-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
62 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| provider "aws" { | ||
| region = var.region | ||
|
|
||
| default_tags { | ||
| tags = { | ||
| "boc:tf_module_name" = local.module_name | ||
| "boc:tf_module_version" = local.module_version | ||
| } | ||
| } | ||
| } | ||
|
|
||
| provider "kubernetes" { | ||
| experiments { | ||
| manifest_resource = true | ||
| } | ||
| } | ||
|
|
||
| provider "helm" { | ||
| kubernetes { | ||
| # Configuration will be loaded from KUBECONFIG environment variable | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,48 +1,82 @@ | ||
| variable "cluster_name" { | ||
| description = "EKS cluster name name component used through out the EKS cluster describing its purpose (ex: dice-dev)" | ||
| type = string | ||
| } | ||
|
|
||
| # tflint-ignore: terraform_unused_declarations | ||
| variable "region" { | ||
| description = "AWS region" | ||
| type = string | ||
| validation { | ||
| condition = can(regex("^[a-zA-Z][a-zA-Z0-9-]*$", var.cluster_name)) && length(var.cluster_name) <= 100 | ||
| error_message = "Cluster name must start with a letter, can only contain letters, numbers, and hyphens, and must be no longer than 100 characters." | ||
| } | ||
| } | ||
|
|
||
| variable "vpc_id" { | ||
| description = "Specify the VPC id that is used by this cluster" | ||
| type = string | ||
| validation { | ||
| condition = can(regex("^vpc-[a-f0-9]{8,}$", var.vpc_id)) | ||
| error_message = "VPC ID must be a valid vpc-* identifier." | ||
| } | ||
| } | ||
|
|
||
| variable "subnets" { | ||
| description = "Specify the subnets used by this cluster" | ||
| type = list(string) | ||
| validation { | ||
| condition = length(var.subnets) >= 2 | ||
| error_message = "At least 2 subnets must be specified for high availability." | ||
| } | ||
| validation { | ||
| condition = alltrue([for s in var.subnets : can(regex("^subnet-[a-f0-9]{8,}$", s))]) | ||
| error_message = "All subnet IDs must be valid subnet-* identifiers." | ||
| } | ||
| } | ||
|
|
||
| variable "security_group_all_worker_mgmt_id" { | ||
| description = "The security group representing all of the worker nodes in the cluster." | ||
| type = string | ||
| validation { | ||
| condition = can(regex("^sg-[a-f0-9]{8,}$", var.security_group_all_worker_mgmt_id)) | ||
| error_message = "Security group ID must be a valid sg-* identifier." | ||
| } | ||
| } | ||
|
|
||
| variable "operators_ns" { | ||
| description = "Namespace to create where operators will be installed." | ||
| type = string | ||
| default = "operators" | ||
| validation { | ||
| condition = can(regex("^[a-z0-9][-a-z0-9]*[a-z0-9]$", var.operators_ns)) && length(var.operators_ns) <= 63 | ||
| error_message = "Namespace must be a valid k8s namespace name: start with alphanumeric, contain only lowercase alphanumeric and hyphens, end with alphanumeric, and be no longer than 63 characters." | ||
| } | ||
| } | ||
|
|
||
| variable "tag_costallocation" { | ||
| description = "Tag CostAllocation (default)" | ||
| type = string | ||
| default = "csvd:infrastructure" | ||
| validation { | ||
| condition = can(regex("^[\\w\\s+=.@-]+:[\\w\\s+=.@-]+$", var.tag_costallocation)) | ||
| error_message = "Cost allocation tag must be in format 'key:value' and can only contain alphanumeric characters, spaces, and '.+-=@_'." | ||
| } | ||
| } | ||
|
|
||
| variable "tags" { | ||
| description = "AWS Tags to apply to appropriate resources" | ||
| type = map(string) | ||
| default = {} | ||
| validation { | ||
| condition = length(var.tags) <= 45 | ||
| error_message = "Maximum number of tags allowed is 45." | ||
| } | ||
| validation { | ||
| condition = alltrue([for k, v in var.tags : length(k) <= 128 && length(v) <= 256 && can(regex("^[\\w\\s+=.@-]*$", k)) && can(regex("^[\\w\\s+=.@-]*$", v))]) | ||
| error_message = "Tag keys must be <= 128 chars, values <= 256 chars, and both can only contain alphanumeric characters, spaces, and '.+-=@_'." | ||
| } | ||
| } | ||
|
|
||
| variable "release_version" { | ||
| description = "The version of helm charts to use" | ||
| type = string | ||
| validation { | ||
| condition = can(regex("^\\d+\\.\\d+\\.\\d+(-[a-zA-Z0-9]+)*$", var.release_version)) | ||
| error_message = "Release version must be in semantic versioning format (e.g., 1.2.3 or 1.2.3-alpha)." | ||
| } | ||
| } |