Merge pull request #4 from junior/101_update

101 update

.github/workflows/stack.yml

@@ -0,0 +1,50 @@
+# Copyright (c) 2022 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+# Creates and Publishes the Oracle Resource Manager stack
+
+name: Generate stacks and publish release
+
+on:
+  push:
+    branches: [ main ]
+    paths: ['terraform/VERSION']
+
+jobs:
+
+  publish_stack:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Create stacks
+      id: create_stacks
+      run: |
+        #
+        STACKNAME=${{ github.event.repository.name }}
+        FOLDER=terraform/
+        RELEASE=$(cat terraform/VERSION)
+        ASSETS+="${STACKNAME}-stack.zip ${STACKNAME}-${RELEASE}.zip "
+        echo "::group::Processing $STACKNAME"
+        zip -r ${STACKNAME}-stack.zip $FOLDER || { printf '\n⛔ Unable to create %s stack.\n'; exit 1;  }
+        cp ${STACKNAME}-stack.zip ${STACKNAME}-${RELEASE}.zip || { printf '\n⛔ Unable to create %s stack.\n'; exit 1;  }
+        echo "::endgroup::"
+        echo "::set-output name=assets::$ASSETS"
+        echo "::set-output name=release::$RELEASE"
+        echo "::set-output name=prefix::$STACKNAME"
+
+    - name: Prepare Release Notes
+      run: |
+        #
+        printf '%s\n' '${{ steps.create_stacks.outputs.prefix }} Stack - v${{ steps.create_stacks.outputs.release }}' >release.md
+        printf '%s\n' '' '## [![Deploy to Oracle Cloud][magic_button]][magic_stack]' >>release.md
+        printf '%s\n' '' '' >>release.md
+        printf '%s\n' '' '[magic_button]: https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg' >>release.md
+        printf '%s\n' '' '[magic_stack]: https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/${{ github.repository }}/releases/download/${{ steps.create_stacks.outputs.release }}/${{ steps.create_stacks.outputs.prefix }}-${{ steps.create_stacks.outputs.release }}.zip' >>release.md
+
+    - name: Create Release
+      run: gh release create ${{ steps.create_stacks.outputs.release }} --generate-notes -F release.md ${{ steps.create_stacks.outputs.assets }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -3,6 +3,7 @@
 **/.DS_Store
 *.tgz
 *.zip
+.vscode/
 
 # Terraform ###
 ## Local .terraform directories

README.md

@@ -1,4 +1,4 @@
-# ![Sysdig Logo](./images/sysdig-logo-white-text.svg#gh-light-mode-only)![Sysdig Logo - Dark Mode](./images/sysdig-logo.svg#gh-dark-mode-only)      [![Deploy to Oracle Cloud][magic_button]][magic_sysdig_stack]
+# ![Sysdig Logo](./images/sysdig-logo.svg#gh-light-mode-only)![Sysdig Logo - Dark Mode](./images/sysdig-logo-white-text.svg#gh-dark-mode-only)      [![Deploy to Oracle Cloud][magic_button]][magic_sysdig_stack]
 
 Terraform module that deploys the Sysdig Secure Agents in Oracle Kubernetes Engine (OKE) Cluster.
 

terraform/VERSION

@@ -1 +1 @@
-1.0.0
+1.0.1

terraform/oke-autoscaler.tf

@@ -3,7 +3,7 @@
 # 
 
 locals {
-  cluster_autoscaler_supported_k8s_versions           = { "1.18" = "1.18.3-4", "1.19" = "1.19.1-8", "1.20" = "1.20.0-6", "1.21" = "1.21.1-3" } # There's no API to get that list. Need to be updated manually
+  cluster_autoscaler_supported_k8s_versions           = { "1.18" = "1.18.3-4", "1.19" = "1.19.1-8", "1.20" = "1.20.0-6", "1.21" = "1.21.1-3", "1.22" = "1.22.2-4" } # There's no API to get that list. Need to be updated manually
   cluster_autoscaler_image_version                    = lookup(local.cluster_autoscaler_supported_k8s_versions, local.k8s_major_minor_version, reverse(values(local.cluster_autoscaler_supported_k8s_versions))[0])
   cluster_autoscaler_image_region                     = "iad" # Available regions: iad, phx, fra, lhr
   cluster_autoscaler_image                            = "${local.cluster_autoscaler_image_region}.ocir.io/oracle/oci-cluster-autoscaler:${local.cluster_autoscaler_image_version}"

terraform/oke-datasources.tf

@@ -18,6 +18,9 @@ data "oci_containerengine_cluster_option" "oke" {
 data "oci_containerengine_node_pool_option" "oke" {
   node_pool_option_id = "all"
 }
+data "oci_containerengine_clusters" "oke" {
+    compartment_id = local.oke_compartment_ocid
+}
 
 # Gets a list of Availability Domains
 data "oci_identity_availability_domains" "ADs" {

terraform/oke-outputs.tf

@@ -7,7 +7,7 @@ output "comments" {
 }
 
 output "deployed_oke_kubernetes_version" {
-  value = (var.k8s_version == "Latest") ? local.cluster_k8s_latest_version : var.k8s_version
+  value = local.deployed_k8s_version
 }
 output "kubeconfig_for_kubectl" {
   value       = "export KUBECONFIG=./generated/kubeconfig"

terraform/oke-variables.tf

@@ -16,6 +16,10 @@ variable "existent_oke_cluster_id" {
   default     = ""
   description = "Using existent OKE Cluster. Only the application and services will be provisioned. If select cluster autoscaler feature, you need to get the node pool id and enter when required"
 }
+variable "existent_oke_cluster_compartment_ocid" {
+  default     = ""
+  description = "Existent OKE Cluster Compartment"
+}
 variable "create_new_compartment_for_oke" {
   default     = false
   description = "Creates new compartment for OKE Nodes and OCI Services deployed.  NOTE: The creation of the compartment increases the deployment time by at least 3 minutes, and can increase by 15 minutes when destroying"

terraform/oke.tf

@@ -89,7 +89,8 @@ resource "oci_identity_compartment" "oke_compartment" {
   count = var.create_new_compartment_for_oke ? 1 : 0
 }
 locals {
-  oke_compartment_ocid = var.create_new_compartment_for_oke ? oci_identity_compartment.oke_compartment.0.id : var.compartment_ocid
+  # oke_compartment_ocid = var.create_new_compartment_for_oke ? oci_identity_compartment.oke_compartment.0.id : var.compartment_ocid
+  oke_compartment_ocid = var.create_new_oke_cluster ? (var.create_new_compartment_for_oke ? oci_identity_compartment.oke_compartment.0.id : var.compartment_ocid) : var.existent_oke_cluster_compartment_ocid
 }
 
 # Local kubeconfig for when using Terraform locally. Not used by Oracle Resource Manager
@@ -108,6 +109,8 @@ resource "tls_private_key" "oke_worker_node_ssh_key" {
 locals {
   cluster_k8s_latest_version   = reverse(sort(data.oci_containerengine_cluster_option.oke.kubernetes_versions))[0]
   node_pool_k8s_latest_version = reverse(sort(data.oci_containerengine_node_pool_option.oke.kubernetes_versions))[0]
+  deployed_k8s_version = var.create_new_oke_cluster ? (var.k8s_version == "Latest") ? local.cluster_k8s_latest_version : var.k8s_version :[
+    for x in data.oci_containerengine_clusters.oke.clusters : x.kubernetes_version if x.id == var.existent_oke_cluster_id][0]
 }
 
 # Checks if is using Flexible Compute Shapes

terraform/providers.tf

@@ -3,12 +3,12 @@
 # 
 
 terraform {
-  required_version = ">= 1.0"
+  required_version = ">= 1.1"
   required_providers {
     oci = {
-      source  = "hashicorp/oci"
-      version = ">= 4.68.0"
-      # https://registry.terraform.io/providers/hashicorp/oci/4.68.0
+      source  = "oracle/oci"
+      version = ">= 4.75.0"
+      # https://registry.terraform.io/providers/oracle/oci/4.75.0
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"