From 31a03f7dcff41788b62a19a698d28e4dc5295eb8 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 23 Dec 2021 14:03:54 -0500 Subject: [PATCH 1/4] update pre-commit --- .pre-commit-config.yaml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index dda5778..c2384ab 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,20 +1,22 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.48.0 + rev: v1.62.1 hooks: # - id: terraform_validate - id: terraform_fmt - exclude: examples - - id: terraform_docs_replace - args: ['table'] - exclude: common/*.tf +# - id: terraform_docs_replace +# args: ['table'] + - id: terraform_docs + args: + - --args=--config=.terraform-docs.yml exclude: version.tf - exclude: examples + exclude: examples/ - id: terraform_tflint args: [ "--args=--config=__GIT_WORKING_DIR__/.tflint.hcl"] - exclude: examples + exclude: examples/ + - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.4.0 + rev: v4.0.1 hooks: - id: check-symlinks - id: detect-aws-credentials From c05331afde41b623c98007a99c9bd936912b49f0 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 23 Dec 2021 14:04:39 -0500 Subject: [PATCH 2/4] add .terraform-docs.yml --- .terraform-docs.yml | 45 +++++++++++++++++++++++++++++++++++++++++++++ CHANGELOG.md | 8 ++++++++ README.md | 32 ++++++++++++++++++++++++++++++++ common/version.tf | 2 +- 4 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 .terraform-docs.yml diff --git a/.terraform-docs.yml b/.terraform-docs.yml new file mode 100644 index 0000000..418f24a --- /dev/null +++ b/.terraform-docs.yml @@ -0,0 +1,45 @@ +formatter: markdown table + +header-from: main.tf +footer-from: "" + +sections: +## hide: [] + show: + - data-sources + - header + - footer + - inputs + - modules + - outputs + - providers + - requirements + - resources + +output: + file: README.md + mode: replace +# mode: inject +# template: |- +# +# {{ .Content }} +# + +## output-values: +## enabled: false +## from: "" +## +## sort: +## enabled: true +## by: name +## +## settings: +## anchor: true +## color: true +## default: true +## description: false +## escape: true +## indent: 2 +## required: true +## sensitive: true +## type: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 48c832e..6f92f4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Versions +## Version 1.x + * v1.0.0 -- 2021-10-14 - patch-aws-auth module creation +## Version 2.x + +* v2.0.0 -- 20211223 + - add providers for tf 0.13+ + + diff --git a/README.md b/README.md index e69de29..6bd377d 100644 --- a/README.md +++ b/README.md @@ -0,0 +1,32 @@ +# aws-eks + +This contains a list of submodules used for building an EKS cluster. There are also some examples which can be used +as a starting point for building a cluster. + +* Submodules + * [patch-aws-auth](#patch-aws-auth): update `aws-auth ConfigMap` + +* Submodules Planned + * dns-zone + * efs + * cluster-iam-policies + * cluster-iam-roles + * irsa-role + * cluster-role + * common-services, most likely split into a module for each of the common services + +* Examples + * established-cluster-examples + * full-cluster + +# Submodules +## [patch-aws-auth](patch-aws-auth/) + +This submodule allows for an easy patching of the `aws-auth ConfigMap`, which is used to map IAM users and roles to specific +Kubernetes groups, roles, and cluster roles. + +# Examples + +## established-cluster-examples +## full-cluster + diff --git a/common/version.tf b/common/version.tf index fa2705b..6b49608 100644 --- a/common/version.tf +++ b/common/version.tf @@ -1,3 +1,3 @@ locals { - _module_version = "1.0.0" + _module_version = "2.0.0" } From c8b701b7b626c1e80cf52e4097e3c16972840e76 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 23 Dec 2021 14:05:43 -0500 Subject: [PATCH 3/4] update for tf 0.13+ --- common/versions.tf | 29 +++++++++++++++++++++++++++++ patch-aws-auth/README.md | 5 ++++- patch-aws-auth/version.tf | 1 + patch-aws-auth/versions.tf | 9 +++++++++ 4 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 common/versions.tf create mode 120000 patch-aws-auth/version.tf create mode 100644 patch-aws-auth/versions.tf diff --git a/common/versions.tf b/common/versions.tf new file mode 100644 index 0000000..07e01fb --- /dev/null +++ b/common/versions.tf @@ -0,0 +1,29 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 3.66.0" + } + helm = { + source = "hashicorp/helm" + version = ">= 2.4" + } + http = { + source = "hashicorp/http" + version = ">= 2.1" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = ">= 2.7" + } + null = { + source = "hashicorp/null" + version = ">= 3.1" + } + tls = { + source = "hashicorp/tls" + version = ">= 3.1" + } + } + # required_version = ">= 0.13" +} diff --git a/patch-aws-auth/README.md b/patch-aws-auth/README.md index 3b790e9..2f992e0 100644 --- a/patch-aws-auth/README.md +++ b/patch-aws-auth/README.md @@ -1,3 +1,4 @@ + # About patch-aws-auth This allows to add IAM roles and IAM users to the `aws-auth ConfigMap`, to tie IAM resources into @@ -66,6 +67,7 @@ module "awsauth_base_users" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.12.31 | +| [null](#requirement\_null) | >= 3.1 | ## Providers @@ -73,7 +75,7 @@ module "awsauth_base_users" { |------|---------| | [aws](#provider\_aws) | n/a | | [kubernetes](#provider\_kubernetes) | n/a | -| [null](#provider\_null) | n/a | +| [null](#provider\_null) | >= 3.1 | ## Modules @@ -111,3 +113,4 @@ No modules. ## Outputs No outputs. + \ No newline at end of file diff --git a/patch-aws-auth/version.tf b/patch-aws-auth/version.tf new file mode 120000 index 0000000..b83c5b7 --- /dev/null +++ b/patch-aws-auth/version.tf @@ -0,0 +1 @@ +../common/version.tf \ No newline at end of file diff --git a/patch-aws-auth/versions.tf b/patch-aws-auth/versions.tf new file mode 100644 index 0000000..9896697 --- /dev/null +++ b/patch-aws-auth/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + null = { + source = "hashicorp/null" + version = ">= 3.1" + } + } + # required_version = ">= 0.13" +} From 4ad5550d47e600d22fdc38ce6af999ee13eab3eb Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 23 Dec 2021 14:12:42 -0500 Subject: [PATCH 4/4] update readme --- README.md | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 6bd377d..c9ca4f7 100644 --- a/README.md +++ b/README.md @@ -7,17 +7,17 @@ as a starting point for building a cluster. * [patch-aws-auth](#patch-aws-auth): update `aws-auth ConfigMap` * Submodules Planned - * dns-zone - * efs - * cluster-iam-policies - * cluster-iam-roles - * irsa-role - * cluster-role + * dns-zone: add DNS zone for cluster + * efs: Setup EFS Driver, policies and roles + * cluster-iam-policies: Setup needed IAM policies for cluster + * cluster-iam-roles: Setup needed IAM roles for cluster (in conjuniction with policies) + * irsa-role: Setup IAM Role for Service Account + * cluster-role: Setup cluster roles (depends upon a created irsa-role) * common-services, most likely split into a module for each of the common services * Examples - * established-cluster-examples - * full-cluster + * [established-cluster-examples](#established-cluster-examples) + * [full-cluster](#full-cluster) # Submodules ## [patch-aws-auth](patch-aws-auth/) @@ -27,6 +27,18 @@ Kubernetes groups, roles, and cluster roles. # Examples -## established-cluster-examples -## full-cluster +## [established-cluster-examples](examples/established-cluster-examples/) + +* [alb-controller](examples/established-cluster-examples/alb-controller) +* [dnsutils](examples/established-cluster-examples/dnsutils) +* [empty](examples/established-cluster-examples/empty) +* [kube-bench](examples/established-cluster-examples/kube-bench) +* [sample-alb](examples/established-cluster-examples/sample-alb) +* [sample-elb](examples/established-cluster-examples/sample-elb) +* [sample-istio](examples/established-cluster-examples/sample-istio) +* [sample-nlb](examples/established-cluster-examples/sample-nlb) + +## [full-cluster](examples/full-cluster/) + +