From f650386b76ebf3f6b728fb27802515a1b9700599 Mon Sep 17 00:00:00 2001 From: mglotov <37855803+mglotov@users.noreply.github.com> Date: Thu, 4 Nov 2021 14:24:45 +0600 Subject: [PATCH] refactor: use dedicated file to set some helm charts options (name, repository, version) (#156) --- .../eks-aws-node-termination-handler.tf | 14 ++- terraform/layer2-k8s/eks-calico.tf | 14 ++- .../eks-cert-manager-certificate.tf | 33 +++++++ .../eks-cert-manager-cluster-issuer.tf | 34 +++++++ terraform/layer2-k8s/eks-cert-manager.tf | 14 ++- terraform/layer2-k8s/eks-certificate.tf | 23 ----- .../layer2-k8s/eks-cluster-autoscaler.tf | 14 ++- terraform/layer2-k8s/eks-cluster-issuer.tf | 24 ----- terraform/layer2-k8s/eks-external-dns.tf | 14 ++- terraform/layer2-k8s/eks-external-secrets.tf | 25 +++-- .../layer2-k8s/eks-kube-prometheus-stack.tf | 11 ++- terraform/layer2-k8s/eks-loki-stack.tf | 11 ++- .../eks-nginx-ingress-controller.tf | 11 ++- terraform/layer2-k8s/examples/eks-elk.tf | 9 +- .../layer2-k8s/examples/eks-gitlab-runner.tf | 11 ++- terraform/layer2-k8s/examples/eks-istio.tf | 59 ++++++++---- terraform/layer2-k8s/examples/eks-teamcity.tf | 9 +- terraform/layer2-k8s/helm-charts.yaml | 81 +++++++++++++++++ terraform/layer2-k8s/locals.tf | 15 +-- terraform/layer2-k8s/variables.tf | 91 +------------------ 20 files changed, 317 insertions(+), 200 deletions(-) create mode 100644 terraform/layer2-k8s/eks-cert-manager-certificate.tf create mode 100644 terraform/layer2-k8s/eks-cert-manager-cluster-issuer.tf delete mode 100644 terraform/layer2-k8s/eks-certificate.tf delete mode 100644 terraform/layer2-k8s/eks-cluster-issuer.tf create mode 100644 terraform/layer2-k8s/helm-charts.yaml diff --git a/terraform/layer2-k8s/eks-aws-node-termination-handler.tf b/terraform/layer2-k8s/eks-aws-node-termination-handler.tf index cefabb73..71003cb8 100644 --- a/terraform/layer2-k8s/eks-aws-node-termination-handler.tf +++ b/terraform/layer2-k8s/eks-aws-node-termination-handler.tf @@ -1,8 +1,16 @@ +locals { + aws-node-termination-handler = { + chart = local.helm_charts[index(local.helm_charts.*.id, "aws-node-termination-handler")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "aws-node-termination-handler")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "aws-node-termination-handler")], "version", null) + } +} + resource "helm_release" "aws_node_termination_handler" { name = "aws-node-termination-handler" - chart = "aws-node-termination-handler" - version = var.aws_node_termination_handler_version - repository = local.helm_repo_eks + chart = local.aws-node-termination-handler.chart + repository = local.aws-node-termination-handler.repository + version = local.aws-node-termination-handler.chart_version namespace = module.sys_namespace.name wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-calico.tf b/terraform/layer2-k8s/eks-calico.tf index 1396db8f..ed231a40 100644 --- a/terraform/layer2-k8s/eks-calico.tf +++ b/terraform/layer2-k8s/eks-calico.tf @@ -1,12 +1,20 @@ +locals { + aws-calico = { + chart = local.helm_charts[index(local.helm_charts.*.id, "aws-calico")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "aws-calico")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "aws-calico")], "version", null) + } +} + data "template_file" "calico_daemonset" { template = file("${path.module}/templates/calico-values.yaml") } resource "helm_release" "calico_daemonset" { name = "aws-calico" - chart = "aws-calico" - repository = local.helm_repo_eks - version = var.calico_daemonset + chart = local.aws-calico.chart + repository = local.aws-calico.repository + version = local.aws-calico.chart_version namespace = "kube-system" max_history = var.helm_release_history_size wait = false diff --git a/terraform/layer2-k8s/eks-cert-manager-certificate.tf b/terraform/layer2-k8s/eks-cert-manager-certificate.tf new file mode 100644 index 00000000..3e3828b9 --- /dev/null +++ b/terraform/layer2-k8s/eks-cert-manager-certificate.tf @@ -0,0 +1,33 @@ +locals { + cert-mananger-certificate = { + chart = local.helm_charts[index(local.helm_charts.*.id, "cert-mananger-certificate")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-mananger-certificate")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-mananger-certificate")], "version", null) + } +} + +data "template_file" "certificate" { + template = file("${path.module}/templates/certificate-values.yaml") + + vars = { + domain_name = "*.${local.domain_name}" + common_name = local.domain_name + } +} + +resource "helm_release" "certificate" { + name = "certificate" + chart = local.cert-mananger-certificate.chart + repository = local.cert-mananger-certificate.repository + version = local.cert-mananger-certificate.chart_version + namespace = module.ing_namespace.name + wait = false + max_history = var.helm_release_history_size + + values = [ + data.template_file.certificate.rendered, + ] + + # This dep needs for correct apply + depends_on = [helm_release.cert_manager, helm_release.cluster_issuer] +} diff --git a/terraform/layer2-k8s/eks-cert-manager-cluster-issuer.tf b/terraform/layer2-k8s/eks-cert-manager-cluster-issuer.tf new file mode 100644 index 00000000..eee45736 --- /dev/null +++ b/terraform/layer2-k8s/eks-cert-manager-cluster-issuer.tf @@ -0,0 +1,34 @@ +locals { + cert-manager-cluster-issuer = { + chart = local.helm_charts[index(local.helm_charts.*.id, "cert-manager-cluster-issuer")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-manager-cluster-issuer")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-manager-cluster-issuer")], "version", null) + } +} + +data "template_file" "cluster_issuer" { + template = file("${path.module}/templates/cluster-issuer-values.yaml") + + vars = { + region = local.region + zone = local.domain_name + zone_id = local.zone_id + } +} + +resource "helm_release" "cluster_issuer" { + name = "cluster-issuer" + chart = local.cert-manager-cluster-issuer.chart + repository = local.cert-manager-cluster-issuer.repository + version = local.cert-manager-cluster-issuer.chart_version + namespace = module.certmanager_namespace.name + wait = false + max_history = var.helm_release_history_size + + values = [ + data.template_file.cluster_issuer.rendered, + ] + + # This dep needs for correct apply + depends_on = [helm_release.cert_manager] +} diff --git a/terraform/layer2-k8s/eks-cert-manager.tf b/terraform/layer2-k8s/eks-cert-manager.tf index 6410b30f..8e6a51fa 100644 --- a/terraform/layer2-k8s/eks-cert-manager.tf +++ b/terraform/layer2-k8s/eks-cert-manager.tf @@ -1,3 +1,11 @@ +locals { + cert-manager = { + chart = local.helm_charts[index(local.helm_charts.*.id, "cert-manager")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-manager")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "cert-manager")], "version", null) + } +} + data "template_file" "cert_manager" { template = file("${path.module}/templates/cert-manager-values.yaml") @@ -8,10 +16,10 @@ data "template_file" "cert_manager" { resource "helm_release" "cert_manager" { name = "cert-manager" - chart = "cert-manager" - repository = local.helm_repo_certmanager + chart = local.cert-manager.chart + repository = local.cert-manager.repository + version = local.cert-manager.chart_version namespace = module.certmanager_namespace.name - version = var.cert_manager_version wait = true max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-certificate.tf b/terraform/layer2-k8s/eks-certificate.tf deleted file mode 100644 index 255c0741..00000000 --- a/terraform/layer2-k8s/eks-certificate.tf +++ /dev/null @@ -1,23 +0,0 @@ -data "template_file" "certificate" { - template = file("${path.module}/templates/certificate-values.yaml") - - vars = { - domain_name = "*.${local.domain_name}" - common_name = local.domain_name - } -} - -resource "helm_release" "certificate" { - name = "certificate" - chart = "../../helm-charts/certificate" - namespace = module.ing_namespace.name - wait = false - max_history = var.helm_release_history_size - - values = [ - data.template_file.certificate.rendered, - ] - - # This dep needs for correct apply - depends_on = [helm_release.cert_manager, helm_release.cluster_issuer] -} diff --git a/terraform/layer2-k8s/eks-cluster-autoscaler.tf b/terraform/layer2-k8s/eks-cluster-autoscaler.tf index cae06566..d8acaa05 100644 --- a/terraform/layer2-k8s/eks-cluster-autoscaler.tf +++ b/terraform/layer2-k8s/eks-cluster-autoscaler.tf @@ -1,3 +1,11 @@ +locals { + cluster-autoscaler = { + chart = local.helm_charts[index(local.helm_charts.*.id, "cluster-autoscaler")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "cluster-autoscaler")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "cluster-autoscaler")], "version", null) + } +} + data "template_file" "cluster_autoscaler" { template = file("${path.module}/templates/cluster-autoscaler-values.yaml") @@ -11,9 +19,9 @@ data "template_file" "cluster_autoscaler" { resource "helm_release" "cluster_autoscaler" { name = "cluster-autoscaler" - chart = "cluster-autoscaler" - repository = local.helm_repo_cluster_autoscaler - version = var.cluster_autoscaler_chart_version + chart = local.cluster-autoscaler.chart + repository = local.cluster-autoscaler.repository + version = local.cluster-autoscaler.chart_version namespace = module.sys_namespace.name max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-cluster-issuer.tf b/terraform/layer2-k8s/eks-cluster-issuer.tf deleted file mode 100644 index 3a504197..00000000 --- a/terraform/layer2-k8s/eks-cluster-issuer.tf +++ /dev/null @@ -1,24 +0,0 @@ -data "template_file" "cluster_issuer" { - template = file("${path.module}/templates/cluster-issuer-values.yaml") - - vars = { - region = local.region - zone = local.domain_name - zone_id = local.zone_id - } -} - -resource "helm_release" "cluster_issuer" { - name = "cluster-issuer" - chart = "../../helm-charts/cluster-issuer" - namespace = module.certmanager_namespace.name - wait = false - max_history = var.helm_release_history_size - - values = [ - data.template_file.cluster_issuer.rendered, - ] - - # This dep needs for correct apply - depends_on = [helm_release.cert_manager] -} diff --git a/terraform/layer2-k8s/eks-external-dns.tf b/terraform/layer2-k8s/eks-external-dns.tf index 29d54715..5792d793 100644 --- a/terraform/layer2-k8s/eks-external-dns.tf +++ b/terraform/layer2-k8s/eks-external-dns.tf @@ -1,3 +1,11 @@ +locals { + external-dns = { + chart = local.helm_charts[index(local.helm_charts.*.id, "external-dns")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "external-dns")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "external-dns")], "version", null) + } +} + data "template_file" "external_dns" { template = file("${path.module}/templates/external-dns.yaml") @@ -11,9 +19,9 @@ data "template_file" "external_dns" { resource "helm_release" "external_dns" { name = "external-dns" - chart = "external-dns" - repository = local.helm_repo_bitnami - version = var.external_dns_version + chart = local.external-dns.chart + repository = local.external-dns.repository + version = local.external-dns.chart_version namespace = module.dns_namespace.name max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-external-secrets.tf b/terraform/layer2-k8s/eks-external-secrets.tf index 7ed6626d..df84cf4f 100644 --- a/terraform/layer2-k8s/eks-external-secrets.tf +++ b/terraform/layer2-k8s/eks-external-secrets.tf @@ -1,3 +1,16 @@ +locals { + external-secrets = { + chart = local.helm_charts[index(local.helm_charts.*.id, "external-secrets")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "external-secrets")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "external-secrets")], "version", null) + } + reloader = { + chart = local.helm_charts[index(local.helm_charts.*.id, "reloader")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "reloader")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "reloader")], "version", null) + } +} + data "template_file" "external_secrets" { template = file("${path.module}/templates/external-secrets-values.yaml") @@ -9,9 +22,9 @@ data "template_file" "external_secrets" { resource "helm_release" "external_secrets" { name = "external-secrets" - chart = "kubernetes-external-secrets" - repository = local.helm_repo_external_secrets - version = var.external_secrets_version + chart = local.external-secrets.chart + repository = local.external-secrets.repository + version = local.external-secrets.chart_version namespace = module.sys_namespace.name max_history = var.helm_release_history_size @@ -22,9 +35,9 @@ resource "helm_release" "external_secrets" { resource "helm_release" "reloader" { name = "reloader" - chart = "reloader" - repository = local.helm_repo_stakater - version = var.reloader_version + chart = local.reloader.chart + repository = local.reloader.repository + version = local.reloader.chart_version namespace = module.sys_namespace.name wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-kube-prometheus-stack.tf b/terraform/layer2-k8s/eks-kube-prometheus-stack.tf index 7bdc1a67..49559c01 100644 --- a/terraform/layer2-k8s/eks-kube-prometheus-stack.tf +++ b/terraform/layer2-k8s/eks-kube-prometheus-stack.tf @@ -1,4 +1,9 @@ locals { + kube-prometheus-stack = { + chart = local.helm_charts[index(local.helm_charts.*.id, "kube-prometheus-stack")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "kube-prometheus-stack")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "kube-prometheus-stack")], "version", null) + } grafana_password = random_string.grafana_password.result grafana_domain_name = "grafana-${local.domain_suffix}" prometheus_domain_name = "prometheus-${local.domain_suffix}" @@ -28,10 +33,10 @@ resource "random_string" "grafana_password" { resource "helm_release" "prometheus_operator" { name = "kube-prometheus-stack" - chart = "kube-prometheus-stack" - repository = local.helm_repo_prometheus_community + chart = local.kube-prometheus-stack.chart + repository = local.kube-prometheus-stack.repository + version = local.kube-prometheus-stack.chart_version namespace = module.monitoring_namespace.name - version = var.prometheus_operator_version wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-loki-stack.tf b/terraform/layer2-k8s/eks-loki-stack.tf index 935b34ca..84901a9e 100644 --- a/terraform/layer2-k8s/eks-loki-stack.tf +++ b/terraform/layer2-k8s/eks-loki-stack.tf @@ -1,4 +1,9 @@ locals { + loki-stack = { + chart = local.helm_charts[index(local.helm_charts.*.id, "loki-stack")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "loki-stack")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "loki-stack")], "version", null) + } grafana_loki_password = random_string.grafana_loki_password.result loki_stack_template = templatefile("${path.module}/templates/loki-stack-values.yaml", @@ -13,10 +18,10 @@ locals { resource "helm_release" "loki_stack" { name = "loki-stack" - chart = "loki-stack" - repository = local.helm_repo_grafana + chart = local.loki-stack.chart + repository = local.loki-stack.repository + version = local.loki-stack.chart_version namespace = module.monitoring_namespace.name - version = var.loki_stack wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/eks-nginx-ingress-controller.tf b/terraform/layer2-k8s/eks-nginx-ingress-controller.tf index d613acf1..c0fb90ba 100644 --- a/terraform/layer2-k8s/eks-nginx-ingress-controller.tf +++ b/terraform/layer2-k8s/eks-nginx-ingress-controller.tf @@ -1,4 +1,9 @@ locals { + ingress-nginx = { + chart = local.helm_charts[index(local.helm_charts.*.id, "ingress-nginx")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "ingress-nginx")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "ingress-nginx")], "version", null) + } ssl_certificate_arn = var.nginx_ingress_ssl_terminator == "lb" ? data.terraform_remote_state.layer1-aws.outputs.ssl_certificate_arn : "" template_name = ( @@ -20,10 +25,10 @@ data "template_file" "nginx_ingress" { resource "helm_release" "nginx_ingress" { name = "ingress-nginx" - chart = "ingress-nginx" - repository = local.helm_repo_ingress_nginx + chart = local.ingress-nginx.chart + repository = local.ingress-nginx.repository + version = local.ingress-nginx.chart_version namespace = module.ing_namespace.name - version = var.nginx_ingress_controller_version wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/examples/eks-elk.tf b/terraform/layer2-k8s/examples/eks-elk.tf index 10b72a4d..eb830f07 100644 --- a/terraform/layer2-k8s/examples/eks-elk.tf +++ b/terraform/layer2-k8s/examples/eks-elk.tf @@ -1,4 +1,9 @@ locals { + elk = { + chart = local.helm_charts[index(local.helm_charts.*.id, "elk")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "elk")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "elk")], "version", null) + } kibana_domain_name = "kibana-${local.domain_suffix}" apm_domain_name = "apm-${local.domain_suffix}" elastic_stack_bucket_name = data.terraform_remote_state.layer1-aws.outputs.elastic_stack_bucket_name @@ -22,7 +27,9 @@ data "template_file" "elk" { resource "helm_release" "elk" { name = "elk" - chart = "../../helm-charts/elk" + chart = local.elk.chart + repository = local.elk.repository + version = local.elk.chart_version namespace = module.elk_namespace.name wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/examples/eks-gitlab-runner.tf b/terraform/layer2-k8s/examples/eks-gitlab-runner.tf index 2630e690..afa37503 100644 --- a/terraform/layer2-k8s/examples/eks-gitlab-runner.tf +++ b/terraform/layer2-k8s/examples/eks-gitlab-runner.tf @@ -1,4 +1,9 @@ locals { + gitlab-runner = { + chart = local.helm_charts[index(local.helm_charts.*.id, "gitlab-runner")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "gitlab-runner")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "gitlab-runner")], "version", null) + } gitlab_runner_cache_bucket_name = data.terraform_remote_state.layer1-aws.outputs.gitlab_runner_cache_bucket_name gitlab_runner_template = templatefile("${path.module}/templates/gitlab-runner-values.tmpl", @@ -23,9 +28,9 @@ module "eks_rbac_gitlab_runner" { resource "helm_release" "gitlab_runner" { name = "gitlab-runner" - chart = "gitlab-runner" - repository = local.helm_repo_gitlab - version = var.gitlab_runner_version + chart = local.gitlab-runner.chart + repository = local.gitlab-runner.repository + version = local.gitlab-runner.chart_version namespace = module.ci_namespace.name wait = false max_history = var.helm_release_history_size diff --git a/terraform/layer2-k8s/examples/eks-istio.tf b/terraform/layer2-k8s/examples/eks-istio.tf index 62296092..4dd5fa2e 100644 --- a/terraform/layer2-k8s/examples/eks-istio.tf +++ b/terraform/layer2-k8s/examples/eks-istio.tf @@ -1,8 +1,33 @@ -resource "helm_release" "istio_operator" { - name = "istio-operator" - chart = "../../helm-charts/istio/istio-operator" +local { + istio-operator = { + chart = local.helm_charts[index(local.helm_charts.*.id, "istio-operator")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-operator")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-operator")], "version", null) + } + istio-operator-resources = { + chart = local.helm_charts[index(local.helm_charts.*.id, "istio-operator-resources")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-operator-resources")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-operator-resources")], "version", null) + } + istio-resources = { + chart = local.helm_charts[index(local.helm_charts.*.id, "istio-resources")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-resources")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "istio-resources")], "version", null) + } + kiali-server = { + chart = local.helm_charts[index(local.helm_charts.*.id, "kiali-server")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "kiali-server")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "kiali-server")], "version", null) + } +} - wait = true +resource "helm_release" "istio_operator" { + name = "istio-operator" + chart = local.istio-operator.chart + repository = local.istio-operator.repository + version = local.istio-operator.chart_version + max_history = var.helm_release_history_size + wait = true values = [ file("${path.module}/templates/istio/istio-operator-values.yaml") @@ -10,12 +35,13 @@ resource "helm_release" "istio_operator" { } resource "helm_release" "istio_operator_resources" { - name = "istio-operator-resources" - chart = "../../helm-charts/istio/istio-operator-resources" - + name = "istio-operator-resources" + chart = local.istio-operator-resources.chart + repository = local.istio-operator-resources.repository + version = local.istio-operator-resources.chart_version namespace = module.istio_system_namespace.name - wait = true max_history = var.helm_release_history_size + wait = true values = [ file("${path.module}/templates/istio/istio-resources-values.yaml") @@ -31,12 +57,13 @@ resource "time_sleep" "wait_10_seconds" { } resource "helm_release" "istio_resources" { - name = "istio-resources" - chart = "../../helm-charts/istio/istio-resources" - + name = "istio-resources" + chart = local.istio-resources.chart + repository = local.istio-resources.repository + version = local.istio-resources.chart_version namespace = module.istio_system_namespace.name - wait = false max_history = var.helm_release_history_size + wait = false values = [ file("${path.module}/templates/istio/istio-resources-values.yaml") @@ -47,12 +74,12 @@ resource "helm_release" "istio_resources" { resource "helm_release" "kiali" { name = "kiali-server" - chart = "kiali-server" - repository = local.helm_repo_kiali + chart = local.kiali-server.chart + repository = local.kiali-server.repository + version = local.kiali-server.chart_version namespace = module.kiali_namespace.name - version = var.kiali_version - wait = false max_history = var.helm_release_history_size + wait = false values = [ file("${path.module}/templates/istio/istio-kiali-values.yaml") diff --git a/terraform/layer2-k8s/examples/eks-teamcity.tf b/terraform/layer2-k8s/examples/eks-teamcity.tf index 04001556..43d96cb3 100644 --- a/terraform/layer2-k8s/examples/eks-teamcity.tf +++ b/terraform/layer2-k8s/examples/eks-teamcity.tf @@ -1,4 +1,9 @@ locals { + teamcity = { + chart = local.helm_charts[index(local.helm_charts.*.id, "teamcity")].chart + repository = lookup(local.helm_charts[index(local.helm_charts.*.id, "teamcity")], "repository", null) + chart_version = lookup(local.helm_charts[index(local.helm_charts.*.id, "teamcity")], "version", null) + } teamcity_domain_name = "teamcity-${local.domain_suffix}" } @@ -30,7 +35,9 @@ data "template_file" "teamcity" { resource "helm_release" "teamcity" { name = "teamcity" - chart = "../../helm-charts/teamcity" + chart = local.teamcity.chart + repository = local.teamcity.repository + version = local.teamcity.chart_version namespace = module.ci_namespace.name wait = false cleanup_on_fail = true diff --git a/terraform/layer2-k8s/helm-charts.yaml b/terraform/layer2-k8s/helm-charts.yaml new file mode 100644 index 00000000..ef9f935b --- /dev/null +++ b/terraform/layer2-k8s/helm-charts.yaml @@ -0,0 +1,81 @@ +charts: + - id: aws-loadbalancer-controller + chart: aws-loadbalancer-controller + repository: https://aws.github.io/eks-charts + version: 1.2.6 + - id: aws-node-termination-handler + chart: aws-node-termination-handler + repository: https://aws.github.io/eks-charts + version: 0.13.3 + - id: aws-calico + chart: aws-calico + repository: https://aws.github.io/eks-charts + version: 0.3.4 + - id: cert-manager + chart: cert-manager + repository: https://charts.jetstack.io + version: 1.1.0 + - id: cert-mananger-certificate + chart: ../../helm-charts/certificate + repository: + version: + - id: cluster-autoscaler + chart: cluster-autoscaler + repository: https://kubernetes.github.io/autoscaler + version: 9.10.5 + - id: cert-manager-cluster-issuer + chart: ../../helm-charts/cluster-issuer + repository: + version: + - id: elk + chart: ../../helm-charts/elk + repository: + version: + - id: external-dns + chart: external-dns + repository: https://charts.bitnami.com/bitnami + version: 4.9.4 + - id: external-secrets + chart: kubernetes-external-secrets + repository: https://external-secrets.github.io/kubernetes-external-secrets + version: 6.3.0 + - id: gitlab-runner + chart: gitlab-runner + repository: https://charts.gitlab.io + version: 0.26.0 + - id: ingress-nginx + chart: ingress-nginx + repository: https://kubernetes.github.io/ingress-nginx + version: 3.23.0 + - id: istio-operator + chart: ../../helm-charts/istio/istio-operator + repository: + version: + - id: istio-operator-resources + chart: ../../helm-charts/istio/istio-operator-resources + repository: + version: + - id: istio-resources + chart: ../../helm-charts/istio/istio-resources + repository: + version: + - id: kiali-server + chart: kiali-server + repository: https://kiali.org/helm-charts + version: 1.36 + - id: kube-prometheus-stack + chart: kube-prometheus-stack + repository: https://prometheus-community.github.io/helm-charts + version: 13.12.0 + - id: loki-stack + chart: loki-stack + repository: https://grafana.github.io/helm-charts + version: 2.3.1 + - id: reloader + chart: reloader + repository: https://stakater.github.io/stakater-charts + version: 0.0.81 + - id: teamcity + chart: ../../helm-charts/teamcity + repository: + version: diff --git a/terraform/layer2-k8s/locals.tf b/terraform/layer2-k8s/locals.tf index 71e53fed..a81e0f43 100644 --- a/terraform/layer2-k8s/locals.tf +++ b/terraform/layer2-k8s/locals.tf @@ -15,18 +15,5 @@ locals { eks_cluster_id = data.terraform_remote_state.layer1-aws.outputs.eks_cluster_id eks_oidc_provider_arn = data.terraform_remote_state.layer1-aws.outputs.eks_oidc_provider_arn - helm_repo_stable = "https://charts.helm.sh/stable" - helm_repo_incubator = "https://charts.helm.sh/incubator" - helm_repo_certmanager = "https://charts.jetstack.io" - helm_repo_gitlab = "https://charts.gitlab.io" - helm_repo_eks = "https://aws.github.io/eks-charts" - helm_repo_softonic = "https://charts.softonic.io" - helm_repo_elastic = "https://helm.elastic.co" - helm_repo_external_secrets = "https://external-secrets.github.io/kubernetes-external-secrets" #tfsec:ignore:general-secrets-sensitive-in-local - helm_repo_stakater = "https://stakater.github.io/stakater-charts" - helm_repo_cluster_autoscaler = "https://kubernetes.github.io/autoscaler" - helm_repo_ingress_nginx = "https://kubernetes.github.io/ingress-nginx" - helm_repo_bitnami = "https://charts.bitnami.com/bitnami" - helm_repo_prometheus_community = "https://prometheus-community.github.io/helm-charts" - helm_repo_grafana = "https://grafana.github.io/helm-charts" + helm_charts = yamldecode(file("${path.module}/helm-charts.yaml"))["charts"] } diff --git a/terraform/layer2-k8s/variables.tf b/terraform/layer2-k8s/variables.tf index 41a79ab9..979c64ce 100644 --- a/terraform/layer2-k8s/variables.tf +++ b/terraform/layer2-k8s/variables.tf @@ -26,29 +26,9 @@ variable "additional_allowed_ips" { description = "IP addresses allowed to connect to private resources" } -# OAUTH PROXY -variable "oauth2_proxy_version" { - type = string - default = "3.2.5" - description = "Version of the oauth-proxy chart" -} - -# External DNS -variable "external_dns_version" { - description = "Version of external-dns helm chart" - default = "4.9.4" -} - -# Cert Manager -variable "cert_manager_version" { - description = "Version of cert-manager helm chart" - default = "1.1.0" -} - -# NGINX Ingress -variable "nginx_ingress_controller_version" { - description = "Version of nginx-ingress helm chart" - default = "3.23.0" +variable "helm_release_history_size" { + description = "How much helm releases to store" + default = 5 } variable "nginx_ingress_ssl_terminator" { @@ -72,61 +52,7 @@ variable "cluster_autoscaler_version" { default = "v1.21.0" } -variable "cluster_autoscaler_chart_version" { - description = "Version of cluster autoscaler helm chart" - default = "9.10.5" -} - -# Prometheus Operator -variable "prometheus_operator_version" { - description = "Version of prometheus operator helm chart" - default = "13.12.0" -} - -# Redis -variable "redis_version" { - description = "Version of redis helm chart" - default = "12.7.3" -} - # ELK -variable "elk_version" { - description = "Version of ELK helm chart" - default = "7.8.0" -} - -# external secrets -variable "external_secrets_version" { - description = "Version of external-secrets helm chart" - default = "6.3.0" -} - -variable "reloader_version" { - description = "Version of reloader helm chart" - default = "0.0.81" -} - -variable "prometheus_mysql_exporter_version" { - description = "Version of prometheus mysql-exporter helm chart" - default = "1.1.0" -} - -variable "loki_stack" { - description = "Version of Loki Stack helm chart" - default = "2.3.1" -} - -variable "aws_node_termination_handler_version" { - description = "Version of aws-node-termination-handler helm chart" - default = "0.13.3" -} - -#Gitlab runner -variable "gitlab_runner_version" { - description = "Version of gitlab runner helm chart" - default = "0.26.0" -} - variable "elk_snapshot_retention_days" { description = "Days to capture index in snapshot" default = 90 @@ -136,14 +62,3 @@ variable "elk_index_retention_days" { description = "Days before remove index from system elasticsearch" default = 14 } - -# Calico -variable "calico_daemonset" { - description = "Version of calico helm chart" - default = "0.3.4" -} - -variable "helm_release_history_size" { - description = "How much helm releases to store" - default = 5 -}