print out the kube config file

.gitignore

@@ -1 +1,5 @@
 .idea/*
+target
+terraform/.terraform/*
+terraform/terraform.tfstate*
+terraform/kubeconfig*

Dockerfile

@@ -2,7 +2,7 @@ FROM openjdk:8-jre-alpine
 
 EXPOSE 8080
 
-COPY ./target/java-maven-app-1.0-SNAPSHOT.jar /usr/app/
+COPY ./target/java-maven-app-*.jar /usr/app/
 WORKDIR /usr/app
 
-ENTRYPOINT ["java", "-jar", "java-maven-app-1.0-SNAPSHOT.jar"]
+CMD java -jar java-maven-app-*.jar

Jenkinsfile

@@ -1,77 +1,101 @@
 #!/usr/bin/env groovy
 
-library identifier: 'jenkins-shared-library@master', retriever: modernSCM(
-    [$class: 'GitSCMSource',
-     remote: 'https://gitlab.com/nanuchi/jenkins-shared-library.git',
-     credentialsId: 'gitlab-credentials'
-    ]
-)
-
 pipeline {
     agent any
     tools {
         maven 'Maven'
     }
     environment {
-        IMAGE_NAME = 'nanajanashia/demo-app:java-maven-2.0'
+        AWS_ACCESS_KEY_ID = credentials('jenkins_aws_access_key_id')
+        AWS_SECRET_ACCESS_KEY = credentials('jenkins_aws_secret_access_key')
     }
     stages {
+        stage('provision cluster') {
+            environment {
+                TF_VAR_env_prefix = "test"
+                TF_VAR_k8s_version = "1.18"
+            }
+            steps {
+                script {
+                    dir('terraform') {
+                        echo "creating ECR repository and EKS cluster"
+                        sh "terraform init"
+                        sh "terraform apply --auto-approve"
+                        env.DOCKER_REPO_URL = sh(
+                            script: "terraform output repo_url",
+                            returnStdout: true
+                        ).trim()
+                        env.K8S_CLUSTER_URL = sh(
+                            script: "terraform output cluster_url",
+                            returnStdout: true
+                        ).trim()
+                        env.REPO_USER = sh(
+                            script: "terraform output ecr_user_name",
+                            returnStdout: true
+                        ).trim()
+                        env.REPO_PWD = sh(
+                            script: "terraform output ecr_user_password",
+                            returnStdout: true
+                        ).trim()
+                    }
+                    env.KUBECONFIG="terraform/kubeconfig.yaml"
+                    sh "kubectl get node"
+                }
+            }
+        }
+        stage('increment version') {
+            steps {
+                script {
+                    echo 'incrementing app version...'
+                    sh 'mvn build-helper:parse-version versions:set \
+                        -DnewVersion=\\\${parsedVersion.majorVersion}.\\\${parsedVersion.minorVersion}.\\\${parsedVersion.nextIncrementalVersion} \
+                        versions:commit'
+                    def matcher = readFile('pom.xml') =~ '<version>(.+)</version>'
+                    def version = matcher[0][1]
+                    env.IMAGE_NAME = "$version-$BUILD_NUMBER"
+                }
+            }
+        }
         stage('build app') {
             steps {
                script {
-                  echo 'building application jar...'
+                   echo "building the application..."
-                  buildJar()
+                   sh 'mvn clean package'
                }
             }
         }
         stage('build image') {
             steps {
                 script {
-                   echo 'building docker image...'
+                    echo "building the docker image..."
-                   buildImage(env.IMAGE_NAME)
+                    sh "docker build -t ${DOCKER_REPO_URL}:${IMAGE_NAME} ."
-                   dockerLogin()
+                    sh "echo ${REPO_PWD} | docker login -u ${REPO_USER} --password-stdin ${DOCKER_REPO_URL}"
-                   dockerPush(env.IMAGE_NAME)
+                    sh "docker push ${DOCKER_REPO_URL}:${IMAGE_NAME}"
-                }
-            }
-        }
-        stage('provision server') {
-            environment {
-                AWS_ACCESS_KEY_ID = credentials('jenkins_aws_access_key_id')
-                AWS_SECRET_ACCESS_KEY = credentials('jenkins_aws_secret_access_key')
-                TF_VAR_env_prefix = 'test'
-            }
-            steps {
-                script {
-                    dir('terraform') {
-                        sh "terraform init"
-                        sh "terraform apply --auto-approve"
-                        EC2_PUBLIC_IP = sh(
-                            script: "terraform output ec2_public_ip",
-                            returnStdout: true
-                        ).trim()
-                    }
                 }
             }
         }
         stage('deploy') {
             environment {
-                DOCKER_CREDS = credentials('docker-hub-repo')
+                APP_NAME = 'java-maven-app'
             }
             steps {
                 script {
-                   echo "waiting for EC2 server to initialize" 
+                    echo 'deploying docker image...'
-                   sleep(time: 90, unit: "SECONDS") 
+                    sh 'envsubst < kubernetes/deployment.yaml | kubectl apply -f -'
-
+                    sh 'envsubst < kubernetes/service.yaml | kubectl apply -f -'
-                   echo 'deploying docker image to EC2...'
+                }
-                   echo "${EC2_PUBLIC_IP}"
+            }
-
+        }
-                   def shellCmd = "bash ./server-cmds.sh ${IMAGE_NAME} ${DOCKER_CREDS_USR} ${DOCKER_CREDS_PSW}"
+        stage('commit version update') {
-                   def ec2Instance = "ec2-user@${EC2_PUBLIC_IP}"
+            steps {
-
+                script {
-                   sshagent(['server-ssh-key']) {
+                    withCredentials([usernamePassword(credentialsId: 'gitlab-credentials', passwordVariable: 'PASS', usernameVariable: 'USER')]) {
-                       sh "scp -o StrictHostKeyChecking=no server-cmds.sh ${ec2Instance}:/home/ec2-user"
+                        sh 'git config user.email "jenkins@example.com"'
-                       sh "scp -o StrictHostKeyChecking=no docker-compose.yaml ${ec2Instance}:/home/ec2-user"
+                        sh 'git config user.name "Jenkins"'
-                       sh "ssh -o StrictHostKeyChecking=no ${ec2Instance} ${shellCmd}"
+                        sh "git remote set-url origin https://${USER}:${PASS}@gitlab.com/nanuchi/java-maven-app.git"
+                        sh 'git add .'
+                        sh 'git commit -m "ci: version bump"'
+                        sh "git push origin HEAD:${BRANCH_NAME}"
                     }
                 }
             }

docker-compose.yaml

@@ -1,12 +0,0 @@
-version: '3.8'
-services:
-    java-maven-app:
-      image: ${IMAGE}
-      ports:
-        - 8080:8080
-    postgres:
-      image: postgres:13
-      ports:
-        - 5432:5432
-      environment:
-        - POSTGRES_PASSWORD=my-pwd

kubernetes/deployment.yaml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $APP_NAME
+  labels:
+    app: $APP_NAME
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: $APP_NAME
+  template:
+    metadata:
+      labels:
+        app: $APP_NAME
+    spec:
+      imagePullSecrets:
+        - name: aws-registry-key
+      containers:
+        - name: $APP_NAME
+          image: $DOCKER_REPO:$IMAGE_NAME
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8080

kubernetes/service.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: $APP_NAME
+spec:
+  selector:
+    app: $APP_NAME
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.example</groupId>
     <artifactId>java-maven-app</artifactId>
-    <version>1.0-SNAPSHOT</version>
+    <version>1.1.7</version>
 
     <build>
         <plugins>

server-cmds.sh

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-export IMAGE=$1
-export DOCKER_USER=$2
-export DOCKER_PWD=$3
-echo $DOCKER_PWD | docker login -u $DOCKER_USER --password-stdin
-docker-compose -f docker-compose.yaml up --detach
-echo "success"

target/maven-archiver/pom.properties

@@ -1,5 +1,5 @@
 #Generated by Maven
-#Thu Oct 29 12:55:55 CET 2020
+#Sun Dec 20 16:52:05 UTC 2020
-version=1.0-SNAPSHOT
+version=1.1.7
 groupId=com.example
 artifactId=java-maven-app

target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst

@@ -1 +0,0 @@
-com/example/Application.class

target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst

@@ -1 +0,0 @@
-/Users/nanajanashia/Demo-projects/Bootcamp/java-maven-app/src/main/java/com/example/Application.java

target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst

@@ -1 +0,0 @@
-AppTest.class

target/surefire-reports/AppTest.txt

@@ -1,4 +1,4 @@
 -------------------------------------------------------------------------------
 Test set: AppTest
 -------------------------------------------------------------------------------
-Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.061 sec
+Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.07 sec

target/surefire-reports/TEST-AppTest.xml

@@ -1,69 +1,64 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<testsuite tests="1" failures="0" name="AppTest" time="0.003" errors="0" skipped="0">
+<testsuite tests="1" failures="0" name="AppTest" time="0.005" errors="0" skipped="0">
   <properties>
-    <property name="java.runtime.name" value="Java(TM) SE Runtime Environment"/>
+    <property name="java.runtime.name" value="OpenJDK Runtime Environment"/>
-    <property name="sun.boot.library.path" value="/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib"/>
+    <property name="sun.boot.library.path" value="/usr/local/openjdk-8/jre/lib/amd64"/>
-    <property name="java.vm.version" value="25.202-b08"/>
+    <property name="java.vm.version" value="25.242-b08"/>
-    <property name="user.country.format" value="AT"/>
-    <property name="gopherProxySet" value="false"/>
     <property name="java.vm.vendor" value="Oracle Corporation"/>
-    <property name="maven.multiModuleProjectDirectory" value="/Users/nanajanashia/Demo-projects/Bootcamp/java-maven-app"/>
+    <property name="maven.multiModuleProjectDirectory" value="/var/jenkins_home/workspace/va-maven-app_feature_eks-tf-prep"/>
     <property name="java.vendor.url" value="http://java.oracle.com/"/>
     <property name="path.separator" value=":"/>
     <property name="guice.disable.misplaced.annotation.check" value="true"/>
-    <property name="java.vm.name" value="Java HotSpot(TM) 64-Bit Server VM"/>
+    <property name="java.vm.name" value="OpenJDK 64-Bit Server VM"/>
     <property name="file.encoding.pkg" value="sun.io"/>
-    <property name="user.country" value="GB"/>
     <property name="sun.java.launcher" value="SUN_STANDARD"/>
     <property name="sun.os.patch.level" value="unknown"/>
     <property name="java.vm.specification.name" value="Java Virtual Machine Specification"/>
-    <property name="user.dir" value="/Users/nanajanashia/Demo-projects/Bootcamp/java-maven-app"/>
+    <property name="user.dir" value="/var/jenkins_home/workspace/va-maven-app_feature_eks-tf-prep"/>
-    <property name="java.runtime.version" value="1.8.0_202-b08"/>
+    <property name="java.runtime.version" value="1.8.0_242-b08"/>
-    <property name="java.awt.graphicsenv" value="sun.awt.CGraphicsEnvironment"/>
+    <property name="java.awt.graphicsenv" value="sun.awt.X11GraphicsEnvironment"/>
-    <property name="java.endorsed.dirs" value="/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/endorsed"/>
+    <property name="java.endorsed.dirs" value="/usr/local/openjdk-8/jre/lib/endorsed"/>
-    <property name="os.arch" value="x86_64"/>
+    <property name="os.arch" value="amd64"/>
-    <property name="java.io.tmpdir" value="/var/folders/y3/bvgmrxg950x0f1z4zt3pby3c0000gn/T/"/>
+    <property name="java.io.tmpdir" value="/tmp"/>
     <property name="line.separator" value="
 "/>
     <property name="java.vm.specification.vendor" value="Oracle Corporation"/>
-    <property name="os.name" value="Mac OS X"/>
+    <property name="os.name" value="Linux"/>
-    <property name="classworlds.conf" value="/usr/local/Cellar/maven/3.6.0/libexec/bin/m2.conf"/>
+    <property name="classworlds.conf" value="/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/Maven/bin/m2.conf"/>
     <property name="sun.jnu.encoding" value="UTF-8"/>
-    <property name="java.library.path" value="/Users/nanajanashia/Library/Java/Extensions:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java:."/>
+    <property name="java.library.path" value="/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib"/>
-    <property name="maven.conf" value="/usr/local/Cellar/maven/3.6.0/libexec/conf"/>
+    <property name="maven.conf" value="/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/Maven/conf"/>
     <property name="java.specification.name" value="Java Platform API Specification"/>
     <property name="java.class.version" value="52.0"/>
     <property name="sun.management.compiler" value="HotSpot 64-Bit Tiered Compilers"/>
-    <property name="os.version" value="10.14.6"/>
+    <property name="os.version" value="5.4.0-51-generic"/>
-    <property name="library.jansi.path" value="/usr/local/Cellar/maven/3.6.0/libexec/lib/jansi-native"/>
+    <property name="library.jansi.path" value="/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/Maven/lib/jansi-native"/>
-    <property name="http.nonProxyHosts" value="local|*.local|169.254/16|*.169.254/16"/>
+    <property name="user.home" value="/var/jenkins_home"/>
-    <property name="user.home" value="/Users/nanajanashia"/>
+    <property name="user.timezone" value="Etc/UTC"/>
-    <property name="user.timezone" value="Europe/Vienna"/>
+    <property name="java.awt.printerjob" value="sun.print.PSPrinterJob"/>
-    <property name="java.awt.printerjob" value="sun.lwawt.macosx.CPrinterJob"/>
     <property name="java.specification.version" value="1.8"/>
     <property name="file.encoding" value="UTF-8"/>
-    <property name="user.name" value="nanajanashia"/>
+    <property name="user.name" value="jenkins"/>
-    <property name="java.class.path" value="/usr/local/Cellar/maven/3.6.0/libexec/boot/plexus-classworlds-2.5.2.jar"/>
+    <property name="java.class.path" value="/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/Maven/boot/plexus-classworlds-2.6.0.jar"/>
     <property name="java.vm.specification.version" value="1.8"/>
     <property name="sun.arch.data.model" value="64"/>
-    <property name="java.home" value="/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre"/>
+    <property name="java.home" value="/usr/local/openjdk-8/jre"/>
-    <property name="sun.java.command" value="org.codehaus.plexus.classworlds.launcher.Launcher test"/>
+    <property name="sun.java.command" value="org.codehaus.plexus.classworlds.launcher.Launcher clean package"/>
     <property name="java.specification.vendor" value="Oracle Corporation"/>
     <property name="user.language" value="en"/>
-    <property name="awt.toolkit" value="sun.lwawt.macosx.LWCToolkit"/>
+    <property name="awt.toolkit" value="sun.awt.X11.XToolkit"/>
     <property name="java.vm.info" value="mixed mode"/>
-    <property name="java.version" value="1.8.0_202"/>
+    <property name="java.version" value="1.8.0_242"/>
-    <property name="java.ext.dirs" value="/Users/nanajanashia/Library/Java/Extensions:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/ext:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java"/>
+    <property name="java.ext.dirs" value="/usr/local/openjdk-8/jre/lib/ext:/usr/java/packages/lib/ext"/>
-    <property name="sun.boot.class.path" value="/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/resources.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/rt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/sunrsasign.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/jsse.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/jce.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/charsets.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/lib/jfr.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_202.jdk/Contents/Home/jre/classes"/>
+    <property name="securerandom.source" value="file:/dev/./urandom"/>
+    <property name="sun.boot.class.path" value="/usr/local/openjdk-8/jre/lib/resources.jar:/usr/local/openjdk-8/jre/lib/rt.jar:/usr/local/openjdk-8/jre/lib/sunrsasign.jar:/usr/local/openjdk-8/jre/lib/jsse.jar:/usr/local/openjdk-8/jre/lib/jce.jar:/usr/local/openjdk-8/jre/lib/charsets.jar:/usr/local/openjdk-8/jre/lib/jfr.jar:/usr/local/openjdk-8/jre/classes"/>
     <property name="java.vendor" value="Oracle Corporation"/>
-    <property name="maven.home" value="/usr/local/Cellar/maven/3.6.0/libexec"/>
+    <property name="maven.home" value="/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/Maven"/>
     <property name="file.separator" value="/"/>
     <property name="java.vendor.url.bug" value="http://bugreport.sun.com/bugreport/"/>
     <property name="sun.cpu.endian" value="little"/>
-    <property name="sun.io.unicode.encoding" value="UnicodeBig"/>
+    <property name="sun.io.unicode.encoding" value="UnicodeLittle"/>
-    <property name="socksNonProxyHosts" value="local|*.local|169.254/16|*.169.254/16"/>
-    <property name="ftp.nonProxyHosts" value="local|*.local|169.254/16|*.169.254/16"/>
     <property name="sun.cpu.isalist" value=""/>
   </properties>
-  <testcase classname="AppTest" name="testApp" time="0.003"/>
+  <testcase classname="AppTest" name="testApp" time="0.005"/>
 </testsuite>

terraform/.terraform.lock.hcl

@@ -3,7 +3,9 @@
 
 provider "registry.terraform.io/hashicorp/aws" {
   version     = "3.22.0"
+  constraints = ">= 2.68.0, >= 3.3.0"
   hashes = [
+    "h1:8aWXjFcmEi64P0TMHOCQXWws+/SmvJQrNvHlzdktKOM=",
     "h1:f/Tz8zv1Zb78ZaiyJkQ0MGIViZwbYrLuQk3kojPM91c=",
     "zh:4a9a66caf1964cdd3b61fb3ebb0da417195a5529cb8e496f266b0778335d11c8",
     "zh:514f2f006ae68db715d86781673faf9483292deab235c7402ff306e0e92ea11a",
@@ -17,3 +19,98 @@ provider "registry.terraform.io/hashicorp/aws" {
     "zh:eda61e889b579bd90046939a5b40cf5dc9031fb5a819fc3e4667a78bd432bdb2",
   ]
 }
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+  version     = "1.13.3"
+  constraints = ">= 1.11.1"
+  hashes = [
+    "h1:iV0RArGM0KJ3n0ctwpNzcTkTAnx5G4wV3V3kYkRpJXU=",
+    "h1:whoGs/NeucMF8U/urPaeXdQUb+ppaO1Ae4r5aJRhfrU=",
+    "zh:11fd58df9c297a4f3cab82ce8eb2f54f1be27f78fa23be2273ecd545ab254b91",
+    "zh:5b9e6f352c5666d791e2658a1d18bf0990f3ab70c99c916c393a2ee7f385364c",
+    "zh:5c94f1350471a5c8e8ee6675874608c506a0bfd3164bdd91b802842723547e2c",
+    "zh:5d9c5c44dba9addbb86491339012096e74778bb4ea93b70f12333bffba3d05e6",
+    "zh:6336f9cbb0b580f247cebb97fb7d4cc5e7fe9cc734d8d958d84c4ea3f1e24041",
+    "zh:bca3b9d4dcbe6f804f5611a83add371dc03b5aa92271f60ebdc2216bfedfab28",
+    "zh:cbcdc87a593090f490f7899f4f2d302e0c7023155591fcf65e6fadd69f5452f0",
+    "zh:ec2886a1adbfe3c861b2deb9446369111b9c6116701ae73ef372dc7df5bb3c9e",
+    "zh:edb5b4172610672bb4d7425511961fda2047b8a00675b99ae6887cd2ece4bda9",
+    "zh:ff7ea7743246181ea739643d7751c37041c4016eb6bbc39beb1e3b4e99629112",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/local" {
+  version     = "2.0.0"
+  constraints = ">= 1.4.0"
+  hashes = [
+    "h1:EC6eh7avwx1rF56h3RZcxgEp/14ihi7Sk/4J3Hn4nIE=",
+    "h1:pO1ANXtOCRfecKsY9Hn4UsXoPBLv6LFiDIEiS1MZ09E=",
+    "zh:34ce8b79493ace8333d094752b579ccc907fa9392a2c1d6933a6c95d0786d3f1",
+    "zh:5c5a19c4f614a4ffb68bae0b0563f3860115cf7539b8adc21108324cfdc10092",
+    "zh:67ddb1ca2cd3e1a8f948302597ceb967f19d2eeb2d125303493667388fe6330e",
+    "zh:68e6b16f3a8e180fcba1a99754118deb2d82331b51f6cca39f04518339bfdfa6",
+    "zh:8393a12eb11598b2799d51c9b0a922a3d9fadda5a626b94a1b4914086d53120e",
+    "zh:90daea4b2010a86f2aca1e3a9590e0b3ddcab229c2bd3685fae76a832e9e836f",
+    "zh:99308edc734a0ac9149b44f8e316ca879b2670a1cae387a8ae754c180b57cdb4",
+    "zh:c76594db07a9d1a73372a073888b672df64adb455d483c2426cc220eda7e092e",
+    "zh:dc09c1fb36c6a706bdac96cce338952888c8423978426a09f5df93031aa88b84",
+    "zh:deda88134e9780319e8de91b3745520be48ead6ec38cb662694d09185c3dac70",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version     = "3.0.0"
+  constraints = ">= 2.1.0"
+  hashes = [
+    "h1:V1tzrSG6t3e7zWvUwRbGbhsWU2Jd/anrJpOl9XM+R/8=",
+    "h1:ysHGBhBNkIiJLEpthB/IVCLpA1Qoncp3KbCTFGFZTO0=",
+    "zh:05fb7eab469324c97e9b73a61d2ece6f91de4e9b493e573bfeda0f2077bc3a4c",
+    "zh:1688aa91885a395c4ae67636d411475d0b831e422e005dcf02eedacaafac3bb4",
+    "zh:24a0b1292e3a474f57c483a7a4512d797e041bc9c2fbaac42fe12e86a7fb5a3c",
+    "zh:2fc951bd0d1b9b23427acc93be09b6909d72871e464088171da60fbee4fdde03",
+    "zh:6db825759425599a326385a68acc6be2d9ba0d7d6ef587191d0cdc6daef9ac63",
+    "zh:85985763d02618993c32c294072cc6ec51f1692b803cb506fcfedca9d40eaec9",
+    "zh:a53186599c57058be1509f904da512342cfdc5d808efdaf02dec15f0f3cb039a",
+    "zh:c2e07b49b6efa676bdc7b00c06333ea1792a983a5720f9e2233db27323d2707c",
+    "zh:cdc8fe1096103cf5374751e2e8408ec4abd2eb67d5a1c5151fe2c7ecfd525bef",
+    "zh:dbdef21df0c012b0d08776f3d4f34eb0f2f229adfde07ff252a119e52c0f65b7",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/random" {
+  version     = "3.0.0"
+  constraints = ">= 2.1.0"
+  hashes = [
+    "h1:grDzxfnOdFXi90FRIIwP/ZrCzirJ/SfsGBe6cE0Shg4=",
+    "h1:yhHJpb4IfQQfuio7qjUXuUFTU/s+ensuEpm23A+VWz0=",
+    "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b",
+    "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17",
+    "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc",
+    "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2",
+    "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b",
+    "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51",
+    "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc",
+    "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd",
+    "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578",
+    "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = ">= 2.1.0"
+  hashes = [
+    "h1:0wlehNaxBX7GJQnPfQwTNvvAf38Jm0Nv7ssKGMaG6Og=",
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}

terraform/ecr-repo.tf

@@ -0,0 +1,11 @@
+resource "aws_ecr_repository" "myapp-repo" {
+  name = "myapp"
+
+  # defaults
+  image_tag_mutability = "MUTABLE"  
+  image_scanning_configuration {
+    scan_on_push = true
+  }
+}
+
+data "aws_ecr_authorization_token" "token" {}

terraform/eks-cluster.tf

@@ -0,0 +1,57 @@
+terraform {
+  backend "s3" {
+    bucket = "myapp-cluster-bucket-new"
+    key = "myapp/state.tfstate"
+    region = "eu-west-3"
+  }
+}
+
+provider "kubernetes" {
+    load_config_file = "false"
+    host = data.aws_eks_cluster.myapp-cluster.endpoint
+    token = data.aws_eks_cluster_auth.myapp-cluster.token
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.myapp-cluster.certificate_authority.0.data)
+}
+
+data "aws_eks_cluster" "myapp-cluster" {
+    name = module.eks.cluster_id
+}
+
+data "aws_eks_cluster_auth" "myapp-cluster" {
+    name = module.eks.cluster_id
+}
+
+module "eks" {
+    source = "terraform-aws-modules/eks/aws"
+    version = "13.2.1"
+    
+    cluster_name = var.cluster_name
+    cluster_version = var.k8s_version
+
+    subnets = module.myapp-vpc.private_subnets
+    vpc_id = module.myapp-vpc.vpc_id
+
+    tags = {
+        environment = var.env_prefix
+        application = "myapp"
+    }
+    
+    worker_groups = [
+        {
+            instance_type = "t2.small"
+            name = "worker-group-1"
+            asg_desired_capacity = 2
+        },
+        {
+            instance_type = "t2.medium"
+            name = "worker-group-2"
+            asg_desired_capacity = 1
+        }
+    ]
+}
+
+resource "local_file" "kube_config_file" {
+    content  = module.eks.kubeconfig
+    filename = "kubeconfig.yaml"
+    file_permission = "400"
+}

terraform/entry-script.sh

@@ -1,8 +0,0 @@
-#!/bin/bash
-sudo yum update -y && sudo yum install -y docker
-sudo systemctl start docker 
-sudo usermod -aG docker ec2-user
-
-# install docker-compose 
-sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
-sudo chmod +x /usr/local/bin/docker-compose

terraform/main.tf

@@ -1,112 +0,0 @@
-terraform {
-    required_version = ">= 0.12"
-    backend "s3" {
-        bucket = "myapp-bucket"
-        key = "myapp/state.tfstate"
-        region = "eu-west-3"
-    }
-}
-
-provider "aws" {
-    region = var.region
-}
-
-resource "aws_vpc" "myapp-vpc" {
-    cidr_block = var.vpc_cidr_block
-    tags = {
-        Name: "${var.env_prefix}-vpc"
-    }
-}
-
-resource "aws_subnet" "myapp-subnet-1" {
-    vpc_id = aws_vpc.myapp-vpc.id
-    cidr_block = var.subnet_cidr_block
-    availability_zone = var.avail_zone
-    tags = {
-        Name: "${var.env_prefix}-subnet-1"
-    }
-}
-
-resource "aws_internet_gateway" "myapp-igw" {
-    vpc_id = aws_vpc.myapp-vpc.id
-    tags = {
-        Name: "${var.env_prefix}-igw"
-    }
-}
-
-resource "aws_default_route_table" "main-rtb" {
-    default_route_table_id = aws_vpc.myapp-vpc.default_route_table_id
-
-    route {
-        cidr_block = "0.0.0.0/0"
-        gateway_id = aws_internet_gateway.myapp-igw.id
-    }
-    tags = {
-        Name: "${var.env_prefix}-main-rtb"
-    }
-}
-
-resource "aws_default_security_group" "default-sg" {
-    vpc_id = aws_vpc.myapp-vpc.id
-
-    ingress {
-        from_port = 22
-        to_port = 22
-        protocol = "tcp"
-        cidr_blocks = [var.my_ip, var.jenkins_ip]
-    }
-
-    ingress {
-        from_port = 8080
-        to_port = 8080
-        protocol = "tcp"
-        cidr_blocks = ["0.0.0.0/0"]
-    }
-
-    egress {
-        from_port = 0
-        to_port = 0
-        protocol = "-1"
-        cidr_blocks = ["0.0.0.0/0"]
-        prefix_list_ids = []
-    }
-
-    tags = {
-        Name: "${var.env_prefix}-default-sg"
-    }
-}
-
-data "aws_ami" "latest-amazon-linux-image" {
-    most_recent = true
-    owners = ["amazon"]
-    filter {
-        name = "name"
-        values = ["amzn2-ami-hvm-*-x86_64-gp2"]
-    }
-    filter {
-        name = "virtualization-type"
-        values = ["hvm"]
-    }
-}
-
-resource "aws_instance" "myapp-server" {
-    ami = data.aws_ami.latest-amazon-linux-image.id
-    instance_type = var.instance_type
-
-    subnet_id = aws_subnet.myapp-subnet-1.id
-    vpc_security_group_ids = [aws_default_security_group.default-sg.id]
-    availability_zone = var.avail_zone
-
-    associate_public_ip_address = true
-    key_name = "myapp-key-pair"
-
-    user_data = file("entry-script.sh")
-
-    tags = {
-        Name = "${var.env_prefix}-server"
-    }
-}
-
-output "ec2_public_ip" {
-    value = aws_instance.myapp-server.public_ip
-}

terraform/outputs.tf

@@ -0,0 +1,20 @@
+output repo_url  {
+  value = aws_ecr_repository.myapp-repo.repository_url
+}
+
+output cluster_url {
+  value = module.eks.cluster_endpoint
+}
+
+output kubeconfig {
+  value = module.eks.kubeconfig
+}
+
+output ecr_user_name {
+  value = data.aws_ecr_authorization_token.token.user_name
+}
+
+output ecr_user_password {
+  value = data.aws_ecr_authorization_token.token.password
+  sensitive = true
+}

terraform/variables.tf

@@ -1,24 +1,27 @@
-variable vpc_cidr_block {
-    default = "10.0.0.0/16"
-}
-variable subnet_cidr_block {
-    default = "10.0.10.0/24"
-}
-variable avail_zone {
-    default = "eu-west-3a"
-}
 variable env_prefix {
   default = "dev"
 }
-variable my_ip {
+
-    default = "212.124.154.110/32"
-}
-variable jenkins_ip {
-    default = "139.59.140.177/32"
-}
-variable instance_type {
-    default = "t2.micro"
-}
 variable region {
   default = "eu-west-3"
 }
+
+variable vpc_cidr_block {
+  default = "10.0.0.0/16"
+}
+
+variable private_subnet_cidr_blocks {
+  default = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
+}
+
+variable public_subnet_cidr_blocks {
+  default = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
+}
+
+variable k8s_version {
+  default = "1.17"
+}
+
+variable cluster_name {
+  default = "myapp-eks-cluster"
+}

terraform/versions.tf

@@ -0,0 +1,19 @@
+terraform {
+  // pull latest version because of bug on destroy - aws_auth can't get removed  
+  //required_version = ">= 0.12"
+  /*required_providers {
+    random = "~> 2.1"
+    local = "~> 1.2"
+    null = "~> 2.1"
+    template = "~> 2.1"
+    kubernetes = "~> 1.13"
+  }*/
+}
+
+/*
+** Defining provider versions inside provider block deprecated in Terraform 0.13 and above  
+**
+provider "random" {
+  version = "~> 2.1"
+}
+*/

terraform/vpc.tf

@@ -0,0 +1,35 @@
+provider "aws" {
+    region = var.region
+}
+
+data "aws_availability_zones" "available" {}
+
+module "myapp-vpc" {
+    source = "terraform-aws-modules/vpc/aws"
+    version = "2.64.0"
+
+    name = "myapp-vpc"
+    cidr = var.vpc_cidr_block
+    private_subnets = var.private_subnet_cidr_blocks
+    public_subnets = var.public_subnet_cidr_blocks
+    azs = data.aws_availability_zones.available.names 
+    
+    enable_nat_gateway = true
+    single_nat_gateway = true
+    enable_dns_hostnames = true
+
+    tags = {
+        "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+    }
+
+    public_subnet_tags = {
+        "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+        "kubernetes.io/role/elb" = 1 
+    }
+
+    private_subnet_tags = {
+        "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+        "kubernetes.io/role/internal-elb" = 1
+    }
+
+}