Skip to content

Commit

Permalink
fix: Align creation of k8s namespaces and service account in addons
Browse files Browse the repository at this point in the history
  • Loading branch information
atorrescogollo committed Mar 8, 2023
1 parent e0e9aeb commit 3dbe341
Show file tree
Hide file tree
Showing 23 changed files with 26 additions and 26 deletions.
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/adot-collector-haproxy/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)
irsa_iam_policies = ["arn:${data.aws_partition.current.partition}:iam::aws:policy/AmazonPrometheusRemoteWriteAccess"]
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/adot-collector-java/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)
irsa_iam_policies = ["arn:${data.aws_partition.current.partition}:iam::aws:policy/AmazonPrometheusRemoteWriteAccess"]
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/adot-collector-memcached/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)
irsa_iam_policies = ["arn:${data.aws_partition.current.partition}:iam::aws:policy/AmazonPrometheusRemoteWriteAccess"]
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/adot-collector-nginx/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)
irsa_iam_policies = ["arn:${data.aws_partition.current.partition}:iam::aws:policy/AmazonPrometheusRemoteWriteAccess"]
Expand Down
4 changes: 2 additions & 2 deletions modules/kubernetes-addons/appmesh-controller/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@ module "helm_addon" {
]

irsa_config = {
create_kubernetes_namespace = true
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)
irsa_iam_policies = concat([aws_iam_policy.this.arn], var.irsa_policies)
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-cloudwatch-metrics/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ locals {
kubernetes_service_account = local.service_account
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
irsa_iam_policies = concat(["arn:${var.addon_context.aws_partition_id}:iam::aws:policy/CloudWatchAgentServerPolicy"], var.irsa_policies)
}

Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-ebs-csi-driver/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config.create_namespace, false)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = local.service_account
irsa_iam_policies = concat([aws_iam_policy.aws_ebs_csi_driver[0].arn], lookup(var.helm_config, "additional_iam_policies", []))
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-efs-csi-driver/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ module "helm_addon" {
kubernetes_namespace = local.namespace
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(var.helm_config.create_namespace, false)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.aws_efs_csi_driver.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-for-fluentbit/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.aws_for_fluent_bit.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-fsx-csi-driver/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.aws_fsx_csi_driver.arn], var.irsa_policies)
tags = var.addon_context.tags
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = [aws_iam_policy.aws_load_balancer_controller.arn]
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ locals {
irsa_config = {
kubernetes_namespace = local.namespace
kubernetes_service_account = local.service_account
create_kubernetes_namespace = false
create_kubernetes_service_account = true
create_kubernetes_namespace = try(var.helm_config["create_namespace"], false)
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.aws_node_termination_handler_irsa.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/aws-privateca-issuer/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ locals {
irsa_config = {
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
kubernetes_namespace = local.helm_config["namespace"]
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = local.service_account
irsa_iam_policies = concat([aws_iam_policy.aws_privateca_issuer.arn], var.irsa_policies)
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/cert-manager/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
kubernetes_svc_image_pull_secrets = var.kubernetes_svc_image_pull_secrets
irsa_iam_policies = concat([aws_iam_policy.cert_manager.arn], var.irsa_policies)
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/cluster-autoscaler/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config.create_namespace, false)
kubernetes_namespace = local.namespace
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = local.service_account
irsa_iam_policies = [aws_iam_policy.cluster_autoscaler.arn]
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/external-dns/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ module "helm_addon" {
irsa_config = {
create_kubernetes_namespace = try(var.helm_config.create_namespace, true)
kubernetes_namespace = try(var.helm_config.namespace, local.name)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = local.service_account
irsa_iam_policies = concat([aws_iam_policy.external_dns.arn], var.irsa_policies)
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/external-secrets/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.external_secrets.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/grafana/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = try(var.helm_config.service_account, local.name)
create_kubernetes_namespace = try(local.helm_config.create_namespace, true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.grafana.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/karpenter/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.karpenter.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/keda/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = local.service_account
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = concat([aws_iam_policy.keda_irsa.arn], var.irsa_policies)
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/spark-history-server/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ locals {
kubernetes_namespace = local.helm_config["namespace"]
kubernetes_service_account = try(var.helm_config.service_account, local.name)
create_kubernetes_namespace = try(local.helm_config["create_namespace"], true)
create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = length(var.irsa_policies) > 0 ? var.irsa_policies : ["arn:${var.addon_context.aws_partition_id}:iam::aws:policy/AmazonS3ReadOnlyAccess"]
}
Expand Down
4 changes: 2 additions & 2 deletions modules/kubernetes-addons/thanos/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ locals {
irsa_config = {
kubernetes_namespace = local.namespace
kubernetes_service_account = local.service_account
create_kubernetes_namespace = false
create_kubernetes_service_account = true
create_kubernetes_namespace = try(var.helm_config["create_namespace"], false)
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(local.helm_config["create_service_account_secret_token"], false)
irsa_iam_policies = var.irsa_policies
}
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes-addons/velero/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ module "helm_addon" {
create_kubernetes_namespace = try(var.helm_config["create_namespace"], true)
kubernetes_namespace = local.namespace

create_kubernetes_service_account = true
create_kubernetes_service_account = try(var.helm_config["create_service_account"], true)
create_service_account_secret_token = try(var.helm_config["create_service_account_secret_token"], false)
kubernetes_service_account = try(var.helm_config.service_account, local.name)

Expand Down

0 comments on commit 3dbe341

Please sign in to comment.