Skip to content

T
terraform-aws-wdps-eks
Commit 8e508daa authored by Jose Ernesto Suarez's avatar Jose Ernesto Suarez
Browse files
Options

Added the ingrss config and the k8s base

parent 88b8b379
Hide whitespace changes
Inline Side-by-side
Showing with 173 additions and 0 deletions
ingress.tf 0 → 100644
View file @ 8e508daa
resource "kubernetes_ingress" "ingress" {
for_each = local.ingresses
metadata {
name = each.key
namespace = lookup(each.value, "namespace", "default")
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"cert-manager.io/cluster-issuer" = "letsencrypt-production"
}
}
spec {
dynamic "rule" {
for_each = each.value["hosts"]
content {
host = rule.value.name
http {
dynamic "path" {
for_each = rule.value.rules
content {
path = path.value.path
backend {
service_name = path.value.service_name
service_port = path.value.service_port
}
}
}
}
}
}
dynamic "tls" {
for_each = lookup(each.value, "tls_secret_name", "") != "" ? [
[for h in each.value["hosts"] : h.name]
] : []
content {
secret_name = each.value["tls_secret_name"]
hosts = tls.value
}
}
}
}
k8s-base.tf 0 → 100644
View file @ 8e508daa
# create our namespaces
resource "kubernetes_namespace" "managed" {
for_each = toset(var.managed_namespaces)
metadata {
name = each.value
labels = {
"app.kubernetes.io/managed-by" = "Terraform"
}
}
}
# create managed secrets
resource "kubernetes_secret" "managed" {
for_each = local.secrets_map
metadata {
name = each.key
namespace = each.value["namespace"]
labels = {
"app.kubernetes.io/managed-by" = "Terraform"
}
}
type = each.value["secret_type"]
data = each.value["data"]
depends_on = [kubernetes_namespace.managed]
}
# create managed config maps
resource "kubernetes_config_map" "managed" {
for_each = local.configs_map
metadata {
name = each.key
namespace = each.value["namespace"]
labels = {
"app.kubernetes.io/managed-by" = "Terraform"
}
}
data = each.value["data"]
binary_data = lookup(each.value, "binary_data", null)
depends_on = [kubernetes_namespace.managed]
}
locals.tf 0 → 100644
View file @ 8e508daa
##########
# K8S-BASE
##########
# prepare our configs
locals {
secrets = flatten([for n, d in var.settings : [
for s, dat in lookup(d, "secrets", {}) : merge({
secret_name = s
namespace = n
secret_type = "Opaque"
data = null
}, dat)
]])
secrets_map = { for item in local.secrets : item.secret_name => item }
configmaps = flatten([for n, d in var.settings : [
for c, dat in lookup(d, "configmaps", {}) : merge({
config_name = c
namespace = n
data = null
}, dat)
]])
configs_map = { for item in local.configmaps : item.config_name => item }
}
##########
# K8S-BASE INGRESS
##########
locals {
ingresses = { for k, v in var.ingresses : v["name"] => v }
}
variables.tf
View file @ 8e508daa
......@@ -80,3 +80,42 @@ variable "map_accounts" {
type = list(string)
default = []
}
##########
# K8S-BASE
##########
variable "settings" {
description = "The map of namespaces, their secrets and configmaps"
type = any
# should look like:
# {
# namespace-name = {
# secrets = {
# my-secret-name = {
# secret_type = "Opaque"
# data = { ... } # any type of data you want to put in
# }
# configs = {
# my-config-name = {
# data = { ... } # any type of data you want to put in
# binary_data = { ... } # this field only accepts base64-encoded payloads
# }
# }
# }
# }
default = {}
}
variable "managed_namespaces" {
description = "List of namespaces managed by Terraform"
type = list(string)
default = []
}
##########
# K8S-BASE INGRESS
##########
variable "ingresses" {
description = "List of the ingresses with rules"
type = any
default = []
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment