From b1078dc744ea507c591b861aac4745b8dc418092 Mon Sep 17 00:00:00 2001 From: Michele Zanotti Date: Mon, 5 Aug 2024 09:50:34 +0200 Subject: [PATCH] fixes --- .github/workflows/ci.yaml | 2 +- main.tf | 13 ++++++------- tests/setup/main.tf | 32 ++++++++++++++++++++++++++++++-- tests/smoke_test.tftest.hcl | 13 ++++++++++++- variables.tf | 15 ++++++++++++++- 5 files changed, 63 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c37953a..5698fd4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -21,7 +21,7 @@ env: TF_VAR_client_secret: ${{secrets.CLIENT_SECRET }} jobs: - Check: + CI: runs-on: ubuntu-latest steps: - name: Checkout repo diff --git a/main.tf b/main.tf index f0a985c..09ad9dc 100644 --- a/main.tf +++ b/main.tf @@ -293,26 +293,23 @@ module "aks" { source = "Azure/aks/azurerm" version = "9.1.0" - prefix = var.resource_prefix cluster_name = local.aks_cluster_name location = var.location - resource_group_name = data.azurerm_resource_group.main + resource_group_name = data.azurerm_resource_group.main.name kubernetes_version = var.aks_kubernetes_version orchestrator_version = var.aks_kubernetes_version sku_tier = var.aks_sku_tier - vnet_subnet_id = data.azurerm_subnet.aks_nodes.id + vnet_subnet_id = data.azurerm_subnet.aks_nodes.id net_profile_service_cidr = var.aks_net_profile_service_cidr net_profile_dns_service_ip = var.aks_net_profile_dns_service_ip api_server_authorized_ip_ranges = [ for _, ip in var.aks_api_server_allowed_ip_addresses : "${ip}/32" ] - azure_policy_enabled = true - rbac_aad_admin_group_object_ids = var.aks_cluster_admin_object_ids rbac_aad_managed = true role_based_access_control_enabled = true @@ -352,10 +349,12 @@ module "aks" { # https://learn.microsoft.com/en-us/azure/aks/configure-azure-cni create_role_assignment_network_contributor = true - key_vault_secrets_provider_enabled = true - public_ssh_key = tls_private_key.aks.public_key_openssh + public_ssh_key = tls_private_key.aks.public_key_openssh + # Plugins storage_profile_blob_driver_enabled = true + key_vault_secrets_provider_enabled = true + azure_policy_enabled = true tags = var.tags } diff --git a/tests/setup/main.tf b/tests/setup/main.tf index 6085f79..b7077d7 100644 --- a/tests/setup/main.tf +++ b/tests/setup/main.tf @@ -15,9 +15,37 @@ terraform { } } +variable "location" { + type = string +} + # ----------- Data Sources ----------- # -# TODO +data "azurerm_resource_group" "main" { + name = "rg-platform-inttest" +} + +# ----------- Resources ----------- # +resource "azurerm_virtual_network" "main" { + name = "integration-test" + + resource_group_name = data.azurerm_resource_group.main.name + address_space = ["10.0.0.0/16"] + location = var.location +} +resource "azurerm_subnet" "main" { + name = "aks-nodes" + + virtual_network_name = azurerm_virtual_network.main.name + address_prefixes = ["10.0.1.0/24"] + resource_group_name = data.azurerm_resource_group.main.name +} + # ----------- Outputs ----------- # -# TODO +output "azurerm_virtual_network" { + value = azurerm_virtual_network.main +} +output "azurerm_subnet" { + value = azurerm_subnet.main +} diff --git a/tests/smoke_test.tftest.hcl b/tests/smoke_test.tftest.hcl index 8358305..077a043 100644 --- a/tests/smoke_test.tftest.hcl +++ b/tests/smoke_test.tftest.hcl @@ -10,6 +10,10 @@ run "setup" { module { source = "./tests/setup" } + + variables { + location = "EastUS" + } } run "smoke_test_plan" { @@ -22,8 +26,15 @@ run "smoke_test_plan" { # ------ PostgreSQL Database ------ # postgres_server_networking = { } - # ------ Key Vault ------ # key_vault_public_network_access_enabled = true + + # ------ AKS ------ # + aks_nodes_virtual_network_name = run.setup.azurerm_virtual_network.name + aks_nodes_subnet_name = run.setup.azurerm_subnet.name + + aks_net_profile_service_cidr = "10.32.0.0/24" + aks_net_profile_dns_service_ip = "10.32.0.10" + aks_cluster_admin_object_ids = [] } } diff --git a/variables.tf b/variables.tf index c18ccc0..c5ce932 100644 --- a/variables.tf +++ b/variables.tf @@ -220,7 +220,7 @@ variable "aks_kubernetes_version" { } variable "aks_sku_tier" { description = "The AKS tier. Possible values are: Free, Standard, Premium. It is recommended to use Standard or Premium for production workloads." - default = "Stanard" + default = "Standard" type = string } variable "aks_api_server_allowed_ip_addresses" { @@ -276,6 +276,19 @@ variable "aks_sys_pool" { agents_min_count : optional(number, null) agents_max_count : optional(number, null) }) + default = { + vm_size = "Standard_D4ds_v5" + name = "system" + disk_size_gb = 128 + disk_type = "Ephemeral" + availability_zones = ["1", "2", "3"] + nodes_max_pods = 50 + only_critical_addons_enabled = false + # Auto-scaling setttings + enable_auto_scaling = true + agents_min_count = 1 + agents_max_count = 3 + } }