From 9b2e03a8633b744dba91aa2565894eca55be1465 Mon Sep 17 00:00:00 2001 From: Stef Forrester Date: Tue, 16 Feb 2021 15:04:14 -0800 Subject: [PATCH] wip --- GNUmakefile | 3 ++ _examples/eks/kubernetes-config/main.tf | 30 ---------------- _examples/eks/kubernetes-config/variables.tf | 8 ----- _examples/eks/main.tf | 36 ++++++++++++++++--- kubernetes/test-infra/eks/main.tf | 2 +- .../test-infra/eks/node-config/variables.tf | 2 +- 6 files changed, 36 insertions(+), 45 deletions(-) diff --git a/GNUmakefile b/GNUmakefile index 4f2e07573d..c65fd015ca 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -9,6 +9,7 @@ OS_ARCH := $(shell go env GOOS)_$(shell go env GOARCH) TF_PROV_DOCS := $(PWD)/kubernetes/test-infra/tfproviderdocs EXT_PROV_DIR := $(PWD)/kubernetes/test-infra/external-providers EXT_PROV_BIN := /tmp/.terraform.d/localhost/test/kubernetes/9.9.9/$(OS_ARCH)/terraform-provider-kubernetes_9.9.9_$(OS_ARCH) +KUBECONFIG1 = $(shell echo $(KUBECONFIG) | cut -d\: -f1) ifneq ($(PWD),$(PROVIDER_DIR)) $(error "Makefile must be run from the provider directory") @@ -57,6 +58,8 @@ test: fmtcheck xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4 testacc: fmtcheck vet + rm -f kubernetes/testdata/kubeconfig + cp $(KUBECONFIG1) kubernetes/testdata/kubeconfig rm -rf $(EXT_PROV_DIR)/.terraform $(EXT_PROV_DIR)/.terraform.lock.hcl || true mkdir $(EXT_PROV_DIR)/.terraform mkdir -p /tmp/.terraform.d/localhost/test/kubernetes/9.9.9/$(OS_ARCH) || true diff --git a/_examples/eks/kubernetes-config/main.tf b/_examples/eks/kubernetes-config/main.tf index 2c963afcbd..c1417fcdc9 100644 --- a/_examples/eks/kubernetes-config/main.tf +++ b/_examples/eks/kubernetes-config/main.tf @@ -1,15 +1,4 @@ -provider "kubernetes" { - host = var.cluster_endpoint - cluster_ca_certificate = base64decode(var.cluster_ca_cert) - exec { - api_version = "client.authentication.k8s.io/v1alpha1" - args = ["eks", "get-token", "--cluster-name", var.cluster_name] - command = "aws" - } -} - resource "kubernetes_config_map" "name" { - depends_on = [var.cluster_name] metadata { name = "aws-auth" namespace = "kube-system" @@ -23,26 +12,20 @@ resource "kubernetes_config_map" "name" { } } -# This allows the kubeconfig file to be refreshed during every Terraform apply. # Optional: this kubeconfig file is only used for manual CLI access to the cluster. resource "null_resource" "generate-kubeconfig" { provisioner "local-exec" { command = "aws eks update-kubeconfig --name ${var.cluster_name} --kubeconfig ${path.root}/kubeconfig" } - triggers = { - always_run = timestamp() - } } resource "kubernetes_namespace" "test" { - depends_on = [var.cluster_name] metadata { name = "test" } } resource "kubernetes_deployment" "test" { - depends_on = [var.cluster_name] metadata { name = "test" namespace= kubernetes_namespace.test.metadata.0.name @@ -81,20 +64,7 @@ resource "kubernetes_deployment" "test" { } } -provider "helm" { - kubernetes { - host = var.cluster_endpoint - cluster_ca_certificate = base64decode(var.cluster_ca_cert) - exec { - api_version = "client.authentication.k8s.io/v1alpha1" - args = ["eks", "get-token", "--cluster-name", var.cluster_name] - command = "aws" - } - } -} - resource helm_release nginx_ingress { - depends_on = [var.cluster_name] name = "nginx-ingress-controller" repository = "https://charts.bitnami.com/bitnami" diff --git a/_examples/eks/kubernetes-config/variables.tf b/_examples/eks/kubernetes-config/variables.tf index 169c564f82..af19cf115c 100644 --- a/_examples/eks/kubernetes-config/variables.tf +++ b/_examples/eks/kubernetes-config/variables.tf @@ -1,12 +1,4 @@ variable "k8s_node_role_arn" { - type = list(string) -} - -variable "cluster_ca_cert" { - type = string -} - -variable "cluster_endpoint" { type = string } diff --git a/_examples/eks/main.tf b/_examples/eks/main.tf index 927b7f1457..8b37bdcf09 100644 --- a/_examples/eks/main.tf +++ b/_examples/eks/main.tf @@ -15,6 +15,34 @@ terraform { } } +data "aws_eks_cluster" "default" { + name = module.cluster.cluster_id +} + +data "aws_eks_cluster_auth" "default" { + name = module.cluster.cluster_id +} + +provider "kubernetes" { + host = data.aws_eks_cluster.default.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.default.certificate_authority[0].data) + token = data.aws_eks_cluster_auth.default.token +} + +provider "helm" { + kubernetes { + host = data.aws_eks_cluster.default.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.default.certificate_authority[0].data) + token = data.aws_eks_cluster_auth.default.token + } +} + +# exec { +# api_version = "client.authentication.k8s.io/v1alpha1" +# args = ["eks", "get-token", "--cluster-name", var.cluster_name] +# command = "aws" +# } + provider "aws" { region = var.region } @@ -25,7 +53,7 @@ module "vpc" { module "cluster" { source = "terraform-aws-modules/eks/aws" - version = "v13.2.1" + version = "v14.0.0" vpc_id = module.vpc.vpc_id subnets = module.vpc.subnets @@ -51,9 +79,7 @@ module "cluster" { } module "kubernetes-config" { - source = "./kubernetes-config" - k8s_node_role_arn = list(module.cluster.worker_iam_role_arn) - cluster_ca_cert = module.cluster.cluster_certificate_authority_data cluster_name = module.cluster.cluster_id # creates dependency on cluster creation - cluster_endpoint = module.cluster.cluster_endpoint + source = "./kubernetes-config" + k8s_node_role_arn = module.cluster.worker_iam_role_arn } diff --git a/kubernetes/test-infra/eks/main.tf b/kubernetes/test-infra/eks/main.tf index 3058d02e40..b6aa84cea5 100644 --- a/kubernetes/test-infra/eks/main.tf +++ b/kubernetes/test-infra/eks/main.tf @@ -47,7 +47,7 @@ module "cluster" { module "node-config" { source = "./node-config" - k8s_node_role_arn = list(module.cluster.worker_iam_role_arn) + k8s_node_role_arn = tolist(module.cluster.worker_iam_role_arn) cluster_ca = module.cluster.cluster_certificate_authority_data cluster_name = module.cluster.cluster_id # creates dependency on cluster creation cluster_endpoint = module.cluster.cluster_endpoint diff --git a/kubernetes/test-infra/eks/node-config/variables.tf b/kubernetes/test-infra/eks/node-config/variables.tf index a1868fde92..aed4df62ff 100644 --- a/kubernetes/test-infra/eks/node-config/variables.tf +++ b/kubernetes/test-infra/eks/node-config/variables.tf @@ -1,5 +1,5 @@ variable "k8s_node_role_arn" { - type = list(string) + type = tolist(string) } variable "cluster_ca" {