Configurable local exec command for waiting until cluster is healthy (#701)

* Configurable local exec command for waiting until cluster is healthy

* readme

* line feeds

* format

* fix readme

* fix readme

* Configurable local exec command for waiting until cluster is healthy (#1)

* Configurable local exec command for waiting until cluster is healthy

* readme

* line feeds

* format

* fix readme

* fix readme

* change log

* Configurable local exec wait 4 cluster op (#2)

* Configurable local exec command for waiting until cluster is healthy

* readme

* line feeds

* format

* fix readme

* fix readme

* change log

* changelog (#3)

* Changelog (#4)

* changelog

* changelog

* simplify wait_for_cluster command

* readme

* no op for manage auth false

* formatting

* docs? not sure

* linter

* specify dependency to wait for cluster more accurately

Author: sanjeevgiri

CHANGELOG.md

@@ -9,7 +9,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [[v8.?.?](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v8.1.0...HEAD)] - YYYY-MM-DD]
 
-- Write your awesome change here (by @you)
+- Include ability to configure custom os-specific command for waiting until kube cluster is healthy (@sanjeevgiri)
 
 # History
 

README.md

@@ -174,7 +174,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | kubeconfig_aws_authenticator_command_args | Default arguments passed to the authenticator command. Defaults to [token -i $cluster_name]. | list(string) | `[]` | no |
 | kubeconfig_aws_authenticator_env_variables | Environment variables that should be used when executing the authenticator. e.g. { AWS_PROFILE = "eks"}. | map(string) | `{}` | no |
 | kubeconfig_name | Override the default name used for items kubeconfig. | string | `""` | no |
-| local_exec_interpreter | Command to run for local-exec resources. Must be a shell-style interpreter. If you are on Windows Git Bash is a good choice. | list(string) | `[ "/bin/sh", "-c" ]` | no |
 | manage_aws_auth | Whether to apply the aws-auth configmap file. | string | `"true"` | no |
 | manage_cluster_iam_resources | Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified. | bool | `"true"` | no |
 | manage_worker_autoscaling_policy | Whether to let the module manage the cluster autoscaling iam policy. | bool | `"true"` | no |
@@ -188,6 +187,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | subnets | A list of subnets to place the EKS cluster and workers within. | list(string) | n/a | yes |
 | tags | A map of tags to add to all resources. | map(string) | `{}` | no |
 | vpc_id | VPC where the cluster and workers will be deployed. | string | n/a | yes |
+| wait_for_cluster_cmd | Custom local-exec command to execute for determining if the eks cluster is healthy. Cluster endpoint will be available as an environment variable called ENDPOINT | string | `"until curl -k -s $ENDPOINT/healthz \u003e/dev/null; do sleep 4; done"` | no |
 | worker_additional_security_group_ids | A list of additional security group ids to attach to worker instances | list(string) | `[]` | no |
 | worker_ami_name_filter | Name filter for AWS EKS worker AMI. If not provided, the latest official AMI for the specified 'cluster_version' is used. | string | `""` | no |
 | worker_ami_name_filter_windows | Name filter for AWS EKS Windows worker AMI. If not provided, the latest official AMI for the specified 'cluster_version' is used. | string | `""` | no |

aws_auth.tf

@@ -50,8 +50,8 @@ data "template_file" "node_group_arns" {
 }
 
 resource "kubernetes_config_map" "aws_auth" {
-  depends_on = [aws_eks_cluster.this]
   count      = var.create_eks && var.manage_aws_auth ? 1 : 0
+  depends_on = [null_resource.wait_for_cluster[0]]
 
   metadata {
     name      = "aws-auth"

cluster.tf

@@ -32,10 +32,20 @@ resource "aws_eks_cluster" "this" {
     aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy,
     aws_cloudwatch_log_group.this
   ]
+}
+
+resource "null_resource" "wait_for_cluster" {
+  count = var.manage_aws_auth ? 1 : 0
+
+  depends_on = [
+    aws_eks_cluster.this[0]
+  ]
+
   provisioner "local-exec" {
-    command = <<EOT
-    until curl -k -s ${aws_eks_cluster.this[0].endpoint}/healthz >/dev/null; do sleep 4; done
-  EOT
+    command = var.wait_for_cluster_cmd
+    environment = {
+      ENDPOINT = aws_eks_cluster.this[0].endpoint
+    }
   }
 }
 

variables.tf

@@ -198,10 +198,10 @@ variable "cluster_delete_timeout" {
   default     = "15m"
 }
 
-variable "local_exec_interpreter" {
-  description = "Command to run for local-exec resources. Must be a shell-style interpreter. If you are on Windows Git Bash is a good choice."
-  type        = list(string)
-  default     = ["/bin/sh", "-c"]
+variable "wait_for_cluster_cmd" {
+  description = "Custom local-exec command to execute for determining if the eks cluster is healthy. Cluster endpoint will be available as an environment variable called ENDPOINT"
+  type        = string
+  default     = "until curl -k -s $ENDPOINT/healthz >/dev/null; do sleep 4; done"
 }
 
 variable "worker_create_initial_lifecycle_hooks" {