diff --git a/.cz.yaml b/.cz.yaml
new file mode 100644
index 0000000..b1981ec
--- /dev/null
+++ b/.cz.yaml
@@ -0,0 +1,8 @@
+---
+commitizen:
+ major_version_zero: true
+ name: cz_gitmoji
+ tag_format: $version
+ update_changelog_on_bump: true
+ version_provider: scm
+ version_scheme: semver2
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..867570d
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+ - package-ecosystem: "terraform" # See documentation for possible values
+ directory: "/" # Location of package manifests
+ schedule:
+ interval: "daily"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..6bfca7a
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,99 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.6.0
+ hooks:
+ # Git style
+ - id: check-added-large-files
+ - id: check-merge-conflict
+ - id: check-vcs-permalinks
+ - id: forbid-new-submodules
+ - id: no-commit-to-branch
+
+ # Common errors
+ - id: end-of-file-fixer
+ - id: trailing-whitespace
+ args: [--markdown-linebreak-ext=md]
+ exclude: CHANGELOG.md
+ - id: check-yaml
+ - id: check-merge-conflict
+ - id: check-executables-have-shebangs
+
+ # Cross platform
+ - id: check-case-conflict
+ - id: mixed-line-ending
+ args: [--fix=lf]
+
+ # Security
+ - id: detect-aws-credentials
+ args: ['--allow-missing-credentials']
+ - id: detect-private-key
+
+# JSON5 Linter
+- repo: https://github.com/pre-commit/mirrors-prettier
+ rev: v4.0.0-alpha.8
+ hooks:
+ - id: prettier
+ # https://prettier.io/docs/en/options.html#parser
+ files: '.json5$'
+
+# Terraform Hooks
+- repo: https://github.com/antonbabenko/pre-commit-terraform
+ rev: v1.92.1 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
+ hooks:
+ - id: terraform_fmt
+ args:
+ - --hook-config=--parallelism-ci-cpu-cores=2
+ - id: terraform_docs
+ args:
+ - --hook-config=--parallelism-ci-cpu-cores=2
+ - id: terraform_tflint
+ name: Terraform validate with tflint
+ description: Validates all Terraform configuration files with TFLint.
+ require_serial: true
+ entry: hooks/terraform_tflint.sh
+ language: script
+ files: (\.tf|\.tfvars)$
+ exclude: \.(terraform/.*|terragrunt-cache)$
+ args:
+ - --hook-config=--parallelism-ci-cpu-cores=2
+ - id: terragrunt_fmt
+ name: Terragrunt fmt
+ description: Rewrites all Terragrunt configuration files to a canonical format.
+ entry: hooks/terragrunt_fmt.sh
+ language: script
+ files: (\.hcl)$
+ exclude: \.(terraform/.*|terragrunt-cache)$
+ args:
+ - --hook-config=--parallelism-ci-cpu-cores=2
+ # - id: terragrunt_validate
+ # name: Terragrunt validate
+ # description: Validates all Terragrunt configuration files.
+ # entry: hooks/terragrunt_validate.sh
+ # language: script
+ # files: (\.hcl)$
+ # exclude: \.(terraform/.*|terragrunt-cache)$
+ # args:
+ # - --hook-config=--parallelism-ci-cpu-cores=2
+ # - id: terragrunt_validate_inputs
+ # name: Terragrunt validate inputs
+ # description: Validates Terragrunt unused and undefined inputs.
+ # entry: hooks/terragrunt_validate_inputs.sh
+ # language: script
+ # files: (\.hcl)$
+ # exclude: \.(terraform/.*|terragrunt-cache)$
+ # args:
+ # - --hook-config=--parallelism-ci-cpu-cores=2
+ # - id: terragrunt_providers_lock
+ # name: Terragrunt providers lock
+ # description: Updates provider signatures in dependency lock files using terragrunt.
+ # entry: hooks/terragrunt_providers_lock.sh
+ # language: script
+ # files: (terragrunt|\.terraform\.lock)\.hcl$
+ # exclude: \.(terraform/.*|terragrunt-cache)$
+ # args:
+ # - --hook-config=--parallelism-ci-cpu-cores=2
+
+- repo: https://github.com/ljnsn/cz-conventional-gitmoji
+ rev: v0.3.2
+ hooks:
+ - id: conventional-gitmoji
diff --git a/.releaserc.json b/.releaserc.json
new file mode 100644
index 0000000..6e39031
--- /dev/null
+++ b/.releaserc.json
@@ -0,0 +1,36 @@
+{
+ "branches": [
+ "main",
+ "master"
+ ],
+ "ci": false,
+ "plugins": [
+ "@semantic-release/commit-analyzer",
+ "@semantic-release/release-notes-generator",
+ [
+ "@semantic-release/github",
+ {
+ "successComment":
+ "This ${issue.pull_request ? 'PR is included' : 'issue has been resolved'} in version ${nextRelease.version} :tada:",
+ "labels": false,
+ "releasedLabels": false
+ }
+ ],
+ [
+ "@semantic-release/changelog",
+ {
+ "changelogFile": "CHANGELOG.md",
+ "changelogTitle": "# Changelog\n\nAll notable changes to this project will be documented in this file."
+ }
+ ],
+ [
+ "@semantic-release/git",
+ {
+ "assets": [
+ "CHANGELOG.md"
+ ],
+ "message": "chore(release): version ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+ }
+ ]
+ ]
+}
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
new file mode 100644
index 0000000..fabfb8d
--- /dev/null
+++ b/.terraform-docs.yml
@@ -0,0 +1,44 @@
+formatter: markdown table
+
+header-from: main.tf
+footer-from: ""
+
+sections:
+## hide: []
+ show:
+ - data-sources
+ - header
+ - footer
+ - inputs
+ - modules
+ - outputs
+ - providers
+ - requirements
+ - resources
+
+output:
+ file: README.md
+ mode: inject
+ template: |-
+
+ {{ .Content }}
+
+
+output-values:
+ enabled: false
+ from: ""
+
+sort:
+ enabled: true
+ by: name
+
+settings:
+ anchor: true
+ color: true
+ default: true
+ description: true
+ escape: true
+ indent: 2
+ required: true
+ sensitive: true
+ type: true
diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 0000000..30b0d2c
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,29 @@
+config {
+ module = true
+ force = false
+ disabled_by_default = false
+
+ # ignore_module = {
+ # "terraform-aws-modules/vpc/aws" = true
+ # "terraform-aws-modules/security-group/aws" = true
+ # }
+
+ # varfile = ["example1.tfvars", "example2.tfvars"]
+ # variables = ["foo=bar", "bar=[\"baz\"]"]
+}
+
+rule "aws_instance_invalid_type" {
+ enabled = true
+}
+
+plugin "aws" {
+ enabled = true
+ version = "0.32.0"
+ source = "github.com/terraform-linters/tflint-ruleset-aws"
+}
+
+plugin "terraform" {
+ enabled = true
+ version = "0.9.0"
+ source = "github.com/terraform-linters/tflint-ruleset-terraform"
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..e8028ed
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,14 @@
+## Unreleased
+
+### Fix
+
+- **main.tf**: add operators ns here
+
+
+# CHANGELOG
+* 0.0.2 -- 2024-07-30
+ - remove cluster-autoscaler (using karpenter)
+* 0.0.1 -- 2024-07-22
+ - updated version.tf to 0.0.1
+ - included module.images in depends on helm charts
+ - created changelog
diff --git a/README.md b/README.md
index d09c11c..30e6e54 100644
--- a/README.md
+++ b/README.md
@@ -16,14 +16,27 @@ The module configures an eks cluster with additional components after the cluste
When selecting which version of the cluster-autoscaler to install, use the one that is closest to the same version as the `cluster_version` or slightly higher.
The cluster-autoscaler uses the kuberentes scheduling algorithm to appropriate scale the cluster, and if the autoscaler version sufficiently divirges from the kubernetes version, the autoscaler will scale the node groups incorrectly.
+A successful apply will yield:
+Apply complete! Resources: 14 added, 0 changed, 0 destroyed.
+Outputs:
+kubectl_image_full_path = "224384469011.dkr.ecr.us-gov-east-1.amazonaws.com/platform-eng-eks-mcm/kubectl:1.27.14"
+kubectl_image_registry = "224384469011.dkr.ecr.us-gov-east-1.amazonaws.com"
+kubectl_image_repository = "platform-eng-eks-mcm/kubectl"
+kubectl_image_tag = "1.27.14"
+module_name = "tfmod-eks-configuration"
+module_version = "0.0.2"
+rwo_storage_class = "gp3-encrypted"
+rwx_storage_class = "efs"
+real 2m4.048s
+user 0m23.112s
+sys 0m3.855s
+
+A successful destroy will yield:
+Destroy complete! Resources: 14 destroyed.
+real 0m43.539s
+user 0m17.060s
+sys 0m2.015s
-# CHANGELOG
-* 0.0.2 -- 2024-07-30
- - remove cluster-autoscaler (using karpenter)
-* 0.0.1 -- 2024-07-22
- - updated version.tf to 0.0.1
- - included module.images in depends on helm charts
- - created changelog
## Requirements
@@ -101,4 +114,4 @@ The cluster-autoscaler uses the kuberentes scheduling algorithm to appropriate s
| [module\_version](#output\_module\_version) | The version of this module. |
| [rwo\_storage\_class](#output\_rwo\_storage\_class) | Kubernetes storage class that supports read/write once. |
| [rwx\_storage\_class](#output\_rwx\_storage\_class) | Kubernetes storage class that supports read/write many. |
-
\ No newline at end of file
+
diff --git a/main.tf b/main.tf
index 583581d..bb47672 100644
--- a/main.tf
+++ b/main.tf
@@ -26,8 +26,7 @@ resource "kubernetes_storage_class" "gp3_encrypted" {
fsType = "ext4"
type = "gp3"
encrypted = "true"
- # kms_key_id = data.aws_kms_key.ebs_key.arn
- kmsKeyId = data.aws_kms_key.ebs_key.arn
+ kmsKeyId = data.aws_kms_key.ebs_key.arn
}
storage_provisioner = "ebs.csi.aws.com"
reclaim_policy = "Delete"
@@ -46,8 +45,7 @@ resource "kubernetes_storage_class" "ebs_encrypted" {
fsType = "ext4"
type = "gp2"
encrypted = "true"
- # kms_key_id = data.aws_kms_key.ebs_key.arn
- kmsKeyId = data.aws_kms_key.ebs_key.arn
+ kmsKeyId = data.aws_kms_key.ebs_key.arn
}
storage_provisioner = "kubernetes.io/aws-ebs"
reclaim_policy = "Delete"
@@ -84,3 +82,9 @@ resource "kubernetes_storage_class" "efs-sc" {
}
mount_options = ["tls"]
}
+
+resource "kubernetes_namespace" "operators" {
+ metadata {
+ name = var.operators_ns
+ }
+}