Skip to content

Commit

Permalink
Refactor namespace group to be called tenant (#79)
Browse files Browse the repository at this point in the history
  • Loading branch information
@phillebaba
phillebaba authored Dec 9, 2020
1 parent 3fa762b commit 15b8b26
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 14 deletions.
4 changes: 2 additions & 2 deletions modules/kubernetes/aks-core/k8s-cluser-role-binding-list-ns.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
resource "kubernetes_cluster_role_binding" "view_list_ns" {
depends_on = [kubernetes_namespace.group]
depends_on = [kubernetes_namespace.tenant]
for_each = { for ns in var.namespaces : ns.name => ns }

metadata {
Expand All @@ -22,7 +22,7 @@ resource "kubernetes_cluster_role_binding" "view_list_ns" {
}

resource "kubernetes_cluster_role_binding" "edit_list_ns" {
depends_on = [kubernetes_namespace.group]
depends_on = [kubernetes_namespace.tenant]
for_each = { for ns in var.namespaces : ns.name => ns }

metadata {
Expand Down
4 changes: 2 additions & 2 deletions modules/kubernetes/aks-core/k8s-namespace.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ resource "kubernetes_namespace" "service_accounts" {
}
}

resource "kubernetes_namespace" "group" {
resource "kubernetes_namespace" "tenant" {
for_each = { for ns in var.namespaces : ns.name => ns }

metadata {
Expand All @@ -19,7 +19,7 @@ resource "kubernetes_namespace" "group" {
}
}

resource "kubernetes_service_account" "group" {
resource "kubernetes_service_account" "tenant" {
for_each = { for ns in var.namespaces : ns.name => ns }

metadata {
Expand Down
2 changes: 1 addition & 1 deletion modules/kubernetes/aks-core/k8s-network-policy.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
resource "kubernetes_network_policy" "group" {
resource "kubernetes_network_policy" "tenant" {
for_each = {
for ns in var.namespaces :
ns.name => ns
Expand Down
14 changes: 7 additions & 7 deletions modules/kubernetes/aks-core/k8s-role-binding.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ resource "kubernetes_role_binding" "view" {

metadata {
name = "${each.value.name}-view"
namespace = kubernetes_namespace.group[each.key].metadata[0].name
namespace = kubernetes_namespace.tenant[each.key].metadata[0].name

labels = {
"aad-group-name" = var.aad_groups.view[each.key].name
Expand All @@ -26,7 +26,7 @@ resource "kubernetes_role_binding" "edit" {

metadata {
name = "${each.value.name}-edit"
namespace = kubernetes_namespace.group[each.key].metadata[0].name
namespace = kubernetes_namespace.tenant[each.key].metadata[0].name

labels = {
"aad-group-name" = var.aad_groups.edit[each.key].name
Expand All @@ -45,7 +45,7 @@ resource "kubernetes_role_binding" "edit" {
}

resource "kubernetes_role_binding" "helm_release" {
depends_on = [kubernetes_namespace.group, kubernetes_cluster_role.helm_release]
depends_on = [kubernetes_namespace.tenant, kubernetes_cluster_role.helm_release]
for_each = { for ns in var.namespaces : ns.name => ns }

metadata {
Expand Down Expand Up @@ -73,7 +73,7 @@ resource "kubernetes_role_binding" "toolkit_helm_release" {

metadata {
name = "toolkit-helm-release"
namespace = kubernetes_namespace.group[each.key].metadata[0].name
namespace = kubernetes_namespace.tenant[each.key].metadata[0].name

labels = {
"aad-group-name" = var.aad_groups.edit[each.key].name
Expand All @@ -96,7 +96,7 @@ resource "kubernetes_role_binding" "toolkit_kustomization" {

metadata {
name = "toolkit-kustomization"
namespace = kubernetes_namespace.group[each.key].metadata[0].name
namespace = kubernetes_namespace.tenant[each.key].metadata[0].name

labels = {
"aad-group-name" = var.aad_groups.edit[each.key].name
Expand Down Expand Up @@ -129,7 +129,7 @@ resource "kubernetes_role_binding" "sa_edit" {
}
subject {
kind = "ServiceAccount"
name = kubernetes_service_account.group[each.key].metadata[0].name
name = kubernetes_service_account.tenant[each.key].metadata[0].name
namespace = kubernetes_namespace.service_accounts.metadata[0].name
}
}
Expand All @@ -149,7 +149,7 @@ resource "kubernetes_role_binding" "sa_helm_release" {
}
subject {
kind = "ServiceAccount"
name = kubernetes_service_account.group[each.key].metadata[0].name
name = kubernetes_service_account.tenant[each.key].metadata[0].name
namespace = kubernetes_namespace.service_accounts.metadata[0].name
}
}
4 changes: 2 additions & 2 deletions modules/kubernetes/aks-core/modules.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ module "opa_gatekeeper" {

# FluxCD v1
module "fluxcd_v1_azure_devops" {
depends_on = [kubernetes_namespace.group]
depends_on = [kubernetes_namespace.tenant]
for_each = {
for s in ["fluxcd-v1"] :
s => s
Expand Down Expand Up @@ -91,7 +91,7 @@ module "fluxcd_v2_github" {

# AAD-Pod-Identity
module "aad_pod_identity" {
depends_on = [kubernetes_namespace.group]
depends_on = [kubernetes_namespace.tenant]
for_each = {
for s in ["aad-pod-identity"] :
s => s
Expand Down

0 comments on commit 15b8b26

Please sign in to comment.