From bef1d418eff61ed8257f36554abd9026166ee62a Mon Sep 17 00:00:00 2001 From: Jeff Date: Thu, 21 Jan 2021 23:07:15 -0800 Subject: [PATCH] Update to support kubernetes provider v2 (#93) --- README.md | 8 +++----- auth.tf | 2 -- docs/terraform.md | 8 +++----- examples/complete/versions.tf | 2 +- test/Makefile | 4 +--- variables.tf | 14 +------------- versions.tf | 4 +--- 7 files changed, 10 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index 601c503e..b0b470ad 100644 --- a/README.md +++ b/README.md @@ -317,7 +317,7 @@ Available targets: |------|---------| | terraform | >= 0.12.26 | | aws | >= 2.0 | -| kubernetes | ~> 1.11 | +| kubernetes | >= 2.0 | | local | >= 1.3 | | null | >= 2.0 | | template | >= 2.0 | @@ -327,7 +327,7 @@ Available targets: | Name | Version | |------|---------| | aws | >= 2.0 | -| kubernetes | ~> 1.11 | +| kubernetes | >= 2.0 | | null | >= 2.0 | ## Inputs @@ -344,7 +344,7 @@ Available targets: | cluster\_encryption\_config\_kms\_key\_enable\_key\_rotation | Cluster Encryption Config KMS Key Resource argument - enable kms key rotation | `bool` | `true` | no | | cluster\_encryption\_config\_kms\_key\_id | Specify KMS Key Id ARN to use for cluster encryption config | `string` | `""` | no | | cluster\_encryption\_config\_kms\_key\_policy | Cluster Encryption Config KMS Key Resource argument - key policy | `string` | `null` | no | -| cluster\_encryption\_config\_resources | Cluster Encryption Config Resources to encrypt, e.g. ['secrets'] | `list` |
[
"secrets"
]
| no | +| cluster\_encryption\_config\_resources | Cluster Encryption Config Resources to encrypt, e.g. ['secrets'] | `list(any)` |
[
"secrets"
]
| no | | cluster\_log\_retention\_period | Number of days to retain cluster logs. Requires `enabled_cluster_log_types` to be set. See https://docs.aws.amazon.com/en_us/eks/latest/userguide/control-plane-logs.html. | `number` | `0` | no | | context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. |
object({
enabled = bool
namespace = string
environment = string
stage = string
name = string
delimiter = string
attributes = list(string)
tags = map(string)
additional_tag_map = map(string)
regex_replace_chars = string
label_order = list(string)
id_length_limit = number
})
|
{
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_order": [],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
}
| no | | delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no | @@ -355,8 +355,6 @@ Available targets: | environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no | | id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no | | kubernetes\_config\_map\_ignore\_role\_changes | Set to `true` to ignore IAM role changes in the Kubernetes Auth ConfigMap | `bool` | `true` | no | -| kubernetes\_config\_path | Path to the kube config file. Defaults to `~/.kube/config` | `string` | `"~/.kube/config"` | no | -| kubernetes\_load\_config\_file | Loads the default local config of ~/.kube/config for the provider, which is useful for resolving migration issues like `Error: configmaps "aws-auth" already exists` | `bool` | `false` | no | | kubernetes\_version | Desired Kubernetes master version. If you do not specify a value, the latest available version is used | `string` | `"1.15"` | no | | label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no | | local\_exec\_interpreter | shell to use for local\_exec | `list(string)` |
[
"/bin/sh",
"-c"
]
| no | diff --git a/auth.tf b/auth.tf index fdb34d5d..14521a82 100644 --- a/auth.tf +++ b/auth.tf @@ -78,8 +78,6 @@ provider "kubernetes" { token = join("", data.aws_eks_cluster_auth.eks.*.token) host = join("", data.aws_eks_cluster.eks.*.endpoint) cluster_ca_certificate = base64decode(join("", data.aws_eks_cluster.eks.*.certificate_authority.0.data)) - load_config_file = var.kubernetes_load_config_file - config_path = var.kubernetes_config_path } resource "kubernetes_config_map" "aws_auth_ignore_changes" { diff --git a/docs/terraform.md b/docs/terraform.md index 3301094c..4f0d471b 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -5,7 +5,7 @@ |------|---------| | terraform | >= 0.12.26 | | aws | >= 2.0 | -| kubernetes | ~> 1.11 | +| kubernetes | >= 2.0 | | local | >= 1.3 | | null | >= 2.0 | | template | >= 2.0 | @@ -15,7 +15,7 @@ | Name | Version | |------|---------| | aws | >= 2.0 | -| kubernetes | ~> 1.11 | +| kubernetes | >= 2.0 | | null | >= 2.0 | ## Inputs @@ -32,7 +32,7 @@ | cluster\_encryption\_config\_kms\_key\_enable\_key\_rotation | Cluster Encryption Config KMS Key Resource argument - enable kms key rotation | `bool` | `true` | no | | cluster\_encryption\_config\_kms\_key\_id | Specify KMS Key Id ARN to use for cluster encryption config | `string` | `""` | no | | cluster\_encryption\_config\_kms\_key\_policy | Cluster Encryption Config KMS Key Resource argument - key policy | `string` | `null` | no | -| cluster\_encryption\_config\_resources | Cluster Encryption Config Resources to encrypt, e.g. ['secrets'] | `list` |
[
"secrets"
]
| no | +| cluster\_encryption\_config\_resources | Cluster Encryption Config Resources to encrypt, e.g. ['secrets'] | `list(any)` |
[
"secrets"
]
| no | | cluster\_log\_retention\_period | Number of days to retain cluster logs. Requires `enabled_cluster_log_types` to be set. See https://docs.aws.amazon.com/en_us/eks/latest/userguide/control-plane-logs.html. | `number` | `0` | no | | context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. |
object({
enabled = bool
namespace = string
environment = string
stage = string
name = string
delimiter = string
attributes = list(string)
tags = map(string)
additional_tag_map = map(string)
regex_replace_chars = string
label_order = list(string)
id_length_limit = number
})
|
{
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_order": [],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
}
| no | | delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no | @@ -43,8 +43,6 @@ | environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no | | id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no | | kubernetes\_config\_map\_ignore\_role\_changes | Set to `true` to ignore IAM role changes in the Kubernetes Auth ConfigMap | `bool` | `true` | no | -| kubernetes\_config\_path | Path to the kube config file. Defaults to `~/.kube/config` | `string` | `"~/.kube/config"` | no | -| kubernetes\_load\_config\_file | Loads the default local config of ~/.kube/config for the provider, which is useful for resolving migration issues like `Error: configmaps "aws-auth" already exists` | `bool` | `false` | no | | kubernetes\_version | Desired Kubernetes master version. If you do not specify a value, the latest available version is used | `string` | `"1.15"` | no | | label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no | | local\_exec\_interpreter | shell to use for local\_exec | `list(string)` |
[
"/bin/sh",
"-c"
]
| no | diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 7b2d8cc0..4fa6e1da 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -20,7 +20,7 @@ terraform { } kubernetes = { source = "hashicorp/kubernetes" - version = ">= 1.11" + version = ">= 2.0" } } } diff --git a/test/Makefile b/test/Makefile index b52e78ad..17b2fe74 100644 --- a/test/Makefile +++ b/test/Makefile @@ -33,9 +33,7 @@ clean: all: module examples/complete ## Run basic sanity checks against the module itself -# module: export TESTS ?= installed lint get-modules module-pinning get-plugins provider-pinning validate terraform-docs input-descriptions output-descriptions -# The kubernetes provider needs to be pinned because 2.x has breaking changes -module: export TESTS ?= installed lint get-modules module-pinning get-plugins validate terraform-docs input-descriptions output-descriptions +module: export TESTS ?= installed lint get-modules module-pinning get-plugins provider-pinning validate terraform-docs input-descriptions output-descriptions module: deps $(call RUN_TESTS, ../) diff --git a/variables.tf b/variables.tf index d5ac1585..d9aacad3 100644 --- a/variables.tf +++ b/variables.tf @@ -43,18 +43,6 @@ variable "kubernetes_version" { description = "Desired Kubernetes master version. If you do not specify a value, the latest available version is used" } -variable "kubernetes_config_path" { - type = string - default = "~/.kube/config" - description = "Path to the kube config file. Defaults to `~/.kube/config`" -} - -variable "kubernetes_load_config_file" { - type = bool - default = false - description = "Loads the default local config of ~/.kube/config for the provider, which is useful for resolving migration issues like `Error: configmaps \"aws-auth\" already exists`" -} - variable "oidc_provider_enabled" { type = bool default = false @@ -176,7 +164,7 @@ variable "cluster_encryption_config_kms_key_policy" { } variable "cluster_encryption_config_resources" { - type = list + type = list(any) default = ["secrets"] description = "Cluster Encryption Config Resources to encrypt, e.g. ['secrets']" } diff --git a/versions.tf b/versions.tf index b162b047..4fa6e1da 100644 --- a/versions.tf +++ b/versions.tf @@ -19,10 +19,8 @@ terraform { version = ">= 1.3" } kubernetes = { - # Version 2.0 has breaking changes, this module needs conversion to use it. - # After converting to 2.0, restore the provider-pinning Bats test in test/Makefile source = "hashicorp/kubernetes" - version = "~> 1.11" + version = ">= 2.0" } } }