From 5ac34668efebf70180cb92725eefcca3e3350721 Mon Sep 17 00:00:00 2001
From: Jay Patel <78554593+jarpat@users.noreply.github.com>
Date: Wed, 16 Nov 2022 17:43:47 -0500
Subject: [PATCH 1/3] feat: (IAC-662) Update aws-cli version (#154)
---
Dockerfile | 2 +-
README.md | 2 +-
container-structure-test.yaml | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index 1033a6f3..b8c01c3f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
ARG TERRAFORM_VERSION=1.0.0
-ARG AWS_CLI_VERSION=2.1.29
+ARG AWS_CLI_VERSION=2.7.22
FROM hashicorp/terraform:$TERRAFORM_VERSION as terraform
FROM amazon/aws-cli:$AWS_CLI_VERSION
diff --git a/README.md b/README.md
index 1711aa40..055343ea 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,7 @@ The following are also required:
- [Terraform](https://www.terraform.io/downloads.html) v1.0.0
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - v1.22.10
- [jq](https://stedolan.github.io/jq/) v1.6
-- [AWS CLI](https://aws.amazon.com/cli) (optional; useful as an alternative to the AWS Web Console) v2.1.29
+- [AWS CLI](https://aws.amazon.com/cli) (optional; useful as an alternative to the AWS Web Console) v2.7.22
#### Docker Requirements:
diff --git a/container-structure-test.yaml b/container-structure-test.yaml
index ec4fc5c3..b6f3b34a 100644
--- a/container-structure-test.yaml
+++ b/container-structure-test.yaml
@@ -21,7 +21,7 @@ commandTests:
- -c
- |
aws --version
- expectedOutput: ["aws-cli/2.1.29"]
+ expectedOutput: ["aws-cli/2.7.22"]
metadataTest:
workdir: "/viya4-iac-aws"
From 6f822ac77dab20ad8e96958e900bb553a61c915d Mon Sep 17 00:00:00 2001
From: "Anthony D. Davis" <116221986+anthoday@users.noreply.github.com>
Date: Wed, 30 Nov 2022 11:51:05 -0600
Subject: [PATCH 2/3] fix: (IAC-733): fixed sas_iac_buildinfo error (#169)
---
main.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/main.tf b/main.tf
index aead0837..17a233ea 100755
--- a/main.tf
+++ b/main.tf
@@ -190,7 +190,7 @@ module "kubeconfig" {
endpoint = module.eks.cluster_endpoint
ca_crt = local.kubeconfig_ca_cert
- depends_on = [ module.eks ]
+ depends_on = [module.eks.cluster_id] # The name/id of the EKS cluster. Will block on cluster creation until the cluster is really ready.
}
# Database Setup - https://registry.terraform.io/modules/terraform-aws-modules/rds/aws/3.3.0
From 971b7193061d2898ec88b464eb950bb2002b7e28 Mon Sep 17 00:00:00 2001
From: Jay Patel <78554593+jarpat@users.noreply.github.com>
Date: Thu, 1 Dec 2022 09:24:58 -0500
Subject: [PATCH 3/3] feat: (IAC-655) EKS Add Support for K8s 1.24 (#170)
---
Dockerfile | 2 +-
README.md | 2 +-
docs/CONFIG-VARS.md | 4 ++--
examples/sample-input-byo.tfvars | 2 +-
examples/sample-input-connect.tfvars | 2 +-
examples/sample-input-custom-data.tfvars | 2 +-
examples/sample-input-gpu.tfvars | 2 +-
examples/sample-input-ha.tfvars | 2 +-
examples/sample-input-minimal.tfvars | 2 +-
examples/sample-input.tfvars | 2 +-
modules/kubeconfig/main.tf | 20 ++++++++++++++++++-
.../templates/kubeconfig-provider.tmpl | 2 +-
variables.tf | 2 +-
versions.tf | 2 +-
14 files changed, 33 insertions(+), 15 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index b8c01c3f..08c7d329 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,7 +3,7 @@ ARG AWS_CLI_VERSION=2.7.22
FROM hashicorp/terraform:$TERRAFORM_VERSION as terraform
FROM amazon/aws-cli:$AWS_CLI_VERSION
-ARG KUBECTL_VERSION=1.22.10
+ARG KUBECTL_VERSION=1.23.8
WORKDIR /viya4-iac-aws
diff --git a/README.md b/README.md
index 055343ea..f4e9694c 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ The following are also required:
#### Terraform Requirements:
- [Terraform](https://www.terraform.io/downloads.html) v1.0.0
-- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - v1.22.10
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - v1.23.8
- [jq](https://stedolan.github.io/jq/) v1.6
- [AWS CLI](https://aws.amazon.com/cli) (optional; useful as an alternative to the AWS Web Console) v2.7.22
diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md
index 72fcbdbf..e42ca8eb 100644
--- a/docs/CONFIG-VARS.md
+++ b/docs/CONFIG-VARS.md
@@ -196,8 +196,8 @@ Custom policy:
| Name
| Description
| Type
| Default
| Notes
|
| :--- | :--- | :--- | :--- | :--- |
-| create_static_kubeconfig | Allows the user to create a provider- or service account-based kubeconfig file | bool | false | A value of `false` defaults to using the cloud provider's mechanism for generating the kubeconfig file. A value of `true` creates a static kubeconfig that uses a service account and cluster role binding to provide credentials. |
-| kubernetes_version | The EKS cluster Kubernetes version | string | "1.22" | |
+| create_static_kubeconfig | Allows the user to create a provider- or service account-based kubeconfig file | bool | true | A value of `false` defaults to using the cloud provider's mechanism for generating the kubeconfig file. A value of `true` creates a static kubeconfig that uses a service account and cluster role binding to provide credentials. |
+| kubernetes_version | The EKS cluster Kubernetes version | string | "1.23" | |
| create_jump_vm | Create bastion host (jump VM) | bool | true| |
| create_jump_public_ip | Add public IP address to jump VM | bool | true | |
| jump_vm_admin | OS admin user for the jump VM | string | "jumpuser" | |
diff --git a/examples/sample-input-byo.tfvars b/examples/sample-input-byo.tfvars
index 55696d90..dc523de8 100644
--- a/examples/sample-input-byo.tfvars
+++ b/examples/sample-input-byo.tfvars
@@ -37,7 +37,7 @@ postgres_servers = {
}
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input-connect.tfvars b/examples/sample-input-connect.tfvars
index 6f26e0bf..ea9b7e76 100644
--- a/examples/sample-input-connect.tfvars
+++ b/examples/sample-input-connect.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
}
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input-custom-data.tfvars b/examples/sample-input-custom-data.tfvars
index afcfbeba..3b03b855 100644
--- a/examples/sample-input-custom-data.tfvars
+++ b/examples/sample-input-custom-data.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
}
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input-gpu.tfvars b/examples/sample-input-gpu.tfvars
index 5522c286..9668d9fb 100644
--- a/examples/sample-input-gpu.tfvars
+++ b/examples/sample-input-gpu.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
}
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input-ha.tfvars b/examples/sample-input-ha.tfvars
index a59efe8d..4b50514a 100644
--- a/examples/sample-input-ha.tfvars
+++ b/examples/sample-input-ha.tfvars
@@ -30,7 +30,7 @@ postgres_servers = {
ssh_public_key = "~/.ssh/id_rsa.pub"
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input-minimal.tfvars b/examples/sample-input-minimal.tfvars
index f89a66ba..4c5aebf4 100644
--- a/examples/sample-input-minimal.tfvars
+++ b/examples/sample-input-minimal.tfvars
@@ -27,7 +27,7 @@ tags = { } # e.g., { "key1" = "value1", "key2
# }
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 1
default_nodepool_vm_type = "m5.large"
default_nodepool_custom_data = ""
diff --git a/examples/sample-input.tfvars b/examples/sample-input.tfvars
index 4655a045..e4e24a81 100644
--- a/examples/sample-input.tfvars
+++ b/examples/sample-input.tfvars
@@ -27,7 +27,7 @@ postgres_servers = {
}
## Cluster config
-kubernetes_version = "1.22"
+kubernetes_version = "1.23"
default_nodepool_node_count = 2
default_nodepool_vm_type = "m5.2xlarge"
default_nodepool_custom_data = ""
diff --git a/modules/kubeconfig/main.tf b/modules/kubeconfig/main.tf
index a71e5a6a..9ad61c71 100644
--- a/modules/kubeconfig/main.tf
+++ b/modules/kubeconfig/main.tf
@@ -21,9 +21,10 @@ data "template_file" "kubeconfig_provider" {
data "kubernetes_secret" "sa_secret" {
count = var.create_static_kubeconfig ? 1 : 0
metadata {
- name = kubernetes_service_account.kubernetes_sa.0.default_secret_name
+ name = kubernetes_secret.sa_secret.0.metadata.0.name
namespace = var.namespace
}
+ depends_on = [kubernetes_secret.sa_secret]
}
data "template_file" "kubeconfig_sa" {
@@ -38,8 +39,25 @@ data "template_file" "kubeconfig_sa" {
token = lookup(data.kubernetes_secret.sa_secret.0.data,"token", "")
namespace = var.namespace
}
+ depends_on = [data.kubernetes_secret.sa_secret]
}
+# 1.24 change: Create service account secret
+resource "kubernetes_secret" "sa_secret" {
+ count = var.create_static_kubeconfig ? 1 : 0
+ metadata {
+ name = local.service_account_secret_name
+ namespace = var.namespace
+ annotations = {
+ "kubernetes.io/service-account.name" = local.service_account_name
+ }
+ }
+ type = "kubernetes.io/service-account-token"
+ depends_on = [kubernetes_service_account.kubernetes_sa]
+}
+
+# Starting K8s v1.24+ hashicorp/terraform-provider-kubernetes issues warning message:
+# "Warning: 'default_secret_name' is no longer applicable for Kubernetes 'v1.24.0' and above"
resource "kubernetes_service_account" "kubernetes_sa" {
count = var.create_static_kubeconfig ? 1 : 0
metadata {
diff --git a/modules/kubeconfig/templates/kubeconfig-provider.tmpl b/modules/kubeconfig/templates/kubeconfig-provider.tmpl
index e77506a9..169e20f0 100644
--- a/modules/kubeconfig/templates/kubeconfig-provider.tmpl
+++ b/modules/kubeconfig/templates/kubeconfig-provider.tmpl
@@ -16,7 +16,7 @@ users:
- name: ${cluster_name}
user:
exec:
- apiVersion: client.authentication.k8s.io/v1alpha1
+ apiVersion: client.authentication.k8s.io/v1beta1
args:
- --region
- ${region}
diff --git a/variables.tf b/variables.tf
index b72499ef..d4fde62c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -95,7 +95,7 @@ variable efs_performance_mode {
## Kubernetes
variable "kubernetes_version" {
description = "The EKS cluster Kubernetes version"
- default = "1.22"
+ default = "1.23"
}
variable "tags" {
diff --git a/versions.tf b/versions.tf
index 88e1874c..73d7915f 100644
--- a/versions.tf
+++ b/versions.tf
@@ -27,7 +27,7 @@ terraform {
}
kubernetes = {
source = "hashicorp/kubernetes"
- version = "2.12.0"
+ version = "2.13.0"
}
tls = {
source = "hashicorp/tls"