SCT-Engineering · morga471 · Nov 15, 2024 · Nov 7, 2024 · Nov 7, 2024 · Nov 7, 2024
diff --git a/lab/_envcommon/aws-provider.hcl b/lab/_envcommon/aws-provider.hcl
@@ -0,0 +1,43 @@
+include "root" {
+  path           = find_in_parent_folders("root.hcl")
+  merge_strategy = "deep"
+  expose         = false
+}
+
+# Generate an AWS provider block
+generate "aws_provider" {
+  path      = "${get_original_terragrunt_dir()}/aws_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<EOF
+  terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+  }
+  provider "aws" {
+    region = "${include.root.inputs.aws_region}"
+    profile = "${include.root.inputs.aws_profile}"
+    default_tags {
+      tags = {
+        "Project Identifier" = "${include.root.inputs.project_number}:${include.root.inputs.project_name}"
+        "Project Name" = "${include.root.inputs.project_name}"
+        "Project Role" = "${include.root.inputs.project_role}"
+        created_by = "${include.root.inputs.creator}"
+        created_for = "${include.root.inputs.creator}"
+        created_reason = "${include.root.inputs.created_reason}"
+        Environment = "${include.root.inputs.environment_abbr}"
+        Organization = "${include.root.inputs.organization}"
+        ProjectNumber = "${include.root.inputs.project_number}"
+        Terraform = "${include.root.inputs.terraform}"
+        Terragrunt = "${include.root.inputs.terragrunt}"
+      }
+    }
+    # Only these AWS Account IDs may be operated on by this template
+    allowed_account_ids = ["${include.root.inputs.account_id}"]
+  }
+EOF
+}
diff --git a/lab/_envcommon/common-variables.hcl b/lab/_envcommon/common-variables.hcl
@@ -4,8 +4,12 @@
 # that are common across all environments/accounts.
 # ---------------------------------------------------------------------------------------------------------------------
 locals {
-  project_number = "fs0000000078"
-  project_name   = "csvd_platformbaseline"
-  project_role   = "csvd_platformbaseline_app"
-  organization   = "census:ocio:csvd"
-}
+  organization        = "census:ocio:csvd"
+  project_name        = "csvd_platformbaseline"
+  project_number      = "fs0000000078"
+  project_role        = "csvd_platformbaseline_app"
+  state_bucket_prefix = "inf-tfstate"
+  state_table_name    = "tf_remote_state"
+  terraform           = true
+  terragrunt          = true
+}
diff --git a/lab/_envcommon/default-versions.hcl b/lab/_envcommon/default-versions.hcl
@@ -0,0 +1,9 @@
+# lab/_envcommon/default-versions.hcl
+locals {
+  aws_version = "5.14.0"
+  helm_version = "2.11.0"
+  kubernetes_version = "2.33.0"
+  null_version = "3.2.1"
+  tf_version = "1.5.0"
+  template_version = "2.2.0"
+}
diff --git a/lab/_envcommon/helm-provider.hcl b/lab/_envcommon/helm-provider.hcl
@@ -0,0 +1,46 @@
+# lab/_envcommon/helm-provider.hcl
+
+dependency "eks" {
+  config_path = "${get_original_terragrunt_dir()}/../eks"
+  mock_outputs = {
+    cluster_name                                    = "a-cluster-name"
+  }
+}
+
+# Generate a helm provider block
+generate "helm_provider" {
+  path      = "${get_original_terragrunt_dir()}/helm_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+    terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> ${include.root.inputs.helm_version}"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> ${include.root.inputs.kubernetes_version}"
+    }
+  }
+  data "aws_eks_cluster" "helm" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  data "aws_eks_cluster_auth" "helm" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  provider "helm" {
+    kubernetes {
+      host                   = data.aws_eks_cluster.helm[0].endpoint
+      cluster_ca_certificate = base64decode(data.aws_eks_cluster.helm[0].certificate_authority[0].data)
+      token                  = data.aws_eks_cluster_auth.helm.token
+    }
+  }
+EOF
+}
diff --git a/lab/_envcommon/kubernetes-provider.hcl b/lab/_envcommon/kubernetes-provider.hcl
@@ -0,0 +1,40 @@
+# lab/_envcommon/kubernetes-provider.hcl
+
+dependency "eks" {
+  config_path = "${get_original_terragrunt_dir()}/../eks"
+  mock_outputs = {
+    cluster_name                                    = "a-cluster-name"
+  }
+}
+
+# Generate a k8s provider block
+generate "kube_provider" {
+  path      = "${get_original_terragrunt_dir()}/kube_provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<-EOF
+  terraform {
+    required_version = "~> ${include.root.inputs.tf_version}"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> ${include.root.inputs.aws_version}"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> ${include.root.inputs.kubernetes_version}"
+    }
+  }
+  data "aws_eks_cluster" "kube" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  data "aws_eks_cluster_auth" "kube" {
+    name = "${dependency.eks.outputs.cluster_name}"
+  }
+  provider "kubernetes" {
+    host                   = data.aws_eks_cluster.kube.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.kube.certificate_authority[0].data)
+    token                  = data.aws_eks_cluster_auth.kube.token
+  }
+EOF
+}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-dns/terragrunt.hcl
@@ -23,7 +23,7 @@ dependency "istio" {
   mock_outputs = {
     istio_ingress_lb = {
       dns_name = "a1111111111111111111111111111111-2bbbbbbbbbbbbbbb.elb.us-gov-east-1.amazonaws.com"
-      zone_id = "ZABC123456DEF"
+      zone_id  = "ZABC123456DEF"
     }
   }
 }

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks-k8s-dashboard/terragrunt.hcl
@@ -15,7 +15,7 @@ terraform {
 dependency "eks" {
   config_path = "../eks"
   mock_outputs = {
-    cluster_name = "a-cluster-name"
+    cluster_name    = "a-cluster-name"
     vpc_domain_name = "example.com"
   }
 }
@@ -26,11 +26,11 @@ dependency "eks-loki" {
 }
 
 inputs = {
-  profile           = include.root.inputs.aws_profile
-  region            = include.root.inputs.aws_region
-  cluster_name      = dependency.eks.outputs.cluster_name
-  cluster_domain    = dependency.eks.inputs.vpc_domain_name
-  public_hostname   = "dashboard"
+  profile         = include.root.inputs.aws_profile
+  region          = include.root.inputs.aws_region
+  cluster_name    = dependency.eks.outputs.cluster_name
+  cluster_domain  = dependency.eks.inputs.vpc_domain_name
+  public_hostname = "dashboard"
   # datasources        = dependency.eks-loki.outputs.gateway_internal_endpoint
   # k8s_dashboard_version = "v2.0.0"  # NEW IDEA TO START PINNING VERSIONING OF COMPONENT TO TF MODULE VERSION
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-cicd-test/eks/terragrunt.hcl
@@ -5,11 +5,11 @@ include "root" {
 
 locals {
   # Set cluster/platform specific variables, or extract from the hierarchy. 
-  account_id                               = include.root.inputs.aws_account_id
+  account_id                               = include.root.inputs.account_id
   cluster_endpoint_public_access           = true
-  cluster_name                             = "platform-eng-cicd-test"
-  cluster_version                          = "1.30"
-  creator                                  = "matthew.c.morgan@census.gov"
+  cluster_name                             = include.root.inputs.cluster_name
+  cluster_version                          = include.root.inputs.cluster_version
+  creator                                  = include.root.inputs.creator
   eks_instance_disk_size                   = 100
   eks_ng_desired_size                      = 2
   eks_ng_max_size                          = 10
@@ -23,8 +23,8 @@ locals {
   project_number                           = include.root.inputs.project_number
   project_role                             = include.root.inputs.project_role
   region                                   = include.root.inputs.aws_region
-  terraform                                = true
-  terragrunt                               = true
+  terraform                                = include.root.locals.terraform
+  terragrunt                               = include.root.locals.terragrunt
   vpc_domain_name                          = include.root.inputs.vpc_domain_name
 
   # Tags applied to AWS objects created
@@ -43,48 +43,6 @@ terraform {
   }
 }
 
-# Generate an AWS provider block
-generate "provider" {
-  path      = "provider.tf"
-  if_exists = "overwrite_terragrunt"
-  contents  = <<EOF
-terraform {
-  required_version = ">= 1.5.0"
-}
-provider "aws" {
-  region = "${local.region}"
-  profile = "${local.profile}"
-  default_tags {
-    tags = {
-      ProjectNumber = "${local.project_number}"
-      "Project Name" = "${local.project_name}"
-      "Project Role" = "${local.project_role}"
-      "Project Identifier" = "${local.project_number}:${local.project_name}"
-      Organization = "${local.organization}"
-      created_by = "${local.creator}"
-      created_for = "${local.creator}"
-      created_reason = "Terragrunt Development for CICD Delivered EKS Platform"
-      Terraform = "${local.terraform}"
-      Terragrunt = "${local.terragrunt}"
-    }
-  }
-  # Only these AWS Account IDs may be operated on by this template
-  allowed_account_ids = ["${local.account_id}"]
-}
-
-provider "kubernetes" {
-  config_path    = "~/.kube/config"
-}
-
-provider "helm" {
-  kubernetes {
-      config_path = "~/.kube/config"
-    }
-}
-
-EOF
-}
-
 inputs = {
   aws_account_id                           = local.account_id
   cluster_endpoint_public_access           = local.cluster_endpoint_public_access

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/cluster.hcl
@@ -0,0 +1,19 @@
+# Set cluster specific variables. These are automatically pulled in to configure the remote state bucket in the root
+# terragrunt.hcl configuration.
+locals {
+  cluster_endpoint_public_access           = true
+  cluster_name                             = "platform-eng-eks-mcm"
+  cluster_version                          = "1.30"
+  creator                                  = "matthew.c.morgan@census.gov"
+  eks_instance_disk_size                   = 100
+  eks_ng_desired_size                      = 2
+  eks_ng_max_size                          = 10
+  eks_ng_min_size                          = 0
+  enable_cluster_creator_admin_permissions = true
+  terraform                                = true
+  terragrunt                               = true
+  tags = {
+    "slim:schedule" = "8:00-17:00"
+    "cluster:size"  = "min:${local.eks_ng_min_size}-max:${local.eks_ng_max_size}-desired:${local.eks_ng_desired_size}"
+  }
+}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-cert-manager/terragrunt.hcl
@@ -1,6 +1,7 @@
 include "root" {
-  path   = find_in_parent_folders()
-  expose = true
+  path           = find_in_parent_folders("root.hcl")
+  merge_strategy = "deep"
+  expose         = true
 }
 
 terraform {
@@ -19,10 +20,10 @@ dependency "eks" {
   }
 }
 
-# dependency "karpenter" {
-#   config_path = "../eks-karpenter"
-#   skip_outputs = true
-# }
+dependency "eks_config" {
+  config_path  = "../eks-config"
+  skip_outputs = true
+}
 
 inputs = {
   cluster_name                     = dependency.eks.outputs.cluster_name