first commit

.envrc_default

@@ -0,0 +1,3 @@
+export AWS_CONFIG_FILE=
+export AWS_SHARED_CREDENTIALS_FILE=
+export KUBECONFIG=kubeconfig_EKS-DEMO

.github/CODEOWNERS

@@ -0,0 +1 @@
+*     @timurgaleev

.github/auto-merge.yml

@@ -0,0 +1,20 @@
+# Configuration for probot-auto-merge - https://github.com/bobvanderlinden/probot-auto-merge
+
+updateBranch: true
+deleteBranchAfterMerge: true
+reportStatus: true
+
+minApprovals:
+  COLLABORATOR: 0
+maxRequestedChanges:
+  NONE: 0
+blockingLabels:
+  - blocked
+
+# Will merge whenever the above conditions are met, but also
+# the owner has approved or merge label was added.
+rules:
+  - minApprovals:
+      OWNER: 1
+  - requiredLabels:
+      - merge

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: terraform
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "04:00"
+  open-pull-requests-limit: 10

.github/stale.yml

@@ -0,0 +1,17 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+# Label to use when marking an issue as stale
+staleLabel: wontfix
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.github/workflows/lint.yml

@@ -0,0 +1,37 @@
+name: Linting
+
+on:
+  pull_request:
+    paths:
+      - '**'
+
+jobs:
+  terraform:
+    name: Terraform Linting
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: checkout
+      uses: actions/checkout@v2
+
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v1
+      with:
+        terraform_version: 0.12.26
+
+    - name: terraform fmt
+      run: terraform fmt -check -recursive -diff
+
+    - name: 'module: terraform init'
+      run: terraform init
+
+    - name: 'sub-modules: terraform validate'
+      env:
+        AWS_DEFAULT_REGION: eu-central-1
+      run: |
+        for module in $(find modules/ -maxdepth 1 -mindepth 1 -type d); do
+          cd $module
+          terraform init
+          terraform validate
+          cd -
+        done

.github/workflows/push.yml

@@ -0,0 +1,28 @@
+name: Build-Push
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 1
+
+      - name: Bump Version
+        uses: timzu/act-build@master
+        with:
+          args: --version
+
+      - name: Release
+        uses: timzu/act-build@master
+        with:
+          args: --release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,23 @@
+# .gitignore
+
+config-map-aws-auth_*.yaml
+kubeconfig_*
+.terraform
+local
+.idea
+
+# use other *.tfvars files for parametrization of config-modules
+terraform.tfvars
+*.tfstate*
+
+# direnv.net config
+.envrc
+
+# OS generated files #
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db

00-variable.tf.json

@@ -0,0 +1,76 @@
+{
+    "variable": {
+      "bitnami_external_dns": {
+        "default": "3.3.0", 
+        "description": "bitnami/external-dns"
+      }, 
+      "codecentric_keycloak": {
+        "default": "9.0.1", 
+        "description": "codecentric/keycloak"
+      }, 
+      "gabibbo97_keycloak_gatekeeper": {
+        "default": "3.3.1", 
+        "description": "gabibbo97/keycloak-gatekeeper"
+      }, 
+      "jetstack_cert_manager": {
+        "default": "v0.16.1", 
+        "description": "jetstack/cert-manager"
+      }, 
+      "oteemo_sonarqube": {
+        "default": "6.6.0", 
+        "description": "oteemo/sonarqube"
+      }, 
+      "oteemo_sonatype_nexus": {
+        "default": "2.7.0", 
+        "description": "oteemo/sonatype-nexus"
+      }, 
+      "stable_chartmuseum": {
+        "default": "2.13.2", 
+        "description": "stable/chartmuseum"
+      }, 
+      "stable_grafana": {
+        "default": "5.5.5", 
+        "description": "stable/grafana"
+      }, 
+      "stable_jenkins": {
+        "default": "2.5.2", 
+        "description": "stable/jenkins"
+      }, 
+      "stable_metrics_server": {
+        "default": "2.11.1", 
+        "description": "stable/metrics-server"
+      }, 
+      "stable_nginx_ingress": {
+        "default": "1.41.2", 
+        "description": "stable/nginx-ingress"
+      }, 
+      "stable_prometheus_adapter": {
+        "default": "2.5.0", 
+        "description": "stable/prometheus-adapter"
+      }, 
+      "stable_prometheus_operator": {
+        "default": "9.3.1", 
+        "description": "stable/prometheus-operator"
+      },
+      "argo_argo": {
+        "default": "0.9.8", 
+        "description": "argo/argo"
+      }, 
+      "argo_argo_cd": {
+        "default": "2.6.0", 
+        "description": "argo/argo-cd"
+      }, 
+      "argo_argo_events": {
+        "default": "0.17.0", 
+        "description": "argo/argo-events"
+      }, 
+      "argo_argo_rollouts": {
+        "default": "0.3.4", 
+        "description": "argo/argo-rollouts"
+      }, 
+      "stable_weave_scope": {
+        "default": "1.1.10", 
+        "description": "stable/weave-scope"
+      }
+    }
+  }

00-variables-modules.tf

@@ -0,0 +1,31 @@
+variable "jenkins_enabled" {
+  default = true
+}
+
+variable "chartmuseum_enabled" {
+  default = true
+}
+
+variable "archiva_enabled" {
+  default = false
+}
+
+variable "nexus_enabled" {
+  default = false
+}
+
+variable "sonarqube_enabled" {
+  default = false
+}
+
+variable "kiali_gatekeeper_enabled" {
+  default = false
+}
+
+variable "tracing_gatekeeper_enabled" {
+  default = false
+}
+
+variable "argo_enabled" {
+  default = false
+}

00-variables.tf

@@ -0,0 +1,62 @@
+variable "environment" {
+  type        = string
+  description = "Environment"
+  default     = "demo"
+}
+
+variable "cluster_name" {
+  type        = string
+  description = "Name of cluster"
+  default     = "EKS-DEMO"
+}
+
+variable "aws_region" {
+  description = "Name the aws region (eu-central-1, us-central-1 and etc.)"
+  default     = "eu-central-1"
+}
+
+variable "network_id" {
+  description = "Number would be used to template CIDR 10.X.0.0/16."
+  default     = "40"
+}
+
+variable "spot_max_cluster_size" {
+  type        = string
+  description = "Number of max instances."
+  default     = "4"
+}
+
+variable "spot_min_cluster_size" {
+  type        = string
+  description = "Number of max instances."
+  default     = "3"
+}
+
+variable "spot_desired_capacity" {
+  type        = string
+  description = "Number of desired instances."
+  default     = "3"
+}
+
+variable "cluster_version" {
+  type        = string
+  description = "Number of desired instances."
+  default     = "1.17"
+}
+
+variable "spot_instance_type" {
+  type        = string
+  description = "EC2 Instance type"
+  default     = "m5.large"
+}
+
+variable "cert_manager_email" {
+  type        = string
+  description = "Email to cert-manager"
+  default     = "[email protected]"
+}
+
+variable "domains" {
+  description = "domains name for ingress"
+  default     = "godapp.de"
+}

01-data.tf

@@ -0,0 +1 @@
+data "aws_region" "current" {}

04-backend.tf

@@ -0,0 +1,10 @@
+terraform {
+  backend "s3" {
+    bucket         = "tfstate-demo-infra"
+    key            = "terraform/states/eks-demo-charts.tfstate"
+    region         = "eu-central-1"
+    encrypt        = true
+    dynamodb_table = "tfstate_demo"
+  }
+  required_version = ">= 0.12.0"
+}

05-providers.tf

@@ -0,0 +1,8 @@
+provider "aws" {
+  region  = var.aws_region
+  version = "~>2.66"
+}
+
+provider "random" {
+  version = "~> 2.1"
+}

10-vpc.tf

@@ -0,0 +1,9 @@
+module "network" {
+  source             = "./modules/network"
+  environment        = var.environment
+  availability_zones = ["eu-central-1a", "eu-central-1b", "eu-central-1c"]
+  cluster_name       = var.cluster_name
+
+  ### vpc: 10.${var.network}.0.0/16
+  network            = var.network_id
+}

20-kubernetes.tf

@@ -0,0 +1,14 @@
+module "kubernetes" {
+  source              = "./modules/kubernetes"
+
+  environment         = var.environment
+  cluster_name        = var.cluster_name
+  max_cluster_size    = var.spot_max_cluster_size
+  desired_capacity    = var.spot_desired_capacity
+  min_cluster_size    = var.spot_min_cluster_size
+  cluster_version     = var.cluster_version
+  instance_type       = var.spot_instance_type
+  aws_region          = data.aws_region.current.name
+  vpc_id              = module.network.vpc_id
+  private_subnets     = module.network.private_subnets
+}