-addons/karpenter/locals.tf b/modules/kubernetes-addons/karpenter/locals.tf index 7c2ed41929..eeda15a5cb 100644 --- a/modules/kubernetes-addons/karpenter/locals.tf +++ b/modules/kubernetes-addons/karpenter/locals.tf @@ -1,8 +1,6 @@ locals { name = "karpenter" service_account_name = "karpenter" - eks_cluster_endpoint = var.addon_context.aws_eks_cluster_endpoint - set_values = [{ name = "serviceAccount.name" value = local.service_account_name @@ -13,20 +11,24 @@ locals { } ] - default_helm_config = { - name = local.name - chart = local.name - repository = "oci://public.ecr.aws/karpenter" - version = "v0.18.0" - namespace = local.name - timeout = "300" - values = local.default_helm_values - set = [] - description = "karpenter Helm Chart for Node Autoscaling" - } - + # https://github.com/aws/karpenter/blob/main/charts/karpenter/Chart.yaml helm_config = merge( - local.default_helm_config, + { + name = local.name + chart = local.name + repository = "oci://public.ecr.aws/karpenter" + version = "v0.18.1" + namespace = local.name + values = [ + <<-EOT + clusterName: ${var.addon_context.eks_cluster_id} + clusterEndpoint: ${var.addon_context.aws_eks_cluster_endpoint} + aws: + defaultInstanceProfile: ${var.node_iam_instance_profile} + EOT + ] + description = "karpenter Helm Chart for Node Autoscaling" + }, var.helm_config ) @@ -38,17 +40,10 @@ locals { irsa_iam_policies = concat([aws_iam_policy.karpenter.arn], var.irsa_policies) } - default_helm_values = [templatefile("${path.module}/values.yaml", { - eks_cluster_id = var.addon_context.eks_cluster_id, - eks_cluster_endpoint = local.eks_cluster_endpoint, - node_iam_instance_profile = var.node_iam_instance_profile, - operating_system = "linux" - })] - argocd_gitops_config = { enable = true serviceAccountName = local.service_account_name - controllerClusterEndpoint = local.eks_cluster_endpoint + controllerClusterEndpoint = var.addon_context.aws_eks_cluster_endpoint awsDefaultInstanceProfile = var.node_iam_instance_profile } } diff --git a/modules/kubernetes-addons/karpenter/values.yaml b/modules/kubernetes-addons/karpenter/values.yaml deleted file mode 100644 index 3155cd23b3..0000000000 --- a/modules/kubernetes-addons/karpenter/values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -nodeSelector: - kubernetes.io/os: ${operating_system} -clusterName: ${eks_cluster_id} -clusterEndpoint: ${eks_cluster_endpoint} -aws: - defaultInstanceProfile: ${node_iam_instance_profile} diff --git a/modules/kubernetes-addons/keda/locals.tf b/modules/kubernetes-addons/keda/locals.tf index 26d8786ce2..0e9587985f 100644 --- a/modules/kubernetes-addons/keda/locals.tf +++ b/modules/kubernetes-addons/keda/locals.tf @@ -1,21 +1,17 @@ locals { name = "keda" service_account_name = "keda-operator-sa" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://kedacore.github.io/charts" - version = "2.7.2" - namespace = local.name - description = "Keda Event-based autoscaler for workloads on Kubernetes" - values = local.default_helm_values - timeout = "1200" - } - - default_helm_values = [] + # https://github.com/kedacore/charts/blob/main/keda/Chart.yaml helm_config = merge( - local.default_helm_config, + { + name = local.name + chart = local.name + repository = "https://kedacore.github.io/charts" + version = "2.8.2" + namespace = local.name + description = "Keda Event-based autoscaler for workloads on Kubernetes" + }, var.helm_config ) diff --git a/modules/kubernetes-addons/kube-prometheus-stack/locals.tf b/modules/kubernetes-addons/kube-prometheus-stack/locals.tf deleted file mode 100644 index 74eae891a6..0000000000 --- a/modules/kubernetes-addons/kube-prometheus-stack/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - name = "kube-prometheus-stack" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://prometheus-community.github.io/helm-charts" - version = "36.0.3" - namespace = local.name - timeout = "1200" - values = local.default_helm_values - description = "kube-prometheus-stack helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - default_helm_values = [templatefile("${path.module}/values.yaml", { - aws_region = var.addon_context.aws_region_name - })] - -} diff --git a/modules/kubernetes-addons/kube-prometheus-stack/main.tf b/modules/kubernetes-addons/kube-prometheus-stack/main.tf index ad66b06d87..50382d3d11 100644 --- a/modules/kubernetes-addons/kube-prometheus-stack/main.tf +++ b/modules/kubernetes-addons/kube-prometheus-stack/main.tf @@ -1,15 +1,31 @@ -module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config - addon_context = var.addon_context - depends_on = [kubernetes_namespace_v1.prometheus] +locals { + name = try(var.helm_config.name, "kube-prometheus-stack") + namespace = try(var.helm_config.namespace, local.name) } resource "kubernetes_namespace_v1" "prometheus" { metadata { - name = local.helm_config["namespace"] - labels = { - "app.kubernetes.io/managed-by" = "terraform-aws-eks-blueprints" - } + name = local.namespace } } + +# https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/Chart.yaml +module "helm_addon" { + source = "../helm-addon" + + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://prometheus-community.github.io/helm-charts" + version = "41.6.1" + namespace = kubernetes_namespace_v1.prometheus.metadata[0].name + values = [templatefile("${path.module}/values.yaml", { + aws_region = var.addon_context.aws_region_name + })] + description = "kube-prometheus-stack helm Chart deployment configuration" + }, + var.helm_config + ) + addon_context = var.addon_context +} diff --git a/modules/kubernetes-addons/kube-prometheus-stack/values.yaml b/modules/kubernetes-addons/kube-prometheus-stack/values.yaml index ebb5ea20c5..2ad90239dd 100644 --- a/modules/kubernetes-addons/kube-prometheus-stack/values.yaml +++ b/modules/kubernetes-addons/kube-prometheus-stack/values.yaml @@ -1,15 +1,13 @@ -## Create default rules for monitoring the cluster -## Disable rules for unreachable components -## +# Create default rules for monitoring the cluster +# Disable rules for unreachable components defaultRules: create: true rules: etcd: false kubeScheduler: false -## Disable component scraping for the kube controller manager, etcd, and kube-scheduler -## These components are not reachable on EKS -## +# Disable component scraping for the kube controller manager, etcd, and kube-scheduler +# These components are not reachable on EKS kubeControllerManager: enabled: false kubeEtcd: @@ -19,9 +17,8 @@ kubeScheduler: prometheus: prometheusSpec: - ## Prometheus StorageSpec for persistent data on AWS EBS - ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md - ## + # Prometheus StorageSpec for persistent data on AWS EBS + # ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md storageSpec: volumeClaimTemplate: spec: @@ -30,5 +27,3 @@ prometheus: resources: requests: storage: 20Gi - -## additional configuration options available here: https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml diff --git a/modules/kubernetes-addons/kube-prometheus-stack/variables.tf b/modules/kubernetes-addons/kube-prometheus-stack/variables.tf index 36b6461acf..0b9d7d0dd9 100644 --- a/modules/kubernetes-addons/kube-prometheus-stack/variables.tf +++ b/modules/kubernetes-addons/kube-prometheus-stack/variables.tf @@ -1,10 +1,11 @@ variable "helm_config" { + description = "Helm Config for kube-prometheus-stack" type = any default = {} - description = "Helm Config for kube-prometheus-stack" } variable "addon_context" { + description = "Input configuration for the addon" type = object({ aws_caller_identity_account_id = string aws_caller_identity_arn = string @@ -18,5 +19,4 @@ variable "addon_context" { irsa_iam_role_path = string irsa_iam_permissions_boundary = string }) - description = "Input configuration for the addon" } diff --git a/modules/kubernetes-addons/kube-prometheus-stack/versions.tf b/modules/kubernetes-addons/kube-prometheus-stack/versions.tf index d2ddf87cc2..55fba733ab 100644 --- a/modules/kubernetes-addons/kube-prometheus-stack/versions.tf +++ b/modules/kubernetes-addons/kube-prometheus-stack/versions.tf @@ -2,10 +2,6 @@ terraform { required_version = ">= 1.0.0" required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } kubernetes = { source = "hashicorp/kubernetes" version = ">= 2.10" diff --git a/modules/kubernetes-addons/kubecost/README.md b/modules/kubernetes-addons/kubecost/README.md index c2845f373f..cc71d7a658 100644 --- a/modules/kubernetes-addons/kubecost/README.md +++ b/modules/kubernetes-addons/kubecost/README.md @@ -9,9 +9,6 @@ For more details checkout [kubecost](https://docs.aws.amazon.com/eks/latest/user | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [helm](#requirement\_helm) | >= 2.4.1 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/kubecost/locals.tf b/modules/kubernetes-addons/kubecost/locals.tf deleted file mode 100644 index ee015c1cfc..0000000000 --- a/modules/kubernetes-addons/kubecost/locals.tf +++ /dev/null @@ -1,25 +0,0 @@ -locals { - name = "kubecost" - - default_helm_config = { - name = local.name - chart = "cost-analyzer" - repository = "oci://public.ecr.aws/kubecost" - version = "1.96.0" - namespace = local.name - values = local.default_helm_values - create_namespace = true - description = "Kubecost Helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/kubecost/main.tf b/modules/kubernetes-addons/kubecost/main.tf index d03500f57c..c57f30e732 100644 --- a/modules/kubernetes-addons/kubecost/main.tf +++ b/modules/kubernetes-addons/kubecost/main.tf @@ -1,6 +1,21 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/kubecost/cost-analyzer-helm-chart/blob/develop/cost-analyzer/Chart.yaml + helm_config = merge( + { + name = "kubecost" + chart = "cost-analyzer" + repository = "oci://public.ecr.aws/kubecost" + version = "1.97.0" + namespace = "kubecost" + values = [file("${path.module}/values.yaml")] + create_namespace = true + description = "Kubecost Helm Chart deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/kubecost/outputs.tf b/modules/kubernetes-addons/kubecost/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/kubecost/outputs.tf +++ b/modules/kubernetes-addons/kubecost/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/kubecost/values.yaml b/modules/kubernetes-addons/kubecost/values.yaml index 51c5d5534e..505ef6f230 100644 --- a/modules/kubernetes-addons/kubecost/values.yaml +++ b/modules/kubernetes-addons/kubecost/values.yaml @@ -1,9 +1,10 @@ +# https://github.com/kubecost/cost-analyzer-helm-chart/blob/master/cost-analyzer/values-eks-cost-monitoring.yaml global: grafana: enabled: false proxy: false -imageVersion: prod-1.96.0 +imageVersion: prod-1.97.0 kubecostFrontend: image: public.ecr.aws/kubecost/frontend diff --git a/modules/kubernetes-addons/kubecost/versions.tf b/modules/kubernetes-addons/kubecost/versions.tf index 9ac174272e..429c0b36d0 100644 --- a/modules/kubernetes-addons/kubecost/versions.tf +++ b/modules/kubernetes-addons/kubecost/versions.tf @@ -1,18 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - helm = { - source = "hashicorp/helm" - version = ">= 2.4.1" - } - } } diff --git a/modules/kubernetes-addons/kuberay-operator/main.tf b/modules/kubernetes-addons/kuberay-operator/main.tf index dfc8f90d20..bd263daf8e 100644 --- a/modules/kubernetes-addons/kuberay-operator/main.tf +++ b/modules/kubernetes-addons/kuberay-operator/main.tf @@ -12,11 +12,12 @@ resource "kubernetes_namespace_v1" "this" { module "helm_addon" { source = "../helm-addon" + # https://github.com/ray-project/kuberay/blob/master/helm-chart/kuberay-operator/Chart.yaml helm_config = merge( { name = local.name chart = "${path.module}/kuberay-operator-config" - version = "0.1.0" + version = "0.3.0" namespace = kubernetes_namespace_v1.this.metadata[0].name description = "KubeRay Operator Helm Chart deployment configuration" }, diff --git a/modules/kubernetes-addons/kubernetes-dashboard/locals.tf b/modules/kubernetes-addons/kubernetes-dashboard/locals.tf index d423d08acb..26c3ad9654 100644 --- a/modules/kubernetes-addons/kubernetes-dashboard/locals.tf +++ b/modules/kubernetes-addons/kubernetes-dashboard/locals.tf @@ -1,15 +1,14 @@ locals { name = "kubernetes-dashboard" + # https://github.com/kubernetes/dashboard/blob/master/charts/helm-chart/kubernetes-dashboard/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://kubernetes.github.io/dashboard/" - version = "5.7.0" + version = "5.11.0" namespace = local.name description = "Kubernetes Dashboard Helm Chart" - values = [] - timeout = "1200" } helm_config = merge( diff --git a/modules/kubernetes-addons/kyverno/main.tf b/modules/kubernetes-addons/kyverno/main.tf index 41ea30c7c8..b808049d7b 100644 --- a/modules/kubernetes-addons/kyverno/main.tf +++ b/modules/kubernetes-addons/kyverno/main.tf @@ -2,6 +2,7 @@ module "kyverno_helm_addon" { source = "../helm-addon" manage_via_gitops = var.manage_via_gitops + # https://github.com/kyverno/kyverno/blob/main/charts/kyverno/Chart.yaml helm_config = merge( { name = "kyverno" @@ -29,6 +30,7 @@ module "kyverno_policies_helm_addon" { count = var.enable_kyverno_policies ? 1 : 0 manage_via_gitops = var.manage_via_gitops + # https://github.com/kyverno/kyverno/blob/main/charts/kyverno-policies/Chart.yaml helm_config = merge( { name = "kyverno-policies" @@ -56,12 +58,13 @@ module "kyverno_policy_reporter_helm_addon" { count = var.enable_kyverno_policy_reporter ? 1 : 0 manage_via_gitops = var.manage_via_gitops + # https://github.com/kyverno/policy-reporter/blob/main/charts/policy-reporter/Chart.yaml helm_config = merge( { name = "policy-reporter" chart = "policy-reporter" repository = "https://kyverno.github.io/policy-reporter" - version = "2.13.0" + version = "2.13.4" namespace = module.kyverno_helm_addon.helm_release[0].namespace description = "Policy Reporter watches for PolicyReport Resources" }, diff --git a/modules/kubernetes-addons/local-volume-provisioner/README.md b/modules/kubernetes-addons/local-volume-provisioner/README.md index 46bc1a7615..1b046046d9 100644 --- a/modules/kubernetes-addons/local-volume-provisioner/README.md +++ b/modules/kubernetes-addons/local-volume-provisioner/README.md @@ -8,8 +8,6 @@ See [docs](../../../docs/add-ons/local-volume-provisioner.md) | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/local-volume-provisioner/versions.tf b/modules/kubernetes-addons/local-volume-provisioner/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/local-volume-provisioner/versions.tf +++ b/modules/kubernetes-addons/local-volume-provisioner/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/metrics-server/locals.tf b/modules/kubernetes-addons/metrics-server/locals.tf index 9a5376e347..0cc68e53b0 100644 --- a/modules/kubernetes-addons/metrics-server/locals.tf +++ b/modules/kubernetes-addons/metrics-server/locals.tf @@ -1,6 +1,7 @@ locals { name = "metrics-server" + # https://github.com/kubernetes-sigs/metrics-server/blob/master/charts/metrics-server/Chart.yaml default_helm_config = { name = local.name chart = local.name @@ -8,8 +9,6 @@ locals { version = "3.8.2" namespace = "kube-system" description = "Metric server helm Chart deployment configuration" - values = [] - timeout = "1200" } helm_config = merge( diff --git a/modules/kubernetes-addons/nvidia-device-plugin/locals.tf b/modules/kubernetes-addons/nvidia-device-plugin/locals.tf index 3ba2232f71..35f046f0bc 100644 --- a/modules/kubernetes-addons/nvidia-device-plugin/locals.tf +++ b/modules/kubernetes-addons/nvidia-device-plugin/locals.tf @@ -1,12 +1,12 @@ locals { - name = "nvidia-device-plugin" - version = "0.12.3" + name = "nvidia-device-plugin" + # https://github.com/NVIDIA/k8s-device-plugin/blob/master/deployments/helm/nvidia-device-plugin/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://nvidia.github.io/k8s-device-plugin" - version = local.version + version = "0.12.3" namespace = local.name description = "nvidia-device-plugin Helm Chart deployment configuration" create_namespace = true diff --git a/modules/kubernetes-addons/opentelemetry-operator/locals.tf b/modules/kubernetes-addons/opentelemetry-operator/locals.tf index d84b7d071c..5168043447 100644 --- a/modules/kubernetes-addons/opentelemetry-operator/locals.tf +++ b/modules/kubernetes-addons/opentelemetry-operator/locals.tf @@ -7,15 +7,14 @@ locals { create_namespace = var.enable_opentelemetry_operator ? true : try(var.helm_config.create_namespace, true) namespace = local.create_namespace ? kubernetes_namespace_v1.adot[0].metadata[0].name : try(var.helm_config.namespace, local.addon_namespace) + # https://github.com/open-telemetry/opentelemetry-helm-charts/blob/main/charts/opentelemetry-operator/Chart.yaml default_helm_config = { name = "opentelemetry" repository = "https://open-telemetry.github.io/opentelemetry-helm-charts" chart = "opentelemetry-operator" - version = "0.8.2" + version = "0.16.0" namespace = local.namespace - timeout = "1200" description = "ADOT Operator helm chart" - values = [] } helm_config = merge( diff --git a/modules/kubernetes-addons/prometheus/main.tf b/modules/kubernetes-addons/prometheus/main.tf index 4edbe44b7a..a06d46a15a 100644 --- a/modules/kubernetes-addons/prometheus/main.tf +++ b/modules/kubernetes-addons/prometheus/main.tf @@ -23,11 +23,12 @@ module "helm_addon" { manage_via_gitops = var.manage_via_gitops + # https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/Chart.yaml helm_config = merge( { name = local.name chart = local.name - version = "15.10.1" + version = "15.17.0" repository = "https://prometheus-community.github.io/helm-charts" namespace = local.namespace_name description = "Prometheus helm Chart deployment configuration" diff --git a/modules/kubernetes-addons/promtail/README.md b/modules/kubernetes-addons/promtail/README.md index 47b94fd158..e81fc8d02a 100644 --- a/modules/kubernetes-addons/promtail/README.md +++ b/modules/kubernetes-addons/promtail/README.md @@ -9,8 +9,6 @@ For more details checkout [promtail](https://grafana.com/docs/loki/latest/client | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/promtail/locals.tf b/modules/kubernetes-addons/promtail/locals.tf deleted file mode 100644 index d70d2df278..0000000000 --- a/modules/kubernetes-addons/promtail/locals.tf +++ /dev/null @@ -1,22 +0,0 @@ -locals { - name = "promtail" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://grafana.github.io/helm-charts" - version = "6.3.0" - namespace = local.name - values = [] - create_namespace = true - description = "Promtail helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/promtail/main.tf b/modules/kubernetes-addons/promtail/main.tf index d03500f57c..c51c4ec425 100644 --- a/modules/kubernetes-addons/promtail/main.tf +++ b/modules/kubernetes-addons/promtail/main.tf @@ -1,6 +1,20 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/grafana/helm-charts/blob/main/charts/promtail/Chart.yaml + helm_config = merge( + { + name = "promtail" + chart = "promtail" + repository = "https://grafana.github.io/helm-charts" + version = "6.6.0" + namespace = "promtail" + create_namespace = true + description = "Promtail helm Chart deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/promtail/outputs.tf b/modules/kubernetes-addons/promtail/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/promtail/outputs.tf +++ b/modules/kubernetes-addons/promtail/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/promtail/versions.tf b/modules/kubernetes-addons/promtail/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/promtail/versions.tf +++ b/modules/kubernetes-addons/promtail/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/reloader/README.md b/modules/kubernetes-addons/reloader/README.md index 35c8ae2420..2b05b7ea91 100644 --- a/modules/kubernetes-addons/reloader/README.md +++ b/modules/kubernetes-addons/reloader/README.md @@ -8,7 +8,6 @@ This add-on configures the [Reloader Helm Chart](https://github.com/stakater/Rel | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [helm](#requirement\_helm) | >= 2.4.1 | ## Providers diff --git a/modules/kubernetes-addons/reloader/locals.tf b/modules/kubernetes-addons/reloader/locals.tf deleted file mode 100644 index 17dff54dd6..0000000000 --- a/modules/kubernetes-addons/reloader/locals.tf +++ /dev/null @@ -1,25 +0,0 @@ -locals { - name = "reloader" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://stakater.github.io/stakater-charts" - version = "v0.0.118" - namespace = local.name - create_namespace = true - values = [] - description = "Reloader Helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - - argocd_gitops_config = { - enable = true - serviceAccountName = local.name - } -} diff --git a/modules/kubernetes-addons/reloader/main.tf b/modules/kubernetes-addons/reloader/main.tf index b846ae9538..6b2939029d 100644 --- a/modules/kubernetes-addons/reloader/main.tf +++ b/modules/kubernetes-addons/reloader/main.tf @@ -1,7 +1,29 @@ +locals { + name = "reloader" + + argocd_gitops_config = { + enable = true + serviceAccountName = local.name + } +} + module "helm_addon" { source = "../helm-addon" + # https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/chart/reloader/Chart.yaml + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://stakater.github.io/stakater-charts" + version = "v0.0.124" + namespace = local.name + create_namespace = true + description = "Reloader Helm Chart deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/reloader/versions.tf b/modules/kubernetes-addons/reloader/versions.tf index 278a4fbb4d..429c0b36d0 100644 --- a/modules/kubernetes-addons/reloader/versions.tf +++ b/modules/kubernetes-addons/reloader/versions.tf @@ -1,10 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - helm = { - source = "hashicorp/helm" - version = ">= 2.4.1" - } - } } diff --git a/modules/kubernetes-addons/secrets-store-csi-driver/locals.tf b/modules/kubernetes-addons/secrets-store-csi-driver/locals.tf index 843afb91db..fe7b6a6771 100644 --- a/modules/kubernetes-addons/secrets-store-csi-driver/locals.tf +++ b/modules/kubernetes-addons/secrets-store-csi-driver/locals.tf @@ -1,15 +1,14 @@ locals { name = "secrets-store-csi-driver" + # https://github.com/kubernetes-sigs/secrets-store-csi-driver/blob/main/charts/secrets-store-csi-driver/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts" - version = "1.1.2" + version = "1.2.4" namespace = local.name - description = "A Helm chart to install the Secrets Store CSI Driver " - values = [] - timeout = "1200" + description = "A Helm chart to install the Secrets Store CSI Driver" } helm_config = merge( diff --git a/modules/kubernetes-addons/secrets-store-csi-driver/versions.tf b/modules/kubernetes-addons/secrets-store-csi-driver/versions.tf index d2ddf87cc2..55fba733ab 100644 --- a/modules/kubernetes-addons/secrets-store-csi-driver/versions.tf +++ b/modules/kubernetes-addons/secrets-store-csi-driver/versions.tf @@ -2,10 +2,6 @@ terraform { required_version = ">= 1.0.0" required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } kubernetes = { source = "hashicorp/kubernetes" version = ">= 2.10" diff --git a/modules/kubernetes-addons/smb-csi-driver/README.md b/modules/kubernetes-addons/smb-csi-driver/README.md index 321ad02aca..82d9d0ad57 100644 --- a/modules/kubernetes-addons/smb-csi-driver/README.md +++ b/modules/kubernetes-addons/smb-csi-driver/README.md @@ -9,8 +9,6 @@ For more details checkout [SMB CSI Driver](https://github.com/kubernetes-csi/csi | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [aws](#requirement\_aws) | >= 3.72 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/smb-csi-driver/locals.tf b/modules/kubernetes-addons/smb-csi-driver/locals.tf deleted file mode 100644 index 0acc1219f7..0000000000 --- a/modules/kubernetes-addons/smb-csi-driver/locals.tf +++ /dev/null @@ -1,20 +0,0 @@ -locals { - name = "csi-driver-smb" - default_helm_config = { - name = local.name - chart = local.name - repository = "https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts" - version = "v1.9.0" - namespace = "kube-system" - description = "SMB CSI driver helm Chart deployment configuration" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/smb-csi-driver/main.tf b/modules/kubernetes-addons/smb-csi-driver/main.tf index d03500f57c..1b8745373d 100644 --- a/modules/kubernetes-addons/smb-csi-driver/main.tf +++ b/modules/kubernetes-addons/smb-csi-driver/main.tf @@ -1,6 +1,19 @@ module "helm_addon" { - source = "../helm-addon" - helm_config = local.helm_config + source = "../helm-addon" + + # https://github.com/kubernetes-csi/csi-driver-smb/blob/master/charts/latest/csi-driver-smb/Chart.yaml + helm_config = merge( + { + name = "csi-driver-smb" + chart = "csi-driver-smb" + repository = "https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts" + version = "v1.9.0" + namespace = "kube-system" + description = "SMB CSI driver helm Chart deployment configuration" + }, + var.helm_config + ) + manage_via_gitops = var.manage_via_gitops addon_context = var.addon_context } diff --git a/modules/kubernetes-addons/smb-csi-driver/outputs.tf b/modules/kubernetes-addons/smb-csi-driver/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/smb-csi-driver/outputs.tf +++ b/modules/kubernetes-addons/smb-csi-driver/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/smb-csi-driver/versions.tf b/modules/kubernetes-addons/smb-csi-driver/versions.tf index d2ddf87cc2..429c0b36d0 100644 --- a/modules/kubernetes-addons/smb-csi-driver/versions.tf +++ b/modules/kubernetes-addons/smb-csi-driver/versions.tf @@ -1,14 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.72" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/spark-history-server/README.md b/modules/kubernetes-addons/spark-history-server/README.md index effcfaf551..9e1e812d33 100644 --- a/modules/kubernetes-addons/spark-history-server/README.md +++ b/modules/kubernetes-addons/spark-history-server/README.md @@ -8,7 +8,6 @@ Spark WebUI Add-on with Spark History Server | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | -| [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers diff --git a/modules/kubernetes-addons/spark-history-server/locals.tf b/modules/kubernetes-addons/spark-history-server/locals.tf index 5545bce900..bef17020f3 100644 --- a/modules/kubernetes-addons/spark-history-server/locals.tf +++ b/modules/kubernetes-addons/spark-history-server/locals.tf @@ -9,7 +9,6 @@ locals { namespace = local.name description = "Helm chart for deploying Spark WebUI with Spark History Server in EKS using S3 Spark Event logs" values = local.default_helm_values - timeout = "300" } helm_config = merge( diff --git a/modules/kubernetes-addons/spark-history-server/versions.tf b/modules/kubernetes-addons/spark-history-server/versions.tf index 55fba733ab..429c0b36d0 100644 --- a/modules/kubernetes-addons/spark-history-server/versions.tf +++ b/modules/kubernetes-addons/spark-history-server/versions.tf @@ -1,10 +1,3 @@ terraform { required_version = ">= 1.0.0" - - required_providers { - kubernetes = { - source = "hashicorp/kubernetes" - version = ">= 2.10" - } - } } diff --git a/modules/kubernetes-addons/spark-k8s-operator/locals.tf b/modules/kubernetes-addons/spark-k8s-operator/locals.tf deleted file mode 100644 index 623a473181..0000000000 --- a/modules/kubernetes-addons/spark-k8s-operator/locals.tf +++ /dev/null @@ -1,23 +0,0 @@ -locals { - name = "spark-operator" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://googlecloudplatform.github.io/spark-on-k8s-operator" - version = "1.1.25" - namespace = local.name - description = "The spark_k8s_operator HelmChart Ingress Controller deployment configuration" - values = null - timeout = "1200" - } - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/spark-k8s-operator/main.tf b/modules/kubernetes-addons/spark-k8s-operator/main.tf index dc13a29d51..8d74c0d3ed 100644 --- a/modules/kubernetes-addons/spark-k8s-operator/main.tf +++ b/modules/kubernetes-addons/spark-k8s-operator/main.tf @@ -1,16 +1,32 @@ -module "helm_addon" { - source = "../helm-addon" - - manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config - addon_context = var.addon_context - - depends_on = [kubernetes_namespace_v1.this] +locals { + name = try(var.helm_config.name, "spark-operator") + namespace = try(var.helm_config.namespace, local.name) } resource "kubernetes_namespace_v1" "this" { - count = try(local.helm_config["create_namespace"], true) && local.helm_config["namespace"] != "kube-system" ? 1 : 0 + count = try(var.helm_config.create_namespace, true) && local.namespace != "kube-system" ? 1 : 0 + metadata { - name = local.helm_config["namespace"] + name = local.namespace } } + +module "helm_addon" { + source = "../helm-addon" + + # https://github.com/GoogleCloudPlatform/spark-on-k8s-operator/blob/master/charts/spark-operator-chart/Chart.yaml + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://googlecloudplatform.github.io/spark-on-k8s-operator" + version = "1.1.26" + namespace = try(kubernetes_namespace_v1.this[0].metadata[0].name, local.namespace) + description = "The spark_k8s_operator HelmChart Ingress Controller deployment configuration" + }, + var.helm_config + ) + + manage_via_gitops = var.manage_via_gitops + addon_context = var.addon_context +} diff --git a/modules/kubernetes-addons/spark-k8s-operator/outputs.tf b/modules/kubernetes-addons/spark-k8s-operator/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/spark-k8s-operator/outputs.tf +++ b/modules/kubernetes-addons/spark-k8s-operator/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/tetrate-istio/locals.tf b/modules/kubernetes-addons/tetrate-istio/locals.tf index c7809c0f28..8fc66f1dd4 100644 --- a/modules/kubernetes-addons/tetrate-istio/locals.tf +++ b/modules/kubernetes-addons/tetrate-istio/locals.tf @@ -7,7 +7,6 @@ locals { repository = "https://istio-release.storage.googleapis.com/charts" version = local.default_version namespace = "istio-system" - timeout = "1200" create_namespace = true description = "Istio service mesh" } diff --git a/modules/kubernetes-addons/traefik/locals.tf b/modules/kubernetes-addons/traefik/locals.tf deleted file mode 100644 index ad3b798edb..0000000000 --- a/modules/kubernetes-addons/traefik/locals.tf +++ /dev/null @@ -1,25 +0,0 @@ -locals { - name = "traefik" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://helm.traefik.io/traefik" - version = "10.20.1" - namespace = local.name - description = "The Traefik Helm Chart is focused on Traefik deployment configuration" - values = local.default_helm_values - timeout = "1200" - } - - default_helm_values = [] - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/traefik/main.tf b/modules/kubernetes-addons/traefik/main.tf index dc13a29d51..16cf081e2c 100644 --- a/modules/kubernetes-addons/traefik/main.tf +++ b/modules/kubernetes-addons/traefik/main.tf @@ -1,16 +1,33 @@ -module "helm_addon" { - source = "../helm-addon" - - manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config - addon_context = var.addon_context - - depends_on = [kubernetes_namespace_v1.this] +locals { + name = try(var.helm_config.name, "traefik") + namespace = try(var.helm_config.namespace, local.name) } + resource "kubernetes_namespace_v1" "this" { - count = try(local.helm_config["create_namespace"], true) && local.helm_config["namespace"] != "kube-system" ? 1 : 0 + count = try(var.helm_config.create_namespace, true) && local.namespace != "kube-system" ? 1 : 0 + metadata { - name = local.helm_config["namespace"] + name = local.namespace } } + +module "helm_addon" { + source = "../helm-addon" + + # https://github.com/traefik/traefik-helm-chart/blob/master/traefik/Chart.yaml + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://helm.traefik.io/traefik" + version = "18.1.0" + namespace = try(kubernetes_namespace_v1.this[0].metadata[0].name, local.namespace) + description = "The Traefik Helm Chart is focused on Traefik deployment configuration" + }, + var.helm_config + ) + + manage_via_gitops = var.manage_via_gitops + addon_context = var.addon_context +} diff --git a/modules/kubernetes-addons/traefik/outputs.tf b/modules/kubernetes-addons/traefik/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/traefik/outputs.tf +++ b/modules/kubernetes-addons/traefik/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/velero/main.tf b/modules/kubernetes-addons/velero/main.tf index cce57d8924..bb79415c11 100644 --- a/modules/kubernetes-addons/velero/main.tf +++ b/modules/kubernetes-addons/velero/main.tf @@ -13,12 +13,12 @@ locals { module "helm_addon" { source = "../helm-addon" - # https://github.com/vmware-tanzu/helm-charts/tree/main/charts/velero + # https://github.com/vmware-tanzu/helm-charts/blob/main/charts/velero/Chart.yaml helm_config = merge({ name = local.name description = "A Helm chart for velero" chart = local.name - version = "2.30.0" + version = "2.32.1" repository = "https://vmware-tanzu.github.io/helm-charts/" namespace = local.namespace values = [templatefile("${path.module}/values.yaml", { diff --git a/modules/kubernetes-addons/vpa/locals.tf b/modules/kubernetes-addons/vpa/locals.tf deleted file mode 100644 index a3eb1d1a49..0000000000 --- a/modules/kubernetes-addons/vpa/locals.tf +++ /dev/null @@ -1,25 +0,0 @@ -locals { - name = "vpa" - - default_helm_config = { - name = local.name - chart = local.name - repository = "https://charts.fairwinds.com/stable" - version = "1.4.0" - namespace = local.name - description = "Kubernetes Vertical Pod Autoscaler" - values = local.default_helm_values - timeout = "1200" - } - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - - helm_config = merge( - local.default_helm_config, - var.helm_config - ) - - argocd_gitops_config = { - enable = true - } -} diff --git a/modules/kubernetes-addons/vpa/main.tf b/modules/kubernetes-addons/vpa/main.tf index 813c8b094e..1a36df1736 100644 --- a/modules/kubernetes-addons/vpa/main.tf +++ b/modules/kubernetes-addons/vpa/main.tf @@ -1,16 +1,32 @@ -module "helm_addon" { - source = "../helm-addon" - - manage_via_gitops = var.manage_via_gitops - helm_config = local.helm_config - addon_context = var.addon_context - - depends_on = [kubernetes_namespace_v1.vpa] +locals { + name = try(var.helm_config.name, "vpa") + namespace = try(var.helm_config.namespace, local.name) } resource "kubernetes_namespace_v1" "vpa" { - count = try(local.helm_config["create_namespace"], true) && local.helm_config["namespace"] != "kube-system" ? 1 : 0 + count = try(var.helm_config.create_namespace, true) && local.namespace != "kube-system" ? 1 : 0 + metadata { - name = local.helm_config["namespace"] + name = local.namespace } } + +module "helm_addon" { + source = "../helm-addon" + + # https://github.com/FairwindsOps/charts/blob/master/stable/vpa/Chart.yaml + helm_config = merge( + { + name = local.name + chart = local.name + repository = "https://charts.fairwinds.com/stable" + version = "1.5.0" + namespace = try(kubernetes_namespace_v1.vpa[0].metadata[0].name, local.namespace) + description = "Kubernetes Vertical Pod Autoscaler" + }, + var.helm_config + ) + + manage_via_gitops = var.manage_via_gitops + addon_context = var.addon_context +} diff --git a/modules/kubernetes-addons/vpa/outputs.tf b/modules/kubernetes-addons/vpa/outputs.tf index b30c86b380..b5d714acb4 100644 --- a/modules/kubernetes-addons/vpa/outputs.tf +++ b/modules/kubernetes-addons/vpa/outputs.tf @@ -1,4 +1,4 @@ output "argocd_gitops_config" { description = "Configuration used for managing the add-on with ArgoCD" - value = var.manage_via_gitops ? local.argocd_gitops_config : null + value = var.manage_via_gitops ? { enable = true } : null } diff --git a/modules/kubernetes-addons/vpa/values.yaml b/modules/kubernetes-addons/vpa/values.yaml deleted file mode 100644 index fc8a711d16..0000000000 --- a/modules/kubernetes-addons/vpa/values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# Default values for vertical-pod-autoscaler. -recommender: - image: - repository: k8s.gcr.io/autoscaling/vpa-recommender - tag: "0.9.2" # This tag supports autoscaling.k8s.io/v1beta2. Prometheus Helm chart VPA only supports autoscaling.k8s.io/v1beta2 hence we are aligning both - nodeSelector: - kubernetes.io/os: linux - -updater: - image: - repository: k8s.gcr.io/autoscaling/vpa-updater - tag: "0.9.2" # This tag supports autoscaling.k8s.io/v1beta2. Prometheus Helm chart VPA only supports autoscaling.k8s.io/v1beta2 hence we are aligning both - nodeSelector: - kubernetes.io/os: linux diff --git a/modules/kubernetes-addons/yunikorn/locals.tf b/modules/kubernetes-addons/yunikorn/locals.tf index e0d0011acf..3a2538ae73 100644 --- a/modules/kubernetes-addons/yunikorn/locals.tf +++ b/modules/kubernetes-addons/yunikorn/locals.tf @@ -1,18 +1,17 @@ locals { name = "yunikorn" + + # https://github.com/apache/yunikorn-release/blob/master/helm-charts/yunikorn/Chart.yaml default_helm_config = { name = local.name chart = local.name repository = "https://apache.github.io/yunikorn-release" - version = "1.0.0" + version = "1.1.0" namespace = local.name description = "Apache YuniKorn (Incubating) is a light-weight, universal resource scheduler for container orchestrator systems" - values = local.default_helm_values - timeout = "1200" + values = [file("${path.module}/values.yaml")] } - default_helm_values = [templatefile("${path.module}/values.yaml", {})] - helm_config = merge( local.default_helm_config, var.helm_config diff --git a/outputs.tf b/outputs.tf index 55f50dbfa1..e80ba0b199 100644 --- a/outputs.tf +++ b/outputs.tf @@ -87,7 +87,7 @@ output "worker_node_security_group_id" { #------------------------------- output "self_managed_node_groups" { description = "Outputs from EKS Self-managed node groups " - value = var.create_eks && length(var.self_managed_node_groups) > 0 ? module.aws_eks_self_managed_node_groups.* : [] + value = var.create_eks && length(var.self_managed_node_groups) > 0 ? module.aws_eks_self_managed_node_groups[*] : [] } output "self_managed_node_group_iam_role_arns" { @@ -107,12 +107,12 @@ output "self_managed_node_group_iam_instance_profile_id" { output "self_managed_node_group_aws_auth_config_map" { description = "Self managed node groups AWS auth map" - value = local.self_managed_node_group_aws_auth_config_map.* + value = local.self_managed_node_group_aws_auth_config_map[*] } output "windows_node_group_aws_auth_config_map" { description = "Windows node groups AWS auth map" - value = local.windows_node_group_aws_auth_config_map.* + value = local.windows_node_group_aws_auth_config_map[*] } #------------------------------- @@ -120,7 +120,7 @@ output "windows_node_group_aws_auth_config_map" { #------------------------------- output "managed_node_groups" { description = "Outputs from EKS Managed node groups " - value = var.create_eks && length(var.managed_node_groups) > 0 ? module.aws_eks_managed_node_groups.* : [] + value = var.create_eks && length(var.managed_node_groups) > 0 ? module.aws_eks_managed_node_groups[*] : [] } output "managed_node_groups_id" { @@ -160,7 +160,7 @@ output "managed_node_group_iam_instance_profile_arns" { output "managed_node_group_aws_auth_config_map" { description = "Managed node groups AWS auth map" - value = local.managed_node_group_aws_auth_config_map.* + value = local.managed_node_group_aws_auth_config_map[*] } #------------------------------- @@ -199,5 +199,5 @@ output "emr_on_eks_role_id" { #------------------------------- output "teams" { description = "Outputs from EKS Fargate profiles groups " - value = var.create_eks && (length(var.platform_teams) > 0 || length(var.application_teams) > 0) ? module.aws_eks_teams.* : [] + value = var.create_eks && (length(var.platform_teams) > 0 || length(var.application_teams) > 0) ? module.aws_eks_teams[*] : [] }