From d79c8ab6f2a8f90b0ac8cf36fd6f75d08eb111ba Mon Sep 17 00:00:00 2001
From: Shaun Cutts <shaun@cuttshome.net>
Date: Tue, 7 Jan 2020 06:28:56 -0500
Subject: [PATCH] Wait cluster responsive (#639)

* wait for cluster to respond before creating auth config map

* adds changelog entry

* fixup tf format

* fixup kubernetes required version

* fixup missing local for kubeconfig_filename

* combine wait for cluster into provisioner on cluster; change status check to /healthz on endpoint

* fix: make kubernetes provider version more permissive
---
 CHANGELOG.md |  1 +
 aws_auth.tf  |  3 ++-
 cluster.tf   |  5 +++++
 versions.tf  | 11 ++++++-----
 4 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e19b8c6..c3c19fd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [[v8.?.?](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v7.0.0...HEAD)] - 2019-??-??]
 
+- Wait for cluster to respond to kubectl before applying auth map_config (@shaunc)
 - Added flag `create_eks` to conditionally create resources (by @syst0m / @tbeijen)
 - Support for AWS EKS Managed Node Groups. (by @wmorgan6796)
 - Added a if check on `aws-auth` configmap when `map_roles` is empty (by @shanmugakarna)
diff --git a/aws_auth.tf b/aws_auth.tf
index f72654d..a2a25ec 100644
--- a/aws_auth.tf
+++ b/aws_auth.tf
@@ -53,7 +53,8 @@ data "template_file" "node_group_arns" {
 }
 
 resource "kubernetes_config_map" "aws_auth" {
-  count = var.create_eks && var.manage_aws_auth ? 1 : 0
+  depends_on = [aws_eks_cluster.this]
+  count      = var.create_eks && var.manage_aws_auth ? 1 : 0
 
   metadata {
     name      = "aws-auth"
diff --git a/cluster.tf b/cluster.tf
index d0e2fd8..86ff69a 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -31,6 +31,11 @@ resource "aws_eks_cluster" "this" {
     aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy,
     aws_cloudwatch_log_group.this
   ]
+  provisioner "local-exec" {
+    command = <<EOT
+    until curl -k ${aws_eks_cluster.this[0].endpoint}/healthz >/dev/null; do sleep 4; done
+  EOT
+  }
 }
 
 resource "aws_security_group" "cluster" {
diff --git a/versions.tf b/versions.tf
index 06a6c1c..e95ea3e 100644
--- a/versions.tf
+++ b/versions.tf
@@ -2,10 +2,11 @@ terraform {
   required_version = ">= 0.12.9"
 
   required_providers {
-    aws      = ">= 2.38.0"
-    local    = ">= 1.2"
-    null     = ">= 2.1"
-    template = ">= 2.1"
-    random   = ">= 2.1"
+    aws        = ">= 2.38.0"
+    local      = ">= 1.2"
+    null       = ">= 2.1"
+    template   = ">= 2.1"
+    random     = ">= 2.1"
+    kubernetes = ">= 1.6.2"
   }
 }