le-tf-infra-aws Enhancement | Check and Update layers to use terraform, modules and provider resources in the latest versions

Enhancement | Check and Update layers to use terraform, modules and provider resources in the latest versions

Open rodriguez-matias opened this issue 2 years ago • 6 comments

What?

• Keep Updated all Terraform config on every layer.
• Keep all versions update changes registered in one place.

How?

• Check and Update versions of Terraform Core, Providers, and Modules.
• Get the latest release version from Terraform Registry.
• Update version constraints.
• Test layers with new versions and report potentials issues and parameters changes.

Why?

• Keeping Leverage Reference Architecture up to date.

Versions to consider for updates:

leverage cli: "v1.9.2"
  
terraform {
  required_version = "~> 1.3.5"

  required_providers {
    aws        = "~> 4.10"
    kubernetes = "~> 2.10"
    helm       = "~> 2.5"
    vault      = "~> 3.6"  
}

ChangeLog

14/02/23 : PR #475
03/03/23 : PR #481
22/03/23 : PR #489

Current Version Upgrade Status

├── apps-devstg │ ├── global │ │ └── base-identities ✅ (tf > 1.x / tf-aws > 4.x) │ │ └── cli-test-layer ✅ (tf > 1.x / tf-aws > 4.x) │ ├── us-east-1 │ │ ├── backups\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── base-certificates ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── cdn-s3-frontend\ -- ✅ (tf > 1.x / tf-aws = 3.x) │ │ ├── databases-aurora ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── databases-mysql\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── databases-pgsql\ -- │ │ ├── ec2-fleet-ansible\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── k8s-eks │ │ │ ├── cluster ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── identities ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-resources. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-workloads. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ └── network. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ ├── k8s-eks-demoapps │ │ │ ├── cluster ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── identities ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-resources. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-workloads. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ └── network. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ ├── k8s-eks-v1.17 │ │ │ ├── cluster ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── identities ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-resources. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ ├── k8s-workloads. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ │ └── network. ✅ (tf > 1.x / tf-aws > 4.x / tf-k8s > 2.x) │ │ ├── k8s-kind │ │ ├── k8s-kops\ -- │ │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-certs ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-compliance\ -- │ │ ├── security-firewall\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── storage │ │ │ └── s3-bucket-demo-files. ✅ (tf > 1.x / tf-aws > 4.x) │ │ └── tools-cloud-nuke ✅ (tf > 1.x / tf-aws > 4.x) │ └── us-east-2 │ ├── k8s-eks-v.1.17 │ ├── security-compliance\ -- │ └── security-keys ✅ (tf > 1.x / tf-aws > 4.x) | ├── apps-prd │ ├── global │ │ └── base-identities ✅ (tf > 1.x / tf-aws > 4.x) │ └── us-east-1 │ ├── backups\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ ├── cdn-s3-frontend\ -- ✅ (tf > 1.x / tf-aws = 3.x) │ ├── ec2-fleet\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ ├── security-certs ✅ (tf > 1.x/ tf-aws > 4.x) │ ├── security-compliance\ -- │ └── security-keys ✅ (tf > 1.x / tf-aws > 4.x) | ├── management │ ├── global │ │ ├── base-identities ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── cost-mgmt │ │ ├── organizations │ │ └── sso ✅ (tf > 1.x / tf-aws > 4.x) │ ├── us-east-1 │ │ ├── backups │ │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── firewall-manager │ │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-compliance │ │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ │ └── security-monitoring ✅ (tf > 1.x/ tf-aws > 4.x) │ └── us-east-2 │ └── security-monitoring\ -- ✅ (tf > 1.x/ tf-aws > 4.x) | ├── network │ ├── global │ │ └── base-identities ✅ (tf > 1.x / tf-aws > 4.x) │ ├── us-east-1 │ │ ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── network-firewall │ │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-compliance\ -- │ │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ │ └── transit-gateway │ └── us-east-2 │ ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) │ ├── network-firewall │ ├── security-compliance\ -- │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ └── transit-gateway | ├── security │ ├── global │ │ └── base-identities ✅ (tf > 1.x / tf-aws > 4.x) │ ├── us-east-1 │ │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── firewall-manager │ │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── security-compliance\ -- │ │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ │ └── security-monitoring ✅ (tf > 1.x/ tf-aws > 4.x) │ └── us-east-2 │ ├── security-audit │ ├── security-compliance\ -- │ └── security-monitoring\ -- ✅ (tf > 1.x/ tf-aws > 4.x) | └── shared ├── global │ ├── base-dns ✅ (tf > 1.x / tf-aws > 4.x) │ └── base-identities ✅ (tf > 1.x / tf-aws > 4.x) ├── us-east-1 │ ├── backups ✅ (tf > 1.x / tf-aws > 4.x) │ ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) │ ├── base-tf-backend ✅ (tf > 1.x / tf-aws > 4.x) │ ├── container-registry ✅ (tf > 1.3.x / tf-aws > 4.10) │ ├── ec2-fleet\ -- ✅ (tf > 1.x / tf-aws > 4.x) │ ├── ec2-fleet-bastions\ -- │ ├── k8s-eks │ ├── k8s-eks-demoapps │ ├── k8s-eks-prd │ ├── notifications ✅ (tf > 1.x / tf-aws > 4.x) │ ├── secrets-manager\ -- │ ├── security-audit ✅ (tf > 1.x / tf-aws > 4.x) │ ├── security-base ✅ (tf > 1.x / tf-aws > 4.x) │ ├── security-compliance\ -- │ ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) │ ├── storage │ │ ├── backup-gdrive ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── object-file-shares-for-users-list ✅ (tf > 1.x / tf-aws > 4.x) │ │ ├── object-file-shares-for-sftp ✅ (tf > 1.x / tf-aws > 4.x) │ ├── tools-cloud-scheduler-stop-start │ ├── tools-eskibana │ ├── tools-github-selfhosted-runners │ ├── tools-jenkins\ -- │ ├── tools-managedeskibana │ ├── tools-prometheus │ ├── tools-vault │ ├── tools-vpn-server ✅ (tf > 1.x / tf-aws > 4.x) │ └── tools-webhooks\ -- └── us-east-2 ├── base-network ✅ (tf > 1.x / tf-aws > 4.x) ├── container-registry ✅ (tf > 1.3.x / tf-aws > 4.10) ├── security-compliance\ -- ├── security-keys ✅ (tf > 1.x / tf-aws > 4.x) ├── tools-eskibana └── tools-prometheus

Ref Links

https://github.com/tfverch/tfvc
https://github.com/minamijoyo/tfupdate
Info about tfupdate: https://github.com/binbashar/le-tf-infra-aws/issues/370#issuecomment-1279745680
Steps to update le-ref-arch layers: https://github.com/binbashar/le-tf-infra-aws/issues/370#issuecomment-1279746730

Feb 09 '23 12:02 rodriguez-matias

le-tf-infra-aws le-tf-infra-aws copied to clipboard

Enhancement | Check and Update layers to use terraform, modules and provider resources in the latest versions

What?

How?

Why?

Versions to consider for updates:

ChangeLog

Current Version Upgrade Status

Ref Links

le-tf-infra-aws
le-tf-infra-aws copied to clipboard