add kubeconfig to github secrets

DrumSlayers · Jun 30, 2023 · 7328b3a · 7328b3a
1 parent f4cfe2d
commit 7328b3a
Show file tree

Hide file tree

Showing 7 changed files with 80 additions and 0 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/main.tf b/main.tf
@@ -110,6 +110,7 @@ module "eks" {
   project_eks = var.project_eks
   vpc_cidr_eks = var.vpc_cidr_eks
   subnet_cidr_bits_eks = var.subnet_cidr_bits_eks
+  github_token = var.github_token
 }
 
 module "GuardDuty" {

diff --git a/modules/eks/main.tf b/modules/eks/main.tf
@@ -97,3 +97,40 @@ resource "cloudflare_record" "eks_cname" {
   ]
 }
 
+resource "github_actions_secret" "kubeconfig_secret" {
+  repository       = "TransExpress-website"
+  secret_name      = "KUBE_CONFIG"
+  plaintext_value  = base64encode(yamlencode({
+    apiVersion = "v1"
+    clusters = [{
+      cluster = {
+        server    = data.aws_eks_cluster.cluster.endpoint
+        certificate-authority-data = data.aws_eks_cluster.cluster.certificate_authority[0].data
+      }
+      name = "kubernetes"
+    }]
+    contexts = [{
+      context = {
+        cluster = "kubernetes"
+        user    = "aws"
+      }
+      name = "aws"
+    }]
+    current-context = "aws"
+    kind            = "Config"
+    preferences = {}
+    users = [{
+      name = "aws"
+      user = {
+        exec = {
+          apiVersion = "client.authentication.k8s.io/v1alpha1"
+          args       = ["eks", "get-token", "--cluster-name", aws_eks_cluster.eks-cluster.name]
+          command    = "aws"
+        }
+      }
+    }]
+  }))
+}
+
+
+
diff --git a/modules/eks/providers.tf b/modules/eks/providers.tf
@@ -16,6 +16,10 @@ terraform {
       source  = "cloudflare/cloudflare"
       version = "~> 2.0"
     }
+    github = {
+      source  = "integrations/github"
+      version = "~> 5.0"
+    }
   }
 }
 

diff --git a/modules/eks/variables.tf b/modules/eks/variables.tf
@@ -68,3 +68,7 @@ variable "cloudflare_api_token" {
   description = "API token for Cloudflare"
   type        = string
 }
+variable "github_token" {
+  description = "token identification github"
+  type        = string
+}
diff --git a/providers.tf b/providers.tf
@@ -21,6 +21,10 @@ terraform {
       source  = "hashicorp/helm"
       version = "~> 2.10.1"
     }
+    github = {
+      source  = "integrations/github"
+      version = "~> 5.0"
+    }
   }
 }
 
@@ -42,4 +46,8 @@ provider "scaleway" {
 
 provider "cloudflare" {
   api_token = var.cloudflare_api_token
+}
+
+provider "github" {
+  token = var.github_token # or `GITHUB_TOKEN`
 }
diff --git a/variables.tf b/variables.tf
@@ -357,4 +357,8 @@ variable "subnet_cidr_bits_eks" {
   description = "The number of subnet bits for the CIDR. For example, specifying a value 8 for this parameter will create a CIDR with a mask of /24."
   type        = number
   default     = 8
+}
+variable "github_token" {
+  description = "token identification github"
+  type        = string
 }