update environment_abbr based on account_name

locals.tf

@@ -1,34 +1,33 @@
 locals {
   common_vars = merge({
-    organization        = "census:ocio:csvd"
-    project_name        = "csvd_platformbaseline"
-    project_number      = "fs0000000078"
-    project_role        = "csvd_platformbaseline_app"
+    organization        = "CHANGEME"
+    project_name        = "CHANGEME"
+    project_number      = "CHANGEME"
+    project_role        = "CHANGEME"
     state_bucket_prefix = "inf-tfstate"
     state_table_name    = "tf_remote_state"
     route53_endpoints   = {}
   }, var.common_variables)
 
   # First define base namespaces without dependencies
   base_namespaces = {
-    karpenter      = "karpenter"
-    postgresql     = "kube-system"
-    keycloak       = "keycloak"
-    gogatekeeper   = "kube-system"
-    istio          = "istio-system"
-    kiali          = "istio-system"
+    karpenter    = "kube-system"
+    postgresql   = "kube-system"
+    keycloak     = "keycloak"
+    gogatekeeper = "keycloak"
+    istio        = "istio-system"
+    kiali        = "istio-system"
   }
 
   # Then merge with telemetry namespaces
   all_namespaces = merge(
     local.base_namespaces,
     {
-      grafana       = var.namespaces.telemetry_namespace
-      k8s-dashboard = var.namespaces.telemetry_namespace
-      loki          = var.namespaces.telemetry_namespace
-      otel          = var.namespaces.telemetry_namespace
-      prometheus    = var.namespaces.telemetry_namespace
-      tempo         = var.namespaces.telemetry_namespace
+      grafana    = var.namespaces.telemetry_namespace
+      loki       = var.namespaces.telemetry_namespace
+      otel       = var.namespaces.telemetry_namespace
+      prometheus = var.namespaces.telemetry_namespace
+      tempo      = var.namespaces.telemetry_namespace
     },
     var.namespaces.custom_namespaces
   )
@@ -56,8 +55,6 @@ locals {
     tf_version         = var.versions.tf_version
 
     # Component versions
-    cluster_issuer_name     = var.versions.cert_manager.cluster_issuer_name
-
     gogatekeeper_tag           = var.versions.gogatekeeper.tag
     gogatekeeper_chart_version = var.versions.gogatekeeper.chart_version
 
@@ -67,8 +64,7 @@ locals {
     grafana_tag                    = var.versions.grafana.tag
     os_shell_image_tag             = var.versions.grafana.os_shell_image_tag
 
-    istio_version   = var.versions.istio.version
-    istio_namespace = var.versions.istio.namespace
+    istio_version = var.versions.istio.version
 
     karpenter_helm_chart = var.versions.karpenter.helm_chart
     karpenter_tag        = var.versions.karpenter.tag
@@ -96,8 +92,6 @@ locals {
     prometheus_server_tag          = var.versions.prometheus.server_tag
     prometheus_config_reloader_tag = var.versions.prometheus.config_reloader_tag
     alertmanager_tag               = var.versions.prometheus.alertmanager_tag
-    kube_state_metrics_tag         = var.versions.prometheus.kube_state_metrics_tag
-    node_exporter_tag              = var.versions.prometheus.node_exporter_tag
     pushgateway_tag                = var.versions.prometheus.pushgateway_tag
 
     tempo_chart_version = var.versions.tempo.chart_version

main.tf

@@ -33,23 +33,23 @@ locals {
     "root.hcl" : templatefile("${path.module}/templates/root.hcl.tf.tpl", {
       environment = var.environment
     }),
-    "environment/account.hcl" : templatefile("${path.module}/templates/account.hcl.tf.tpl", {
+    "${var.environment}/account.hcl" : templatefile("${path.module}/templates/account.hcl.tf.tpl", {
       account_name     = var.cluster_config.account_name,
       aws_account_id   = var.cluster_config.aws_account_id,
       environment      = var.environment,
       environment_abbr = var.cluster_config.environment_abbr
     }),
-    "environment/region/region.hcl" : templatefile("${path.module}/templates/region.hcl.tf.tpl", {
+    "${var.environment}/${var.region}/region.hcl" : templatefile("${path.module}/templates/region.hcl.tf.tpl", {
       aws_region  = var.region,
       environment = var.environment
     }),
-    "environment/region/vpc/vpc.hcl" : templatefile("${path.module}/templates/vpc.hcl.tf.tpl", {
+    "${var.environment}/${var.region}/vpc/vpc.hcl" : templatefile("${path.module}/templates/vpc.hcl.tf.tpl", {
       vpc_name        = var.cluster_config.vpc_name,
       vpc_domain_name = var.cluster_config.vpc_domain_name,
       environment     = var.environment,
       aws_region      = var.region
     }),
-    "environment/region/vpc/cluster/cluster.hcl" : templatefile("${path.module}/templates/cluster.hcl.tf.tpl", {
+    "${var.environment}/${var.region}/vpc/cluster/cluster.hcl" : templatefile("${path.module}/templates/cluster.hcl.tf.tpl", {
       cluster_name                             = var.name,
       cluster_mailing_list                     = var.cluster_config.cluster_mailing_list,
       aws_profile                              = local.aws_profile,

providers.tf

@@ -6,7 +6,7 @@ terraform {
     }
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 6.0"
     }
   }
 }

templates/account.hcl.tf.tpl

@@ -7,5 +7,5 @@ locals {
   aws_account_id   = "${aws_account_id}"
   aws_profile      = format("%v-%v", local.aws_account_id, replace(local.account_name, "-ew", "-gov"))
   environment      = "${environment}"
-  environment_abbr = local.environment_abbr == 'lab' ? 'lab' : 'prod'
+  environment_abbr = contains(local.account_name, 'lab') ? 'lab' : contains(local.account_name, 'dev') ? 'dev' : contains(local.account_name, 'prod') ? 'prod' : 'CHANGEME'
 }

templates/default-versions.hcl

@@ -23,13 +23,6 @@ locals {
   # Component Versions
   #####################
 
-  ################
-  # Cert-Manager
-  ################
-  cluster_issuer_name              = "${cluster_issuer_name}"
-  cert_manager_version             = "${cert_manager_version}"
-  cert_manager_helm_chart          = "${cert_manager_helm_chart}"
-
   ################
   # GoGatekeeper
   ################
@@ -48,7 +41,6 @@ locals {
   ################
   # Istio
   ################
-  istio_namespace = "${istio_namespace}"
   istio_version   = "${istio_version}"
 
   ################
@@ -92,8 +84,6 @@ locals {
   prometheus_server_tag          = "${prometheus_server_tag}"
   prometheus_config_reloader_tag = "${prometheus_config_reloader_tag}"
   alertmanager_tag               = "${alertmanager_tag}"
-  kube_state_metrics_tag         = "${kube_state_metrics_tag}"
-  node_exporter_tag              = "${node_exporter_tag}"
   pushgateway_tag                = "${pushgateway_tag}"
 
   ################

variables.tf

@@ -37,9 +37,9 @@ variable "cluster_config" {
 variable "finops" {
   description = "FinOps configuration for cost tracking and billing"
   type = object({
-    project_name   = optional(string, "csvd_platformbaseline")
-    project_number = optional(string, "fs0000000078")
-    project_role   = optional(string, "csvd_platformbaseline_app")
+    project_name   = optional(string, "CHANGEME")
+    project_number = optional(string, "CHANGEME")
+    project_role   = optional(string, "CHANGEME")
   })
   default = {}
 }
@@ -72,10 +72,10 @@ variable "force_name" {
 variable "common_variables" {
   description = "Common variables across all environments (internal use)"
   type = object({
-    organization        = optional(string, "census:ocio:csvd")
-    project_name        = optional(string, "csvd_platformbaseline")
-    project_number      = optional(string, "fs0000000078")
-    project_role        = optional(string, "csvd_platformbaseline_app")
+    organization        = optional(string, "CHANGEME")
+    project_name        = optional(string, "CHANGEME")
+    project_number      = optional(string, "CHANGEME")
+    project_role        = optional(string, "CHANGEME")
     state_bucket_prefix = optional(string, "inf-tfstate")
     state_table_name    = optional(string, "tf_remote_state")
     route53_endpoints = optional(map(object({
@@ -92,12 +92,12 @@ variable "versions" {
   description = "Version configurations for various components (internal use)"
   type = object({
     # Module Versions
-    cluster_version    = optional(string, "1.31")
-    eks_module_version = optional(string, "20.33.1")
+    cluster_version    = optional(string, "1.34")
+    eks_module_version = optional(string, "21.11.1")
     release_version    = optional(string, "main")
 
     # TF Providers
-    aws_version        = optional(string, "5.84.0")
+    aws_version        = optional(string, "6.0")
     helm_version       = optional(string, "2.11.0")
     kubernetes_version = optional(string, "2.33.0")
     null_version       = optional(string, "3.2.1")
@@ -106,15 +106,9 @@ variable "versions" {
     tf_version         = optional(string, "1.5.5")
 
     # Component Versions
-    cert_manager = optional(object({
-      version             = optional(string, "1.17.1")
-      chart_version       = optional(string, "1.17.1")
-      cluster_issuer_name = optional(string, "cert-manager")
-    }), {})
-
     gogatekeeper = optional(object({
-      tag           = optional(string, "3.2.1")
-      chart_version = optional(string, "0.1.53")
+      tag           = optional(string, "4.4.0")
+      chart_version = optional(string, "0.1.60")
     }), {})
 
     grafana = optional(object({
@@ -126,63 +120,49 @@ variable "versions" {
     }), {})
 
     istio = optional(object({
-      version   = optional(string, "1.25.0")
-      namespace = optional(string, "istio-system")
-    }), {})
-
-    k8s_dashboard = optional(object({
-      hostname        = optional(string, "dashboard")
-      metrics_scraper = optional(string, "1.0.8")
-      version         = optional(string, "6.0.6")
+      version = optional(string, "1.28.3")
     }), {})
 
     karpenter = optional(object({
-      helm_chart = optional(string, "1.3.1")
-      tag        = optional(string, "1.3.1")
+      helm_chart = optional(string, "1.8.5")
+      tag        = optional(string, "1.8.5")
     }), {})
 
     keycloak = optional(object({
-      chart_version  = optional(string, "24.4.11")
-      tag            = optional(string, "26.1.3")
+      chart_version  = optional(string, "7.0.1")
+      tag            = optional(string, "26.0.7")
       hostname       = optional(string, "keycloak")
       database       = optional(string, "keycloak")
       username       = optional(string, "keycloak")
       password       = optional(string, "this is my very secure and totally random password horse battery staple now")
-      postgresql_tag = optional(string, "17.4.0-debian-12-r2")
+      postgresql_tag = optional(string, "17.4.0-debian-12-r4")
     }), {})
 
     kiali = optional(object({
-      operator_version = optional(string, "2.2.0")
+      operator_version = optional(string, "2.21.0")
     }), {})
 
     loki = optional(object({
-      chart_version                   = optional(string, "6.27.0")
-      tag                             = optional(string, "3.4.2")
-      enterprise_logs_provisioner_tag = optional(string, "v1.7.0")
-      gateway_tag                     = optional(string, "1.27-alpine")
-      memcached_tag                   = optional(string, "1.6.37")
-      exporter_tag                    = optional(string, "v0.15.0")
-      sidecar_tag                     = optional(string, "1.27.4")
-    }), {})
-
-    metrics_server = optional(object({
-      helm_chart = optional(string, "3.12.2")
-      tag        = optional(string, "0.7.2")
+      chart_version                   = optional(string, "6.49.0")
+      tag                             = optional(string, "3.6.3")
+      enterprise_logs_provisioner_tag = optional(string, "3.6.2")
+      gateway_tag                     = optional(string, "1.29.4")
+      memcached_tag                   = optional(string, "1.6.40")
+      exporter_tag                    = optional(string, "v0.15.3")
+      sidecar_tag                     = optional(string, "2.4.0")
     }), {})
 
     prometheus = optional(object({
-      chart_version          = optional(string, "27.5.1")
-      server_tag             = optional(string, "v3.2.1")
-      config_reloader_tag    = optional(string, "v0.75.2")
-      alertmanager_tag       = optional(string, "v0.28.0")
-      kube_state_metrics_tag = optional(string, "v2.15.0")
-      node_exporter_tag      = optional(string, "v1.9.0")
-      pushgateway_tag        = optional(string, "v1.11.0")
+      chart_version       = optional(string, "28.6.0")
+      server_tag          = optional(string, "v3.9.1")
+      config_reloader_tag = optional(string, "v0.88.0")
+      alertmanager_tag    = optional(string, "v0.30.1")
+      pushgateway_tag     = optional(string, "v1.6.2")
     }), {})
 
     tempo = optional(object({
-      chart_version = optional(string, "1.18.2")
-      tag           = optional(string, "2.7.1")
+      chart_version = optional(string, "1.24.3")
+      tag           = optional(string, "2.9.1")
     }), {})
   })
   default = {}
@@ -191,17 +171,15 @@ variable "versions" {
 variable "namespaces" {
   description = "Namespace configurations (internal use)"
   type = object({
-    operator_namespace  = optional(string, "aoperator")
-    telemetry_namespace = optional(string, "atelemetry")
+    operator_namespace  = optional(string, "operator")
+    telemetry_namespace = optional(string, "telemetry")
     custom_namespaces = optional(map(string), {
-      cert-manager   = "kube-system"
-      karpenter      = "karpenter"
-      metrics-server = "kube-system"
-      postgresql     = "kube-system"
-      keycloak       = "keycloak"
-      gogatekeeper   = "kube-system"
-      istio          = "istio-system"
-      kiali          = "istio-system"
+      karpenter    = "karpenter"
+      postgresql   = "kube-system"
+      keycloak     = "keycloak"
+      gogatekeeper = "kube-system"
+      istio        = "istio-system"
+      kiali        = "istio-system"
     })
   })
   default = {}
@@ -211,7 +189,6 @@ variable "enable_modules" {
   description = "Map of modules to enable (internal use)"
   type = object({
     gogatekeeper = optional(bool, false)
-    cert_manager = optional(bool, false)
     prometheus   = optional(bool, false)
     grafana      = optional(bool, false)
     istio        = optional(bool, false)