Merge pull request #114 from pluralsh/fix-gcp-setup

fix gcp setup

Author: michaeljguarino

charts/plural-operator/Chart.yaml

@@ -2,5 +2,5 @@ apiVersion: v2
 name: plural-operator
 description: A Helm chart for deploying the v1 plural operator, which is primarily responsible for managing our oauth proxy injector admission controller.
 type: application
-version: 0.1.3
+version: 0.1.4
 appVersion: "1.16.0"

charts/plural-operator/values.yaml

@@ -7,5 +7,5 @@ replicaCount: 1
 plural:
   enabled: true
   image:
-    repository: dkr.plural.sh/bootstrap/plural-operator
+    repository: ghcr.io/pluralsh/plural-operator
     tag: 0.6.0

helm/external-dns.yaml.liquid

@@ -1,6 +1,14 @@
 enabled: true
 
+{% if cluster.distro == "EKS" %}
 provider: aws
+{% endif %}
+{% if cluster.distro == "AKS" %}
+provider: azure
+{% endif %}
+{% if cluster.distro == "GKE" %}
+provider: google
+{% endif %}
 
 txtOwnerId: plrl-{{ cluster.handle }} # templating in the cluster handle, which is unique, to be the external-dns owner id
 
@@ -9,6 +17,24 @@ policy: sync
 domainFilters:
 - {{ cluster.metadata.dns_zone }} # check terraform/modules/clusters/aws/plural.tf for where this is set
 
+{% if cluster.distro == "EKS" %}
 serviceAccount:
   annotations:
-    eks.amazonaws.com/role-arn: {{ cluster.metadata.iam.external_dns }} 
+    eks.amazonaws.com/role-arn: {{ cluster.metadata.iam.external_dns }} 
+{% endif %}
+
+{% if cluster.distro == "AKS" %}
+serviceAccount:
+  annotations:
+    azure.workload.identity/client-id: {{ cluster.metadata.iam.external_dns }}
+
+podLabels:
+  labels:
+    azure.workload.identity/use: "true"
+{% endif %}
+
+{% if cluster.distro == "GKE" %}
+serviceAccount:
+  annotations:
+    iam.gke.io/gcp-service-account: {{ cluster.metadata.iam.external_dns }}
+{% endif %}

terraform/clouds/gcp/variables.tf

@@ -20,7 +20,7 @@ variable "kubernetes_version" {
 
 variable "node_pools" {
   type = list(any)
-  default = [{ name = "default-node-pool" }]
+  default = [{ name = "default-node-pool", machine_type = "n2-standard-2" }]
 }
 
 variable "node_pools_taints" {

terraform/core-infra/gcp/dns.tf

@@ -1,10 +1,10 @@
 data "google_dns_managed_zone" "prod" {
-  name    = "{{ replace .AppDomain \".\" \"-\" }}"
+  name    = "{{ replace "." "-" .AppDomain  }}"
   project = "{{ .Project }}"
 }
 
 resource "google_dns_managed_zone" "dev" {
-  name        = "{{ replace (printf \"dev.%s\" .AppDomain) \".\" \"-\" }}"
+  name        = "{{ replace "." "-" (printf "dev.%s" .AppDomain) }}"
   dns_name    = "dev.{{ .AppDomain }}."
   project     = "{{ .Project }}"
   description = "Dev zone for {{ .AppDomain }}"

terraform/modules/clusters/gcp/services.tf

@@ -1,6 +1,6 @@
 # annoyingly need to ensure these are enabled
 resource "google_project_service" "gcr" {
-  project = var.project_id
+  project = local.project_id
   service = "artifactregistry.googleapis.com"
 
   timeouts {
@@ -12,7 +12,7 @@ resource "google_project_service" "gcr" {
 }
 
 resource "google_project_service" "container" {
-  project = var.project_id
+  project = local.project_id
   service = "container.googleapis.com"
 
   timeouts {
@@ -24,7 +24,7 @@ resource "google_project_service" "container" {
 }
 
 resource "google_project_service" "iam" {
-  project = var.project_id
+  project = local.project_id
   service = "iam.googleapis.com"
 
   timeouts {
@@ -36,7 +36,7 @@ resource "google_project_service" "iam" {
 }
 
 resource "google_project_service" "storage" {
-  project = var.project_id
+  project = local.project_id
   service = "storage.googleapis.com"
 
   timeouts {
@@ -48,7 +48,7 @@ resource "google_project_service" "storage" {
 }
 
 resource "google_project_service" "dns" {
-  project = var.project_id
+  project = local.project_id
   service = "dns.googleapis.com"
 
   timeouts {
@@ -60,7 +60,7 @@ resource "google_project_service" "dns" {
 }
 
 resource "google_project_service" "compute" {
-  project = var.project_id
+  project = local.project_id
   service = "compute.googleapis.com"
 
   timeouts {
@@ -72,7 +72,7 @@ resource "google_project_service" "compute" {
 }
 
 resource "google_project_service" "sql" {
-  project = var.project_id
+  project = local.project_id
   service = "sqladmin.googleapis.com"
 
   timeouts {
@@ -84,7 +84,7 @@ resource "google_project_service" "sql" {
 }
 
 resource "google_project_service" "servicenetworking" {
-  project = var.project_id
+  project = local.project_id
   service = "servicenetworking.googleapis.com"
 
   timeouts {

terraform/modules/clusters/gcp/variables.tf

@@ -24,7 +24,7 @@ variable "kubernetes_version" {
 
 variable "node_pools" {
   type = list(any)
-  default = [ {name = "default-node-pool"} ]
+  default = [ {name = "default-node-pool", machine_type = "n2-standard-2"} ]
 }
 
 variable "node_pools_taints" {