Skip to content

Commit

Permalink
Adding dependency on cert requests for App Gateways
Browse files Browse the repository at this point in the history
  • Loading branch information
Arnaud Lheureux committed Feb 1, 2021
1 parent b1f7e29 commit 4881088
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 50 deletions.
5 changes: 3 additions & 2 deletions application_gateways.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
module "application_gateways" {
source = "./modules/networking/application_gateway"
for_each = local.networking.application_gateways
depends_on = [module.keyvault_certificate_requests]
source = "./modules/networking/application_gateway"
for_each = local.networking.application_gateways

global_settings = local.global_settings
client_config = local.client_config
Expand Down
3 changes: 2 additions & 1 deletion modules/compute/aks/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,8 +69,9 @@ No requirements.

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| admin\_group\_ids | n/a | `any` | n/a | yes |
| admin\_group\_object\_ids | n/a | `any` | n/a | yes |
| base\_tags | Base tags for the resource to be inherited from the resource group. | `map` | n/a | yes |
| client\_config | n/a | `any` | n/a | yes |
| diagnostic\_profiles | n/a | `any` | `null` | no |
| diagnostics | n/a | `any` | n/a | yes |
| global\_settings | Global settings object (see module README.md) | `any` | n/a | yes |
Expand Down
94 changes: 47 additions & 47 deletions modules/compute/aks/aks.tf
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ resource "azurecaf_name" "rg_node" {

resource "azurerm_kubernetes_cluster" "aks" {

name = azurecaf_name.aks.result
location = var.resource_group.location
resource_group_name = var.resource_group.name
name = azurecaf_name.aks.result
location = var.resource_group.location
resource_group_name = var.resource_group.name

default_node_pool {
name = var.settings.default_node_pool.name //azurecaf_name.default_node_pool.result
Expand All @@ -60,53 +60,53 @@ resource "azurerm_kubernetes_cluster" "aks" {
tags = merge(try(var.settings.default_node_pool.tags, {}), local.tags)
}

dns_prefix = try(var.settings.dns_prefix, random_string.prefix.result)
dns_prefix = try(var.settings.dns_prefix, random_string.prefix.result)

dynamic "addon_profile" {
for_each = lookup(var.settings, "addon_profile", null) == null ? [] : [1]

content {
dynamic "aci_connector_linux" {
for_each = try(var.settings.addon_profile.aci_connector_linux[*], {})

content {
enabled = aci_connector_linux.value.enabled
subnet_name = aci_connector_linux.value.subnet_name
}
}

dynamic "azure_policy" {
for_each = try(var.settings.addon_profile.azure_policy[*], {})

content {
enabled = azure_policy.value.enabled
enabled = azure_policy.value.enabled
}
}

dynamic "http_application_routing" {
for_each = try(var.settings.addon_profile.http_application_routing[*], {})

content {
enabled = http_application_routing.value.enabled
enabled = http_application_routing.value.enabled
}
}

dynamic "kube_dashboard" {
for_each = try(var.settings.addon_profile.kube_dashboard[*], [{enabled = false}])
for_each = try(var.settings.addon_profile.kube_dashboard[*], [{ enabled = false }])

content {
enabled = kube_dashboard.value.enabled
enabled = kube_dashboard.value.enabled
}
}

dynamic "oms_agent" {
for_each = try(var.settings.addon_profile.oms_agent[*], {})

content {
enabled = oms_agent.value.enabled
log_analytics_workspace_id = try(oms_agent.value.log_analytics_workspace_id, try(var.diagnostics.log_analytics[oms_agent.value.log_analytics_key].id,null))
enabled = oms_agent.value.enabled
log_analytics_workspace_id = try(oms_agent.value.log_analytics_workspace_id, try(var.diagnostics.log_analytics[oms_agent.value.log_analytics_key].id, null))
dynamic "oms_agent_identity" {
for_each = try(oms_agent.value.oms_agent_identity[*],{})
for_each = try(oms_agent.value.oms_agent_identity[*], {})

content {
client_id = oms_agent_identity.value.client_id
Expand All @@ -119,28 +119,28 @@ resource "azurerm_kubernetes_cluster" "aks" {
}
}

api_server_authorized_ip_ranges = try(var.settings.api_server_authorized_ip_ranges,null)
api_server_authorized_ip_ranges = try(var.settings.api_server_authorized_ip_ranges, null)

dynamic "auto_scaler_profile" {
for_each = try(var.settings.auto_scaler_profile[*], {})

content {
balance_similar_node_groups = try(auto_scaler_profile.value.balance_similar_node_groups,null)
max_graceful_termination_sec = try(auto_scaler_profile.value.max_graceful_termination_sec,null)
scale_down_delay_after_add = try(auto_scaler_profile.value.scale_down_delay_after_add,null)
scale_down_delay_after_delete = try(auto_scaler_profile.value.scale_down_delay_after_delete,null)
scale_down_delay_after_failure = try(auto_scaler_profile.value.scale_down_delay_after_failure,null)
scan_interval = try(auto_scaler_profile.value.scan_interval,null)
scale_down_unneeded = try(auto_scaler_profile.value.scale_down_unneeded,null)
scale_down_unready = try(auto_scaler_profile.value.scale_down_unready,null)
scale_down_utilization_threshold = try(auto_scaler_profile.value.scale_down_utilization_threshold,null)
balance_similar_node_groups = try(auto_scaler_profile.value.balance_similar_node_groups, null)
max_graceful_termination_sec = try(auto_scaler_profile.value.max_graceful_termination_sec, null)
scale_down_delay_after_add = try(auto_scaler_profile.value.scale_down_delay_after_add, null)
scale_down_delay_after_delete = try(auto_scaler_profile.value.scale_down_delay_after_delete, null)
scale_down_delay_after_failure = try(auto_scaler_profile.value.scale_down_delay_after_failure, null)
scan_interval = try(auto_scaler_profile.value.scan_interval, null)
scale_down_unneeded = try(auto_scaler_profile.value.scale_down_unneeded, null)
scale_down_unready = try(auto_scaler_profile.value.scale_down_unready, null)
scale_down_utilization_threshold = try(auto_scaler_profile.value.scale_down_utilization_threshold, null)
}
}

disk_encryption_set_id = try(var.settings.disk_encryption_set_id, null)

dynamic "identity" {
for_each = try(var.settings.identity[*],{})
for_each = try(var.settings.identity[*], {})

content {
type = identity.value.type
Expand All @@ -149,14 +149,14 @@ resource "azurerm_kubernetes_cluster" "aks" {

# Enabled RBAC
dynamic "role_based_access_control" {
for_each = try(var.settings.role_based_access_control[*],{})
for_each = try(var.settings.role_based_access_control[*], {})

content {
enabled = try(role_based_access_control.value.enabled, true)

dynamic "azure_active_directory" {
for_each = try(var.settings.role_based_access_control.azure_active_directory[*],{})
for_each = try(var.settings.role_based_access_control.azure_active_directory[*], {})

content {
managed = azure_active_directory.value.managed
tenant_id = try(azure_active_directory.value.tenant_id, null)
Expand All @@ -169,7 +169,7 @@ resource "azurerm_kubernetes_cluster" "aks" {
}
}

kubernetes_version = try(var.settings.kubernetes_version, null)
kubernetes_version = try(var.settings.kubernetes_version, null)

# dynamic "linux_profile" {
# for_each = var.settings.linux_profile == null ? [] : [1]
Expand All @@ -179,21 +179,21 @@ resource "azurerm_kubernetes_cluster" "aks" {
# ssh_key = try(var.settings.linux_profile.ssh_key,null)
# }
# }

dynamic "network_profile" {
for_each = try(var.settings.network_profile[*], {})
content {
network_plugin = try(network_profile.value.network_plugin,null)
network_mode = try(network_profile.value.network_mode, null)
network_policy = try(network_profile.value.network_policy, null)
dns_service_ip = try(network_profile.value.dns_service_ip, null)
docker_bridge_cidr = try(network_profile.value.docker_bridge_cidr, null)
outbound_type = try(network_profile.value.outbound_type, null)
pod_cidr = try(network_profile.value.network_profile.pod_cidr, null)
service_cidr = try(network_profile.value.network_profile.service_cidr, null)
load_balancer_sku = try(network_profile.value.network_profile.load_balancer_sku, null)

dynamic "load_balancer_profile"{
network_plugin = try(network_profile.value.network_plugin, null)
network_mode = try(network_profile.value.network_mode, null)
network_policy = try(network_profile.value.network_policy, null)
dns_service_ip = try(network_profile.value.dns_service_ip, null)
docker_bridge_cidr = try(network_profile.value.docker_bridge_cidr, null)
outbound_type = try(network_profile.value.outbound_type, null)
pod_cidr = try(network_profile.value.network_profile.pod_cidr, null)
service_cidr = try(network_profile.value.network_profile.service_cidr, null)
load_balancer_sku = try(network_profile.value.network_profile.load_balancer_sku, null)

dynamic "load_balancer_profile" {
for_each = try(network_profile.value.load_balancer_profile[*], {})
content {
managed_outbound_ip_count = try(load_balancer_profile.value.managed_outbound_ip_count, null)
Expand Down

0 comments on commit 4881088

Please sign in to comment.