terraform-aws-eks-chartmuseum
Deploys chartmuseum to AWS EKS.
Usage
Example:
module "chartmuseum" {
source = "github.com/andreswebs/terraform-aws-eks-chartmuseum"
cluster_oidc_provider = var.eks_cluster_oidc_provider
k8s_namespace = "flux-system"
iam_role_name = "chartmuseum-${var.eks_cluster_id}"
s3_bucket_name = var.chartmuseum_s3_bucket_name
s3_object_key_prefix = "charts/"
chart_version_chartmuseum = var.chart_version_chartmuseum
}Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| chart_version_chartmuseum | Chart version | string |
null |
no |
| cluster_oidc_provider | OpenID Connect (OIDC) Identity Provider associated with the Kubernetes cluster | string |
n/a | yes |
| helm_atomic_creation | Purge resources on installation failure ? The wait flag will be set automatically if atomic is used | bool |
true |
no |
| helm_cleanup_on_fail | Deletion new resources created in this upgrade if the upgrade fails ? | bool |
true |
no |
| helm_create_namespace | Create the namespace if it does not yet exist ? | bool |
true |
no |
| helm_dependency_update | Run helm dependency update before installing the chart ? | bool |
false |
no |
| helm_force_update | Force resource update through delete/recreate if needed ? | bool |
false |
no |
| helm_keyring | Location of public keys used for verification; used only if verify is true | string |
".gnupg/pubring.gpg" |
no |
| helm_max_history | Maximum number of release versions stored per release; 0 means no limit |
number |
3 |
no |
| helm_recreate_pods | Perform pods restart during upgrade/rollback ? | bool |
true |
no |
| helm_release_name | Release name | string |
"chartmuseum" |
no |
| helm_replace | Re-use the given name, even if that name is already used; this is unsafe in production | bool |
false |
no |
| helm_reset_values | When upgrading, reset the values to the ones built into the chart ? | bool |
false |
no |
| helm_reuse_values | When upgrading, reuse the last release's values and merge any overrides ? If 'reset_values' is specified, this is ignored | bool |
false |
no |
| helm_skip_crds | Skip installing CRDs ? | bool |
false |
no |
| helm_timeout_seconds | Time in seconds to wait for any individual kubernetes operation | number |
300 |
no |
| helm_verify | Verify the package before installing it. Helm uses a provenance file to verify the integrity of the chart | bool |
false |
no |
| helm_wait_for_completion | Wait until all resources are in a ready state before marking the release as successful ? | bool |
true |
no |
| helm_wait_for_jobs | Wait until all Jobs have been completed before marking the release as successful ? | bool |
true |
no |
| iam_role_name | IAM role name | string |
"chartmuseum" |
no |
| k8s_namespace | Kubernetes namespace on which to install Chartmuseum | string |
"flux-system" |
no |
| k8s_sa_name | Name of the Kubernetes service account used by Chartmuseum | string |
"chartmuseum" |
no |
| s3_bucket_name | Name of S3 bucket for chart storage | string |
n/a | yes |
| s3_object_key_prefix | Prefix added to S3 object names | string |
null |
no |
Modules
| Name | Source | Version |
|---|---|---|
| iam | ./modules/iam | n/a |
| resources | ./modules/resources | n/a |
Outputs
| Name | Description |
|---|---|
| namespace | The name (metadata.name) of the Kubernetes namespace |
| policy | Managed IAM policies for access to Chartmuseum storage |
| release | Helm release |
| role | IAM role for the Kubernetes service account |
Providers
No providers.
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| aws | >= 3.48.0 |
| helm | >= 2.2.0 |
Resources
No resources.
Authors
Andre Silva - @andreswebs
License
This project is licensed under the Unlicense.