Added CSI Driver (#91)

Author: danielscholl

infra/templates/osdu-r3-resources/environments/service_resources/helm_kv_csi.tf

@@ -0,0 +1,43 @@
+//  Copyright © Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
+locals {
+  helm_kv_csi_name    = "kvsecrets"
+  helm_kv_csi_ns      = "kvsecrets"
+  helm_kv_csi_repo    = "https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts"
+  helm_kv_csi_version = "0.0.9"
+}
+
+resource "kubernetes_namespace" "kvsecrets" {
+  metadata {
+    name = local.helm_kv_csi_ns
+  }
+
+  depends_on = [module.aks-gitops]
+}
+
+resource "helm_release" "kvsecrets" {
+  name       = local.helm_kv_csi_name
+  repository = local.helm_kv_csi_repo
+  chart      = "csi-secrets-store-provider-azure"
+  version    = local.helm_kv_csi_version
+  namespace  = local.helm_kv_csi_ns
+
+  set {
+    name  = "secrets-store-csi-driver.linux.metricsAddr"
+    value = ":8081"
+  }
+
+  depends_on = [kubernetes_namespace.kvsecrets]
+}

infra/templates/osdu-r3-resources/environments/service_resources/main.tf

@@ -291,7 +291,6 @@ module "network" {
   name                = local.vnet_name
   resource_group_name = azurerm_resource_group.main.name
   address_space       = var.address_space
-  dns_servers         = ["8.8.8.8"]
   subnet_prefixes     = [var.subnet_fe_prefix, var.subnet_aks_prefix, var.subnet_be_prefix]
   subnet_names        = [local.fe_subnet_name, local.aks_subnet_name, local.be_subnet_name]
 }
@@ -370,10 +369,10 @@ module "aks-gitops" {
 
   gitops_ssh_url       = var.gitops_ssh_url
   gitops_ssh_key       = var.gitops_ssh_key_file
-  gitops_url_branch    = var.gitops_config.branch
-  gitops_path          = var.gitops_config.path
-  gitops_poll_interval = var.gitops_config.interval
-  gitops_label         = var.gitops_config.label
+  gitops_url_branch    = var.gitops_branch
+  gitops_path          = var.gitops_path
+  gitops_poll_interval = "10s"
+  gitops_label         = "flux-sync"
 }
 
 data "azurerm_resource_group" "aks_node_resource_group" {

infra/templates/osdu-r3-resources/environments/service_resources/terraform.tfvars

@@ -17,4 +17,4 @@ prefix = "osdu-r3"
 # Storage Settings
 storage_containers = [
   "airflow"
-]
+]

infra/templates/osdu-r3-resources/environments/service_resources/tests/unit/unit_test.go

@@ -49,7 +49,7 @@ func TestTemplate(t *testing.T) {
 		TfOptions:                       tfOptions,
 		Workspace:                       workspace,
 		PlanAssertions:                  nil,
-		ExpectedResourceCount:           57,
+		ExpectedResourceCount:           59,
 		ExpectedResourceAttributeValues: resourceDescription,
 	}
 

infra/templates/osdu-r3-resources/environments/service_resources/var.tf

@@ -128,17 +128,14 @@ variable "gitops_ssh_key_file" {
   description = "(Required) SSH key used to establish a connection to a private git repo containing the HLD manifest."
 }
 
-variable "gitops_config" {
-  type = object({
-    branch   = string
-    path     = string
-    label    = string
-    interval = string
-  })
-  default = {
-    branch   = "master"
-    path     = "providers/azure/hld-registry"
-    label    = "flux-sync"
-    interval = "10s"
-  }
+variable "gitops_branch" {
+  type        = string
+  description = "(Optional) The branch for flux to watch"
+  default     = "master"
+}
+
+variable "gitops_path" {
+  type        = string
+  description = "(Optional) The path for flux to watch"
+  default     = "providers/azure/hld-registry"
 }