Skip to content

Commit

Permalink
Use public module and remove connection to kube and helm
Browse files Browse the repository at this point in the history
  • Loading branch information
barroco committed Dec 22, 2023
1 parent 8cffe67 commit 11f491e
Show file tree
Hide file tree
Showing 9 changed files with 37 additions and 74 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/dss-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,4 @@ jobs:
env:
COMPOSE_PROFILES: aws-1
run: |
docker compose up --exit-code-from ci-aws-1
docker compose up --exit-code-from ci-aws-1 || docker-compose logs -n 100 ci-aws-1
1 change: 0 additions & 1 deletion deploy/infrastructure/modules/terraform-aws-dss/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ module "terraform-aws-kubernetes" {
crdb_hostname_suffix = var.crdb_hostname_suffix
aws_instance_type = var.aws_instance_type
aws_route53_zone_id = var.aws_route53_zone_id
aws_iam_path = var.aws_iam_path
aws_iam_permissions_boundary = var.aws_iam_permissions_boundary
node_count = var.node_count

Expand Down
11 changes: 10 additions & 1 deletion deploy/infrastructure/modules/terraform-aws-dss/output.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,19 @@ output "gateway_address" {
value = module.terraform-aws-kubernetes.gateway_address
}

output "iam_role_node_group_arn" {
value = module.terraform-aws-kubernetes.iam_role_node_group_arn
}

output "generated_files_location" {
value = module.terraform-commons-dss.generated_files_location
}

output "workspace_location" {
value = module.terraform-commons-dss.workspace_location
}

output "cluster_context" {
value = module.terraform-aws-kubernetes.kubernetes_context_name
}
}

2 changes: 2 additions & 0 deletions deploy/operations/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv
&& rm awscliv2.zip \
&& ./aws/install

RUN aws --version

# Kubectl && Helm
RUN curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list \
Expand Down
4 changes: 2 additions & 2 deletions deploy/operations/ci/aws-1/kubernetes_admin_access.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ resource "local_file" "aws-auth-config-map" {
"system:bootstrappers",
"system:nodes"
]
rolearn = module.terraform-aws-kubernetes.iam_role_node_group_arn
rolearn = module.terraform-aws-dss.iam_role_node_group_arn
username = "system:node:{{EC2PrivateDNSName}}"
},
{
Expand All @@ -37,5 +37,5 @@ resource "local_file" "aws-auth-config-map" {
}
})

filename = "${module.terraform-commons-dss.workspace_location}/aws_auth_config_map.yml"
filename = "${module.terraform-aws-dss.workspace_location}/aws_auth_config_map.yml"
}
52 changes: 14 additions & 38 deletions deploy/operations/ci/aws-1/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,46 +6,22 @@ terraform {
}
}

module "terraform-aws-kubernetes" {
# See variables.tf for variables description.
cluster_name = var.cluster_name
aws_region = var.aws_region
module "terraform-aws-dss" {
source = "../../../infrastructure/modules/terraform-aws-dss"

app_hostname = var.app_hostname
crdb_hostname_suffix = var.crdb_hostname_suffix
authorization = var.authorization
aws_iam_permissions_boundary = var.aws_iam_permissions_boundary
aws_instance_type = var.aws_instance_type
aws_kubernetes_storage_class = var.aws_kubernetes_storage_class
aws_region = var.aws_region
aws_route53_zone_id = var.aws_route53_zone_id
aws_iam_permissions_boundary = var.aws_iam_permissions_boundary
node_count = var.node_count

source = "../../../infrastructure/dependencies/terraform-aws-kubernetes"
cluster_name = var.cluster_name
crdb_hostname_suffix = var.crdb_hostname_suffix
crdb_locality = var.crdb_locality
image = var.image
node_count = 3
should_init = true
enable_scd = true
}

module "terraform-commons-dss" {
# See variables.tf for variables description.
image = var.image
image_pull_secret = var.image_pull_secret
kubernetes_namespace = var.kubernetes_namespace
kubernetes_storage_class = var.aws_kubernetes_storage_class
app_hostname = var.app_hostname
crdb_hostname_suffix = var.crdb_hostname_suffix
should_init = var.should_init
authorization = var.authorization
crdb_locality = var.crdb_locality
crdb_internal_nodes = module.terraform-aws-kubernetes.crdb_nodes
ip_gateway = module.terraform-aws-kubernetes.ip_gateway
kubernetes_api_endpoint = module.terraform-aws-kubernetes.kubernetes_api_endpoint
kubernetes_cloud_provider_name = module.terraform-aws-kubernetes.kubernetes_cloud_provider_name
kubernetes_context_name = module.terraform-aws-kubernetes.kubernetes_context_name
kubernetes_get_credentials_cmd = module.terraform-aws-kubernetes.kubernetes_get_credentials_cmd
workload_subnet = module.terraform-aws-kubernetes.workload_subnet
gateway_cert_name = module.terraform-aws-kubernetes.app_hostname_cert_arn

source = "../../../infrastructure/dependencies/terraform-commons-dss"
}
terraform {
backend "s3" {
bucket = "interuss-tf-backend-ci"
key = "aws-1"
region = "us-east-1"
}
}
8 changes: 4 additions & 4 deletions deploy/operations/ci/aws-1/output.tf
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
output "generated_files_location" {
value = module.terraform-commons-dss.generated_files_location
value = module.terraform-aws-dss.generated_files_location
}

output "workspace_location" {
value = module.terraform-commons-dss.workspace_location
value = module.terraform-aws-dss.workspace_location
}

output "kubernetes_context" {
value = module.terraform-aws-kubernetes.kubernetes_context_name
output "cluster_context" {
value = module.terraform-aws-dss.cluster_context
}
24 changes: 0 additions & 24 deletions deploy/operations/ci/aws-1/providers.tf
Original file line number Diff line number Diff line change
@@ -1,27 +1,3 @@
provider "aws" {
region = "us-east-1"
}

data "aws_eks_cluster_auth" "kubernetes_cluster" {
name = var.cluster_name
depends_on = [module.terraform-aws-kubernetes]
}

data "aws_eks_cluster" "kubernetes_cluster" {
name = var.cluster_name
depends_on = [module.terraform-aws-kubernetes]
}

provider kubernetes {
host = data.aws_eks_cluster.kubernetes_cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.kubernetes_cluster.certificate_authority[0].data)
token = data.aws_eks_cluster_auth.kubernetes_cluster.token
}

provider "helm" {
kubernetes {
host = data.aws_eks_cluster.kubernetes_cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.kubernetes_cluster.certificate_authority[0].data)
token = data.aws_eks_cluster_auth.kubernetes_cluster.token
}
}
7 changes: 4 additions & 3 deletions deploy/operations/ci/aws-1/test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,14 @@ cd "${BASEDIR}" || exit 1
terraform init
# TODO: Fail if env is not clean

# Deploy the Kubernetes cluster
## Deploy the Kubernetes cluster
terraform apply -auto-approve
KUBE_CONTEXT="$(terraform output -raw kubernetes_context)"
KUBE_CONTEXT="$(terraform output -raw cluster_context)"
WORKSPACE_LOCATION="$(terraform output -raw workspace_location)"

cd "${WORKSPACE_LOCATION}"
./get-credentials.sh
echo "Authenticated"
aws sts get-caller-identity

# Allow access to the cluster to AWS admins
Expand All @@ -39,7 +40,7 @@ helm upgrade --install --kube-context="$KUBE_CONTEXT" -f "${WORKSPACE_LOCATION}/
# TODO: Test the deployment of the DSS

if [ -n "$DO_NOT_DESTROY" ]; then
"No destroy required. Stop."
"Destroy disabled. Exit."
exit 0
fi

Expand Down

0 comments on commit 11f491e

Please sign in to comment.