use the right gatekeeper

SCT-Engineering · Apr 22, 2025 · 4dc4f34 · 4dc4f34
1 parent c9b08a0
commit 4dc4f34
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 33 deletions.
diff --git a/.github/platform-tg-infra.code-workspace b/.github/platform-tg-infra.code-workspace
@@ -33,8 +33,8 @@
 			"path": "../../tfmod-esri-arcgis"
 		},
 		{
-			"name": "tfmod-gogatekeeper",
-			"path": "../../tfmod-gogatekeeper"
+			"name": "tfmod-gatekeeper",
+			"path": "../../tfmod-gatekeeper"
 		},
 		{
 			"name": "tfmod-grafana",

diff --git a/lab/development/us-gov-east-1/vpc/csvd-platform-lab-mcm/eks-gatekeeper/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/csvd-platform-lab-mcm/eks-gatekeeper/terragrunt.hcl
@@ -16,7 +16,7 @@ exclude {
 }
 
 terraform {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-gogatekeeper.git?ref=${include.root.inputs.release_version}"
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-gatekeeper.git?ref=${include.root.inputs.release_version}"
   extra_arguments "retry_lock" {
     commands  = get_terraform_commands_that_need_locking()
     arguments = ["-lock-timeout=20s"]
@@ -40,55 +40,54 @@ dependency "eks_dns" {
   }
 }
 
-dependency "eks-grafana" {
-  config_path                             = "../eks-grafana"
+dependency "eks_keycloak" {
+  config_path                             = "../eks-keycloak"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    namespace = "telemetry"
-    internal_endpoint = {
-      hostname    = "kubernetes-dashboard.telemetry.svc.cluster.local"
-      port_number = 80
-      url         = "http://kubernetes-dashboard.telemetry.svc.cluster.local:80/"
-    }
+    user_auth_realm = "mock.keycloak.example.com/auth"
+    client_id       = "mock-client-id"
+    client_secret   = "mock-client-secret"
+    namespace       = "keycloak"
+    user_secret     = "user-sso"
   }
 }
 
 dependency "eks-k8s-dashboard" {
   config_path                             = "../eks-k8s-dashboard"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    namespace = "telemetry"
+    namespace       = "telemetry"
     internal_endpoint = {
-      hostname    = "kubernetes-dashboard.telemetry.svc.cluster.local"
+      hostname = "kubernetes-dashboard.telemetry.svc.cluster.local"
       port_number = 80
-      url         = "http://kubernetes-dashboard.telemetry.svc.cluster.local:80/"
+      url = "http://kubernetes-dashboard.telemetry.svc.cluster.local:80/"
     }
     dashboard-user-token = "Iamanextremelylongstring"
   }
 }
 
-dependency "eks_keycloak" {
-  config_path                             = "../eks-keycloak"
+dependency "eks-grafana" {
+  config_path                             = "../eks-grafana"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    client_id       = "mock-client-id"
-    client_secret   = "mock-client-secret"
-    namespace       = "keycloak"
-    public_endpoint = "https://mock.mock.svc.cluster.local:80/"
-    user_auth_realm = "mock.keycloak.example.com/auth"
-    user_secret     = "user-sso"
+    namespace       = "telemetry"
+    internal_endpoint = {
+      hostname = "kubernetes-dashboard.telemetry.svc.cluster.local"
+      port_number = 80
+      url = "http://kubernetes-dashboard.telemetry.svc.cluster.local:80/"
+    }
   }
 }
 
 dependency "eks-kiali" {
   config_path                             = "../eks-kiali"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    namespace = "istio-system"
+    namespace       = "istio-system"
     internal_endpoint = {
-      hostname    = "kiali.telemetry.svc.cluster.local"
+      hostname = "kiali.telemetry.svc.cluster.local"
       port_number = 80
-      url         = "http://kiali.telemetry.svc.cluster.local:80/"
+      url = "http://kiali.telemetry.svc.cluster.local:80/"
     }
   }
 }
@@ -97,9 +96,9 @@ dependencies {
   paths = [
     "../eks",
     "../eks-dns",
-    "../eks-grafana",
-    "../eks-k8s-dashboard",
     "../eks-keycloak",
+    "../eks-k8s-dashboard",
+    "../eks-grafana",
     "../eks-kiali",
   ]
 }
@@ -118,13 +117,10 @@ inputs = {
   # Gatekeeper Standard Config
   client_id                  = dependency.eks_keycloak.outputs.client_id
   client_secret              = dependency.eks_keycloak.outputs.client_secret
-  gogatekeeper_tag           = include.root.inputs.gatekeeper_tag
-  gogatekeeper_chart_version = include.root.inputs.gatekeeper_chart_version
-  namespace                  = include.root.inputs.namespaces["gatekeeper"]
-  discovery_url              = dependency.eks_keycloak.outputs.user_auth_realm
-  keycloak_public_url        = dependency.eks_keycloak.outputs.public_endpoint
+  gatekeeper_tag             = include.root.inputs.gatekeeper_tag
+  gatekeeper_chart_version         = include.root.inputs.gatekeeper_chart_version
+  keycloak_fqdn              = dependency.eks_keycloak.outputs.user_auth_realm
   keycloak_ns                = dependency.eks_keycloak.outputs.namespace
-  service_name               = include.root.inputs.gatekeeper_service_name
   user_secret                = dependency.eks_keycloak.outputs.user_secret
 
   # Dashboard Gatekeeper Config 

diff --git a/lab/development/us-gov-east-1/vpc/csvd-platform-lab-mcm/eks-keycloak/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/csvd-platform-lab-mcm/eks-keycloak/terragrunt.hcl
@@ -82,4 +82,5 @@ inputs = {
   keycloak_database = include.root.inputs.keycloak_database
   keycloak_user     = include.root.inputs.keycloak_username
   keycloak_password = include.root.inputs.keycloak_password
+
 }