Skip to content

Commit 0d0618b

Browse files
boomanaiden154boomanaiden154
authored
[CI] Refactor helm charts and monitoring into module
This patch refactors the helm charts and monitoring into a terraform module. This makes it easier to reuse them for a HA setup where we have multiple clusters. We leave the metrics container out on purpose as we only need to run it in one cluster. Reviewers: cmtice, dschuff, Keenuts, gburgessiv, lnihlen Reviewed By: lnihlen Pull Request: #442
1 parent 5c0c3d8 commit 0d0618b

File tree

5 files changed

+257
-159
lines changed

5 files changed

+257
-159
lines changed

premerge/main.tf

Lines changed: 49 additions & 157 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,7 @@ provider "helm" {
7979
client_key = base64decode(module.premerge_cluster.client_key)
8080
cluster_ca_certificate = base64decode(module.premerge_cluster.cluster_ca_certificate)
8181
}
82+
alias = "llvm-premerge-prototype"
8283
}
8384

8485
data "google_secret_manager_secret_version" "github_app_id" {
@@ -103,183 +104,72 @@ provider "kubernetes" {
103104
cluster_ca_certificate = base64decode(
104105
module.premerge_cluster.cluster_ca_certificate
105106
)
107+
alias = "llvm-premerge-prototype"
106108
}
107109

108-
resource "kubernetes_namespace" "llvm_premerge_controller" {
109-
metadata {
110-
name = "llvm-premerge-controller"
110+
module "premerge_cluster_resources" {
111+
source = "./premerge_resources"
112+
github_app_id = data.google_secret_manager_secret_version.github_app_id.secret_data
113+
github_app_installation_id = data.google_secret_manager_secret_version.github_app_installation_id.secret_data
114+
github_app_private_key = data.google_secret_manager_secret_version.github_app_private_key.secret_data
115+
cluster_name = "llvm-premerge-prototype"
116+
grafana_token = data.google_secret_manager_secret_version.grafana_token.secret_data
117+
providers = {
118+
kubernetes = kubernetes.llvm-premerge-prototype
119+
helm = helm.llvm-premerge-prototype
111120
}
112121
}
113122

114-
resource "kubernetes_namespace" "llvm_premerge_linux_runners" {
115-
metadata {
116-
name = "llvm-premerge-linux-runners"
117-
}
123+
# TODO(boomanaiden154): Remove these moved blocks once we have finished
124+
# updating everything to use the new module.
125+
moved {
126+
from = kubernetes_namespace.llvm_premerge_controller
127+
to = module.premerge_cluster_resources.kubernetes_namespace.llvm_premerge_controller
118128
}
119129

120-
resource "kubernetes_secret" "linux_github_pat" {
121-
metadata {
122-
name = "github-token"
123-
namespace = "llvm-premerge-linux-runners"
124-
}
125-
126-
data = {
127-
"github_app_id" = data.google_secret_manager_secret_version.github_app_id.secret_data
128-
"github_app_installation_id" = data.google_secret_manager_secret_version.github_app_installation_id.secret_data
129-
"github_app_private_key" = data.google_secret_manager_secret_version.github_app_private_key.secret_data
130-
}
131-
132-
type = "Opaque"
130+
moved {
131+
from = kubernetes_namespace.llvm_premerge_linux_runners
132+
to = module.premerge_cluster_resources.kubernetes_namespace.llvm_premerge_linux_runners
133133
}
134134

135-
resource "kubernetes_namespace" "llvm_premerge_windows_runners" {
136-
metadata {
137-
name = "llvm-premerge-windows-runners"
138-
}
135+
moved {
136+
from = kubernetes_secret.linux_github_pat
137+
to = module.premerge_cluster_resources.kubernetes_secret.linux_github_pat
139138
}
140139

141-
resource "kubernetes_secret" "windows_github_pat" {
142-
metadata {
143-
name = "github-token"
144-
namespace = "llvm-premerge-windows-runners"
145-
}
146-
147-
data = {
148-
"github_app_id" = data.google_secret_manager_secret_version.github_app_id.secret_data
149-
"github_app_installation_id" = data.google_secret_manager_secret_version.github_app_installation_id.secret_data
150-
"github_app_private_key" = data.google_secret_manager_secret_version.github_app_private_key.secret_data
151-
}
152-
153-
type = "Opaque"
140+
moved {
141+
from = kubernetes_namespace.llvm_premerge_windows_runners
142+
to = module.premerge_cluster_resources.kubernetes_namespace.llvm_premerge_windows_runners
154143
}
155144

156-
157-
resource "helm_release" "github_actions_runner_controller" {
158-
name = "llvm-premerge-controller"
159-
namespace = "llvm-premerge-controller"
160-
repository = "oci://ghcr.io/actions/actions-runner-controller-charts"
161-
version = "0.11.0"
162-
chart = "gha-runner-scale-set-controller"
163-
164-
depends_on = [
165-
kubernetes_namespace.llvm_premerge_controller
166-
]
145+
moved {
146+
from = kubernetes_secret.windows_github_pat
147+
to = module.premerge_cluster_resources.kubernetes_secret.windows_github_pat
167148
}
168149

169-
resource "helm_release" "github_actions_runner_set_linux" {
170-
name = "llvm-premerge-linux-runners"
171-
namespace = "llvm-premerge-linux-runners"
172-
repository = "oci://ghcr.io/actions/actions-runner-controller-charts"
173-
version = "0.11.0"
174-
chart = "gha-runner-scale-set"
175-
176-
values = [
177-
"${file("linux_runners_values.yaml")}"
178-
]
179-
180-
depends_on = [
181-
kubernetes_namespace.llvm_premerge_linux_runners,
182-
helm_release.github_actions_runner_controller,
183-
kubernetes_secret.linux_github_pat,
184-
]
150+
moved {
151+
from = helm_release.github_actions_runner_controller
152+
to = module.premerge_cluster_resources.helm_release.github_actions_runner_controller
185153
}
186154

187-
resource "helm_release" "github_actions_runner_set_windows" {
188-
name = "llvm-premerge-windows-runners"
189-
namespace = "llvm-premerge-windows-runners"
190-
repository = "oci://ghcr.io/actions/actions-runner-controller-charts"
191-
version = "0.11.0"
192-
chart = "gha-runner-scale-set"
193-
194-
values = [
195-
"${file("windows_runner_values.yaml")}"
196-
]
197-
198-
depends_on = [
199-
kubernetes_namespace.llvm_premerge_windows_runners,
200-
kubernetes_secret.windows_github_pat,
201-
helm_release.github_actions_runner_controller,
202-
]
155+
moved {
156+
from = helm_release.github_actions_runner_set_linux
157+
to = module.premerge_cluster_resources.helm_release.github_actions_runner_set_linux
203158
}
204159

205-
resource "kubernetes_namespace" "grafana" {
206-
metadata {
207-
name = "grafana"
208-
}
160+
moved {
161+
from = helm_release.github_actions_runner_set_windows
162+
to = module.premerge_cluster_resources.helm_release.github_actions_runner_set_windows
209163
}
210164

211-
resource "helm_release" "grafana-k8s-monitoring" {
212-
name = "grafana-k8s-monitoring"
213-
repository = "https://grafana.github.io/helm-charts"
214-
chart = "k8s-monitoring"
215-
namespace = "grafana"
216-
create_namespace = true
217-
atomic = true
218-
timeout = 300
219-
220-
values = [file("${path.module}/grafana_values.yaml")]
221-
222-
set {
223-
name = "cluster.name"
224-
value = var.cluster_name
225-
}
226-
227-
set {
228-
name = "externalServices.prometheus.host"
229-
value = var.externalservices_prometheus_host
230-
}
231-
232-
set_sensitive {
233-
name = "externalServices.prometheus.basicAuth.username"
234-
value = var.externalservices_prometheus_basicauth_username
235-
}
236-
237-
set_sensitive {
238-
name = "externalServices.prometheus.basicAuth.password"
239-
value = data.google_secret_manager_secret_version.grafana_token.secret_data
240-
}
241-
242-
set {
243-
name = "externalServices.loki.host"
244-
value = var.externalservices_loki_host
245-
}
246-
247-
set_sensitive {
248-
name = "externalServices.loki.basicAuth.username"
249-
value = var.externalservices_loki_basicauth_username
250-
}
251-
252-
set_sensitive {
253-
name = "externalServices.loki.basicAuth.password"
254-
value = data.google_secret_manager_secret_version.grafana_token.secret_data
255-
}
256-
257-
set {
258-
name = "externalServices.tempo.host"
259-
value = var.externalservices_tempo_host
260-
}
261-
262-
set_sensitive {
263-
name = "externalServices.tempo.basicAuth.username"
264-
value = var.externalservices_tempo_basicauth_username
265-
}
266-
267-
set_sensitive {
268-
name = "externalServices.tempo.basicAuth.password"
269-
value = data.google_secret_manager_secret_version.grafana_token.secret_data
270-
}
271-
272-
set {
273-
name = "opencost.opencost.exporter.defaultClusterId"
274-
value = var.cluster_name
275-
}
276-
277-
set {
278-
name = "opencost.opencost.prometheus.external.url"
279-
value = format("%s/api/prom", var.externalservices_prometheus_host)
280-
}
165+
moved {
166+
from = kubernetes_namespace.grafana
167+
to = module.premerge_cluster_resources.kubernetes_namespace.grafana
168+
}
281169

282-
depends_on = [kubernetes_namespace.grafana]
170+
moved {
171+
from = helm_release.grafana-k8s-monitoring
172+
to = module.premerge_cluster_resources.helm_release.grafana-k8s-monitoring
283173
}
284174

285175
data "google_secret_manager_secret_version" "metrics_github_pat" {
@@ -298,11 +188,11 @@ data "google_secret_manager_secret_version" "metrics_buildkite_token" {
298188
secret = "llvm-premerge-metrics-buildkite-graphql-token"
299189
}
300190

301-
302191
resource "kubernetes_namespace" "metrics" {
303192
metadata {
304193
name = "metrics"
305194
}
195+
provider = kubernetes.llvm-premerge-prototype
306196
}
307197

308198
resource "kubernetes_secret" "metrics_secrets" {
@@ -318,9 +208,11 @@ resource "kubernetes_secret" "metrics_secrets" {
318208
"buildkite-token" = data.google_secret_manager_secret_version.metrics_buildkite_token.secret_data
319209
}
320210

321-
type = "Opaque"
211+
type = "Opaque"
212+
provider = kubernetes.llvm-premerge-prototype
322213
}
323214

324215
resource "kubernetes_manifest" "metrics_deployment" {
325216
manifest = yamldecode(file("metrics_deployment.yaml"))
217+
provider = kubernetes.llvm-premerge-prototype
326218
}

premerge/grafana_values.yaml renamed to premerge/premerge_resources/grafana_values.yaml

File renamed without changes.

0 commit comments

Comments
 (0)