diff --git a/lab/_envcommon/helm-provider.hcl b/lab/_envcommon/helm-provider.hcl new file mode 100644 index 0000000..8b52677 --- /dev/null +++ b/lab/_envcommon/helm-provider.hcl @@ -0,0 +1,34 @@ +dependency "eks" { + config_path = "${get_original_terragrunt_dir()}/../eks" + mock_outputs = { + cluster_name = "a-cluster-name" + region = "a-aws-region" + } +} + +inputs = { + cluster_name = dependency.eks.outputs.cluster_name +} + +# Generate a k8s provider block +generate "helm_provider" { + path = "helm-provider.tf" + if_exists = "overwrite_terragrunt" + contents = <<-EOF +%{if "${dependency.eks.outputs.cluster_name}" != "a-cluster-name" ~} + data "aws_eks_cluster" "helm" { + name = "${dependency.eks.outputs.cluster_name}" + } + data "aws_eks_cluster_auth" "helm" { + name = "${dependency.eks.outputs.cluster_name}" + } + provider "helm" { + kubernetes { + host = data.aws_eks_cluster.helm.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.helm.certificate_authority[0].data) + token = data.aws_eks_cluster_auth.helm.token + } + } +%{ endif ~} +EOF +} diff --git a/lab/_envcommon/kube-provider.hcl b/lab/_envcommon/kube-provider.hcl new file mode 100644 index 0000000..c89e368 --- /dev/null +++ b/lab/_envcommon/kube-provider.hcl @@ -0,0 +1,32 @@ +dependency "eks" { + config_path = "${get_original_terragrunt_dir()}/../eks" + mock_outputs = { + cluster_name = "a-cluster-name" + region = "a-aws-region" + } +} + +inputs = { + cluster_name = dependency.eks.outputs.cluster_name +} + +# Generate a k8s provider block +generate "kube_provider" { + path = "kube-provider.tf" + if_exists = "overwrite_terragrunt" + contents = <<-EOF +%{if "${dependency.eks.outputs.cluster_name}" != "a-cluster-name" ~} + data "aws_eks_cluster" "kube" { + name = "${dependency.eks.outputs.cluster_name}" + } + data "aws_eks_cluster_auth" "kube" { + name = "${dependency.eks.outputs.cluster_name}" + } + provider "kubernetes" { + host = data.aws_eks_cluster.kube.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.kube.certificate_authority[0].data) + token = data.aws_eks_cluster_auth.kube.token + } +%{ endif ~} +EOF +} diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl index 9bca740..8e270a3 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl @@ -25,6 +25,23 @@ dependency "eks_config" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cert_manager_cainjector_tag = include.root.inputs.cert_manager_cainjector_tag cert_manager_controller_tag = include.root.inputs.cert_manager_controller_tag diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl index 82b857a..78944f0 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl @@ -28,6 +28,23 @@ dependency "eks" { } } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cluster_name = dependency.eks.outputs.cluster_name eks_managed_node_groups_autoscaling_group_names = dependency.eks.outputs.eks_managed_node_groups_autoscaling_group_names diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl index 9b7c16f..fcd98c2 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl @@ -29,6 +29,23 @@ dependency "istio" { } } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cluster_name = dependency.eks.inputs.cluster_name istio_ingress_lb = dependency.istio.outputs.istio_ingress_lb diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl index cf4f29a..a46c883 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl @@ -26,6 +26,23 @@ dependency "eks-loki" { } } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cluster_domain = dependency.eks.inputs.vpc_domain_name cluster_name = dependency.eks.outputs.cluster_name diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl index 61ea560..2ac85bb 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl @@ -24,6 +24,23 @@ dependency "eks-karpenter" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cluster_name = dependency.eks.outputs.cluster_name istio_chart_version = include.root.inputs.istio_version diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl index ded7ad0..142053f 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl @@ -25,6 +25,23 @@ dependency "eks-loki" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { # datasources = dependency.eks-loki.outputs.gateway_internal_endpoint cluster_domain = dependency.eks.inputs.vpc_domain_name diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl index 93b4bee..a6c3a04 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl @@ -28,6 +28,23 @@ dependency "eks-config" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { cluster_endpoint = dependency.eks.outputs.cluster_endpoint cluster_name = dependency.eks.outputs.cluster_name diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-kiali/terragrunt.hcl.disable b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-kiali/terragrunt.hcl.disable index 1e04fe0..5ccd126 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-kiali/terragrunt.hcl.disable +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-kiali/terragrunt.hcl.disable @@ -53,6 +53,23 @@ dependency "eks-grafana" { } } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { kiali_operator_version = include.root.inputs.kiali_operator_version kiali_application_version = include.root.inputs.kiali_application_version diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl index 70b8b09..f5a8062 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl @@ -30,6 +30,23 @@ dependency "eks-prometheus" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { profile = include.root.inputs.aws_profile region = include.root.inputs.aws_region diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl index 387653b..d6eb0ca 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl @@ -24,6 +24,23 @@ dependency "eks_config" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { profile = include.root.inputs.aws_profile cluster_name = dependency.eks.outputs.cluster_name diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl index e6c54b1..468fda7 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl @@ -24,6 +24,23 @@ dependency "eks-dns" { skip_outputs = true } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { profile = include.root.inputs.aws_profile region = include.root.inputs.aws_region diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl index e9ebd48..1267a56 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl @@ -32,6 +32,23 @@ dependency "eks-prometheus" { } } +locals { + helm = read_terragrunt_config(find_in_parent_folders("./_envcommon/helm-provider.hcl")) + kube = read_terragrunt_config(find_in_parent_folders("./_envcommon/kube-provider.hcl")) +} + +generate "helm" { + path = local.helm.generate.helm_provider.path + if_exists = local.helm.generate.helm_provider.if_exists + contents = local.helm.generate.helm_provider.contents +} + +generate "kube" { + path = local.kube.generate.kube_provider.path + if_exists = local.kube.generate.kube_provider.if_exists + contents = local.kube.generate.kube_provider.contents +} + inputs = { account_id = include.root.locals.account_id profile = include.root.locals.aws_profile diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl index afbab7d..b1cd18a 100644 --- a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl +++ b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl @@ -12,18 +12,19 @@ terraform { } } -# inputs = { -# cluster_endpoint_public_access = include.root.inputs.cluster_endpoint_public_access -# cluster_name = include.root.inputs.cluster_name -# cluster_version = include.root.inputs.cluster_version -# creator = include.root.inputs.creator -# eks_instance_disk_size = include.root.inputs.eks_instance_disk_size -# eks_ng_desired_size = include.root.inputs.eks_ng_desired_size -# eks_ng_max_size = include.root.inputs.eks_ng_max_size -# eks_ng_min_size = include.root.inputs.eks_ng_min_size -# eks_vpc_name = include.root.inputs.vpc_name -# enable_cluster_creator_admin_permissions = include.root.inputs.enable_cluster_creator_admin_permissions -# environment_abbr = include.root.inputs.environment_abbr -# tags = include.root.inputs.tags -# vpc_name = include.root.inputs.vpc_name -# } +inputs = { + cluster_endpoint_public_access = include.root.inputs.cluster_endpoint_public_access + cluster_name = include.root.inputs.cluster_name + cluster_version = include.root.inputs.cluster_version + creator = include.root.inputs.creator + eks_instance_disk_size = include.root.inputs.eks_instance_disk_size + eks_ng_desired_size = include.root.inputs.eks_ng_desired_size + eks_ng_max_size = include.root.inputs.eks_ng_max_size + eks_ng_min_size = include.root.inputs.eks_ng_min_size + eks_vpc_name = include.root.inputs.vpc_name + enable_cluster_creator_admin_permissions = include.root.inputs.enable_cluster_creator_admin_permissions + environment_abbr = include.root.inputs.environment_abbr + region = include.root.inputs.aws_region + tags = include.root.inputs.tags + vpc_name = include.root.inputs.vpc_name +} diff --git a/lab/root.hcl b/lab/root.hcl index fddf0f1..36c0a3a 100644 --- a/lab/root.hcl +++ b/lab/root.hcl @@ -65,7 +65,7 @@ remote_state { enable_lock_table_ssencryption = false # use only if non-encrypted DynamoDB Lock Table for the OpenTofu/Terraform State is required and/or the NoSQL database service does not support server-side encryption } } - +# https://github.com/gruntwork-io/terragrunt/issues/2726 # Generate an AWS provider block generate "aws-provider" { path = "aws-provider.tf" @@ -95,50 +95,6 @@ provider "aws" { EOF } -generate "kube-provider" { - path = "kube-provider.tf" - if_exists = "overwrite" - contents = <<-EOF -%{ if "${local.module_name}" != "eks" ~} -data "aws_eks_cluster" "kube" { - name = "${local.cluster_name}" -} -provider "kubernetes" { - host = data.aws_eks_cluster.kube.endpoint - cluster_ca_certificate = base64decode(data.aws_eks_cluster.kube.certificate_authority[0].data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - args = ["eks", "get-token", "--cluster-name", "${local.cluster_name}", "--region", "${local.aws_region}"] - } -} -%{ endif } -EOF -} - -generate "helm-provider" { - path = "helm-provider.tf" - if_exists = "overwrite" - contents = <<-EOF -%{ if "${local.module_name}" != "eks" ~} -data "aws_eks_cluster" "helm" { - name = "${local.cluster_name}" -} -provider "helm" { - kubernetes { - host = data.aws_eks_cluster.helm.endpoint - cluster_ca_certificate = base64decode(data.aws_eks_cluster.helm.certificate_authority[0].data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - args = ["eks", "get-token", "--cluster-name", "${local.cluster_name}", "--region", "${local.aws_region}"] - } - } -} -%{ endif } -EOF -} - # --------------------------------------------------------------------------------------------------------------------- # GLOBAL PARAMETERS # These variables apply to all configurations in this subfolder. These are automatically merged into the child