Merge pull request #266 from sassoftware/staging

8.1.0 - January 19, 2024
sassoftware · Jan 19, 2024 · 2340b81 · 2340b81
2 parents faf3f0e + 211f8b2
commit 2340b81
Show file tree

Hide file tree

Showing 19 changed files with 31 additions and 67 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,9 +1,9 @@
-ARG TERRAFORM_VERSION=1.6.3
+ARG TERRAFORM_VERSION=1.6.6
 ARG AWS_CLI_VERSION=2.13.33
 FROM hashicorp/terraform:$TERRAFORM_VERSION as terraform
 
 FROM amazon/aws-cli:$AWS_CLI_VERSION
-ARG KUBECTL_VERSION=1.26.10
+ARG KUBECTL_VERSION=1.27.9
 
 WORKDIR /viya4-iac-aws
 

diff --git a/README.md b/README.md
@@ -47,8 +47,8 @@ The following are also required:
 
 #### Terraform Requirements:
 
-- [Terraform](https://www.terraform.io/downloads.html) v1.6.3
-- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - v1.26.10
+- [Terraform](https://www.terraform.io/downloads.html) v1.6.6
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - v1.27.9
 - [jq](https://stedolan.github.io/jq/) v1.6
 - [AWS CLI](https://aws.amazon.com/cli) (optional; useful as an alternative to the AWS Web Console) v2.13.33
 

diff --git a/container-structure-test.yaml b/container-structure-test.yaml
@@ -17,7 +17,7 @@ commandTests:
   - name: "terraform version"
     command: "terraform"
     args: ["--version"]
-    expectedOutput: ["Terraform v1.6.3"]
+    expectedOutput: ["Terraform v1.6.6"]
   - name: "aws-cli version"
     command: "sh"
     args:

diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md
@@ -257,7 +257,7 @@ Custom policy:
 | <div style="width:50px">Name</div> | <div style="width:150px">Description</div> | <div style="width:50px">Type</div> | <div style="width:75px">Default</div> | <div style="width:150px">Notes</div> |
 | :--- | :--- | :--- | :--- | :--- |
 | create_static_kubeconfig | Allows the user to create a provider- or service account-based kubeconfig file | bool | true | A value of `false` defaults to using the cloud provider's mechanism for generating the kubeconfig file. A value of `true` creates a static kubeconfig that uses a service account and cluster role binding to provide credentials. |
-| kubernetes_version | The EKS cluster Kubernetes version | string | "1.26" | |
+| kubernetes_version | The EKS cluster Kubernetes version | string | "1.27" | |
 | create_jump_vm | Create bastion host (jump VM) | bool | true| |
 | create_jump_public_ip | Add public IP address to jump VM | bool | true | |
 | jump_vm_admin | OS admin user for the jump VM | string | "jumpuser" | |

diff --git a/examples/sample-input-byo.tfvars b/examples/sample-input-byo.tfvars
@@ -37,7 +37,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-connect.tfvars b/examples/sample-input-connect.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-custom-data.tfvars b/examples/sample-input-custom-data.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-gpu.tfvars b/examples/sample-input-gpu.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-ha.tfvars b/examples/sample-input-ha.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-minimal.tfvars b/examples/sample-input-minimal.tfvars
@@ -27,7 +27,7 @@ tags = {} # e.g., { "key1" = "value1", "key2" = "value2" }
 # }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 1
 default_nodepool_vm_type     = "m5.large"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input-singlestore.tfvars b/examples/sample-input-singlestore.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/examples/sample-input.tfvars b/examples/sample-input.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
 }
 
 ## Cluster config
-kubernetes_version           = "1.26"
+kubernetes_version           = "1.27"
 default_nodepool_node_count  = 2
 default_nodepool_vm_type     = "m5.2xlarge"
 default_nodepool_custom_data = ""

diff --git a/linting-configs/.tflint.hcl b/linting-configs/.tflint.hcl
@@ -37,11 +37,6 @@ rule "terraform_deprecated_interpolation" {
   enabled = true
 }
 
-# Disallow output declarations without description.
-rule "terraform_documented_outputs" {
-  enabled = true
-}
-
 # Disallow variable declarations without description.
 rule "terraform_documented_variables" {
   enabled = true

diff --git a/main.tf b/main.tf
@@ -40,7 +40,7 @@ resource "kubernetes_config_map" "sas_iac_buildinfo" {
   }
 
   data = {
-    git-hash = data.external.git_hash.result["git-hash"]
+    git-hash    = data.external.git_hash.result["git-hash"]
     timestamp   = chomp(timestamp())
     iac-tooling = var.iac_tooling
     terraform   = <<EOT
@@ -91,7 +91,7 @@ module "vpc" {
 # EKS Setup - https://github.com/terraform-aws-modules/terraform-aws-eks
 module "eks" {
   source                               = "terraform-aws-modules/eks/aws"
-  version                              = "19.19.1"
+  version                              = "~> 19.0"
   cluster_name                         = local.cluster_name
   cluster_version                      = var.kubernetes_version
   cluster_enabled_log_types            = [] # disable cluster control plan logging
@@ -153,7 +153,7 @@ module "eks" {
   node_security_group_enable_recommended_rules = false
 
   # enabled by default in v19, setting to false to preserve original behavior.
-  create_kms_key = false
+  create_kms_key            = false
   cluster_encryption_config = []
 
   ################################################################################
@@ -164,7 +164,7 @@ module "eks" {
   iam_role_arn    = var.cluster_iam_role_arn
 
   iam_role_additional_policies = {
-    "additional": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
+    "additional" : "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
   }
 
   ## Use this to define any values that are common and applicable to all Node Groups
@@ -228,7 +228,7 @@ module "kubeconfig" {
 # Database Setup - https://registry.terraform.io/modules/terraform-aws-modules/rds/aws/6.2.0
 module "postgresql" {
   source  = "terraform-aws-modules/rds/aws"
-  version = "6.2.0"
+  version = "~> 6.0"
 
   for_each = local.postgres_servers != null ? length(local.postgres_servers) != 0 ? local.postgres_servers : {} : {}
 

diff --git a/modules/aws_autoscaling/main.tf b/modules/aws_autoscaling/main.tf
@@ -1,15 +1,6 @@
 # Copyright © 2021-2023, SAS Institute Inc., Cary, NC, USA. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-terraform {
-  required_version = ">= 1.4.5"
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "5.25.0"
-    }
-  }
-}
 
 # Permissions based off the IAM Policy recommended by kubernetes/autoscaler
 # https://github.com/kubernetes/autoscaler/blob/cluster-autoscaler-chart-9.25.0/cluster-autoscaler/cloudprovider/aws/README.md
@@ -69,7 +60,7 @@ resource "aws_iam_policy" "worker_autoscaling" {
 
 module "iam_assumable_role_with_oidc" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
-  version = "5.30.2"
+  version = "~> 5.0"
 
   create_role                   = true
   role_name                     = "${var.prefix}-cluster-autoscaler"

diff --git a/modules/aws_ebs_csi/main.tf b/modules/aws_ebs_csi/main.tf
@@ -1,15 +1,6 @@
 # Copyright © 2021-2023, SAS Institute Inc., Cary, NC, USA. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-terraform {
-  required_version = ">= 1.4.5"
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "5.25.0"
-    }
-  }
-}
 
 resource "aws_iam_policy" "ebs_csi" {
   name_prefix = "${var.prefix}-ebs-csi-policy"
@@ -167,7 +158,7 @@ EOT
 
 module "iam_assumable_role_with_oidc" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
-  version = "5.30.2"
+  version = "~> 5.0"
 
   create_role                    = true
   role_name                      = "${var.prefix}-ebs-csi-role"

diff --git a/modules/kubeconfig/main.tf b/modules/kubeconfig/main.tf
@@ -1,19 +1,6 @@
 # Copyright © 2021-2023, SAS Institute Inc., Cary, NC, USA. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-terraform {
-  required_version = ">= 1.4.5"
-  required_providers {
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "2.23.0"
-    }
-    local = {
-      source  = "hashicorp/local"
-      version = "2.4.0"
-    }
-  }
-}
 
 locals {
   service_account_name        = "${var.prefix}-cluster-admin-sa"

diff --git a/variables.tf b/variables.tf
@@ -149,7 +149,7 @@ variable "efs_throughput_rate" {
 variable "kubernetes_version" {
   description = "The EKS cluster Kubernetes version."
   type        = string
-  default     = "1.26"
+  default     = "1.27"
 }
 
 variable "tags" {

diff --git a/versions.tf b/versions.tf
@@ -2,39 +2,39 @@
 # SPDX-License-Identifier: Apache-2.0
 
 terraform {
-  required_version = ">= 1.4.5"
+  required_version = ">= 1.6.6"
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "5.25.0"
+      version = "~> 5.0"
     }
     random = {
       source  = "hashicorp/random"
-      version = "3.5.1"
+      version = "~> 3.0"
     }
     local = {
       source  = "hashicorp/local"
-      version = "2.4.0"
+      version = "~> 2.0"
     }
     null = {
       source  = "hashicorp/null"
-      version = "3.2.1"
+      version = "~> 3.0"
     }
     external = {
       source  = "hashicorp/external"
-      version = "2.3.1"
+      version = "~> 2.0"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"
-      version = "2.23.0"
+      version = "~> 2.0"
     }
     tls = {
       source  = "hashicorp/tls"
-      version = "4.0.4"
+      version = "~> 4.0"
     }
     cloudinit = {
       source  = "hashicorp/cloudinit"
-      version = "2.3.2"
+      version = "~> 2.0"
     }
   }
 }