From 713dbccf0abf4b33bdda94b63592d6b64ffb6e17 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 29 Dec 2022 13:23:42 -0500
Subject: [PATCH] update metrics-server

---
 .../aws-auth/aws-auth.auto.tfvars             | 22 ++++++++++++++++
 .../cluster-roles/variables.auto.tfvars       | 16 ++++++++++++
 .../common-services.auto.tfvars               |  2 ++
 .../common-services/main.tf                   | 24 ++++++++++--------
 .../variables.common-services.auto.tfvars     | 25 +++++++++++++++++++
 .../variables.irsa.auto.tfvars                |  3 +++
 .../irsa-roles/variables.irsa.auto.tfvars     |  3 +++
 7 files changed, 84 insertions(+), 11 deletions(-)
 create mode 100644 examples/full-cluster-tf-upgrade/aws-auth/aws-auth.auto.tfvars
 create mode 100644 examples/full-cluster-tf-upgrade/cluster-roles/variables.auto.tfvars
 create mode 100644 examples/full-cluster-tf-upgrade/common-services/common-services.auto.tfvars
 create mode 100644 examples/full-cluster-tf-upgrade/common-services/variables.common-services.auto.tfvars
 create mode 100644 examples/full-cluster-tf-upgrade/irsa-roles/cluster-autoscaler/variables.irsa.auto.tfvars
 create mode 100644 examples/full-cluster-tf-upgrade/irsa-roles/variables.irsa.auto.tfvars

diff --git a/examples/full-cluster-tf-upgrade/aws-auth/aws-auth.auto.tfvars b/examples/full-cluster-tf-upgrade/aws-auth/aws-auth.auto.tfvars
new file mode 100644
index 0000000..0c382af
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/aws-auth/aws-auth.auto.tfvars
@@ -0,0 +1,22 @@
+aws_auth_users = [
+  {
+    userarn      = ""
+    aws_username = "a-ashle001"
+    username     = "admin"
+    groups       = ["system:masters", "eks-console-dashboard-full-access-group"]
+  },
+  {
+    userarn      = ""
+    aws_username = "a-badra001"
+    username     = "admin"
+    groups       = ["system:masters", "eks-console-dashboard-full-access-group"]
+  },
+]
+aws_auth_roles = [
+  {
+    rolearn : ""
+    aws_rolename : "r-inf-cloud-admin"
+    username : "admin"
+    groups = ["eks-console-dashboard-full-access-group"]
+  },
+]
diff --git a/examples/full-cluster-tf-upgrade/cluster-roles/variables.auto.tfvars b/examples/full-cluster-tf-upgrade/cluster-roles/variables.auto.tfvars
new file mode 100644
index 0000000..974aef0
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/cluster-roles/variables.auto.tfvars
@@ -0,0 +1,16 @@
+istio_installed_namespace = "istio-system"
+# enable only for cicd needs
+cicd_k8s_group_name                         = "cicd-deployer"
+cicd_k8s_user_name                          = "cicd-deployer"
+cicd_managed_namespaces                     = []
+deployer_application_istio_role_name        = "deployer-application-istio-role"
+deployer_application_istio_rolebinding_name = "deployer-application-istio-rolebinding"
+deployer_application_role_name              = "deployer-application-role"
+deployer_application_rolebinding_name       = "deployer-application-rolebinding"
+deployer_istiosystem_role_name              = "deployer-istiosystem-role"
+# enable only for dba account needs (most likely, not needed)
+dba_admin_rolebinding_name  = "dba-admin-rolebinding"
+dba_administrator_role_name = "dba-admin-role"
+dba_k8s_group_name          = "dba-admin"
+dba_k8s_user_name           = "dba-admin"
+dba_managed_namespaces      = []
diff --git a/examples/full-cluster-tf-upgrade/common-services/common-services.auto.tfvars b/examples/full-cluster-tf-upgrade/common-services/common-services.auto.tfvars
new file mode 100644
index 0000000..8198041
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/common-services/common-services.auto.tfvars
@@ -0,0 +1,2 @@
+#tls_crt_file = "certs/pki.test4.sandbox.csp2.census.gov.bundle.crt"
+#tls_key_file = "certs/pki.test4.sandbox.csp2.census.gov.key"
diff --git a/examples/full-cluster-tf-upgrade/common-services/main.tf b/examples/full-cluster-tf-upgrade/common-services/main.tf
index e83d70f..fc06af3 100644
--- a/examples/full-cluster-tf-upgrade/common-services/main.tf
+++ b/examples/full-cluster-tf-upgrade/common-services/main.tf
@@ -11,9 +11,11 @@ locals {
       name       = "metrics-server"
       repository = "https://charts.bitnami.com/bitnami"
       #      version    = "5.10.4"
-      version    = "5.11.9"
+      # version    = "5.11.9"
+      version    = "6.2.4"
       use_remote = true
     }
+
     # a standard chart that is downloaded as part of the istio-bundle.  It's not
     # available standalone in a repository
     #  name       = "istio-operator"
@@ -45,29 +47,29 @@ resource "helm_release" "metrics-server" {
 
   depends_on = [null_resource.copy_images]
   set {
-    name = "extraArgs.kubelet-preferred-address-types"
+    name = "extraArgs[0]"
     #    value = "InternalIP,ExternalIP,Hostname"
-    value = "InternalIP"
+    value = "--kubelet-preferred-address-types=InternalIP"
   }
   set {
     name  = "apiService.create"
     value = "true"
   }
   set {
-    name  = "extraArgs.cert-dir"
-    value = "/tmp"
+    name  = "extraArgs[1]"
+    value = "--cert-dir=/tmp"
   }
   set {
-    name  = "extraArgs.kubelet-use-node-status-port"
-    value = ""
+    name  = "extraArgs[2]"
+    value = "--kubelet-use-node-status-port"
   }
   set {
-    name  = "extraArgs.metric-resolution"
-    value = "15s"
+    name  = "extraArgs[3]"
+    value = "--metric-resolution=15s"
   }
   #  set {
-  #    name = "extraArgs.kubelet-insecure-tls"
-  #    value = "true"
+  #    name = "extraArgs[4]"
+  #    value = "--kubelet-insecure-tls=true"
   #  }
   set {
     name  = "image.registry"
diff --git a/examples/full-cluster-tf-upgrade/common-services/variables.common-services.auto.tfvars b/examples/full-cluster-tf-upgrade/common-services/variables.common-services.auto.tfvars
new file mode 100644
index 0000000..c6a82a1
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/common-services/variables.common-services.auto.tfvars
@@ -0,0 +1,25 @@
+cert_manager_cainjector_tag    = "v1.4.3"
+cert_manager_controller_tag    = "v1.4.3"
+cert_manager_webhook_tag       = "v1.4.3"
+cluster_autoscaler_tag         = "v1.21.0"
+istio_tag                      = "1.10.1"
+metrics_server_tag             = "0.6.2-debian-11-r0"
+tls_crt_b64                    = ""
+tls_crt_contents               = ""
+tls_crt_file                   = ""
+tls_key_b64                    = ""
+tls_key_contents               = ""
+tls_key_file                   = ""
+vault_approle_role_id          = ""
+vault_approle_role_path        = ""
+vault_approle_secret_id        = ""
+vault_authentication           = ""
+vault_ca_bundle_pem            = ""
+vault_ca_bundle_pem_b64        = ""
+vault_ca_bundle_pem_file       = ""
+vault_path                     = ""
+vault_serviceaccount_mountpath = ""
+vault_serviceaccount_role      = ""
+vault_serviceaccount_sa        = ""
+vault_token                    = ""
+vault_url                      = ""
diff --git a/examples/full-cluster-tf-upgrade/irsa-roles/cluster-autoscaler/variables.irsa.auto.tfvars b/examples/full-cluster-tf-upgrade/irsa-roles/cluster-autoscaler/variables.irsa.auto.tfvars
new file mode 100644
index 0000000..45b1bf3
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/irsa-roles/cluster-autoscaler/variables.irsa.auto.tfvars
@@ -0,0 +1,3 @@
+namespace       = "kube-system"
+namespace_short = ""
+name            = "cluster-autoscaler"
diff --git a/examples/full-cluster-tf-upgrade/irsa-roles/variables.irsa.auto.tfvars b/examples/full-cluster-tf-upgrade/irsa-roles/variables.irsa.auto.tfvars
new file mode 100644
index 0000000..d436089
--- /dev/null
+++ b/examples/full-cluster-tf-upgrade/irsa-roles/variables.irsa.auto.tfvars
@@ -0,0 +1,3 @@
+name            = "unknown"
+namespace       = "unknown"
+namespace_short = ""