Skip to content

Commit

Permalink
Bump Terraform azurerm provider version to 4.5.0 (#793)
Browse files Browse the repository at this point in the history 
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
        <h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
            <summary>Update Terraform lock file</summary>
<p>changes detected:&#xA;&#x9;&#34;hashicorp/azurerm&#34; updated from
&#34;3.113.0&#34; to &#34;4.5.0&#34; in file
&#34;.terraform.lock.hcl&#34;</p>
        </details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/490/">Jenkins
pipeline link</a>
    </action>
</Actions>

---

<table>
  <tr>
    <td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
    </td>
    <td>
      <p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
      </p>
      <details><summary>Options:</summary>
        <br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
        <ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
        </ul>
        <p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
        </p>
      </details>
    </td>
  </tr>
</table>

---------

Signed-off-by: Damien Duportal <damien.duportal@gmail.com>
Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
Co-authored-by: Damien Duportal <damien.duportal@gmail.com>
  • Loading branch information
@jenkins-infra-updatecli @jenkins-infra-bot @dduportal
3 people authored Oct 16, 2024
1 parent d8967eb commit 459c627
Show file tree
Hide file tree
Showing 11 changed files with 79 additions and 71 deletions.
32 changes: 16 additions & 16 deletions .terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 6 additions & 4 deletions ci.jenkins.io-kubernetes-agents.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ resource "azurerm_kubernetes_cluster" "cijenkinsio_agents_1" {
kubernetes_version = local.kubernetes_versions["cijenkinsio_agents_1"]
role_based_access_control_enabled = true # default value but made explicit to please trivy

image_cleaner_interval_hours = 48

network_profile {
network_plugin = "azure"
network_plugin_mode = "overlay"
Expand All @@ -54,7 +56,7 @@ resource "azurerm_kubernetes_cluster" "cijenkinsio_agents_1" {
os_disk_size_gb = 150 # Ref. Cache storage size athttps://learn.microsoft.com/fr-fr/azure/virtual-machines/dasv5-dadsv5-series#dadsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["cijenkinsio_agents_1"]
kubelet_disk_type = "OS"
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 2 # for best practises
max_count = 3 # for upgrade
vnet_subnet_id = data.azurerm_subnet.ci_jenkins_io_kubernetes_sponsorship.id
Expand All @@ -78,7 +80,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux_arm64_n2_applications" {
os_disk_size_gb = 150 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["cijenkinsio_agents_1"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.cijenkinsio_agents_1.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 1
max_count = 3 # 2 nodes always up for HA, a 3rd one is allowed for surge upgrades
zones = local.cijenkinsio_agents_1_compute_zones
Expand Down Expand Up @@ -112,7 +114,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux_x86_64_n4_agents_1" {
os_disk_size_gb = 600 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["cijenkinsio_agents_1"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.cijenkinsio_agents_1.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 40 # 3 pods per nodes, max 120 pods - due to quotas
zones = local.cijenkinsio_agents_1_compute_zones
Expand Down Expand Up @@ -146,7 +148,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux_x86_64_n4_bom_1" {
os_disk_size_gb = 600 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["cijenkinsio_agents_1"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.cijenkinsio_agents_1.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 50
zones = local.cijenkinsio_agents_1_compute_zones
Expand Down
16 changes: 8 additions & 8 deletions contributors.jenkins.io.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ resource "azurerm_resource_group" "contributors_jenkins_io" {
}

resource "azurerm_storage_account" "contributors_jenkins_io" {
name = "contributorsjenkinsio"
resource_group_name = azurerm_resource_group.contributors_jenkins_io.name
location = azurerm_resource_group.contributors_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
name = "contributorsjenkinsio"
resource_group_name = azurerm_resource_group.contributors_jenkins_io.name
location = azurerm_resource_group.contributors_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
https_traffic_only_enabled = true
min_tls_version = "TLS1_2"

network_rules {
default_action = "Deny"
Expand Down
16 changes: 8 additions & 8 deletions docs.jenkins.io.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ resource "azurerm_resource_group" "docs_jenkins_io" {
}

resource "azurerm_storage_account" "docs_jenkins_io" {
name = "docsjenkinsio"
resource_group_name = azurerm_resource_group.docs_jenkins_io.name
location = azurerm_resource_group.docs_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
name = "docsjenkinsio"
resource_group_name = azurerm_resource_group.docs_jenkins_io.name
location = azurerm_resource_group.docs_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
https_traffic_only_enabled = true
min_tls_version = "TLS1_2"

network_rules {
default_action = "Deny"
Expand Down
8 changes: 5 additions & 3 deletions infraci.jenkins.io-kubernetes-sponsored-agents.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ resource "azurerm_kubernetes_cluster" "infracijenkinsio_agents_1" {
kubernetes_version = local.kubernetes_versions["infracijenkinsio_agents_1"]
role_based_access_control_enabled = true # default value but made explicit to please trivy

image_cleaner_interval_hours = 48

network_profile {
network_plugin = "azure"
network_plugin_mode = "overlay"
Expand All @@ -53,7 +55,7 @@ resource "azurerm_kubernetes_cluster" "infracijenkinsio_agents_1" {
os_disk_size_gb = 150 # Ref. Cache storage size athttps://learn.microsoft.com/fr-fr/azure/virtual-machines/dasv5-dadsv5-series#dadsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["infracijenkinsio_agents_1"]
kubelet_disk_type = "OS"
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 2 # for best practises
max_count = 3 # for upgrade
vnet_subnet_id = data.azurerm_subnet.infraci_jenkins_io_kubernetes_agent_sponsorship.id
Expand All @@ -78,7 +80,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux_x86_64_agents_1_sponsorsh
os_disk_size_gb = 300 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dasv5-dadsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["infracijenkinsio_agents_1"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.infracijenkinsio_agents_1.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 20
zones = local.infracijenkinsio_agents_1_compute_zones
Expand Down Expand Up @@ -113,7 +115,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux_arm64_agents_1_sponsorshi
os_disk_size_gb = 600 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/sizes/general-purpose/dpdsv5-series?tabs=sizebasic (depends on the instance size)
orchestrator_version = local.kubernetes_versions["infracijenkinsio_agents_1"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.infracijenkinsio_agents_1.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 1 # Azure autoscaler with ARM64 is really slow when starting from zero nodes.
max_count = 20
zones = local.infracijenkinsio_agents_1_compute_zones # need to be on zone 1 for arm availability
Expand Down
14 changes: 8 additions & 6 deletions privatek8s.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ resource "azurerm_kubernetes_cluster" "privatek8s" {
)
}

image_cleaner_interval_hours = 48

network_profile {
network_plugin = "azure"
network_policy = "azure"
Expand All @@ -82,7 +84,7 @@ resource "azurerm_kubernetes_cluster" "privatek8s" {
os_disk_size_gb = 50 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dav4-dasv4-series#dasv4-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["privatek8s"]
kubelet_disk_type = "OS"
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 1
max_count = 3
vnet_subnet_id = data.azurerm_subnet.privatek8s_tier.id
Expand Down Expand Up @@ -111,7 +113,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "linuxpool" {
os_disk_size_gb = 100 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["privatek8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.privatek8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 5
zones = [3]
Expand All @@ -136,7 +138,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "infraci_controller" {
os_disk_size_gb = 150 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dpsv5-dpdsv5-series#dpdsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["privatek8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.privatek8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 1
max_count = 2
zones = [1] # Linux arm64 VMs are only available in the Zone 1 in this region (undocumented by Azure)
Expand Down Expand Up @@ -165,7 +167,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "releaseci_controller" {
os_disk_size_gb = 150 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dpsv5-dpdsv5-series#dpdsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["privatek8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.privatek8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 1
max_count = 2
zones = [1] # Linux arm64 VMs are only available in the Zone 1 in this region (undocumented by Azure)
Expand All @@ -191,7 +193,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "releasepool" {
os_disk_size_gb = 200 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["privatek8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.privatek8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 3
zones = [3]
Expand Down Expand Up @@ -219,7 +221,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "windows2019pool" {
os_type = "Windows"
os_sku = "Windows2019"
kubernetes_cluster_id = azurerm_kubernetes_cluster.privatek8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 3
zones = [3]
Expand Down
10 changes: 5 additions & 5 deletions providers.tf
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# Configure the Microsoft Azure Provider
provider "azurerm" {
subscription_id = "dff2ec18-6a8e-405c-8e45-b7df7465acf0"
skip_provider_registration = "true"
subscription_id = "dff2ec18-6a8e-405c-8e45-b7df7465acf0"
resource_provider_registrations = "none"
features {}
}
provider "azurerm" {
alias = "jenkins-sponsorship"
subscription_id = "1311c09f-aee0-4d6c-99a4-392c2b543204"
skip_provider_registration = "true"
alias = "jenkins-sponsorship"
subscription_id = "1311c09f-aee0-4d6c-99a4-392c2b543204"
resource_provider_registrations = "none"
features {}
}

Expand Down
2 changes: 1 addition & 1 deletion public-redis.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ resource "azurerm_redis_cache" "public_redis" {
capacity = 2
family = "P" # Basic/Standard SKU family
sku_name = "Premium" # A replicated cache in a two node Primary/Secondary configuration managed by Microsoft, with a high availability SLA.
enable_non_ssl_port = true
non_ssl_port_enabled = true
minimum_tls_version = "1.2"
public_network_access_enabled = false

Expand Down
10 changes: 6 additions & 4 deletions publick8s.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,8 @@ resource "azurerm_kubernetes_cluster" "publick8s" {
)
}

image_cleaner_interval_hours = 48

#trivy:ignore:azure-container-configured-network-policy
network_profile {
network_plugin = "kubenet"
Expand Down Expand Up @@ -84,7 +86,7 @@ resource "azurerm_kubernetes_cluster" "publick8s" {
os_disk_type = "Ephemeral"
os_disk_size_gb = 50
orchestrator_version = local.kubernetes_versions["publick8s"]
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 2
max_count = 4
vnet_subnet_id = data.azurerm_subnet.publick8s_tier.id
Expand Down Expand Up @@ -116,7 +118,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "x86small" {
os_disk_size_gb = 100 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dv3-dsv3-series#dsv3-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["publick8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.publick8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 10
zones = local.publick8s_compute_zones
Expand All @@ -139,7 +141,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "arm64small2" {
os_disk_size_gb = 150 # Ref. Cache storage size at https://learn.microsoft.com/en-us/azure/virtual-machines/dpsv5-dpdsv5-series#dpdsv5-series (depends on the instance size)
orchestrator_version = local.kubernetes_versions["publick8s"]
kubernetes_cluster_id = azurerm_kubernetes_cluster.publick8s.id
enable_auto_scaling = true
auto_scaling_enabled = true
min_count = 0
max_count = 10
zones = [1]
Expand Down Expand Up @@ -302,7 +304,7 @@ resource "azurerm_storage_account" "publick8s" {
account_replication_type = "ZRS"
min_tls_version = "TLS1_2" # default value, needed for tfsec
infrastructure_encryption_enabled = true
enable_https_traffic_only = true
https_traffic_only_enabled = true

tags = local.default_tags

Expand Down
16 changes: 8 additions & 8 deletions reports.jenkins.io.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,14 @@ resource "azurerm_resource_group" "prod_reports" {
}

resource "azurerm_storage_account" "prodjenkinsreports" {
name = "prodjenkinsreports"
resource_group_name = azurerm_resource_group.prod_reports.name
location = azurerm_resource_group.prod_reports.location
account_tier = "Standard"
account_replication_type = "GRS"
account_kind = "Storage"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
name = "prodjenkinsreports"
resource_group_name = azurerm_resource_group.prod_reports.name
location = azurerm_resource_group.prod_reports.location
account_tier = "Standard"
account_replication_type = "GRS"
account_kind = "Storage"
https_traffic_only_enabled = true
min_tls_version = "TLS1_2"

custom_domain {
name = "reports.jenkins.io"
Expand Down
16 changes: 8 additions & 8 deletions stats.jenkins.io.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ resource "azurerm_resource_group" "stats_jenkins_io" {
}

resource "azurerm_storage_account" "stats_jenkins_io" {
name = "statsjenkinsio"
resource_group_name = azurerm_resource_group.stats_jenkins_io.name
location = azurerm_resource_group.stats_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
name = "statsjenkinsio"
resource_group_name = azurerm_resource_group.stats_jenkins_io.name
location = azurerm_resource_group.stats_jenkins_io.location
account_tier = "Standard"
account_replication_type = "ZRS"
account_kind = "StorageV2"
https_traffic_only_enabled = true
min_tls_version = "TLS1_2"

network_rules {
default_action = "Deny"
Expand Down

0 comments on commit 459c627

Please sign in to comment.