feat: First code for module

Author: timdeluxe

.terraform-docs.yml

@@ -0,0 +1,5 @@
+formatter: markdown document
+output:
+  file: "README.md"
+settings:
+  anchor: false

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 DO! DevOps
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,2 +1,118 @@
-# terraform-azure-certmanager
-Highly opinionated Terraform management of cert manager on Azure Kubernetes Service (AKS)
+# Terraform managemen of cert-manager on AKS
+
+## Introduction
+
+This module manages cert-manager on AKS (Azure Kubernetes Service)
+
+## K8S requirements
+
+This module requires Kubernetes >= 1.19, see https://cert-manager.io/docs/installation/helm/#option-2-install-crds-as-part-of-the-helm-release
+
+## Usage
+
+Instantiate the module by calling it from Terraform like this:
+
+```hcl
+module "azure-basics" {
+  source  = "dodevops/certmanager/azure"
+  version = "<version>"
+}
+```
+
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+The following providers are used by this module:
+
+- azurerm
+
+## Modules
+
+No modules.
+
+## Resources
+
+The following resources are used by this module:
+
+- [azurerm_management_lock.resource-group-level](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_lock) (resource)
+- [azurerm_proximity_placement_group.ppg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/proximity_placement_group) (resource)
+- [azurerm_resource_group.azure-resource-group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
+
+## Required Inputs
+
+The following input variables are required:
+
+### location
+
+Description: The azure location used for azure
+
+Type: `string`
+
+### project
+
+Description: Three letter project key
+
+Type: `string`
+
+### stage
+
+Description: Stage for this ressource group
+
+Type: `string`
+
+## Optional Inputs
+
+The following input variables are optional (have default values):
+
+### lock
+
+Description: Lock ressource group for deletion
+
+Type: `bool`
+
+Default: `true`
+
+### manage\_proximity\_placement\_group
+
+Description: Manage a proximity placement group for the resource group
+
+Type: `bool`
+
+Default: `true`
+
+### tags
+
+Description: Map of tags for the resources
+
+Type: `map(any)`
+
+Default: `{}`
+
+## Outputs
+
+The following outputs are exported:
+
+### location
+
+Description: The location input variable (can be used for dependency resolution)
+
+### ppg\_id
+
+Description: The ID of the generated proximity placement group
+
+### resource\_group
+
+Description: The name of the generated resource group
+<!-- END_TF_DOCS -->
+
+## Development
+
+Use [terraform-docs](https://terraform-docs.io/) to generate the API documentation by running
+
+    terraform fmt .
+    terraform-docs .

main.tf

@@ -0,0 +1,66 @@
+# Installs and configures cert-manager
+
+resource "kubernetes_namespace" "cert-manager" {
+  metadata {
+    name = "cert-manager"
+  }
+}
+
+# documentation: https://cert-manager.io/docs/installation/helm/
+resource "helm_release" "cert-manager" {
+  name       = "cert-manager"
+  repository = "https://charts.jetstack.io"
+  chart      = "cert-manager"
+  version    = "v1.5.4"
+  namespace  = kubernetes_namespace.cert-manager.metadata.0.name
+
+  set {
+    name = "installCRDs"
+    value = "true"
+  }
+}
+
+resource "helm_release" "cert-manager-clusterissuer" {
+  name = "cert-manager-clusterissuer"
+  chart = "../helm-charts/cert-manager-cluster-issuer"
+
+  set {
+    name = "letsencryptEmail"
+    value = var.email
+  }
+
+  depends_on = [
+    helm_release.cert-manager,
+  ]
+}
+
+# TODO: to replaced by helm chart
+//
+//resource "kubernetes_manifest" "cluster-issuer-prod" {
+//  manifest = {
+//    apiVersion = "cert-manager.io/v1alpha2" # TODO, still correct?
+//    kind = "ClusterIssuer"
+//    metadata = {
+//      name = "letsencrypt-prod"
+//    }
+//  }
+//}
+//
+//apiVersion: cert-manager.io/v1alpha2
+//kind: ClusterIssuer
+//metadata:
+//    name: letsencrypt-prod
+//spec:
+//    acme:
+//        # The ACME server URL
+//        server: https://acme-v02.api.letsencrypt.org/directory
+//        # Email address used for ACME registration
+//        email: {{ .Values.letsencryptEmail }}
+//        # Name of a secret used to store the ACME account private key
+//        privateKeySecretRef:
+//            name: letsencrypt-prod
+//        # Enable the HTTP-01 challenge provider
+//        solvers:
+//            - http01:
+//                  ingress:
+//                      class: nginx

terraform.tf

@@ -0,0 +1,9 @@
+# setting required because we need helm >= 3.3, see https://cert-manager.io/docs/installation/helm/#option-2-install-crds-as-part-of-the-helm-release
+terraform {
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = ">= 1.3.1"
+    }
+  }
+}

vars.tf

@@ -0,0 +1,4 @@
+variable "email" {
+  type = string
+  description = "Notification-Address"
+}