From 1fab8e7e724dd10d90bb007be1ea8691115a999e Mon Sep 17 00:00:00 2001
From: ankush-sqops <ankush.upadhyay@squareops.com>
Date: Wed, 11 Dec 2024 19:34:27 +0530
Subject: [PATCH] Release 5.2.0 (#61)

* Added custom ami functionality

* Update main.tf
---
 examples/complete/README.md            |  1 +
 examples/complete/main.tf              | 19 ++++++++++---------
 examples/complete/outputs.tf           |  5 +++++
 modules/managed-nodegroup/README.md    |  1 +
 modules/managed-nodegroup/main.tf      |  4 ++--
 modules/managed-nodegroup/variables.tf |  6 ++++++
 6 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/examples/complete/README.md b/examples/complete/README.md
index 99315e7..d9e9aee 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -60,6 +60,7 @@ No inputs.
 | <a name="output_cluster_oidc_issuer_url"></a> [cluster\_oidc\_issuer\_url](#output\_cluster\_oidc\_issuer\_url) | URL of the OpenID Connect identity provider on the EKS cluster. |
 | <a name="output_worker_iam_role_arn"></a> [worker\_iam\_role\_arn](#output\_worker\_iam\_role\_arn) | ARN of the IAM role assigned to the EKS worker nodes. |
 | <a name="output_worker_iam_role_name"></a> [worker\_iam\_role\_name](#output\_worker\_iam\_role\_name) | Name of the IAM role assigned to the EKS worker nodes. |
+| <a name="output_kms_key_arn"></a> [kms\_key\_arn](#output\_kms\_key\_arn) | ARN of the KMS key that is used by the EKS cluster. |
 | <a name="output_kms_policy_arn"></a> [kms\_policy\_arn](#output\_kms\_policy\_arn) | ARN of the KMS policy that is used by the EKS cluster. |
 | <a name="output_managed_ng_node_group_arn"></a> [managed\_ng\_node\_group\_arn](#output\_managed\_ng\_node\_group\_arn) | ARN for the nodegroup |
 | <a name="output_managed_ng_min_node"></a> [managed\_ng\_min\_node](#output\_managed\_ng\_min\_node) | Minimum node of managed node group |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index c7074d9..2d2dc56 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -139,7 +139,7 @@ module "vpc" {
 
 module "eks" {
   source               = "squareops/eks/aws"
-  version              = "5.1.1"
+  version              = "5.2.0"
   access_entry_enabled = true
   access_entries = {
     "example" = {
@@ -186,7 +186,7 @@ module "eks" {
 
 module "managed_node_group_addons" {
   source                        = "squareops/eks/aws//modules/managed-nodegroup"
-  version                       = "5.1.1"
+  version                       = "5.2.0"
   depends_on                    = [module.vpc, module.eks]
   managed_ng_name               = "Infra"
   managed_ng_min_size           = 2
@@ -199,25 +199,26 @@ module "managed_node_group_addons" {
   managed_ng_ebs_volume_size    = local.ebs_volume_size
   managed_ng_ebs_volume_type    = "gp3"
   managed_ng_ebs_encrypted      = true
-  managed_ng_instance_types     = ["t3a.large", "t2.large", "t2.xlarge", "t3.large", "m5.large"]
+  managed_ng_instance_types     = ["t3a.large", "t2.large", "t2.xlarge", "t3.large", "m5.large"] # Pass instance type according to the ami architecture.
   managed_ng_kms_policy_arn     = module.eks.kms_policy_arn
   eks_cluster_name              = module.eks.cluster_name
-  aws_managed_node_group_arch   = local.aws_managed_node_group_arch
   worker_iam_role_name          = module.eks.worker_iam_role_name
   worker_iam_role_arn           = module.eks.worker_iam_role_arn
   eks_nodes_keypair_name        = module.key_pair_eks.key_pair_name
   managed_ng_pod_capacity       = 90
   managed_ng_monitoring_enabled = true
   launch_template_name          = local.launch_template_name
-  enable_bottlerocket_ami       = local.enable_bottlerocket_ami
+  k8s_labels = {
+    "Addons-Services" = "true"
+  }
+  tags                        = local.additional_aws_tags
+  custom_ami_id               = ""           # Optional, if not passed terraform will automatically select the latest supported ami id
+  aws_managed_node_group_arch = local.aws_managed_node_group_arch # optional if "custom_ami_id" is passed
+  enable_bottlerocket_ami     = local.enable_bottlerocket_ami     # Set it to false if using Amazon Linux AMIs
   bottlerocket_node_config = {
     bottlerocket_eks_node_admin_container_enabled = false
     bottlerocket_eks_enable_control_container     = true
   }
-  k8s_labels = {
-    "Addons-Services" = "true"
-  }
-  tags = local.additional_aws_tags
 }
 
 module "fargate_profle" {
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
index b35d39c..96966fc 100644
--- a/examples/complete/outputs.tf
+++ b/examples/complete/outputs.tf
@@ -78,6 +78,11 @@ output "worker_iam_role_name" {
   value       = module.eks.worker_iam_role_name
 }
 
+output "kms_key_arn" {
+  description = "ARN of the KMS key that is used by the EKS cluster."
+  value       = module.kms.key_arn
+}
+
 output "kms_policy_arn" {
   description = "ARN of the KMS policy that is used by the EKS cluster."
   value       = module.eks.kms_policy_arn
diff --git a/modules/managed-nodegroup/README.md b/modules/managed-nodegroup/README.md
index 7a42723..f1d9265 100644
--- a/modules/managed-nodegroup/README.md
+++ b/modules/managed-nodegroup/README.md
@@ -74,6 +74,7 @@ No modules.
 | <a name="input_launch_template_name"></a> [launch\_template\_name](#input\_launch\_template\_name) | The name of the launch template. | `string` | `""` | no |
 | <a name="input_enable_bottlerocket_ami"></a> [enable\_bottlerocket\_ami](#input\_enable\_bottlerocket\_ami) | Set to true to enable the use of Bottlerocket AMIs for instances. | `bool` | `false` | no |
 | <a name="input_bottlerocket_node_config"></a> [bottlerocket\_node\_config](#input\_bottlerocket\_node\_config) | Bottlerocket Node configurations for EKS. | `map(any)` | <pre>{<br>  "bottlerocket_eks_enable_control_container": true,<br>  "bottlerocket_eks_node_admin_container_enabled": false<br>}</pre> | no |
+| <a name="input_custom_ami_id"></a> [custom\_ami\_id](#input\_custom\_ami\_id) | worker node AMI id to be created | `string` | `""` | no |
 
 ## Outputs
 
diff --git a/modules/managed-nodegroup/main.tf b/modules/managed-nodegroup/main.tf
index c67e784..dc0d4fd 100644
--- a/modules/managed-nodegroup/main.tf
+++ b/modules/managed-nodegroup/main.tf
@@ -54,7 +54,7 @@ data "template_file" "launch_template_userdata_bottlerocket" {
 resource "aws_launch_template" "eks_template" {
   name                   = length(var.launch_template_name) > 0 ? var.launch_template_name : local.launch_template_name
   key_name               = var.eks_nodes_keypair_name
-  image_id               = data.aws_ami.launch_template_ami.image_id
+  image_id               = length(var.custom_ami_id) == 0 ? data.aws_ami.launch_template_ami.image_id : var.custom_ami_id
   user_data              = var.enable_bottlerocket_ami ? base64encode(data.template_file.launch_template_userdata_bottlerocket[0].rendered) : base64encode(data.template_file.launch_template_userdata[0].rendered)
   update_default_version = true
   block_device_mappings {
@@ -105,7 +105,7 @@ resource "aws_eks_node_group" "managed_ng" {
   subnet_ids      = var.vpc_subnet_ids
   cluster_name    = var.eks_cluster_name
   node_role_arn   = var.worker_iam_role_arn
-  node_group_name = format("%s-%s-%s", var.environment, var.managed_ng_name, "ng")
+  node_group_name = var.managed_ng_name
   scaling_config {
     desired_size = var.managed_ng_desired_size
     max_size     = var.managed_ng_max_size
diff --git a/modules/managed-nodegroup/variables.tf b/modules/managed-nodegroup/variables.tf
index 528c777..7c8de6f 100644
--- a/modules/managed-nodegroup/variables.tf
+++ b/modules/managed-nodegroup/variables.tf
@@ -198,3 +198,9 @@ variable "bottlerocket_node_config" {
     bottlerocket_eks_enable_control_container     = true  ## For SSM Accesws
   }
 }
+
+variable "custom_ami_id" {
+  type        = string
+  description = "worker node AMI id to be created"
+  default     = ""
+}