diff --git a/.github/workflows/linter-analysis.yaml b/.github/workflows/linter-analysis.yaml index 79ce661b..954c9818 100644 --- a/.github/workflows/linter-analysis.yaml +++ b/.github/workflows/linter-analysis.yaml @@ -1,7 +1,7 @@ name: Linter Analysis on: push: - branches: ['*'] # '*' will cause the workflow to run on all commits to all branches. + branches: ['**'] # '*' will cause the workflow to run on all commits to all branches. jobs: # Hadolint: Job-1 @@ -52,8 +52,11 @@ jobs: tflint_version: latest github_token: ${{ secrets.LINTER_TOKEN }} + - name: Initializing viya4-iac-azure + run: terraform init + - name: Initializing TFLint - run: TFLINT_LOG=info tflint --init -c .tflint.hcl + run: TFLINT_LOG=info tflint --init -c "$(pwd)/linting-configs/.tflint.hcl" - name: Run TFLint Action - run: TFLINT_LOG=info tflint -c .tflint.hcl + run: TFLINT_LOG=info tflint -c "$(pwd)/linting-configs/.tflint.hcl" --recursive diff --git a/Dockerfile b/Dockerfile index 1f92e10c..a43b688b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ -ARG TERRAFORM_VERSION=1.6.4 -ARG AZURECLI_VERSION=2.54.0 +ARG TERRAFORM_VERSION=1.6.6 +ARG AZURECLI_VERSION=2.56.0 FROM hashicorp/terraform:$TERRAFORM_VERSION as terraform FROM mcr.microsoft.com/azure-cli:$AZURECLI_VERSION -ARG KUBECTL_VERSION=1.26.10 +ARG KUBECTL_VERSION=1.27.9 WORKDIR /viya4-iac-azure diff --git a/README.md b/README.md index ce6592d3..c48ff0a2 100644 --- a/README.md +++ b/README.md @@ -57,10 +57,10 @@ This project supports two options for running Terraform scripts: Access to an **Azure Subscription** and an [**Identity**](./docs/user/TerraformAzureAuthentication.md) with the *Contributor* role are required. #### Terraform Requirements: -- [Terraform](https://www.terraform.io/downloads.html) - v1.6.4 -- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl) - v1.26 +- [Terraform](https://www.terraform.io/downloads.html) - v1.6.6 +- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl) - v1.27.9 - [jq](https://stedolan.github.io/jq/) - v1.6 -- [Azure CLI](https://docs.microsoft.com/en-us/cli/azure) - (optional - useful as an alternative to the Azure Portal) - v2.54.0 +- [Azure CLI](https://docs.microsoft.com/en-us/cli/azure) - (optional - useful as an alternative to the Azure Portal) - v2.56.0 #### Docker Requirements: - [Docker](https://docs.docker.com/get-docker/) diff --git a/container-structure-test.yaml b/container-structure-test.yaml index 56008126..1cd2c732 100644 --- a/container-structure-test.yaml +++ b/container-structure-test.yaml @@ -17,7 +17,7 @@ commandTests: - name: "terraform version" command: "terraform" args: ["--version"] - expectedOutput: ["Terraform v1.6.4"] + expectedOutput: ["Terraform v1.6.6"] - name: "python version" command: "python3" args: ["--version"] @@ -29,7 +29,7 @@ commandTests: - -c - | az version -o tsv - expectedOutput: ["2.54.0\t2.54.0\t1.1.0"] + expectedOutput: ["2.56.0\t2.56.0\t1.1.0"] metadataTest: workdir: "/viya4-iac-azure" diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index 696ec959..847e85dd 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -182,7 +182,7 @@ Ubuntu 20.04 LTS is the operating system used on the Jump/NFS servers. Ubuntu cr | :--- | ---: | ---: | ---: | ---: | | partner_id | A GUID that is registered with Microsoft to facilitate partner resource usage attribution | string | "5d27f3ae-e49c-4dea-9aa3-b44e4750cd8c" | Defaults to SAS partner GUID. When you deploy this Terraform configuration, Microsoft can identify the installation of SAS software with the deployed Azure resources. Microsoft can then correlate the resources that are used to support the software. Microsoft collects this information to provide the best experiences with their products and to operate their business. The data is collected and governed by Microsoft's privacy policies, located at https://www.microsoft.com/trustcenter. | | create_static_kubeconfig | Allows the user to create a provider / service account-based kubeconfig file | bool | true | A value of `false` will default to using the cloud provider's mechanism for generating the kubeconfig file. A value of `true` will create a static kubeconfig that uses a `Service Account` and `Cluster Role Binding` to provide credentials. | -| kubernetes_version | The AKS cluster Kubernetes version | string | "1.26" |Use of specific versions is still supported. If you need exact kubernetes version please use format `x.y.z`, where `x` is the major version, `y` is the minor version, and `z` is the patch version | +| kubernetes_version | The AKS cluster Kubernetes version | string | "1.27" |Use of specific versions is still supported. If you need exact kubernetes version please use format `x.y.z`, where `x` is the major version, `y` is the minor version, and `z` is the patch version | | create_jump_vm | Create bastion host | bool | true | | | create_jump_public_ip | Add public IP address to the jump VM | bool | true | | | enable_jump_public_static_ip | Enables `Static` allocation method for the public IP address of Jump Server. Setting false will enable `Dynamic` allocation method. | bool | true | Only used with `create_jump_public_ip=true` | diff --git a/examples/sample-input-byo.tfvars b/examples/sample-input-byo.tfvars index 39adba66..6744614b 100644 --- a/examples/sample-input-byo.tfvars +++ b/examples/sample-input-byo.tfvars @@ -45,7 +45,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input-connect.tfvars b/examples/sample-input-connect.tfvars index a85f1d1c..48799803 100644 --- a/examples/sample-input-connect.tfvars +++ b/examples/sample-input-connect.tfvars @@ -34,7 +34,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input-ha.tfvars b/examples/sample-input-ha.tfvars index d5c4050e..561f0bbe 100644 --- a/examples/sample-input-ha.tfvars +++ b/examples/sample-input-ha.tfvars @@ -32,7 +32,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input-minimal.tfvars b/examples/sample-input-minimal.tfvars index 4cc68d2b..a91dfb6d 100644 --- a/examples/sample-input-minimal.tfvars +++ b/examples/sample-input-minimal.tfvars @@ -32,7 +32,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D4_v3" #v3 still has local temp storage diff --git a/examples/sample-input-postgres.tfvars b/examples/sample-input-postgres.tfvars index b8e7c05a..9c4c40b1 100644 --- a/examples/sample-input-postgres.tfvars +++ b/examples/sample-input-postgres.tfvars @@ -86,7 +86,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input-ppg.tfvars b/examples/sample-input-ppg.tfvars index c79a12fa..2df3be14 100644 --- a/examples/sample-input-ppg.tfvars +++ b/examples/sample-input-ppg.tfvars @@ -33,7 +33,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input-singlestore.tfvars b/examples/sample-input-singlestore.tfvars index ec2952de..d6e76fb3 100644 --- a/examples/sample-input-singlestore.tfvars +++ b/examples/sample-input-singlestore.tfvars @@ -34,7 +34,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/examples/sample-input.tfvars b/examples/sample-input.tfvars index 73e26d9c..0d5f5e4c 100644 --- a/examples/sample-input.tfvars +++ b/examples/sample-input.tfvars @@ -34,7 +34,7 @@ container_registry_sku = "Standard" container_registry_admin_enabled = false # AKS config -kubernetes_version = "1.26" +kubernetes_version = "1.27" default_nodepool_min_nodes = 2 default_nodepool_vm_type = "Standard_D8s_v4" diff --git a/linting-configs/.tflint.hcl b/linting-configs/.tflint.hcl index cc2593de..f49fac6a 100644 --- a/linting-configs/.tflint.hcl +++ b/linting-configs/.tflint.hcl @@ -26,3 +26,14 @@ plugin "terraform" { rule "azurerm_kubernetes_cluster_default_node_pool_invalid_vm_size" { enabled = false } + +# We specify the versions and providers in the top level versions.tf. +# This stops it from throwing a warning when scanning our modules +# in viya4-iac-azure/modules/ +rule "terraform_required_version" { + enabled = false +} + +rule "terraform_required_providers" { + enabled = false +} diff --git a/locals.tf b/locals.tf index 19666a15..99b57c5b 100644 --- a/locals.tf +++ b/locals.tf @@ -5,7 +5,7 @@ locals { # Useful flags ssh_public_key = (var.create_jump_vm || var.storage_type == "standard" - ? file(var.ssh_public_key) + ? can(file(var.ssh_public_key)) ? file(var.ssh_public_key) : var.ssh_public_key != null ? length(var.ssh_public_key) > 0 ? var.ssh_public_key : null : null : null ) diff --git a/main.tf b/main.tf index dc607342..bd14d89b 100644 --- a/main.tf +++ b/main.tf @@ -131,7 +131,6 @@ module "aks" { aks_cluster_name = "${var.prefix}-aks" aks_cluster_rg = local.aks_rg.name - aks_cluster_rg_id = local.aks_rg.id aks_cluster_dns_prefix = "${var.prefix}-aks" aks_cluster_sku_tier = var.aks_cluster_sku_tier aks_cluster_location = var.location @@ -241,7 +240,6 @@ module "netapp" { prefix = var.prefix resource_group_name = local.aks_rg.name location = var.location - vnet_name = module.vnet.name subnet_id = module.vnet.subnets["netapp"].id network_features = var.netapp_network_features service_level = var.netapp_service_level diff --git a/modules/aks_node_pool/variables.tf b/modules/aks_node_pool/variables.tf index b84cf6f7..1ab640db 100755 --- a/modules/aks_node_pool/variables.tf +++ b/modules/aks_node_pool/variables.tf @@ -85,8 +85,8 @@ variable "min_nodes" { variable "node_taints" { description = "A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created." - type = list(any) - default = [] + type = list(any) + default = [] } variable "node_labels" { diff --git a/modules/azure_aks/main.tf b/modules/azure_aks/main.tf index d1d0098c..85078514 100644 --- a/modules/azure_aks/main.tf +++ b/modules/azure_aks/main.tf @@ -3,22 +3,22 @@ # Reference: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster resource "azurerm_kubernetes_cluster" "aks" { - name = var.aks_cluster_name - location = var.aks_cluster_location - resource_group_name = var.aks_cluster_rg - dns_prefix = var.aks_private_cluster == false || var.aks_cluster_private_dns_zone_id == "" ? var.aks_cluster_dns_prefix : null - dns_prefix_private_cluster = var.aks_private_cluster && var.aks_cluster_private_dns_zone_id != "" ? var.aks_cluster_dns_prefix : null - - sku_tier = var.aks_cluster_sku_tier - role_based_access_control_enabled = true - http_application_routing_enabled = false - + name = var.aks_cluster_name + location = var.aks_cluster_location + resource_group_name = var.aks_cluster_rg + dns_prefix = var.aks_private_cluster == false || var.aks_cluster_private_dns_zone_id == "" ? var.aks_cluster_dns_prefix : null + dns_prefix_private_cluster = var.aks_private_cluster && var.aks_cluster_private_dns_zone_id != "" ? var.aks_cluster_dns_prefix : null + + sku_tier = var.aks_cluster_sku_tier + role_based_access_control_enabled = true + http_application_routing_enabled = false + # https://docs.microsoft.com/en-us/azure/aks/supported-kubernetes-versions # az aks get-versions --location eastus -o table - kubernetes_version = var.kubernetes_version - api_server_authorized_ip_ranges = var.aks_cluster_endpoint_public_access_cidrs - private_cluster_enabled = var.aks_private_cluster - private_dns_zone_id = var.aks_private_cluster && var.aks_cluster_private_dns_zone_id != "" ? var.aks_cluster_private_dns_zone_id : (var.aks_private_cluster ? "System" : null) + kubernetes_version = var.kubernetes_version + api_server_authorized_ip_ranges = var.aks_cluster_endpoint_public_access_cidrs + private_cluster_enabled = var.aks_private_cluster + private_dns_zone_id = var.aks_private_cluster && var.aks_cluster_private_dns_zone_id != "" ? var.aks_cluster_private_dns_zone_id : (var.aks_private_cluster ? "System" : null) network_profile { network_plugin = var.aks_network_plugin @@ -45,7 +45,7 @@ resource "azurerm_kubernetes_cluster" "aks" { content { admin_username = var.aks_cluster_node_admin ssh_key { - key_data = var.aks_cluster_ssh_public_key + key_data = var.aks_cluster_ssh_public_key } } } @@ -80,7 +80,7 @@ resource "azurerm_kubernetes_cluster" "aks" { dynamic "identity" { for_each = var.aks_uai_id == null ? [] : [1] content { - type = "UserAssigned" + type = "UserAssigned" identity_ids = [var.aks_uai_id] } } @@ -108,8 +108,8 @@ resource "azurerm_kubernetes_cluster" "aks" { } - data "azurerm_public_ip" "cluster_public_ip" { - count = var.cluster_egress_type == "loadBalancer" ? 1 : 0 +data "azurerm_public_ip" "cluster_public_ip" { + count = var.cluster_egress_type == "loadBalancer" ? 1 : 0 # effective_outbound_ips is a set of strings, that needs to be converted to a list type name = split("/", tolist(azurerm_kubernetes_cluster.aks.network_profile[0].load_balancer_profile[0].effective_outbound_ips)[0])[8] diff --git a/modules/azure_aks/variables.tf b/modules/azure_aks/variables.tf index 92795558..787c01ef 100644 --- a/modules/azure_aks/variables.tf +++ b/modules/azure_aks/variables.tf @@ -11,11 +11,6 @@ variable "aks_cluster_rg" { type = string } -variable "aks_cluster_rg_id" { - description = "The `azurerm_kubernetes_cluster`'s id." - type = string -} - variable "aks_cluster_dns_prefix" { description = "DNS prefix specified when creating the managed cluster." type = string @@ -115,7 +110,7 @@ variable "aks_cluster_max_pods" { variable "kubernetes_version" { description = "The AKS cluster K8s version" type = string - default = "1.26" + default = "1.27" } variable "aks_cluster_endpoint_public_access_cidrs" { @@ -146,7 +141,7 @@ variable "aks_dns_service_ip" { type = string default = "10.0.0.10" validation { - condition = var.aks_dns_service_ip != null ? can(regex("^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$",var.aks_dns_service_ip)) : false + condition = var.aks_dns_service_ip != null ? can(regex("^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", var.aks_dns_service_ip)) : false error_message = "ERROR: aks_dns_service_ip - value must not be null and must be a valid IP address." } @@ -225,6 +220,6 @@ variable "cluster_egress_type" { } variable "aks_cluster_private_dns_zone_id" { - type = string + type = string default = "" } diff --git a/modules/azurerm_netapp/outputs.tf b/modules/azurerm_netapp/outputs.tf index a9d2530c..75b68b3f 100644 --- a/modules/azurerm_netapp/outputs.tf +++ b/modules/azurerm_netapp/outputs.tf @@ -10,7 +10,7 @@ output "netapp_pool_id" { } output "netapp_endpoint" { - value = azurerm_netapp_volume.anf.mount_ip_addresses.0 + value = azurerm_netapp_volume.anf.mount_ip_addresses[0] } output "netapp_path" { diff --git a/modules/azurerm_netapp/variables.tf b/modules/azurerm_netapp/variables.tf index 719a6d60..c52fc787 100644 --- a/modules/azurerm_netapp/variables.tf +++ b/modules/azurerm_netapp/variables.tf @@ -1,12 +1,6 @@ # Copyright © 2020-2023, SAS Institute Inc., Cary, NC, USA. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 -variable create_netapp { - description = "Boolean flag to create Azure NetApp Files" - type = bool - default = false -} - variable "prefix" { description = "A prefix used in the name for all the Azure resources created by this script." type = string @@ -22,11 +16,6 @@ variable "location" { type = string } -variable "vnet_name" { - description = "Azure Virtual Network" - type = string -} - variable "subnet_id" { description = "Azure subnet id for Azure NetApp Files" type = string diff --git a/modules/azurerm_postgresql_flex/main.tf b/modules/azurerm_postgresql_flex/main.tf index 54ef2695..e2e12523 100644 --- a/modules/azurerm_postgresql_flex/main.tf +++ b/modules/azurerm_postgresql_flex/main.tf @@ -49,14 +49,14 @@ resource "azurerm_postgresql_flexible_server" "flexpsql" { } resource "azurerm_postgresql_flexible_server_configuration" "flexpsql" { - for_each = { - for config in var.postgresql_configurations: - config.name => config + for_each = { + for config in var.postgresql_configurations : + config.name => config } - name = each.value.name - server_id = azurerm_postgresql_flexible_server.flexpsql.id - value = each.value.value + name = each.value.name + server_id = azurerm_postgresql_flexible_server.flexpsql.id + value = each.value.value } resource "azurerm_postgresql_flexible_server_firewall_rule" "flexpsql" { diff --git a/modules/azurerm_postgresql_flex/variables.tf b/modules/azurerm_postgresql_flex/variables.tf index 6e43fdc2..68ef4bfc 100644 --- a/modules/azurerm_postgresql_flex/variables.tf +++ b/modules/azurerm_postgresql_flex/variables.tf @@ -98,9 +98,3 @@ variable "delegated_subnet_id" { description = "The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. Changing this forces a new PostgreSQL Flexible Server to be created." type = string } - -variable "private_dns_zone_id" { - description = "The ID of the private DNS zone to create the PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created." - type = string - default = null -} diff --git a/modules/azurerm_vnet/main.tf b/modules/azurerm_vnet/main.tf index 7a0a1387..f27a7a28 100644 --- a/modules/azurerm_vnet/main.tf +++ b/modules/azurerm_vnet/main.tf @@ -4,9 +4,9 @@ # Sourced and modified from https://github.com/Azure/terraform-azurerm-vnet locals { vnet_name = coalesce(var.name, "${var.prefix}-vnet") - subnets = ( length(var.existing_subnets) == 0 - ? [ for k, v in azurerm_subnet.subnet[*] :{ for kk, vv in v: kk => {"id": vv.id, "address_prefixes": vv.address_prefixes }}][0] - : [ for k, v in data.azurerm_subnet.subnet[*] :{for kk, vv in v: kk => {"id": vv.id, "address_prefixes": vv.address_prefixes }}][0] + subnets = (length(var.existing_subnets) == 0 + ? [for k, v in azurerm_subnet.subnet[*] : { for kk, vv in v : kk => { "id" : vv.id, "address_prefixes" : vv.address_prefixes } }][0] + : [for k, v in data.azurerm_subnet.subnet[*] : { for kk, vv in v : kk => { "id" : vv.id, "address_prefixes" : vv.address_prefixes } }][0] ) } @@ -35,14 +35,14 @@ data "azurerm_subnet" "subnet" { } resource "azurerm_subnet" "subnet" { - for_each = length(var.existing_subnets) == 0 ? var.subnets : {} - name = "${var.prefix}-${each.key}-subnet" - resource_group_name = var.resource_group_name - virtual_network_name = local.vnet_name - address_prefixes = each.value.prefixes - service_endpoints = each.value.service_endpoints - private_endpoint_network_policies_enabled = each.value.private_endpoint_network_policies_enabled - private_link_service_network_policies_enabled = each.value.private_link_service_network_policies_enabled + for_each = length(var.existing_subnets) == 0 ? var.subnets : {} + name = "${var.prefix}-${each.key}-subnet" + resource_group_name = var.resource_group_name + virtual_network_name = local.vnet_name + address_prefixes = each.value.prefixes + service_endpoints = each.value.service_endpoints + private_endpoint_network_policies_enabled = each.value.private_endpoint_network_policies_enabled + private_link_service_network_policies_enabled = each.value.private_link_service_network_policies_enabled dynamic "delegation" { for_each = each.value.service_delegations content { diff --git a/modules/kubeconfig/main.tf b/modules/kubeconfig/main.tf index f4361123..88d40a9e 100644 --- a/modules/kubeconfig/main.tf +++ b/modules/kubeconfig/main.tf @@ -21,8 +21,8 @@ locals { cluster_name = var.cluster_name endpoint = var.endpoint name = local.service_account_name - ca_crt = base64encode(lookup(data.kubernetes_secret.sa_secret[0].data,"ca.crt", "")) - token = lookup(data.kubernetes_secret.sa_secret[0].data,"token", "") + ca_crt = base64encode(lookup(data.kubernetes_secret.sa_secret[0].data, "ca.crt", "")) + token = lookup(data.kubernetes_secret.sa_secret[0].data, "token", "") namespace = var.namespace }) : null } @@ -33,7 +33,7 @@ data "kubernetes_secret" "sa_secret" { name = kubernetes_secret.sa_secret[0].metadata[0].name namespace = var.namespace } - + depends_on = [kubernetes_secret.sa_secret] } @@ -66,7 +66,7 @@ resource "kubernetes_service_account" "kubernetes_sa" { resource "kubernetes_cluster_role_binding" "kubernetes_crb" { count = var.create_static_kubeconfig ? 1 : 0 metadata { - name = local.cluster_role_binding_name + name = local.cluster_role_binding_name } role_ref { api_group = "rbac.authorization.k8s.io" diff --git a/modules/kubeconfig/output.tf b/modules/kubeconfig/output.tf index c9de0960..a7a3877d 100644 --- a/modules/kubeconfig/output.tf +++ b/modules/kubeconfig/output.tf @@ -2,6 +2,6 @@ # SPDX-License-Identifier: Apache-2.0 output "kube_config" { - value = local_file.kubeconfig.content + value = local_file.kubeconfig.content sensitive = true } diff --git a/variables.tf b/variables.tf index ee188417..4515d73d 100644 --- a/variables.tf +++ b/variables.tf @@ -121,7 +121,7 @@ variable "default_nodepool_vm_type" { variable "kubernetes_version" { description = "The AKS cluster K8s version" type = string - default = "1.26" + default = "1.27" } variable "default_nodepool_max_nodes" { @@ -756,8 +756,8 @@ variable "aks_identity" { variable "aks_cluster_private_dns_zone_id" { description = "Specify private DNS zone resource ID for AKS private cluster to use." - type = string - default = "" + type = string + default = "" } ## Message Broker - Azure Service Bus - Experimental diff --git a/versions.tf b/versions.tf index 045f1d38..249f9dbb 100644 --- a/versions.tf +++ b/versions.tf @@ -3,40 +3,40 @@ terraform { - required_version = ">= 1.6.4" + required_version = ">= 1.6.6" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "3.81.0" + version = "3.86.0" } azuread = { source = "hashicorp/azuread" - version = "2.46.0" + version = "~>2.47" } external = { source = "hashicorp/external" - version = "2.3.2" + version = "~>2.3" } local = { source = "hashicorp/local" - version = "2.4.0" + version = "~>2.4" } null = { source = "hashicorp/null" - version = "3.2.2" + version = "~>3.2" } tls = { source = "hashicorp/tls" - version = "4.0.4" + version = "~>4.0" } cloudinit = { source = "hashicorp/cloudinit" - version = "2.3.2" + version = "~>2.3" } kubernetes = { source = "hashicorp/kubernetes" - version = "2.23.0" + version = "~>2.25" } } }