From 53842a8239e161d1c6b77b3e6ab1e99a896df0da Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 22 Jul 2024 22:38:28 -0400 Subject: [PATCH 1/5] updates --- README.md | 10 +++++++++- copy_images.tf | 7 +++++-- main.tf | 2 +- variables.tf | 5 ++--- version.tf | 2 +- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index a75289c..5738c66 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,15 @@ have a istio proxy configured, prevent communication with that pod.) configuration of which identities are allowed to call services, and which services are allowed to interact with other services. +# CHANGELOG + +* 1.0.2 -- 2024-07-22 + - updated istio chart/app to 1.22.3 + - add force_delete and lifecycle policies to copy_images + - updated version.tf to 1.0.2 + - included module.images in depends on helm charts + - created changelog + ## Requirements | Name | Version | @@ -69,4 +78,3 @@ have a istio proxy configured, prevent communication with that pod.) | Name | Source | Version | |------|--------|---------| | [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | 2.0.2 | - diff --git a/copy_images.tf b/copy_images.tf index d5b94c1..2d1895d 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -25,7 +25,7 @@ locals { } module "images" { - source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/?ref=2.0.2" + source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/?ref=tf-upgrade" profile = var.profile application_name = var.cluster_name @@ -41,5 +41,8 @@ module "images" { region = var.region ## source_password = "" ## source_username = "" -} + enable_lifecycle_policy = true + lifecycle_policy_all = true + force_delete = true +} diff --git a/main.tf b/main.tf index f599126..bdda2d0 100644 --- a/main.tf +++ b/main.tf @@ -62,6 +62,7 @@ data "kubernetes_service" "apiserver" { } resource "helm_release" "base" { + depends_on = [module.images] chart = "base" name = "istio-base" namespace = kubernetes_namespace.ns.metadata[0].name @@ -181,4 +182,3 @@ resource "helm_release" "egress" { value = "ClusterIP" } } - diff --git a/variables.tf b/variables.tf index 42ec972..cbd692a 100644 --- a/variables.tf +++ b/variables.tf @@ -40,14 +40,14 @@ variable "tags" { variable "istio_chart_version" { description = "The version of istio to install into the cluster." type = string - default = "1.18.2" + default = "1.22.3" } # The `APP VERSION` of the output found while determining the chart version variable "istio_version" { description = "The version of istio to install into the cluster." type = string - default = "1.18.2" + default = "1.22.3" } variable "enable_telemetry" { @@ -61,4 +61,3 @@ variable "enable_egress_gateway" { type = bool default = true } - diff --git a/version.tf b/version.tf index e4d9729..27eae9e 100644 --- a/version.tf +++ b/version.tf @@ -1,4 +1,4 @@ locals { _module_name = "tfmod-istio" - _module_version = "1.0.1" + _module_version = "1.0.2" } From 5d18718832541a9b9d794170f655a358fa311930 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 22 Jul 2024 23:49:02 -0400 Subject: [PATCH 2/5] undo --- variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/variables.tf b/variables.tf index cbd692a..9ecb0d7 100644 --- a/variables.tf +++ b/variables.tf @@ -40,14 +40,14 @@ variable "tags" { variable "istio_chart_version" { description = "The version of istio to install into the cluster." type = string - default = "1.22.3" + default = "1.18.2" } # The `APP VERSION` of the output found while determining the chart version variable "istio_version" { description = "The version of istio to install into the cluster." type = string - default = "1.22.3" + default = "1.18.2" } variable "enable_telemetry" { From c4bd94076c0daf57f9b01b8139a00bc761c71cf5 Mon Sep 17 00:00:00 2001 From: mcgin314 Date: Fri, 26 Jul 2024 16:49:28 -0400 Subject: [PATCH 3/5] Upgrade and fixed a few issues deploying --- copy_images.tf | 8 ++++++-- examples/simple/istio.tf | 2 +- examples/simple/simple.auto.tfvars | 4 ++-- main.tf | 19 +++++++++++++++---- variables.tf | 4 ++-- 5 files changed, 26 insertions(+), 11 deletions(-) diff --git a/copy_images.tf b/copy_images.tf index d5b94c1..ce18d9d 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -25,7 +25,7 @@ locals { } module "images" { - source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/?ref=2.0.2" + source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/?ref=tf-upgrade" profile = var.profile application_name = var.cluster_name @@ -38,8 +38,12 @@ module "images" { ## destination_password = "" ## destination_username = "" ## override_prefixes = {} - region = var.region + ## region = var.region ## source_password = "" ## source_username = "" + + enable_lifecycle_policy = true + lifecycle_policy_all = true + force_delete = true } diff --git a/examples/simple/istio.tf b/examples/simple/istio.tf index e618207..2088645 100644 --- a/examples/simple/istio.tf +++ b/examples/simple/istio.tf @@ -1,5 +1,5 @@ module "eks-configuration" { - source = "git@github.it.census.gov:SOA/tfmod-istio.git//?ref=v1.0.1" + source = "../.." region = var.region profile = var.profile diff --git a/examples/simple/simple.auto.tfvars b/examples/simple/simple.auto.tfvars index 9f26d1d..d6bcabb 100644 --- a/examples/simple/simple.auto.tfvars +++ b/examples/simple/simple.auto.tfvars @@ -1,4 +1,4 @@ region = "us-gov-east-1" -profile = "107742151971-do2-govcloud" -cluster_name = "adsd-cumulus-sandbox" +profile = "terraform" +cluster_name = "platform-test-1" diff --git a/main.tf b/main.tf index f599126..eb0a9df 100644 --- a/main.tf +++ b/main.tf @@ -88,11 +88,11 @@ resource "helm_release" "istiod" { } set { name = "global.proxy.image" - value = module.images.images[local.proxy_key].dest_repository + value = module.images.images[local.proxy_key].dest_full_path } set { name = "global.proxy_init.image" - value = module.images.images[local.proxy_key].dest_repository + value = module.images.images[local.proxy_key].dest_full_path } set { @@ -126,11 +126,18 @@ resource "helm_release" "ingress" { name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-type" value = "nlb" } + set { - name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-additional-resource-tags" - value = join(",", [for key, value in local.tags : "${key}=${value}"]) + name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-internal" + type = "string" + value = "true" } + set { + name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-additional-resource-tags" + value = join("\\,", [for key, value in local.tags : "${key}=${value}"]) + } + dynamic "set" { for_each = local.ports @@ -163,6 +170,8 @@ resource "helm_release" "ingress" { value = set.value.port } } + + timeout = 90 } resource "helm_release" "egress" { @@ -180,5 +189,7 @@ resource "helm_release" "egress" { name = "service.type" value = "ClusterIP" } + + timeout = 90 } diff --git a/variables.tf b/variables.tf index 42ec972..d5c3cca 100644 --- a/variables.tf +++ b/variables.tf @@ -40,14 +40,14 @@ variable "tags" { variable "istio_chart_version" { description = "The version of istio to install into the cluster." type = string - default = "1.18.2" + default = "1.22.3" } # The `APP VERSION` of the output found while determining the chart version variable "istio_version" { description = "The version of istio to install into the cluster." type = string - default = "1.18.2" + default = "1.22.3" } variable "enable_telemetry" { From 73135551c3474876c328f65df796a24a867eebc2 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 26 Jul 2024 21:16:06 -0400 Subject: [PATCH 4/5] add _module_providers --- version.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/version.tf b/version.tf index 27eae9e..ae03194 100644 --- a/version.tf +++ b/version.tf @@ -1,4 +1,5 @@ locals { _module_name = "tfmod-istio" _module_version = "1.0.2" + _module_providers = ["helm", "kubernetes"] } From 878b5d1b44c2fe6886e46b7c99e34e14f07eb899 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Tue, 30 Jul 2024 17:27:09 -0400 Subject: [PATCH 5/5] fmt --- README.md | 4 +++- main.tf | 4 ++-- outputs.tf | 1 - version.tf | 3 +-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 5738c66..9dac2b0 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,9 @@ have a istio proxy configured, prevent communication with that pod.) which services are allowed to interact with other services. # CHANGELOG - +* 1.0.3 -- 2024-07-30 + - updated image module + - bumped version * 1.0.2 -- 2024-07-22 - updated istio chart/app to 1.22.3 - add force_delete and lifecycle policies to copy_images diff --git a/main.tf b/main.tf index cd5d0bd..7ea204d 100644 --- a/main.tf +++ b/main.tf @@ -130,7 +130,7 @@ resource "helm_release" "ingress" { set { name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-internal" - type = "string" + type = "string" value = "true" } @@ -138,7 +138,7 @@ resource "helm_release" "ingress" { name = "service.annotations.service\\.beta\\.kubernetes\\.io/aws-load-balancer-additional-resource-tags" value = join("\\,", [for key, value in local.tags : "${key}=${value}"]) } - + dynamic "set" { for_each = local.ports diff --git a/outputs.tf b/outputs.tf index fb00f1d..0349496 100644 --- a/outputs.tf +++ b/outputs.tf @@ -11,4 +11,3 @@ output "module_version" { description = "The version of this module." value = local._module_version } - diff --git a/version.tf b/version.tf index ae03194..888f639 100644 --- a/version.tf +++ b/version.tf @@ -1,5 +1,4 @@ locals { _module_name = "tfmod-istio" - _module_version = "1.0.2" - _module_providers = ["helm", "kubernetes"] + _module_version = "1.0.3" }