seems to work

SCT-Engineering · Feb 12, 2025 · f92f1e6 · f92f1e6
1 parent 85096fc
commit f92f1e6
Show file tree

Hide file tree

Showing 17 changed files with 66 additions and 140 deletions.
diff --git a/lab/_envcommon/empty-provider.hcl b/lab/_envcommon/empty-provider.hcl
diff --git a/lab/_envcommon/helm-provider.hcl b/lab/_envcommon/helm-provider.hcl
diff --git a/lab/_envcommon/kube-provider.hcl b/lab/_envcommon/kube-provider.hcl
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
@@ -5,15 +5,12 @@
 locals {
   cluster_endpoint_public_access           = true
   cluster_name                             = "platform-eng-eks-mcm"
-  created_reason                           = "Terragrunt Development for CICD Delivered EKS Platform"
-  creator                                  = "matthew.c.morgan@census.gov"
+  cluster_mailing_list                     = "matthew.c.morgan@census.gov"
   eks_instance_disk_size                   = 100
   eks_ng_desired_size                      = 2
   eks_ng_max_size                          = 10
   eks_ng_min_size                          = 0
   enable_cluster_creator_admin_permissions = true
-  terraform                                = true
-  terragrunt                               = true
   tags = {
     "slim:schedule" = "8:00-17:00"
     "cluster:size"  = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl
@@ -22,7 +22,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-config"]
+  paths = ["../eks-config"]
 }
 
 inputs = {
@@ -32,7 +32,7 @@ inputs = {
   cert_manager_startupapicheck_tag = dependency.eks.inputs.cert_manager_startupapicheck_tag
   cert_manager_webhook_tag         = dependency.eks.inputs.cert_manager_webhook_tag
   cluster_issuer_name              = dependency.eks.inputs.cluster_issuer_name
-  cluster_mailing_list             = dependency.eks.inputs.creator
+  cluster_mailing_list             = dependency.eks.inputs.cluster_mailing_list
   cluster_name                     = dependency.eks.outputs.cluster_name
   oidc_provider_arn                = dependency.eks.outputs.oidc_provider_arn
   profile                          = dependency.eks.inputs.aws_profile

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
@@ -30,7 +30,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-karpenter"]
+  paths = ["../eks-karpenter"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-dns/terragrunt.hcl
@@ -32,7 +32,7 @@ dependency "istio" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-config", "../eks-istio"]
+  paths = ["../eks-config", "../eks-istio"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl
@@ -29,7 +29,7 @@ dependency "eks-loki" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-loki", "../eks-config", "../eks-karpenter"]
+  paths = ["../eks-config", "../eks-karpenter"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-istio/terragrunt.hcl
@@ -13,15 +13,15 @@ terraform {
 }
 
 dependency "eks" {
-  config_path                             = "${get_original_terragrunt_dir()}/../eks"
+  config_path                             = "../eks"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate"]
   mock_outputs = {
     cluster_name = "a-cluster-name"
   }
 }
 
 dependencies {
-  paths = ["../eks", "../eks-karpenter", "../eks-config"]
+  paths = ["../eks-karpenter", "../eks-config"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-k8s-dashboard/terragrunt.hcl
@@ -22,7 +22,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-loki", "../eks-config", "../eks-karpenter"]
+  paths = ["../eks-loki", "../eks-config", "../eks-karpenter"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-karpenter/terragrunt.hcl
@@ -24,10 +24,6 @@ dependency "eks" {
   }
 }
 
-dependencies {
-  paths = ["../eks"]
-}
-
 inputs = {
   cluster_endpoint          = dependency.eks.outputs.cluster_endpoint
   cluster_name              = dependency.eks.outputs.cluster_name

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-loki/terragrunt.hcl
@@ -22,7 +22,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-prometheus", "../eks-config", "../eks-karpenter", "../eks-istio"]
+  paths = ["../eks-prometheus", "../eks-config", "../eks-karpenter", "../eks-istio"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-metrics-server/terragrunt.hcl
@@ -21,7 +21,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-config", "../eks-karpenter"]
+  paths = ["../eks-config", "../eks-karpenter"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-prometheus/terragrunt.hcl
@@ -21,7 +21,7 @@ dependency "eks" {
 }
 
 dependencies {
-  paths = ["../eks", "../eks-config", "../eks-karpenter", "../eks-istio", "../eks-dns"]
+  paths = ["../eks-config", "../eks-karpenter", "../eks-istio", "../eks-dns"]
 }
 
 inputs = {

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-tempo/terragrunt.hcl
@@ -31,15 +31,14 @@ dependency "eks-prometheus" {
       url         = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
     }
   }
-
 }
 
 dependencies {
-  paths = ["../eks", "../eks-prometheus", "../eks-config", "../eks-karpenter"]
+  paths = ["../eks-config", "../eks-karpenter"]
 }
 
 inputs = {
-  account_id           = dependency.eks.inputs.account_id
+  account_id           = dependency.eks.inputs.aws_account_id
   cluster_name         = dependency.eks.outputs.cluster_name
   oidc_provider_arn    = dependency.eks.outputs.oidc_provider_arn
   profile              = dependency.eks.inputs.aws_profile

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks/terragrunt.hcl
@@ -17,7 +17,6 @@ inputs = {
   cluster_endpoint_public_access           = include.root.inputs.cluster_endpoint_public_access
   cluster_name                             = include.root.inputs.cluster_name
   cluster_version                          = include.root.inputs.cluster_version
-  creator                                  = include.root.inputs.creator
   eks_instance_disk_size                   = include.root.inputs.eks_instance_disk_size
   eks_ng_desired_size                      = include.root.inputs.eks_ng_desired_size
   eks_ng_max_size                          = include.root.inputs.eks_ng_max_size

diff --git a/lab/root.hcl b/lab/root.hcl
@@ -29,35 +29,69 @@ locals {
   aws_profile         = local.account_vars.locals.aws_profile
   aws_region          = local.region_vars.locals.aws_region
   cluster_name        = local.cluster_vars.locals.cluster_name
-  created_reason      = local.cluster_vars.locals.created_reason
-  creator             = local.cluster_vars.locals.creator
   environment_abbr    = local.account_vars.locals.environment_abbr
   organization        = local.common_vars.locals.organization
   project_name        = local.common_vars.locals.project_name
   project_number      = local.common_vars.locals.project_number
   project_role        = local.common_vars.locals.project_role
   state_bucket_prefix = local.common_vars.locals.state_bucket_prefix
   state_table_name    = local.common_vars.locals.state_table_name
-  terraform           = local.cluster_vars.locals.terraform
-  terragrunt          = local.cluster_vars.locals.terragrunt
-
   # Check if current module is the EKS module
-  module_name   = basename(get_original_terragrunt_dir())
+  module_name    = basename(get_original_terragrunt_dir())
   is_eks_module = local.module_name == "eks"
+}
+
+# Only generate providers for non-EKS modules
+generate "cluster_data" {
+  path      = "cluster-data.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = local.is_eks_module ? "" : <<-EOF
+    data "aws_eks_clusters" "available" {}
+
+    locals {
+      cluster_exists = contains(data.aws_eks_clusters.available.names, "${local.cluster_name}")
+    }
+
+    data "aws_eks_cluster" "this" {
+      count = local.cluster_exists ? 1 : 0
+      name  = "${local.cluster_name}"
+    }
+
+    data "aws_eks_cluster_auth" "this" {
+      count = local.cluster_exists ? 1 : 0
+      name  = "${local.cluster_name}"
+    }
+  EOF
+}
+
+# Generate provider blocks only for non-EKS modules
+generate "kube_provider" {
+  path      = "kube-provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = local.is_eks_module ? "" : <<-EOF
+    provider "kubernetes" {
+      host                   = local.cluster_exists ? data.aws_eks_cluster.this[0].endpoint : "https://dummy"
+      cluster_ca_certificate = local.cluster_exists ? base64decode(data.aws_eks_cluster.this[0].certificate_authority[0].data) : null
+      token                  = local.cluster_exists ? data.aws_eks_cluster_auth.this[0].token : "dummy"
+    }
+  EOF
+}
 
-  # Load provider configurations if not in EKS module
-  kube_provider = read_terragrunt_config(
-    local.is_eks_module ? 
-    "${get_repo_root()}/lab/_envcommon/empty-provider.hcl" : 
-    "${get_repo_root()}/lab/_envcommon/kube-provider.hcl"
-  )
-  helm_provider = read_terragrunt_config(
-    local.is_eks_module ? 
-    "${get_repo_root()}/lab/_envcommon/empty-provider.hcl" : 
-    "${get_repo_root()}/lab/_envcommon/helm-provider.hcl"
-  )
+generate "helm_provider" {
+  path      = "helm-provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = local.is_eks_module ? "" : <<-EOF
+    provider "helm" {
+      kubernetes {
+        host                   = local.cluster_exists ? data.aws_eks_cluster.this[0].endpoint : "https://dummy"
+        cluster_ca_certificate = local.cluster_exists ? base64decode(data.aws_eks_cluster.this[0].certificate_authority[0].data) : null
+        token                  = local.cluster_exists ? data.aws_eks_cluster_auth.this[0].token : "dummy"
+      }
+    }
+  EOF
 }
 
+
 # Configure Terragrunt to automatically store tfstate files in an S3 bucket
 remote_state {
   backend = "s3"
@@ -92,18 +126,12 @@ generate "aws-provider" {
     default_tags {
       tags = {
         cluster_name = "${local.cluster_name}"
-        module_name = "${local.module_name}"
-        created_by = "${local.creator}"
-        created_for = "${local.creator}"
-        created_reason = "${local.created_reason}"
+        "boc:module_name" = "${local.module_name}"
         environment = "${local.environment_abbr}"
         finops_project_name = "${local.project_name}"
         finops_project_number = "${local.project_number}"
         finops_project_role = "${local.project_role}"
         organization = "${local.organization}"
-        project_identifier = "${local.project_number}:${local.project_name}"
-        terraform = "${local.terraform}"
-        terragrunt = "${local.terragrunt}"
       }
     }
     # Only these AWS Account IDs may be operated on by this template
@@ -112,18 +140,6 @@ generate "aws-provider" {
 EOF
 }
 
-generate "kube_provider" {
-  path      = local.kube_provider.generate.kube_provider.path
-  if_exists = local.kube_provider.generate.kube_provider.if_exists
-  contents  = local.kube_provider.generate.kube_provider.contents
-}
-
-generate "helm_provider" {
-  path      = local.helm_provider.generate.helm_provider.path
-  if_exists = local.helm_provider.generate.helm_provider.if_exists
-  contents  = local.helm_provider.generate.helm_provider.contents
-}
-
 # ---------------------------------------------------------------------------------------------------------------------
 # GLOBAL PARAMETERS
 # These variables apply to all configurations in this subfolder. These are automatically merged into the child