From 45633449d5d25668d8f8a06003d00e983422591f Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 16 Mar 2026 17:51:16 -0400 Subject: [PATCH] update environment_abbr based on account_name --- locals.tf | 38 +++++------- main.tf | 8 +-- providers.tf | 2 +- templates/account.hcl.tf.tpl | 2 +- templates/default-versions.hcl | 10 ---- variables.tf | 105 +++++++++++++-------------------- 6 files changed, 63 insertions(+), 102 deletions(-) diff --git a/locals.tf b/locals.tf index 4cb50a7..4b76f30 100644 --- a/locals.tf +++ b/locals.tf @@ -1,9 +1,9 @@ locals { common_vars = merge({ - organization = "census:ocio:csvd" - project_name = "csvd_platformbaseline" - project_number = "fs0000000078" - project_role = "csvd_platformbaseline_app" + organization = "CHANGEME" + project_name = "CHANGEME" + project_number = "CHANGEME" + project_role = "CHANGEME" state_bucket_prefix = "inf-tfstate" state_table_name = "tf_remote_state" route53_endpoints = {} @@ -11,24 +11,23 @@ locals { # First define base namespaces without dependencies base_namespaces = { - karpenter = "karpenter" - postgresql = "kube-system" - keycloak = "keycloak" - gogatekeeper = "kube-system" - istio = "istio-system" - kiali = "istio-system" + karpenter = "kube-system" + postgresql = "kube-system" + keycloak = "keycloak" + gogatekeeper = "keycloak" + istio = "istio-system" + kiali = "istio-system" } # Then merge with telemetry namespaces all_namespaces = merge( local.base_namespaces, { - grafana = var.namespaces.telemetry_namespace - k8s-dashboard = var.namespaces.telemetry_namespace - loki = var.namespaces.telemetry_namespace - otel = var.namespaces.telemetry_namespace - prometheus = var.namespaces.telemetry_namespace - tempo = var.namespaces.telemetry_namespace + grafana = var.namespaces.telemetry_namespace + loki = var.namespaces.telemetry_namespace + otel = var.namespaces.telemetry_namespace + prometheus = var.namespaces.telemetry_namespace + tempo = var.namespaces.telemetry_namespace }, var.namespaces.custom_namespaces ) @@ -56,8 +55,6 @@ locals { tf_version = var.versions.tf_version # Component versions - cluster_issuer_name = var.versions.cert_manager.cluster_issuer_name - gogatekeeper_tag = var.versions.gogatekeeper.tag gogatekeeper_chart_version = var.versions.gogatekeeper.chart_version @@ -67,8 +64,7 @@ locals { grafana_tag = var.versions.grafana.tag os_shell_image_tag = var.versions.grafana.os_shell_image_tag - istio_version = var.versions.istio.version - istio_namespace = var.versions.istio.namespace + istio_version = var.versions.istio.version karpenter_helm_chart = var.versions.karpenter.helm_chart karpenter_tag = var.versions.karpenter.tag @@ -96,8 +92,6 @@ locals { prometheus_server_tag = var.versions.prometheus.server_tag prometheus_config_reloader_tag = var.versions.prometheus.config_reloader_tag alertmanager_tag = var.versions.prometheus.alertmanager_tag - kube_state_metrics_tag = var.versions.prometheus.kube_state_metrics_tag - node_exporter_tag = var.versions.prometheus.node_exporter_tag pushgateway_tag = var.versions.prometheus.pushgateway_tag tempo_chart_version = var.versions.tempo.chart_version diff --git a/main.tf b/main.tf index 44c5d2d..6235792 100644 --- a/main.tf +++ b/main.tf @@ -33,23 +33,23 @@ locals { "root.hcl" : templatefile("${path.module}/templates/root.hcl.tf.tpl", { environment = var.environment }), - "environment/account.hcl" : templatefile("${path.module}/templates/account.hcl.tf.tpl", { + "${var.environment}/account.hcl" : templatefile("${path.module}/templates/account.hcl.tf.tpl", { account_name = var.cluster_config.account_name, aws_account_id = var.cluster_config.aws_account_id, environment = var.environment, environment_abbr = var.cluster_config.environment_abbr }), - "environment/region/region.hcl" : templatefile("${path.module}/templates/region.hcl.tf.tpl", { + "${var.environment}/${var.region}/region.hcl" : templatefile("${path.module}/templates/region.hcl.tf.tpl", { aws_region = var.region, environment = var.environment }), - "environment/region/vpc/vpc.hcl" : templatefile("${path.module}/templates/vpc.hcl.tf.tpl", { + "${var.environment}/${var.region}/vpc/vpc.hcl" : templatefile("${path.module}/templates/vpc.hcl.tf.tpl", { vpc_name = var.cluster_config.vpc_name, vpc_domain_name = var.cluster_config.vpc_domain_name, environment = var.environment, aws_region = var.region }), - "environment/region/vpc/cluster/cluster.hcl" : templatefile("${path.module}/templates/cluster.hcl.tf.tpl", { + "${var.environment}/${var.region}/vpc/cluster/cluster.hcl" : templatefile("${path.module}/templates/cluster.hcl.tf.tpl", { cluster_name = var.name, cluster_mailing_list = var.cluster_config.cluster_mailing_list, aws_profile = local.aws_profile, diff --git a/providers.tf b/providers.tf index fd4066f..9085181 100644 --- a/providers.tf +++ b/providers.tf @@ -6,7 +6,7 @@ terraform { } aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 6.0" } } } diff --git a/templates/account.hcl.tf.tpl b/templates/account.hcl.tf.tpl index 828d8b1..b348f6b 100644 --- a/templates/account.hcl.tf.tpl +++ b/templates/account.hcl.tf.tpl @@ -7,5 +7,5 @@ locals { aws_account_id = "${aws_account_id}" aws_profile = format("%v-%v", local.aws_account_id, replace(local.account_name, "-ew", "-gov")) environment = "${environment}" - environment_abbr = local.environment_abbr == 'lab' ? 'lab' : 'prod' + environment_abbr = contains(local.account_name, 'lab') ? 'lab' : contains(local.account_name, 'dev') ? 'dev' : contains(local.account_name, 'prod') ? 'prod' : 'CHANGEME' } diff --git a/templates/default-versions.hcl b/templates/default-versions.hcl index f3f2dc7..5cf6612 100644 --- a/templates/default-versions.hcl +++ b/templates/default-versions.hcl @@ -23,13 +23,6 @@ locals { # Component Versions ##################### - ################ - # Cert-Manager - ################ - cluster_issuer_name = "${cluster_issuer_name}" - cert_manager_version = "${cert_manager_version}" - cert_manager_helm_chart = "${cert_manager_helm_chart}" - ################ # GoGatekeeper ################ @@ -48,7 +41,6 @@ locals { ################ # Istio ################ - istio_namespace = "${istio_namespace}" istio_version = "${istio_version}" ################ @@ -92,8 +84,6 @@ locals { prometheus_server_tag = "${prometheus_server_tag}" prometheus_config_reloader_tag = "${prometheus_config_reloader_tag}" alertmanager_tag = "${alertmanager_tag}" - kube_state_metrics_tag = "${kube_state_metrics_tag}" - node_exporter_tag = "${node_exporter_tag}" pushgateway_tag = "${pushgateway_tag}" ################ diff --git a/variables.tf b/variables.tf index 349eb0f..2a5555b 100644 --- a/variables.tf +++ b/variables.tf @@ -37,9 +37,9 @@ variable "cluster_config" { variable "finops" { description = "FinOps configuration for cost tracking and billing" type = object({ - project_name = optional(string, "csvd_platformbaseline") - project_number = optional(string, "fs0000000078") - project_role = optional(string, "csvd_platformbaseline_app") + project_name = optional(string, "CHANGEME") + project_number = optional(string, "CHANGEME") + project_role = optional(string, "CHANGEME") }) default = {} } @@ -72,10 +72,10 @@ variable "force_name" { variable "common_variables" { description = "Common variables across all environments (internal use)" type = object({ - organization = optional(string, "census:ocio:csvd") - project_name = optional(string, "csvd_platformbaseline") - project_number = optional(string, "fs0000000078") - project_role = optional(string, "csvd_platformbaseline_app") + organization = optional(string, "CHANGEME") + project_name = optional(string, "CHANGEME") + project_number = optional(string, "CHANGEME") + project_role = optional(string, "CHANGEME") state_bucket_prefix = optional(string, "inf-tfstate") state_table_name = optional(string, "tf_remote_state") route53_endpoints = optional(map(object({ @@ -92,12 +92,12 @@ variable "versions" { description = "Version configurations for various components (internal use)" type = object({ # Module Versions - cluster_version = optional(string, "1.31") - eks_module_version = optional(string, "20.33.1") + cluster_version = optional(string, "1.34") + eks_module_version = optional(string, "21.11.1") release_version = optional(string, "main") # TF Providers - aws_version = optional(string, "5.84.0") + aws_version = optional(string, "6.0") helm_version = optional(string, "2.11.0") kubernetes_version = optional(string, "2.33.0") null_version = optional(string, "3.2.1") @@ -106,15 +106,9 @@ variable "versions" { tf_version = optional(string, "1.5.5") # Component Versions - cert_manager = optional(object({ - version = optional(string, "1.17.1") - chart_version = optional(string, "1.17.1") - cluster_issuer_name = optional(string, "cert-manager") - }), {}) - gogatekeeper = optional(object({ - tag = optional(string, "3.2.1") - chart_version = optional(string, "0.1.53") + tag = optional(string, "4.4.0") + chart_version = optional(string, "0.1.60") }), {}) grafana = optional(object({ @@ -126,63 +120,49 @@ variable "versions" { }), {}) istio = optional(object({ - version = optional(string, "1.25.0") - namespace = optional(string, "istio-system") - }), {}) - - k8s_dashboard = optional(object({ - hostname = optional(string, "dashboard") - metrics_scraper = optional(string, "1.0.8") - version = optional(string, "6.0.6") + version = optional(string, "1.28.3") }), {}) karpenter = optional(object({ - helm_chart = optional(string, "1.3.1") - tag = optional(string, "1.3.1") + helm_chart = optional(string, "1.8.5") + tag = optional(string, "1.8.5") }), {}) keycloak = optional(object({ - chart_version = optional(string, "24.4.11") - tag = optional(string, "26.1.3") + chart_version = optional(string, "7.0.1") + tag = optional(string, "26.0.7") hostname = optional(string, "keycloak") database = optional(string, "keycloak") username = optional(string, "keycloak") password = optional(string, "this is my very secure and totally random password horse battery staple now") - postgresql_tag = optional(string, "17.4.0-debian-12-r2") + postgresql_tag = optional(string, "17.4.0-debian-12-r4") }), {}) kiali = optional(object({ - operator_version = optional(string, "2.2.0") + operator_version = optional(string, "2.21.0") }), {}) loki = optional(object({ - chart_version = optional(string, "6.27.0") - tag = optional(string, "3.4.2") - enterprise_logs_provisioner_tag = optional(string, "v1.7.0") - gateway_tag = optional(string, "1.27-alpine") - memcached_tag = optional(string, "1.6.37") - exporter_tag = optional(string, "v0.15.0") - sidecar_tag = optional(string, "1.27.4") - }), {}) - - metrics_server = optional(object({ - helm_chart = optional(string, "3.12.2") - tag = optional(string, "0.7.2") + chart_version = optional(string, "6.49.0") + tag = optional(string, "3.6.3") + enterprise_logs_provisioner_tag = optional(string, "3.6.2") + gateway_tag = optional(string, "1.29.4") + memcached_tag = optional(string, "1.6.40") + exporter_tag = optional(string, "v0.15.3") + sidecar_tag = optional(string, "2.4.0") }), {}) prometheus = optional(object({ - chart_version = optional(string, "27.5.1") - server_tag = optional(string, "v3.2.1") - config_reloader_tag = optional(string, "v0.75.2") - alertmanager_tag = optional(string, "v0.28.0") - kube_state_metrics_tag = optional(string, "v2.15.0") - node_exporter_tag = optional(string, "v1.9.0") - pushgateway_tag = optional(string, "v1.11.0") + chart_version = optional(string, "28.6.0") + server_tag = optional(string, "v3.9.1") + config_reloader_tag = optional(string, "v0.88.0") + alertmanager_tag = optional(string, "v0.30.1") + pushgateway_tag = optional(string, "v1.6.2") }), {}) tempo = optional(object({ - chart_version = optional(string, "1.18.2") - tag = optional(string, "2.7.1") + chart_version = optional(string, "1.24.3") + tag = optional(string, "2.9.1") }), {}) }) default = {} @@ -191,17 +171,15 @@ variable "versions" { variable "namespaces" { description = "Namespace configurations (internal use)" type = object({ - operator_namespace = optional(string, "aoperator") - telemetry_namespace = optional(string, "atelemetry") + operator_namespace = optional(string, "operator") + telemetry_namespace = optional(string, "telemetry") custom_namespaces = optional(map(string), { - cert-manager = "kube-system" - karpenter = "karpenter" - metrics-server = "kube-system" - postgresql = "kube-system" - keycloak = "keycloak" - gogatekeeper = "kube-system" - istio = "istio-system" - kiali = "istio-system" + karpenter = "karpenter" + postgresql = "kube-system" + keycloak = "keycloak" + gogatekeeper = "kube-system" + istio = "istio-system" + kiali = "istio-system" }) }) default = {} @@ -211,7 +189,6 @@ variable "enable_modules" { description = "Map of modules to enable (internal use)" type = object({ gogatekeeper = optional(bool, false) - cert_manager = optional(bool, false) prometheus = optional(bool, false) grafana = optional(bool, false) istio = optional(bool, false)