data

SCT-Engineering · Mar 17, 2025 · 2542ebd · 2542ebd
1 parent 23cb906
commit 2542ebd
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 64 deletions.
diff --git a/README.md b/README.md
@@ -22,15 +22,14 @@
 |------|--------|---------|
 | <a name="module_images"></a> [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
 | <a name="module_ingress_resources"></a> [ingress\_resources](#module\_ingress\_resources) | git@github.e.it.census.gov:SCT-Engineering/tfmod-istio-service-ingress.git | main |
-| <a name="module_preinstall"></a> [preinstall](#module\_preinstall) | git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//config-job | feature-kiali-baseline |
-| <a name="module_service_account"></a> [service\_account](#module\_service\_account) | git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//service-account | n/a |
 
 ## Resources
 
 | Name | Type |
 |------|------|
 | [helm_release.kiali_operator](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [kubernetes_secret.kiali_grafana](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) | resource |
+| [kubernetes_secret.grafana_admin](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/secret) | data source |
 
 ## Inputs
 
@@ -46,10 +45,10 @@
 | <a name="input_jaeger_internal_url"></a> [jaeger\_internal\_url](#input\_jaeger\_internal\_url) | The url within the cluster to use to query the jaegertracing. | `string` | n/a | yes |
 | <a name="input_kiali_application_version"></a> [kiali\_application\_version](#input\_kiali\_application\_version) | The version of kiali to install | `string` | `"v1.73.0"` | no |
 | <a name="input_kiali_operator_version"></a> [kiali\_operator\_version](#input\_kiali\_operator\_version) | The version of kiali to install | `string` | `"1.73.0"` | no |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace to create and into which the tools are deployed. | `string` | `"istio-tools"` | no |
-| <a name="input_operator_namespace"></a> [operator\_namespace](#input\_operator\_namespace) | The namespace into which all operators are to be deployed. | `string` | n/a | yes |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace to create and into which the tools are deployed. | `string` | `"namespace"` | no |
 | <a name="input_profile"></a> [profile](#input\_profile) | The AWS\_PROFILE to use while running the scripts. | `string` | `""` | no |
 | <a name="input_prometheus_internal_url"></a> [prometheus\_internal\_url](#input\_prometheus\_internal\_url) | The url within the cluster to use to query the prometheus server. | `string` | n/a | yes |
+| <a name="input_service_name"></a> [service\_name](#input\_service\_name) | The name of the service for Kiali. | `string` | `"kiali"` | no |
 
 ## Outputs
 

diff --git a/main.tf b/main.tf
@@ -1,42 +1,31 @@
 locals {
 
-  internal_hostname    = format("%v.%v.svc.cluster.local", kubernetes_namespace.ns.metadata[0].name, local.service_name)
+  internal_hostname    = format("%v.%v.svc.cluster.local", var.service_name, var.namespace)
   internal_port_number = "20001"
   internal_url         = format("https://%s:%s/", local.internal_hostname, local.internal_port_number)
 
-  grafana_secret_name  = "kiali"
-  grafana_password_key = "grafana_password"
-
-  preinstall_script = <<CONFIG
-wait_for_istio_ready() {
-  local retries http_code
-  echo "$(timestamp) : Waiting to make sure istio-proxy is in ready state..."
-  retries=30
-  http_code="$(istio_proxy_health)"
-  while [ "$http_code" != "200" ] && [ $retries -gt 0 ]; do
-    sleep 2
-    retries=$(( retries - 1 ))
-    http_code="$(istio_proxy_health)"
-  done
-  echo "wait_for_istio_ready = $http_code"
+  public_domain = format("%v.%v", var.cluster_name, var.cluster_domain)
 }
-wait_for_istio_ready
-ensure_secret ${local.grafana_secret_name} ${local.grafana_password_key} "$(kubectl -n ${var.grafana_namespace} get secret ${var.grafana_secret_name} -o jsonpath='{.data.admin-password}' | base64 -d)"
-CONFIG
 
-  public_domain = format("%v.%v", var.cluster_name, var.cluster_domain)
-  service_name  = var.namespace
+data "kubernetes_secret" "grafana_admin" {
+  metadata {
+    name      = var.grafana_secret_name
+    namespace = var.grafana_namespace
+  }
 }
 
-resource "kubernetes_namespace" "ns" {
+resource "kubernetes_secret" "kiali_grafana" {
   metadata {
-    name = var.namespace
-    labels = {
-      istio-injection = "enabled"
-    }
+    name      = "kiali"
+    namespace = var.namespace
+  }
+
+  data = {
+    grafana_password = data.kubernetes_secret.grafana_admin.data["admin-password"]
   }
 }
 
+
 # data "kubernetes_namespace" "keycloak" {
 #   count = local.have_keycloak ? 1 : 0
 
@@ -45,31 +34,12 @@ resource "kubernetes_namespace" "ns" {
 #   }
 # }
 
-module "service_account" {
-  # tflint-ignore: terraform_module_pinned_source
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//service-account"
-
-  namespace            = kubernetes_namespace.ns.metadata[0].name
-  read_only_namespaces = ["grafana"]
-}
-
-module "preinstall" {
-  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//config-job?ref=feature-kiali-baseline"
-
-  profile              = var.profile
-  cluster_name         = var.cluster_name
-  namespace            = kubernetes_namespace.ns.metadata[0].name
-  service_account_name = module.service_account.service_account_name
-  job_name             = "istio-tools-config-job"
-  config_script        = local.preinstall_script
-}
-
 resource "helm_release" "kiali_operator" {
-  depends_on = [module.images]
+  depends_on = [module.images, kubernetes_secret.kiali_grafana]
   chart      = "kiali-operator"
   version    = var.kiali_operator_version
   name       = "kiali-operator"
-  namespace  = kubernetes_namespace.ns.metadata[0].name
+  namespace  = var.namespace
   repository = "https://kiali.org/helm-charts"
 
   set {
@@ -87,7 +57,7 @@ resource "helm_release" "kiali_operator" {
 
   set {
     name  = "watchNamespace"
-    value = var.operator_namespace
+    value = var.istio_namespace
   }
   set {
     name  = "env[0].name"
@@ -103,7 +73,7 @@ resource "helm_release" "kiali_operator" {
   }
   set {
     name  = "publicHostname"
-    value = local.service_name
+    value = var.service_name
   }
   set {
     name  = "publicDomain"
@@ -153,7 +123,7 @@ resource "helm_release" "kiali_operator" {
 
 #   chart      = "kiali"
 #   name       = "kiali"
-#   namespace  = kubernetes_namespace.ns.metadata[0].name
+#   namespace  = var.namespace
 #   repository = "./charts"
 #   # repository = "${path.module}/charts"
 
@@ -276,9 +246,9 @@ resource "helm_release" "kiali_operator" {
 module "ingress_resources" {
   # tflint-ignore: terraform_module_pinned_source
   source            = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio-service-ingress.git?ref=main"
-  public_hostname   = local.service_name
+  public_hostname   = var.service_name
   public_domain     = local.public_domain
-  service_name      = local.service_name
-  service_namespace = kubernetes_namespace.ns.metadata[0].name
+  service_name      = var.service_name
+  service_namespace = var.namespace
   service_port      = local.internal_port_number
 }
diff --git a/variables.tf b/variables.tf
@@ -17,7 +17,7 @@ variable "cluster_domain" {
 variable "namespace" {
   description = "The namespace to create and into which the tools are deployed."
   type        = string
-  default     = "istio-tools"
+  default     = "namespace"
 }
 
 variable "istio_namespace" {
@@ -26,11 +26,6 @@ variable "istio_namespace" {
   default     = "istio-system"
 }
 
-variable "operator_namespace" {
-  description = "The namespace into which all operators are to be deployed."
-  type        = string
-}
-
 variable "grafana_namespace" {
   description = "The namespace holding the grafana instance, used to look up the grafana password."
   type        = string
@@ -87,3 +82,9 @@ variable "kiali_application_version" {
   type        = string
   default     = "v1.73.0"
 }
+
+variable "service_name" {
+  description = "The name of the service for Kiali."
+  type        = string
+  default     = "kiali"
+}