Move ca files into own modules

Signed-off-by: JoshVanL <[email protected]>

Author: JoshVanL

demo/infrastructure/amazon/dns.tf

@@ -7,3 +7,10 @@ data "external" "externaldns" {
   program = ["jq", ".externaldns", "../../manifests/google-config.json"]
   query   = { }
 }
+
+module "ca" {
+  source = "../modules/ca"
+
+  ca_crt_file = "${var.ca_crt_file}"
+  ca_key_file = "${var.ca_key_file}"
+}

demo/infrastructure/amazon/outputs.tf

@@ -3,6 +3,11 @@ locals {
     cert_manager = "${data.external.cert_manager.result}"
     externaldns  = "${data.external.externaldns.result}"
     gangway      = "${module.gangway.config}"
+
+    ca = {
+      key = "${module.ca.key}"
+      crt = "${module.ca.crt}"
+    }
   }
 }
 

demo/infrastructure/amazon/providers.tf

@@ -20,3 +20,6 @@ module "cluster" {
 
   cluster_version = "${var.cluster_version}"
 }
+
+variable "ca_crt_file" {}
+variable "ca_key_file" {}

demo/infrastructure/digitalocean/dns.tf

@@ -7,3 +7,10 @@ data "external" "externaldns" {
   program = ["jq", ".externaldns", "../../manifests/google-config.json"]
   query   = {}
 }
+
+module "ca" {
+  source = "../modules/ca"
+
+  ca_crt_file = "${var.ca_crt_file}"
+  ca_key_file = "${var.ca_key_file}"
+}

demo/infrastructure/digitalocean/outputs.tf

@@ -3,6 +3,11 @@ locals {
     cert_manager = "${data.external.cert_manager.result}"
     externaldns  = "${data.external.externaldns.result}"
     gangway      = "${module.gangway.config}"
+
+    ca = {
+      key = "${module.ca.key}"
+      crt = "${module.ca.crt}"
+    }
   }
 }
 

demo/infrastructure/digitalocean/providers.tf

@@ -5,7 +5,7 @@ variable "digitalocean_region" {
 }
 
 variable "cluster_version" {
-  default = "1.12.8-do.1"
+  default = "1.15.5-do.0"
 }
 
 module "cluster" {
@@ -15,3 +15,6 @@ module "cluster" {
   cluster_version = "${var.cluster_version}"
   region          = "${var.digitalocean_region}"
 }
+
+variable "ca_crt_file" {}
+variable "ca_key_file" {}

demo/infrastructure/google/dns.tf

@@ -1,6 +1,10 @@
 module "dns" {
   source = "../modules/google-dns"
   suffix = "${random_id.suffix.hex}"
+}
+
+module "ca" {
+  source  = "../modules/ca"
 
   ca_crt_file = "${var.ca_crt_file}"
   ca_key_file = "${var.ca_key_file}"

demo/infrastructure/google/output.tf

@@ -3,6 +3,11 @@ locals {
     cert_manager = "${module.dns.config}"
     externaldns  = "${module.dns.config}"
     gangway      = "${module.gangway.config}"
+
+    ca = {
+      key = "${module.ca.key}"
+      crt = "${module.ca.crt}"
+    }
   }
 }
 

demo/infrastructure/modules/ca/ca.tf

@@ -0,0 +1,19 @@
+variable "ca_crt_file" {}
+variable "ca_key_file" {}
+
+data "local_file" "crt_file" {
+    filename = "${var.ca_crt_file}"
+}
+
+data "local_file" "key_file" {
+    filename = "${var.ca_key_file}"
+}
+
+
+output "crt" {
+  value = "${data.local_file.crt_file.content}"
+}
+
+output "key" {
+  value = "${data.local_file.key_file.content}"
+}

demo/infrastructure/modules/google-dns/dns.tf

@@ -1,8 +1,5 @@
 variable "suffix" {}
 
-variable "ca_crt_file" {}
-variable "ca_key_file" {}
-
 resource "google_service_account" "external_dns" {
   account_id   = "external-dns-${var.suffix}"
   display_name = "External DNS/Cert Manager service account for GKE cluster cluster-${var.suffix}"
@@ -18,21 +15,11 @@ resource "google_service_account_key" "external_dns" {
   service_account_id = "${google_service_account.external_dns.account_id}"
 }
 
-data "local_file" "ca_crt" {
-    filename = "${var.ca_crt_file}"
-}
-
-data "local_file" "ca_key" {
-    filename = "${var.ca_key_file}"
-}
-
 output "config" {
   value = {
     service_account_credentials = "${base64decode(google_service_account_key.external_dns.private_key)}"
 
     project  = "${google_service_account.external_dns.project}"
     provider = "google"
-    ca_crt   = "${data.local_file.ca_crt.content}"
-    ca_key   = "${data.local_file.ca_key.content}"
   }
 }