feat: Life improvement for make-infrastructure and destroy, you can pass cluster=auto, cluster=standard or cluster=all

Author: ROunofF

Makefile

@@ -4,6 +4,7 @@ environment=''
 shell_command=''
 shell_simple_command=''
 glob='-'
+cluster='all'
 
 .PHONY: install
 install:
@@ -39,11 +40,11 @@ delete-environment:
 
 .PHONY: create-infrastructure
 create-infrastructure:
-	bash hack/create-infrastructure.sh $(environment)
+	bash hack/create-infrastructure.sh $(environment) $(cluster)
 
 .PHONY: destroy-infrastructure
 destroy-infrastructure:
-	bash hack/destroy-infrastructure.sh $(environment)
+	bash hack/destroy-infrastructure.sh $(environment) $(cluster)
 
 .PHONY: deploy-ide
 deploy-ide:

cluster/eksctl/cluster.yaml

@@ -40,4 +40,13 @@ remoteNetworkConfig:
   remoteNodeNetworks:
     - cidrs: ["10.52.0.0/16"]
   remotePodNetworks:
-    - cidrs: ["10.53.0.0/16"]
+    - cidrs: ["10.53.0.0/16"]
+accessConfig:
+  authenticationMode: API
+  bootstrapClusterCreatorAdminPermissions: true
+  accessEntries:
+   - principalARN: ${RESOURCE_CODEBUILD_ROLE_ARN}
+     accessPolicies:
+       - policyARN: "arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy"
+         accessScope:
+          type: cluster

hack/create-infrastructure.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 
 environment=$1
+cluster=${2:-all}
+echo "Creating infrastructure for environment ${environment} and cluster ${cluster}"
 
 set -Eeuo pipefail
 set -u
@@ -12,26 +14,26 @@ source $SCRIPT_DIR/lib/common-env.sh
 bash $SCRIPT_DIR/update-iam-role.sh $environment
 
 sleep 5
+export USE_CURRENT_USER=1 # We don't want to change the ARN in exec
 
 cluster_exists=0
 aws eks describe-cluster --name "${EKS_CLUSTER_NAME}" &> /dev/null || cluster_exists=$?
 
-if [ $cluster_exists -eq 0 ]; then
-  echo "Cluster ${EKS_CLUSTER_NAME} already exists"
-else
+if [ $cluster_exists -ne 0 ] && [[ "$cluster" == "standard" || "$cluster" == "all" ]]; then
   echo "Creating cluster ${EKS_CLUSTER_NAME}"
   bash $SCRIPT_DIR/exec.sh "${environment}" 'cat /cluster/eksctl/cluster.yaml | envsubst | eksctl create cluster -f -'&
+else
+  echo "Cluster ${EKS_CLUSTER_NAME} already exists"
 fi
 
 auto_cluster_exists=0
 aws eks describe-cluster --name "${EKS_CLUSTER_AUTO_NAME}" &> /dev/null || auto_cluster_exists=$?
 
-if [ $auto_cluster_exists -eq 0 ]; then
-  echo "Auto mode cluster ${EKS_CLUSTER_AUTO_NAME} already exists"
-else
-  echo "Creating auto mode cluster ${EKS_CLUSTER_AUTO_NAME} with terraform"
-  bash $SCRIPT_DIR/exec.sh "${environment}" 'cat /cluster/eksctl/cluster-auto.yaml | envsubst'
+if [ $auto_cluster_exists -ne 0 ] && [[ "$cluster" == "standard" || "$cluster" == "all" ]]; then
+  echo "Creating auto mode cluster ${EKS_CLUSTER_AUTO_NAME}"
   bash $SCRIPT_DIR/exec.sh "${environment}" 'cat /cluster/eksctl/cluster-auto.yaml | envsubst | eksctl create cluster -f -'&
+else
+  echo "Auto mode cluster ${EKS_CLUSTER_AUTO_NAME} already exists"
 fi
 
 wait

hack/destroy-infrastructure.sh

@@ -1,37 +1,42 @@
 #!/bin/bash
 
 environment=$1
+cluster=${2:-all}
+echo "Destroying infrastructure for environment ${environment} and cluster ${cluster}"
 
 set -Eeuo pipefail
 set -u
 
 SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
-
+export USE_CURRENT_USER=1;
 source $SCRIPT_DIR/lib/common-env.sh
 
 cluster_exists=0
 aws eks describe-cluster --name "${EKS_CLUSTER_NAME}" &> /dev/null || cluster_exists=$?
 
-if [ $cluster_exists -eq 0 ]; then
+if [ $cluster_exists -eq 0 ] && [[ "$cluster" == "standard" || "$cluster" == "all" ]]; then
   echo "Deleting cluster ${EKS_CLUSTER_NAME}"
   bash $SCRIPT_DIR/shell.sh "${environment}" 'delete-environment' || true
   bash $SCRIPT_DIR/exec.sh "${environment}" 'eksctl delete cluster --name ${EKS_CLUSTER_NAME} --region ${AWS_REGION} --wait --force --disable-nodegroup-eviction --timeout 45m'&
 else
-  echo "Cluster ${EKS_CLUSTER_NAME} does not exist"
+  echo "Cluster ${EKS_CLUSTER_NAME} does not exist or skipped"
 fi
 
 export EKS_CLUSTER_AUTO_NAME="${EKS_CLUSTER_NAME}-auto"
 auto_cluster_exists=0
 aws eks describe-cluster --name "${EKS_CLUSTER_AUTO_NAME}" &> /dev/null || auto_cluster_exists=$?
 
-if [ $auto_cluster_exists -eq 0 ]; then
+if [ $auto_cluster_exists -eq 0 ] && [[ "$cluster" == "auto" || "$cluster" == "all" ]]; then
   echo "Deleting auto mode cluster ${EKS_CLUSTER_AUTO_NAME}"
-  bash $SCRIPT_DIR/shell.sh "${environment}" 'delete-environment' || true # Needed ?
+  #bash $SCRIPT_DIR/shell.sh "${environment}" 'delete-environment' || true # Needed ?
   bash $SCRIPT_DIR/exec.sh "${environment}" 'eksctl delete cluster --name ${EKS_CLUSTER_AUTO_NAME} --region ${AWS_REGION} --wait --force --disable-nodegroup-eviction --timeout 45m'
 else
-  echo "Auto mode cluster ${EKS_CLUSTER_AUTO_NAME} does not exist"
+  echo "Auto mode cluster ${EKS_CLUSTER_AUTO_NAME} does not exist or skipped"
 fi
 
 wait
 
-aws cloudformation delete-stack --stack-name ${EKS_CLUSTER_NAME}-ide-role || true
+# Only delete ide-role if all clusters are deleted
+if [ "$cluster" == "all" ]; then
+  aws cloudformation delete-stack --stack-name ${EKS_CLUSTER_NAME}-ide-role || true
+fi

hack/exec.sh

@@ -19,8 +19,15 @@ container_image='eks-workshop-environment'
 
 (cd $SCRIPT_DIR/../lab && $CONTAINER_CLI build -q -t $container_image .)
 
-if [ -z "$SKIP_CREDENTIALS" ]; then
+echo "Checking SKIP: $SKIP_CREDENTIALS"
+if [ -z "$SKIP_CREDENTIALS" -a -z "$USE_CURRENT_USER" ]; then
   source $SCRIPT_DIR/lib/generate-aws-creds.sh
+elif [ -n "${USE_CURRENT_USER:-}" ]; then
+  if [ -z "$AWS_ACCESS_KEY_ID" ]; then
+    echo "No role credentials found, please check your AWS credentials"
+    exit 1
+  fi
+  aws_credential_args="-e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN"
 else
   aws_credential_args=""
 fi

hack/lib/common-env.sh

@@ -17,6 +17,7 @@ if [ -z "$AWS_REGION" ]; then
 fi
 
 SKIP_CREDENTIALS=${SKIP_CREDENTIALS:-""}
+USE_CURRENT_USER=${USE_CURRENT_USER:-""}
 
 if [ -z "$SKIP_CREDENTIALS" ]; then
   ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)

lab/scripts/entrypoint.sh

@@ -6,6 +6,11 @@ bash /tmp/setup.sh
 
 ln -s /eks-workshop/manifests /home/ec2-user/environment/eks-workshop
 
+# We do auto mode first so we default to standard
+if [ ! -z "$EKS_CLUSTER_AUTO_NAME" ]; then
+  aws eks update-kubeconfig --name $EKS_CLUSTER_AUTO_NAME
+fi
+
 if [ ! -z "$EKS_CLUSTER_NAME" ]; then
   aws eks update-kubeconfig --name $EKS_CLUSTER_NAME
 fi