vynil/kydah-modules
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refacto and add modules

Browse Source
This commit is contained in:
Xavier Mortelette
2024-02-06 11:03:20 +01:00
parent 140321f714
commit 1e1cedcaeb
47 changed files with 685 additions and 360 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
mongo/mongo.tf
View File

@@ -1,21 +1,21 @@
locals {
app_slug = (var.component == var.instance || var.component=="") ? var.instance : format("%s-%s", var.component, var.instance)
mongo-password = data.kubernetes_secret_v1.prj_mongo_secret.data["password"]
username = var.username==""?var.component==""?var.instance:var.component:var.username
db_name = var.db_name==""?var.component==""?var.instance:var.component:var.db_name
mongo-labels = merge(var.labels, {
app_slug = "${var.instance}${var.component == "" ? "" : "-"}${var.component}"
mongo_labels = merge(var.labels, {
"app.kubernetes.io/component" = "mongo"
})
db_name = var.db_name == "" ? var.component == "" ? var.instance : var.component : var.db_name
username = var.username == "" ? var.component == "" ? var.instance : var.component : var.username
mongo_password = data.kubernetes_secret_v1.mongo_secret.data["password"]
}
resource "kubectl_manifest" "prj_mongo_secret" {
resource "kubectl_manifest" "mongo_secret" {
ignore_fields = ["metadata.annotations"]
yaml_body = <<-EOF
yaml_body = <<-EOF
apiVersion: "secretgenerator.mittwald.de/v1alpha1"
kind: "StringSecret"
metadata:
name: "${local.app_slug}-mongo"
namespace: "${var.namespace}"
labels: ${jsonencode(local.mongo-labels)}
labels: ${jsonencode(local.mongo_labels)}
spec:
forceRegenerate: false
fields:
@@ -23,21 +23,21 @@ resource "kubectl_manifest" "prj_mongo_secret" {
length: "16"
EOF
}
data "kubernetes_secret_v1" "prj_mongo_secret" {
depends_on = [ kubectl_manifest.prj_mongo_secret ]
data "kubernetes_secret_v1" "mongo_secret" {
depends_on = [kubectl_manifest.mongo_secret]
metadata {
name = "${local.app_slug}-mongo"
name = "${local.app_slug}-mongo"
namespace = var.namespace
}
}
resource "kubectl_manifest" "prj_mongo" {
yaml_body = <<-EOF
resource "kubectl_manifest" "mongo" {
yaml_body = <<-EOF
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: "${local.app_slug}-mongo"
namespace: "${var.namespace}"
labels: ${jsonencode(local.mongo-labels)}
labels: ${jsonencode(local.mongo_labels)}
spec:
members: 1
type: ${var.mongo_type}
@@ -52,7 +52,7 @@ resource "kubectl_manifest" "prj_mongo" {
spec:
containers:
- name: mongod
imagePullPolicy: "${var.pullPolicy}"
imagePullPolicy: "${var.pull_policy}"
resources: ${jsonencode(var.resources)}
env:
- name: MONGODB_NAME
@@ -80,24 +80,24 @@ resource "kubectl_manifest" "prj_mongo" {
scramCredentialsSecretName: "${local.app_slug}-mongo-scram"
EOF
}
resource "kubectl_manifest" "prj_mongo_sa" {
yaml_body = <<-EOF
resource "kubectl_manifest" "mongo_sa" {
yaml_body = <<-EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: "mongodb-database"
name: "${local.app_slug}-mongodb-database"
namespace: "${var.namespace}"
labels: ${jsonencode(local.mongo-labels)}
labels: ${jsonencode(local.mongo_labels)}
EOF
}
resource "kubectl_manifest" "prj_mongo_role" {
yaml_body = <<-EOF
resource "kubectl_manifest" "mongo_role" {
yaml_body = <<-EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: "mongodb-database"
name: "${local.app_slug}-mongodb-database"
namespace: "${var.namespace}"
labels: ${jsonencode(local.mongo-labels)}
labels: ${jsonencode(local.mongo_labels)}
rules:
- apiGroups: [""]
resources: ["secrets"]
@@ -107,20 +107,20 @@ resource "kubectl_manifest" "prj_mongo_role" {
verbs: ["patch", "delete", "get"]
EOF
}
resource "kubectl_manifest" "prj_mongo_rb" {
yaml_body = <<-EOF
resource "kubectl_manifest" "mongo_rb" {
yaml_body = <<-EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: "mongodb-database"
name: "${local.app_slug}-mongodb-database"
namespace: "${var.namespace}"
labels: ${jsonencode(local.mongo-labels)}
labels: ${jsonencode(local.mongo_labels)}
subjects:
- kind: ServiceAccount
name: mongodb-database
name: ${local.app_slug}-mongodb-database
roleRef:
kind: Role
name: mongodb-database
name: ${local.app_slug}-mongodb-database
apiGroup: rbac.authorization.k8s.io
EOF
}