From 99dac053b79b54b47ec3232ec54df92a83d3597d Mon Sep 17 00:00:00 2001
From: brandoconnor <brandon@atscale.run>
Date: Fri, 8 Jun 2018 02:54:18 -0700
Subject: [PATCH 1/2] kubectl now configurable by the module

---
 CHANGELOG.md                      |  1 +
 README.md                         |  3 ++-
 examples/eks_test_fixture/main.tf | 27 +++++++++------------------
 main.tf                           | 26 +++++++++++++++++++++++++-
 variables.tf                      | 10 ++++++++++
 5 files changed, 47 insertions(+), 20 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 42ef503..f95f4b7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 - files rendered from dedicated templates to separate out raw code and config from `hcl`
 - `workers_ami_id` is now made optional. If not specified, the module will source the latest AWS supported EKS AMI instead.
 - added ability to specify extra userdata code to execute after the second to configure and start kube services.
+- When `configure_kubectl_session` is set to true the current shell will be configured to talk to the kubernetes cluster using config files output from the module.
 
 ## [[v0.1.1](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v0.1.0...v0.1.1)] - 2018-06-07]
 
diff --git a/README.md b/README.md
index 552e9f7..1617e51 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,6 @@ module "eks" {
   subnets               = ["subnet-abcde012", "subnet-bcde012a"]
   tags                  = "${map("Environment", "test")}"
   vpc_id                = "vpc-abcde012"
-  workers_ami_id        = "ami-123456"
   cluster_ingress_cidrs = ["24.18.23.91/32"]
 }
 ```
@@ -92,6 +91,8 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | cluster_ingress_cidrs | The CIDRs from which we can execute kubectl commands. | list | - | yes |
 | cluster_name | Name of the EKS cluster which is also used as a prefix in names of related resources. | string | - | yes |
 | cluster_version | Kubernetes version to use for the cluster. | string | `1.10` | no |
+| config_output_path | Determines where config files are placed if using configure_kubectl_session and you want config files to land outside the current working directory. | string | `./` | no |
+| configure_kubectl_session | Configure the current session's kubectl to use the instantiated cluster. | string | `false` | no |
 | subnets | A list of subnets to associate with the cluster's underlying instances. | list | - | yes |
 | tags | A map of tags to add to all resources. | string | `<map>` | no |
 | vpc_id | VPC id where the cluster and other resources will be deployed. | string | - | yes |
diff --git a/examples/eks_test_fixture/main.tf b/examples/eks_test_fixture/main.tf
index 783e979..21687be 100644
--- a/examples/eks_test_fixture/main.tf
+++ b/examples/eks_test_fixture/main.tf
@@ -36,16 +36,6 @@ resource "random_string" "suffix" {
   special = false
 }
 
-resource "local_file" "kubeconfig" {
-  content  = "${module.eks.kubeconfig}"
-  filename = "${path.module}/kubeconfig"
-}
-
-resource "local_file" "config-map-aws-auth" {
-  content  = "${module.eks.config_map_aws_auth}"
-  filename = "${path.module}/config-map-aws-auth.yaml"
-}
-
 module "vpc" {
   source             = "terraform-aws-modules/vpc/aws"
   version            = "1.14.0"
@@ -60,12 +50,13 @@ module "vpc" {
 }
 
 module "eks" {
-  source                = "../.."
-  cluster_name          = "${local.cluster_name}"
-  subnets               = "${module.vpc.public_subnets}"
-  tags                  = "${local.tags}"
-  vpc_id                = "${module.vpc.vpc_id}"
-  cluster_ingress_cidrs = ["${local.workstation_external_cidr}"]
-  workers_instance_type = "t2.small"
-  additional_userdata   = "echo hello world"
+  source                    = "../.."
+  cluster_name              = "${local.cluster_name}"
+  subnets                   = "${module.vpc.public_subnets}"
+  tags                      = "${local.tags}"
+  vpc_id                    = "${module.vpc.vpc_id}"
+  cluster_ingress_cidrs     = ["${local.workstation_external_cidr}"]
+  workers_instance_type     = "t2.small"
+  additional_userdata       = "echo hello world"
+  configure_kubectl_session = true
 }
diff --git a/main.tf b/main.tf
index 254395b..fb3134a 100644
--- a/main.tf
+++ b/main.tf
@@ -29,7 +29,6 @@
 *   subnets               = ["subnet-abcde012", "subnet-bcde012a"]
 *   tags                  = "${map("Environment", "test")}"
 *   vpc_id                = "vpc-abcde012"
-*   workers_ami_id        = "ami-123456"
 *   cluster_ingress_cidrs = ["24.18.23.91/32"]
 * }
 * ```
@@ -88,3 +87,28 @@ To test your kubectl connection manually, see the [eks_test_fixture README](http
 
 provider "null" {}
 provider "template" {}
+
+resource "local_file" "kubeconfig" {
+  content  = "${data.template_file.kubeconfig.rendered}"
+  filename = "${var.config_output_path}/kubeconfig"
+  count    = "${var.configure_kubectl_session ? 1 : 0}"
+}
+
+resource "local_file" "config_map_aws_auth" {
+  content  = "${data.template_file.config_map_aws_auth.rendered}"
+  filename = "${var.config_output_path}/config-map-aws-auth.yaml"
+  count    = "${var.configure_kubectl_session ? 1 : 0}"
+}
+
+resource "null_resource" "configure_kubectl" {
+  provisioner "local-exec" {
+    command = "kubectl apply -f ${var.config_output_path}/config-map-aws-auth.yaml --kubeconfig ${var.config_output_path}/kubeconfig"
+  }
+
+  triggers {
+    config_map_rendered = "${data.template_file.config_map_aws_auth.rendered}"
+    kubeconfig_rendered = "${data.template_file.kubeconfig.rendered}"
+  }
+
+  count = "${var.configure_kubectl_session ? 1 : 0}"
+}
diff --git a/variables.tf b/variables.tf
index 78211b9..d4600b5 100644
--- a/variables.tf
+++ b/variables.tf
@@ -17,6 +17,16 @@ variable "cluster_version" {
   default     = "1.10"
 }
 
+variable "config_output_path" {
+  description = "Determines where config files are placed if using configure_kubectl_session and you want config files to land outside the current working directory."
+  default     = "./"
+}
+
+variable "configure_kubectl_session" {
+  description = "Configure the current session's kubectl to use the instantiated cluster."
+  default     = false
+}
+
 variable "subnets" {
   description = "A list of subnets to associate with the cluster's underlying instances."
   type        = "list"

From 32abc2288b2548bc4e37355de4a1afc73b233833 Mon Sep 17 00:00:00 2001
From: brandoconnor <brandon@atscale.run>
Date: Fri, 8 Jun 2018 03:21:09 -0700
Subject: [PATCH 2/2] docs updated with dependencies section

---
 README.md | 6 ++++++
 main.tf   | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/README.md b/README.md
index 1617e51..32465f4 100644
--- a/README.md
+++ b/README.md
@@ -32,6 +32,12 @@ module "eks" {
 }
 ```
 
+## Dependencies
+
+The `configure_kubectl_session` variable requires that both `[kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl)
+(>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens)
+are installed and on your shell's PATH.
+
 ## Testing
 
 This module has been packaged with [awspec](https://github.com/k1LoW/awspec) tests through [kitchen](https://kitchen.ci/) and [kitchen-terraform](https://newcontext-oss.github.io/kitchen-terraform/). To run them:
diff --git a/main.tf b/main.tf
index fb3134a..1dba8f1 100644
--- a/main.tf
+++ b/main.tf
@@ -33,6 +33,12 @@
 * }
 * ```
 
+* ## Dependencies
+
+* The `configure_kubectl_session` variable requires that both `[kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl)
+(>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens)
+are installed and on your shell's PATH.
+
 * ## Testing
 
 * This module has been packaged with [awspec](https://github.com/k1LoW/awspec) tests through [kitchen](https://kitchen.ci/) and [kitchen-terraform](https://newcontext-oss.github.io/kitchen-terraform/). To run them: