From a9463fa68a86fbff05f974cf395dec908a327024 Mon Sep 17 00:00:00 2001
From: Valentin Radicevic <vradicevic@dspace.hr>
Date: Thu, 26 Sep 2024 12:57:07 +0200
Subject: [PATCH] Implement ingress-nginx helm release as module

---
 eks-addons.tf                       | 23 ++++++++++++++++++++
 k8s.tf                              | 12 -----------
 modules/eks_addons/ingress-nginx.tf | 22 +++++++++++++++++++
 modules/eks_addons/variables.tf     | 20 +++++++++++++++++
 templates/nginx_values.yaml         |  2 --
 variables.tf                        | 33 +++++++++++++++++++++++------
 6 files changed, 92 insertions(+), 20 deletions(-)
 create mode 100644 eks-addons.tf
 create mode 100644 modules/eks_addons/ingress-nginx.tf
 create mode 100644 modules/eks_addons/variables.tf

diff --git a/eks-addons.tf b/eks-addons.tf
new file mode 100644
index 00000000..8e954fde
--- /dev/null
+++ b/eks-addons.tf
@@ -0,0 +1,23 @@
+module "eks_addons" {
+  source               = "./modules/eks_addons"
+  enable_ingress_nginx = var.ingress_nginx_config.enable
+
+  ingress_nginx_helm_config = {
+    namespace         = "nginx"
+    name              = "ingress-nginx"
+    chart             = "ingress-nginx"
+    repository        = var.ingress_nginx_config.helm_repository
+    version           = var.ingress_nginx_config.helm_version
+    description       = "The NGINX HelmChart Ingress Controller deployment configuration"
+    create_namespace  = true
+    dependency_update = true
+    values = [
+      templatefile("${path.module}/templates/nginx_values.yaml", {
+        public_subnets = join(", ", local.public_subnets)
+      }),
+      yamlencode(var.ingress_nginx_config.chart_values)
+    ]
+  }
+
+  depends_on = [module.eks.eks_cluster_arn]
+}
diff --git a/k8s.tf b/k8s.tf
index 0663939a..3c2328a9 100644
--- a/k8s.tf
+++ b/k8s.tf
@@ -28,7 +28,6 @@ module "eks-addons" {
   enable_aws_load_balancer_controller  = false
   enable_cluster_autoscaler            = true
   enable_aws_for_fluentbit             = var.enable_aws_for_fluentbit
-  enable_ingress_nginx                 = var.enable_ingress_nginx
   tags                                 = var.tags
   aws_for_fluentbit_helm_config = {
     values = [templatefile("${path.module}/templates/fluentbit_values.yaml", {
@@ -39,17 +38,6 @@ module "eks-addons" {
     dependency_update = true
   }
 
-  ingress_nginx_helm_config = {
-    values = [templatefile("${path.module}/templates/nginx_values.yaml", {
-      internal       = "false",
-      scheme         = "internet-facing",
-      public_subnets = join(", ", local.public_subnets)
-    })]
-    namespace         = "nginx",
-    create_namespace  = true
-    dependency_update = true
-  }
-
   cluster_autoscaler_helm_config = var.cluster_autoscaler_helm_config
   #depends_on                     = [module.eks.managed_node_groups]
 }
diff --git a/modules/eks_addons/ingress-nginx.tf b/modules/eks_addons/ingress-nginx.tf
new file mode 100644
index 00000000..f7205636
--- /dev/null
+++ b/modules/eks_addons/ingress-nginx.tf
@@ -0,0 +1,22 @@
+resource "kubernetes_namespace_v1" "ingress_nginx" {
+  count = try(var.ingress_nginx_helm_config.create_namespace, true) && var.ingress_nginx_helm_config.namespace != "kube-system" && var.enable_ingress_nginx ? 1 : 0
+
+  metadata {
+    name = var.ingress_nginx_helm_config.namespace
+  }
+}
+
+resource "helm_release" "ingress_nginx" {
+  count = var.enable_ingress_nginx ? 1 : 0
+
+  namespace         = var.ingress_nginx_helm_config.namespace
+  name              = var.ingress_nginx_helm_config.name
+  chart             = var.ingress_nginx_helm_config.chart
+  repository        = var.ingress_nginx_helm_config.repository
+  version           = var.ingress_nginx_helm_config.version
+  description       = var.ingress_nginx_helm_config.description
+  create_namespace  = var.ingress_nginx_helm_config.create_namespace
+  dependency_update = var.ingress_nginx_helm_config.dependency_update
+  values            = var.ingress_nginx_helm_config.values
+  timeout           = 1200
+}
diff --git a/modules/eks_addons/variables.tf b/modules/eks_addons/variables.tf
new file mode 100644
index 00000000..01c2ec74
--- /dev/null
+++ b/modules/eks_addons/variables.tf
@@ -0,0 +1,20 @@
+variable "enable_ingress_nginx" {
+  description = "Enable Ingress Nginx helm release creation"
+  type        = bool
+  default     = false
+}
+
+variable "ingress_nginx_helm_config" {
+  description = "Helm Configuration for Ingress Nginx"
+  type = object({
+    namespace         = string
+    name              = string
+    chart             = string
+    repository        = string
+    version           = string
+    description       = string
+    create_namespace  = bool
+    dependency_update = bool
+    values            = list(string)
+  })
+}
diff --git a/templates/nginx_values.yaml b/templates/nginx_values.yaml
index e2904e1b..d8ca0641 100644
--- a/templates/nginx_values.yaml
+++ b/templates/nginx_values.yaml
@@ -4,8 +4,6 @@ controller:
       service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
       service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '60'
       service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true'
-      service.beta.kubernetes.io/aws-load-balancer-scheme: "${scheme}"
-      service.beta.kubernetes.io/aws-load-balancer-internal: "${internal}"
       service.beta.kubernetes.io/aws-load-balancer-target-node-labels: kubernetes.io/os=linux
       service.beta.kubernetes.io/aws-load-balancer-subnets: "${public_subnets}"
       service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
diff --git a/variables.tf b/variables.tf
index 4a1ca072..95836d82 100644
--- a/variables.tf
+++ b/variables.tf
@@ -208,12 +208,6 @@ variable "rtMaps_link" {
   default     = "http://dl.intempora.com/RTMaps4/rtmaps_4.9.0_ubuntu1804_x86_64_release.tar.bz2"
 }
 
-variable "enable_ingress_nginx" {
-  type        = bool
-  description = "Enable Ingress Nginx add-on"
-  default     = false
-}
-
 variable "map_accounts" {
   type        = list(string)
   description = "Additional AWS account numbers to add to the aws-auth ConfigMap"
@@ -240,6 +234,33 @@ variable "map_users" {
   default     = []
 }
 
+variable "ingress_nginx_config" {
+  type = object({
+    enable          = bool
+    helm_repository = string
+    helm_version    = string
+    chart_values    = map(any)
+  })
+  description = "Input configuration for ingress-nginx service deployed with helm release. By setting key 'enabled' to 'true', ingress-nginx service will be deployed. 'helm_repository' is an URL for the repository of ingress-nginx helm chart, where 'helm_version' is its respective version of a chart. 'chart_values' is used for changing default values.yaml of an ingress-nginx chart."
+  default = {
+    enable          = false
+    helm_repository = "https://kubernetes.github.io/ingress-nginx"
+    helm_version    = "4.1.4"
+    chart_values = {
+      controller = {
+        images = {
+          registry = "registry.k8s.io"
+        }
+        service = {
+          annotations = {
+            "service.beta.kubernetes.io/aws-load-balancer-scheme" = "internet-facing"
+          }
+        }
+      }
+    }
+  }
+}
+
 variable "simpheraInstances" {
   type = map(object({
     name                         = string