From fa28d815771dff43f3aa9b57b1614f412d45f3c4 Mon Sep 17 00:00:00 2001
From: Matthew Creal Morgan <matthew.c.morgan@census.gov>
Date: Wed, 23 Jul 2025 15:32:51 -0700
Subject: [PATCH] Prod changes (#8)

* add prod vars

* cleanup

* fmt

* cleanup

* pass in env_abbr
---
 _envcommon/common-variables.hcl               | 35 +++++++++--
 _envcommon/default-versions.hcl               | 59 +++++++++----------
 .../region/vpc/cluster/eks-dns/terragrunt.hcl |  1 +
 .../cluster/eks/terragrunt-debug.tfvars.json  | 13 ----
 4 files changed, 60 insertions(+), 48 deletions(-)
 delete mode 100644 environment/region/vpc/cluster/eks/terragrunt-debug.tfvars.json

diff --git a/_envcommon/common-variables.hcl b/_envcommon/common-variables.hcl
index 89c502a..effa7fa 100644
--- a/_envcommon/common-variables.hcl
+++ b/_envcommon/common-variables.hcl
@@ -8,13 +8,40 @@
 locals {
   state_bucket_prefix = "inf-tfstate"
   state_table_name    = "tf_remote_state"
+  environment_abbr    = "lab"
   route53_endpoints = {
     route53_main = {
+      "account_id"    = local.route53_info[local.environment_abbr]["account_id"]
+      "alias"         = local.route53_info[local.environment_abbr]["alias"]
+      "us-gov-east-1" = local.route53_info[local.environment_abbr]["us-gov-east-1"]
+      "us-gov-west-1" = local.route53_info[local.environment_abbr]["us-gov-west-1"]
+    }
+    route53_main_legacy = {
+      "account_id"    = local.route53_info["legacy"]["account_id"]
+      "alias"         = local.route53_info["legacy"]["alias"]
+      "us-gov-east-1" = local.route53_info["legacy"]["us-gov-east-1"]
+      "us-gov-west-1" = local.route53_info["legacy"]["us-gov-west-1"]
+    }
+  }
+  route53_info = {
+    lab = {
       "account_id"    = "269244441389"
       "alias"         = "lab-gov-network-nonprod"
       "us-gov-east-1" = "vpc-070595c5b133243dd"
       "us-gov-west-1" = "vpc-08b7b4db6a5ddf9c1"
     }
+    prod = {
+      "account_id"    = "057405694017"
+      "alias"         = "ent-ew-network-prod"
+      "us-gov-east-1" = "vpc-061325b37d748d17a"
+      "us-gov-west-1" = "vpc-0b22b68b90e47cb5f"
+    }
+    legacy = {
+      "account_id"    = "107742151971"
+      "alias"         = "do2-govcloud"
+      "us-gov-east-1" = "vpc-099a991da7c4eb8a5"
+      "us-gov-west-1" = "vpc-77877a12"
+    }
   }
   enterprise_ecr_account = {
     lab = {
@@ -31,9 +58,9 @@ locals {
     }
   }
   eecr_info = {
-    account_id = local.enterprise_ecr_account.lab["account_id"]
-    alias      = local.enterprise_ecr_account.lab["alias"]
-    profile    = local.enterprise_ecr_account.lab["profile"]
-    region     = local.enterprise_ecr_account.lab["region"]
+    account_id = local.enterprise_ecr_account[local.environment_abbr]["account_id"]
+    alias      = local.enterprise_ecr_account[local.environment_abbr]["alias"]
+    profile    = local.enterprise_ecr_account[local.environment_abbr]["profile"]
+    region     = local.enterprise_ecr_account[local.environment_abbr]["region"]
   }
 }
diff --git a/_envcommon/default-versions.hcl b/_envcommon/default-versions.hcl
index 20c68b2..eeb04b4 100644
--- a/_envcommon/default-versions.hcl
+++ b/_envcommon/default-versions.hcl
@@ -7,41 +7,38 @@ locals {
   #####################
   # Module Versions
   #####################
-  cluster_version            = "1.32"
-  custom_service_eks_account = "1.0.0"
-  eks_module_version         = "20.36.0"
-  istio_ingress_version      = "0.1.3"
+  cluster_version    = "1.32"
+  eks_module_version = "20.36.0"
 
   module_versions = {
     "2025.20.04" = {
-      "eks-arcgis"                  = false
-      "eks-cert-manager"            = "0.1.9"
-      "eks-config"                  = "1.0.5"
-      "eks-cribl"                   = "initial"
-      "eks-dns"                     = "0.1.3"
-      "eks-gatekeeper"              = "0.0.3"
-      "eks-grafana"                 = "0.1.5"
-      "eks-istio"                   = "1.0.9"
-      "tfmod-istio-service-ingress" = "0.1.6"
-      "eks-k8s-dashboard"           = "0.1.4"
-      "eks-karpenter"               = "0.1.6"
-      "eks-keycloak"                = "0.0.8"
-      "eks-kiali"                   = "0.1.4"
-      "eks-loki"                    = "0.1.4"
-      "eks-metrics-server"          = "0.1.4"
-      "eks-otel"                    = "0.0.4"
-      "eks-pipeline"                = "initial"
-      "eks-postgresql"              = false
-      "eks-prometheus"              = "0.1.4"
-      "eks-tempo"                   = "0.1.4"
-      "eks"                         = "1.0.9"
+      "eks-arcgis"         = false
+      "eks-cert-manager"   = "0.1.9"
+      "eks-config"         = "1.0.5"
+      "eks-cribl"          = "0.0.1"
+      "eks-dns"            = "0.1.3"
+      "eks-gatekeeper"     = "0.0.3"
+      "eks-grafana"        = "0.1.5"
+      "eks-istio"          = "1.0.9"
+      "eks-k8s-dashboard"  = "0.1.4"
+      "eks-karpenter"      = "0.1.6"
+      "eks-keycloak"       = "0.0.8"
+      "eks-kiali"          = "0.1.4"
+      "eks-loki"           = "0.1.4"
+      "eks-metrics-server" = "0.1.4"
+      "eks-otel"           = "0.0.4"
+      "eks-pipeline"       = "initial"
+      "eks-postgresql"     = false
+      "eks-prometheus"     = "0.1.4"
+      "eks-tempo"          = "0.1.4"
+      "eks"                = "1.0.9"
     }
   }
 
   submodule_versions = {
-    "tfmod-istio-service-ingress" = "0.1.6"
-    "tfmod-config-job"            = "0.1.8"
-
+    "tfmod-istio-service-ingress"                   = "0.1.6"
+    "tfmod-config-job"                              = "0.1.8"
+    "tfmod-custom-iam-role-for-service-account-eks" = "1.0.1"
   }
 
   #####################
@@ -71,7 +68,7 @@ locals {
     "eks-loki"          = true
     "eks-otel"          = true
     "eks-pipeline"      = false
-    "eks-postgresql"    = true
+    "eks-postgresql"    = false
     "eks-prometheus"    = true
     "eks-tempo"         = true
   }
@@ -185,7 +182,7 @@ locals {
   ################
   # Kiali
   ################
-  kiali_operator_version    = "2.2.0"
+  kiali_operator_version    = "2.12.0"
   kiali_application_version = "v${local.kiali_operator_version}"
 
   ################
@@ -213,7 +210,7 @@ locals {
   collector_version                 = "0.111.0-amd64"
   otel_helm_version                 = "0.71.2"
   otel_version                      = "0.110.0"
-  rbac_proxy_version                = "v0.19.0"
+  rbac_proxy_version                = "v0.18.1"
 
   ################
   # PostgreSQL
diff --git a/environment/region/vpc/cluster/eks-dns/terragrunt.hcl b/environment/region/vpc/cluster/eks-dns/terragrunt.hcl
index feecb98..bf687b6 100644
--- a/environment/region/vpc/cluster/eks-dns/terragrunt.hcl
+++ b/environment/region/vpc/cluster/eks-dns/terragrunt.hcl
@@ -59,6 +59,7 @@ inputs = {
 
   # Cluster Configuration
   cluster_name = include.root.inputs.cluster_name
+  environment_abbr = include.root.inputs.environment_abbr
 
   # Network Configuration
   istio_ingress_lb  = dependency.eks-istio.outputs.istio_ingress_lb
diff --git a/environment/region/vpc/cluster/eks/terragrunt-debug.tfvars.json b/environment/region/vpc/cluster/eks/terragrunt-debug.tfvars.json
deleted file mode 100644
index 8f1efa1..0000000
--- a/environment/region/vpc/cluster/eks/terragrunt-debug.tfvars.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "cluster_name": "csvd-platform-lab-mcm",
-  "cluster_version": "1.32",
-  "eks_instance_disk_size": 100,
-  "eks_ng_desired_size": 2,
-  "eks_ng_max_size": 10,
-  "eks_ng_min_size": 2,
-  "tags": {
-    "cluster:size": "min:2-max:10-desired:2",
-    "slim:schedule": "8:00-17:00"
-  },
-  "vpc_name": "vpc3-lab-dev"
-}
\ No newline at end of file