diff --git a/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0 b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0
new file mode 160000
index 0000000..97964a3
--- /dev/null
+++ b/.external_modules/github.com/osinfra-io/terraform-core-helpers/v0.1.0
@@ -0,0 +1 @@
+Subproject commit 97964a358aa4328f590f7e5d3774ec0b6a0bc306
diff --git a/.github/release.yml b/.github/release.yml
index c6d9cb1..421c43d 100644
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -10,8 +10,8 @@ changelog:
labels:
- dependencies
- - title: 🔩 Dependencies
+ - title: 🔩 Dependencies
labels:
- dependencies
-# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly.
\ No newline at end of file
+# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly.
diff --git a/.gitignore b/.gitignore
index a543f04..4af90a9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,9 +18,6 @@ crash.log
# be included in version control.
local.tfvars
-# Provider.tf is used for local development of modules and shouldn't be added to repos.
-provider.tf
-
# Ignore override files as they are usually used to override ressources locally
override.tf
override.tf.json
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 05e7141..90459ac 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -11,7 +11,7 @@ repos:
- id: check-symlinks
- repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.96.1
+ rev: v1.96.2
hooks:
- id: terraform_fmt
@@ -29,7 +29,7 @@ repos:
- id: terraform_docs
- repo: https://github.com/bridgecrewio/checkov.git
- rev: 3.2.257
+ rev: 3.2.277
hooks:
- id: checkov
verbose: true
diff --git a/regional/README.md b/regional/README.md
index 5da9e41..ffa3ad9 100644
--- a/regional/README.md
+++ b/regional/README.md
@@ -11,7 +11,7 @@ No requirements.
| Name | Version |
|------|---------|
-| [helm](#provider\_helm) | 2.16.0 |
+| [helm](#provider\_helm) | 2.16.1 |
## Modules
diff --git a/regional/helm/cert-manager.yml b/regional/helm/cert-manager.yml
index a5b7061..36a485f 100644
--- a/regional/helm/cert-manager.yml
+++ b/regional/helm/cert-manager.yml
@@ -1,6 +1,6 @@
+crds:
+ enabled: true
+
global:
commonLabels:
tags.datadoghq.com/source: cert-manager
-
-crds:
- enabled: true
diff --git a/regional/helpers.tf b/regional/helpers.tf
new file mode 120000
index 0000000..404585d
--- /dev/null
+++ b/regional/helpers.tf
@@ -0,0 +1 @@
+../shared/helpers.tf
\ No newline at end of file
diff --git a/regional/istio-csr/README.md b/regional/istio-csr/README.md
index d2f44eb..adda29e 100644
--- a/regional/istio-csr/README.md
+++ b/regional/istio-csr/README.md
@@ -11,7 +11,7 @@ No requirements.
| Name | Version |
|------|---------|
-| [helm](#provider\_helm) | 2.16.0 |
+| [helm](#provider\_helm) | 2.16.1 |
| [kubernetes](#provider\_kubernetes) | 2.33.0 |
## Modules
diff --git a/regional/istio-csr/helpers.tf b/regional/istio-csr/helpers.tf
new file mode 120000
index 0000000..4be5464
--- /dev/null
+++ b/regional/istio-csr/helpers.tf
@@ -0,0 +1 @@
+../../shared/helpers.tf
\ No newline at end of file
diff --git a/regional/istio-csr/locals.tf b/regional/istio-csr/locals.tf
index 28a2e2e..4768ddc 100644
--- a/regional/istio-csr/locals.tf
+++ b/regional/istio-csr/locals.tf
@@ -3,19 +3,6 @@
locals {
cluster_id = local.zone != null ? "${var.cluster_prefix}-${local.region}-${local.zone}-${local.env}" : "${var.cluster_prefix}-${local.region}-${local.env}"
- env = lookup(local.env_map, local.environment, "none")
-
- environment = (
- terraform.workspace == "default" ?
- "mock-environment" :
- regex(".*-(?P[^-]+)$", terraform.workspace)["environment"]
- )
-
- env_map = {
- "non-production" = "nonprod"
- "production" = "prod"
- "sandbox" = "sb"
- }
helm_values = {
"app.server.clusterID" = local.cluster_id
@@ -26,21 +13,4 @@ locals {
"resources.requests.cpu" = var.resources_requests_cpu
"resources.requests.memory" = var.resources_requests_memory
}
-
- region = (
- terraform.workspace == "default" ?
- "mock-region" :
- regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"]
- )
-
-
- zone = (
- terraform.workspace == "default" ?
- "mock-zone" :
- (
- regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ?
- regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] :
- null
- )
- )
}
diff --git a/regional/locals.tf b/regional/locals.tf
index 6276431..b0218bd 100644
--- a/regional/locals.tf
+++ b/regional/locals.tf
@@ -2,20 +2,6 @@
# https://www.terraform.io/docs/language/values/locals.html
locals {
- env = lookup(local.env_map, local.environment, "none")
-
- environment = (
- terraform.workspace == "default" ?
- "mock-environment" :
- regex(".*-(?P[^-]+)$", terraform.workspace)["environment"]
- )
-
- env_map = {
- "non-production" = "nonprod"
- "production" = "prod"
- "sandbox" = "sb"
- }
-
helm_values = {
"cainjector.podLabels.tags\\.datadoghq\\.com/service" = "cert-manager-cainjector"
"cainjector.resources.limits.cpu" = var.cain_injector_resources_limits_cpu
diff --git a/shared/helpers.tf b/shared/helpers.tf
new file mode 100644
index 0000000..aa501c9
--- /dev/null
+++ b/shared/helpers.tf
@@ -0,0 +1,33 @@
+# Terraform Core Child Module Helpers
+
+locals {
+ env = lookup(local.env_map, local.environment, "none")
+
+ environment = (
+ terraform.workspace == "default" ?
+ "mock-environment" :
+ regex(".*-(?P[^-]+)$", terraform.workspace)["environment"]
+ )
+
+ env_map = {
+ "non-production" = "nonprod"
+ "production" = "prod"
+ "sandbox" = "sb"
+ }
+
+ region = (
+ terraform.workspace == "default" ?
+ "mock-region" :
+ regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"]
+ )
+
+ zone = (
+ terraform.workspace == "default" ?
+ "mock-zone" :
+ (
+ regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ?
+ regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] :
+ null
+ )
+ )
+}
diff --git a/tests/fixtures/default/regional/istio-csr/locals.tf b/tests/fixtures/default/regional/istio-csr/locals.tf
deleted file mode 100644
index a36772c..0000000
--- a/tests/fixtures/default/regional/istio-csr/locals.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-# Local Values
-# https://www.terraform.io/language/values/locals
-
-locals {
- regional = data.terraform_remote_state.regional.outputs
-}
diff --git a/tests/fixtures/default/regional/istio-csr/main.tf b/tests/fixtures/default/regional/istio-csr/main.tf
index f6d425b..db3c28d 100644
--- a/tests/fixtures/default/regional/istio-csr/main.tf
+++ b/tests/fixtures/default/regional/istio-csr/main.tf
@@ -15,51 +15,6 @@ terraform {
}
}
-# Helm Provider
-# https://registry.terraform.io/providers/hashicorp/helm/latest
-
-provider "helm" {
- kubernetes {
-
- cluster_ca_certificate = base64decode(
- local.regional.cluster_ca_certificate
- )
-
- host = local.regional.cluster_endpoint
- token = data.google_client_config.current.access_token
- }
-}
-
-# Kubernetes Provider
-# https://registry.terraform.io/providers/hashicorp/kubernetes/latest
-
-provider "kubernetes" {
- cluster_ca_certificate = base64decode(
- local.regional.cluster_ca_certificate
- )
-
- host = "https://${local.regional.cluster_endpoint}"
- token = data.google_client_config.current.access_token
-}
-
-# Google Client Config Data Source
-# https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config
-
-data "google_client_config" "current" {
-}
-
-# Remote State Data Source
-# https://www.terraform.io/language/state/remote-state-data
-
-data "terraform_remote_state" "regional" {
- backend = "gcs"
- workspace = "mock-workspace"
-
- config = {
- bucket = "mock-bucket"
- }
-}
-
module "test" {
source = "../../../../../regional/istio-csr"
diff --git a/tests/fixtures/default/regional/locals.tf b/tests/fixtures/default/regional/locals.tf
deleted file mode 100644
index a36772c..0000000
--- a/tests/fixtures/default/regional/locals.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-# Local Values
-# https://www.terraform.io/language/values/locals
-
-locals {
- regional = data.terraform_remote_state.regional.outputs
-}
diff --git a/tests/fixtures/default/regional/main.tf b/tests/fixtures/default/regional/main.tf
index 0a91843..40f1a84 100644
--- a/tests/fixtures/default/regional/main.tf
+++ b/tests/fixtures/default/regional/main.tf
@@ -15,51 +15,6 @@ terraform {
}
}
-# Helm Provider
-# https://registry.terraform.io/providers/hashicorp/helm/latest
-
-provider "helm" {
- kubernetes {
-
- cluster_ca_certificate = base64decode(
- local.regional.cluster_ca_certificate
- )
-
- host = local.regional.cluster_endpoint
- token = data.google_client_config.current.access_token
- }
-}
-
-# Kubernetes Provider
-# https://registry.terraform.io/providers/hashicorp/kubernetes/latest
-
-provider "kubernetes" {
- cluster_ca_certificate = base64decode(
- local.regional.cluster_ca_certificate
- )
-
- host = "https://${local.regional.cluster_endpoint}"
- token = data.google_client_config.current.access_token
-}
-
-# Google Client Config Data Source
-# https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config
-
-data "google_client_config" "current" {
-}
-
-# Remote State Data Source
-# https://www.terraform.io/language/state/remote-state-data
-
-data "terraform_remote_state" "regional" {
- backend = "gcs"
- workspace = "mock-workspace"
-
- config = {
- bucket = "mock-bucket"
- }
-}
-
module "test" {
source = "../../../../regional"