diff --git a/.github/release.yml b/.github/release.yml index c6d9cb1..421c43d 100644 --- a/.github/release.yml +++ b/.github/release.yml @@ -10,8 +10,8 @@ changelog: labels: - dependencies - - title: 🔩 Dependencies + - title: 🔩 Dependencies labels: - dependencies -# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly. \ No newline at end of file +# This file is managed by the osinfra-io/github-organization-management repository and should not be edited directly. diff --git a/.gitignore b/.gitignore index a543f04..4af90a9 100644 --- a/.gitignore +++ b/.gitignore @@ -18,9 +18,6 @@ crash.log # be included in version control. local.tfvars -# Provider.tf is used for local development of modules and shouldn't be added to repos. -provider.tf - # Ignore override files as they are usually used to override ressources locally override.tf override.tf.json diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 05e7141..a422cc7 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,7 +11,7 @@ repos: - id: check-symlinks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.96.2 hooks: - id: terraform_fmt @@ -29,9 +29,11 @@ repos: - id: terraform_docs - repo: https://github.com/bridgecrewio/checkov.git - rev: 3.2.257 + rev: 3.2.296 hooks: - id: checkov verbose: true args: + - --skip-check + - "CKV_TF_1" - --quiet diff --git a/regional/helpers.tf b/regional/helpers.tf new file mode 120000 index 0000000..404585d --- /dev/null +++ b/regional/helpers.tf @@ -0,0 +1 @@ +../shared/helpers.tf \ No newline at end of file diff --git a/regional/locals.tf b/regional/locals.tf index 0b41101..b837435 100644 --- a/regional/locals.tf +++ b/regional/locals.tf @@ -2,20 +2,7 @@ # https://www.terraform.io/docs/language/values/locals.html locals { - cluster_name = local.zone != null ? "${var.cluster_prefix}-${local.region}-${local.zone}-${local.env}" : "${var.cluster_prefix}-${local.region}-${local.env}" - env = lookup(local.env_map, local.environment, "none") - - env_map = { - "non-production" = "nonprod" - "production" = "prod" - "sandbox" = "sb" - } - - environment = ( - terraform.workspace == "default" ? - "mock-environment" : - regex(".*-(?P[^-]+)$", terraform.workspace)["environment"] - ) + cluster_name = module.helpers.zone != null ? "${var.cluster_prefix}-${module.helpers.region}-${module.helpers.zone}-${module.helpers.env}" : "${var.cluster_prefix}-${module.helpers.region}-${module.helpers.env}" helm_sensitive_values = { "apiKey" = var.api_key @@ -25,7 +12,7 @@ locals { helm_values = { "clusterName" = local.cluster_name "datadogMonitor.enabled" = true - "podLabels.tags\\.datadoghq\\.com/env" = local.environment + "podLabels.tags\\.datadoghq\\.com/env" = module.helpers.environment "podLabels.tags\\.datadoghq\\.com/version" = var.operator_version "resources.limits.cpu" = var.limits_cpu "resources.limits.memory" = var.limits_memory @@ -33,21 +20,4 @@ locals { "resources.requests.memory" = var.requests_memory "watchNamespaces" = join(",", var.watch_namespaces) } - - region = ( - terraform.workspace == "default" ? - "mock-region" : - regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"] - ) - - - zone = ( - terraform.workspace == "default" ? - "mock-zone" : - ( - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] != "" ? - regex("^(?P[^-]+-[^-]+)(?:-(?P[^-]+))?-.*$", terraform.workspace)["zone"] : - null - ) - ) } diff --git a/regional/manifests/helpers.tf b/regional/manifests/helpers.tf new file mode 120000 index 0000000..4be5464 --- /dev/null +++ b/regional/manifests/helpers.tf @@ -0,0 +1 @@ +../../shared/helpers.tf \ No newline at end of file diff --git a/regional/manifests/locals.tf b/regional/manifests/locals.tf index 7cc8a8f..afc4608 100644 --- a/regional/manifests/locals.tf +++ b/regional/manifests/locals.tf @@ -2,21 +2,7 @@ # https://www.terraform.io/docs/language/values/locals.html locals { - cluster_name = local.zone != null ? "${var.cluster_prefix}-${local.region}-${local.zone}-${local.env}" : "${var.cluster_prefix}-${local.region}-${local.env}" - - env = lookup(local.env_map, local.environment, "none") - - env_map = { - "non-production" = "nonprod" - "production" = "prod" - "sandbox" = "sb" - } - - environment = ( - terraform.workspace == "default" ? - "mock-environment" : - (regex(".*-(?P[^-]+)$", terraform.workspace)["environment"]) - ) + cluster_name = module.helpers.zone != null ? "${var.cluster_prefix}-${module.helpers.region}-${module.helpers.zone}-${module.helpers.env}" : "${var.cluster_prefix}-${module.helpers.region}-${module.helpers.env}" kubernetes_monitor_templates = { "crash-loop-backoff" = { @@ -188,18 +174,12 @@ locals { name = "DD_CONTAINER_EXCLUDE" value = "kube_namespace:^gke-managed-cim$ kube_namespace:^gke-managed-system kube_namespace:^gke-mcs$ kube_namespace:^gmp-system$ kube_namespace:^kube-node-lease$ kube_namespace:^kube-public$ kube_namespace:^kube-system$ ${var.node_agent_env_dd_container_exclude}" }, - # { - # name = "DD_IGNORE_AUTOCONF" - # value = "cilium ${var.node_agent_env_dd_ignore_auto_conf}" - # } + { + name = "DD_IGNORE_AUTOCONF" + value = "cilium ${var.node_agent_env_dd_ignore_auto_conf}" + } ] - region = ( - terraform.workspace == "default" ? - "mock-region" : - (regex("^(?P[^-]+-[^-]+)", terraform.workspace)["region"]) - ) - trace_agent_env_vars = [ # Ignoring Unwanted Resources in APM @@ -213,15 +193,9 @@ locals { tags = [ "cluster:${local.cluster_name}", - "env:${local.environment}", + "env:${module.helpers.environment}", "generated:kubernetes", - "region:${local.region}", + "region:${module.helpers.region}", "team:${var.team}" ] - - zone = ( - terraform.workspace == "default" ? - "mock-zone" : - (regex("^(?P[^-]+-[^-]+)-(?P[^-]+)", terraform.workspace)["zone"]) - ) } diff --git a/regional/manifests/main.tf b/regional/manifests/main.tf index 53acdf6..b1393f5 100644 --- a/regional/manifests/main.tf +++ b/regional/manifests/main.tf @@ -94,7 +94,7 @@ resource "kubernetes_manifest" "agent" { env = var.cluster_agent_env_vars labels = { - "tags.datadoghq.com/env" = local.environment + "tags.datadoghq.com/env" = module.helpers.environment "tags.datadoghq.com/service" = "datadog-cluster-agent" "tags.datadoghq.com/version" = var.node_agent_tag } @@ -162,7 +162,7 @@ resource "kubernetes_manifest" "agent" { } labels = { - "tags.datadoghq.com/env" = local.environment + "tags.datadoghq.com/env" = module.helpers.environment "tags.datadoghq.com/service" = "datadog-agent" "tags.datadoghq.com/version" = var.node_agent_tag } diff --git a/regional/manifests/variables.tf b/regional/manifests/variables.tf index a2e34d1..d2c632b 100644 --- a/regional/manifests/variables.tf +++ b/regional/manifests/variables.tf @@ -192,7 +192,7 @@ variable "node_agent_requests_memory" { variable "node_agent_tag" { description = "Tag for the Datadog node agent image" type = string - default = "7.57.2" + default = "7.58.1" } variable "node_agent_tolerations" { diff --git a/regional/variables.tf b/regional/variables.tf index 96e185f..a07b23b 100644 --- a/regional/variables.tf +++ b/regional/variables.tf @@ -39,7 +39,7 @@ variable "limits_memory" { variable "operator_version" { description = "The version of the Datadog Operator to install" type = string - default = "2.1.0" + default = "2.2.0" } variable "requests_cpu" { diff --git a/shared/helpers.tf b/shared/helpers.tf new file mode 100644 index 0000000..c14ea27 --- /dev/null +++ b/shared/helpers.tf @@ -0,0 +1,6 @@ +# Terraform Core Child Module Helpers (osinfra.io) +# https://github.com/osinfra-io/terraform-core-helpers + +module "helpers" { + source = "github.com/osinfra-io/terraform-core-helpers//child?ref=v0.1.2" +}