removed duplicate rules

DFE-Digital · Feb 29, 2024 · c000ea2 · c000ea2
1 parent 9808318
commit c000ea2
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 59 deletions.
diff --git a/cluster/terraform_kubernetes/kube_state_metrics.tf b/cluster/terraform_kubernetes/kube_state_metrics.tf
@@ -3,7 +3,7 @@
 resource "kubernetes_service_account" "kube_state_metrics" {
   metadata {
     name      = "kube-state-metrics"
-    namespace = "monitoring"
+    namespace = kubernetes_namespace.default_list["monitoring"].metadata[0].name
     labels = {
       "app.kubernetes.io/component" = "exporter"
       "app.kubernetes.io/name"      = "kube-state-metrics"
@@ -22,60 +22,8 @@ resource "kubernetes_cluster_role" "kube_state_metrics" {
       "app.kubernetes.io/version"   = var.kube_state_metrics_version
     }
   }
-
-  rule {
-    api_groups = [""]
-    resources  = ["configmaps", "secrets", "nodes", "pods", "services", "resourcequotas", "replicationcontrollers", "limitranges", "persistentvolumeclaims", "persistentvolumes", "namespaces", "endpoints"]
-    verbs      = ["get", "list", "watch"]
-  }
-
-  rule {
-    api_groups = ["certificates.k8s.io"]
-    resources  = ["certificatesigningrequests"]
-    verbs      = ["list", "get", "watch"]
-  }
-  rule {
-    api_groups = ["batch"]
-    resources  = ["jobs"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["apps"]
-    resources  = ["deployments", "replicasets", "statefulsets", "daemonsets"]
-    verbs      = ["list", "watch"]
-  }
-  rule {
-    api_groups = ["storage.k8s.io"]
-    resources  = ["volumeattachments"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["admissionregistration.k8s.io"]
-    resources  = ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["coordination.k8s.io"]
-    resources  = ["leases"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["autoscaling"]
-    resources  = ["horizontalpodautoscalers"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["policy"]
-    resources  = ["poddisruptionbudgets"]
-    verbs      = ["get", "list", "watch"]
-  }
-  rule {
-    api_groups = ["batch"]
-    resources  = ["cronjobs"]
-    verbs      = ["get", "list", "watch"]
-  }
   rule {
-    api_groups = ["", "apps", "batch", "networking.k8s.io", "policy", "autoscaling", "certificates.k8s.io", "coordination.k8s.io", "storage.k8s.io"]
+    api_groups = ["", "apps", "batch", "networking.k8s.io", "policy", "autoscaling", "certificates.k8s.io", "coordination.k8s.io", "storage.k8s.io", "admissionregistration.k8s.io"]
     resources  = ["pods", "replicasets", "cronjobs", "ingresses", "poddisruptionbudgets", "networkpolicies", "storageclasses", "certificatesigningrequests", "leases", "horizontalpodautoscalers", "configmaps", "secrets", "nodes", "services", "resourcequotas", "replicationcontrollers", "limitranges", "persistentvolumeclaims", "persistentvolumes", "namespaces", "endpoints", "deployments", "statefulsets", "daemonsets", "volumeattachments", "mutatingwebhookconfigurations", "validatingwebhookconfigurations", "jobs"]
     verbs      = ["get", "list", "watch"]
   }
@@ -100,14 +48,14 @@ resource "kubernetes_cluster_role_binding" "kube_state_metrics" {
   subject {
     kind      = "ServiceAccount"
     name      = "kube-state-metrics"
-    namespace = "monitoring"
+    namespace = kubernetes_namespace.default_list["monitoring"].metadata[0].name
   }
 }
 
 resource "kubernetes_deployment" "kube_state_metrics" {
   metadata {
     name      = "kube-state-metrics"
-    namespace = "monitoring"
+    namespace = kubernetes_namespace.default_list["monitoring"].metadata[0].name
     labels = {
       "app.kubernetes.io/component" = "exporter"
       "app.kubernetes.io/name"      = "kube-state-metrics"
@@ -139,7 +87,7 @@ resource "kubernetes_deployment" "kube_state_metrics" {
 
         container {
           name  = "kube-state-metrics"
-          image = "k8s.gcr.io/kube-state-metrics/kube-state-metrics:v${var.kube_state_metrics_version}"
+          image = "registry.k8s.io/kube-state-metrics/kube-state-metrics:v${var.kube_state_metrics_version}"
           port {
             name           = "http-metrics"
             container_port = 8080
@@ -188,7 +136,7 @@ resource "kubernetes_deployment" "kube_state_metrics" {
 resource "kubernetes_service" "kube_state_metrics" {
   metadata {
     name      = "kube-state-metrics"
-    namespace = "monitoring"
+    namespace = kubernetes_namespace.default_list["monitoring"].metadata[0].name
 
     labels = {
       "app.kubernetes.io/component" = "exporter"

diff --git a/cluster/terraform_kubernetes/variables.tf b/cluster/terraform_kubernetes/variables.tf
@@ -65,7 +65,7 @@ variable "lowpriority_app_replicas" {
 }
 
 variable "kube_state_metrics_version" {
-  default = "2.8.2"
+  default = "2.10.1"
 }
 
 data "azurerm_client_config" "current" {}