From 883e7705c241b5e93c45110ffa98a9d4d3b8afc4 Mon Sep 17 00:00:00 2001 From: Tyrone Meijn Date: Thu, 16 Jun 2022 16:04:16 +0200 Subject: [PATCH 1/3] fix: split crds yamls and resources --- main.tf | 13 +- yamls/ingressclassparams.yaml | 147 ++++++++++++++++++ yamls/{crds.yaml => targetgroupbindings.yaml} | 145 +---------------- 3 files changed, 156 insertions(+), 149 deletions(-) create mode 100644 yamls/ingressclassparams.yaml rename yamls/{crds.yaml => targetgroupbindings.yaml} (71%) diff --git a/main.tf b/main.tf index e57ea3a..573a448 100644 --- a/main.tf +++ b/main.tf @@ -31,13 +31,16 @@ resource "aws_iam_role_policy_attachment" "alb-ingress-controller-iam-role-polic policy_arn = aws_iam_policy.alb-ingress-controller-iam-policy.arn } -data "kubectl_file_documents" "crds" { - content = file("${path.module}/yamls/crds.yaml") +resource "kubectl_manifest" "ingessclassparams" { + yaml_body = file("${path.module}/yamls/ingressclassparams.yaml") + + wait = true } -resource "kubectl_manifest" "crds" { - for_each = data.kubectl_file_documents.crds.manifests - yaml_body = each.value +resource "kubectl_manifest" "targetgroupbindings" { + yaml_body = file("${path.module}/yamls/targetgroupbindings.yaml") + + wait = true } # V 2.4.1 diff --git a/yamls/ingressclassparams.yaml b/yamls/ingressclassparams.yaml new file mode 100644 index 0000000..4509c06 --- /dev/null +++ b/yamls/ingressclassparams.yaml @@ -0,0 +1,147 @@ +# Source: https://github.com/aws/eks-charts/blob/master/stable/aws-load-balancer-controller/crds/crds.yaml +# Commit version: https://github.com/aws/eks-charts/commit/93fa739be6d96e15ec1735a50ace40eefb2ec2c6 +# Matches chart: version: 1.4.1 +# appVersion: v2.4.1 + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: ingressclassparams.elbv2.k8s.aws +spec: + group: elbv2.k8s.aws + names: + kind: IngressClassParams + listKind: IngressClassParamsList + plural: ingressclassparams + singular: ingressclassparams + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Ingress Group name + jsonPath: .spec.group.name + name: GROUP-NAME + type: string + - description: The AWS Load Balancer scheme + jsonPath: .spec.scheme + name: SCHEME + type: string + - description: The AWS Load Balancer ipAddressType + jsonPath: .spec.ipAddressType + name: IP-ADDRESS-TYPE + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IngressClassParams is the Schema for the IngressClassParams API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressClassParamsSpec defines the desired state of IngressClassParams + properties: + group: + description: Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams. + properties: + name: + description: Name is the name of IngressGroup. + type: string + required: + - name + type: object + ipAddressType: + description: IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams. + enum: + - ipv4 + - dualstack + type: string + loadBalancerAttributes: + description: LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with this IngressClassParams. + items: + description: Attributes defines custom attributes on resources. + properties: + key: + description: The key of the attribute. + type: string + value: + description: The value of the attribute. + type: string + required: + - key + - value + type: object + type: array + namespaceSelector: + description: NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. * if absent or present but empty, it selects all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + scheme: + description: Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams. + enum: + - internal + - internet-facing + type: string + tags: + description: Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams. + items: + description: Tag defines a AWS Tag on resources. + properties: + key: + description: The key of the tag. + type: string + value: + description: The value of the tag. + type: string + required: + - key + - value + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/yamls/crds.yaml b/yamls/targetgroupbindings.yaml similarity index 71% rename from yamls/crds.yaml rename to yamls/targetgroupbindings.yaml index 74e17ca..b8ec95f 100644 --- a/yamls/crds.yaml +++ b/yamls/targetgroupbindings.yaml @@ -3,149 +3,6 @@ # Matches chart: version: 1.4.1 # appVersion: v2.4.1 -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.5.0 - creationTimestamp: null - name: ingressclassparams.elbv2.k8s.aws -spec: - group: elbv2.k8s.aws - names: - kind: IngressClassParams - listKind: IngressClassParamsList - plural: ingressclassparams - singular: ingressclassparams - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Ingress Group name - jsonPath: .spec.group.name - name: GROUP-NAME - type: string - - description: The AWS Load Balancer scheme - jsonPath: .spec.scheme - name: SCHEME - type: string - - description: The AWS Load Balancer ipAddressType - jsonPath: .spec.ipAddressType - name: IP-ADDRESS-TYPE - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: IngressClassParams is the Schema for the IngressClassParams API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IngressClassParamsSpec defines the desired state of IngressClassParams - properties: - group: - description: Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams. - properties: - name: - description: Name is the name of IngressGroup. - type: string - required: - - name - type: object - ipAddressType: - description: IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams. - enum: - - ipv4 - - dualstack - type: string - loadBalancerAttributes: - description: LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with this IngressClassParams. - items: - description: Attributes defines custom attributes on resources. - properties: - key: - description: The key of the attribute. - type: string - value: - description: The value of the attribute. - type: string - required: - - key - - value - type: object - type: array - namespaceSelector: - description: NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. * if absent or present but empty, it selects all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - scheme: - description: Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams. - enum: - - internal - - internet-facing - type: string - tags: - description: Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams. - items: - description: Tag defines a AWS Tag on resources. - properties: - key: - description: The key of the tag. - type: string - value: - description: The value of the tag. - type: string - required: - - key - - value - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -476,4 +333,4 @@ status: kind: "" plural: "" conditions: [] - storedVersions: [] \ No newline at end of file + storedVersions: [] From b2ef9b3ab2d50f92d360810ebfd249cea016dae2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 16 Jun 2022 14:08:03 +0000 Subject: [PATCH 2/3] terraform-docs: automated action --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c090268..577a84c 100644 --- a/README.md +++ b/README.md @@ -112,12 +112,12 @@ No modules. | [aws_iam_role.alb-ingress-controller-iam-role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | | [aws_iam_role_policy_attachment.alb-ingress-controller-iam-role-policy-attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [helm_release.aws-load-balancer-controller](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | -| [kubectl_manifest.crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.ingessclassparams](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.targetgroupbindings](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | | [kubernetes_cluster_role.alb_ingress_controller](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) | resource | | [kubernetes_cluster_role_binding.alb_ingress_controller](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource | | [kubernetes_service_account.alb_ingress_controller](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource | | [aws_iam_policy_document.policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [kubectl_file_documents.crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source | ## Inputs From 5ed622935f78c8b55ea6c32d7fbdd17d50b10462 Mon Sep 17 00:00:00 2001 From: Tyrone Meijn Date: Thu, 16 Jun 2022 16:11:25 +0200 Subject: [PATCH 3/3] fix depends_on --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 573a448..d677d8a 100644 --- a/main.tf +++ b/main.tf @@ -47,7 +47,7 @@ resource "kubectl_manifest" "targetgroupbindings" { # https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/deploy/installation/ # helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName= resource "helm_release" "aws-load-balancer-controller" { - depends_on = [kubectl_manifest.crds] + depends_on = [kubectl_manifest.ingessclassparams, kubectl_manifest.targetgroupbindings] name = "aws-load-balancer-controller" namespace = "kube-system" repository = "https://aws.github.io/eks-charts"