Skip to content

Commit

Permalink
Merge branch 'main' into release
Browse files Browse the repository at this point in the history
  • Loading branch information
@ArchiFleKs
ArchiFleKs committed Jun 26, 2023
2 parents 365f326 + 625c957 commit 5b80d67
Show file tree
Hide file tree
Showing 21 changed files with 830 additions and 56 deletions.
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,6 +281,7 @@ No modules.
| <a name="input_flux2"></a> [flux2](#input\_flux2) | Customize Flux chart, see `flux2.tf` for supported values | `any` | `{}` | no |
| <a name="input_helm_defaults"></a> [helm\_defaults](#input\_helm\_defaults) | Customize default Helm behavior | `any` | `{}` | no |
| <a name="input_ingress-nginx"></a> [ingress-nginx](#input\_ingress-nginx) | Customize ingress-nginx chart, see `nginx-ingress.tf` for supported values | `any` | `{}` | no |
| <a name="input_ip-masq-agent"></a> [ip-masq-agent](#input\_ip-masq-agent) | Configure ip masq agent chart, see `ip-masq-agent.tf` for supported values. This addon works only on GCP. | `any` | `{}` | no |
| <a name="input_k8gb"></a> [k8gb](#input\_k8gb) | Customize k8gb chart, see `k8gb.tf` for supported values | `any` | `{}` | no |
| <a name="input_karma"></a> [karma](#input\_karma) | Customize karma chart, see `karma.tf` for supported values | `any` | `{}` | no |
| <a name="input_keda"></a> [keda](#input\_keda) | Customize keda chart, see `keda.tf` for supported values | `any` | `{}` | no |
Expand Down
50 changes: 25 additions & 25 deletions helm-dependencies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,34 +6,34 @@ dependencies:
version: 0.13.2
repository: https://charts.admiralty.io
- name: secrets-store-csi-driver
version: 1.3.3
version: 1.3.4
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- name: aws-ebs-csi-driver
version: 2.19.0
version: 2.20.0
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
- name: aws-efs-csi-driver
version: 2.4.4
version: 2.4.6
repository: https://kubernetes-sigs.github.io/aws-efs-csi-driver
- name: aws-for-fluent-bit
version: 0.1.24
version: 0.1.27
repository: https://aws.github.io/eks-charts
- name: aws-load-balancer-controller
version: 1.5.3
version: 1.5.4
repository: https://aws.github.io/eks-charts
- name: aws-node-termination-handler
version: 0.21.0
repository: https://aws.github.io/eks-charts
- name: cert-manager
version: v1.12.1
version: v1.12.2
repository: https://charts.jetstack.io
- name: cert-manager-csi-driver
version: v0.5.0
repository: https://charts.jetstack.io
- name: cluster-autoscaler
version: 9.29.0
version: 9.29.1
repository: https://kubernetes.github.io/autoscaler
- name: external-dns
version: 1.12.2
version: 1.13.0
repository: https://kubernetes-sigs.github.io/external-dns/
- name: flux
version: 1.13.3
Expand All @@ -48,70 +48,70 @@ dependencies:
version: 1.7.2
repository: https://charts.helm.sh/stable
- name: karpenter
version: v0.27.5
version: v0.28.1
repository: oci://public.ecr.aws/karpenter
- name: keda
version: 2.10.2
version: 2.11.0
repository: https://kedacore.github.io/charts
- name: kong
version: 2.22.0
version: 2.23.0
repository: https://charts.konghq.com
- name: kube-prometheus-stack
version: 46.6.0
version: 47.0.0
repository: https://prometheus-community.github.io/helm-charts
- name: linkerd2-cni
version: 30.8.3
repository: https://helm.linkerd.io/stable
- name: linkerd-control-plane
version: 1.12.4
version: 1.12.5
repository: https://helm.linkerd.io/stable
- name: linkerd-crds
version: 1.6.1
repository: https://helm.linkerd.io/stable
- name: linkerd-viz
version: 30.8.4
version: 30.8.5
repository: https://helm.linkerd.io/stable
- name: loki
version: 5.6.1
version: 5.8.4
repository: https://grafana.github.io/helm-charts
- name: promtail
version: 6.11.2
version: 6.11.5
repository: https://grafana.github.io/helm-charts
- name: metrics-server
version: 3.10.0
repository: https://kubernetes-sigs.github.io/metrics-server/
- name: node-problem-detector
version: 2.3.4
version: 2.3.5
repository: https://charts.deliveryhero.io/
- name: prometheus-adapter
version: 4.2.0
repository: https://prometheus-community.github.io/helm-charts
- name: prometheus-cloudwatch-exporter
version: 0.25.0
version: 0.25.1
repository: https://prometheus-community.github.io/helm-charts
- name: prometheus-blackbox-exporter
version: 7.9.0
version: 7.10.0
repository: https://prometheus-community.github.io/helm-charts
- name: scaleway-webhook
version: v0.0.1
repository: https://particuleio.github.io/charts
- name: sealed-secrets
version: 2.9.0
version: 2.10.0
repository: https://bitnami-labs.github.io/sealed-secrets
- name: thanos
version: 12.6.2
version: 12.8.3
repository: https://charts.bitnami.com/bitnami
- name: tigera-operator
version: v3.26.0
version: v3.26.1
repository: https://docs.projectcalico.org/charts
- name: traefik
version: 23.0.1
version: 23.1.0
repository: https://helm.traefik.io/traefik
- name: memcached
version: 6.5.2
version: 6.5.3
repository: https://charts.bitnami.com/bitnami
- name: velero
version: 4.0.2
version: 4.0.3
repository: https://vmware-tanzu.github.io/helm-charts
- name: victoria-metrics-k8s-stack
version: 0.16.3
Expand Down
3 changes: 1 addition & 2 deletions modules/aws/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ This module can uses [IRSA](https://aws.amazon.com/blogs/opensource/introducing-
| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.42 |
| <a name="provider_aws.ecr_public"></a> [aws.ecr\_public](#provider\_aws.ecr\_public) | >= 4.42 |
| <a name="provider_flux"></a> [flux](#provider\_flux) | 1.0.0-rc.5 |
| <a name="provider_github"></a> [github](#provider\_github) | ~> 5.0 |
| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 2.0 |
Expand Down Expand Up @@ -310,7 +309,6 @@ This module can uses [IRSA](https://aws.amazon.com/blogs/opensource/introducing-
| [tls_self_signed_cert.thanos-tls-querier-ca-cert](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource |
| [tls_self_signed_cert.webhook_issuer_tls](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_ecrpublic_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecrpublic_authorization_token) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver_default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
Expand Down Expand Up @@ -373,6 +371,7 @@ This module can uses [IRSA](https://aws.amazon.com/blogs/opensource/introducing-
| <a name="input_flux2"></a> [flux2](#input\_flux2) | Customize Flux chart, see `flux2.tf` for supported values | `any` | `{}` | no |
| <a name="input_helm_defaults"></a> [helm\_defaults](#input\_helm\_defaults) | Customize default Helm behavior | `any` | `{}` | no |
| <a name="input_ingress-nginx"></a> [ingress-nginx](#input\_ingress-nginx) | Customize ingress-nginx chart, see `nginx-ingress.tf` for supported values | `any` | `{}` | no |
| <a name="input_ip-masq-agent"></a> [ip-masq-agent](#input\_ip-masq-agent) | Configure ip masq agent chart, see `ip-masq-agent.tf` for supported values. This addon works only on GCP. | `any` | `{}` | no |
| <a name="input_k8gb"></a> [k8gb](#input\_k8gb) | Customize k8gb chart, see `k8gb.tf` for supported values | `any` | `{}` | no |
| <a name="input_karma"></a> [karma](#input\_karma) | Customize karma chart, see `karma.tf` for supported values | `any` | `{}` | no |
| <a name="input_karpenter"></a> [karpenter](#input\_karpenter) | Customize karpenter chart, see `karpenter.tf` for supported values | `any` | `{}` | no |
Expand Down
36 changes: 19 additions & 17 deletions modules/aws/cert-manager.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,24 @@ locals {
cert-manager = merge(
local.helm_defaults,
{
name = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].name
chart = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].name
repository = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].repository
chart_version = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].version
namespace = "cert-manager"
service_account_name = "cert-manager"
create_iam_resources_irsa = true
enabled = false
iam_policy_override = null
default_network_policy = true
acme_email = "[email protected]"
acme_http01_enabled = true
acme_http01_ingress_class = "nginx"
acme_dns01_enabled = true
allowed_cidrs = ["0.0.0.0/0"]
csi_driver = false
name_prefix = "${var.cluster-name}-cert-manager"
name = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].name
chart = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].name
repository = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].repository
chart_version = local.helm_dependencies[index(local.helm_dependencies.*.name, "cert-manager")].version
namespace = "cert-manager"
service_account_name = "cert-manager"
create_iam_resources_irsa = true
enabled = false
iam_policy_override = null
default_network_policy = true
acme_email = "[email protected]"
acme_http01_enabled = true
acme_http01_ingress_class = "nginx"
acme_dns01_enabled = true
cluster_issuer_assume_role_arn = ""
allowed_cidrs = ["0.0.0.0/0"]
csi_driver = false
name_prefix = "${var.cluster-name}-cert-manager"
},
var.cert-manager
)
Expand Down Expand Up @@ -151,6 +152,7 @@ data "kubectl_path_documents" "cert-manager_cluster_issuers" {
acme_http01_enabled = local.cert-manager["acme_http01_enabled"]
acme_http01_ingress_class = local.cert-manager["acme_http01_ingress_class"]
acme_dns01_enabled = local.cert-manager["acme_dns01_enabled"]
role_arn = local.cert-manager["cluster_issuer_assume_role_arn"]
}
}

Expand Down
17 changes: 5 additions & 12 deletions modules/aws/karpenter.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ locals {
irsa_namespace_service_accounts = ["karpenter:karpenter"]
allowed_cidrs = ["0.0.0.0/0"]
iam_role_arn = ""
repository_username = ""
repository_password = ""

},
var.karpenter
)
Expand All @@ -34,16 +37,6 @@ locals {

}

data "aws_ecrpublic_authorization_token" "token" {
provider = aws.ecr_public
}

provider "aws" {
region = "us-east-1"
alias = "ecr_public"
}


data "aws_iam_policy_document" "karpenter_additional" {
count = local.karpenter["enabled"] ? 1 : 0

Expand Down Expand Up @@ -111,8 +104,8 @@ resource "kubernetes_namespace" "karpenter" {
resource "helm_release" "karpenter" {
count = local.karpenter["enabled"] ? 1 : 0
repository = local.karpenter["repository"]
repository_username = data.aws_ecrpublic_authorization_token.token.user_name
repository_password = data.aws_ecrpublic_authorization_token.token.password
repository_username = local.karpenter["repository_username"]
repository_password = local.karpenter["repository_password"]
name = local.karpenter["name"]
chart = local.karpenter["chart"]
version = local.karpenter["chart_version"]
Expand Down
6 changes: 6 additions & 0 deletions modules/aws/templates/cert-manager-cluster-issuers.yaml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ spec:
- dns01:
route53:
region: '${aws_region}'
%{ if role_arn != "" }
role: '${role_arn}'
%{ endif }
%{ endif }
%{ if acme_http01_enabled }
- http01:
Expand Down Expand Up @@ -41,6 +44,9 @@ spec:
- dns01:
route53:
region: '${aws_region}'
%{ if role_arn != "" }
role: '${role_arn}'
%{ endif }
%{ endif }
%{ if acme_http01_enabled }
- http01:
Expand Down
1 change: 1 addition & 0 deletions modules/azure/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ No modules.
| <a name="input_flux2"></a> [flux2](#input\_flux2) | Customize Flux chart, see `flux2.tf` for supported values | `any` | `{}` | no |
| <a name="input_helm_defaults"></a> [helm\_defaults](#input\_helm\_defaults) | Customize default Helm behavior | `any` | `{}` | no |
| <a name="input_ingress-nginx"></a> [ingress-nginx](#input\_ingress-nginx) | Customize ingress-nginx chart, see `nginx-ingress.tf` for supported values | `any` | `{}` | no |
| <a name="input_ip-masq-agent"></a> [ip-masq-agent](#input\_ip-masq-agent) | Configure ip masq agent chart, see `ip-masq-agent.tf` for supported values. This addon works only on GCP. | `any` | `{}` | no |
| <a name="input_k8gb"></a> [k8gb](#input\_k8gb) | Customize k8gb chart, see `k8gb.tf` for supported values | `any` | `{}` | no |
| <a name="input_karma"></a> [karma](#input\_karma) | Customize karma chart, see `karma.tf` for supported values | `any` | `{}` | no |
| <a name="input_keda"></a> [keda](#input\_keda) | Customize keda chart, see `keda.tf` for supported values | `any` | `{}` | no |
Expand Down
Loading

0 comments on commit 5b80d67

Please sign in to comment.