🧹 Cleanup flux manifests (#220)

* Drop dead variables for kustomization post build * Cleanup istio config variables * Cleanup java and nginx variables * Bump dependencies * Fix tf bug * Pre-commit checks
aws-observability · Aug 18, 2023 · 4517913 · 4517913
1 parent 6ca939d
commit 4517913
Show file tree

Hide file tree

Showing 18 changed files with 51 additions and 84 deletions.
diff --git a/modules/eks-monitoring/README.md b/modules/eks-monitoring/README.md
@@ -39,7 +39,7 @@ See examples using this Terraform modules in the **Amazon EKS** section of [this
 |------|--------|---------|
 | <a name="module_external_secrets"></a> [external\_secrets](#module\_external\_secrets) | ./add-ons/external-secrets | n/a |
 | <a name="module_fluentbit_logs"></a> [fluentbit\_logs](#module\_fluentbit\_logs) | ./add-ons/aws-for-fluentbit | n/a |
-| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon | v4.32.0 |
+| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon | v4.32.1 |
 | <a name="module_istio_monitoring"></a> [istio\_monitoring](#module\_istio\_monitoring) | ./patterns/istio | n/a |
 | <a name="module_java_monitoring"></a> [java\_monitoring](#module\_java\_monitoring) | ./patterns/java | n/a |
 | <a name="module_nginx_monitoring"></a> [nginx\_monitoring](#module\_nginx\_monitoring) | ./patterns/nginx | n/a |
@@ -109,7 +109,7 @@ See examples using this Terraform modules in the **Amazon EKS** section of [this
 | <a name="input_helm_config"></a> [helm\_config](#input\_helm\_config) | Helm Config for Prometheus | `any` | `{}` | no |
 | <a name="input_irsa_iam_permissions_boundary"></a> [irsa\_iam\_permissions\_boundary](#input\_irsa\_iam\_permissions\_boundary) | IAM permissions boundary for IRSA roles | `string` | `null` | no |
 | <a name="input_irsa_iam_role_path"></a> [irsa\_iam\_role\_path](#input\_irsa\_iam\_role\_path) | IAM role path for IRSA roles | `string` | `"/"` | no |
-| <a name="input_istio_config"></a> [istio\_config](#input\_istio\_config) | Configuration object for ISTIO monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    enable_dashboards      = bool<br>    scrape_sample_limit    = number<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    grafana_url                             = string<br>    grafana_istio_cp_dashboard_url          = string<br>    grafana_istio_mesh_dashboard_url        = string<br>    grafana_istio_performance_dashboard_url = string<br>    grafana_istio_service_dashboard_url     = string<br><br>    prometheus_metrics_endpoint = string<br>  })</pre> | `null` | no |
+| <a name="input_istio_config"></a> [istio\_config](#input\_istio\_config) | Configuration object for ISTIO monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    enable_dashboards      = bool<br>    scrape_sample_limit    = number<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    managed_prometheus_workspace_id = string<br>    prometheus_metrics_endpoint     = string<br><br>    dashboards = object({<br>      cp          = string<br>      mesh        = string<br>      performance = string<br>      service     = string<br>    })<br>  })</pre> | `null` | no |
 | <a name="input_java_config"></a> [java\_config](#input\_java\_config) | Configuration object for Java/JMX monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    enable_dashboards      = bool<br>    scrape_sample_limit    = number<br><br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    grafana_dashboard_url = string<br><br>    prometheus_metrics_endpoint = string<br>  })</pre> | `null` | no |
 | <a name="input_ksm_config"></a> [ksm\_config](#input\_ksm\_config) | Kube State metrics configuration | <pre>object({<br>    create_namespace   = bool<br>    k8s_namespace      = string<br>    helm_chart_name    = string<br>    helm_chart_version = string<br>    helm_release_name  = string<br>    helm_repo_url      = string<br>    helm_settings      = map(string)<br>    helm_values        = map(any)<br><br>    scrape_interval = string<br>    scrape_timeout  = string<br>  })</pre> | <pre>{<br>  "create_namespace": true,<br>  "helm_chart_name": "kube-state-metrics",<br>  "helm_chart_version": "4.24.0",<br>  "helm_release_name": "kube-state-metrics",<br>  "helm_repo_url": "https://prometheus-community.github.io/helm-charts",<br>  "helm_settings": {},<br>  "helm_values": {},<br>  "k8s_namespace": "kube-system",<br>  "scrape_interval": "60s",<br>  "scrape_timeout": "15s"<br>}</pre> | no |
 | <a name="input_logs_config"></a> [logs\_config](#input\_logs\_config) | Configuration object for logs collection | <pre>object({<br>    cw_log_retention_days = number<br>  })</pre> | <pre>{<br>  "cw_log_retention_days": 90<br>}</pre> | no |

diff --git a/modules/eks-monitoring/add-ons/aws-for-fluentbit/README.md b/modules/eks-monitoring/add-ons/aws-for-fluentbit/README.md
@@ -24,7 +24,7 @@ See this [Helm Chart](https://github.com/aws/eks-charts/tree/master/stable/aws-f
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon | v4.32.0 |
+| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon | v4.32.1 |
 
 ## Resources
 

diff --git a/modules/eks-monitoring/add-ons/aws-for-fluentbit/main.tf b/modules/eks-monitoring/add-ons/aws-for-fluentbit/main.tf
@@ -1,5 +1,5 @@
 module "helm_addon" {
-  source            = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.32.0"
+  source            = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.32.1"
   manage_via_gitops = var.manage_via_gitops
   set_values        = local.set_values
   helm_config       = local.helm_config

diff --git a/modules/eks-monitoring/add-ons/external-secrets/README.md b/modules/eks-monitoring/add-ons/external-secrets/README.md
@@ -23,8 +23,8 @@ This deploys an EKS Cluster with the External Secrets Operator. The cluster is p
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_cluster_secretstore_role"></a> [cluster\_secretstore\_role](#module\_cluster\_secretstore\_role) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/irsa | v4.32.0 |
-| <a name="module_external_secrets"></a> [external\_secrets](#module\_external\_secrets) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/external-secrets | v4.32.0 |
+| <a name="module_cluster_secretstore_role"></a> [cluster\_secretstore\_role](#module\_cluster\_secretstore\_role) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/irsa | v4.32.1 |
+| <a name="module_external_secrets"></a> [external\_secrets](#module\_external\_secrets) | github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/external-secrets | v4.32.1 |
 
 ## Resources
 

diff --git a/modules/eks-monitoring/add-ons/external-secrets/main.tf b/modules/eks-monitoring/add-ons/external-secrets/main.tf
@@ -1,5 +1,5 @@
 module "external_secrets" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/external-secrets?ref=v4.32.0"
+  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/external-secrets?ref=v4.32.1"
   count  = var.enable_external_secrets ? 1 : 0
 
   helm_config   = var.helm_config
@@ -17,7 +17,7 @@ resource "aws_kms_key" "secrets" {
 }
 
 module "cluster_secretstore_role" {
-  source                      = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/irsa?ref=v4.32.0"
+  source                      = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/irsa?ref=v4.32.1"
   kubernetes_namespace        = local.namespace
   create_kubernetes_namespace = false
   kubernetes_service_account  = local.cluster_secretstore_sa

diff --git a/modules/eks-monitoring/dashboards.tf b/modules/eks-monitoring/dashboards.tf
@@ -64,9 +64,6 @@ spec:
     name: ${local.apiserver_monitoring_config.flux_gitrepository_name}
   postBuild:
     substitute:
-      AMG_AWS_REGION: ${var.managed_prometheus_workspace_region}
-      AMP_ENDPOINT_URL: ${var.managed_prometheus_workspace_endpoint}
-      AMG_ENDPOINT_URL: ${var.grafana_url}
       GRAFANA_APISERVER_BASIC_DASH_URL: ${local.apiserver_monitoring_config.dashboards.basic}
       GRAFANA_APISERVER_ADVANCED_DASH_URL: ${local.apiserver_monitoring_config.dashboards.advanced}
       GRAFANA_APISERVER_TROUBLESHOOTING_DASH_URL: ${local.apiserver_monitoring_config.dashboards.troubleshooting}
@@ -92,10 +89,7 @@ spec:
     name: ${local.adothealth_monitoring_config.flux_gitrepository_name}
   postBuild:
     substitute:
-      AMG_AWS_REGION: ${var.managed_prometheus_workspace_region}
-      AMP_ENDPOINT_URL: ${var.managed_prometheus_workspace_endpoint}
-      AMG_ENDPOINT_URL: ${var.grafana_url}
-      GRAFANA_ADOTHEALTH_DASH_URL: ${local.adothealth_monitoring_config.dashboards.grafana_adothealth_dashboard_url}
+      GRAFANA_ADOTHEALTH_DASH_URL: ${local.adothealth_monitoring_config.dashboards.health}
 YAML
   count      = var.enable_adotcollector_metrics ? 1 : 0
   depends_on = [module.external_secrets]

diff --git a/modules/eks-monitoring/locals.tf b/modules/eks-monitoring/locals.tf
@@ -45,12 +45,9 @@ locals {
     flux_kustomization_name   = "grafana-dashboards-java"
     flux_kustomization_path   = "./artifacts/grafana-operator-manifests/eks/java"
 
-    managed_prometheus_workspace_id       = var.managed_prometheus_workspace_id
-    managed_prometheus_workspace_region   = var.managed_prometheus_workspace_region
-    managed_prometheus_workspace_endpoint = var.managed_prometheus_workspace_endpoint
-    prometheus_metrics_endpoint           = "/metrics"
+    managed_prometheus_workspace_id = var.managed_prometheus_workspace_id
+    prometheus_metrics_endpoint     = "/metrics"
 
-    grafana_url           = var.grafana_url
     grafana_dashboard_url = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/java/default.json"
   }
 
@@ -69,12 +66,9 @@ locals {
     flux_kustomization_name   = "grafana-dashboards-nginx"
     flux_kustomization_path   = "./artifacts/grafana-operator-manifests/eks/nginx"
 
-    managed_prometheus_workspace_id       = var.managed_prometheus_workspace_id
-    managed_prometheus_workspace_region   = var.managed_prometheus_workspace_region
-    managed_prometheus_workspace_endpoint = var.managed_prometheus_workspace_endpoint
-    prometheus_metrics_endpoint           = "/metrics"
+    managed_prometheus_workspace_id = var.managed_prometheus_workspace_id
+    prometheus_metrics_endpoint     = "/metrics"
 
-    grafana_url           = var.grafana_url
     grafana_dashboard_url = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/nginx/nginx.json"
   }
 
@@ -93,16 +87,15 @@ locals {
     flux_kustomization_name   = "grafana-dashboards-istio"
     flux_kustomization_path   = "./artifacts/grafana-operator-manifests/eks/istio"
 
-    managed_prometheus_workspace_id       = var.managed_prometheus_workspace_id
-    managed_prometheus_workspace_region   = var.managed_prometheus_workspace_region
-    managed_prometheus_workspace_endpoint = var.managed_prometheus_workspace_endpoint
-    prometheus_metrics_endpoint           = "/metrics"
+    managed_prometheus_workspace_id = var.managed_prometheus_workspace_id
+    prometheus_metrics_endpoint     = "/metrics"
 
-    grafana_url                             = var.grafana_url
-    grafana_istio_cp_dashboard_url          = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-control-plane-dashboard.json"
-    grafana_istio_mesh_dashboard_url        = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-mesh-dashboard.json"
-    grafana_istio_performance_dashboard_url = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-performance-dashboard.json"
-    grafana_istio_service_dashboard_url     = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-service-dashboard.json"
+    dashboards = {
+      cp          = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-control-plane-dashboard.json"
+      mesh        = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-mesh-dashboard.json"
+      performance = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-performance-dashboard.json"
+      service     = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/istio/istio-service-dashboard.json"
+    }
   }
 
   apiserver_monitoring_config = {
@@ -129,7 +122,7 @@ locals {
     flux_kustomization_path   = "./artifacts/grafana-operator-manifests/eks/adot"
 
     dashboards = {
-      grafana_adothealth_dashboard_url = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/adot/adothealth.json"
+      health = "https://github.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/adot/adothealth.json"
     }
   }
 }
diff --git a/modules/eks-monitoring/main.tf b/modules/eks-monitoring/main.tf
@@ -72,7 +72,7 @@ resource "helm_release" "grafana_operator" {
 }
 
 module "helm_addon" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.32.0"
+  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.32.1"
 
   helm_config = merge(
     {
@@ -209,7 +209,6 @@ module "java_monitoring" {
   count  = var.enable_java ? 1 : 0
 
   pattern_config = coalesce(var.java_config, local.java_pattern_config)
-
 }
 
 module "nginx_monitoring" {

diff --git a/modules/eks-monitoring/patterns/istio/README.md b/modules/eks-monitoring/patterns/istio/README.md
@@ -39,7 +39,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_pattern_config"></a> [pattern\_config](#input\_pattern\_config) | Configuration object for ISTIO monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    scrape_sample_limit    = number<br><br>    enable_recording_rules = bool<br><br>    enable_dashboards = bool<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    managed_prometheus_workspace_id       = string<br>    managed_prometheus_workspace_region   = string<br>    managed_prometheus_workspace_endpoint = string<br><br>    grafana_url                             = string<br>    grafana_istio_cp_dashboard_url          = string<br>    grafana_istio_mesh_dashboard_url        = string<br>    grafana_istio_performance_dashboard_url = string<br>    grafana_istio_service_dashboard_url     = string<br>  })</pre> | n/a | yes |
+| <a name="input_pattern_config"></a> [pattern\_config](#input\_pattern\_config) | Configuration object for ISTIO monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    enable_dashboards      = bool<br>    scrape_sample_limit    = number<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    managed_prometheus_workspace_id = string<br>    prometheus_metrics_endpoint     = string<br><br>    dashboards = object({<br>      cp          = string<br>      mesh        = string<br>      performance = string<br>      service     = string<br>    })<br>  })</pre> | n/a | yes |
 
 ## Outputs
 

diff --git a/modules/eks-monitoring/patterns/istio/main.tf b/modules/eks-monitoring/patterns/istio/main.tf
@@ -206,12 +206,9 @@ spec:
     name: ${var.pattern_config.flux_gitrepository_name}
   postBuild:
     substitute:
-      AMG_AWS_REGION: ${var.pattern_config.managed_prometheus_workspace_region}
-      AMP_ENDPOINT_URL: ${var.pattern_config.managed_prometheus_workspace_endpoint}
-      AMG_ENDPOINT_URL: ${var.pattern_config.grafana_url}
-      GRAFANA_ISTIO_CP_DASH_URL: ${var.pattern_config.grafana_istio_cp_dashboard_url}
-      GRAFANA_ISTIO_MESH_DASH_URL: ${var.pattern_config.grafana_istio_mesh_dashboard_url}
-      GRAFANA_ISTIO_PERF_DASH_URL: ${var.pattern_config.grafana_istio_performance_dashboard_url}
-      GRAFANA_ISTIO_SERVICE_DASH_URL: ${var.pattern_config.grafana_istio_service_dashboard_url}
+      GRAFANA_ISTIO_CP_DASH_URL: ${var.pattern_config.dashboards.cp}
+      GRAFANA_ISTIO_MESH_DASH_URL: ${var.pattern_config.dashboards.mesh}
+      GRAFANA_ISTIO_PERF_DASH_URL: ${var.pattern_config.dashboards.performance}
+      GRAFANA_ISTIO_SERVICE_DASH_URL: ${var.pattern_config.dashboards.service}
 YAML
 }
diff --git a/modules/eks-monitoring/patterns/istio/variables.tf b/modules/eks-monitoring/patterns/istio/variables.tf
@@ -3,27 +3,24 @@ variable "pattern_config" {
   type = object({
     enable_alerting_rules  = bool
     enable_recording_rules = bool
+    enable_dashboards      = bool
     scrape_sample_limit    = number
 
-    enable_recording_rules = bool
-
-    enable_dashboards = bool
-
     flux_gitrepository_name   = string
     flux_gitrepository_url    = string
     flux_gitrepository_branch = string
     flux_kustomization_name   = string
     flux_kustomization_path   = string
 
-    managed_prometheus_workspace_id       = string
-    managed_prometheus_workspace_region   = string
-    managed_prometheus_workspace_endpoint = string
+    managed_prometheus_workspace_id = string
+    prometheus_metrics_endpoint     = string
 
-    grafana_url                             = string
-    grafana_istio_cp_dashboard_url          = string
-    grafana_istio_mesh_dashboard_url        = string
-    grafana_istio_performance_dashboard_url = string
-    grafana_istio_service_dashboard_url     = string
+    dashboards = object({
+      cp          = string
+      mesh        = string
+      performance = string
+      service     = string
+    })
   })
   nullable = false
 }
diff --git a/modules/eks-monitoring/patterns/java/README.md b/modules/eks-monitoring/patterns/java/README.md
@@ -39,7 +39,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_pattern_config"></a> [pattern\_config](#input\_pattern\_config) | Configuration object for Java/JMX monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    scrape_sample_limit    = number<br><br>    enable_recording_rules = bool<br><br>    enable_dashboards = bool<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    managed_prometheus_workspace_id       = string<br>    managed_prometheus_workspace_region   = string<br>    managed_prometheus_workspace_endpoint = string<br><br>    grafana_url           = string<br>    grafana_dashboard_url = string<br>  })</pre> | n/a | yes |
+| <a name="input_pattern_config"></a> [pattern\_config](#input\_pattern\_config) | Configuration object for Java/JMX monitoring | <pre>object({<br>    enable_alerting_rules  = bool<br>    enable_recording_rules = bool<br>    scrape_sample_limit    = number<br><br>    enable_dashboards = bool<br><br>    flux_gitrepository_name   = string<br>    flux_gitrepository_url    = string<br>    flux_gitrepository_branch = string<br>    flux_kustomization_name   = string<br>    flux_kustomization_path   = string<br><br>    managed_prometheus_workspace_id = string<br>    prometheus_metrics_endpoint     = string<br><br>    grafana_dashboard_url = string<br>  })</pre> | n/a | yes |
 
 ## Outputs
 

diff --git a/modules/eks-monitoring/patterns/java/main.tf b/modules/eks-monitoring/patterns/java/main.tf
@@ -50,9 +50,6 @@ spec:
     name: ${var.pattern_config.flux_gitrepository_name}
   postBuild:
     substitute:
-      AMG_AWS_REGION: ${var.pattern_config.managed_prometheus_workspace_region}
-      AMP_ENDPOINT_URL: ${var.pattern_config.managed_prometheus_workspace_endpoint}
-      AMG_ENDPOINT_URL: ${var.pattern_config.grafana_url}
       GRAFANA_JAVA_JMX_DASH_URL: ${var.pattern_config.grafana_dashboard_url}
 YAML
 }