diff --git a/README.md b/README.md index 0b51d07..1f482c0 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,37 @@ output "repository_url" { } ``` +### Update an Existing Repository on a PR Branch + +Use this mode when the cluster repository already exists and you only want to update managed files on a branch for a pull request. + +```hcl +module "eks_deployment" { + source = "../../" + + name = "csvd-dev-mcm" + organization = "SCT-Engineering" + create_repository = false + files_branch = "update/csvd-dev-mcm" + + environment = "dev" + region = "us-gov-east-1" + + cluster_config = { + account_name = "csvd-dev-gov" + aws_account_id = "229685449397" + environment_abbr = "dev" + vpc_name = "vpc2-csvd-dev" + vpc_domain_name = "dev.csvd.csp1.census.gov" + cluster_mailing_list = "matthew.c.morgan@census.gov" + } +} +``` + +If `files_branch` does not already exist, create it first from your default branch, then run `terraform apply`. + +By default, this module now attempts to create `files_branch` automatically when `create_repository = false`, using the repository default branch as the source. You can override the source with `files_branch_source_branch`. + ## Generated Files The module automatically generates the following files in your new repository: diff --git a/examples/adsd-tools-dev/main.tf b/examples/adsd-tools-dev/main.tf index 1f072fc..be56914 100644 --- a/examples/adsd-tools-dev/main.tf +++ b/examples/adsd-tools-dev/main.tf @@ -19,15 +19,15 @@ module "eks_deployment" { # Cluster configuration - simplified interface cluster_config = { - account_name = "adsd-tools-nonprod-gov" - aws_account_id = "533109815932" - cluster_mailing_list = "adsd.enterprise.tools.support.branch.list@census.gov" - environment_abbr = "prod" + account_name = "adsd-tools-nonprod-gov" + aws_account_id = "533109815932" + cluster_mailing_list = "adsd.enterprise.tools.support.branch.list@census.gov" + environment_abbr = "prod" finops_project_name = "adsd_etdsb_tools_migration" - finops_project_number = "fs0000000069" - finops_project_role = "adsd_tools_mgrn_eks" - vpc_domain_name = "dev.adsd.csp1.census.gov" - vpc_name = "vpc3-inf-dev" + finops_project_number = "fs0000000069" + finops_project_role = "adsd_tools_mgrn_eks" + vpc_domain_name = "dev.adsd.csp1.census.gov" + vpc_name = "vpc3-inf-dev" tags = { Owner = "adsd.enterprise.tools.support.branch.list@census.gov" Environment = "development" diff --git a/examples/basic/main.tf b/examples/basic/main.tf index c2f6672..02c1152 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -19,15 +19,15 @@ module "eks_deployment" { # Cluster configuration - simplified interface cluster_config = { - account_name = "ma6-gov" - aws_account_id = "252960665057" - cluster_mailing_list = "adep.mojo.development.list@census.gov" - environment_abbr = "dev" + account_name = "ma6-gov" + aws_account_id = "252960665057" + cluster_mailing_list = "adep.mojo.development.list@census.gov" + environment_abbr = "dev" finops_project_name = "PPSI_DICE" - finops_project_number = "fs0000000015" - finops_project_role = "dice:dev:mojo" - vpc_domain_name = "dev.dice.census.gov" - vpc_name = "vpc2-dice-dev" + finops_project_number = "fs0000000015" + finops_project_role = "dice:dev:mojo" + vpc_domain_name = "dev.dice.census.gov" + vpc_name = "vpc2-dice-dev" tags = { Owner = "PETeam" Environment = "Development" diff --git a/examples/csvd-dev-mcm/main.tf b/examples/csvd-dev-mcm/main.tf index 2d76ae0..3da1012 100644 --- a/examples/csvd-dev-mcm/main.tf +++ b/examples/csvd-dev-mcm/main.tf @@ -13,21 +13,24 @@ module "eks_deployment" { source = "../../" # Repository and cluster configuration - single name for both - name = "csvd-dev-mcm" - environment = "dev" - region = "us-gov-east-1" + name = "csvd-dev-mcm" + organization = "SCT-Engineering" + create_repository = false + files_branch = "update/csvd-dev-mcm" + environment = "dev" + region = "us-gov-east-1" # Cluster configuration - simplified interface cluster_config = { - account_name = "csvd-dev-gov" - aws_account_id = "229685449397" - cluster_mailing_list = "matthew.c.morgan@census.gov" - environment_abbr = "dev" + account_name = "csvd-dev-gov" + aws_account_id = "229685449397" + cluster_mailing_list = "matthew.c.morgan@census.gov" + environment_abbr = "dev" finops_project_name = "csvd_platformbaseline" - finops_project_number = "fs0000000078" - finops_project_role = "csvd_platformbaseline_eks" - vpc_domain_name = "dev.csvd.csp1.census.gov" - vpc_name = "vpc2-csvd-dev" + finops_project_number = "fs0000000078" + finops_project_role = "csvd_platformbaseline_eks" + vpc_domain_name = "dev.csvd.csp1.census.gov" + vpc_name = "vpc2-csvd-dev" tags = { Owner = "matthew.c.morgan@census.gov" Environment = "development" diff --git a/examples/csvd-lab-mcm/main.tf b/examples/csvd-lab-mcm/main.tf index a38f90a..d5b0d2a 100644 --- a/examples/csvd-lab-mcm/main.tf +++ b/examples/csvd-lab-mcm/main.tf @@ -19,15 +19,15 @@ module "eks_deployment" { # Cluster configuration - simplified interface cluster_config = { - account_name = "lab-dev-gov" - aws_account_id = "224384469011" - cluster_mailing_list = "matthew.c.morgan@census.gov" - environment_abbr = "dev" + account_name = "lab-dev-gov" + aws_account_id = "224384469011" + cluster_mailing_list = "matthew.c.morgan@census.gov" + environment_abbr = "dev" finops_project_name = "csvd_platformbaseline" - finops_project_number = "fs0000000078" - finops_project_role = "csvd_platformbaseline_eks" - vpc_domain_name = "dev.lab.csp2.census.gov" - vpc_name = "vpc3-lab-dev" + finops_project_number = "fs0000000078" + finops_project_role = "csvd_platformbaseline_eks" + vpc_domain_name = "dev.lab.csp2.census.gov" + vpc_name = "vpc3-lab-dev" tags = { Owner = "matthew.c.morgan@census.gov" Environment = "development" diff --git a/locals.tf b/locals.tf index fc17610..4cb50a7 100644 --- a/locals.tf +++ b/locals.tf @@ -11,9 +11,7 @@ locals { # First define base namespaces without dependencies base_namespaces = { - cert-manager = "kube-system" karpenter = "karpenter" - metrics-server = "kube-system" postgresql = "kube-system" keycloak = "keycloak" gogatekeeper = "kube-system" @@ -58,8 +56,6 @@ locals { tf_version = var.versions.tf_version # Component versions - cert_manager_version = var.versions.cert_manager.version - cert_manager_helm_chart = var.versions.cert_manager.chart_version cluster_issuer_name = var.versions.cert_manager.cluster_issuer_name gogatekeeper_tag = var.versions.gogatekeeper.tag @@ -74,10 +70,6 @@ locals { istio_version = var.versions.istio.version istio_namespace = var.versions.istio.namespace - dashboard_hostname = var.versions.k8s_dashboard.hostname - k8s_dashboard_metrics_scraper = var.versions.k8s_dashboard.metrics_scraper - k8s_dashboard_version = var.versions.k8s_dashboard.version - karpenter_helm_chart = var.versions.karpenter.helm_chart karpenter_tag = var.versions.karpenter.tag @@ -100,9 +92,6 @@ locals { exporter_tag = var.versions.loki.exporter_tag sidecar_tag = var.versions.loki.sidecar_tag - metrics_server_helm_chart = var.versions.metrics_server.helm_chart - metrics_server_tag = var.versions.metrics_server.tag - prometheus_chart_version = var.versions.prometheus.chart_version prometheus_server_tag = var.versions.prometheus.server_tag prometheus_config_reloader_tag = var.versions.prometheus.config_reloader_tag diff --git a/main.tf b/main.tf index 2400cf3..44c5d2d 100644 --- a/main.tf +++ b/main.tf @@ -73,17 +73,33 @@ locals { } } +data "github_repository" "existing_repo" { + count = !var.create_repository && var.files_branch != null ? 1 : 0 + full_name = "${var.organization}/${var.name}" +} + +resource "github_branch" "files_branch" { + count = !var.create_repository && var.files_branch != null ? 1 : 0 + repository = data.github_repository.existing_repo[0].name + branch = var.files_branch + source_branch = var.files_branch_source_branch != null ? var.files_branch_source_branch : data.github_repository.existing_repo[0].default_branch +} + module "github_repo" { source = "git::git@github.e.it.census.gov:CSVD/terraform-github-repo.git" name = var.name repo_org = var.organization + create_repo = var.create_repository + create_codeowners = var.create_repository + enforce_prs = var.create_repository + files_branch = var.files_branch github_repo_description = "EKS Cluster Configuration for ${var.name}" github_repo_topics = ["eks", "kubernetes", "terraform", "infrastructure"] force_name = var.force_name - template_repo_org = local.repository_defaults.template_owner - template_repo = local.repository_defaults.template + template_repo_org = var.create_repository ? local.repository_defaults.template_owner : null + template_repo = var.create_repository ? local.repository_defaults.template : null github_is_private = false github_has_issues = true @@ -106,6 +122,10 @@ module "github_repo" { bypass_rules = false } ] + + depends_on = [ + github_branch.files_branch + ] } # The EKS deployment logic will go here, and will be skipped if create_repository is true. diff --git a/templates/README.md.tf.tpl b/templates/README.md.tf.tpl index 75175a8..795e8f2 100644 --- a/templates/README.md.tf.tpl +++ b/templates/README.md.tf.tpl @@ -1,4 +1,4 @@ -# EKS Cluster Configuration - ${upper(environment)} +# EKS Cluster Configuration - ${upper(cluster_name)} - ${upper(environment)} This EKS cluster configuration was generated using Terraform and the terraform-eks-deployment module. @@ -28,7 +28,7 @@ To apply this configuration: 3. Deploy additional modules as needed: ``` - cd ../eks-cert-manager + cd ../eks-cconfig terragrunt init terragrunt plan terragrunt apply diff --git a/templates/account.hcl.tf.tpl b/templates/account.hcl.tf.tpl index 83d3336..828d8b1 100644 --- a/templates/account.hcl.tf.tpl +++ b/templates/account.hcl.tf.tpl @@ -7,5 +7,5 @@ locals { aws_account_id = "${aws_account_id}" aws_profile = format("%v-%v", local.aws_account_id, replace(local.account_name, "-ew", "-gov")) environment = "${environment}" - environment_abbr = "${environment_abbr}" + environment_abbr = local.environment_abbr == 'lab' ? 'lab' : 'prod' } diff --git a/templates/default-versions.hcl b/templates/default-versions.hcl index 60f3cd4..f3f2dc7 100644 --- a/templates/default-versions.hcl +++ b/templates/default-versions.hcl @@ -51,13 +51,6 @@ locals { istio_namespace = "${istio_namespace}" istio_version = "${istio_version}" - ################ - # k8s-dashboard - ################ - dashboard_hostname = "${dashboard_hostname}" - k8s_dashboard_metrics_scraper = "${k8s_dashboard_metrics_scraper}" - k8s_dashboard_version = "${k8s_dashboard_version}" - ################ # Karpenter ################ @@ -92,12 +85,6 @@ locals { exporter_tag = "${exporter_tag}" sidecar_tag = "${sidecar_tag}" - ################ - # Metrics Server - ################ - metrics_server_helm_chart = "${metrics_server_helm_chart}" - metrics_server_tag = "${metrics_server_tag}" - ################ # Prometheus ################ diff --git a/variables.tf b/variables.tf index 8c7859a..349eb0f 100644 --- a/variables.tf +++ b/variables.tf @@ -255,5 +255,17 @@ variable "tags" { variable "create_repository" { description = "If true, a GitHub repository will be created and configured (internal use)" type = bool - default = false + default = true +} + +variable "files_branch" { + description = "Branch to manage generated files on. Set to an existing branch (for example, update/csvd-dev-mcm) to support PR workflows." + type = string + default = null +} + +variable "files_branch_source_branch" { + description = "Source branch used when creating files_branch for existing repositories. Defaults to the repository default branch." + type = string + default = null } \ No newline at end of file