From 74d29c77799e668616984f923767c40e9abf508f Mon Sep 17 00:00:00 2001 From: Simon Gottschlag Date: Thu, 10 Dec 2020 10:21:01 +0100 Subject: [PATCH 1/4] Add module depends_on --- modules/kubernetes/aks-core/modules.tf | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/modules/kubernetes/aks-core/modules.tf b/modules/kubernetes/aks-core/modules.tf index 5bd4a86b2..6a830fa8b 100644 --- a/modules/kubernetes/aks-core/modules.tf +++ b/modules/kubernetes/aks-core/modules.tf @@ -31,7 +31,8 @@ module "opa_gatekeeper" { # FluxCD v1 module "fluxcd_v1_azure_devops" { - depends_on = [kubernetes_namespace.tenant] + depends_on = [kubernetes_namespace.tenant, module.opa_gatekeeper] + for_each = { for s in ["fluxcd-v1"] : s => s @@ -91,7 +92,8 @@ module "fluxcd_v2_github" { # AAD-Pod-Identity module "aad_pod_identity" { - depends_on = [kubernetes_namespace.tenant] + depends_on = [kubernetes_namespace.tenant, module.opa_gatekeeper] + for_each = { for s in ["aad-pod-identity"] : s => s @@ -108,6 +110,8 @@ module "aad_pod_identity" { # Ingress Nginx module "ingress_nginx" { + depends_on = [module.opa_gatekeeper] + for_each = { for s in ["ingress-nginx"] : s => s @@ -119,6 +123,8 @@ module "ingress_nginx" { # External DNS module "external_dns" { + depends_on = [module.opa_gatekeeper, module.aad_pod_identity] + for_each = { for s in ["external-dns"] : s => s @@ -139,6 +145,8 @@ module "external_dns" { # Cert Manager module "cert_manager" { + depends_on = [module.opa_gatekeeper] + for_each = { for s in ["cert-manager"] : s => s @@ -152,6 +160,8 @@ module "cert_manager" { # Velero module "velero" { + depends_on = [module.opa_gatekeeper] + for_each = { for s in ["velero"] : s => s From 42eb80ca7a24e2fcbebc0730891ba601ecc9ef76 Mon Sep 17 00:00:00 2001 From: Simon Gottschlag Date: Thu, 10 Dec 2020 10:25:56 +0100 Subject: [PATCH 2/4] make fmt --- modules/kubernetes/aks-core/modules.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/kubernetes/aks-core/modules.tf b/modules/kubernetes/aks-core/modules.tf index 6a830fa8b..316f2b5cb 100644 --- a/modules/kubernetes/aks-core/modules.tf +++ b/modules/kubernetes/aks-core/modules.tf @@ -161,7 +161,7 @@ module "cert_manager" { # Velero module "velero" { depends_on = [module.opa_gatekeeper] - + for_each = { for s in ["velero"] : s => s From 4900b51e11d8dcc8f6ead24a5316d40a6317a723 Mon Sep 17 00:00:00 2001 From: Simon Gottschlag Date: Thu, 10 Dec 2020 10:53:27 +0100 Subject: [PATCH 3/4] Update ingress_nginx name --- modules/kubernetes/ingress-nginx/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/kubernetes/ingress-nginx/main.tf b/modules/kubernetes/ingress-nginx/main.tf index 4bf97ada6..02f99e05d 100644 --- a/modules/kubernetes/ingress-nginx/main.tf +++ b/modules/kubernetes/ingress-nginx/main.tf @@ -33,7 +33,7 @@ resource "kubernetes_namespace" "this" { } } -resource "helm_release" "ingres_nginx" { +resource "helm_release" "ingress_nginx" { repository = "https://kubernetes.github.io/ingress-nginx" chart = "ingress-nginx" name = "ingress-nginx" From a180a2c4849b60998e68638ce4e8244020c3445f Mon Sep 17 00:00:00 2001 From: Simon Gottschlag Date: Thu, 10 Dec 2020 12:40:58 +0100 Subject: [PATCH 4/4] Add external-dns to exclude --- modules/kubernetes/aks-core/modules.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/kubernetes/aks-core/modules.tf b/modules/kubernetes/aks-core/modules.tf index 316f2b5cb..ffc50ed44 100644 --- a/modules/kubernetes/aks-core/modules.tf +++ b/modules/kubernetes/aks-core/modules.tf @@ -10,7 +10,7 @@ module "opa_gatekeeper" { exclude = [ { - excluded_namespaces = ["kube-system", "gatekeeper-system", "aad-pod-identity", "cert-manager", "ingress-nginx", "velero", "azdo-proxy", "flux-system"] + excluded_namespaces = ["kube-system", "gatekeeper-system", "aad-pod-identity", "cert-manager", "ingress-nginx", "velero", "azdo-proxy", "flux-system", "external-dns"] processes = ["*"] } ]