fix: Add support for Terraform v1.3+ using local version of partner m…

…odules temporarily (#1037)

.github/workflows/plan-examples.yml

@@ -52,10 +52,6 @@ jobs:
       - name: Remove default Terraform
         run: rm -rf $(which terraform)
 
-      - name: Should fail
-        continue-on-error: true
-        run: terraform version
-
       - name: checkout-merge
         if: "contains(github.event_name, 'pull_request')"
         uses: actions/checkout@v3

.github/workflows/pre-commit.yaml

@@ -44,10 +44,6 @@ jobs:
       - name: Remove default Terraform
         run: rm -rf $(which terraform)
 
-      - name: Should fail
-        continue-on-error: true
-        run: terraform version
-
       - name: Checkout
         uses: actions/checkout@v3
 
@@ -96,9 +92,6 @@ jobs:
           terraform-version: ${{ steps.minMax.outputs.minVersion }}
           args: 'terraform_validate --color=always --show-diff-on-failure --files $(ls *.tf)'
 
-      - if: steps.changes.outputs.src== 'true'
-        run: terraform version
-
   preCommitMaxVersion:
     name: Max TF pre-commit
     runs-on: ubuntu-latest
@@ -107,10 +100,6 @@ jobs:
       - name: Remove default Terraform
         run: rm -rf $(which terraform)
 
-      - name: Should fail
-        continue-on-error: true
-        run: terraform version
-
       - name: Checkout
         uses: actions/checkout@v3
 
@@ -142,14 +131,10 @@ jobs:
         uses: clowdhaus/terraform-min-max@v1.0.7
         if: steps.changes.outputs.src== 'true'
 
-      # TODO - remove hardcoded version once optional attributes are resolved/removed
-      - name: Pre-commit Terraform 1.2.9 # ${{ steps.minMax.outputs.maxVersion }}
+      - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
         uses: clowdhaus/terraform-composite-actions/pre-commit@v1.6.0
         if: steps.changes.outputs.src== 'true'
         with:
-          terraform-version: 1.2.9 # ${{ steps.minMax.outputs.maxVersion }}
+          terraform-version: ${{ steps.minMax.outputs.maxVersion }}
           terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
           tflint-version: ${{ env.TFLINT_VERSION }}
-
-      - if: steps.changes.outputs.src== 'true'
-        run: terraform version

.pre-commit-config.yaml

@@ -10,7 +10,7 @@ repos:
       - id: detect-aws-credentials
         args: ['--allow-missing-credentials']
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.75.0
+    rev: v1.76.0
     hooks:
       - id: terraform_fmt
       - id: terraform_docs

README.md

@@ -28,10 +28,10 @@ The below demonstrates how you can leverage EKS Blueprints to deploy an EKS clus
 
 ```hcl
 module "eks_blueprints" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.0.2"
+  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.12.0"
 
   # EKS CLUSTER
-  cluster_version           = "1.21"
+  cluster_version           = "1.23"
   vpc_id                    = "<vpcid>"                                      # Enter VPC ID
   private_subnet_ids        = ["<subnet-a>", "<subnet-b>", "<subnet-c>"]     # Enter Private Subnet IDs
 
@@ -46,7 +46,7 @@ module "eks_blueprints" {
 }
 
 module "eks_blueprints_kubernetes_addons" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons?ref=v4.0.2"
+  source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons?ref=v4.12.0"
 
   eks_cluster_id = module.eks_blueprints.eks_cluster_id
 
@@ -103,11 +103,6 @@ For architectural details, step-by-step instructions, and customization options,
 
 If you are interested in contributing to EKS Blueprints, see the [Contribution guide](https://github.com/aws-ia/terraform-aws-eks-blueprints/blob/main/CONTRIBUTING.md).
 
----
-
-> **_NOTE:_** Use terraform versions after version 1.0.0 and before version 1.3.0.  
-Support for 1.3.x and above [here](https://github.com/aws-ia/terraform-aws-eks-blueprints/issues/988)
-
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 

docs/add-ons/vault.md

@@ -31,4 +31,4 @@ Alternatively, you can override the Helm Values by setting the `vault_helm_confi
   }
 ```
 
-This snippet does not contain _all_ available options that can be set as part of `vault_helm_config`. For the complete listing, see the [`hashicorp-vault-eks-blueprints-addon` repository](https://github.com/hashicorp/terraform-aws-hashicorp-vault-eks-addon/blob/main/locals.tf).
+This snippet does not contain _all_ available options that can be set as part of `vault_helm_config`. For the complete listing, see the [`hashicorp-vault-eks-blueprints-addon` repository](https://github.com/hashicorp/terraform-aws-hashicorp-vault-eks-addon/).

docs/getting-started.md

@@ -9,8 +9,6 @@ First, ensure that you have installed the following tools locally.
 1. [aws cli](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)
 2. [kubectl](https://Kubernetes.io/docs/tasks/tools/)
 3. [terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli)
-> **_NOTE:_** Use terraform versions after version 1.0.0 and before version 1.3.0.  
-Support for 1.3.x and above [here](https://github.com/aws-ia/terraform-aws-eks-blueprints/issues/988)
 
 ## Deployment Steps
 
@@ -25,29 +23,29 @@ The following steps will walk you through the deployment of an [example blueprin
 
 ### Clone the repo
 
-```
+```sh
 git clone https://github.com/aws-ia/terraform-aws-eks-blueprints.git
 ```
 
 ### Terraform INIT
 
 CD into the example directory:
 
-```
+```sh
 cd examples/eks-cluster-with-new-vpc/
 ```
 
 Initialize the working directory with the following:
 
-```
+```sh
 terraform init
 ```
 
 ### Terraform PLAN
 
 Verify the resources that will be created by this execution:
 
-```
+```sh
 terraform plan
 ```
 
@@ -57,41 +55,41 @@ We will leverage Terraform's [target](https://learn.hashicorp.com/tutorials/terr
 
 **Deploy the VPC**. This step will take roughly 3 minutes to complete.
 
-```
+```sh
 terraform apply -target="module.vpc"
 ```
 
 **Deploy the EKS cluster**. This step will take roughly 14 minutes to complete.
 
-```
+```sh
 terraform apply -target="module.eks_blueprints"
 ```
 
 **Deploy the add-ons**. This step will take rough 5 minutes to complete.
 
-```
-terraform apply -target="module.eks_blueprints_kubernetes_addons"
+```sh
+terraform apply
 ```
 
 ## Configure kubectl
 
 Terraform output will display a command in your console that you can use to bootstrap your local `kubeconfig`.
 
-```
+```sh
 configure_kubectl = "aws eks --region <region> update-kubeconfig --name <cluster-name>"
 ```
 
 Run the command in your terminal.
 
-```
+```sh
 aws eks --region <region> update-kubeconfig --name <cluster-name>
 ```
 
 ## Validation
 
 ### List worker nodes
 
-```
+```sh
 kubectl get nodes
 ```
 
@@ -106,7 +104,7 @@ ip-10-0-12-48.us-west-2.compute.internal    Ready    <none>   4h18m   v1.21.5-ek
 
 ### List pods
 
-```
+```sh
 kubectl get pods -n kube-system
 ```
 
@@ -132,20 +130,8 @@ metrics-server-694d47d564-hzd8h                             1/1     Running   1
 
 To clean up your environment, destroy the Terraform modules in reverse order.
 
-Destroy the add-ons.
-
-```
-terraform destroy -target="module.eks_blueprints_kubernetes_addons"
-```
-
-Destroy the EKS cluster.
-
-```
-terraform destroy -target="module.eks_blueprints"
-```
-
-Destroy the VPC.
-
-```
-terraform destroy -target="module.vpc"
+```sh
+terraform destroy -target="module.eks_blueprints_kubernetes_addons" -auto-approve
+terraform destroy -target="module.eks_blueprints" -auto-approve
+terraform destroy -auto-approve
 ```

modules/kubernetes-addons/README.md

@@ -62,7 +62,7 @@
 | <a name="module_local_volume_provisioner"></a> [local\_volume\_provisioner](#module\_local\_volume\_provisioner) | ./local-volume-provisioner | n/a |
 | <a name="module_metrics_server"></a> [metrics\_server](#module\_metrics\_server) | ./metrics-server | n/a |
 | <a name="module_nvidia_device_plugin"></a> [nvidia\_device\_plugin](#module\_nvidia\_device\_plugin) | ./nvidia-device-plugin | n/a |
-| <a name="module_ondat"></a> [ondat](#module\_ondat) | ondat/ondat-addon/eksblueprints | 0.1.1 |
+| <a name="module_ondat"></a> [ondat](#module\_ondat) | ondat/ondat-addon/eksblueprints | 0.1.2 |
 | <a name="module_opentelemetry_operator"></a> [opentelemetry\_operator](#module\_opentelemetry\_operator) | ./opentelemetry-operator | n/a |
 | <a name="module_prometheus"></a> [prometheus](#module\_prometheus) | ./prometheus | n/a |
 | <a name="module_promtail"></a> [promtail](#module\_promtail) | ./promtail | n/a |
@@ -71,9 +71,9 @@
 | <a name="module_smb_csi_driver"></a> [smb\_csi\_driver](#module\_smb\_csi\_driver) | ./smb-csi-driver | n/a |
 | <a name="module_spark_history_server"></a> [spark\_history\_server](#module\_spark\_history\_server) | ./spark-history-server | n/a |
 | <a name="module_spark_k8s_operator"></a> [spark\_k8s\_operator](#module\_spark\_k8s\_operator) | ./spark-k8s-operator | n/a |
-| <a name="module_tetrate_istio"></a> [tetrate\_istio](#module\_tetrate\_istio) | tetratelabs/tetrate-istio-addon/eksblueprints | 0.0.7 |
+| <a name="module_tetrate_istio"></a> [tetrate\_istio](#module\_tetrate\_istio) | ./tetrate-istio | n/a |
 | <a name="module_traefik"></a> [traefik](#module\_traefik) | ./traefik | n/a |
-| <a name="module_vault"></a> [vault](#module\_vault) | hashicorp/hashicorp-vault-eks-addon/aws | 0.9.0 |
+| <a name="module_vault"></a> [vault](#module\_vault) | hashicorp/hashicorp-vault-eks-addon/aws | 1.0.0-rc1 |
 | <a name="module_velero"></a> [velero](#module\_velero) | ./velero | n/a |
 | <a name="module_vpa"></a> [vpa](#module\_vpa) | ./vpa | n/a |
 | <a name="module_yunikorn"></a> [yunikorn](#module\_yunikorn) | ./yunikorn | n/a |

modules/kubernetes-addons/main.tf

@@ -278,9 +278,11 @@ module "metrics_server" {
 }
 
 module "ondat" {
-  count             = var.enable_ondat ? 1 : 0
-  source            = "ondat/ondat-addon/eksblueprints"
-  version           = "0.1.1"
+  source  = "ondat/ondat-addon/eksblueprints"
+  version = "0.1.2"
+
+  count = var.enable_ondat ? 1 : 0
+
   helm_config       = var.ondat_helm_config
   manage_via_gitops = var.argocd_manage_add_ons
   addon_context     = local.addon_context
@@ -339,9 +341,15 @@ module "spark_k8s_operator" {
 }
 
 module "tetrate_istio" {
-  count                = var.enable_tetrate_istio ? 1 : 0
-  source               = "tetratelabs/tetrate-istio-addon/eksblueprints"
-  version              = "0.0.7"
+  # source  = "tetratelabs/tetrate-istio-addon/eksblueprints"
+  # version = "0.0.7"
+
+  # TODO - remove local source and revert to remote once
+  # https://github.com/tetratelabs/terraform-eksblueprints-tetrate-istio-addon/pull/12  is merged
+  source = "./tetrate-istio"
+
+  count = var.enable_tetrate_istio ? 1 : 0
+
   distribution         = var.tetrate_istio_distribution
   distribution_version = var.tetrate_istio_version
   install_base         = var.tetrate_istio_install_base
@@ -369,11 +377,10 @@ module "vault" {
 
   # See https://registry.terraform.io/modules/hashicorp/hashicorp-vault-eks-addon/aws/
   source  = "hashicorp/hashicorp-vault-eks-addon/aws"
-  version = "0.9.0"
+  version = "1.0.0-rc1"
 
   helm_config       = var.vault_helm_config
   manage_via_gitops = var.argocd_manage_add_ons
-  addon_context     = local.addon_context
 }
 
 module "vpa" {
@@ -638,5 +645,3 @@ module "nvidia_device_plugin" {
   manage_via_gitops = var.argocd_manage_add_ons
   addon_context     = local.addon_context
 }
-
-# whitespace noise

modules/kubernetes-addons/tetrate-istio/README.md

@@ -0,0 +1,57 @@
+# Tetrate Istio add-on
+
+## What is Tetrate Istio Distro
+
+[Tetrate Istio Distro](https://istio.tetratelabs.io/) is simple, safe enterprise-grade Istio distro.
+
+## Examples
+
+See [blueprints](https://github.com/tetratelabs/terraform-eksblueprints-tetrate-istio-addon/tree/main/blueprints).
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_base"></a> [base](#module\_base) | ../helm-addon | n/a |
+| <a name="module_cni"></a> [cni](#module\_cni) | ../helm-addon | n/a |
+| <a name="module_gateway"></a> [gateway](#module\_gateway) | ../helm-addon | n/a |
+| <a name="module_istiod"></a> [istiod](#module\_istiod) | ../helm-addon | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_addon_context"></a> [addon\_context](#input\_addon\_context) | Input configuration for the addon | `any` | n/a | yes |
+| <a name="input_base_helm_config"></a> [base\_helm\_config](#input\_base\_helm\_config) | Istio `base` Helm Chart Configuration | `any` | `{}` | no |
+| <a name="input_cni_helm_config"></a> [cni\_helm\_config](#input\_cni\_helm\_config) | Istio `cni` Helm Chart Configuration | `any` | `{}` | no |
+| <a name="input_distribution"></a> [distribution](#input\_distribution) | Istio distribution | `string` | `"TID"` | no |
+| <a name="input_distribution_version"></a> [distribution\_version](#input\_distribution\_version) | Istio version | `string` | `""` | no |
+| <a name="input_gateway_helm_config"></a> [gateway\_helm\_config](#input\_gateway\_helm\_config) | Istio `gateway` Helm Chart Configuration | `any` | `{}` | no |
+| <a name="input_install_base"></a> [install\_base](#input\_install\_base) | Install Istio `base` Helm Chart | `bool` | `true` | no |
+| <a name="input_install_cni"></a> [install\_cni](#input\_install\_cni) | Install Istio `cni` Helm Chart | `bool` | `true` | no |
+| <a name="input_install_gateway"></a> [install\_gateway](#input\_install\_gateway) | Install Istio `gateway` Helm Chart | `bool` | `true` | no |
+| <a name="input_install_istiod"></a> [install\_istiod](#input\_install\_istiod) | Install Istio `istiod` Helm Chart | `bool` | `true` | no |
+| <a name="input_istiod_helm_config"></a> [istiod\_helm\_config](#input\_istiod\_helm\_config) | Istio `istiod` Helm Chart Configuration | `any` | `{}` | no |
+| <a name="input_manage_via_gitops"></a> [manage\_via\_gitops](#input\_manage\_via\_gitops) | Determines if the add-on should be managed via GitOps | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_argocd_gitops_config"></a> [argocd\_gitops\_config](#output\_argocd\_gitops\_config) | Configuration used for managing the add-on with ArgoCD |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->