Skip to content

Commit

Permalink
fix: move karpenter ECR auth token and provider out of the module (#2067
Browse files Browse the repository at this point in the history 
)

* fix(tigera-operator): do not manage CRDs by default

It should not be needed anymore and can lead to issues. It was fixed in
projectcalico/calico#7216

Signed-off-by: Kevin Lefevre <kevin@particule.io>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(aws/tigera-operator): do not manage CRDs by default

It should not be needed anymore and can lead to issues. It was fixed in
projectcalico/calico#7216

Signed-off-by: Kevin Lefevre <kevin@particule.io>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix: move karpenter ECR auth token and provider out of the module

Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix: move karpenter ECR auth token and provider out of the module

Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* Fix pre-commit docs hook

Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release kong to v2.23.0 (#2068)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release traefik to v23.1.0 (#2069)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release loki to v5.6.2 (#2070)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release loki to v5.6.3 (#2071)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release kube-prometheus-stack to v46.7.0 (#2073)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release external-dns to v1.13.0 (#2072)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release promtail to v6.11.3 (#2074)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release velero to v4.0.3 (#2075)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release loki to v5.6.4 (#2076)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release prometheus-blackbox-exporter to v7.10.0 (#2078)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release kube-prometheus-stack to v46.8.0 (#2077)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release aws-efs-csi-driver to v2.4.5 (#2079)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release cluster-autoscaler to v9.29.1 (#2080)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release loki to v5.8.0 (#2084)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release thanos to v12.6.3 (#2082)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update helm release secrets-store-csi-driver to v1.3.4 (#2081)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* fix(charts): update karpenter docker tag to v0.27.6 (#2083)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update karpenter docker tag to v0.28.0 (#2085)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* Update terrafodm docs

Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* feat(charts): update helm release sealed-secrets to v2.10.0 (#2086)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

* Restore modules/aws/.terraform-docs.yml

Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>

---------

Signed-off-by: Kevin Lefevre <kevin@particule.io>
Signed-off-by: Oleksii Morozenko <oleksiim@seekingalpha.com>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Kevin Lefevre <kevin@particule.io>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
@oleksiimorozenko @ArchiFleKs @renovate
3 people committed Jun 26, 2023
1 parent fe3d56f commit 625c957
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 14 deletions.
2 changes: 0 additions & 2 deletions modules/aws/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ This module can uses [IRSA](https://aws.amazon.com/blogs/opensource/introducing-
| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.42 |
| <a name="provider_aws.ecr_public"></a> [aws.ecr\_public](#provider\_aws.ecr\_public) | >= 4.42 |
| <a name="provider_flux"></a> [flux](#provider\_flux) | 1.0.0-rc.5 |
| <a name="provider_github"></a> [github](#provider\_github) | ~> 5.0 |
| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 2.0 |
Expand Down Expand Up @@ -310,7 +309,6 @@ This module can uses [IRSA](https://aws.amazon.com/blogs/opensource/introducing-
| [tls_self_signed_cert.thanos-tls-querier-ca-cert](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource |
| [tls_self_signed_cert.webhook_issuer_tls](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_ecrpublic_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecrpublic_authorization_token) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver_default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.aws-ebs-csi-driver_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
Expand Down
17 changes: 5 additions & 12 deletions modules/aws/karpenter.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ locals {
irsa_namespace_service_accounts = ["karpenter:karpenter"]
allowed_cidrs = ["0.0.0.0/0"]
iam_role_arn = ""
repository_username = ""
repository_password = ""

},
var.karpenter
)
Expand All @@ -34,16 +37,6 @@ locals {

}

data "aws_ecrpublic_authorization_token" "token" {
provider = aws.ecr_public
}

provider "aws" {
region = "us-east-1"
alias = "ecr_public"
}


data "aws_iam_policy_document" "karpenter_additional" {
count = local.karpenter["enabled"] ? 1 : 0

Expand Down Expand Up @@ -111,8 +104,8 @@ resource "kubernetes_namespace" "karpenter" {
resource "helm_release" "karpenter" {
count = local.karpenter["enabled"] ? 1 : 0
repository = local.karpenter["repository"]
repository_username = data.aws_ecrpublic_authorization_token.token.user_name
repository_password = data.aws_ecrpublic_authorization_token.token.password
repository_username = local.karpenter["repository_username"]
repository_password = local.karpenter["repository_password"]
name = local.karpenter["name"]
chart = local.karpenter["chart"]
version = local.karpenter["chart_version"]
Expand Down

0 comments on commit 625c957

Please sign in to comment.