diff --git a/.github/workflows/cluster.yaml b/.github/workflows/cluster.yaml new file mode 100644 index 0000000..b2876fb --- /dev/null +++ b/.github/workflows/cluster.yaml @@ -0,0 +1,35 @@ +name: Validate Cluster + +on: + push: + branches: [ main ] + # paths: + # - "./cluster/*" + pull_request: + branches: [ main ] + # paths: + # - "./cluster/*" + +env: + TERRAFORM_VERSION: 1.4.2 + +jobs: + build: + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./cluster + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ env.TERRAFORM_VERSION }} + - name: Init + run: terraform init + - name: Format + run: terraform fmt -check + - name: Validate + run: terraform validate -no-color diff --git a/.github/workflows/config.yaml b/.github/workflows/config.yaml new file mode 100644 index 0000000..1045b71 --- /dev/null +++ b/.github/workflows/config.yaml @@ -0,0 +1,35 @@ +name: Validate Config + +on: + push: + branches: [ main ] + # paths: + # - "./config/*" + pull_request: + branches: [ main ] + # paths: + # - "./config/*" + +env: + TERRAFORM_VERSION: 1.4.2 + +jobs: + build: + runs-on: ubuntu-latest + defaults: + run: + shell: bash + working-directory: ./config + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ env.TERRAFORM_VERSION }} + - name: Init + run: terraform init + - name: Format + run: terraform fmt -check + - name: Validate + run: terraform validate -no-color \ No newline at end of file diff --git a/README.md b/README.md index 3c899a9..c2fe51e 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,9 @@ export TF_VAR_AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY export TF_VAR_AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN ``` +## Workspaces +The definition of resources required for running RADAR-base components is located in the `cluster` directory, while other optional resources are defined in the `config` directory. Please treat each directory as a separate workspace and perform terraform operations individually. The `cluster` resources need to be created and fully available before you proceed with the creation of the `config` ones. + ## Configure your domain name (optional) To get DNS and SMTP working, you need to replace `change-me-radar-base-dummy-domain.net` with your registered second-level domain name for variable `domain_name` in `variables.tf`. diff --git a/cluster/eks.tf b/cluster/eks.tf index fb2b10d..680eb24 100644 --- a/cluster/eks.tf +++ b/cluster/eks.tf @@ -38,8 +38,8 @@ module "external_dns_irsa" { source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" version = "~> 5.0" - role_name = "${var.environment}-radar-base-external-dns-irsa" - attach_external_dns_policy = true + role_name = "${var.environment}-radar-base-external-dns-irsa" + attach_external_dns_policy = true external_dns_hosted_zone_arns = ["arn:aws:route53:::hostedzone/${aws_route53_zone.primary.id}"] oidc_providers = { @@ -56,8 +56,8 @@ module "cert_manager_irsa" { source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" version = "~> 5.0" - role_name = "${var.environment}-radar-base-cert-manager-irsa" - attach_cert_manager_policy = true + role_name = "${var.environment}-radar-base-cert-manager-irsa" + attach_cert_manager_policy = true cert_manager_hosted_zone_arns = ["arn:aws:route53:::hostedzone/${aws_route53_zone.primary.id}"] oidc_providers = { @@ -247,15 +247,3 @@ output "radar_base_eks_dmz_node_group_name" { output "radar_base_eks_worker_node_group_name" { value = element(split(":", module.eks.eks_managed_node_groups.worker.node_group_id), 1) } - -# output "radar_base_eks_karpenter_irsa_arn" { -# value = module.karpenter.irsa_arn -# } - -# output "radar_base_eks_karpenter_interruption_queue_name" { -# value = module.karpenter.queue_name -# } - -# output "radar_base_eks_karpenter_instance_profile" { -# value = module.karpenter.instance_profile_name -# } \ No newline at end of file diff --git a/config/karpenter.tf b/config/karpenter.tf index 6ce3ff9..7cf144f 100644 --- a/config/karpenter.tf +++ b/config/karpenter.tf @@ -17,8 +17,8 @@ data "aws_eks_node_group" "worker" { cluster_name = var.cluster_name node_group_name = join("-", [ element(split("-", [for asg in data.aws_autoscaling_groups.main.names : asg if startswith(asg, "eks-worker-")][0]), 1), - element(split("-", [for asg in data.aws_autoscaling_groups.main.names : asg if startswith(asg, "eks-worker-")][0]), 2) - ]) + element(split("-", [for asg in data.aws_autoscaling_groups.main.names : asg if startswith(asg, "eks-worker-")][0]), 2), + ]) # This is really hacky and there's gonna be a better way of extracting this. } locals { diff --git a/config/variables.tf b/config/variables.tf index a252628..3d96b35 100644 --- a/config/variables.tf +++ b/config/variables.tf @@ -45,15 +45,3 @@ variable "instance_capacity_type" { error_message = "Invalid instance capacity type. Allowed values are 'ON_DEMAND' or 'SPOT'." } } - -# variable "karpenter_irsa_arn" { -# type = string -# } - -# variable "karpenter_instance_profile" { -# type = string -# } - -# variable "karpenter_interruption_queue_name" { -# type = string -# } \ No newline at end of file