Merge pull request #5 from cloudbees/feat

Adding Root Module for the add-on

Makefile

@@ -0,0 +1,38 @@
+.DEFAULT_GOAL   	:= help
+SHELL           	:= /bin/bash
+MAKEFLAGS       	+= --no-print-directory
+MKFILEDIR 			:= $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
+
+.PHONY: dBuildAndRun
+dBuildAndRun: ## Docker Build and Run locally 
+dBuildAndRun:
+	docker build . --file .docker/Dockerfile \
+		--tag local.cloudbees/bp-agent:latest
+	docker run -it --name bp-agent_$(shell echo $$RANDOM) \
+		-v $(MKFILEDIR):/root/cloudbees-ci-addons -v $(HOME)/.aws:/root/.aws \
+		local.cloudbees/bp-agent:latest
+
+.PHONY: tfRun
+tfRun: ## Run Terraform Blueprint passed as parameter. ROOT=getting-started/v4 make tfRun 
+tfRun: guard-ROOT
+	terraform -chdir=blueprints/$(ROOT) fmt
+	terraform -chdir=blueprints/$(ROOT) init -upgrade
+	terraform -chdir=blueprints/$(ROOT) plan 
+	terraform -chdir=blueprints/$(ROOT) apply
+
+.PHONY: tfDestroy
+tfDestroy: ## Destroy Terraform Blueprint passed as parameter. ROOT=getting-started/v4 make tfDestroy 
+tfDestroy: guard-ROOT
+	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks_blueprints_addon_cbci
+	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks_blueprints_addons
+	terraform -chdir=blueprints/$(ROOT) destroy -target=module.eks
+	terraform -chdir=blueprints/$(ROOT) destroy -target=module.vpc
+	terraform -chdir=blueprints/$(ROOT) destroy
+
+.PHONY: help
+help: ## Makefile Help Page
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n\nTargets:\n"} /^[\/\%a-zA-Z_-]+:.*?##/ { printf "  \033[36m%-21s\033[0m %s\n", $$1, $$2 }' $(MAKEFILE_LIST) 2>/dev/null
+
+.PHONY: guard-%
+guard-%:
+	@if [[ "${${*}}" == "" ]]; then echo "Environment variable $* not set"; exit 1; fi

README.md

@@ -1,12 +1,47 @@
-# terraform-aws-cloudbees-ci-eks-addon
-CloudBees CI Add-on for AWS EKS
+# CloudBees CI Add-on for AWS EKS
+
+[![md-link-checker](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/md-link-checker.yml/badge.svg)](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/md-link-checker.yml) [![superlinter](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/superlinter.yml/badge.svg)](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/superlinter.yml) [![terraform-docs](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/terraform-docs.yml/badge.svg)](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/terraform-docs.yml) [![terraform](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/terraform.yml/badge.svg)](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/actions/workflows/terraform.yml)
+
+> Deploy CloudBees CI to AWS EKS Clusters with this add-on.
+
+## Usage
+
+If you would like to override any defaults with the chart, you can do so by passing the `helm_config` variable.
 
 <!-- BEGIN_TF_DOCS -->
 ### Inputs
 
-No inputs.
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| cert_arn | Certificate ARN from AWS ACM | `string` | n/a | yes |
+| hostname | Route53 Hosted zone name | `string` | n/a | yes |
+| helm_config | CloudBees CI Helm chart configuration | `any` | `{}` | no |
+| manage_via_gitops | Determines if the add-on should be managed via GitOps | `bool` | `false` | no |
+| temp_license | Temporary license details | `map(string)` | <pre>{<br>  "company": "Example Inc.",<br>  "email": "[email protected]",<br>  "first_name": "User Name Example",<br>  "last_name": "User Last Name Example"<br>}</pre> | no |
 
 ### Outputs
 
-No outputs.
-<!-- END_TF_DOCS -->
+| Name | Description |
+|------|-------------|
+| argocd_gitops_config | Configuration used for managing the add-on with ArgoCD |
+| merged_helm_config | (merged) Helm Config for CloudBees CI |
+<!-- END_TF_DOCS -->
+
+## Blueprints
+
+### Getting Started
+
+```bash
+ROOT=getting-started/v4 make tfRun
+```
+
+```bash
+ROOT=getting-started/v5 make tfRun
+```
+
+## References
+
+- [Amazon EKS Blueprints for Terraform](https://aws-ia.github.io/terraform-aws-eks-blueprints/)
+- [Amazon EKS Blueprints Addons](https://aws-ia.github.io/terraform-aws-eks-blueprints-addons/main/)
+- [CloudBees CI Docs](https://docs.cloudbees.com/docs/cloudbees-ci/latest/)
+- [CloudBees CI release notes](https://docs.cloudbees.com/docs/release-notes/latest/cloudbees-ci/)

main.tf

@@ -0,0 +1,77 @@
+# Copyright (c) CloudBees, Inc.
+
+resource "helm_release" "cloudbees_ci" {
+  count = var.manage_via_gitops ? 0 : 1
+
+  name             = try(var.helm_config.name, "cloudbees-ci")
+  namespace        = try(var.helm_config.namespace, "cloudbees-ci")
+  create_namespace = try(var.helm_config.create_namespace, true)
+  description      = try(var.helm_config.description, null)
+  chart            = "cloudbees-core"
+  #Chart versions: #https://artifacthub.io/packages/helm/cloudbees/cloudbees-core/
+  #Chart versions are linked to an app version: https://docs.cloudbees.com/docs/release-notes/latest/cloudbees-ci/
+  version    = try(var.helm_config.version, "3.14783.0+d0af0bc462a0")
+  repository = try(var.helm_config.repository, "https://public-charts.artifacts.cloudbees.com/repository/public/")
+  values = try(var.helm_config.values, [templatefile("${path.module}/values.yml", {
+    hostname     = var.hostname
+    cert_arn     = var.cert_arn
+    LicFirstName = var.temp_license["first_name"]
+    LicLastName  = var.temp_license["last_name"]
+    LicEmail     = var.temp_license["email"]
+    LicCompany   = var.temp_license["company"]
+  })])
+
+  timeout                    = try(var.helm_config.timeout, 1200)
+  repository_key_file        = try(var.helm_config.repository_key_file, null)
+  repository_cert_file       = try(var.helm_config.repository_cert_file, null)
+  repository_ca_file         = try(var.helm_config.repository_ca_file, null)
+  repository_username        = try(var.helm_config.repository_username, null)
+  repository_password        = try(var.helm_config.repository_password, null)
+  devel                      = try(var.helm_config.devel, null)
+  verify                     = try(var.helm_config.verify, null)
+  keyring                    = try(var.helm_config.keyring, null)
+  disable_webhooks           = try(var.helm_config.disable_webhooks, null)
+  reuse_values               = try(var.helm_config.reuse_values, null)
+  reset_values               = try(var.helm_config.reset_values, null)
+  force_update               = try(var.helm_config.force_update, null)
+  recreate_pods              = try(var.helm_config.recreate_pods, null)
+  cleanup_on_fail            = try(var.helm_config.cleanup_on_fail, null)
+  max_history                = try(var.helm_config.max_history, null)
+  atomic                     = try(var.helm_config.atomic, null)
+  skip_crds                  = try(var.helm_config.skip_crds, null)
+  render_subchart_notes      = try(var.helm_config.render_subchart_notes, null)
+  disable_openapi_validation = try(var.helm_config.disable_openapi_validation, null)
+  wait                       = try(var.helm_config.wait, null)
+  wait_for_jobs              = try(var.helm_config.wait_for_jobs, null)
+  dependency_update          = try(var.helm_config.dependency_update, null)
+  replace                    = try(var.helm_config.replace, null)
+  lint                       = try(var.helm_config.lint, null)
+
+  dynamic "postrender" {
+    for_each = can(var.helm_config.postrender_binary_path) ? [1] : []
+
+    content {
+      binary_path = var.helm_config.postrender_binary_path
+    }
+  }
+
+  dynamic "set" {
+    for_each = try(var.helm_config.set, [])
+
+    content {
+      name  = set.value.name
+      value = set.value.value
+      type  = try(set.value.type, null)
+    }
+  }
+
+  dynamic "set_sensitive" {
+    for_each = try(var.helm_config.set_sensitive, {})
+
+    content {
+      name  = set_sensitive.value.name
+      value = set_sensitive.value.value
+      type  = try(set_sensitive.value.type, null)
+    }
+  }
+}

outputs.tf

@@ -0,0 +1,11 @@
+# Copyright (c) CloudBees, Inc.
+
+output "argocd_gitops_config" {
+  description = "Configuration used for managing the add-on with ArgoCD"
+  value       = var.manage_via_gitops ? { enable = true } : null
+}
+
+output "merged_helm_config" {
+  description = "(merged) Helm Config for CloudBees CI"
+  value       = helm_release.cloudbees_ci
+}

terraform.tf

@@ -0,0 +1,12 @@
+# Copyright (c) CloudBees, Inc.
+
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = ">= 2.5.1"
+    }
+  }
+}

values.yml

@@ -0,0 +1,33 @@
+#https://artifacthub.io/packages/helm/cloudbees/cloudbees-core/
+#https://docs.cloudbees.com/docs/cloudbees-ci/latest/eks-install-guide/installing-eks-using-helm
+Subdomain: true
+OperationsCenter:
+  JavaOpts: >-
+      -XX:InitialRAMPercentage=70.0
+      -XX:MaxRAMPercentage=70.0
+  Resources:
+    Limits:
+      Memory: "4G"
+      Cpu: 2
+    Requests:
+      Memory: "4G"
+      Cpu: 2
+  HostName: ${hostname}
+  Protocol: https
+  Platform: eks
+  Ingress:
+    Class: alb
+    Annotations:
+      alb.ingress.kubernetes.io/scheme: internet-facing
+      alb.ingress.kubernetes.io/certificate-arn: ${cert_arn}
+  License:
+    Evaluation:
+      Enabled: true
+      FirstName: ${LicFirstName}
+      LastName: ${LicLastName}
+      Email: ${LicEmail}
+      Company: ${LicCompany}    
+Master:
+  JavaOpts: >-
+    -XX:InitialRAMPercentage=70.0
+    -XX:MaxRAMPercentage=70.0

variables.tf

@@ -0,0 +1,39 @@
+# Copyright (c) CloudBees, Inc.
+
+variable "helm_config" {
+  description = "CloudBees CI Helm chart configuration"
+  type        = any
+  default     = {}
+}
+
+variable "manage_via_gitops" {
+  description = "Determines if the add-on should be managed via GitOps"
+  type        = bool
+  default     = false
+}
+
+variable "hostname" {
+  description = "Route53 Hosted zone name"
+  type        = string
+}
+
+variable "cert_arn" {
+  description = "Certificate ARN from AWS ACM"
+  type        = string
+
+  validation {
+    condition     = can(regex("^arn", var.cert_arn))
+    error_message = "For the cert_arn should start with arn."
+  }
+}
+
+variable "temp_license" {
+  description = "Temporary license details"
+  type        = map(string)
+  default = {
+    first_name = "User Name Example"
+    last_name  = "User Last Name Example"
+    email      = "[email protected]"
+    company    = "Example Inc."
+  }
+}