diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
index 98d12d7..e43148a 100644
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
+++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
@@ -5,6 +5,7 @@
locals {
cluster_endpoint_public_access = true
cluster_name = "platform-eng-eks-mcm"
+ created_reason = "Terragrunt Development for CICD Delivered EKS Platform"
creator = "matthew.c.morgan@census.gov"
eks_instance_disk_size = 100
eks_ng_desired_size = 2
@@ -17,8 +18,4 @@ locals {
"slim:schedule" = "8:00-17:00"
"cluster:size" = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
}
- eks_version = "0.1.1"
- eks_enabled = true
-
-
}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl
index 0a10b20..ba46766 100644
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl
+++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl
@@ -13,18 +13,17 @@ terraform {
}
inputs = {
- aws_account_id = local.account_id
- cluster_endpoint_public_access = local.cluster_endpoint_public_access
- cluster_name = local.cluster_name
- cluster_version = local.cluster_version
- creator = local.creator
- eks_instance_disk_size = local.eks_instance_disk_size
- eks_ng_desired_size = local.eks_ng_desired_size
- eks_ng_max_size = local.eks_ng_max_size
- eks_ng_min_size = local.eks_ng_min_size
- eks_vpc_name = local.eks_vpc_name
- enable_cluster_creator_admin_permissions = local.enable_cluster_creator_admin_permissions
- os_username = local.creator
- shared_vpc_label = local.environment_abbr
- tags = local.tags
+ cluster_endpoint_public_access = include.root.inputs.cluster_endpoint_public_access
+ cluster_name = include.root.inputs.cluster_name
+ cluster_version = include.root.inputs.cluster_version
+ creator = include.root.inputs.creator
+ eks_instance_disk_size = include.root.inputs.eks_instance_disk_size
+ eks_ng_desired_size = include.root.inputs.eks_ng_desired_size
+ eks_ng_max_size = include.root.inputs.eks_ng_max_size
+ eks_ng_min_size = include.root.inputs.eks_ng_min_size
+ eks_vpc_name = include.root.inputs.vpc_name
+ enable_cluster_creator_admin_permissions = include.root.inputs.enable_cluster_creator_admin_permissions
+ environment_abbr = include.root.inputs.environment_abbr
+ tags = include.root.inputs.tags
+ vpc_name = include.root.inputs.vpc_name
}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/cluster.hcl
deleted file mode 100644
index 8d2831c..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/cluster.hcl
+++ /dev/null
@@ -1,20 +0,0 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
-
-# Set cluster specific variables. These are automatically pulled in to configure the remote state bucket in the root
-# terragrunt.hcl configuration.
-locals {
- cluster_endpoint_public_access = true
- cluster_name = "platform-eng-eks-mcm"
- creator = "matthew.c.morgan@census.gov"
- eks_instance_disk_size = 100
- eks_ng_desired_size = 2
- eks_ng_max_size = 10
- eks_ng_min_size = 0
- enable_cluster_creator_admin_permissions = true
- terraform = true
- terragrunt = true
- tags = {
- "slim:schedule" = "8:00-17:00"
- "cluster:size" = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
- }
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-cert-manager/terragrunt.hcl
deleted file mode 100644
index 35e355a..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-cert-manager/terragrunt.hcl
+++ /dev/null
@@ -1,40 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-cert-mgr.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-
-dependency "eks_config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_mailing_list = dependency.eks.inputs.creator
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cert_manager_helm_chart = include.root.inputs.cert_manager_helm_chart
- cert_manager_cainjector_tag = include.root.inputs.cert_manager_cainjector_tag
- cert_manager_controller_tag = include.root.inputs.cert_manager_controller_tag
- cert_manager_startupapicheck_tag = include.root.inputs.cert_manager_startupapicheck_tag
- cert_manager_webhook_tag = include.root.inputs.cert_manager_webhook_tag
- cluster_issuer_name = include.root.inputs.cluster_issuer_name
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-config/terragrunt.hcl
deleted file mode 100644
index d4a60db..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-config/terragrunt.hcl
+++ /dev/null
@@ -1,42 +0,0 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
-
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-configuration.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_certificate_authority_data = [{ data = "THISISAVERYLONGCERTSTRINGTHATGOESHEREFORSURENODYEP" }]
- cluster_endpoint = "https://12345ABCDEE42BF9C24D4C362D1DC.sk1.us-gov-east-1.eks.amazonaws.com"
- cluster_name = "a-cluster-name"
- eks_managed_node_groups_autoscaling_group_names = ["eks-eks-a-cluster-name-node_group-0000000000000000000000000-5ac8a5e3-14dd-c043-2cc9-f4b6ffb36d32"]
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- security_group_all_worker_mgmt_id = "sg-00b0000000000000"
- subnets = ["subnet-00000000000000001", "subnet-00000000000000002", "subnet-00000000000000003"]
- token = [{ token = "THISISTHETOKENTHATDOESNTEXISTTHEREAREMANYLIKEITBUTHISONEISFORACLUSTER" }]
- vpc_id = "a-vpc-id"
- }
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- vpc_id = dependency.eks.outputs.vpc_id
- cluster_name = dependency.eks.outputs.cluster_name
- subnets = dependency.eks.outputs.subnets
- security_group_all_worker_mgmt_id = dependency.eks.outputs.security_group_all_worker_mgmt_id
- eks_managed_node_groups_autoscaling_group_names = dependency.eks.outputs.eks_managed_node_groups_autoscaling_group_names
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- kubectl_image_tag = include.root.inputs.kubectl_image_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-dns/terragrunt.hcl
deleted file mode 100644
index 6e28781..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-dns/terragrunt.hcl
+++ /dev/null
@@ -1,42 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-dns.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- subnets = ["subnet-abcdefgh", "subnet-12345678", "subnet-ab12cd34"]
- }
-}
-
-dependency "istio" {
- config_path = "../eks-istio"
- mock_outputs = {
- istio_ingress_lb = {
- dns_name = "a1111111111111111111111111111111-2bbbbbbbbbbbbbbb.elb.us-gov-east-1.amazonaws.com"
- zone_id = "ZABC123456DEF"
- }
- }
-}
-
-inputs = {
- cluster_name = dependency.eks.inputs.cluster_name
- istio_ingress_lb = dependency.istio.outputs.istio_ingress_lb
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- subnets = dependency.eks.outputs.subnets
- tags = dependency.eks.inputs.tags
- vpc_domain_name = dependency.eks.inputs.vpc_domain_name
- vpc_name = dependency.eks.inputs.vpc_name
- route53_endpoints = include.root.inputs.route53_endpoints
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-grafana/terragrunt.hcl
deleted file mode 100644
index 65ab33f..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-grafana/terragrunt.hcl
+++ /dev/null
@@ -1,40 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-grafana.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks-loki" {
- config_path = "../eks-loki"
- mock_outputs = {
- rwo_storage_class = "gp3-encrypted"
- }
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- public_hostname = include.root.inputs.grafana_hostname
- rwo_storage_class = dependency.eks-loki.outputs.rwo_storage_class
- grafana_chart_version = include.root.inputs.grafana_chart_version
- grafana_tag = include.root.inputs.grafana_tag
- download_dashboards_image_tag = include.root.inputs.download_dashboards_image_tag
- init_chown_data_image_tag = include.root.inputs.init_chown_data_image_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-istio/terragrunt.hcl
deleted file mode 100644
index c7c22c8..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-istio/terragrunt.hcl
+++ /dev/null
@@ -1,32 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-dependency "eks-karpenter" {
- config_path = "../eks-karpenter"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- istio_chart_version = include.root.inputs.istio_version
- istio_version = include.root.inputs.istio_version
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-k8s-dashboard/terragrunt.hcl
deleted file mode 100644
index cd1961b..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-k8s-dashboard/terragrunt.hcl
+++ /dev/null
@@ -1,36 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-k8s-dashboard.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- vpc_domain_name = "example.com"
- }
-}
-
-dependency "eks-loki" {
- config_path = "../eks-loki"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- public_hostname = include.root.inputs.dashboard_hostname
- k8s_dashboard_version = include.root.inputs.k8s_dashboard_version
- # datasources = dependency.eks-loki.outputs.gateway_internal_endpoint
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-karpenter/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-karpenter/terragrunt.hcl
deleted file mode 100644
index 6b1a862..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-karpenter/terragrunt.hcl
+++ /dev/null
@@ -1,43 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-karpenter.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_endpoint = "https://0000000000000000AAAAAAAAAAAAAAAA.sk1.us-gov-east-1.eks.amazonaws.com"
- cluster_name = "a-cluster-name"
- node_group_name = "node_group_a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- vpc_id = "a-vpc-name"
- }
-}
-
-dependency "eks-config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_endpoint = dependency.eks.outputs.cluster_endpoint
- cluster_name = dependency.eks.outputs.cluster_name
- karpenter_node_group_name = dependency.eks.outputs.node_group_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- vpc_id = dependency.eks.outputs.vpc_id
- karpenter_helm_chart = include.root.inputs.karpenter_helm_chart
- karpenter_tag = include.root.inputs.karpenter_tag
- kubectl_tag = include.root.inputs.kubectl_image_tag
-
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-kiali/terragrunt.hcl.disable b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-kiali/terragrunt.hcl.disable
deleted file mode 100644
index 1e04fe0..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-kiali/terragrunt.hcl.disable
+++ /dev/null
@@ -1,81 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-kiali.git?ref=${include.root.inputs.release_version}"
- # source = "../../../../../../../tfmod-kiali"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-dependency "eks-cert-manager" {
- config_path = "../eks-cert-manager"
- mock_outputs = {
- cluster_issuer_name = "acmpca-clusterissuer"
- }
-}
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- mock_outputs = {
- prometheus_server_internal_endpoint = {
- hostname = "prometheus-server.prometheus.svc.cluster.local"
- port_number = 9090
- url = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
- }
- }
-}
-dependency "eks-grafana" {
- config_path = "../eks-grafana"
- mock_outputs = {
- internal_endpoint = {
- hostname = "grafana.grafana.svc.cluster.local"
- port_number = "80"
- url = "https://grafana.grafana.svc.cluster.local:80/"
- }
- namespace = "grafana"
- public_endpoint = {
- hostname = "grafana.dev.lab.csp2.census.gov"
- port_number = "80"
- url = "https://grafana.dev.lab.csp2.census.gov:80/"
- }
- secret_name = "grafana"
- }
-}
-
-inputs = {
- kiali_operator_version = include.root.inputs.kiali_operator_version
- kiali_application_version = include.root.inputs.kiali_application_version
-
- profile = include.root.inputs.aws_profile
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- operators_namespace = "operators"
- cluster_name = dependency.eks.outputs.cluster_name
- certificate_issuer = dependency.eks-cert-manager.outputs.cluster_issuer_name
- prometheus_internal_url = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.url
- grafana_internal_url = dependency.eks-grafana.outputs.internal_endpoint.url
- grafana_namespace = dependency.eks-grafana.outputs.namespace
- grafana_public_url = dependency.eks-grafana.outputs.public_endpoint.url
- grafana_secret_name = "grafana"
- # grafana_secret_name = dependency.eks-grafana.outputs.secret_name
- jaeger_internal_url = ""
-
-
- # client_id = var.sso_client_id
- # client_secret = var.sso_client_secret
- # keycloak_public_url = var.keycloak_public_url
- # gogatekeeper_chart_version = var.gogatekeeper_chart_version
- # gogatekeeper_registry = var.gogatekeeper_registry
- # gogatekeeper_repository = var.gogatekeeper_repository
- # gogatekeeper_tag = var.gogatekeeper_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-loki/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-loki/terragrunt.hcl
deleted file mode 100644
index 2c6b6be..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-loki/terragrunt.hcl
+++ /dev/null
@@ -1,44 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-loki.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-dependency "eks-istio" {
- config_path = "../eks-istio"
- skip_outputs = true
-}
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- loki_chart_version = include.root.inputs.loki_chart_version
- loki_tag = include.root.inputs.loki_tag
- canary_tag = include.root.inputs.canary_tag
- enterprise_logs_provisioner_tag = include.root.inputs.enterprise_logs_provisioner_tag
- gateway_tag = include.root.inputs.gateway_tag
- memcached_tag = include.root.inputs.memcached_tag
- exporter_tag = include.root.inputs.exporter_tag
- sidecar_tag = include.root.inputs.sidecar_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-metrics-server/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-metrics-server/terragrunt.hcl
deleted file mode 100644
index 387653b..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-metrics-server/terragrunt.hcl
+++ /dev/null
@@ -1,33 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-metrics-server.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks_config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- cluster_name = dependency.eks.outputs.cluster_name
- region = include.root.inputs.aws_region
- metrics_server_helm_chart = include.root.inputs.metrics_server_helm_chart
- metrics_server_tag = include.root.inputs.metrics_server_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/README.md b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/README.md
deleted file mode 100644
index bbbffb2..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/README.md
+++ /dev/null
@@ -1,198 +0,0 @@
-## eks-prometheus
-This module deploys EKS kubeenetes prometheus inside existing EKS cluster. Prometheus is an open-source systems monitoring and alerting tool.
-This module consisits of 4 components. It creates prometheus namespace and copies image repositories for the following components from quay.io into local account ECR repository. It deploys these components using helm charts using the configured ECR repositories.
- 1. prometheus-alert-manager
- 2. prometheus-node-exporter
- 3. prometheus-pushgateway
- 4. prometheus-server
-
-### Dependencies
-This module is dependent on EKS module (eks). The cluster should exist already for this module to work.
-
-### Inputs
- cluster_name
- profile
- prometheus_chart_version
- prometheus_server_tag
- prometheus_config_reloader_tag
- alertmanager_tag
- kube_state_metrics_tag
- node_exporter_tag
- pushgateway_tag
- rwo_storage_class
-
-### Outputs
- alertmanager_internal_endpoint
- alertmanager_headless_internal_endpoint
- pushgateway_internal_endpoint
- prometheus_server_internal_endpoint
-
-### Issues observed/fixed
-1. The rwo_storage_class value had to be updated from "gp3" to "gp3-encrypted"
-2. The node_exporter_tag value had to be updated from "1.6.1" to "v1.8.1"
-3. The kube_state_metrics_tag value had to be updated from "2.10.0" to "v2.6.0"
-4. The alertmanager_tag value had to be updated from
-5. The helm chart set config for the ecr image had to be split into 2 components, one for registry and other for repository as an example mentioned below:
-
- ```
- set {
- name = "kube-state-metrics.image.registry"
- value = module.images.images[local.ksm_key].dest_registry
- }
- set {
- name = "kube-state-metrics.image.repository"
- value = module.images.images[local.ksm_key].dest_repository
- }
- ```
-
-6. In some other cases the image ecr repository had to be split by the colon separatory (:)
-
- ```
- set {
- name = "alertmanager.configmapReload.image.repository"
- value = split(":", module.images.images[local.prom_config_reload_key].dest_full_path)[0]
- }
- ```
-
-### Chart Notes
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus-pushgateway,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl port-forward $POD_NAME 9091
- echo "Visit http://127.0.0.1:9091 to use your application"
- ```
-
- The Prometheus server can be accessed via port 80 on the following DNS name from within your cluster:
- prometheus-server.prometheus.svc.cluster.local
-
-
- Get the Prometheus server URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9090
- ```
-
- The Prometheus alertmanager can be accessed via port 9093 on the following DNS name from within your cluster:
- `prometheus-alertmanager.prometheus.svc.cluster.local`
-
-
- Get the Alertmanager URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=alertmanager,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9093
- ```
-
- #################################################################################
- ###### WARNING: Pod Security Policy has been disabled by default since #####
- ###### it deprecated after k8s 1.25+. use #####
- ###### (index .Values "prometheus-node-exporter" "rbac" #####
- ###### "pspEnabled") with (index .Values #####
- ###### "prometheus-node-exporter" "rbac" "pspAnnotations") #####
- ###### in case you still need it. #####
- #################################################################################
-
-
- The Prometheus PushGateway can be accessed via port 9091 on the following DNS name from within your cluster:
- `prometheus-prometheus-pushgateway.prometheus.svc.cluster.local`
-
-
- Get the PushGateway URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app=prometheus-pushgateway,component=pushgateway" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9091
- ```
-
- For more information on running Prometheus, visit:
- https://prometheus.io/
-
- kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
- The exposed metrics can be found here:
- https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics
-
- The metrics are exported on the HTTP endpoint /metrics on the listening port.
- In your case, `prometheus-kube-state-metrics.prometheus.svc.cluster.local:8080/metrics`
-
- They are served either as plaintext or protobuf depending on the Accept header.
- They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint.
-
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=alertmanager,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:9093 to use your application"
- kubectl --namespace prometheus port-forward $POD_NAME 9093:80
- ```
-
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus-node-exporter,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:9100 to use your application"
- kubectl port-forward --namespace prometheus $POD_NAME 9100
- ```
-
-
-## Requirements
-
-| Name | Version |
-|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13 |
-| [aws](#requirement\_aws) | >= 5.14.0 |
-| [helm](#requirement\_helm) | >= 2.11.0 |
-| [kubernetes](#requirement\_kubernetes) | >= 2.23.0 |
-| [null](#requirement\_null) | >= 3.2.1 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| [helm](#provider\_helm) | >= 2.11.0 |
-| [kubernetes](#provider\_kubernetes) | >= 2.23.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.prometheus](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
-| [kubernetes_namespace.existing-ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/namespace) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [alertmanager\_tag](#input\_alertmanager\_tag) | The image tag of the alertmanager image. | `string` | `"v0.27.0"` | no |
-| [cluster\_name](#input\_cluster\_name) | The name of the cluster into which prometheus will be installed. | `string` | n/a | yes |
-| [create\_namespace](#input\_create\_namespace) | Indicates whether the `namespace` needs to be created ('true') or already exists (not `true`) | `bool` | `true` | no |
-| [kube\_state\_metrics\_tag](#input\_kube\_state\_metrics\_tag) | The image tag of the kube-state-metrics image. | `string` | `"v2.13.0"` | no |
-| [namespace](#input\_namespace) | The namespace to install the prometheus components. Defaults to 'prometheus' | `string` | `"prometheus"` | no |
-| [node\_exporter\_tag](#input\_node\_exporter\_tag) | The image tag of the node-exporter image. | `string` | `"v1.8.2"` | no |
-| [profile](#input\_profile) | AWS\_PROFILE to use to apply the terraform script. | `string` | `""` | no |
-| [prometheus\_chart\_version](#input\_prometheus\_chart\_version) | The version of prometheus to install into the cluster. | `string` | `"25.24.1"` | no |
-| [prometheus\_config\_reloader\_tag](#input\_prometheus\_config\_reloader\_tag) | The image tag of the prometheus-config-reloader image. | `string` | `"v0.75.1"` | no |
-| [prometheus\_server\_tag](#input\_prometheus\_server\_tag) | The image tag of prometheus server to install into the cluster. | `string` | `"v2.53.1"` | no |
-| [pushgateway\_tag](#input\_pushgateway\_tag) | The image tag of the pushgateway image. | `string` | `"v1.9.0"` | no |
-| [rwo\_storage\_class](#input\_rwo\_storage\_class) | Specify the storage class for read/write/once persistent volumes. | `string` | `"gp3-encrypted"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| [alertmanager\_headless\_internal\_endpoint](#output\_alertmanager\_headless\_internal\_endpoint) | n/a |
-| [alertmanager\_internal\_endpoint](#output\_alertmanager\_internal\_endpoint) | n/a |
-| [module\_name](#output\_module\_name) | The name of this module. |
-| [module\_version](#output\_module\_version) | The version of this module. |
-| [prometheus\_namespace](#output\_prometheus\_namespace) | n/a |
-| [prometheus\_server\_internal\_endpoint](#output\_prometheus\_server\_internal\_endpoint) | n/a |
-| [pushgateway\_internal\_endpoint](#output\_pushgateway\_internal\_endpoint) | n/a |
-
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/terragrunt.hcl
deleted file mode 100644
index e6c54b1..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-prometheus/terragrunt.hcl
+++ /dev/null
@@ -1,38 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-prometheus.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks-dns" {
- config_path = "../eks-dns"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- prometheus_chart_version = include.root.inputs.prometheus_chart_version
- prometheus_server_tag = include.root.inputs.prometheus_server_tag
- prometheus_config_reloader_tag = include.root.inputs.prometheus_config_reloader_tag
- alertmanager_tag = include.root.inputs.alertmanager_tag
- kube_state_metrics_tag = include.root.inputs.kube_state_metrics_tag
- node_exporter_tag = include.root.inputs.node_exporter_tag
- pushgateway_tag = include.root.inputs.pushgateway_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-tempo/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-tempo/terragrunt.hcl
deleted file mode 100644
index e9ebd48..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks-tempo/terragrunt.hcl
+++ /dev/null
@@ -1,46 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-tempo.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- mock_outputs = {
- prometheus_server_internal_endpoint = {
- hostname = "prometheus-server.prometheus.svc.cluster.local"
- port_number = 9090
- url = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
- }
- prometheus_namespace = "prometheus"
- }
-}
-
-inputs = {
- account_id = include.root.locals.account_id
- profile = include.root.locals.aws_profile
- region = include.root.locals.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- prometheus_port = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.port_number
- prometheus_namespace = dependency.eks-prometheus.outputs.prometheus_namespace
- tempo_chart_version = include.root.inputs.tempo_chart_version
- tempo_tag = include.root.inputs.tempo_tag
-
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks/terragrunt.hcl
deleted file mode 100644
index cc7c893..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-test/eks/terragrunt.hcl
+++ /dev/null
@@ -1,56 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-locals {
- # Set cluster/platform specific variables, or extract from the hierarchy.
- account_id = include.root.inputs.aws_account_id
- cluster_endpoint_public_access = include.root.inputs.cluster_endpoint_public_access
- cluster_name = include.root.inputs.cluster_name
- cluster_version = include.root.inputs.cluster_version
- creator = include.root.inputs.creator
- eks_instance_disk_size = include.root.inputs.eks_instance_disk_size
- eks_ng_desired_size = include.root.inputs.eks_ng_desired_size
- eks_ng_max_size = include.root.inputs.eks_ng_max_size
- eks_ng_min_size = include.root.inputs.eks_ng_min_size
- eks_vpc_name = include.root.inputs.vpc_name
- enable_cluster_creator_admin_permissions = include.root.inputs.enable_cluster_creator_admin_permissions
- environment_abbr = include.root.inputs.environment_abbr
- organization = include.root.inputs.organization
- profile = include.root.inputs.aws_profile
- project_name = include.root.inputs.project_name
- project_number = include.root.inputs.project_number
- project_role = include.root.inputs.project_role
- region = include.root.inputs.aws_region
- tags = include.root.inputs.tags
- terraform = include.root.inputs.terraform
- terragrunt = include.root.inputs.terragrunt
- vpc_domain_name = include.root.inputs.vpc_domain_name
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-inputs = {
- aws_account_id = local.account_id
- cluster_endpoint_public_access = local.cluster_endpoint_public_access
- cluster_name = local.cluster_name
- cluster_version = local.cluster_version
- creator = local.creator
- eks_instance_disk_size = local.eks_instance_disk_size
- eks_ng_desired_size = local.eks_ng_desired_size
- eks_ng_max_size = local.eks_ng_max_size
- eks_ng_min_size = local.eks_ng_min_size
- eks_vpc_name = local.eks_vpc_name
- enable_cluster_creator_admin_permissions = local.enable_cluster_creator_admin_permissions
- os_username = local.creator
- shared_vpc_label = local.environment_abbr
- tags = local.tags
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/cluster.hcl
deleted file mode 100644
index 8d2831c..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/cluster.hcl
+++ /dev/null
@@ -1,20 +0,0 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
-
-# Set cluster specific variables. These are automatically pulled in to configure the remote state bucket in the root
-# terragrunt.hcl configuration.
-locals {
- cluster_endpoint_public_access = true
- cluster_name = "platform-eng-eks-mcm"
- creator = "matthew.c.morgan@census.gov"
- eks_instance_disk_size = 100
- eks_ng_desired_size = 2
- eks_ng_max_size = 10
- eks_ng_min_size = 0
- enable_cluster_creator_admin_permissions = true
- terraform = true
- terragrunt = true
- tags = {
- "slim:schedule" = "8:00-17:00"
- "cluster:size" = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
- }
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-cert-manager/terragrunt.hcl
deleted file mode 100644
index 35e355a..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-cert-manager/terragrunt.hcl
+++ /dev/null
@@ -1,40 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-cert-mgr.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-
-dependency "eks_config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_mailing_list = dependency.eks.inputs.creator
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cert_manager_helm_chart = include.root.inputs.cert_manager_helm_chart
- cert_manager_cainjector_tag = include.root.inputs.cert_manager_cainjector_tag
- cert_manager_controller_tag = include.root.inputs.cert_manager_controller_tag
- cert_manager_startupapicheck_tag = include.root.inputs.cert_manager_startupapicheck_tag
- cert_manager_webhook_tag = include.root.inputs.cert_manager_webhook_tag
- cluster_issuer_name = include.root.inputs.cluster_issuer_name
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-config/terragrunt.hcl
deleted file mode 100644
index d4a60db..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-config/terragrunt.hcl
+++ /dev/null
@@ -1,42 +0,0 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
-
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-configuration.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_certificate_authority_data = [{ data = "THISISAVERYLONGCERTSTRINGTHATGOESHEREFORSURENODYEP" }]
- cluster_endpoint = "https://12345ABCDEE42BF9C24D4C362D1DC.sk1.us-gov-east-1.eks.amazonaws.com"
- cluster_name = "a-cluster-name"
- eks_managed_node_groups_autoscaling_group_names = ["eks-eks-a-cluster-name-node_group-0000000000000000000000000-5ac8a5e3-14dd-c043-2cc9-f4b6ffb36d32"]
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- security_group_all_worker_mgmt_id = "sg-00b0000000000000"
- subnets = ["subnet-00000000000000001", "subnet-00000000000000002", "subnet-00000000000000003"]
- token = [{ token = "THISISTHETOKENTHATDOESNTEXISTTHEREAREMANYLIKEITBUTHISONEISFORACLUSTER" }]
- vpc_id = "a-vpc-id"
- }
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- vpc_id = dependency.eks.outputs.vpc_id
- cluster_name = dependency.eks.outputs.cluster_name
- subnets = dependency.eks.outputs.subnets
- security_group_all_worker_mgmt_id = dependency.eks.outputs.security_group_all_worker_mgmt_id
- eks_managed_node_groups_autoscaling_group_names = dependency.eks.outputs.eks_managed_node_groups_autoscaling_group_names
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- kubectl_image_tag = include.root.inputs.kubectl_image_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-dns/terragrunt.hcl
deleted file mode 100644
index 6e28781..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-dns/terragrunt.hcl
+++ /dev/null
@@ -1,42 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-dns.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- subnets = ["subnet-abcdefgh", "subnet-12345678", "subnet-ab12cd34"]
- }
-}
-
-dependency "istio" {
- config_path = "../eks-istio"
- mock_outputs = {
- istio_ingress_lb = {
- dns_name = "a1111111111111111111111111111111-2bbbbbbbbbbbbbbb.elb.us-gov-east-1.amazonaws.com"
- zone_id = "ZABC123456DEF"
- }
- }
-}
-
-inputs = {
- cluster_name = dependency.eks.inputs.cluster_name
- istio_ingress_lb = dependency.istio.outputs.istio_ingress_lb
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- subnets = dependency.eks.outputs.subnets
- tags = dependency.eks.inputs.tags
- vpc_domain_name = dependency.eks.inputs.vpc_domain_name
- vpc_name = dependency.eks.inputs.vpc_name
- route53_endpoints = include.root.inputs.route53_endpoints
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-grafana/terragrunt.hcl
deleted file mode 100644
index 65ab33f..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-grafana/terragrunt.hcl
+++ /dev/null
@@ -1,40 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-grafana.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks-loki" {
- config_path = "../eks-loki"
- mock_outputs = {
- rwo_storage_class = "gp3-encrypted"
- }
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- public_hostname = include.root.inputs.grafana_hostname
- rwo_storage_class = dependency.eks-loki.outputs.rwo_storage_class
- grafana_chart_version = include.root.inputs.grafana_chart_version
- grafana_tag = include.root.inputs.grafana_tag
- download_dashboards_image_tag = include.root.inputs.download_dashboards_image_tag
- init_chown_data_image_tag = include.root.inputs.init_chown_data_image_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-istio/terragrunt.hcl
deleted file mode 100644
index c7c22c8..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-istio/terragrunt.hcl
+++ /dev/null
@@ -1,32 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-dependency "eks-karpenter" {
- config_path = "../eks-karpenter"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- istio_chart_version = include.root.inputs.istio_version
- istio_version = include.root.inputs.istio_version
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-k8s-dashboard/terragrunt.hcl
deleted file mode 100644
index cd1961b..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-k8s-dashboard/terragrunt.hcl
+++ /dev/null
@@ -1,36 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-k8s-dashboard.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- vpc_domain_name = "example.com"
- }
-}
-
-dependency "eks-loki" {
- config_path = "../eks-loki"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- public_hostname = include.root.inputs.dashboard_hostname
- k8s_dashboard_version = include.root.inputs.k8s_dashboard_version
- # datasources = dependency.eks-loki.outputs.gateway_internal_endpoint
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-karpenter/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-karpenter/terragrunt.hcl
deleted file mode 100644
index 6b1a862..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-karpenter/terragrunt.hcl
+++ /dev/null
@@ -1,43 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-karpenter.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_endpoint = "https://0000000000000000AAAAAAAAAAAAAAAA.sk1.us-gov-east-1.eks.amazonaws.com"
- cluster_name = "a-cluster-name"
- node_group_name = "node_group_a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- vpc_id = "a-vpc-name"
- }
-}
-
-dependency "eks-config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_endpoint = dependency.eks.outputs.cluster_endpoint
- cluster_name = dependency.eks.outputs.cluster_name
- karpenter_node_group_name = dependency.eks.outputs.node_group_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- vpc_id = dependency.eks.outputs.vpc_id
- karpenter_helm_chart = include.root.inputs.karpenter_helm_chart
- karpenter_tag = include.root.inputs.karpenter_tag
- kubectl_tag = include.root.inputs.kubectl_image_tag
-
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-kiali/terragrunt.hcl.disable b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-kiali/terragrunt.hcl.disable
deleted file mode 100644
index 1e04fe0..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-kiali/terragrunt.hcl.disable
+++ /dev/null
@@ -1,81 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-kiali.git?ref=${include.root.inputs.release_version}"
- # source = "../../../../../../../tfmod-kiali"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-dependency "eks-cert-manager" {
- config_path = "../eks-cert-manager"
- mock_outputs = {
- cluster_issuer_name = "acmpca-clusterissuer"
- }
-}
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- mock_outputs = {
- prometheus_server_internal_endpoint = {
- hostname = "prometheus-server.prometheus.svc.cluster.local"
- port_number = 9090
- url = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
- }
- }
-}
-dependency "eks-grafana" {
- config_path = "../eks-grafana"
- mock_outputs = {
- internal_endpoint = {
- hostname = "grafana.grafana.svc.cluster.local"
- port_number = "80"
- url = "https://grafana.grafana.svc.cluster.local:80/"
- }
- namespace = "grafana"
- public_endpoint = {
- hostname = "grafana.dev.lab.csp2.census.gov"
- port_number = "80"
- url = "https://grafana.dev.lab.csp2.census.gov:80/"
- }
- secret_name = "grafana"
- }
-}
-
-inputs = {
- kiali_operator_version = include.root.inputs.kiali_operator_version
- kiali_application_version = include.root.inputs.kiali_application_version
-
- profile = include.root.inputs.aws_profile
- cluster_domain = dependency.eks.inputs.vpc_domain_name
- operators_namespace = "operators"
- cluster_name = dependency.eks.outputs.cluster_name
- certificate_issuer = dependency.eks-cert-manager.outputs.cluster_issuer_name
- prometheus_internal_url = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.url
- grafana_internal_url = dependency.eks-grafana.outputs.internal_endpoint.url
- grafana_namespace = dependency.eks-grafana.outputs.namespace
- grafana_public_url = dependency.eks-grafana.outputs.public_endpoint.url
- grafana_secret_name = "grafana"
- # grafana_secret_name = dependency.eks-grafana.outputs.secret_name
- jaeger_internal_url = ""
-
-
- # client_id = var.sso_client_id
- # client_secret = var.sso_client_secret
- # keycloak_public_url = var.keycloak_public_url
- # gogatekeeper_chart_version = var.gogatekeeper_chart_version
- # gogatekeeper_registry = var.gogatekeeper_registry
- # gogatekeeper_repository = var.gogatekeeper_repository
- # gogatekeeper_tag = var.gogatekeeper_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-loki/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-loki/terragrunt.hcl
deleted file mode 100644
index 2c6b6be..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-loki/terragrunt.hcl
+++ /dev/null
@@ -1,44 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-loki.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-dependency "eks-istio" {
- config_path = "../eks-istio"
- skip_outputs = true
-}
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- loki_chart_version = include.root.inputs.loki_chart_version
- loki_tag = include.root.inputs.loki_tag
- canary_tag = include.root.inputs.canary_tag
- enterprise_logs_provisioner_tag = include.root.inputs.enterprise_logs_provisioner_tag
- gateway_tag = include.root.inputs.gateway_tag
- memcached_tag = include.root.inputs.memcached_tag
- exporter_tag = include.root.inputs.exporter_tag
- sidecar_tag = include.root.inputs.sidecar_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-metrics-server/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-metrics-server/terragrunt.hcl
deleted file mode 100644
index 387653b..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-metrics-server/terragrunt.hcl
+++ /dev/null
@@ -1,33 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-metrics-server.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks_config" {
- config_path = "../eks-config"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- cluster_name = dependency.eks.outputs.cluster_name
- region = include.root.inputs.aws_region
- metrics_server_helm_chart = include.root.inputs.metrics_server_helm_chart
- metrics_server_tag = include.root.inputs.metrics_server_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/README.md b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/README.md
deleted file mode 100644
index bbbffb2..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/README.md
+++ /dev/null
@@ -1,198 +0,0 @@
-## eks-prometheus
-This module deploys EKS kubeenetes prometheus inside existing EKS cluster. Prometheus is an open-source systems monitoring and alerting tool.
-This module consisits of 4 components. It creates prometheus namespace and copies image repositories for the following components from quay.io into local account ECR repository. It deploys these components using helm charts using the configured ECR repositories.
- 1. prometheus-alert-manager
- 2. prometheus-node-exporter
- 3. prometheus-pushgateway
- 4. prometheus-server
-
-### Dependencies
-This module is dependent on EKS module (eks). The cluster should exist already for this module to work.
-
-### Inputs
- cluster_name
- profile
- prometheus_chart_version
- prometheus_server_tag
- prometheus_config_reloader_tag
- alertmanager_tag
- kube_state_metrics_tag
- node_exporter_tag
- pushgateway_tag
- rwo_storage_class
-
-### Outputs
- alertmanager_internal_endpoint
- alertmanager_headless_internal_endpoint
- pushgateway_internal_endpoint
- prometheus_server_internal_endpoint
-
-### Issues observed/fixed
-1. The rwo_storage_class value had to be updated from "gp3" to "gp3-encrypted"
-2. The node_exporter_tag value had to be updated from "1.6.1" to "v1.8.1"
-3. The kube_state_metrics_tag value had to be updated from "2.10.0" to "v2.6.0"
-4. The alertmanager_tag value had to be updated from
-5. The helm chart set config for the ecr image had to be split into 2 components, one for registry and other for repository as an example mentioned below:
-
- ```
- set {
- name = "kube-state-metrics.image.registry"
- value = module.images.images[local.ksm_key].dest_registry
- }
- set {
- name = "kube-state-metrics.image.repository"
- value = module.images.images[local.ksm_key].dest_repository
- }
- ```
-
-6. In some other cases the image ecr repository had to be split by the colon separatory (:)
-
- ```
- set {
- name = "alertmanager.configmapReload.image.repository"
- value = split(":", module.images.images[local.prom_config_reload_key].dest_full_path)[0]
- }
- ```
-
-### Chart Notes
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus-pushgateway,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl port-forward $POD_NAME 9091
- echo "Visit http://127.0.0.1:9091 to use your application"
- ```
-
- The Prometheus server can be accessed via port 80 on the following DNS name from within your cluster:
- prometheus-server.prometheus.svc.cluster.local
-
-
- Get the Prometheus server URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9090
- ```
-
- The Prometheus alertmanager can be accessed via port 9093 on the following DNS name from within your cluster:
- `prometheus-alertmanager.prometheus.svc.cluster.local`
-
-
- Get the Alertmanager URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=alertmanager,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9093
- ```
-
- #################################################################################
- ###### WARNING: Pod Security Policy has been disabled by default since #####
- ###### it deprecated after k8s 1.25+. use #####
- ###### (index .Values "prometheus-node-exporter" "rbac" #####
- ###### "pspEnabled") with (index .Values #####
- ###### "prometheus-node-exporter" "rbac" "pspAnnotations") #####
- ###### in case you still need it. #####
- #################################################################################
-
-
- The Prometheus PushGateway can be accessed via port 9091 on the following DNS name from within your cluster:
- `prometheus-prometheus-pushgateway.prometheus.svc.cluster.local`
-
-
- Get the PushGateway URL by running these commands in the same shell:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app=prometheus-pushgateway,component=pushgateway" -o jsonpath="{.items[0].metadata.name}")
- kubectl --namespace prometheus port-forward $POD_NAME 9091
- ```
-
- For more information on running Prometheus, visit:
- https://prometheus.io/
-
- kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
- The exposed metrics can be found here:
- https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics
-
- The metrics are exported on the HTTP endpoint /metrics on the listening port.
- In your case, `prometheus-kube-state-metrics.prometheus.svc.cluster.local:8080/metrics`
-
- They are served either as plaintext or protobuf depending on the Accept header.
- They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint.
-
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=alertmanager,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:9093 to use your application"
- kubectl --namespace prometheus port-forward $POD_NAME 9093:80
- ```
-
- 1. Get the application URL by running these commands:
-
- ```bash
- export POD_NAME=$(kubectl get pods --namespace prometheus -l "app.kubernetes.io/name=prometheus-node-exporter,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:9100 to use your application"
- kubectl port-forward --namespace prometheus $POD_NAME 9100
- ```
-
-
-## Requirements
-
-| Name | Version |
-|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13 |
-| [aws](#requirement\_aws) | >= 5.14.0 |
-| [helm](#requirement\_helm) | >= 2.11.0 |
-| [kubernetes](#requirement\_kubernetes) | >= 2.23.0 |
-| [null](#requirement\_null) | >= 3.2.1 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| [helm](#provider\_helm) | >= 2.11.0 |
-| [kubernetes](#provider\_kubernetes) | >= 2.23.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.prometheus](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
-| [kubernetes_namespace.existing-ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/namespace) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [alertmanager\_tag](#input\_alertmanager\_tag) | The image tag of the alertmanager image. | `string` | `"v0.27.0"` | no |
-| [cluster\_name](#input\_cluster\_name) | The name of the cluster into which prometheus will be installed. | `string` | n/a | yes |
-| [create\_namespace](#input\_create\_namespace) | Indicates whether the `namespace` needs to be created ('true') or already exists (not `true`) | `bool` | `true` | no |
-| [kube\_state\_metrics\_tag](#input\_kube\_state\_metrics\_tag) | The image tag of the kube-state-metrics image. | `string` | `"v2.13.0"` | no |
-| [namespace](#input\_namespace) | The namespace to install the prometheus components. Defaults to 'prometheus' | `string` | `"prometheus"` | no |
-| [node\_exporter\_tag](#input\_node\_exporter\_tag) | The image tag of the node-exporter image. | `string` | `"v1.8.2"` | no |
-| [profile](#input\_profile) | AWS\_PROFILE to use to apply the terraform script. | `string` | `""` | no |
-| [prometheus\_chart\_version](#input\_prometheus\_chart\_version) | The version of prometheus to install into the cluster. | `string` | `"25.24.1"` | no |
-| [prometheus\_config\_reloader\_tag](#input\_prometheus\_config\_reloader\_tag) | The image tag of the prometheus-config-reloader image. | `string` | `"v0.75.1"` | no |
-| [prometheus\_server\_tag](#input\_prometheus\_server\_tag) | The image tag of prometheus server to install into the cluster. | `string` | `"v2.53.1"` | no |
-| [pushgateway\_tag](#input\_pushgateway\_tag) | The image tag of the pushgateway image. | `string` | `"v1.9.0"` | no |
-| [rwo\_storage\_class](#input\_rwo\_storage\_class) | Specify the storage class for read/write/once persistent volumes. | `string` | `"gp3-encrypted"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| [alertmanager\_headless\_internal\_endpoint](#output\_alertmanager\_headless\_internal\_endpoint) | n/a |
-| [alertmanager\_internal\_endpoint](#output\_alertmanager\_internal\_endpoint) | n/a |
-| [module\_name](#output\_module\_name) | The name of this module. |
-| [module\_version](#output\_module\_version) | The version of this module. |
-| [prometheus\_namespace](#output\_prometheus\_namespace) | n/a |
-| [prometheus\_server\_internal\_endpoint](#output\_prometheus\_server\_internal\_endpoint) | n/a |
-| [pushgateway\_internal\_endpoint](#output\_pushgateway\_internal\_endpoint) | n/a |
-
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/terragrunt.hcl
deleted file mode 100644
index e6c54b1..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-prometheus/terragrunt.hcl
+++ /dev/null
@@ -1,38 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-prometheus.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- }
-}
-
-dependency "eks-dns" {
- config_path = "../eks-dns"
- skip_outputs = true
-}
-
-inputs = {
- profile = include.root.inputs.aws_profile
- region = include.root.inputs.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- prometheus_chart_version = include.root.inputs.prometheus_chart_version
- prometheus_server_tag = include.root.inputs.prometheus_server_tag
- prometheus_config_reloader_tag = include.root.inputs.prometheus_config_reloader_tag
- alertmanager_tag = include.root.inputs.alertmanager_tag
- kube_state_metrics_tag = include.root.inputs.kube_state_metrics_tag
- node_exporter_tag = include.root.inputs.node_exporter_tag
- pushgateway_tag = include.root.inputs.pushgateway_tag
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-tempo/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-tempo/terragrunt.hcl
deleted file mode 100644
index e9ebd48..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks-tempo/terragrunt.hcl
+++ /dev/null
@@ -1,46 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-tempo.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-dependency "eks" {
- config_path = "../eks"
- mock_outputs = {
- cluster_name = "a-cluster-name"
- oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
- }
-}
-
-dependency "eks-prometheus" {
- config_path = "../eks-prometheus"
- mock_outputs = {
- prometheus_server_internal_endpoint = {
- hostname = "prometheus-server.prometheus.svc.cluster.local"
- port_number = 9090
- url = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
- }
- prometheus_namespace = "prometheus"
- }
-}
-
-inputs = {
- account_id = include.root.locals.account_id
- profile = include.root.locals.aws_profile
- region = include.root.locals.aws_region
- cluster_name = dependency.eks.outputs.cluster_name
- oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
- prometheus_port = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.port_number
- prometheus_namespace = dependency.eks-prometheus.outputs.prometheus_namespace
- tempo_chart_version = include.root.inputs.tempo_chart_version
- tempo_tag = include.root.inputs.tempo_tag
-
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks/terragrunt.hcl
deleted file mode 100644
index cc7c893..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-cicd/eks/terragrunt.hcl
+++ /dev/null
@@ -1,56 +0,0 @@
-include "root" {
- path = find_in_parent_folders("root.hcl")
- merge_strategy = "deep"
- expose = true
-}
-
-locals {
- # Set cluster/platform specific variables, or extract from the hierarchy.
- account_id = include.root.inputs.aws_account_id
- cluster_endpoint_public_access = include.root.inputs.cluster_endpoint_public_access
- cluster_name = include.root.inputs.cluster_name
- cluster_version = include.root.inputs.cluster_version
- creator = include.root.inputs.creator
- eks_instance_disk_size = include.root.inputs.eks_instance_disk_size
- eks_ng_desired_size = include.root.inputs.eks_ng_desired_size
- eks_ng_max_size = include.root.inputs.eks_ng_max_size
- eks_ng_min_size = include.root.inputs.eks_ng_min_size
- eks_vpc_name = include.root.inputs.vpc_name
- enable_cluster_creator_admin_permissions = include.root.inputs.enable_cluster_creator_admin_permissions
- environment_abbr = include.root.inputs.environment_abbr
- organization = include.root.inputs.organization
- profile = include.root.inputs.aws_profile
- project_name = include.root.inputs.project_name
- project_number = include.root.inputs.project_number
- project_role = include.root.inputs.project_role
- region = include.root.inputs.aws_region
- tags = include.root.inputs.tags
- terraform = include.root.inputs.terraform
- terragrunt = include.root.inputs.terragrunt
- vpc_domain_name = include.root.inputs.vpc_domain_name
-}
-
-terraform {
- source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks.git?ref=${include.root.inputs.release_version}"
- extra_arguments "retry_lock" {
- commands = get_terraform_commands_that_need_locking()
- arguments = ["-lock-timeout=20m"]
- }
-}
-
-inputs = {
- aws_account_id = local.account_id
- cluster_endpoint_public_access = local.cluster_endpoint_public_access
- cluster_name = local.cluster_name
- cluster_version = local.cluster_version
- creator = local.creator
- eks_instance_disk_size = local.eks_instance_disk_size
- eks_ng_desired_size = local.eks_ng_desired_size
- eks_ng_max_size = local.eks_ng_max_size
- eks_ng_min_size = local.eks_ng_min_size
- eks_vpc_name = local.eks_vpc_name
- enable_cluster_creator_admin_permissions = local.enable_cluster_creator_admin_permissions
- os_username = local.creator
- shared_vpc_label = local.environment_abbr
- tags = local.tags
-}
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-x/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-test-x/cluster.hcl
deleted file mode 100644
index 8d2831c..0000000
--- a/lab/development/us-gov-east-1/vpc/platform-test-x/cluster.hcl
+++ /dev/null
@@ -1,20 +0,0 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
-
-# Set cluster specific variables. These are automatically pulled in to configure the remote state bucket in the root
-# terragrunt.hcl configuration.
-locals {
- cluster_endpoint_public_access = true
- cluster_name = "platform-eng-eks-mcm"
- creator = "matthew.c.morgan@census.gov"
- eks_instance_disk_size = 100
- eks_ng_desired_size = 2
- eks_ng_max_size = 10
- eks_ng_min_size = 0
- enable_cluster_creator_admin_permissions = true
- terraform = true
- terragrunt = true
- tags = {
- "slim:schedule" = "8:00-17:00"
- "cluster:size" = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
- }
-}
diff --git a/lab/root.hcl b/lab/root.hcl
index 87fe323..802d298 100644
--- a/lab/root.hcl
+++ b/lab/root.hcl
@@ -9,18 +9,18 @@ locals {
# Automatically load account-level variables (NOTE: In our environment account = environment so there is not separate environment layer)
account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
- # Automatically load _envcommon, cross account and environment common variables
- common_vars = read_terragrunt_config(find_in_parent_folders("./_envcommon/common-variables.hcl"))
-
- # Automatically load versions
- versions = read_terragrunt_config(find_in_parent_folders("./_envcommon/default-versions.hcl"))
-
# Automatically load cluster-level variables
cluster_vars = read_terragrunt_config(find_in_parent_folders("cluster.hcl"))
+ # Automatically load _envcommon, cross account and environment common variables
+ common_vars = read_terragrunt_config(find_in_parent_folders("./_envcommon/common-variables.hcl"))
+
# Automatically load region-level variables
region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+ # Automatically load versions
+ versions = read_terragrunt_config(find_in_parent_folders("./_envcommon/default-versions.hcl"))
+
# Automatically load vpc-level variables
vpc_vars = read_terragrunt_config(find_in_parent_folders("vpc.hcl"))
@@ -28,8 +28,18 @@ locals {
account_id = local.account_vars.locals.aws_account_id
aws_profile = local.account_vars.locals.aws_profile
aws_region = local.region_vars.locals.aws_region
+ created_reason = local.cluster_vars.locals.created_reason
+ creator = local.cluster_vars.locals.creator
+ environment_abbr = local.account_vars.locals.environment_abbr
+ organization = local.common_vars.locals.organization
+ project_name = local.common_vars.locals.project_name
+ project_number = local.common_vars.locals.project_number
+ project_role = local.common_vars.locals.project_role
state_bucket_prefix = local.common_vars.locals.state_bucket_prefix
state_table_name = local.common_vars.locals.state_table_name
+ terraform = local.cluster_vars.locals.terraform
+ terragrunt = local.cluster_vars.locals.terragrunt
+ providers = ["aws"]
}
# Configure Terragrunt to automatically store tfstate files in an S3 bucket
@@ -55,6 +65,53 @@ remote_state {
}
}
+# Generate an AWS provider block
+generate "providers" {
+ path = "providers.tf"
+ if_exists = "overwrite"
+ contents = <<-EOF
+%{if contains(local.providers, "aws")}
+provider "aws" {
+ region = "${local.aws_region}"
+ profile = "${local.aws_profile}"
+ default_tags {
+ tags = {
+ project_identifier = "${local.project_number}:${local.project_name}"
+ project_name = "${local.project_name}"
+ project_role = "${local.project_role}"
+ created_by = "${local.creator}"
+ created_for = "${local.creator}"
+ created_reason = "${local.created_reason}"
+ environment = "${local.environment_abbr}"
+ organization = "${local.organization}"
+ project_number = "${local.project_number}"
+ terraform = "${local.terraform}"
+ terragrunt = "${local.terragrunt}"
+ }
+ }
+ # Only these AWS Account IDs may be operated on by this template
+ allowed_account_ids = ["${local.account_id}"]
+}
+%{endif}
+%{if contains(local.providers, "kubernetes")}
+provider "kubernetes" {
+ host = "${dependency.eks.outputs.cluster_endpoint}"
+ cluster_ca_certificate = base64decode("${dependency.eks.outputs.cluster_certificate_authority_data}")
+ token = "${dependency.eks.outputs.provider_kubernetes_config.token}"
+}
+%{endif}
+%{if contains(local.providers, "helm")}
+provider "helm" {
+ kubernetes {
+ host = "${dependency.eks.outputs.cluster_endpoint}"
+ cluster_ca_certificate = base64decode("${dependency.eks.outputs.cluster_certificate_authority_data}")
+ token = "${dependency.eks.outputs.provider_kubernetes_config.token}"
+ }
+}
+%{endif}
+EOF
+}
+
# ---------------------------------------------------------------------------------------------------------------------
# GLOBAL PARAMETERS
# These variables apply to all configurations in this subfolder. These are automatically merged into the child