Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add teraform module #175

Merged
merged 4 commits into from
Sep 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions .github/workflows/integrate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,14 @@ jobs:

- name: Run unit tests
run: tox -e unit

terraform-checks:
name: Terraform
uses: canonical/charmed-kubeflow-workflows/.github/workflows/terraform-checks.yaml@main
with:
charm-path: .
model: kubeflow
channel: latest/edge

integration:
name: Integration Tests
Expand Down
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,5 @@ build/
.tox/
__pycache__
.idea
.terraform*
*.tfstate*
63 changes: 63 additions & 0 deletions terraform/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
# Terraform module for oidc-gatekeeper
mvlassis marked this conversation as resolved.
Show resolved Hide resolved

This is a Terraform module facilitating the deployment of the oidc-gatekeeper charm, using the [Terraform juju provider](https://github.com/juju/terraform-provider-juju/). For more information, refer to the provider [documentation](https://registry.terraform.io/providers/juju/juju/latest/docs).

## Compatibility
This terraform module is compatible with charms of version >= ckf-1.9 due to changes in the charm's relations.

## Requirements
This module requires a `juju` model to be available. Refer to the [usage section](#usage) below for more details.

## API

### Inputs
The module offers the following configurable inputs:

| Name | Type | Description | Required |
| - | - | - | - |
| `app_name`| string | Application name | False |
| `channel`| string | Channel that the charm is deployed from | False |
| `config`| map(string) | Map of the charm configuration options | False |
| `model_name`| string | Name of the model that the charm is deployed on | True |
| `resources`| map(string) | Map of the charm resources | False |
| `revision`| number | Revision number of the charm name | False |

### Outputs
Upon applied, the module exports the following outputs:

| Name | Description |
| - | - |
| `app_name`| Application name |
| `provides`| Map of `provides` endpoints |
| `requires`| Map of `reqruires` endpoints |

## Usage

This module is intended to be used as part of a higher-level module. When defining one, users should ensure that Terraform is aware of the `juju_model` dependency of the charm module. There are two options to do so when creating a high-level module:

### Define a `juju_model` resource
Define a `juju_model` resource and pass to the `model_name` input a reference to the `juju_model` resource's name. For example:

```
resource "juju_model" "testing" {
name = kubeflow
}

module "oidc-gatekeeper" {
source = "<path-to-this-directory>"
model_name = juju_model.testing.name
}
```

### Define a `data` source
Define a `data` source and pass to the `model_name` input a reference to the `data.juju_model` resource's name. This will enable Terraform to look for a `juju_model` resource with a name attribute equal to the one provided, and apply only if this is present. Otherwise, it will fail before applying anything.
```
data "juju_model" "testing" {
name = var.model_name
}

module "oidc-gatekeeper" {
source = "<path-to-this-directory>"
model_name = data.juju_model.testing.name
}
```
13 changes: 13 additions & 0 deletions terraform/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
resource "juju_application" "oidc_gatekeeper" {
charm {
name = "oidc-gatekeeper"
channel = var.channel
revision = var.revision
}
config = var.config
model = var.model_name
name = var.app_name
resources = var.resources
trust = true
units = 1
}
24 changes: 24 additions & 0 deletions terraform/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
output "app_name" {
value = juju_application.oidc_gatekeeper.name
}

output "peers" {
value = {
client_secret = "client-secret",
}
}

output "provides" {
value = {
oidc_client = "oidc-client",
}
}

output "requires" {
value = {
dex_oidc_config = "dex-oidc-config",
ingress = "ingress",
ingress_auth = "ingress-auth"
logging = "logging"
}
}
34 changes: 34 additions & 0 deletions terraform/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
variable "app_name" {
description = "Application name"
type = string
default = "oidc-gatekeeper"
}

variable "channel" {
description = "Charm channel"
type = string
default = null
}

variable "config" {
description = "Map of charm configuration options"
type = map(string)
default = {}
}

variable "model_name" {
description = "Model name"
type = string
}

variable "resources" {
description = "Map of resources"
type = map(string)
default = null
}

variable "revision" {
description = "Charm revision"
type = number
default = null
}
9 changes: 9 additions & 0 deletions terraform/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
terraform {
required_version = ">= 1.6"
required_providers {
juju = {
source = "juju/juju"
version = "~> 0.14.0"
}
}
}
7 changes: 7 additions & 0 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,13 @@ deps =
-r requirements-lint.txt
description = Check code against coding style standards

[testenv:tflint]
allowlist_externals =
tflint
commands =
tflint --chdir=terraform --recursive
description = Check Terraform code against coding style standards

[testenv:unit]
commands =
coverage run --source={[vars]src_path} \
Expand Down
Loading