From ce8a9d686173bae72df47017fc21780b5fb89b15 Mon Sep 17 00:00:00 2001 From: Paramadon Date: Tue, 24 Jun 2025 12:53:11 -0400 Subject: [PATCH 1/7] Fixing Eks tests --- .../credentials/pod_identity/providers.tf | 18 +++++++++++++ terraform/eks/daemon/entity/providers.tf | 26 +++++++++++++++++++ terraform/eks/daemon/providers.tf | 22 ++++++++++++++++ terraform/eks/daemon/windows/providers.tf | 18 +++++++++++++ 4 files changed, 84 insertions(+) diff --git a/terraform/eks/daemon/credentials/pod_identity/providers.tf b/terraform/eks/daemon/credentials/pod_identity/providers.tf index 42ec47cab..100526add 100644 --- a/terraform/eks/daemon/credentials/pod_identity/providers.tf +++ b/terraform/eks/daemon/credentials/pod_identity/providers.tf @@ -1,6 +1,24 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" # Updated from 4.0 to 5.0 + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.36.0" + } + helm = { + source = "hashicorp/helm" + version = "~> 2.9.0" + } + } + required_version = ">= 1.0" +} + provider "aws" { region = var.region } diff --git a/terraform/eks/daemon/entity/providers.tf b/terraform/eks/daemon/entity/providers.tf index 42ec47cab..66f73bb32 100644 --- a/terraform/eks/daemon/entity/providers.tf +++ b/terraform/eks/daemon/entity/providers.tf @@ -1,6 +1,32 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.0" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.36.0" # Consider upgrading to 2.37.1 or later + } + helm = { + source = "hashicorp/helm" + version = "~> 2.9.0" # Add appropriate version for helm provider + } + template = { + source = "hashicorp/template" + version = "~> 2.2.0" + } + null = { + source = "hashicorp/null" + version = "~> 3.0" + } + } + required_version = ">= 1.0" +} + provider "aws" { region = var.region } diff --git a/terraform/eks/daemon/providers.tf b/terraform/eks/daemon/providers.tf index 9bd2885f5..5c71239e4 100644 --- a/terraform/eks/daemon/providers.tf +++ b/terraform/eks/daemon/providers.tf @@ -1,6 +1,28 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.0" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.36.0" # Pinning to this specific version + } + template = { + source = "hashicorp/template" + version = "~> 2.2.0" + } + null = { + source = "hashicorp/null" + version = "~> 3.0" + } + } + required_version = ">= 1.0" +} + provider "aws" { region = var.region } diff --git a/terraform/eks/daemon/windows/providers.tf b/terraform/eks/daemon/windows/providers.tf index 9bd2885f5..bfea00231 100644 --- a/terraform/eks/daemon/windows/providers.tf +++ b/terraform/eks/daemon/windows/providers.tf @@ -5,6 +5,24 @@ provider "aws" { region = var.region } +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.0" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.36.0" # Consider upgrading to 2.37.1 or later + } + helm = { + source = "hashicorp/helm" + version = "~> 2.9.0" + } + } + required_version = ">= 1.0" +} + provider "kubernetes" { exec { api_version = "client.authentication.k8s.io/v1beta1" From bb0244f79fc5b26b4b9179678524d402bb12a09c Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 16:40:48 -0400 Subject: [PATCH 2/7] fixing syntax --- .../credentials/pod_identity/providers.tf | 29 +-------------- terraform/eks/daemon/entity/providers.tf | 37 +++---------------- terraform/eks/daemon/providers.tf | 29 ++------------- terraform/eks/daemon/windows/providers.tf | 25 ++----------- 4 files changed, 13 insertions(+), 107 deletions(-) diff --git a/terraform/eks/daemon/credentials/pod_identity/providers.tf b/terraform/eks/daemon/credentials/pod_identity/providers.tf index 100526add..92cd12f99 100644 --- a/terraform/eks/daemon/credentials/pod_identity/providers.tf +++ b/terraform/eks/daemon/credentials/pod_identity/providers.tf @@ -1,24 +1,3 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: MIT - -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 5.0" # Updated from 4.0 to 5.0 - } - kubernetes = { - source = "hashicorp/kubernetes" - version = "2.36.0" - } - helm = { - source = "hashicorp/helm" - version = "~> 2.9.0" - } - } - required_version = ">= 1.0" -} - provider "aws" { region = var.region } @@ -35,13 +14,9 @@ provider "kubernetes" { } provider "helm" { - kubernetes { + kubernetes = { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] - command = "aws" - } + token = data.aws_eks_cluster_auth.this.token } } \ No newline at end of file diff --git a/terraform/eks/daemon/entity/providers.tf b/terraform/eks/daemon/entity/providers.tf index 66f73bb32..d1da17e7e 100644 --- a/terraform/eks/daemon/entity/providers.tf +++ b/terraform/eks/daemon/entity/providers.tf @@ -1,52 +1,25 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 4.0" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = "2.36.0" # Consider upgrading to 2.37.1 or later - } - helm = { - source = "hashicorp/helm" - version = "~> 2.9.0" # Add appropriate version for helm provider - } - template = { - source = "hashicorp/template" - version = "~> 2.2.0" - } - null = { - source = "hashicorp/null" - version = "~> 3.0" - } - } - required_version = ">= 1.0" -} - provider "aws" { region = var.region } provider "kubernetes" { - exec { + host = aws_eks_cluster.this.endpoint + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) + exec = { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] } - host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - token = data.aws_eks_cluster_auth.this.token } provider "helm" { - kubernetes { + kubernetes = { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec { + exec = { api_version = "client.authentication.k8s.io/v1beta1" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] command = "aws" diff --git a/terraform/eks/daemon/providers.tf b/terraform/eks/daemon/providers.tf index 5c71239e4..9ece32c73 100644 --- a/terraform/eks/daemon/providers.tf +++ b/terraform/eks/daemon/providers.tf @@ -1,39 +1,16 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 4.0" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = "2.36.0" # Pinning to this specific version - } - template = { - source = "hashicorp/template" - version = "~> 2.2.0" - } - null = { - source = "hashicorp/null" - version = "~> 3.0" - } - } - required_version = ">= 1.0" -} - provider "aws" { region = var.region } provider "kubernetes" { - exec { + host = aws_eks_cluster.this.endpoint + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) + exec = { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] } - host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - token = data.aws_eks_cluster_auth.this.token } \ No newline at end of file diff --git a/terraform/eks/daemon/windows/providers.tf b/terraform/eks/daemon/windows/providers.tf index bfea00231..9ece32c73 100644 --- a/terraform/eks/daemon/windows/providers.tf +++ b/terraform/eks/daemon/windows/providers.tf @@ -5,31 +5,12 @@ provider "aws" { region = var.region } -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 4.0" - } - kubernetes = { - source = "hashicorp/kubernetes" - version = "2.36.0" # Consider upgrading to 2.37.1 or later - } - helm = { - source = "hashicorp/helm" - version = "~> 2.9.0" - } - } - required_version = ">= 1.0" -} - provider "kubernetes" { - exec { + host = aws_eks_cluster.this.endpoint + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) + exec = { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] } - host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - token = data.aws_eks_cluster_auth.this.token } \ No newline at end of file From de8dd6aa053c9ef5d10cd7a770017fc7be5c9abe Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 16:53:30 -0400 Subject: [PATCH 3/7] fixing syntax --- .../daemon/credentials/pod_identity/providers.tf | 13 ++++++++----- terraform/eks/daemon/entity/providers.tf | 6 +++--- terraform/eks/daemon/providers.tf | 2 +- terraform/eks/daemon/windows/providers.tf | 2 +- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/terraform/eks/daemon/credentials/pod_identity/providers.tf b/terraform/eks/daemon/credentials/pod_identity/providers.tf index 92cd12f99..cc42a634a 100644 --- a/terraform/eks/daemon/credentials/pod_identity/providers.tf +++ b/terraform/eks/daemon/credentials/pod_identity/providers.tf @@ -3,20 +3,23 @@ provider "aws" { } provider "kubernetes" { + host = aws_eks_cluster.this.endpoint + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] } - host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - token = data.aws_eks_cluster_auth.this.token } provider "helm" { - kubernetes = { + kubernetes { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - token = data.aws_eks_cluster_auth.this.token + exec { + api_version = "client.authentication.k8s.io/v1beta1" + command = "aws" + args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] + } } } \ No newline at end of file diff --git a/terraform/eks/daemon/entity/providers.tf b/terraform/eks/daemon/entity/providers.tf index d1da17e7e..6935b349c 100644 --- a/terraform/eks/daemon/entity/providers.tf +++ b/terraform/eks/daemon/entity/providers.tf @@ -8,7 +8,7 @@ provider "aws" { provider "kubernetes" { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec = { + exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] @@ -16,10 +16,10 @@ provider "kubernetes" { } provider "helm" { - kubernetes = { + kubernetes { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec = { + exec { api_version = "client.authentication.k8s.io/v1beta1" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] command = "aws" diff --git a/terraform/eks/daemon/providers.tf b/terraform/eks/daemon/providers.tf index 9ece32c73..abcea2c15 100644 --- a/terraform/eks/daemon/providers.tf +++ b/terraform/eks/daemon/providers.tf @@ -8,7 +8,7 @@ provider "aws" { provider "kubernetes" { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec = { + exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] diff --git a/terraform/eks/daemon/windows/providers.tf b/terraform/eks/daemon/windows/providers.tf index 9ece32c73..abcea2c15 100644 --- a/terraform/eks/daemon/windows/providers.tf +++ b/terraform/eks/daemon/windows/providers.tf @@ -8,7 +8,7 @@ provider "aws" { provider "kubernetes" { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec = { + exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] From f411b3c7281acdc221c77a99cd30a8f2309abbb0 Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 17:01:34 -0400 Subject: [PATCH 4/7] adding to terrafomr --- terraform/eks/daemon/providers.tf | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/terraform/eks/daemon/providers.tf b/terraform/eks/daemon/providers.tf index abcea2c15..87f5d62ad 100644 --- a/terraform/eks/daemon/providers.tf +++ b/terraform/eks/daemon/providers.tf @@ -5,9 +5,13 @@ provider "aws" { region = var.region } +data "aws_eks_cluster_auth" "this" { + name = aws_eks_cluster.this.name +} + provider "kubernetes" { host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority[0].data) exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" From 746bcb54459393754ca186df9788dbd0bc2a86ac Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 17:03:36 -0400 Subject: [PATCH 5/7] maybe this works --- terraform/eks/daemon/providers.tf | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/terraform/eks/daemon/providers.tf b/terraform/eks/daemon/providers.tf index 87f5d62ad..abcea2c15 100644 --- a/terraform/eks/daemon/providers.tf +++ b/terraform/eks/daemon/providers.tf @@ -5,13 +5,9 @@ provider "aws" { region = var.region } -data "aws_eks_cluster_auth" "this" { - name = aws_eks_cluster.this.name -} - provider "kubernetes" { host = aws_eks_cluster.this.endpoint - cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority[0].data) + cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) exec { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" From 5f2a34944c27e03ec8850789db13b9c20aa9521e Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 17:12:15 -0400 Subject: [PATCH 6/7] fixing tests --- terraform/eks/daemon/credentials/pod_identity/providers.tf | 4 ++-- terraform/eks/daemon/entity/providers.tf | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/eks/daemon/credentials/pod_identity/providers.tf b/terraform/eks/daemon/credentials/pod_identity/providers.tf index cc42a634a..8acfedd11 100644 --- a/terraform/eks/daemon/credentials/pod_identity/providers.tf +++ b/terraform/eks/daemon/credentials/pod_identity/providers.tf @@ -13,10 +13,10 @@ provider "kubernetes" { } provider "helm" { - kubernetes { + kubernetes = { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec { + exec = { api_version = "client.authentication.k8s.io/v1beta1" command = "aws" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] diff --git a/terraform/eks/daemon/entity/providers.tf b/terraform/eks/daemon/entity/providers.tf index 6935b349c..845fe7f74 100644 --- a/terraform/eks/daemon/entity/providers.tf +++ b/terraform/eks/daemon/entity/providers.tf @@ -16,10 +16,10 @@ provider "kubernetes" { } provider "helm" { - kubernetes { + kubernetes = { host = aws_eks_cluster.this.endpoint cluster_ca_certificate = base64decode(aws_eks_cluster.this.certificate_authority.0.data) - exec { + exec = { api_version = "client.authentication.k8s.io/v1beta1" args = ["eks", "get-token", "--cluster-name", aws_eks_cluster.this.name] command = "aws" From 31cb30b2a63d4ef96b86f6f2d0221f63dbcc051c Mon Sep 17 00:00:00 2001 From: Paramadon Date: Fri, 27 Jun 2025 17:15:20 -0400 Subject: [PATCH 7/7] fixing helm --- terraform/eks/daemon/entity/main.tf | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/terraform/eks/daemon/entity/main.tf b/terraform/eks/daemon/entity/main.tf index 3a5db09aa..262dbeba9 100644 --- a/terraform/eks/daemon/entity/main.tf +++ b/terraform/eks/daemon/entity/main.tf @@ -182,19 +182,22 @@ resource "helm_release" "aws_observability" { namespace = "amazon-cloudwatch" create_namespace = true - set { - name = "clusterName" - value = aws_eks_cluster.this.name - } + set = [ + { + name = "clusterName" + value = aws_eks_cluster.this.name + }, + { + name = "region" + value = "us-west-2" + } + ] - set { - name = "region" - value = "us-west-2" - } depends_on = [ aws_eks_cluster.this, aws_eks_node_group.this, - null_resource.clone_helm_chart] + null_resource.clone_helm_chart + ] } resource "null_resource" "kubectl" {