feat: INFRA-764 Added vault agent to zeppelin

Ferlab-Ste-Justine · Nov 27, 2024 · e095263 · e095263
1 parent 8fadfe9
commit e095263
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 0 deletions.
diff --git a/main.tf b/main.tf
@@ -51,6 +51,11 @@ locals {
       filename     = "fluent_bit.cfg"
       content_type = "text/cloud-config"
       content      = module.fluentbit_configs.configuration
+    }] : [],
+    var.vault_agent.enabled ? [{
+      filename     = "vault_agent.cfg"
+      content_type = "text/cloud-config"
+      content      = module.vault_agent_configs.configuration
     }] : []
   )
 }
@@ -79,6 +84,20 @@ module "fluentbit_configs" {
   }
 }
 
+module "vault_agent_configs" {
+  source = "git::https://github.com/Ferlab-Ste-Justine/terraform-cloudinit-templates.git//vault-agent?ref=feat/vault-agent"
+  install_dependencies = var.vault_agent.install_dependencies
+  vault_agent = {
+    enabled              = var.vault_agent.enabled
+    auth_method          = var.vault_agent.auth_method
+    vault_address        = var.vault_agent.vault_address
+    vault_ca_cert        = var.vault_agent.vault_ca_cert
+    templates            = var.vault_agent.templates
+    agent_config         = var.vault_agent.agent_config
+    release_version      = var.vault_agent.release_version
+  }
+}
+
 data "template_cloudinit_config" "zeppelin" {
   gzip          = true
   base64_encode = true

diff --git a/variables.tf b/variables.tf
@@ -262,4 +262,40 @@ variable "fluentbit" {
       ca_cert    = ""
     }
   }
+}
+
+variable "vault_agent" {
+  description = "Configuration for Vault Agent"
+  type = object({
+    enabled             = bool
+    install_dependencies = bool
+    auth_method         = object({
+      type   = string
+      config = map(string)
+    })
+    vault_address       = string
+    vault_ca_cert       = string
+    templates           = list(object({
+      source_path      = string
+      destination_path = string
+      service_name     = string
+      secret_path      = string
+      secret_key       = string
+    }))
+    agent_config        = string
+    release_version     = string
+  })
+  default = {
+    enabled             = false
+    install_dependencies = true
+    auth_method         = {
+      type   = "approle"
+      config = {}
+    }
+    vault_address       = ""
+    vault_ca_cert       = ""
+    templates           = []
+    agent_config        = ""
+    release_version     = ""
+  }
 }