Refactor (#63)

* refactor: switch to Terraform templatefile() and bump versions * refactor: fix missing if * chore: make jinja ignore file contents * chore: make jinja ignore file contents * chore: make jinja ignore file contents * chore: make jinja ignore file contents * chore: make jinja ignore file contents * chore: make jinja ignore file contents * chore: make jinja ignore file contents * style: lint * chore: add eks parameters * chore: remove gavinbunney/kubectl * chore: cleanup jinja tags * chore: remove kubectl * refactor: new cluster access auth method w terraform-aws-modules/eks/aws v20.0
cookiecutter-openedx · Feb 6, 2024 · 890eafb · 890eafb
1 parent 211f02a
commit 890eafb
Show file tree

Hide file tree

Showing 105 changed files with 840 additions and 950 deletions.
diff --git a/cookiecutter.json b/cookiecutter.json
@@ -116,27 +116,28 @@
     "redis_node_type": "cache.t2.small",
     "redis_port": 6379,
     "redis_family": "redis6.x",
-    "terraform_required_version": "~> 1.6",
+    "terraform_required_version": "~> 1.5",
     "terraform_aws_modules_acm": "5.0",
     "terraform_aws_modules_cloudfront": "3.2",
-    "terraform_aws_modules_eks": "19.21",
+    "terraform_aws_modules_eks": "20.0",
     "terraform_aws_modules_iam": "~> 5.9",
-    "terraform_aws_modules_iam_assumable_role_with_oidc": "5.33",
-    "terraform_aws_modules_rds": "6.3",
+    "terraform_aws_modules_iam_assumable_role_with_oidc": "5.34",
+    "terraform_aws_modules_rds": "6.4",
     "terraform_aws_modules_s3": "3.15",
     "terraform_aws_modules_sg": "5.1",
-    "terraform_aws_modules_vpc": "5.4",
+    "terraform_aws_modules_vpc": "5.5",
     "terraform_helm_cert_manager": "1.12",
     "terraform_helm_ingress_nginx_controller": "4.9",
     "terraform_helm_vertical_pod_autoscaler": "9.6",
     "terraform_helm_karpenter": "0.16",
     "terraform_helm_dashboard": "6.0",
-    "terraform_helm_kubeapps": "14.1",
-    "terraform_helm_kubecost": "1.106",
+    "terraform_helm_kubeapps": "14.3",
+    "terraform_helm_kubecost": "2.0",
     "terraform_helm_metrics_server": "3.11",
-    "terraform_helm_prometheus": "39.6.0",
-    "terraform_provider_kubernetes_version": "~> 2.24",
-    "terraform_provider_hashicorp_aws_version": "5.31",
+    "terraform_helm_prometheus": "56.6.0",
+    "terraform_helm_descheduler": "0.27",
+    "terraform_provider_kubernetes_version": "~> 2.25",
+    "terraform_provider_hashicorp_aws_version": "5.35",
     "terraform_provider_hashicorp_local_version": "~> 2.4",
     "terraform_provider_hashicorp_random_version": "~> 3.6",
     "terraform_provider_hashicorp_kubectl_version": "~> 1.14",

diff --git a/{{cookiecutter.github_repo_name}}/.github/actions/tutor/k8s/deploy/action.yml b/{{cookiecutter.github_repo_name}}/.github/actions/tutor/k8s/deploy/action.yml
@@ -13,7 +13,7 @@ inputs:
     required: true
     type: string
   namespace:
-    description: 'The Kubernetes namesapce to which the Open edX platform environment will be deployed. Example: openedx-prod'
+    description: 'The Kubernetes namespace to which the Open edX platform environment will be deployed. Example: openedx-prod'
     required: true
     type: string
 

diff --git a/{{cookiecutter.github_repo_name}}/.github/workflows/build-openedx.yml b/{{cookiecutter.github_repo_name}}/.github/workflows/build-openedx.yml
@@ -114,6 +114,6 @@ jobs:
       # Build and upload the Docker container
       #------------------------------------------------------------------------
       - name: Build openedx
-        uses: openedx-actions/tutor-plugin-build-openedx@{{ cookiecutter.ci_openedx_actions_tutor_plugin_build_OPENEDX_RELEASE_VERSION }}
+        uses: openedx-actions/tutor-plugin-build-openedx@{{ cookiecutter.ci_openedx_actions_tutor_plugin_build_openedx_version }}
         with:
           aws-ecr-repository: openedx-{% raw %}${{ env.OPENEDX_RELEASE_VERSION}}{% endraw %}
diff --git a/{{cookiecutter.github_repo_name}}/.gitignore b/{{cookiecutter.github_repo_name}}/.gitignore
@@ -1,4 +1,7 @@
+.terraform.lock.hcl
 .terragrunt-cache
 .DS_Store
+._.DS_Store
 .terraform
 terraform-provider-aws_v4.15.1_x5
+data
diff --git a/{{cookiecutter.github_repo_name}}/.pre-commit-config.yaml b/{{cookiecutter.github_repo_name}}/.pre-commit-config.yaml
@@ -3,15 +3,13 @@ default_language_version:
   python: python3.9
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.1.0
+    rev: v4.5.0
     hooks:
       # See https://pre-commit.com/hooks.html for more hooks
       - id: check-added-large-files
       - id: check-byte-order-marker
       - id: check-case-conflict
-      - id: check-executables-have-shebangs
       - id: check-json
-      - id: check-shebang-scripts-are-executable
       - id: check-merge-conflict
       - id: check-symlinks
       - id: check-toml
@@ -24,13 +22,14 @@ repos:
       - id: trailing-whitespace
       - id: pretty-format-json
       - id: check-yaml
+        exclude: ^terraform/stacks/modules/kubernetes/yml/eks-console-full-access\.yaml$
   - repo: https://github.com/gruntwork-io/pre-commit
-    rev: v0.1.17 # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
+    rev: v0.1.23 # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
     hooks:
       - id: terraform-fmt
       - id: helmlint
     #  - id: terraform-validate
-    #  - id: terragrunt-hclfmt
+      - id: terragrunt-hclfmt
     #  - id: tflint
     #  - id: shellcheck
     #  - id: yapf

diff --git a/{{cookiecutter.github_repo_name}}/Makefile b/{{cookiecutter.github_repo_name}}/Makefile
@@ -0,0 +1,26 @@
+
+clean:
+	find . -name ".terragrunt-cache" -type d -exec rm -rf {} \;
+	find . -name ".terraform" -type d -exec rm -rf {} \;
+	find . -name ".terraform.lock.hcl" -type f -exec rm  {} \;
+
+lint:
+	make lint-terraform
+	make pre-commit
+
+lint-terraform:
+	terraform fmt -recursive
+
+pre-commit:
+	pre-commit install
+	pre-commit autoupdate
+	pre-commit run --all-files
+
+######################
+# HELP
+######################
+
+help:
+	@echo '===================================================================='
+	@echo 'clean               - remove all Terraform caches and artifacts'
+	@echo 'lint                - run all code linters and formatters'
diff --git a/{{cookiecutter.github_repo_name}}/README.rst b/{{cookiecutter.github_repo_name}}/README.rst
@@ -197,8 +197,6 @@ This repository was generated using `Cookiecutter <https://cookiecutter.readthed
     - {{ cookiecutter.terraform_required_version }}
   * - Terraform Provider `Kubernetes <https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs>`_
     - {{ cookiecutter.terraform_provider_kubernetes_version }}
-  * - Terraform Provider `kubectl <https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs>`_
-    - {{ cookiecutter.terraform_provider_hashicorp_kubectl_version }}
   * - Terraform Provider `helm <https://registry.terraform.io/providers/hashicorp/helm/latest/docs>`_
     - {{ cookiecutter.terraform_provider_hashicorp_helm_version }}
   * - Terraform Provider `AWS <https://registry.terraform.io/providers/hashicorp/aws/latest/docs>`_

diff --git a/{{cookiecutter.github_repo_name}}/VERSION b/{{cookiecutter.github_repo_name}}/VERSION
@@ -1 +1 @@
-v1.1.0
+v1.2.0
diff --git a/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/main.tf b/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/main.tf
@@ -34,7 +34,6 @@ resource "null_resource" "init" {
     touch ${path.module}/output/cookiecutter_github_commit.state
     touch ${path.module}/output/cookiecutter_github_repository.state
     touch ${path.module}/output/cookiecutter_iam_arn.state
-    touch ${path.module}/output/cookiecutter_kubectl_version.state
     touch ${path.module}/output/cookiecutter_os.state
     touch ${path.module}/output/cookiecutter_terraform_version.state
     touch ${path.module}/output/cookiecutter_timestamp.state
@@ -117,12 +116,8 @@ resource "null_resource" "environment" {
     echo $cookiecutter_global_iam_arn > ${path.module}/output/cookiecutter_global_iam_arn.state
 
     #------------------------------------------------------------------------------
-    # 7. cookiecutter_kubectl_version
-    # get the current version of kubectl that is running on the machine executing
-    # this module.
+    # 7. REMOVED: cookiecutter_kubectl_version
     #------------------------------------------------------------------------------
-    cookiecutter_kubectl_version=$(kubectl version --output=json | jq -r '.["clientVersion"].gitVersion as $v | "\($v)"')
-    echo $cookiecutter_kubectl_version > ${path.module}/output/cookiecutter_kubectl_version.state
 
     #------------------------------------------------------------------------------
     # 8. cookiecutter_os
@@ -208,12 +203,8 @@ data "local_file" "cookiecutter_global_iam_arn" {
 }
 
 # 7. cookiecutter_kubectl_version
-data "local_file" "cookiecutter_kubectl_version" {
-  filename = "${path.module}/output/cookiecutter_kubectl_version.state"
-  depends_on = [
-    null_resource.environment
-  ]
-}
+# removed
+
 
 # 8. cookiecutter_os
 data "local_file" "cookiecutter_os" {

diff --git a/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/output.tf b/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/output.tf
@@ -9,7 +9,6 @@ output "tags" {
     "cookiecutter/meta/github_commit_date" = replace(tostring(data.local_file.cookiecutter_github_commit_date.content), "\n", "")
     "cookiecutter/meta/awscli_version"     = replace(tostring(data.local_file.cookiecutter_awscli_version.content), "\n", "")
     "cookiecutter/meta/terraform_version"  = replace(tostring(data.local_file.cookiecutter_terraform_version.content), "\n", "")
-    "cookiecutter/meta/kubectl_version"    = replace(tostring(data.local_file.cookiecutter_kubectl_version.content), "\n", "")
     "cookiecutter/meta/os"                 = replace(tostring(data.local_file.cookiecutter_os.content), "\n", "")
     "cookiecutter/meta/timestamp"          = replace(tostring(data.local_file.cookiecutter_timestamp.content), "\n", "")
   }

diff --git a/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/common/cookiecutter_meta/versions.tf
@@ -7,16 +7,13 @@
 # usage: build an EKS cluster load balancer that uses a Fargate Compute Cluster
 #------------------------------------------------------------------------------
 terraform {
-  required_version = "~> 1.3"
+  required_version = "{{ cookiecutter.terraform_required_version }}"
 
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.48"
-    }
-    local = {
-      source  = "hashicorp/local"
-      version = "~> 2.2"
+      version = "~> {{ cookiecutter.terraform_provider_hashicorp_aws_version }}"
     }
+    local = "{{ cookiecutter.terraform_provider_hashicorp_local_version }}"
   }
 }
diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/kubernetes/main.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/kubernetes/main.tf
@@ -8,7 +8,7 @@
 #        store the MySQL credentials in Kubernetes Secrets
 #------------------------------------------------------------------------------
 #------------------------------------------------------------------------------
-# Tutor deploys into this namespace, bc of a namesapce command-line argument
+# Tutor deploys into this namespace, bc of a namespace command-line argument
 # that we pass inside of GitHub Actions deploy workflow
 #------------------------------------------------------------------------------
 locals {

diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/kubernetes/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/kubernetes/versions.tf
@@ -26,9 +26,5 @@ terraform {
       source  = "hashicorp/kubernetes"
       version = "{{ cookiecutter.terraform_provider_kubernetes_version }}"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = "{{ cookiecutter.terraform_provider_hashicorp_kubectl_version }}"
-    }
   }
 }
diff --git a/...tter.github_repo_name}}/terraform/environments/modules/kubernetes_ingress_clb/versions.tf b/...tter.github_repo_name}}/terraform/environments/modules/kubernetes_ingress_clb/versions.tf
@@ -26,9 +26,5 @@ terraform {
       source  = "hashicorp/kubernetes"
       version = "~> 2.16"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = "~> 1.14"
-    }
   }
 }
diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/ses/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/ses/versions.tf
@@ -20,9 +20,5 @@ terraform {
       source  = "hashicorp/kubernetes"
       version = "{{ cookiecutter.terraform_provider_kubernetes_version }}"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = "{{ cookiecutter.terraform_provider_hashicorp_kubectl_version }}"
-    }
   }
 }
diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/wordpress/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/wordpress/versions.tf
@@ -26,10 +26,6 @@ terraform {
       source  = "hashicorp/kubernetes"
       version = "{{ cookiecutter.terraform_provider_kubernetes_version }}"
     }
-    kubectl = {
-      source  = "gavinbunney/kubectl"
-      version = "{{ cookiecutter.terraform_provider_hashicorp_kubectl_version }}"
-    }
     ssh = {
       source  = "loafoe/ssh"
       version = "{{ cookiecutter.terraform_provider_hashicorp_ssh_version }}"