SCT-Engineering · morga471 · Nov 15, 2024 · Nov 7, 2024 · Nov 7, 2024 · Nov 7, 2024
diff --git a/lab/_envcommon/aws-provider.hcl b/lab/_envcommon/aws-provider.hcl
@@ -0,0 +1,43 @@
+include "root" {
+  path           = find_in_parent_folders("root.hcl")
+  merge_strategy = "deep"
+  expose         = false
+}
+
+# Generate an AWS provider block
+generate "aws_provider" {
+  path      = "${get_original_terragrunt_dir()}/aws_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<EOF
+  terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+  }
+  provider "aws" {
+    region = "${include.root.inputs.aws_region}"
+    profile = "${include.root.inputs.aws_profile}"
+    default_tags {
+      tags = {
+        "Project Identifier" = "${include.root.inputs.project_number}:${include.root.inputs.project_name}"
+        "Project Name" = "${include.root.inputs.project_name}"
+        "Project Role" = "${include.root.inputs.project_role}"
+        created_by = "${include.root.inputs.creator}"
+        created_for = "${include.root.inputs.creator}"
+        created_reason = "${include.root.inputs.created_reason}"
+        Environment = "${include.root.inputs.environment_abbr}"
+        Organization = "${include.root.inputs.organization}"
+        ProjectNumber = "${include.root.inputs.project_number}"
+        Terraform = "${include.root.inputs.terraform}"
+        Terragrunt = "${include.root.inputs.terragrunt}"
+      }
+    }
+    # Only these AWS Account IDs may be operated on by this template
+    allowed_account_ids = ["${include.root.inputs.account_id}"]
+  }
+EOF
+}
diff --git a/lab/_envcommon/common-variables.hcl b/lab/_envcommon/common-variables.hcl
@@ -4,8 +4,20 @@
 # that are common across all environments/accounts.
 # ---------------------------------------------------------------------------------------------------------------------
 locals {
-  project_number = "fs0000000078"
-  project_name   = "csvd_platformbaseline"
-  project_role   = "csvd_platformbaseline_app"
-  organization   = "census:ocio:csvd"
-}
+  organization        = "census:ocio:csvd"
+  project_name        = "csvd_platformbaseline"
+  project_number      = "fs0000000078"
+  project_role        = "csvd_platformbaseline_app"
+  state_bucket_prefix = "inf-tfstate"
+  state_table_name    = "tf_remote_state"
+  terraform           = true
+  terragrunt          = true
+  route53_endpoints = {
+    route53_main = {
+      "account_id"    = "269244441389"
+      "alias"         = "lab-gov-network-nonprod"
+      "us-gov-east-1" = "vpc-070595c5b133243dd"
+      "us-gov-west-1" = "vpc-08b7b4db6a5ddf9c1"
+    }
+  }
+}
diff --git a/lab/_envcommon/default-versions.hcl b/lab/_envcommon/default-versions.hcl
@@ -0,0 +1,106 @@
+# lab/_envcommon/default-versions.hcl
+locals {
+  #####################
+  # Module Versions
+  #####################
+  cluster_version            = "1.30.0"
+  custom_service_eks_account = "${local.release_version}"
+  eks_module_version         = "20.28.0"
+  istio_ingress_version      = "${local.release_version}"
+  release_version            = "0.1.1"
+
+  #####################
+  # TF Providers
+  #####################
+  aws_version        = "5.14.0"
+  helm_version       = "2.11.0"
+  kubernetes_version = "2.33.0"
+  null_version       = "3.2.1"
+  random_version     = "3.5.1"
+  template_version   = "2.2.0"
+  tf_version         = "1.5.0"
+
+  #####################
+  # EKS Config
+  #####################
+  kubectl_image_tag = "1.30.4"
+
+  ################
+  # k8s-dashboard
+  ################
+  dashboard_hostname            = "dashboard"
+  k8s_dashboard_metrics_scraper = "1.0.8"
+  k8s_dashboard_version         = "2.7.0"
+
+  ################
+  # Cert-Manager
+  ################
+  cluster_issuer_name              = "cert-manager"
+  cert_manager_cainjector_tag      = "v${local.cert_manager_version}"
+  cert_manager_controller_tag      = "v${local.cert_manager_version}"
+  cert_manager_helm_chart          = "${local.cert_manager_version}"
+  cert_manager_startupapicheck_tag = "v${local.cert_manager_version}"
+  cert_manager_version             = "1.16.1"
+  cert_manager_webhook_tag         = "v${local.cert_manager_version}"
+
+  ################
+  # Istio
+  ################
+  istio_version = "1.22.1"
+
+  ################
+  # Grafana
+  ################
+  download_dashboards_image_tag = "7.85.0"
+  grafana_chart_version         = "8.5.0"
+  grafana_hostname              = "grafana"
+  grafana_tag                   = "11.1.5"
+  init_chown_data_image_tag     = "1.31.1"
+
+  ################
+  # Karpenter
+  ################
+  karpenter_helm_chart = "1.0.6"
+  karpenter_tag        = "1.0.6"
+
+  ################
+  # Kiali
+  ################
+  kiali_operator_version    = "1.73.0"
+  kiali_application_version = "v${local.kiali_operator_version}"
+
+  ################
+  # Loki
+  ################
+  loki_chart_version              = "6.10.2"
+  loki_tag                        = "3.1.1"
+  canary_tag                      = "3.0.0"
+  enterprise_logs_provisioner_tag = "v1.7.0"
+  gateway_tag                     = "1.25.2-alpine"
+  memcached_tag                   = "1.6.23-alpine"
+  exporter_tag                    = "v0.14.4"
+  sidecar_tag                     = "1.27.4"
+
+  ################
+  # Metrics Server
+  ################
+  metrics_server_helm_chart = "3.12.1"
+  metrics_server_tag        = "v0.7.1"
+
+  ################
+  # Prometheus
+  ################
+  prometheus_chart_version       = "25.26.0"
+  prometheus_server_tag          = "v2.54.0"
+  prometheus_config_reloader_tag = "v0.75.2"
+  alertmanager_tag               = "v0.27.0"
+  kube_state_metrics_tag         = "v2.13.0"
+  node_exporter_tag              = "v1.8.2"
+  pushgateway_tag                = "v1.9.0"
+
+  ################
+  # Tempo
+  ################
+  tempo_chart_version = "1.10.3"
+  tempo_tag        = "2.5.0"
+}
diff --git a/lab/_envcommon/helm-provider.hcl b/lab/_envcommon/helm-provider.hcl
@@ -0,0 +1,46 @@
+# lab/_envcommon/helm-provider.hcl
+
+dependency "eks" {
+  config_path = "${get_original_terragrunt_dir()}/../eks"
+  mock_outputs = {
+    cluster_name = "a-cluster-name"
+  }
+}
+
+# Generate a helm provider block
+generate "helm_provider" {
+  path      = "${get_original_terragrunt_dir()}/helm_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+    terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> ${include.root.inputs.helm_version}"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> ${include.root.inputs.kubernetes_version}"
+    }
+  }
+  data "aws_eks_cluster" "helm" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  data "aws_eks_cluster_auth" "helm" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  provider "helm" {
+    kubernetes {
+      host                   = data.aws_eks_cluster.helm[0].endpoint
+      cluster_ca_certificate = base64decode(data.aws_eks_cluster.helm[0].certificate_authority[0].data)
+      token                  = data.aws_eks_cluster_auth.helm.token
+    }
+  }
+EOF
+}
diff --git a/lab/_envcommon/kubernetes-provider.hcl b/lab/_envcommon/kubernetes-provider.hcl
@@ -0,0 +1,40 @@
+# lab/_envcommon/kubernetes-provider.hcl
+
+dependency "eks" {
+  config_path = "${get_original_terragrunt_dir()}/../eks"
+  mock_outputs = {
+    cluster_name = "a-cluster-name"
+  }
+}
+
+# Generate a k8s provider block
+generate "kube_provider" {
+  path      = "${get_original_terragrunt_dir()}/kube_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+  terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> ${include.root.inputs.kubernetes_version}"
+    }
+  }
+  data "aws_eks_cluster" "kube" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  data "aws_eks_cluster_auth" "kube" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  provider "kubernetes" {
+    host                   = data.aws_eks_cluster.kube.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.kube.certificate_authority[0].data)
+    token                  = data.aws_eks_cluster_auth.kube.token
+  }
+EOF
+}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-cert-manager/terragrunt.hcl
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-config/terragrunt.hcl
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-dns/terragrunt.hcl