Merge branch 'KKGo-Software-engineering:main' into main

KKGo-Software-engineering · May 16, 2024 · 3c2e0ce · 3c2e0ce
2 parents 936d898 + 6a545e0
commit 3c2e0ce
Show file tree

Hide file tree

Showing 11 changed files with 148 additions and 119 deletions.
diff --git a/README.md b/README.md
@@ -30,20 +30,20 @@
 ## Workshop URL
 - Health Check: `GET: api/v1/health`
 - Group 1
-	- Dev: [https://group-1-b1-dev.werockstar.dev/](https://group-1-b1-dev.werockstar.dev/)
-	- Prod: [https://group-1-b1-prod.werockstar.dev/](https://group-1-b1-prod.werockstar.dev/)
+	- Dev: [https://group-1-b2-dev.werockstar.dev/](https://group-1-b2-dev.werockstar.dev/)
+	- Prod: [https://group-1-b2-prod.werockstar.dev/](https://group-1-b2-prod.werockstar.dev/)
 - Group 2
-	- Dev: [https://group-2-b1-dev.werockstar.dev/](https://group-2-b1-dev.werockstar.dev/)
-	- Prod: [https://group-2-b1-prod.werockstar.dev/](https://group-2-b1-prod.werockstar.dev/)
+	- Dev: [https://group-2-b2-dev.werockstar.dev/](https://group-2-b2-dev.werockstar.dev/)
+	- Prod: [https://group-2-b2-prod.werockstar.dev/](https://group-2-b2-prod.werockstar.dev/)
 - Group 3
-	- Dev: [https://group-3-b1-dev.werockstar.dev/](https://group-3-b1-dev.werockstar.dev/)
-	- Prod: [https://group-3-b1-prod.werockstar.dev/](https://group-3-b1-prod.werockstar.dev/)
+	- Dev: [https://group-3-b2-dev.werockstar.dev/](https://group-3-b2-dev.werockstar.dev/)
+	- Prod: [https://group-3-b2-prod.werockstar.dev/](https://group-3-b2-prod.werockstar.dev/)
 - Group 4
-	- Dev: [https://group-4-b1-dev.werockstar.dev/](https://group-4-b1-dev.werockstar.dev/)
-	- Prod: [https://group-4-b1-prod.werockstar.dev/](https://group-4-b1-prod.werockstar.dev/)
+	- Dev: [https://group-4-b2-dev.werockstar.dev/](https://group-4-b2-dev.werockstar.dev/)
+	- Prod: [https://group-4-b2-prod.werockstar.dev/](https://group-4-b2-prod.werockstar.dev/)
 - Group 5
-	- Dev: [https://group-5-b1-dev.werockstar.dev/](https://group-5-b1-dev.werockstar.dev/)
-	- Prod: [https://group-5-b1-prod.werockstar.dev/](https://group-5-b1-prod.werockstar.dev/)
+	- Dev: [https://group-5-b2-dev.werockstar.dev/](https://group-5-b2-dev.werockstar.dev/)
+	- Prod: [https://group-5-b2-prod.werockstar.dev/](https://group-5-b2-prod.werockstar.dev/)
 
 # HongJot Diagram
 
@@ -89,44 +89,25 @@ We have created the infrastructure by using Terraform. The infrastructure consis
 	- Option 2: Set environment variable
 		- `export AWS_ACCESS_KEY_ID=<KEY>`
 		- `export AWS_SECRET_ACCESS_KEY=<SECRET>`
-- Create `ESK Cluster`
-	- `cd infra/iac/eks`
+- Provision the infrastructure (ESK, RDS (Postgres), SonarQube, ArgoCD, Cloudflare, VPC)
+	- `cd infra/iac`
 	- `terraform init`
 	- `terraform apply`
-	- `Terraform` will require `Cloudflare` API key, you can get it from the `Cloudflare` dashboard
-		- Option 1: Enter API token on Terraform prompt
-		- Option 2: Export environment variable that provide for Terraform
-	- And then Terraform will proceed to create the EKS Cluster
+	- `Terraform` will require
+      - `cloudflare` API key, you can get it from the `Cloudflare` dashboard
+          - Option 1: Enter API token on Terraform prompt
+          - Option 2: Export environment variable that provide for Terraform
+      - `RDS` username, password, and database name
+		  - Option 1: Enter the value on Terraform prompt
+		  - Option 2: Export environment variable that provide for Terraform
+	- And then Terraform will do things for you
 	- Waiting and enjoy your coffee
-- Create `RDS (Postgres)`
-	- `cd infra/iac/rds`
-	- `terraform init`
-	- `terraform apply -auto-approve`
-	- You need to input username and password for the RDS
-	- Terraform will create the RDS
-	- And then output the RDS endpoint
-- Create `SonarQube`
-	- `cd infra/iac/sonarqube`
-	- `terraform init`
-	- `terraform apply -auto-approve`
-	- You need to input `Cloudflare` API key
-	- Terraform will create the `SonarQube`
-	- And then output the SonarQube endpoint
-	- You can access default username and password via `infra/iac/sonar/ansible`
-	- Run `make get-cred` in Ansible directory
-- Mapping DNS with `Cloudflare`
-	- We have created the DNS mapping for every group in the workshop such as:
-	- Dev
-		- `group-1-b1-dev`: `group-1-b1-dev.werockstar.dev`
-	- Prod
-		- `group-1-b1-prod`: `group-1-b1-prod.werockstar.dev`
-- Create `ArgoCD` application (No need to do anything because we have done it for demo purpose)
-	- ArgoCD will automatically deploy the application to the EKS cluster
-- Importantly, you need to destroy the infrastructure after the workshop
-	- `terraform destroy` in each directory
+- Importantly, you need to destroy resources because it's not free 💰
+	- `terraform destroy`
+- **Note**: You can see the [README.md](infra/iac/README.md) in the `infra` directory for more information
 
 ### Step 1: Fork the repository and setup Github Actions ✅
-- Fork `workshop-summer` repository and name it as `workshop-summer-<GROUP_NO>-<BATCH_NO>` (e.g. `workshop-summer-group-1-b1`)
+- Fork `workshop-summer` repository and name it as `workshop-summer-<GROUP_NO>-<BATCH_NO>` (e.g. `workshop-summer-group-1-b2`)
 - Enable Github Actions in the repository
 - Replace the `<GROUP_NO>` pattern via `auto-replace-group.sh`
 - Setup project on `SonarQube` manually
@@ -141,7 +122,7 @@ We have created the infrastructure by using Terraform. The infrastructure consis
 - Go to ArgoCD dashboard [https://argocd.werockstar.dev/](https://argocd.werockstar.dev/)
 - Setup GitOps สำหรับ Development
   - กด `+ New App` แล้วใส่ข้อมูลดังนี้
-  - Application Name: `<GROUP_NO>-<BATCH_NO>-dev` (e.g. `group-1-b1-dev`)
+  - Application Name: `<GROUP_NO>-<BATCH_NO>-dev` (e.g. `group-1-b2-dev`)
   - Project Name: `default`
   - SYNC POLICY: `Automatic`
   - Repository URL: `https://github.com/<your-github>/workshop-summer-<GROUP_NO>-<BATCH_NO>`
@@ -152,7 +133,7 @@ We have created the infrastructure by using Terraform. The infrastructure consis
   - ภาวะณา
 - Setup GitOps สำหรับ Production env
    - กด `+ New App` แล้วใส่ข้อมูลดังนี้
-   - Application Name: `<GROUP_NO>-<BATCH_NO>-prod` (e.g. `group-1-b1-prod`)
+   - Application Name: `<GROUP_NO>-<BATCH_NO>-prod` (e.g. `group-1-b2-prod`)
    - Project Name: `default`
    - SYNC POLICY: `Automatic`
    - Repository URL: `https://github.com/<your-github>/workshop-summer-<GROUP_NO>-<BATCH_NO>`

diff --git a/infra/README.md b/infra/README.md
@@ -1,31 +1,6 @@
 # GitOps and Infrastructure as Code
 - [GitOps](gitops) - `ArgoCD` will sync the configuration from here
-  - [dev](gitops/dev) - Dev environment
-  - [prod](gitops/prod) - Prod environment
+  - [dev](gitops/dev) - `K8s` configuration for Dev environment
+  - [prod](gitops/prod) - `K8s` configuration for Prod environment
+  - **Secrets** - `K8s` secret, we've applied in `K8s` cluster
 - [IaC](iac/README.md) - Use `Terraform` code for describe how infrastructure look like
-
-<!-- BEGIN_TF_DOCS -->
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
-<!-- END_TF_DOCS -->
diff --git a/infra/iac/README.md b/infra/iac/README.md
@@ -1,25 +1,27 @@
 # Infrastructure as Code
-- [EKS](eks/README.md) - Create EKS cluster, ArgoCD, nginx ingress controller and external-dns
+- [EKS](eks/README.md) - Create EKS cluster, Install ArgoCD, nginx ingress controller and external-dns
 - [ArgoCD](argocd-app/README.md) - Create ArgoCD applications
 - [SonarQube](sonarqube/README.md) - Create SonarQube server and mapping DNS to SonarQube
   - DNS `sonarqube`: `sonarqube.werockstar.dev`
   - We're still create project in SonarQube manually
-- [Cloudflare](cloudflare/README.md) - Create Cloudflare DNS record for all group
+- [RDS](rds/README.md) - Create RDS PostgreSQL database
+- [VPC](vpc/README.md) - Create VPC, Subnets, Route Table, Internet Gateway, NAT Gateway, etc.
+- Create Cloudflare all record for all group (Implemented in `eks` module)
   - Dev
-    - `group-1-b1-dev`: `group-1-b1-dev.werockstar.dev`
-    - `group-2-b1-dev`: `group-2-b1-dev.werockstar.dev`
-    - `group-3-b1-dev`: `group-3-b1-dev.werockstar.dev`
-    - `group-4-b1-dev`: `group-4-b1-dev.werockstar.dev`
-    - `group-5-b1-dev`: `group-5-b1-dev.werockstar.dev`
+    - `group-1-b2-dev`: `group-1-b2-dev.werockstar.dev`
+    - `group-2-b2-dev`: `group-2-b2-dev.werockstar.dev`
+    - `group-3-b2-dev`: `group-3-b2-dev.werockstar.dev`
+    - `group-4-b2-dev`: `group-4-b2-dev.werockstar.dev`
+    - `group-5-b2-dev`: `group-5-b2-dev.werockstar.dev`
   - Prod
-    - `group-1-b1-prod`: `group-1-b1-prod.werockstar.dev`
-    - `group-2-b1-prod`: `group-2-b1-prod.werockstar.dev`
-    - `group-3-b1-prod`: `group-3-b1-prod.werockstar.dev`
-    - `group-4-b1-prod`: `group-4-b1-prod.werockstar.dev`
-    - `group-5-b1-prod`: `group-5-b1-prod.werockstar.dev`
+    - `group-1-b2-prod`: `group-1-b2-prod.werockstar.dev`
+    - `group-2-b2-prod`: `group-2-b2-prod.werockstar.dev`
+    - `group-3-b2-prod`: `group-3-b2-prod.werockstar.dev`
+    - `group-4-b2-prod`: `group-4-b2-prod.werockstar.dev`
+    - `group-5-b2-prod`: `group-5-b2-prod.werockstar.dev`
   - `group-0` is reserved for instructor
-    - `group-0-b1-dev`: `group-0-b1-dev.werockstar.dev`
-    - `group-0-b1-prod`: `group-0-b1-prod.werockstar.dev`
+    - `group-0-b2-dev`: `group-0-b2-dev.werockstar.dev`
+    - `group-0-b2-prod`: `group-0-b2-prod.werockstar.dev`
 
 <!-- BEGIN_TF_DOCS -->
 ## Requirements
@@ -37,6 +39,7 @@ No providers.
 | <a name="module_eks"></a> [eks](#module\_eks) | ./eks | n/a |
 | <a name="module_rds"></a> [rds](#module\_rds) | ./rds | n/a |
 | <a name="module_sonarqube"></a> [sonarqube](#module\_sonarqube) | ./sonarqube | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | ./vpc | n/a |
 
 ## Resources
 

diff --git a/infra/iac/argocd-app/README.md b/infra/iac/argocd-app/README.md
@@ -24,8 +24,8 @@ This module intended to create ArgoCD application for EKS cluster
 
 | Name | Version |
 |------|---------|
-| <a name="provider_argocd"></a> [argocd](#provider\_argocd) | 6.1.1 |
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.47.0 |
+| <a name="provider_argocd"></a> [argocd](#provider\_argocd) | >= 6.0.0, < 7.0.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |
 
 ## Modules
 
@@ -47,6 +47,7 @@ No modules.
 | <a name="input_argocd_password"></a> [argocd\_password](#input\_argocd\_password) | ArgoCD password | `string` | n/a | yes |
 | <a name="input_argocd_server_addr"></a> [argocd\_server\_addr](#input\_argocd\_server\_addr) | ArgoCD server address | `string` | `"argocd.werockstar.dev:443"` | no |
 | <a name="input_argocd_username"></a> [argocd\_username](#input\_argocd\_username) | ArgoCD username | `string` | `"admin"` | no |
+| <a name="input_batch_no"></a> [batch\_no](#input\_batch\_no) | Workshop batch number | `string` | `"b2"` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | The name of the EKS cluster | `string` | `"eks-go-workshop"` | no |
 
 ## Outputs

diff --git a/infra/iac/eks/README.md b/infra/iac/eks/README.md
@@ -80,9 +80,9 @@ data:
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.48.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.48.0 |
 | <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | 4.31.0 |
-| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.13.1 |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 2.13 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.29.0 |
 
 ## Modules
@@ -93,7 +93,6 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [aws_eip.nat](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
 | [aws_eks_cluster.eks-cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster) | resource |
 | [aws_eks_node_group.private-nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group) | resource |
 | [aws_iam_role.eks_iam](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
@@ -102,19 +101,6 @@ No modules.
 | [aws_iam_role_policy_attachment.nodes-AmazonEC2ContainerRegistryReadOnly](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.nodes-AmazonEKSWorkerNodePolicy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.nodes-AmazonEKS_CNI_Policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_internet_gateway.igw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource |
-| [aws_nat_gateway.nat](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/nat_gateway) | resource |
-| [aws_route_table.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table) | resource |
-| [aws_route_table.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table) | resource |
-| [aws_route_table_association.private-1a](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
-| [aws_route_table_association.private-1b](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
-| [aws_route_table_association.public-1a](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
-| [aws_route_table_association.public-1b](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
-| [aws_subnet.private-1a](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
-| [aws_subnet.private-1b](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
-| [aws_subnet.public-1a](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
-| [aws_subnet.public-1b](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
-| [aws_vpc.workshop](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc) | resource |
 | [cloudflare_record.argocd](https://registry.terraform.io/providers/cloudflare/cloudflare/4.31.0/docs/resources/record) | resource |
 | [cloudflare_record.cnames-dev](https://registry.terraform.io/providers/cloudflare/cloudflare/4.31.0/docs/resources/record) | resource |
 | [cloudflare_record.cnames-prod](https://registry.terraform.io/providers/cloudflare/cloudflare/4.31.0/docs/resources/record) | resource |
@@ -130,14 +116,26 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_argocd_namespace"></a> [argocd\_namespace](#input\_argocd\_namespace) | The namespace where ArgoCD is installed | `string` | `"argocd"` | no |
 | <a name="input_batch_no"></a> [batch\_no](#input\_batch\_no) | Workshop batch number | `string` | `"b2"` | no |
+| <a name="input_capacity_type"></a> [capacity\_type](#input\_capacity\_type) | The capacity type for the EKS nodes | `string` | n/a | yes |
 | <a name="input_cloudflare_api_token"></a> [cloudflare\_api\_token](#input\_cloudflare\_api\_token) | Cloudflare API Token | `string` | n/a | yes |
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | The name of the EKS cluster | `string` | `"eks-go-workshop"` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | The name of the EKS cluster | `string` | n/a | yes |
+| <a name="input_desired_size"></a> [desired\_size](#input\_desired\_size) | The desired size of the EKS nodes | `number` | n/a | yes |
 | <a name="input_eks_node_role"></a> [eks\_node\_role](#input\_eks\_node\_role) | The IAM role for the EKS nodes | `string` | `"eks-nodes-role"` | no |
 | <a name="input_eks_role"></a> [eks\_role](#input\_eks\_role) | The IAM role for the EKS cluster | `string` | `"eks-go-workshop-role"` | no |
+| <a name="input_igw_id"></a> [igw\_id](#input\_igw\_id) | The ID of the Internet Gateway | `string` | n/a | yes |
 | <a name="input_ingress_namespace"></a> [ingress\_namespace](#input\_ingress\_namespace) | The namespace where the Ingress Controller is installed | `string` | `"ingress-nginx"` | no |
-| <a name="input_nat_name"></a> [nat\_name](#input\_nat\_name) | The name of the NAT Gateway | `string` | `"go-workshop-nat"` | no |
-| <a name="input_subdomains"></a> [subdomains](#input\_subdomains) | List of subdomains | `list(string)` | <pre>[<br>  "group-0",<br>  "group-1",<br>  "group-2",<br>  "group-3",<br>  "group-4",<br>  "group-5"<br>]</pre> | no |
-| <a name="input_vpc_name"></a> [vpc\_name](#input\_vpc\_name) | The name of the VPC | `string` | `"go-workshop-vpc"` | no |
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | The instance type for the EKS nodes | `string` | n/a | yes |
+| <a name="input_max_size"></a> [max\_size](#input\_max\_size) | The maximum size of the EKS nodes | `number` | n/a | yes |
+| <a name="input_min_size"></a> [min\_size](#input\_min\_size) | The minimum size of the EKS nodes | `number` | n/a | yes |
+| <a name="input_nat_id"></a> [nat\_id](#input\_nat\_id) | ID of the NAT Gateway | `string` | n/a | yes |
+| <a name="input_subdomains"></a> [subdomains](#input\_subdomains) | List of subdomains | `list(string)` | n/a | yes |
+| <a name="input_subnet_private-1a"></a> [subnet\_private-1a](#input\_subnet\_private-1a) | ID of the private subnet in AZ 1a | `string` | n/a | yes |
+| <a name="input_subnet_private-1b"></a> [subnet\_private-1b](#input\_subnet\_private-1b) | ID of the private subnet in AZ 1b | `string` | n/a | yes |
+| <a name="input_subnet_private-1c"></a> [subnet\_private-1c](#input\_subnet\_private-1c) | ID of the private subnet in AZ 1c | `string` | n/a | yes |
+| <a name="input_subnet_public-1a"></a> [subnet\_public-1a](#input\_subnet\_public-1a) | ID of the public subnet in AZ 1a | `string` | n/a | yes |
+| <a name="input_subnet_public-1b"></a> [subnet\_public-1b](#input\_subnet\_public-1b) | ID of the public subnet in AZ 1b | `string` | n/a | yes |
+| <a name="input_subnet_public-1c"></a> [subnet\_public-1c](#input\_subnet\_public-1c) | ID of the public subnet in AZ 1c | `string` | n/a | yes |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes |
 | <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | Cloudflare Zone ID | `string` | `"460c65b55ec2a251ab45cf8eedac4734"` | no |
 
 ## Outputs

diff --git a/infra/iac/main.tf b/infra/iac/main.tf
@@ -36,7 +36,7 @@ module "rds" {
   source               = "./rds"
   db_password          = var.rds_db_password
   db_username          = var.rds_db_username
-  db_name              = "workshop"
+  db_name              = var.rds_db_name
   rds_vpc_id           = module.vpc.vpc_id
   rds_subnet_public-1a = module.vpc.subnet_public-1a
   rds_subnet_public-1b = module.vpc.subnet_public-1b

diff --git a/infra/iac/provides.tf b/infra/iac/provides.tf
@@ -0,0 +1,3 @@
+terraform {
+	required_version = "~> 1.8.0"
+}