This module is not intended for external use outside of the Cloud Platform team. This module is installed on an EKS cluster.
As with the rest of the Cloud Platform components, this module is referenced in ministryofjustice/cloud-platform-infrastructure/terraform/aws-accounts/cloud-platform-aws/vpc/eks/components/components.tf.
Most of the variables passed into the module are sensitive (secrets), which are encrypted via git-crypt in cloud-platform-infrastructure.
module "concourse" {
source = "github.com/ministryofjustice/cloud-platform-terraform-concourse?ref=1.10.7"
concourse_hostname = data.terraform_remote_state.cluster.outputs.cluster_domain_name
github_auth_client_id = var.github_auth_client_id
github_auth_client_secret = var.github_auth_client_secret
github_org = var.github_org
github_teams = var.github_teams
tf_provider_auth0_client_id = var.tf_provider_auth0_client_id
tf_provider_auth0_client_secret = var.tf_provider_auth0_client_secret
cloud_platform_infrastructure_git_crypt_key = var.cloud_platform_infrastructure_git_crypt_key
cloud_platform_infrastructure_pr_git_access_token = var.cloud_platform_infrastructure_pr_git_access_token
slack_hook_id = var.slack_hook_id
concourse-git-crypt = var.concourse-git-crypt
environments-git-crypt = var.environments-git-crypt
github_token = var.github_token
pingdom_user = var.pingdom_user
pingdom_password = var.pingdom_password
pingdom_api_key = var.pingdom_api_key
pingdom_api_token = var.pingdom_api_token
dockerhub_username = var.dockerhub_username
dockerhub_password = var.dockerhub_password
how_out_of_date_are_we_github_token = var.how_out_of_date_are_we_github_token
authorized_keys_github_token = var.authorized_keys_github_token
hoodaw_host = var.hoodaw_host
hoodaw_api_key = var.hoodaw_api_key
github_actions_secrets_token = var.github_actions_secrets_token
}| Name | Version |
|---|---|
| terraform | >= 1.2.5 |
| aws | >=4.24.0 |
| helm | >=2.6.0 |
| kubectl | 2.0.4 |
| kubernetes | >=2.12.1 |
| random | >=3.4.3 |
| tls | >=4.0.3 |
| Name | Version |
|---|---|
| aws | >=4.24.0 |
| helm | >=2.6.0 |
| kubectl | 2.0.4 |
| kubernetes | >=2.12.1 |
| random | >=3.4.3 |
| tls | >=4.0.3 |
| Name | Source | Version |
|---|---|---|
| irsa | github.com/ministryofjustice/cloud-platform-terraform-irsa | 2.0.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| application | Name of Application you are deploying | string |
"How Out Of Date Are We" |
no |
| authorized_keys_github_token | n/a | any |
n/a | yes |
| business_unit | Area of the MOJ responsible for the service. | string |
"Platforms" |
no |
| cloud_platform_infrastructure_git_crypt_key | n/a | any |
n/a | yes |
| cloud_platform_infrastructure_pr_git_access_token | Variable used to check PR status against cloud-platform-infrastructure repo | any |
n/a | yes |
| concourse-git-crypt | n/a | any |
n/a | yes |
| concourse_hostname | n/a | any |
n/a | yes |
| dockerhub_password | Dockerhub password - used to pull images and avoid hitting dockerhub API limits | any |
n/a | yes |
| dockerhub_username | Dockerhub password - used to pull images and avoid hitting dockerhub API limits | any |
n/a | yes |
| eks_cluster_name | Name of the EKS cluster | any |
n/a | yes |
| environment | The type of environment you're deploying to. | string |
"production" |
no |
| environments-git-crypt | n/a | any |
n/a | yes |
| github_actions_secrets_token | Github personal access token able to update any MoJ repository. Used to create github actions secrets | string |
"" |
no |
| github_auth_client_id | n/a | any |
n/a | yes |
| github_auth_client_secret | n/a | any |
n/a | yes |
| github_org | n/a | any |
n/a | yes |
| github_owner | The GitHub organization or individual user account containing the app's code repo. Used by the Github Terraform provider. See: https://user-guide.cloud-platform.service.justice.gov.uk/documentation/getting-started/ecr-setup.html#accessing-the-credentials | string |
"ministryofjustice" |
no |
| github_teams | n/a | any |
n/a | yes |
| github_token | n/a | any |
n/a | yes |
| hoodaw_api_key | API key to authenticate data posts to https://how-out-of-date-are-we.apps.live-1.cloud-platform.service.justice.gov.uk | string |
"" |
no |
| hoodaw_host | URL of the 'how-out-of-date-are-we' web application | string |
"" |
no |
| hoodaw_irsa_enabled | Enable IRSA for hoodaw | any |
n/a | yes |
| how_out_of_date_are_we_github_token | n/a | any |
n/a | yes |
| infrastructure_support | The team responsible for managing the infrastructure. Should be of the form team-email. | string |
"platforms@digital.justice.gov.uk" |
no |
| is_production | n/a | string |
"true" |
no |
| limit_active_tasks | the maximum number of tasks a concourse worker can run | number |
2 |
no |
| namespace | n/a | string |
"concourse-main" |
no |
| pingdom_api_key | n/a | any |
n/a | yes |
| pingdom_api_token | n/a | any |
n/a | yes |
| pingdom_password | n/a | any |
n/a | yes |
| pingdom_user | n/a | any |
n/a | yes |
| slack_bot_token | n/a | any |
n/a | yes |
| slack_channel | Team slack channel to use if we need to contact your team | string |
"cloud-platform" |
no |
| slack_hook_id | n/a | any |
n/a | yes |
| slack_webhook_url | n/a | any |
n/a | yes |
| team_name | The name of your development team | string |
"webops" |
no |
| tf_provider_auth0_client_id | Client ID (prod) for auth0, it is used by divergence pipelines | any |
n/a | yes |
| tf_provider_auth0_client_secret | Client Secret (prod) for auth0, it is used by divergence pipelines | any |
n/a | yes |
No outputs.