wip

Author: dak1n1

GNUmakefile

@@ -9,6 +9,7 @@ OS_ARCH      := $(shell go env GOOS)_$(shell go env GOARCH)
 TF_PROV_DOCS := $(PWD)/kubernetes/test-infra/tfproviderdocs
 EXT_PROV_DIR := $(PWD)/kubernetes/test-infra/external-providers
 EXT_PROV_BIN := /tmp/.terraform.d/localhost/test/kubernetes/9.9.9/$(OS_ARCH)/terraform-provider-kubernetes_9.9.9_$(OS_ARCH)
+KUBECONFIG1  =  $(shell echo $(KUBECONFIG) | cut -d\: -f1)
 
 ifneq ($(PWD),$(PROVIDER_DIR))
 $(error "Makefile must be run from the provider directory")
@@ -57,6 +58,8 @@ test: fmtcheck
 		xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4
 
 testacc: fmtcheck vet
+	rm -f kubernetes/testdata/kubeconfig
+	cp $(KUBECONFIG1) kubernetes/testdata/kubeconfig
 	rm -rf $(EXT_PROV_DIR)/.terraform $(EXT_PROV_DIR)/.terraform.lock.hcl || true
 	mkdir $(EXT_PROV_DIR)/.terraform
 	mkdir -p /tmp/.terraform.d/localhost/test/kubernetes/9.9.9/$(OS_ARCH) || true

_examples/eks/kubernetes-config/main.tf

@@ -1,15 +1,4 @@
-provider "kubernetes" {
-  host                   = var.cluster_endpoint
-  cluster_ca_certificate = base64decode(var.cluster_ca_cert)
-  exec {
-    api_version = "client.authentication.k8s.io/v1alpha1"
-    args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-    command     = "aws"
-  }
-}
-
 resource "kubernetes_config_map" "name" {
-  depends_on  = [var.cluster_name]
   metadata {
     name      = "aws-auth"
     namespace = "kube-system"
@@ -23,26 +12,20 @@ resource "kubernetes_config_map" "name" {
   }
 }
 
-# This allows the kubeconfig file to be refreshed during every Terraform apply.
 # Optional: this kubeconfig file is only used for manual CLI access to the cluster.
 resource "null_resource" "generate-kubeconfig" {
   provisioner "local-exec" {
     command = "aws eks update-kubeconfig --name ${var.cluster_name} --kubeconfig ${path.root}/kubeconfig"
   }
-  triggers = {
-    always_run = timestamp()
-  }
 }
 
 resource "kubernetes_namespace" "test" {
-  depends_on  = [var.cluster_name]
   metadata {
     name = "test"
   }
 }
 
 resource "kubernetes_deployment" "test" {
-  depends_on  = [var.cluster_name]
   metadata {
     name = "test"
     namespace= kubernetes_namespace.test.metadata.0.name
@@ -81,20 +64,7 @@ resource "kubernetes_deployment" "test" {
   }
 }
 
-provider "helm" {
-  kubernetes {
-    host                   = var.cluster_endpoint
-    cluster_ca_certificate = base64decode(var.cluster_ca_cert)
-    exec {
-      api_version = "client.authentication.k8s.io/v1alpha1"
-      args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-      command     = "aws"
-    }
-  }
-}
-
 resource helm_release nginx_ingress {
-  depends_on  = [var.cluster_name]
   name       = "nginx-ingress-controller"
 
   repository = "https://charts.bitnami.com/bitnami"

_examples/eks/kubernetes-config/variables.tf

@@ -1,12 +1,4 @@
 variable "k8s_node_role_arn" {
-  type = list(string)
-}
-
-variable "cluster_ca_cert" {
-  type = string
-}
-
-variable "cluster_endpoint" {
   type = string
 }
 

_examples/eks/main.tf

@@ -15,6 +15,34 @@ terraform {
   }
 }
 
+data "aws_eks_cluster" "default" {
+  name = module.cluster.cluster_id
+}
+
+data "aws_eks_cluster_auth" "default" {
+  name = module.cluster.cluster_id
+}
+
+provider "kubernetes" {
+  host                   = data.aws_eks_cluster.default.endpoint
+  cluster_ca_certificate = base64decode(data.aws_eks_cluster.default.certificate_authority[0].data)
+  token                  = data.aws_eks_cluster_auth.default.token
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = data.aws_eks_cluster.default.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.default.certificate_authority[0].data)
+    token                  = data.aws_eks_cluster_auth.default.token
+  }
+}
+
+#  exec {
+#    api_version = "client.authentication.k8s.io/v1alpha1"
+#    args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
+#    command     = "aws"
+#  }
+
 provider "aws" {
   region = var.region
 }
@@ -25,7 +53,7 @@ module "vpc" {
 
 module "cluster" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "v13.2.1"
+  version = "v14.0.0"
 
   vpc_id  = module.vpc.vpc_id
   subnets = module.vpc.subnets
@@ -51,9 +79,7 @@ module "cluster" {
 }
 
 module "kubernetes-config" {
-  source            = "./kubernetes-config"
-  k8s_node_role_arn = list(module.cluster.worker_iam_role_arn)
-  cluster_ca_cert   = module.cluster.cluster_certificate_authority_data
   cluster_name      = module.cluster.cluster_id # creates dependency on cluster creation
-  cluster_endpoint  = module.cluster.cluster_endpoint
+  source            = "./kubernetes-config"
+  k8s_node_role_arn = module.cluster.worker_iam_role_arn
 }

kubernetes/test-infra/eks/main.tf

@@ -47,7 +47,7 @@ module "cluster" {
 
 module "node-config" {
   source                  = "./node-config"
-  k8s_node_role_arn       = list(module.cluster.worker_iam_role_arn)
+  k8s_node_role_arn       = tolist(module.cluster.worker_iam_role_arn)
   cluster_ca              = module.cluster.cluster_certificate_authority_data
   cluster_name            = module.cluster.cluster_id # creates dependency on cluster creation
   cluster_endpoint        = module.cluster.cluster_endpoint

kubernetes/test-infra/eks/node-config/variables.tf

@@ -1,5 +1,5 @@
 variable "k8s_node_role_arn" {
-  type = list(string)
+  type = tolist(string)
 }
 
 variable "cluster_ca" {