Add fluxv1 options (#73)

modules/azure/aks-global/README.md

@@ -34,7 +34,7 @@ This module is used to create resources that are used by AKS clusters.
 | group\_name\_separator | Separator for group names | `string` | `"-"` | no |
 | location\_short | The Azure region short name. | `string` | n/a | yes |
 | name | The name to use for the deploy | `string` | n/a | yes |
-| namespaces | The namespaces that should be created in Kubernetes. | <pre>list(<br>    object({<br>      name                    = string<br>      delegate_resource_group = bool<br>      flux = object({<br>        enabled = bool<br>        repo    = string<br>      })<br>    })<br>  )</pre> | n/a | yes |
+| namespaces | The namespaces that should be created in Kubernetes. | <pre>list(<br>    object({<br>      name                    = string<br>      delegate_resource_group = bool<br>    })<br>  )</pre> | n/a | yes |
 | public\_ip\_prefix\_configuration | Configuration for public ip prefix | <pre>object({<br>    count         = number<br>    prefix_length = number<br>  })</pre> | <pre>{<br>  "count": 2,<br>  "prefix_length": 30<br>}</pre> | no |
 | service\_principal\_name\_prefix | Prefix for service principals | `string` | `"sp"` | no |
 | subscription\_name | The commonName for the subscription | `string` | n/a | yes |

modules/azure/aks-global/variables.tf

@@ -29,10 +29,6 @@ variable "namespaces" {
     object({
       name                    = string
       delegate_resource_group = bool
-      flux = object({
-        enabled = bool
-        repo    = string
-      })
     })
   )
 }
@@ -87,4 +83,4 @@ variable "aks_group_name_prefix" {
   description = "Prefix for AKS Azure AD groups"
   type        = string
   default     = "aks"
-}
+}

modules/kubernetes/aks-core/README.md

@@ -31,13 +31,15 @@ This module is used to create AKS clusters.
 | environment | The environment name to use for the deploy | `string` | n/a | yes |
 | external\_dns\_config | External DNS configuration | <pre>object({<br>    client_id   = string<br>    resource_id = string<br>  })</pre> | n/a | yes |
 | external\_dns\_enabled | Should External DNS be enabled | `bool` | `true` | no |
+| fluxcd\_v1\_config | Configuration for fluxcd-v1 | <pre>object({<br>    azure_devops = object({<br>      pat  = string<br>      org  = string<br>      proj = string<br>    })<br>  })</pre> | n/a | yes |
+| fluxcd\_v1\_enabled | Should fluxcd-v1 be enabled | `bool` | `false` | no |
 | fluxcd\_v2\_config | Configuration for fluxcd-v2 | <pre>object({<br>    type = string<br>    github = object({<br>      owner = string<br>    })<br>    azure_devops = object({<br>      pat  = string<br>      org  = string<br>      proj = string<br>    })<br>  })</pre> | n/a | yes |
 | fluxcd\_v2\_enabled | Should fluxcd-v2 be enabled | `bool` | `true` | no |
 | ingress\_nginx\_enabled | Should Ingress NGINX be enabled | `bool` | `true` | no |
 | kubernetes\_network\_policy\_default\_deny | If network policies should by default deny cross namespace traffic | `bool` | `false` | no |
 | location\_short | The Azure region short name. | `string` | n/a | yes |
 | name | The commonName to use for the deploy | `string` | n/a | yes |
-| namespaces | The namespaces that should be created in Kubernetes. | <pre>list(<br>    object({<br>      name                    = string<br>      delegate_resource_group = bool<br>      labels                  = map(string)<br>      flux = object({<br>        enabled = bool<br>        repo    = string<br>      })<br>    })<br>  )</pre> | n/a | yes |
+| namespaces | The namespaces that should be created in Kubernetes. | <pre>list(<br>    object({<br>      name   = string<br>      labels = map(string)<br>      flux = object({<br>        enabled = bool<br>        github = object({<br>          repo = string<br>        })<br>        azure_devops = object({<br>          org  = string<br>          proj = string<br>          repo = string<br>        })<br>      })<br>    })<br>  )</pre> | n/a | yes |
 | opa\_gatekeeper\_enabled | Should OPA Gatekeeper be enabled | `bool` | `true` | no |
 | velero\_config | Velero configuration | <pre>object({<br>    azure_storage_account_name      = string<br>    azure_storage_account_container = string<br>    identity = object({<br>      client_id   = string<br>      resource_id = string<br>    })<br>  })</pre> | n/a | yes |
 | velero\_enabled | Should Velero be enabled | `bool` | `false` | no |

modules/kubernetes/aks-core/modules.tf

@@ -29,6 +29,26 @@ module "opa_gatekeeper" {
   ]
 }
 
+# FluxCD v1
+module "fluxcd_v1_azure_devops" {
+  depends_on = [kubernetes_namespace.group]
+  for_each = {
+    for s in ["fluxcd-v1"] :
+    s => s
+    if var.fluxcd_v1_enabled
+  }
+
+  source = "../../kubernetes/fluxcd-v1"
+
+  azure_devops_pat = var.fluxcd_v1_config.azure_devops.pat
+  azure_devops_org = var.fluxcd_v1_config.azure_devops.org
+  environment      = var.environment
+  namespaces = [for ns in var.namespaces : {
+    name = ns.name
+    flux = ns.flux
+  }]
+}
+
 # FluxCD v2
 module "fluxcd_v2_azure_devops" {
   depends_on = [kubernetes_namespace.group]

modules/kubernetes/aks-core/variables.tf

@@ -37,12 +37,18 @@ variable "namespaces" {
   description = "The namespaces that should be created in Kubernetes."
   type = list(
     object({
-      name                    = string
-      delegate_resource_group = bool
-      labels                  = map(string)
+      name   = string
+      labels = map(string)
       flux = object({
         enabled = bool
-        repo    = string
+        github = object({
+          repo = string
+        })
+        azure_devops = object({
+          org  = string
+          proj = string
+          repo = string
+        })
       })
     })
   )
@@ -54,6 +60,23 @@ variable "kubernetes_network_policy_default_deny" {
   default     = false
 }
 
+variable "fluxcd_v1_enabled" {
+  description = "Should fluxcd-v1 be enabled"
+  type        = bool
+  default     = false
+}
+
+variable "fluxcd_v1_config" {
+  description = "Configuration for fluxcd-v1"
+  type = object({
+    azure_devops = object({
+      pat  = string
+      org  = string
+      proj = string
+    })
+  })
+}
+
 variable "fluxcd_v2_enabled" {
   description = "Should fluxcd-v2 be enabled"
   type        = bool

modules/kubernetes/fluxcd-v1/README.md

@@ -16,21 +16,26 @@ Will be deprecated as soon as Flux v2 module is finished and tested.
 |------|---------|
 | terraform | 0.13.5 |
 | helm | 1.3.2 |
+| kubernetes | 1.13.3 |
+| random | 3.0.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
 | helm | 1.3.2 |
+| kubernetes | 1.13.3 |
+| random | 3.0.0 |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| azdo\_proxy\_enabled | Should azdo-proxy integration be enabled | `bool` | `true` | no |
-| azdo\_proxy\_local\_passwords | The passwords (per namespace) to communicate with Azure DevOps Proxy | `map(string)` | `{}` | no |
-| fluxcd\_v1\_git\_path | The git path for fluxcd-v1 | `string` | `""` | no |
-| namespaces | The namespaces that should be created in Kubernetes. | <pre>list(<br>    object({<br>      name = string<br>      flux = object({<br>        enabled      = bool<br>        azdo_org     = string<br>        azdo_project = string<br>        azdo_repo    = string<br>      })<br>    })<br>  )</pre> | n/a | yes |
+| azure\_devops\_domain | Domain for azure devops | `string` | `"dev.azure.com"` | no |
+| azure\_devops\_org | Azure DevOps organization for bootstrap repository | `string` | n/a | yes |
+| azure\_devops\_pat | PAT to authenticate with Azure DevOps | `string` | n/a | yes |
+| environment | Environment name of the cluster | `string` | n/a | yes |
+| namespaces | The namespaces to configure flux with | <pre>list(<br>    object({<br>      name = string<br>      flux = object({<br>        enabled = bool<br>        azure_devops = object({<br>          org  = string<br>          proj = string<br>          repo = string<br>        })<br>      })<br>    })<br>  )</pre> | n/a | yes |
 
 ## Outputs