Merge pull request #37 from clouddrove/feat/certification-manager

Feat: 🚀 New addon certification-manager, version: 1.13.1

_examples/basic/main.tf

@@ -173,6 +173,7 @@ module "addons" {
   fluent_bit                   = true
   velero                       = true
   keda                         = true
+  certification_manager        = true
 
   # -- Addons with mandatory variable
   istio_ingress    = true

_examples/complete/config/override-certification-manager.yaml

@@ -0,0 +1,21 @@
+## Node affinity for particular node in which labels key is "Infra-Services" and value is "true"
+
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: "eks.amazonaws.com/nodegroup"
+          operator: In
+          values:
+          - "critical"
+
+resources:
+  limits:
+    cpu: 200m
+    memory: 250Mi
+  requests:
+    cpu: 50m
+    memory: 150Mi
+
+installCRDs: true

_examples/complete/main.tf

@@ -168,6 +168,7 @@ module "addons" {
   fluent_bit                   = true
   velero                       = true
   keda                         = true
+  certification_manager        = true
 
   # -- Addons with mandatory variable
   istio_ingress    = true
@@ -195,6 +196,7 @@ module "addons" {
   new_relic_helm_config                    = { values = [file("./config/override-new-relic.yaml")] }
   kube_state_metrics_helm_config           = { values = [file("./config/override-kube-state-matrics.yaml")] }
   keda_helm_config                         = { values = [file("./config/keda/override-keda.yaml")] }
+  certification_manager_helm_config        = { values = [file("./config/override-certification-manager.yaml")] }
 
   # -- Override Helm Release attributes
   metrics_server_extra_configs               = var.metrics_server_extra_configs
@@ -214,6 +216,7 @@ module "addons" {
   new_relic_extra_configs                    = var.new_relic_extra_configs
   kube_state_metrics_extra_configs           = var.kube_state_metrics_extra_configs
   keda_extra_configs                         = var.keda_extra_configs
+  certification_manager_extra_configs        = var.certification_manager_extra_configs
 
   external_secrets_extra_configs = {
     irsa_assume_role_policy = jsonencode({

_examples/complete/variables.tf

@@ -99,6 +99,13 @@ variable "keda_extra_configs" {
   default = {}
 }
 
+# ------------------ CERTIFICATION-MANAGER -----------------------------------------------------
+variable "certification_manager_extra_configs" {
+  type    = any
+  default = {}
+}
+
+
 # ------------------ ISTIO INGRESS ---------------------------------------------
 # -- INTERNET FACING --------------
 variable "istio_manifests" {

addons/cert-manager/README.md

@@ -0,0 +1,62 @@
+# Certification Manager Helm Chart
+
+Certification Manager is a Kubernetes addon to automate the management and issuance of TLS certificates from various issuing sources.
+It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry..
+
+## Installation
+Below terraform script shows how to use Certification Manager Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
+```hcl
+module "addons" {
+  source  = "clouddrove/eks-addons/aws"
+  version = "0.1.0"
+  
+  depends_on       = [module.eks]
+  eks_cluster_name = module.eks.cluster_name
+
+  certification_manager   = true
+}
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.10 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.10 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | ../helm | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [kubernetes_namespace_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_addon_context"></a> [addon\_context](#input\_addon\_context) | Input configuration for the addon | <pre>object({<br>    aws_caller_identity_account_id = string<br>    aws_caller_identity_arn        = string<br>    aws_eks_cluster_endpoint       = string<br>    aws_partition_id               = string<br>    aws_region_name                = string<br>    eks_cluster_id                 = string<br>    eks_oidc_issuer_url            = string<br>    eks_oidc_provider_arn          = string<br>    tags                           = map(string)<br>  })</pre> | n/a | yes |
+| <a name="input_helm_config"></a> [helm\_config](#input\_helm\_config) | Helm provider config for Certification Manager | `any` | `{}` | no |
+| <a name="input_manage_via_gitops"></a> [manage\_via\_gitops](#input\_manage\_via\_gitops) | Determines if the add-on should be managed via GitOps | `bool` | `false` | no |
+| <a name="input_certification_manager_extra_configs"></a> [certification_manager\_extra\_configs](#input\certification_manager\_extra\_configs) | Override attributes of helm\_release terraform resource | `any` | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_chart_version"></a> [chart\_version](#output\_chart\_version) | n/a |
+| <a name="output_namespace"></a> [namespace](#output\_namespace) | n/a |
+| <a name="output_repository"></a> [repository](#output\_repository) | n/a |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->