docs: update examples with newer versions and centralized project (#1132)

* docs: update examples with newer versions and centralized project

* refactor: change metrics-server module

* fix: update examples with the Let's Encrypt e-mail variable

* ci: fix typo on PR comment

* feat: update modules to latest versions

Release-As: v1.7.0

Author: lentidas

.github/workflows/modules-chart-update.yaml

@@ -113,6 +113,6 @@ jobs:
 
           ## Description of the changes
 
-          This PR updates the dependencies of the **${{ matrix.chart-name }}** Helm chart. .
+          This PR updates the dependencies of the **${{ matrix.chart-name }}** Helm chart.
 
           :warning: This was a **major** update! Please check the changelog of the updated dependencies and **take notice of any breaking changes before merging**. :warning:

examples/eks/.terraform-version

@@ -1 +1 @@
-1.5.5
+1.6.4

examples/eks/apps.tf

@@ -1,12 +1,11 @@
 module "helloworld_apps" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-applicationset.git?ref=v2.1.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-applicationset.git?ref=v3.0.0"
 
   dependency_ids = {
     argocd = module.argocd.id
   }
 
   name                   = "helloworld-apps"
-  argocd_namespace       = module.argocd_bootstrap.argocd_namespace
   project_dest_namespace = "*"
   project_source_repo    = "https://github.com/camptocamp/devops-stack-helloworld-templates.git"
 

examples/eks/csi_drivers.tf

@@ -35,11 +35,12 @@ resource "aws_efs_mount_target" "eks" {
 }
 
 module "efs" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-efs-csi-driver.git?ref=v2.2.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-efs-csi-driver.git?ref=v3.0.0"
 
-  cluster_name     = local.cluster_name
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
-  app_autosync     = local.app_autosync
+  cluster_name   = local.cluster_name
+  argocd_project = module.eks.cluster_name
+
+  app_autosync = local.app_autosync
 
   efs_file_system_id      = resource.aws_efs_file_system.eks.id
   create_role             = true
@@ -51,11 +52,12 @@ module "efs" {
 }
 
 module "ebs" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-ebs-csi-driver.git?ref=v2.2.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-ebs-csi-driver.git?ref=v3.0.0"
+
+  cluster_name   = local.cluster_name
+  argocd_project = module.eks.cluster_name
 
-  cluster_name     = local.cluster_name
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
-  app_autosync     = local.app_autosync
+  app_autosync = local.app_autosync
 
   create_role             = true
   cluster_oidc_issuer_url = module.eks.cluster_oidc_issuer_url

examples/eks/locals.tf

@@ -1,10 +1,11 @@
 locals {
-  kubernetes_version     = "1.27"
-  cluster_name           = "YOUR_CLUSTER_NAME" # Must be unique for each DevOps Stack deployment in a single AWS account.
-  base_domain            = "your.domain.here"  # Must match a Route53 zone in the AWS account where you are deploying the DevOps Stack.
-  cluster_issuer         = "letsencrypt-staging"
-  enable_service_monitor = false # Can be enabled after the first bootstrap.
-  app_autosync           = true ? { allow_empty = false, prune = true, self_heal = true } : {}
+  kubernetes_version       = "1.28"
+  cluster_name             = "YOUR_CLUSTER_NAME" # Must be unique for each DevOps Stack deployment in a single AWS account. Contains only alphanumeric and hyphens.
+  base_domain              = "your.domain.here"  # Must match a Route 53 zone in the AWS account where you are deploying the DevOps Stack.
+  cluster_issuer           = module.cert-manager.cluster_issuers.staging
+  letsencrypt_issuer_email = "YOUR_EMAIL_ADDRESS"
+  enable_service_monitor   = false # Can be enabled after the first bootstrap.
+  app_autosync             = true ? { allow_empty = false, prune = true, self_heal = true } : {}
 
   # The VPC CIDR must be unique for each DevOps Stack deployment in a single AWS account.
   vpc_cidr = "10.56.0.0/16"

examples/eks/main.tf

@@ -24,7 +24,7 @@ module "vpc" {
 }
 
 module "eks" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-cluster-eks?ref=v3.0.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-cluster-eks.git?ref=v3.0.1"
 
   cluster_name       = local.cluster_name
   kubernetes_version = local.kubernetes_version
@@ -38,18 +38,15 @@ module "eks" {
 
   node_groups = {
     "${module.eks.cluster_name}-main" = {
-      instance_types  = ["m5a.large"]
+      ami_type        = "AL2_ARM_64"
+      instance_types  = ["m7g.xlarge"]
       min_size        = 3
       max_size        = 3
       desired_size    = 3
       nlbs_attachment = true
-      block_device_mappings = {
-        "default" = {
-          device_name = "/dev/xvda"
-          ebs = {
-            volume_size = 100
-          }
-        }
+      disk_size       = 100
+      labels = {
+        "devops-stack.io/nodepool" = "main"
       }
     },
   }
@@ -58,7 +55,7 @@ module "eks" {
 }
 
 module "oidc" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-oidc-aws-cognito.git?ref=v1.0.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-oidc-aws-cognito.git?ref=v1.0.1"
 
   cluster_name = module.eks.cluster_name
   base_domain  = module.eks.base_domain
@@ -76,17 +73,35 @@ module "oidc" {
 }
 
 module "argocd_bootstrap" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git//bootstrap?ref=v3.4.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git//bootstrap?ref=v4.0.0"
+
+  argocd_projects = {
+    "${module.eks.cluster_name}" = {
+      destination_cluster = "in-cluster"
+    }
+  }
 
   depends_on = [module.eks]
 }
 
+module "metrics-server" {
+  source = "git::https://github.com/camptocamp/devops-stack-module-metrics-server.git?ref=v2.0.0"
+
+  argocd_project = module.eks.cluster_name
+
+  app_autosync = local.app_autosync
+
+  dependency_ids = {
+    argocd = module.argocd_bootstrap.id
+  }
+}
+
 module "traefik" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-traefik.git//eks?ref=v3.0.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-traefik.git//eks?ref=v5.0.0"
 
-  cluster_name     = module.eks.cluster_name
-  base_domain      = module.eks.base_domain
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
+  cluster_name   = module.eks.cluster_name
+  base_domain    = module.eks.base_domain
+  argocd_project = module.eks.cluster_name
 
   app_autosync           = local.app_autosync
   enable_service_monitor = local.enable_service_monitor
@@ -97,11 +112,13 @@ module "traefik" {
 }
 
 module "cert-manager" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-cert-manager.git//eks?ref=v5.2.1"
+  source = "git::https://github.com/camptocamp/devops-stack-module-cert-manager.git//eks?ref=v8.0.0"
+
+  cluster_name   = module.eks.cluster_name
+  base_domain    = module.eks.base_domain
+  argocd_project = module.eks.cluster_name
 
-  cluster_name     = module.eks.cluster_name
-  base_domain      = module.eks.base_domain
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
+  letsencrypt_issuer_email = local.letsencrypt_issuer_email
 
   app_autosync           = local.app_autosync
   enable_service_monitor = local.enable_service_monitor
@@ -114,14 +131,12 @@ module "cert-manager" {
 }
 
 module "loki-stack" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-loki-stack//eks?ref=v5.0.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-loki-stack.git//eks?ref=v7.0.0"
 
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
+  argocd_project = module.eks.cluster_name
 
   app_autosync = local.app_autosync
 
-  distributed_mode = true
-
   logs_storage = {
     bucket_id    = aws_s3_bucket.loki_logs_storage.id
     region       = aws_s3_bucket.loki_logs_storage.region
@@ -135,12 +150,12 @@ module "loki-stack" {
 }
 
 module "thanos" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-thanos.git//eks?ref=v2.5.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-thanos.git//eks?ref=v3.0.0"
 
-  cluster_name     = module.eks.cluster_name
-  base_domain      = module.eks.base_domain
-  cluster_issuer   = local.cluster_issuer
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
+  cluster_name   = module.eks.cluster_name
+  base_domain    = module.eks.base_domain
+  cluster_issuer = local.cluster_issuer
+  argocd_project = module.eks.cluster_name
 
   app_autosync = local.app_autosync
 
@@ -149,6 +164,7 @@ module "thanos" {
     region       = aws_s3_bucket.thanos_metrics_storage.region
     iam_role_arn = module.iam_assumable_role_thanos.iam_role_arn
   }
+
   thanos = {
     oidc = module.oidc.oidc
   }
@@ -163,12 +179,12 @@ module "thanos" {
 }
 
 module "kube-prometheus-stack" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-kube-prometheus-stack.git//eks?ref=v7.0.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-kube-prometheus-stack.git//eks?ref=v9.0.0"
 
-  cluster_name     = module.eks.cluster_name
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
-  base_domain      = module.eks.base_domain
-  cluster_issuer   = local.cluster_issuer
+  cluster_name   = module.eks.cluster_name
+  base_domain    = module.eks.base_domain
+  cluster_issuer = local.cluster_issuer
+  argocd_project = module.eks.cluster_name
 
   app_autosync = local.app_autosync
 
@@ -202,11 +218,12 @@ module "kube-prometheus-stack" {
 }
 
 module "argocd" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git?ref=v3.4.0"
+  source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git?ref=v4.0.0"
 
   cluster_name   = module.eks.cluster_name
   base_domain    = module.eks.base_domain
   cluster_issuer = local.cluster_issuer
+  argocd_project = module.eks.cluster_name
 
   accounts_pipeline_tokens = module.argocd_bootstrap.argocd_accounts_pipeline_tokens
   server_secretkey         = module.argocd_bootstrap.argocd_server_secretkey
@@ -217,7 +234,7 @@ module "argocd" {
   exec_enabled  = true
 
   oidc = {
-    name         = "OIDC"
+    name         = "Cognito"
     issuer       = module.oidc.oidc.issuer_url
     clientID     = module.oidc.oidc.client_id
     clientSecret = module.oidc.oidc.client_secret
@@ -246,21 +263,3 @@ module "argocd" {
     kube-prometheus-stack = module.kube-prometheus-stack.id
   }
 }
-
-module "metrics_server" {
-  source = "git::https://github.com/camptocamp/devops-stack-module-application.git?ref=v2.1.0"
-
-  name             = "metrics-server"
-  argocd_namespace = module.argocd_bootstrap.argocd_namespace
-
-  app_autosync = local.app_autosync
-
-  source_repo            = "https://github.com/kubernetes-sigs/metrics-server.git"
-  source_repo_path       = "charts/metrics-server"
-  source_target_revision = "metrics-server-helm-chart-3.11.0"
-  destination_namespace  = "kube-system"
-
-  dependency_ids = {
-    argocd = module.argocd.id
-  }
-}

examples/eks/outputs.tf

@@ -8,3 +8,9 @@ output "devops_admins" {
   value       = module.oidc.devops_stack_admins
   sensitive   = true
 }
+
+output "cluster_issuers" {
+  description = "Map containing the cluster issuers created by cert-manager."
+  value       = module.cert-manager.cluster_issuers
+}
+

examples/eks/s3_thanos.tf

@@ -23,7 +23,6 @@ module "iam_assumable_role_thanos" {
     "system:serviceaccount:thanos:thanos-bucketweb",
     "system:serviceaccount:thanos:thanos-storegateway",
     "system:serviceaccount:thanos:thanos-compactor",
-    "system:serviceaccount:thanos:thanos-sidecar",
     "system:serviceaccount:kube-prometheus-stack:kube-prometheus-stack-prometheus"
   ]
 }

examples/eks/terraform.tf

@@ -8,7 +8,7 @@ terraform {
   }
 
   required_providers {
-    aws = { # Needed to store the state file in S3
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 5"
     }

examples/kind/.terraform-version

@@ -1 +1 @@
-1.5.5
+1.6.4