forked from Azure-Terraform/terraform-helm-linkerd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
executable file
·123 lines (105 loc) · 3.94 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# ---------------------------------------------------------------------------------------------------------------------
# required variables used for deployment of linkerd in K8s
# ---------------------------------------------------------------------------------------------------------------------
variable "AWS_PROFILE" {
type=string
}
variable "chart_repository" {
description = "Helm chart repository"
type = string
default = "https://helm.linkerd.io/stable"
}
variable "chart_version" {
description = "Helm chart version"
type = string
default = "2.11.1"
}
variable "trust_anchor_validity_hours" {
description = "Number of hours for which the trust anchor certification is valid"
type = number
default = 17520 # 2 years
}
variable "issuer_validity_hours" {
description = "Number of hours for which the issuer certification is valid (must be shorter than the trust anchor)"
type = number
default = 8760 # 1 year
}
variable "ca_cert_expiration_hours" {
description = "Number of hours added to installation time to calculate trust anchor certification expiration date"
type = number
default = 8760 # 1 year
}
variable "namespaces" {
description = "Namespaces for linkerd and optional extensions"
type = set(string)
default = ["linkerd", "linkerd-viz"]
validation {
condition = alltrue(
flatten([
contains(var.namespaces, "linkerd"),
[for n in var.namespaces : contains(["linkerd", "linkerd-viz", "linkerd-jaeger"], n)]
])
)
error_message = "'namespaces' must contain 'linkerd' and none, any, or all of the following: ['linkerd-viz', 'linkerd-jaeger']."
}
}
# ---------------------------------------------------------------------------------------------------------------------
# optional variable used for additional customization of the helm chart values
# ---------------------------------------------------------------------------------------------------------------------
variable "additional_yaml_config" {
description = "used for additional customization of the linkerd helm chart values"
type = string
default = ""
}
variable "viz_additional_yaml_config" {
description = "used for additional customization of the linkerd-viz helm chart values"
type = string
default = ""
}
variable "jaeger_additional_yaml_config" {
description = "used for additional customization of the linkerd-jaeger helm chart values"
type = string
default = ""
}
variable "certificate_controlplane_duration" {
description = "Number of hours for controlplane certification expiration"
type = string
default = "1440h"
}
variable "certificate_controlplane_renewbefore" {
description = "Number of hours before the control plane certification expiration to request for certificate renewal"
type = string
default = "48h"
}
variable "certificate_webhook_duration" {
description = "Number of hours for webhook certification expiration"
type = string
default = "1440h"
}
variable "certificate_webhook_renewbefore" {
description = "Number of hours before the webhook certification expiration to request for certificate renewal"
type = string
default = "48h"
}
variable "linkerd_helm_install_timeout_secs" {
description = "The number of seconds to wait for the linkerd chart to be deployed. the default is 900 (15 minutes)"
type = string
default = "600"
}
variable "clientID" {
description = "oAuth2 clientID ( set in terraform.tfvars )"
type = string
default = ""
}
variable "clientSecret" {
description = "oAuth2 clientSecret ( set in terraform.tfvars )"
type = string
default = ""
}
variable "cookieSecret" {
description = "oAuth2 cookieSecret (set in terraform.tfvars)"
# Create a new cookieSecret with the following command
# python3 -c 'import os,base64; a = base64.b64encode(os.urandom(16)); print(F"the: {a}")'
type = string
default = ""
}