issue: issues/195 and issues/200 (#225)

Co-authored-by: Dmitry Miroshnik <[email protected]>

.github/workflows/tflint.yml

@@ -0,0 +1,33 @@
+name: tflint
+on:
+  pull_request:
+    paths:
+    - '**.tf'
+    - '**.tfvars'
+    - '**.tfvars.json'
+    - '**.hcl'
+
+jobs:
+
+  tflint:
+    name: runner / tflint
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+      name: Checkout source code
+
+    - uses: terraform-linters/setup-tflint@v2
+      name: Setup TFLint
+      with:
+        tflint_version: v0.41.0
+        github_token: ${{ secrets.github_token }}
+
+    - name: Show version
+      run: tflint --version
+
+    - name: Init TFLint
+      run: tflint --init
+
+    - name: Run TFLint
+      run: tflint -f compact

.tflint.hcl

@@ -1,13 +1,12 @@
 plugin "aws" {
-  enabled = true
+  enabled    = true
   deep_check = true
 }
 
-config {
-  module = true
-  deep_check = false
-  force = false
-  disabled_by_default = false
+plugin "aws" {
+  enabled = true
+  version = "0.17.1"
+  source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }
 
 rule "aws_instance_invalid_type" {

examples/argocd/.gitignore

@@ -0,0 +1,17 @@
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+!.vscode/*.code-snippets
+
+# Local History for Visual Studio Code
+.history/
+
+# Built Visual Studio Code Extensions
+*.vsix

examples/argocd/README.md

@@ -1,21 +1,50 @@
 # About
-That example demonstrates how to configure the EKS cluster with the ArgoCD application. A general idea of the usage of ArgoCD is managing all Kubernetes resources with it. ArgoCD provides us a way of implementing the GitOps methodology for Kubernetes applications.
+
+That example demonstrates how to configure the EKS cluster with the ArgoCD application. A general idea of the usage of ArgoCD is managing all Kubernetes resources with it. ArgoCD provides us with a way of implementing the GitOps methodology for Kubernetes applications.
+
+## Used modules
+
+- terraform-aws-modules/vpc/aws
+- terraform-aws-modules/eks/aws
+- github.com/provectus/sak-argocd Does not work with k8s with version 1.22, need to update helm chart
+
 ## Implementation
-First of all, you execute Terraform commands as it were for `common` example (please follow these instructions to understand how to use SAK). At this step, you will generate all required AWS resources such as EC2 instances, EKS cluster, IAM roles, etc. Also, Terraform will generate a few local files with ArgoCD applications. 
+
+First of all, you execute Terraform commands as it were for `common` example (please follow these instructions to understand how to use SAK). At this step, you will generate all required AWS resources such as EC2 instances, EKS cluster, IAM roles, etc. Also, Terraform will generate a few local files with ArgoCD applications.
 
 The next phase is it uploading these files to your GitHub repository. Please follow ArgoProj's documentation for more detailed information about [how it works](https://argoproj.github.io/argo-cd/#how-it-works)
+
 ## How to use
-That example creates a minimal EKS cluster without any additional software except ArgoCD. 
-You can get KubeConfig for newly created EKS cluster with following aws-cli command:
-``` bash
-aws eks update-kubeconfig --name <your-cluster-name> --region <your-region> 
-```
 
-So for accessing it needs to establish port forwarding for Kubernetes service, you can do it by next command:
+That example creates a minimal EKS cluster without any additional software except ArgoCD.
+You can get KubeConfig for the newly created EKS cluster with the following aws-cli command:
+So for access, it needs to establish port forwarding for Kubernetes service, you can do it by the next command:
+
 ``` bash
 kubectl -n argocd port-forward svc/argocd-server  8080:80
 ```
-Now you can open http://127.0.0.1:8080 in a browser, the password for accessing ArgoCD UI is stored in AWS System Manager Paramstore, you can retrieve it by command:
+
+Now you can open <http://127.0.0.1:8080> in a browser, the password for accessing ArgoCD UI is stored in AWS System Manager Paramstore, you can retrieve it by command:
+
 ``` bash
 aws --region <your-region> ssm get-parameter  --with-decryption --name /<your-cluster-name>/argocd/password | jq -r '.Parameter.Value' 
 ```
+
+### ArgoCD
+
+to get current password:
+for the first time use init password ```kubectl get secrets argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -D```
+
+after deploy helm chart:
+
+```bash
+kubectl get secret -n argocd argocd-secret -o json | \
+  jq '.data|to_entries|map({key, value:.value|@base64d})|from_entries'
+```
+
+to set a password:
+
+```bash
+kubectl patch secret -n argocd argocd-secret \
+  -p '{"stringData": { "admin.password": "'$(htpasswd -bnBC 10 "" newpassword | tr -d ':\n')'"}}'
+```

examples/argocd/locals.tf

@@ -0,0 +1,23 @@
+locals {
+  ### VPC locals
+
+  zones   = coalescelist(var.availability_zones, data.aws_availability_zones.available.names)
+  cidr    = var.cidr != null ? var.cidr : "10.${var.network}.0.0/16"
+  private = var.cidr != null ? [for i, z in local.zones : cidrsubnet(local.cidr, var.network_delimiter, i)] : [for i, _ in local.zones : "10.${var.network}.20${i}.0/24"]
+  public  = var.cidr != null ? [for i, z in local.zones : cidrsubnet(local.cidr, var.network_delimiter, pow(2, var.network_delimiter) - i)] : [for i, _ in local.zones : "10.${var.network}.${i}.0/24"]
+
+  #EKS module local
+  environment  = var.environment
+  project      = var.project
+  cluster_name = var.cluster_name
+  domain       = ["${local.cluster_name}.${var.domain_name}"]
+  subnets      = module.vpc.private_subnets
+
+  registry = "https://registry.${local.domain[0]}"
+
+  docker_config_json = jsonencode(
+    {
+      "\"registry-mirrors\"" = ["\"${local.registry}\""]
+  })
+
+}