From e6d76d0a069c0192bdace25e992e54709b667e5c Mon Sep 17 00:00:00 2001
From: Xiangxuan Liu <9570112+nauxliu@users.noreply.github.com>
Date: Fri, 4 Jun 2021 06:11:15 +0800
Subject: [PATCH] feat: Add support for Managed Node Groups (`node_groups`)
 taints (#1424)

---
 examples/managed_node_groups/main.tf |  7 +++++++
 modules/node_groups/README.md        |  5 +++--
 modules/node_groups/locals.tf        |  1 +
 modules/node_groups/node_groups.tf   | 10 ++++++++++
 modules/node_groups/versions.tf      |  2 +-
 5 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/examples/managed_node_groups/main.tf b/examples/managed_node_groups/main.tf
index dc799e4..4c8b3fe 100644
--- a/examples/managed_node_groups/main.tf
+++ b/examples/managed_node_groups/main.tf
@@ -88,6 +88,13 @@ module "eks" {
       additional_tags = {
         ExtraTag = "example"
       }
+      taints = [
+        {
+          key    = "dedicated"
+          value  = "gpuGroup"
+          effect = "NO_SCHEDULE"
+        }
+      ]
     }
   }
 
diff --git a/modules/node_groups/README.md b/modules/node_groups/README.md
index d9bb496..65fde29 100644
--- a/modules/node_groups/README.md
+++ b/modules/node_groups/README.md
@@ -44,6 +44,7 @@ The role ARN specified in `var.default_iam_role_arn` will be used by default. In
 | source\_security\_group\_ids | Source security groups for remote access to workers | list(string) | If key\_name is specified: THE REMOTE ACCESS WILL BE OPENED TO THE WORLD |
 | subnets | Subnets to contain workers | list(string) | `var.workers_group_defaults[subnets]` |
 | version | Kubernetes version | string | Provider default behavior |
+| taints | Kubernetes node taints | list(map) | empty |
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
@@ -51,13 +52,13 @@ The role ARN specified in `var.default_iam_role_arn` will be used by default. In
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.40.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.43.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.40.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.43.0 |
 | <a name="provider_cloudinit"></a> [cloudinit](#provider\_cloudinit) | n/a |
 
 ## Modules
diff --git a/modules/node_groups/locals.tf b/modules/node_groups/locals.tf
index 192b7a0..ee026c8 100644
--- a/modules/node_groups/locals.tf
+++ b/modules/node_groups/locals.tf
@@ -21,6 +21,7 @@ locals {
       public_ip                     = var.workers_group_defaults["public_ip"]
       pre_userdata                  = var.workers_group_defaults["pre_userdata"]
       additional_security_group_ids = var.workers_group_defaults["additional_security_group_ids"]
+      taints                        = []
     },
     var.node_groups_defaults,
     v,
diff --git a/modules/node_groups/node_groups.tf b/modules/node_groups/node_groups.tf
index 35eb058..6a1e393 100644
--- a/modules/node_groups/node_groups.tf
+++ b/modules/node_groups/node_groups.tf
@@ -57,6 +57,16 @@ resource "aws_eks_node_group" "workers" {
     }
   }
 
+  dynamic "taint" {
+    for_each = each.value["taints"]
+
+    content {
+      key    = taint.value["key"]
+      value  = taint.value["value"]
+      effect = taint.value["effect"]
+    }
+  }
+
   version = lookup(each.value, "version", null)
 
   labels = merge(
diff --git a/modules/node_groups/versions.tf b/modules/node_groups/versions.tf
index 2051547..c68eb70 100644
--- a/modules/node_groups/versions.tf
+++ b/modules/node_groups/versions.tf
@@ -2,6 +2,6 @@ terraform {
   required_version = ">= 0.13.1"
 
   required_providers {
-    aws = ">= 3.40.0"
+    aws = ">= 3.43.0"
   }
 }