SCT-Engineering · morga471 · Mar 13, 2025 · Mar 12, 2025 · Mar 13, 2025
diff --git a/lab/_envcommon/default-versions.hcl b/lab/_envcommon/default-versions.hcl
@@ -89,7 +89,7 @@ locals {
   ################
   # Kiali
   ################
-  kiali_operator_version    = "1.73.0"
+  kiali_operator_version    = "2.2.0"
   kiali_application_version = "v${local.kiali_operator_version}"
 
   ################

diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-cert-manager/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-cert-manager/terragrunt.hcl
@@ -13,31 +13,45 @@ terraform {
   }
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-config",
+    "../eks-karpenter"
+  ]
+}
+
 dependency "eks" {
-  config_path = "../eks"
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+
   mock_outputs = {
-    cluster_name      = "a-cluster-name"
-    oidc_provider_arn = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
+    cluster_name      = include.root.inputs.cluster_name
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+    cluster_endpoint  = "https://mock-endpoint.eks.amazonaws.com"
+    cluster_version   = include.root.inputs.cluster_version
   }
 }
 
-dependency "eks_config" {
-  config_path  = "../eks-config"
-  skip_outputs = true
-}
-
 inputs = {
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Cluster Configuration
+  cluster_name         = dependency.eks.outputs.cluster_name
+  cluster_mailing_list = include.root.inputs.cluster_mailing_list
+  oidc_provider_arn    = dependency.eks.outputs.oidc_provider_arn
+
+  # Cert Manager Configuration
+  cert_manager_helm_chart = include.root.inputs.cert_manager_helm_chart
+  cluster_issuer_name     = include.root.inputs.cluster_issuer_name
+
+  # Version Tags
   cert_manager_cainjector_tag      = include.root.inputs.cert_manager_cainjector_tag
   cert_manager_controller_tag      = include.root.inputs.cert_manager_controller_tag
-  cert_manager_helm_chart          = include.root.inputs.cert_manager_helm_chart
   cert_manager_startupapicheck_tag = include.root.inputs.cert_manager_startupapicheck_tag
   cert_manager_webhook_tag         = include.root.inputs.cert_manager_webhook_tag
-  cluster_issuer_name              = include.root.inputs.cluster_issuer_name
-  cluster_mailing_list             = dependency.eks.inputs.creator
-  cluster_name                     = dependency.eks.outputs.cluster_name
-  oidc_provider_arn                = dependency.eks.outputs.oidc_provider_arn
-  profile                          = include.root.inputs.aws_profile
-  region                           = include.root.inputs.aws_region
-  release_version                  = include.root.inputs.release_version
   namespace                        = include.root.inputs.namespaces["cert-manager"]
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-config/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-config/terragrunt.hcl
@@ -1,11 +1,16 @@
-# lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-config/terragrunt.hcl
-
 include "root" {
   path           = find_in_parent_folders("root.hcl")
   merge_strategy = "deep"
   expose         = true
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    # "../eks-karpenter"
+  ]
+}
+
 terraform {
   # source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-configuration.git?ref=${include.root.inputs.release_version}"
   source = "../../../../../../../tfmod-eks-configuration"
@@ -16,50 +21,31 @@ terraform {
 }
 
 dependency "eks" {
-  config_path = "../eks"
-  mock_outputs = {
-    cluster_certificate_authority_data              = [{ data = "THISISAVERYLONGCERTSTRINGTHATGOESHEREFORSURENODYEP" }]
-    cluster_endpoint                                = "https://12345ABCDEE42BF9C24D4C362D1DC.sk1.us-gov-east-1.eks.amazonaws.com"
-    cluster_name                                    = "a-cluster-name"
-    eks_managed_node_groups_autoscaling_group_names = ["eks-eks-a-cluster-name-node_group-0000000000000000000000000-5ac8a5e3-14dd-c043-2cc9-f4b6ffb36d32"]
-    oidc_provider_arn                               = "arn:aws-us-gov:iam::111111111111:oidc-provider/oidc.eks.us-gov-east-1.amazonaws.com/id/0000000000000000AAAAAAAAAAAAAAAA"
-    security_group_all_worker_mgmt_id               = "sg-00b0000000000000"
-    subnets                                         = ["subnet-00000000000000001", "subnet-00000000000000002", "subnet-00000000000000003"]
-    vpc_id                                          = "a-vpc-id"
-  }
-}
-
-generate "kubectl-provider" {
-  path      = "kubectl-provider.tf"
-  if_exists = "overwrite"
-  contents  = <<-EOF
-  %{if dependency.eks.outputs.cluster_name != "a-cluster-name"~}
-  data "aws_eks_cluster" "kubectl" {
-    name = "${dependency.eks.outputs.cluster_name}"
-  }
-  provider "kubectl" {
-    apply_retry_count      = 5
-    host                   = data.aws_eks_cluster.kubectl.endpoint
-    cluster_ca_certificate = base64decode(data.aws_eks_cluster.kubectl.certificate_authority[0].data)
-    load_config_file       = false
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
 
-    exec {
-      api_version = "client.authentication.k8s.io/v1beta1"
-      command     = "aws"
-      args = ["eks", "get-token", "--cluster-name", "${dependency.eks.outputs.cluster_name}", "--region", "${include.root.inputs.aws_region}"]
-    }
+  mock_outputs = {
+    cluster_name                                    = "mock-cluster"
+    cluster_endpoint                                = "https://mock-endpoint.eks.amazonaws.com"
+    cluster_certificate_authority_data              = [{ data = "mock-cert-data" }]
+    eks_managed_node_groups_autoscaling_group_names = ["mock-asg-name"]
+    oidc_provider_arn                               = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+    security_group_all_worker_mgmt_id               = "sg-mock"
+    subnets                                         = ["subnet-mock1", "subnet-mock2"]
+    vpc_id                                          = "vpc-mock"
   }
-  %{endif~}
-  EOF
 }
 
 inputs = {
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Core Cluster Configuration
   cluster_name                                    = dependency.eks.outputs.cluster_name
   eks_managed_node_groups_autoscaling_group_names = dependency.eks.outputs.eks_managed_node_groups_autoscaling_group_names
   oidc_provider_arn                               = dependency.eks.outputs.oidc_provider_arn
-  profile                                         = include.root.inputs.aws_profile
-  region                                          = include.root.inputs.aws_region
-  release_version                                 = include.root.inputs.release_version
   security_group_all_worker_mgmt_id               = dependency.eks.outputs.security_group_all_worker_mgmt_id
   subnets                                         = dependency.eks.outputs.subnets
   vpc_id                                          = dependency.eks.outputs.vpc_id

diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-dns/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-dns/terragrunt.hcl
@@ -5,38 +5,57 @@ include "root" {
 }
 
 terraform {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-dns.git?ref=${include.root.inputs.release_version}"
+  # source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-eks-dns.git?ref=${include.root.inputs.release_version}"
+  source = "../../../../../../../tfmod-eks-dns"
   extra_arguments "retry_lock" {
     commands  = get_terraform_commands_that_need_locking()
     arguments = ["-lock-timeout=20m"]
   }
 }
 
 dependency "eks" {
-  config_path = "../eks"
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    subnets = ["subnet-abcdefgh", "subnet-12345678", "subnet-ab12cd34"]
+    cluster_name = include.root.inputs.cluster_name
+    subnets      = ["subnet-mock1", "subnet-mock2", "subnet-mock3"]
   }
 }
 
-dependency "istio" {
-  config_path = "../eks-istio"
+dependency "eks-istio" {
+  config_path                             = "../eks-istio"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
     istio_ingress_lb = {
-      dns_name = "a1111111111111111111111111111111-2bbbbbbbbbbbbbbb.elb.us-gov-east-1.amazonaws.com"
-      zone_id  = "ZABC123456DEF"
+      dns_name = "mock-${include.root.inputs.cluster_name}.elb.amazonaws.com"
+      zone_id  = "MOCKZONEID"
     }
   }
 }
 
+dependencies {
+  paths = [
+    "../eks-config",
+    "../eks-istio",
+    "../eks-karpenter"
+  ]
+}
+
 inputs = {
-  cluster_name      = dependency.eks.inputs.cluster_name
-  istio_ingress_lb  = dependency.istio.outputs.istio_ingress_lb
-  profile           = include.root.inputs.aws_profile
-  region            = include.root.inputs.aws_region
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Cluster Configuration
+  cluster_name = include.root.inputs.cluster_name
+
+  # Network Configuration
+  istio_ingress_lb  = dependency.eks-istio.outputs.istio_ingress_lb
   route53_endpoints = include.root.inputs.route53_endpoints
-  subnets           = dependency.eks.outputs.subnets
-  tags              = dependency.eks.inputs.tags
-  vpc_domain_name   = dependency.eks.inputs.vpc_domain_name
-  vpc_name          = dependency.eks.inputs.vpc_name
+  vpc_domain_name   = include.root.inputs.vpc_domain_name
+  vpc_name          = include.root.inputs.vpc_name
+
+  # Additional Configuration
+  tags = include.root.inputs.tags
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-grafana/terragrunt.hcl
@@ -13,6 +13,15 @@ terraform {
   }
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-loki",
+    "../eks-prometheus",
+    "../eks-tempo"
+  ]
+}
+
 dependency "eks" {
   config_path = "../eks"
   mock_outputs = {
@@ -24,6 +33,33 @@ dependency "eks-loki" {
   config_path = "../eks-loki"
   mock_outputs = {
     rwo_storage_class = "gp3-encrypted"
+    gateway_internal_endpoint = {
+      hostname = "loki-gateway.telemetry.svc.cluster.local"
+      portNumber = "80"
+      url = "http://loki-gateway.telemetry.svc.cluster.local:80/"
+    }
+  }
+}
+
+dependency "eks-prometheus" {
+  config_path = "../eks-prometheus"
+  mock_outputs = {
+    prometheus_server_internal_endpoint = {
+      hostname    = "prometheus-server.prometheus.svc.cluster.local"
+      port_number = 9090
+      url         = "http://prometheus-server.prometheus.svc.cluster.local:9090/"
+    }
+  }
+}
+
+dependency "eks-tempo" {
+  config_path = "../eks-tempo"
+  mock_outputs = {
+    tempo_internal_endpoint = {
+      hostname = "tempo.telemetry.svc.cluster.local"
+      port_number = 4317
+      url = "http://tempo.telemetry.svc.cluster.local:4317/"
+    }
   }
 }
 
@@ -38,5 +74,8 @@ inputs = {
   public_hostname               = include.root.inputs.grafana_hostname
   region                        = include.root.inputs.aws_region
   rwo_storage_class             = dependency.eks-loki.outputs.rwo_storage_class
+  loki_endpoint                 = dependency.eks-loki.outputs.gateway_internal_endpoint.url
+  prometheus_endpoint           = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.url
+  tempo_endpoint                = dependency.eks-tempo.outputs.tempo_internal_endpoint.url
   namespace                     = include.root.inputs.namespaces["grafana"]
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-istio/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-istio/terragrunt.hcl
@@ -13,23 +13,33 @@ terraform {
   }
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-config"
+  ]
+}
+
 dependency "eks" {
-  config_path = "../eks"
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    cluster_name = "a-cluster-name"
+    cluster_name      = include.root.inputs.cluster_name
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
   }
 }
 
-dependency "eks-karpenter" {
-  config_path  = "../eks-karpenter"
-  skip_outputs = true
-}
-
 inputs = {
-  cluster_name        = dependency.eks.outputs.cluster_name
-  istio_chart_version = include.root.inputs.istio_version
-  istio_version       = include.root.inputs.istio_version
-  profile             = include.root.inputs.aws_profile
-  region              = include.root.inputs.aws_region
-  namespace           = include.root.inputs.namespaces["istio"]
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Cluster Configuration
+  cluster_name      = dependency.eks.outputs.cluster_name
+  oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
+
+  # Istio Configuration
+  namespace     = include.root.inputs.namespaces["istio"]
+  istio_version = include.root.inputs.istio_version
 }
diff --git a/lab/development/us-gov-east-1/vpc/platform-test-z/eks-k8s-dashboard/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-test-z/eks-k8s-dashboard/terragrunt.hcl
@@ -13,26 +13,34 @@ terraform {
   }
 }
 
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-config",
+    "../eks-dns"
+  ]
+}
+
 dependency "eks" {
-  config_path = "../eks"
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
-    cluster_name    = "a-cluster-name"
-    vpc_domain_name = "example.com"
+    cluster_name      = include.root.inputs.cluster_name
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
   }
 }
 
-dependency "eks-loki" {
-  config_path  = "../eks-loki"
-  skip_outputs = true
-}
-
 inputs = {
-  # datasources        = dependency.eks-loki.outputs.gateway_internal_endpoint
-  cluster_domain        = dependency.eks.inputs.vpc_domain_name
-  cluster_name          = dependency.eks.outputs.cluster_name
+  # AWS Configuration
+  account_id = include.root.inputs.aws_account_id
+  profile    = include.root.inputs.aws_profile
+  region     = include.root.inputs.aws_region
+
+  # Cluster Configuration
+  cluster_domain = include.root.inputs.vpc_domain_name
+  cluster_name   = dependency.eks.outputs.cluster_name
+
+  # Dashboard Configuration
   k8s_dashboard_version = include.root.inputs.k8s_dashboard_version
-  profile               = include.root.inputs.aws_profile
-  public_hostname       = include.root.inputs.dashboard_hostname
-  region                = include.root.inputs.aws_region
-  namespace             = include.root.inputs.namespaces["k8s-dashboard"]
-}
+  namespace = include.root.inputs.namespaces["k8s-dashboard"]
+}