diff --git a/README.md b/README.md index 3d0743d2e7..c4b751a3f7 100644 --- a/README.md +++ b/README.md @@ -134,7 +134,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a | local | >= 1.2 | | null | >= 2.1 | | random | >= 2.1 | -| template | >= 2.1 | ## Providers @@ -145,7 +144,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a | local | >= 1.2 | | null | >= 2.1 | | random | >= 2.1 | -| template | >= 2.1 | ## Inputs diff --git a/data.tf b/data.tf index bb5effd111..e0dcc5e34e 100644 --- a/data.tf +++ b/data.tf @@ -66,138 +66,104 @@ data "aws_iam_policy_document" "cluster_assume_role_policy" { } } -data "template_file" "kubeconfig" { - count = var.create_eks ? 1 : 0 - template = file("${path.module}/templates/kubeconfig.tpl") - - vars = { - kubeconfig_name = local.kubeconfig_name - endpoint = aws_eks_cluster.this[0].endpoint - cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data - aws_authenticator_command = var.kubeconfig_aws_authenticator_command - aws_authenticator_command_args = length(var.kubeconfig_aws_authenticator_command_args) > 0 ? " - ${join( - "\n - ", - var.kubeconfig_aws_authenticator_command_args, - )}" : " - ${join( - "\n - ", - formatlist("\"%s\"", ["token", "-i", aws_eks_cluster.this[0].name]), - )}" - aws_authenticator_additional_args = length(var.kubeconfig_aws_authenticator_additional_args) > 0 ? " - ${join( - "\n - ", - var.kubeconfig_aws_authenticator_additional_args, - )}" : "" - aws_authenticator_env_variables = length(var.kubeconfig_aws_authenticator_env_variables) > 0 ? " env:\n${join( - "\n", - data.template_file.aws_authenticator_env_variables.*.rendered, - )}" : "" - } -} - -data "template_file" "aws_authenticator_env_variables" { - count = length(var.kubeconfig_aws_authenticator_env_variables) - - template = < 0 ? var.kubeconfig_aws_authenticator_command_args : ["token", "-i", aws_eks_cluster.this[0].name] + aws_authenticator_additional_args = var.kubeconfig_aws_authenticator_additional_args + aws_authenticator_env_variables = var.kubeconfig_aws_authenticator_env_variables + }) : "" + + userdata = [for worker in var.worker_groups : templatefile( + lookup( + worker, + "userdata_template_file", + lookup(worker, "platform", local.workers_group_defaults["platform"]) == "windows" ? "${path.module}/templates/userdata_windows.tpl" : "${path.module}/templates/userdata.sh.tpl" + ), + merge( + { + platform = lookup(worker, "platform", local.workers_group_defaults["platform"]) + cluster_name = aws_eks_cluster.this[0].name + endpoint = aws_eks_cluster.this[0].endpoint + cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data + pre_userdata = lookup( + worker, + "pre_userdata", + local.workers_group_defaults["pre_userdata"], + ) + additional_userdata = lookup( + worker, + "additional_userdata", + local.workers_group_defaults["additional_userdata"], + ) + bootstrap_extra_args = lookup( + worker, + "bootstrap_extra_args", + local.workers_group_defaults["bootstrap_extra_args"], + ) + kubelet_extra_args = lookup( + worker, + "kubelet_extra_args", + local.workers_group_defaults["kubelet_extra_args"], + ) + }, + lookup( + worker, + "userdata_template_extra_args", + local.workers_group_defaults["userdata_template_extra_args"] + ) ) - ) + ) if var.create_eks + ] - vars = merge({ - platform = lookup(var.worker_groups[count.index], "platform", local.workers_group_defaults["platform"]) - cluster_name = aws_eks_cluster.this[0].name - endpoint = aws_eks_cluster.this[0].endpoint - cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data - pre_userdata = lookup( - var.worker_groups[count.index], - "pre_userdata", - local.workers_group_defaults["pre_userdata"], - ) - additional_userdata = lookup( - var.worker_groups[count.index], - "additional_userdata", - local.workers_group_defaults["additional_userdata"], - ) - bootstrap_extra_args = lookup( - var.worker_groups[count.index], - "bootstrap_extra_args", - local.workers_group_defaults["bootstrap_extra_args"], - ) - kubelet_extra_args = lookup( - var.worker_groups[count.index], - "kubelet_extra_args", - local.workers_group_defaults["kubelet_extra_args"], - ) - }, + launch_template_userdata = [for worker in var.worker_groups_launch_template : templatefile( lookup( - var.worker_groups[count.index], - "userdata_template_extra_args", - local.workers_group_defaults["userdata_template_extra_args"] - ) - ) -} - -data "template_file" "launch_template_userdata" { - count = var.create_eks ? local.worker_group_launch_template_count : 0 - template = lookup( - var.worker_groups_launch_template[count.index], - "userdata_template_file", - file( - lookup(var.worker_groups_launch_template[count.index], "platform", local.workers_group_defaults["platform"]) == "windows" + worker, + "userdata_template_file", + lookup(worker, "platform", local.workers_group_defaults["platform"]) == "windows" ? "${path.module}/templates/userdata_windows.tpl" : "${path.module}/templates/userdata.sh.tpl" + ), + merge( + { + platform = lookup(worker, "platform", local.workers_group_defaults["platform"]) + cluster_name = aws_eks_cluster.this[0].name + endpoint = aws_eks_cluster.this[0].endpoint + cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data + pre_userdata = lookup( + worker, + "pre_userdata", + local.workers_group_defaults["pre_userdata"], + ) + additional_userdata = lookup( + worker, + "additional_userdata", + local.workers_group_defaults["additional_userdata"], + ) + bootstrap_extra_args = lookup( + worker, + "bootstrap_extra_args", + local.workers_group_defaults["bootstrap_extra_args"], + ) + kubelet_extra_args = lookup( + worker, + "kubelet_extra_args", + local.workers_group_defaults["kubelet_extra_args"], + ) + }, + lookup( + worker, + "userdata_template_extra_args", + local.workers_group_defaults["userdata_template_extra_args"] + ) ) - ) - - vars = merge({ - platform = lookup(var.worker_groups_launch_template[count.index], "platform", local.workers_group_defaults["platform"]) - cluster_name = aws_eks_cluster.this[0].name - endpoint = aws_eks_cluster.this[0].endpoint - cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data - pre_userdata = lookup( - var.worker_groups_launch_template[count.index], - "pre_userdata", - local.workers_group_defaults["pre_userdata"], - ) - additional_userdata = lookup( - var.worker_groups_launch_template[count.index], - "additional_userdata", - local.workers_group_defaults["additional_userdata"], - ) - bootstrap_extra_args = lookup( - var.worker_groups_launch_template[count.index], - "bootstrap_extra_args", - local.workers_group_defaults["bootstrap_extra_args"], - ) - kubelet_extra_args = lookup( - var.worker_groups_launch_template[count.index], - "kubelet_extra_args", - local.workers_group_defaults["kubelet_extra_args"], - ) - }, - lookup( - var.worker_groups_launch_template[count.index], - "userdata_template_extra_args", - local.workers_group_defaults["userdata_template_extra_args"] - ) - ) + ) if var.create_eks + ] } data "aws_iam_role" "custom_cluster_iam_role" { diff --git a/kubectl.tf b/kubectl.tf index 56aba1ffd9..1e660708d2 100644 --- a/kubectl.tf +++ b/kubectl.tf @@ -1,5 +1,5 @@ resource "local_file" "kubeconfig" { count = var.write_kubeconfig && var.create_eks ? 1 : 0 - content = data.template_file.kubeconfig[0].rendered + content = local.kubeconfig filename = substr(var.config_output_path, -1, 1) == "/" ? "${var.config_output_path}kubeconfig_${var.cluster_name}" : var.config_output_path } diff --git a/outputs.tf b/outputs.tf index 9a6e4033bf..8ec702f359 100644 --- a/outputs.tf +++ b/outputs.tf @@ -60,7 +60,7 @@ output "cloudwatch_log_group_name" { output "kubeconfig" { description = "kubectl config file contents for this EKS cluster." - value = concat(data.template_file.kubeconfig[*].rendered, [""])[0] + value = local.kubeconfig } output "kubeconfig_filename" { @@ -92,8 +92,8 @@ output "workers_asg_names" { output "workers_user_data" { description = "User data of worker groups" value = concat( - data.template_file.userdata.*.rendered, - data.template_file.launch_template_userdata.*.rendered, + local.userdata, + local.launch_template_userdata, ) } diff --git a/templates/kubeconfig.tpl b/templates/kubeconfig.tpl index 1696391e89..ad1beec739 100644 --- a/templates/kubeconfig.tpl +++ b/templates/kubeconfig.tpl @@ -23,6 +23,16 @@ users: apiVersion: client.authentication.k8s.io/v1alpha1 command: ${aws_authenticator_command} args: -${aws_authenticator_command_args} -${aws_authenticator_additional_args} -${aws_authenticator_env_variables} +%{~ for i in aws_authenticator_command_args } + - "${i}" +%{~ endfor ~} +%{ for i in aws_authenticator_additional_args } + - ${i} +%{~ endfor ~} +%{ if length(aws_authenticator_env_variables) > 0 } + env: + %{~ for k, v in aws_authenticator_env_variables ~} + - name: ${k} + value: ${v} + %{~ endfor ~} +%{ endif ~} diff --git a/versions.tf b/versions.tf index fd052bbe15..e5c8ce6043 100644 --- a/versions.tf +++ b/versions.tf @@ -5,7 +5,6 @@ terraform { aws = ">= 2.52.0" local = ">= 1.2" null = ">= 2.1" - template = ">= 2.1" random = ">= 2.1" kubernetes = ">= 1.11.1" } diff --git a/workers.tf b/workers.tf index 2eed088c4f..a1908b7391 100644 --- a/workers.tf +++ b/workers.tf @@ -170,7 +170,7 @@ resource "aws_launch_configuration" "workers" { "key_name", local.workers_group_defaults["key_name"], ) - user_data_base64 = base64encode(data.template_file.userdata.*.rendered[count.index]) + user_data_base64 = base64encode(local.userdata[count.index]) ebs_optimized = lookup( var.worker_groups[count.index], "ebs_optimized", diff --git a/workers_launch_template.tf b/workers_launch_template.tf index 947bd19a6d..ebc997e9da 100644 --- a/workers_launch_template.tf +++ b/workers_launch_template.tf @@ -262,7 +262,7 @@ resource "aws_launch_template" "workers_launch_template" { local.workers_group_defaults["key_name"], ) user_data = base64encode( - data.template_file.launch_template_userdata.*.rendered[count.index], + local.launch_template_userdata[count.index], ) ebs_optimized = lookup(