feat: update k8s api and terraform map function (#240)

* feat: update deployment

* feat: update deployment

* feat: update deployment

* feat: update k8s provider version to "~> 2.7.0"

* feat: update api attributes

* feat: update map function

* feat: update kubernetes_deployment to kubernetes_deployment_v1

* feat: update attribute

* feat: update attribute

* feat: update tag

* feat: update tag

* fix: readonly

* fix: readwrite

* fix: update tags

* feat: fix tolist

* fix: tomap

* fix: to map

* feat: updata change log

* Update CHANGELOG.md

* feat: update release version

* feat: fix attribute name

CHANGELOG.md

@@ -3,6 +3,11 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [7.0.0] - 2023-11-16
+### Changed
+- Changed `k8s` API to work with provider 2.x
+- Changed Terraform `map` to `tomap` to make it work with newer TF provider(The map function was deprecated in Terraform v0.12 and is no longer available).
+
 ## [6.19.1] - 2023-08-25
 ### Fixed
 - `customer_condition` to ignore trailing semicolon.

db.tf

@@ -10,7 +10,7 @@ resource "aws_db_subnet_group" "apiarydbsg" {
   subnet_ids  = var.private_subnets
   description = "Apiary DB Subnet Group"
 
-  tags = merge(map("Name", "Apiary DB Subnet Group"), var.apiary_tags)
+  tags = merge(tomap({"Name"="Apiary DB Subnet Group"}), var.apiary_tags)
 }
 
 resource "aws_security_group" "db_sg" {
@@ -50,7 +50,7 @@ resource "aws_rds_cluster_parameter_group" "apiary_rds_param_group" {
   name        = "${local.instance_alias}-param-group"
   family      = var.rds_family # Needs to be kept in sync with aws_rds_cluster.apiary_cluster.engine and version
   description = "Apiary-specific Aurora parameters"
-  tags        = merge(map("Name", "${local.instance_alias}-param-group"), var.apiary_tags)
+  tags        = merge(tomap({"Name"="${local.instance_alias}-param-group"}), var.apiary_tags)
 
   parameter {
     name  = "max_allowed_packet"
@@ -72,7 +72,7 @@ resource "aws_rds_cluster" "apiary_cluster" {
   preferred_backup_window             = var.db_backup_window
   preferred_maintenance_window        = var.db_maintenance_window
   db_subnet_group_name                = aws_db_subnet_group.apiarydbsg[0].name
-  vpc_security_group_ids              = compact(concat(list(aws_security_group.db_sg[0].id), var.apiary_rds_additional_sg))
+  vpc_security_group_ids              = compact(concat(tolist([aws_security_group.db_sg[0].id]), var.apiary_rds_additional_sg))
   tags                                = var.apiary_tags
   final_snapshot_identifier           = "${local.instance_alias}-cluster-final-${random_id.snapshot_id[0].hex}"
   iam_database_authentication_enabled = true
@@ -123,9 +123,10 @@ resource "aws_secretsmanager_secret_version" "apiary_mysql_master_credentials" {
   count     = var.external_database_host == "" ? 1 : 0
   secret_id = aws_secretsmanager_secret.apiary_mysql_master_credentials[0].id
   secret_string = jsonencode(
-    map(
-      "username", var.db_master_username,
-      "password", random_string.db_master_password[0].result
+    tomap({
+      "username"=var.db_master_username,
+      "password"=random_string.db_master_password[0].result
+      }
     )
   )
 }

k8s-housekeeper.tf

@@ -4,7 +4,7 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  */
 
-resource "kubernetes_deployment" "apiary_hms_housekeeper" {
+resource "kubernetes_deployment_v1" "apiary_hms_housekeeper" {
   count = var.hms_instance_type == "k8s" && var.enable_hms_housekeeper ? 1 : 0
   metadata {
     name      = "${local.hms_alias}-housekeeper"
@@ -157,11 +157,11 @@ resource "kubernetes_deployment" "apiary_hms_housekeeper" {
           }
 
           resources {
-            limits {
+            limits = {
               cpu    = 0.5
               memory = "2048Mi"
             }
-            requests {
+            requests = {
               cpu    = 0.5
               memory = "2048Mi"
             }
@@ -173,4 +173,4 @@ resource "kubernetes_deployment" "apiary_hms_housekeeper" {
       }
     }
   }
-}
+}

k8s-readonly.tf

@@ -4,7 +4,7 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  */
 
-resource "kubernetes_deployment" "apiary_hms_readonly" {
+resource "kubernetes_deployment_v1" "apiary_hms_readonly" {
   count = var.hms_instance_type == "k8s" ? 1 : 0
   metadata {
     name      = "${local.hms_alias}-readonly"
@@ -218,11 +218,11 @@ resource "kubernetes_deployment" "apiary_hms_readonly" {
           }
 
           resources {
-            limits {
+            limits = {
               cpu    = local.k8s_ro_cpu_limit
               memory = "${var.hms_ro_heapsize}Mi"
             }
-            requests {
+            requests = {
               cpu    = local.k8s_ro_cpu
               memory = "${var.hms_ro_heapsize}Mi"
             }
@@ -253,7 +253,7 @@ resource "kubernetes_horizontal_pod_autoscaler" "hms_readonly" {
     scale_target_ref {
       api_version = "apps/v1"
       kind        = "Deployment"
-      name        = kubernetes_deployment.apiary_hms_readonly[0].metadata[0].name
+      name        = kubernetes_deployment_v1.apiary_hms_readonly[0].metadata[0].name
     }
   }
 }
@@ -283,5 +283,5 @@ resource "kubernetes_service" "hms_readonly" {
 
 data "aws_lb" "k8s_hms_ro_lb" {
   count = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? 1 : 0
-  name  = split("-", split(".", kubernetes_service.hms_readonly.0.load_balancer_ingress.0.hostname).0).0
+  name  = split("-", split(".", kubernetes_service.hms_readonly[0].status.0.load_balancer.0.ingress.0.hostname).0).0
 }

k8s-readwrite.tf

@@ -4,7 +4,7 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  */
 
-resource "kubernetes_deployment" "apiary_hms_readwrite" {
+resource "kubernetes_deployment_v1" "apiary_hms_readwrite" {
   count = var.hms_instance_type == "k8s" ? 1 : 0
   metadata {
     name      = "${local.hms_alias}-readwrite"
@@ -258,11 +258,11 @@ resource "kubernetes_deployment" "apiary_hms_readwrite" {
           }
 
           resources {
-            limits {
+            limits   = {
               cpu    = local.k8s_rw_cpu_limit
               memory = "${var.hms_rw_heapsize}Mi"
             }
-            requests {
+            requests = {
               cpu    = local.k8s_rw_cpu
               memory = "${var.hms_rw_heapsize}Mi"
             }
@@ -301,5 +301,5 @@ resource "kubernetes_service" "hms_readwrite" {
 
 data "aws_lb" "k8s_hms_rw_lb" {
   count = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? 1 : 0
-  name  = split("-", split(".", kubernetes_service.hms_readwrite.0.load_balancer_ingress.0.hostname).0).0
+  name  = split("-", split(".", kubernetes_service.hms_readwrite[0].status.0.load_balancer.0.ingress.0.hostname).0).0
 }

ouputs.tf

@@ -1,9 +1,9 @@
 output "hms_readonly_load_balancers" {
-  value = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? kubernetes_service.hms_readonly[0].load_balancer_ingress.*.hostname : []
+  value = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? kubernetes_service.hms_readonly[0].status.0.load_balancer.0.ingress.0.hostname : []
 }
 
 output "hms_readwrite_load_balancers" {
-  value = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? kubernetes_service.hms_readwrite[0].load_balancer_ingress.*.hostname : []
+  value = var.hms_instance_type == "k8s" && var.enable_vpc_endpoint_services ? kubernetes_service.hms_readwrite[0].status.0.load_balancer.0.ingress.0.hostname : []
 }
 
 output "managed_database_host" {

route53.tf

@@ -46,7 +46,7 @@ resource "aws_route53_record" "hms_readwrite" {
   zone_id = aws_route53_zone.apiary[0].id
   type    = "CNAME"
   ttl     = "300"
-  records = kubernetes_service.hms_readwrite[0].load_balancer_ingress.*.hostname
+  records = kubernetes_service.hms_readwrite[0].status.0.load_balancer.0.ingress.*.hostname
 }
 
 resource "aws_route53_record" "hms_readonly" {
@@ -56,5 +56,5 @@ resource "aws_route53_record" "hms_readonly" {
   zone_id = aws_route53_zone.apiary[0].id
   type    = "CNAME"
   ttl     = "300"
-  records = kubernetes_service.hms_readonly[0].load_balancer_ingress.*.hostname
+  records = kubernetes_service.hms_readonly[0].status.0.load_balancer.0.ingress.*.hostname
 }

s3-other.tf

@@ -8,7 +8,7 @@ resource "aws_s3_bucket" "apiary_inventory_bucket" {
   count  = var.s3_enable_inventory == true ? 1 : 0
   bucket = local.s3_inventory_bucket
   acl    = "private"
-  tags   = merge(map("Name", "${local.s3_inventory_bucket}"), "${var.apiary_tags}")
+  tags   = merge(tomap({"Name"="${local.s3_inventory_bucket}"}), "${var.apiary_tags}")
   policy = <<EOF
 {
   "Version":"2012-10-17",
@@ -97,7 +97,7 @@ resource "aws_s3_bucket" "apiary_managed_logs_bucket" {
   count  = local.enable_apiary_s3_log_management ? 1 : 0
   bucket = local.apiary_s3_logs_bucket
   acl    = "log-delivery-write"
-  tags   = merge(map("Name", local.apiary_s3_logs_bucket), var.apiary_tags)
+  tags   = merge(tomap({"Name"=local.apiary_s3_logs_bucket}), var.apiary_tags)
   policy = <<EOF
 {
   "Version":"2012-10-17",
@@ -167,7 +167,7 @@ resource "aws_s3_bucket_notification" "apiary_managed_logs_bucket" {
 resource "aws_s3_bucket" "apiary_access_logs_hive" {
   count  = local.enable_apiary_s3_log_hive ? 1 : 0
   bucket = local.apiary_s3_hive_logs_bucket
-  tags   = merge(map("Name", local.apiary_s3_hive_logs_bucket), var.apiary_tags)
+  tags   = merge(tomap({"Name"=local.apiary_s3_hive_logs_bucket}), var.apiary_tags)
   policy = <<EOF
 {
   "Version":"2012-10-17",
@@ -217,7 +217,7 @@ resource "aws_s3_bucket_public_access_block" "apiary_access_logs_hive" {
 
 resource "aws_s3_bucket" "apiary_system" {
   bucket = local.apiary_system_bucket
-  tags   = merge(map("Name", local.apiary_system_bucket), var.apiary_tags)
+  tags   = merge(tomap({"Name"=local.apiary_system_bucket}), var.apiary_tags)
   policy = <<EOF
 {
   "Version":"2012-10-17",

s3.tf

@@ -41,7 +41,7 @@ resource "aws_s3_bucket" "apiary_data_bucket" {
   acl           = "private"
   request_payer = "BucketOwner"
   policy        = local.bucket_policy_map[each.key]
-  tags = merge(map("Name", each.value["data_bucket"]),
+  tags = merge(tomap({"Name"=each.value["data_bucket"]}),
     var.apiary_tags,
   jsondecode(lookup(each.value, "tags", "{}")))
 

version.tf

@@ -9,7 +9,7 @@ terraform {
   required_providers {
     kubernetes = {
       source  = "hashicorp/kubernetes"
-      version = "~> 1.0"
+      version = "~> 2.7.0"
     }
     aws = {
       source  = "hashicorp/aws"

vpc-endpoint-service.tf

@@ -9,7 +9,7 @@ resource "aws_vpc_endpoint_service" "hms_readonly" {
   network_load_balancer_arns = compact(concat(aws_lb.apiary_hms_ro_lb.*.arn, data.aws_lb.k8s_hms_ro_lb.*.arn))
   acceptance_required        = false
   allowed_principals         = formatlist("arn:aws:iam::%s:root", var.apiary_customer_accounts)
-  tags                       = merge(map("Name", "${local.instance_alias}-hms-readonly"), "${var.apiary_tags}")
+  tags                       = merge(tomap({"Name"="${local.instance_alias}-hms-readonly"}), "${var.apiary_tags}")
 }
 
 resource "aws_vpc_endpoint_connection_notification" "hms_readonly" {
@@ -24,7 +24,7 @@ resource "aws_vpc_endpoint_service" "hms_readwrite" {
   network_load_balancer_arns = compact(concat(aws_lb.apiary_hms_rw_lb.*.arn, data.aws_lb.k8s_hms_rw_lb.*.arn))
   acceptance_required        = false
   allowed_principals         = distinct(compact(concat(local.assume_allowed_principals, local.producer_allowed_principals)))
-  tags                       = merge(map("Name", "${local.instance_alias}-hms-readwrite"), "${var.apiary_tags}")
+  tags                       = merge(tomap({"Name"="${local.instance_alias}-hms-readwrite"}), "${var.apiary_tags}")
 }
 
 resource "aws_vpc_endpoint_connection_notification" "hms_readwrite" {