From bf58df15881919e48c21cb642be43e10d1ff34e5 Mon Sep 17 00:00:00 2001
From: Tennison Yu <tennisonyu@gmail.com>
Date: Fri, 6 Oct 2023 16:09:14 -0400
Subject: [PATCH] Feature/update resolve conflicts (#192)

* resolve_conflicts deprecated. updated to new parameters

* prettied the vars

* more pretty

* updated versions.tf with min aws

* ran provided commands
---
 .github/renovate.json                       |  7 +++--
 .github/workflows/release-published.yml     |  2 +-
 README.md                                   | 33 +++++++++++----------
 README.yaml                                 | 27 +++++++++--------
 docs/terraform.md                           |  6 ++--
 examples/complete/fixtures.us-east-2.tfvars | 27 +++++++++--------
 examples/complete/variables.tf              |  9 +++---
 main.tf                                     | 13 ++++----
 variables.tf                                | 17 ++++++-----
 versions.tf                                 |  2 +-
 10 files changed, 78 insertions(+), 65 deletions(-)

diff --git a/.github/renovate.json b/.github/renovate.json
index b61ed24f..909df094 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,13 +1,14 @@
 {
   "extends": [
     "config:base",
-    ":preserveSemverRanges"
+    ":preserveSemverRanges",
+    ":rebaseStalePrs"
   ],
-  "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"],
+  "baseBranches": ["main"],
   "labels": ["auto-update"],
   "dependencyDashboardAutoclose": true,
   "enabledManagers": ["terraform"],
   "terraform": {
-    "ignorePaths": ["**/context.tf", "examples/**"]
+    "ignorePaths": ["**/context.tf"]
   }
 }
diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml
index f86352b3..b31232b6 100644
--- a/.github/workflows/release-published.yml
+++ b/.github/workflows/release-published.yml
@@ -11,4 +11,4 @@ permissions:
 
 jobs:
   terraform-module:
-    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main
+    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main
diff --git a/README.md b/README.md
index b907dfd4..1c35deb7 100644
--- a/README.md
+++ b/README.md
@@ -281,24 +281,27 @@ Other examples:
     addons = [
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
       {
-        addon_name               = "vpc-cni"
-        addon_version            = var.vpc_cni_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "vpc-cni"
+        addon_version               = var.vpc_cni_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
       {
-        addon_name               = "kube-proxy"
-        addon_version            = var.kube_proxy_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "kube-proxy"
+        addon_version               = var.kube_proxy_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
       {
-        addon_name               = "coredns"
-        addon_version            = var.coredns_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "coredns"
+        addon_version               = var.coredns_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
     ]
     addons_depends_on = [module.eks_node_group]
@@ -416,7 +419,7 @@ Available targets:
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.46 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.7.1 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.1.0, != 4.0.0 |
@@ -425,7 +428,7 @@ Available targets:
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.46 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.7.1 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.1.0, != 4.0.0 |
@@ -474,7 +477,7 @@ Available targets:
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br>This is for some rare cases where resources want additional configuration of tags<br>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name               = string<br>    addon_version            = optional(string, null)<br>    configuration_values     = optional(string, null)<br>    resolve_conflicts        = string<br>    service_account_role_arn = optional(string, null)<br>    create_timeout           = optional(string, null)<br>    update_timeout           = optional(string, null)<br>    delete_timeout           = optional(string, null)<br>  }))</pre> | `[]` | no |
+| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name                  = string<br>    addon_version               = optional(string, null)<br>    configuration_values        = optional(string, null)<br>    resolve_conflicts_on_create = optional(string, null)<br>    resolve_conflicts_on_update = optional(string, null)<br>    service_account_role_arn    = optional(string, null)<br>    create_timeout              = optional(string, null)<br>    update_timeout              = optional(string, null)<br>    delete_timeout              = optional(string, null)<br>  }))</pre> | `[]` | no |
 | <a name="input_addons_depends_on"></a> [addons\_depends\_on](#input\_addons\_depends\_on) | If provided, all addons will depend on this object, and therefore not be installed until this object is finalized.<br>This is useful if you want to ensure that addons are not applied before some other condition is met, e.g. node groups are created.<br>See [issue #170](https://github.com/cloudposse/terraform-aws-eks-cluster/issues/170) for more details. | `any` | `null` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | A list of IPv4 CIDRs to allow access to the cluster.<br>The length of this list must be known at "plan" time. | `list(string)` | `[]` | no |
 | <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |
diff --git a/README.yaml b/README.yaml
index 77cd88f4..6c1421e2 100644
--- a/README.yaml
+++ b/README.yaml
@@ -245,24 +245,27 @@ usage: |2-
       addons = [
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
         {
-          addon_name               = "vpc-cni"
-          addon_version            = var.vpc_cni_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "vpc-cni"
+          addon_version               = var.vpc_cni_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
         {
-          addon_name               = "kube-proxy"
-          addon_version            = var.kube_proxy_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "kube-proxy"
+          addon_version               = var.kube_proxy_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
         {
-          addon_name               = "coredns"
-          addon_version            = var.coredns_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "coredns"
+          addon_version               = var.coredns_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
       ]
       addons_depends_on = [module.eks_node_group]
diff --git a/docs/terraform.md b/docs/terraform.md
index a9b72255..c68f8a28 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -4,7 +4,7 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.46 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.7.1 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.1.0, != 4.0.0 |
@@ -13,7 +13,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.46 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.7.1 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.1.0, != 4.0.0 |
@@ -62,7 +62,7 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br>This is for some rare cases where resources want additional configuration of tags<br>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name               = string<br>    addon_version            = optional(string, null)<br>    configuration_values     = optional(string, null)<br>    resolve_conflicts        = string<br>    service_account_role_arn = optional(string, null)<br>    create_timeout           = optional(string, null)<br>    update_timeout           = optional(string, null)<br>    delete_timeout           = optional(string, null)<br>  }))</pre> | `[]` | no |
+| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name                  = string<br>    addon_version               = optional(string, null)<br>    configuration_values        = optional(string, null)<br>    resolve_conflicts_on_create = optional(string, null)<br>    resolve_conflicts_on_update = optional(string, null)<br>    service_account_role_arn    = optional(string, null)<br>    create_timeout              = optional(string, null)<br>    update_timeout              = optional(string, null)<br>    delete_timeout              = optional(string, null)<br>  }))</pre> | `[]` | no |
 | <a name="input_addons_depends_on"></a> [addons\_depends\_on](#input\_addons\_depends\_on) | If provided, all addons will depend on this object, and therefore not be installed until this object is finalized.<br>This is useful if you want to ensure that addons are not applied before some other condition is met, e.g. node groups are created.<br>See [issue #170](https://github.com/cloudposse/terraform-aws-eks-cluster/issues/170) for more details. | `any` | `null` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | A list of IPv4 CIDRs to allow access to the cluster.<br>The length of this list must be known at "plan" time. | `list(string)` | `[]` | no |
 | <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |
diff --git a/examples/complete/fixtures.us-east-2.tfvars b/examples/complete/fixtures.us-east-2.tfvars
index 3abc666f..7f893339 100644
--- a/examples/complete/fixtures.us-east-2.tfvars
+++ b/examples/complete/fixtures.us-east-2.tfvars
@@ -33,23 +33,26 @@ kubernetes_version = "1.26"
 addons = [
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
   {
-    addon_name               = "vpc-cni"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "vpc-cni"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
   {
-    addon_name               = "kube-proxy"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "kube-proxy"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
   {
-    addon_name               = "coredns"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "coredns"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
 ]
diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf
index 3670c904..9132b724 100644
--- a/examples/complete/variables.tf
+++ b/examples/complete/variables.tf
@@ -132,10 +132,11 @@ variable "cluster_encryption_config_resources" {
 
 variable "addons" {
   type = list(object({
-    addon_name               = string
-    addon_version            = string
-    resolve_conflicts        = string
-    service_account_role_arn = string
+    addon_name                  = string
+    addon_version               = string
+    resolve_conflicts_on_create = string
+    resolve_conflicts_on_update = string
+    service_account_role_arn    = string
   }))
   default     = []
   description = "Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources."
diff --git a/main.tf b/main.tf
index 9d2b2fe0..a29bb89f 100644
--- a/main.tf
+++ b/main.tf
@@ -142,12 +142,13 @@ resource "aws_eks_addon" "cluster" {
     addon.addon_name => addon
   } : {}
 
-  cluster_name             = one(aws_eks_cluster.default[*].name)
-  addon_name               = each.key
-  addon_version            = lookup(each.value, "addon_version", null)
-  configuration_values     = lookup(each.value, "configuration_values", null)
-  resolve_conflicts        = lookup(each.value, "resolve_conflicts", null)
-  service_account_role_arn = lookup(each.value, "service_account_role_arn", null)
+  cluster_name                = one(aws_eks_cluster.default[*].name)
+  addon_name                  = each.key
+  addon_version               = lookup(each.value, "addon_version", null)
+  configuration_values        = lookup(each.value, "configuration_values", null)
+  resolve_conflicts_on_create = lookup(each.value, "resolve_conflicts_on_create", null)
+  resolve_conflicts_on_update = lookup(each.value, "resolve_conflicts_on_update", null)
+  service_account_role_arn    = lookup(each.value, "service_account_role_arn", null)
 
   tags = module.label.tags
 
diff --git a/variables.tf b/variables.tf
index 9aaf97f3..57e5fe4e 100644
--- a/variables.tf
+++ b/variables.tf
@@ -209,14 +209,15 @@ variable "cloudwatch_log_group_kms_key_id" {
 
 variable "addons" {
   type = list(object({
-    addon_name               = string
-    addon_version            = optional(string, null)
-    configuration_values     = optional(string, null)
-    resolve_conflicts        = string
-    service_account_role_arn = optional(string, null)
-    create_timeout           = optional(string, null)
-    update_timeout           = optional(string, null)
-    delete_timeout           = optional(string, null)
+    addon_name                  = string
+    addon_version               = optional(string, null)
+    configuration_values        = optional(string, null)
+    resolve_conflicts_on_create = optional(string, null)
+    resolve_conflicts_on_update = optional(string, null)
+    service_account_role_arn    = optional(string, null)
+    create_timeout              = optional(string, null)
+    update_timeout              = optional(string, null)
+    delete_timeout              = optional(string, null)
   }))
   description = "Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources"
   default     = []
diff --git a/versions.tf b/versions.tf
index 4aa3de19..6a5ad201 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.46"
+      version = ">= 5.0.0"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"