-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlocals.tf
139 lines (124 loc) · 6.07 KB
/
locals.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
locals {
provider_account_template = {
"aws-eks" = "${path.module}/templates/provider-account/aws.json.tpl"
"azure-aks" = "${path.module}/templates/provider-account/azure.json.tpl"
"gcp-gke-standard" = "${path.module}/templates/provider-account/gcp.json.tpl"
}
# AWS provider configuration
aws_provider_account_config = {
cluster_name = var.cluster_name
cloud_account_id = var.aws_account_id
cloud_region = var.aws_region
// Auth related
platform_features_user_enabled = var.aws_platform_features_user_enabled
platform_features_user_key_id = var.aws_platform_features_user_access_key_id
platform_features_user_key_secret = var.aws_platform_features_user_secret_access_key
platform_features_role_arn = var.aws_platform_features_role_arn
// Feature flags
object_store_enabled = var.aws_s3_enabled
object_store_bucket_name = var.aws_s3_bucket_name
container_registry_enabled = var.aws_ecr_enabled
parameter_store_enabled = var.aws_parameter_store_enabled
secrets_manager_enabled = var.aws_secrets_manager_enabled
cluster_integration_enabled = var.aws_cluster_integration_enabled
}
# Azure provider configuration
azure_provider_account_config = {
cluster_name = var.cluster_name
subscription_id = var.azure_subscription_id
resource_group_name = var.azure_resource_group_name
cluster_integration_enabled = var.azure_cluster_integration_enabled
cluster_integration_client_id = var.azure_client_id
cluster_integration_client_secret = var.azure_client_secret
cluster_integration_tenant_id = var.azure_tenant_id
container_registry_enabled = var.azure_acr_enabled
container_registry_admin_password = var.azure_acr_admin_password
container_registry_admin_username = var.azure_acr_admin_username
container_registry_login_server = var.azure_acr_login_server
blob_storage_enabled = var.azure_blob_storage_enabled
blob_storage_connection_string = var.azure_blob_storage_connection_string
blob_storage_root_url = var.azure_blob_storage_root_url
}
# GCP provider configuration
gcp_provider_account_config = {
cluster_name = var.cluster_name
project_id = var.gcp_project_id
region = var.gcp_region
sa_auth_data = var.gcp_sa_auth_data
container_registry_enabled = var.gcp_container_registry_enabled
blob_storage_enabled = var.gcp_blob_storage_enabled
secrets_manager_enabled = var.gcp_secrets_manager_enabled
cluster_integration_enabled = var.gcp_cluster_integration_enabled
artifact_registry_url = var.gcp_artifact_registry_url
bucket_url = var.gcp_storage_bucket_url
}
# Default configuration
default_provider_account_config = {
cluster_name = var.cluster_name
}
# Select appropriate configuration based on cluster type
provider_account_config = var.cluster_type == "generic" ? "" : templatefile(
local.provider_account_template[var.cluster_type],
var.cluster_type == "aws-eks" ? local.aws_provider_account_config : (
var.cluster_type == "azure-aks" ? local.azure_provider_account_config : (
var.cluster_type == "gcp-gke-standard" ? local.gcp_provider_account_config : local.default_provider_account_config
)
)
)
cluster_template = {
"aws-eks" = "${path.module}/templates/cluster/aws.json.tpl"
"azure-aks" = "${path.module}/templates/cluster/azure.json.tpl"
"gcp-gke-standard" = "${path.module}/templates/cluster/gcp.json.tpl"
"generic" = "${path.module}/templates/cluster/generic.json.tpl"
}
# AWS provider configuration
aws_cluster_config = {
cluster_name = var.cluster_name
cluster_type = "aws-eks"
env_name = data.external.get_environment.result.environment_name
tenant_name = data.external.get_environment.result.tenant_name
account_type = "aws"
container_registry_enabled = var.aws_ecr_enabled
cluster_integration_enabled = var.aws_cluster_integration_enabled
}
# Azure provider configuration
azure_cluster_config = {
cluster_name = var.cluster_name
cluster_type = "azure-aks"
env_name = data.external.get_environment.result.environment_name
tenant_name = data.external.get_environment.result.tenant_name
account_type = "azure"
container_registry_enabled = var.azure_acr_enabled
cluster_integration_enabled = var.azure_cluster_integration_enabled
}
# GCP provider configuration
gcp_cluster_config = {
cluster_name = var.cluster_name
cluster_type = "gcp-gke-standard"
env_name = data.external.get_environment.result.environment_name
tenant_name = data.external.get_environment.result.tenant_name
account_type = "gcp"
container_registry_enabled = var.gcp_container_registry_enabled
cluster_integration_enabled = var.gcp_cluster_integration_enabled
}
generic_cluster_config = {
cluster_name = var.cluster_name
cluster_type = "generic"
env_name = data.external.get_environment.result.environment_name
tenant_name = data.external.get_environment.result.tenant_name
}
cluster_config = templatefile(
local.cluster_template[var.cluster_type],
var.cluster_type == "aws-eks" ? local.aws_cluster_config : (
var.cluster_type == "azure-aks" ? local.azure_cluster_config : (
var.cluster_type == "gcp-gke-standard" ? local.gcp_cluster_config : local.generic_cluster_config
)
)
)
# Update the output_map to use the external data source
output_map = {
"CLUSTER_ID" = data.external.create_cluster.result.cluster_id
"CLUSTER_TOKEN" = data.external.create_cluster.result.cluster_token
"TENANT_NAME" = data.external.get_environment.result.tenant_name
}
}