removed internal tf folders

.github/workflows/waf-k8s-apply.yml

@@ -231,7 +231,7 @@ jobs:
 
 
   terraform_ce:
-    name: "CE Deployment"
+    name: "EKS CE Deployment"
     runs-on: ubuntu-latest
     needs: terraform_bookinfo
     defaults:
@@ -345,90 +345,10 @@ jobs:
         run: terraform apply -auto-approve -input=false
 
 
-  terraform_approve:
-    name: "Site Registration"
-    runs-on: ubuntu-latest
-    needs: terraform_ce
-    defaults:
-      run:
-        working-directory: ./workflow-guides/waf/f5-xc-waf-on-k8s/terraform/registration
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Setup Terraform
-        uses: hashicorp/setup-terraform@v2
-        with:
-          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
-
-      - name: Setup Terraform Backend
-        id: backend
-        run: |
-          cat > backend.tf << EOF
-          terraform { 
-            cloud {
-              organization = "${{ secrets.TF_CLOUD_ORGANIZATION }}"
-              workspaces {
-                name = "${{ secrets.TF_CLOUD_WORKSPACE_REG }}"
-              }
-            }
-          }
-          EOF
-          echo "${{secrets.P12}}" | base64 -d > api.p12
-          pwd
-          cp ../../../../../xc/terraform.tfvars .
-
-      - name: Terraform Init
-        id: init
-        run: terraform init
-
-      - name: Terraform Validate
-        id: validate
-        run: terraform validate -no-color
-
-      - name: Terraform Plan
-        id: plan
-        if: github.event_name == 'pull_request'
-        run: terraform plan -no-color -input=false
-        continue-on-error: true
-
-      - uses: actions/github-script@v6
-        if: github.event_name == 'pull_request'
-        env:
-          PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const output = `#### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
-            #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
-            #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
-            <details><summary>Show Plan</summary>
-            \`\`\`\n
-            ${process.env.PLAN}
-            \`\`\`
-            </details>
-            *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: output
-            })
-      - name: Terraform Plan Status
-        if: steps.plan.outcome == 'failure'
-        run: exit 1
-
-      - name: Terraform Apply
-        if: github.ref == 'refs/heads/deploy-waf-k8s' && github.event_name == 'push'
-        run: terraform apply -auto-approve -input=false
-        env:
-          TF_VAR_site_name: ${{ secrets.TF_VAR_site_name }}
-
-
   terraform_xc:
-    name: "F5XC WAAP"
+    name: "F5XC WAF"
     runs-on: ubuntu-latest
-    needs: terraform_approve
+    needs: terraform_ce
     defaults:
       run:
         working-directory: ./xc

xc/data.tf

@@ -17,6 +17,8 @@ data "tfe_outputs" "nic" {
   organization = var.tf_cloud_organization
   workspace = "nic"
 }
+
+# they will fail
 data "tfe_outputs" "aks-cluster" {
   count = data.tfe_outputs.infra.values.aks-cluster ? 1 : 0 
   organization = var.tf_cloud_organization
@@ -27,9 +29,16 @@ data "tfe_outputs" "azure-vm" {
   organization = var.tf_cloud_organization
   workspace = "azure-vm"
 }
+
 data "azurerm_virtual_machine" "az-ce-site" {
   count               = var.az_ce_site ? 1 : 0
   depends_on          = [volterra_tf_params_action.action_apply]
   name                = "master-0"
   resource_group_name = format("%s-rg-xc-%s", local.project_prefix, local.build_suffix)
 }
+
+data "tfe_outputs" "eks" {
+  count               = var.eks_ce_site ? 1 : 0
+  organization        = var.tf_cloud_organization
+  workspace           = "eks"
+}

workflow-guides/waf/f5-xc-waf-on-k8s/terraform/registration/registration.tf → xc/eks_ce_registration.tf

@@ -1,4 +1,5 @@
 resource "volterra_registration_approval" "k8s-ce" {
+  count = var.eks_ce_site ? 1 : 0
   cluster_name  = var.site_name
   cluster_size  = 1
   retry = 5

xc/locals.tf

@@ -16,4 +16,7 @@ locals {
   vnet_name           = try(data.tfe_outputs.infra.values.vnet_name, "")
   subnet_name         = try(data.tfe_outputs.infra.values.subnet_name, "")
   subnet_id           = try(data.tfe_outputs.infra.values.subnet_id, "")
+  host = try(data.tfe_outputs.eks.values.cluster_endpoint, "")
+  aws_region = try(data.tfe_outputs.infra.values.aws_region, "")
+  cluster_name = try(data.tfe_outputs.eks.values.cluster_name, "")
 }

xc/terraform.tfvars

@@ -29,3 +29,5 @@ xc_ddos_pro = false
 
 #XC Malicious User Detection
 xc_mud = false
+
+eks_ce_site = "true"

xc/variables.tf

@@ -147,4 +147,11 @@ variable "xc_service_discovery" {
   type        = string
   description = "Enable service discovery"
   default     = "false"
-}
+}
+
+# EKS CE Site
+variable "eks_ce_site" {
+  type        = string
+  description = "Whether it's EKS CE site ?"
+  default     = "false"
+}