Skip to content

Commit 46f285a

Browse files
authored
Merge pull request #60 from commitdev/terraform013
Terraform013
2 parents 8932ca8 + 18efe88 commit 46f285a

24 files changed

Lines changed: 110 additions & 28 deletions

File tree

templates/README.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,3 @@
1-
2-
31
# Overview
42
Your infrastructure should be up and running, your terraform repository is the source of truth for your infrastructure, here is [a list of components and resources][zero-resource-list] that comes with the EKS-stack
53

templates/kubernetes/terraform/modules/kubernetes/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ The `cert_manager.tf` config has a good example of using this in practice. To al
3838
```
3939
module "iam_assumable_role_my_role_name" {
4040
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
41-
version = "~> v2.6.0"
41+
version = "~> v2.14.0"
4242
create_role = true
4343
role_name = "my-role-name"
4444
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")

templates/kubernetes/terraform/modules/kubernetes/cert_manager.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ resource "helm_release" "cert_manager" {
8787
# Create a role using oidc to map service accounts
8888
module "iam_assumable_role_cert_manager" {
8989
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
90-
version = "~> v2.6.0"
90+
version = "~> v2.14.0"
9191
create_role = true
9292
role_name = "<% .Name %>-k8s-${var.environment}-cert-manager"
9393
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")

templates/kubernetes/terraform/modules/kubernetes/cluster_autoscaler.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ resource "helm_release" "cluster_autoscaler" {
3636
# Create a role using oidc to map service accounts
3737
module "iam_assumable_role_cluster_autoscaler" {
3838
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
39-
version = "~> v2.6.0"
39+
version = "~> v2.14.0"
4040
create_role = true
4141
role_name = "<% .Name %>-k8s-${var.environment}-cluster-autoscaler"
4242
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")

templates/kubernetes/terraform/modules/kubernetes/database-service.tf

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,12 @@ resource "kubernetes_namespace" "app_namespace" {
99
}
1010

1111
resource "kubernetes_service" "app_db" {
12+
## this should match the deployable backend's name/namespace
13+
## it uses this service to connect and create application user
14+
## https://github.com/commitdev/zero-deployable-backend/blob/b2cee21982b1e6a0ac9996e2a1bf214e5bf10ab5/db-ops/create-db-user.sh#L6
1215
metadata {
1316
namespace = kubernetes_namespace.app_namespace.metadata[0].name
14-
name = "<% .Name %>"
17+
name = "database"
1518
}
1619
spec {
1720
type = "ExternalName"

templates/kubernetes/terraform/modules/kubernetes/external_dns.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
# Create a role using oidc to map service accounts
22
module "iam_assumable_role_external_dns" {
33
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
4-
version = "~> v2.6.0"
4+
version = "~> v2.14.0"
55
create_role = true
66
role_name = "<% .Name %>-k8s-${var.environment}-external-dns"
77
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")

templates/kubernetes/terraform/modules/kubernetes/monitoring/main.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ data "aws_eks_cluster" "cluster" {
55
# Create a role using oidc to map service accounts
66
module "iam_assumable_role_cloudwatch" {
77
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
8-
version = "~> v2.6.0"
8+
version = "~> v2.14.0"
99
create_role = true
1010
role_name = "<% .Name %>-k8s-${var.environment}-cloudwatch"
1111
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")
@@ -16,7 +16,7 @@ module "iam_assumable_role_cloudwatch" {
1616
# Create a role using oidc to map service accounts
1717
module "iam_assumable_role_fluentd" {
1818
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
19-
version = "~> v2.6.0"
19+
version = "~> v2.14.0"
2020
create_role = true
2121
role_name = "<% .Name %>-k8s-${var.environment}-fluentd"
2222
provider_url = replace(data.aws_eks_cluster.cluster.identity.0.oidc.0.issuer, "https://", "")

templates/terraform/README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
## Guidelines & Style Convention Summary
22

33
- All Terraform configuration should be formatted with `terraform fmt` before being accepted into this repository.
4-
- This repository is Terraform version >= 0.12, as such, leverage features from this release whenever possible.
4+
- This repository is Terraform version >= 0.13, as such, leverage features from this release whenever possible.
55
See https://www.terraform.io/upgrade-guides/0-12.html for more information.
66
- Leverage community-maintained Terraform modules whenever possible.
77
- Attempt to minimize duplication whenever possible, but only within reason -- sometimes duplication is an acceptable solution.
88
- Follow style conventions described in `docs/guide.pdf` whenever possible.
9-
- Whenever possible, inject resources down versus referencing resources across modules. This has been made easier with new features in v0.12.
9+
- Whenever possible, inject resources down versus referencing resources across modules. This has been made easier with new features in v0.13.
1010
- Whenever possible, define the types of variables.
1111

1212
### Module Conventions

templates/terraform/bootstrap/secrets/main.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ provider "aws" {
55

66

77
terraform {
8-
required_version = ">= 0.12"
8+
required_version = ">= 0.13"
99
}
1010

1111
locals {

templates/terraform/environments/prod/main.tf

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
terraform {
2-
required_version = ">= 0.12"
2+
required_version = ">= 0.13"
33
backend "s3" {
44
bucket = "<% .Name %>-prod-terraform-state"
55
key = "infrastructure/terraform/environments/production/main"
@@ -40,6 +40,7 @@ module "prod" {
4040
domain_name = "<% index .Params `productionHostRoot` %>"
4141

4242
# DB configuration
43+
database = "<% index .Params `database` %>"
4344
db_instance_class = "db.t3.small"
4445
db_storage_gb = 100
4546

0 commit comments

Comments
 (0)