gruntwork-io
diff --git a/‎.circleci/config.yml
+1-1 b/‎.circleci/config.yml
+1-1
diff --git a/‎README.md
+1 b/‎README.md
+1
diff --git a/‎examples/k8s-namespace-with-service-account/main.tf
+21-13 b/‎examples/k8s-namespace-with-service-account/main.tf
+21-13
diff --git a/‎examples/k8s-namespace-with-service-account/outputs.tf
+5-5 b/‎examples/k8s-namespace-with-service-account/outputs.tf
+5-5
diff --git a/‎examples/k8s-namespace-with-service-account/variables.tf
+3 b/‎examples/k8s-namespace-with-service-account/variables.tf
+3
diff --git a/‎examples/k8s-tiller-kubergrunt-minikube/main.tf
+49-50 b/‎examples/k8s-tiller-kubergrunt-minikube/main.tf
+49-50
diff --git a/‎examples/k8s-tiller-kubergrunt-minikube/outputs.tf
+2-2 b/‎examples/k8s-tiller-kubergrunt-minikube/outputs.tf
+2-2
@@ -8,7 +8,7 @@ defaults: &defaults
     KUBERGRUNT_VERSION: v0.3.8
     HELM_VERSION: v2.12.2
     MODULE_CI_VERSION: v0.13.12
-    TERRAFORM_VERSION: 0.11.11
+    TERRAFORM_VERSION: 0.12.1
     TERRAGRUNT_VERSION: NONE
     PACKER_VERSION: NONE
     GOLANG_VERSION: 1.11.2
 
@@ -1,5 +1,6 @@
 [![Maintained by Gruntwork.io](https://img.shields.io/badge/maintained%20by-gruntwork.io-%235849a6.svg)](https://gruntwork.io/?ref=repo_terraform_kubernetes_helm)
 [![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/gruntwork-io/terraform-kubernetes-helm.svg?label=latest)](https://github.com/gruntwork-io/terraform-kubernetes-helm/releases/latest)
+![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.12.0-blue.svg)
 
 # Tiller Module
 
 
@@ -4,14 +4,18 @@
 # ServiceAccounts that are bound to each default role.
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
+terraform {
+  required_version = ">= 0.12"
+}
+
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # CONFIGURE OUR KUBERNETES CONNECTIONS
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 provider "kubernetes" {
   version        = "~> 1.5"
-  config_context = "${var.kubectl_config_context_name}"
-  config_path    = "${var.kubectl_config_path}"
+  config_context = var.kubectl_config_context_name
+  config_path    = var.kubectl_config_path
 }
 
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -24,7 +28,7 @@ module "namespace" {
   # source = "git::https://github.com/gruntwork-io/terraform-kubernetes-helm.git//modules/k8s-namespace?ref=v0.0.1"
   source = "../../modules/k8s-namespace"
 
-  name = "${var.name}"
+  name = var.name
 }
 
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -38,13 +42,15 @@ module "service_account_access_all" {
   source = "../../modules/k8s-service-account"
 
   name           = "${var.name}-admin"
-  namespace      = "${module.namespace.name}"
+  namespace      = module.namespace.name
   num_rbac_roles = 1
 
-  rbac_roles = [{
-    name      = "${module.namespace.rbac_access_all_role}"
-    namespace = "${module.namespace.name}"
-  }]
+  rbac_roles = [
+    {
+      name      = module.namespace.rbac_access_all_role
+      namespace = module.namespace.name
+    },
+  ]
 
   # How to tag the service account with a label
   labels = {
@@ -59,13 +65,15 @@ module "service_account_access_read_only" {
   source = "../../modules/k8s-service-account"
 
   name           = "${var.name}-read-only"
-  namespace      = "${module.namespace.name}"
+  namespace      = module.namespace.name
   num_rbac_roles = 1
 
-  rbac_roles = [{
-    name      = "${module.namespace.rbac_access_read_only_role}"
-    namespace = "${module.namespace.name}"
-  }]
+  rbac_roles = [
+    {
+      name      = module.namespace.rbac_access_read_only_role
+      namespace = module.namespace.name
+    },
+  ]
 
   # How to tag the service account with a label
   labels = {
 
@@ -1,24 +1,24 @@
 output "name" {
   description = "Name of the created namespace"
-  value       = "${module.namespace.name}"
+  value       = module.namespace.name
 }
 
 output "rbac_access_all_role" {
   description = "The name of the RBAC role that grants admin level permissions on the namespace."
-  value       = "${module.namespace.rbac_access_all_role}"
+  value       = module.namespace.rbac_access_all_role
 }
 
 output "rbac_access_read_only_role" {
   description = "The name of the RBAC role that grants read only permissions on the namespace."
-  value       = "${module.namespace.rbac_access_read_only_role}"
+  value       = module.namespace.rbac_access_read_only_role
 }
 
 output "service_account_access_all" {
   description = "The name of the ServiceAccount that has admin level permissions."
-  value       = "${module.service_account_access_all.name}"
+  value       = module.service_account_access_all.name
 }
 
 output "service_account_access_read_only" {
   description = "The name of the ServiceAccount that has read only level permissions."
-  value       = "${module.service_account_access_read_only.name}"
+  value       = module.service_account_access_read_only.name
 }
@@ -5,14 +5,17 @@
 
 variable "name" {
   description = "Name of the namespace to be created"
+  type        = string
 }
 
 variable "kubectl_config_context_name" {
   description = "The config context to use when authenticating to the Kubernetes cluster. If empty, defaults to the current context specified in the kubeconfig file."
+  type        = string
   default     = ""
 }
 
 variable "kubectl_config_path" {
   description = "The path to the config file to use for kubectl. If empty, defaults to $HOME/.kube/config"
+  type        = string
   default     = "~/.kube/config"
 }
@@ -6,13 +6,17 @@
 # - Using kubergrunt to deploy Tiller with TLS management
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
+terraform {
+  required_version = ">= 0.12"
+}
+
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # CONFIGURE OUR KUBERNETES CONNECTIONS
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 provider "kubernetes" {
-  config_context = "${var.kubectl_config_context_name}"
-  config_path    = "${var.kubectl_config_path}"
+  config_context = var.kubectl_config_context_name
+  config_path    = var.kubectl_config_path
 }
 
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -25,7 +29,7 @@ module "tiller_namespace" {
   # source = "git::https://github.com/gruntwork-io/terraform-kubernetes-helm.git//modules/k8s-namespace?ref=v0.3.0"
   source = "../../modules/k8s-namespace"
 
-  name = "${var.tiller_namespace}"
+  name = var.tiller_namespace
 }
 
 module "resource_namespace" {
@@ -34,7 +38,7 @@ module "resource_namespace" {
   # source = "git::https://github.com/gruntwork-io/terraform-kubernetes-helm.git//modules/k8s-namespace?ref=v0.3.0"
   source = "../../modules/k8s-namespace"
 
-  name = "${var.resource_namespace}"
+  name = var.resource_namespace
 }
 
 module "tiller_service_account" {
@@ -43,18 +47,18 @@ module "tiller_service_account" {
   # source = "git::https://github.com/gruntwork-io/terraform-kubernetes-helm.git//modules/k8s-service-account?ref=v0.3.0"
   source = "../../modules/k8s-service-account"
 
-  name           = "${var.service_account_name}"
-  namespace      = "${module.tiller_namespace.name}"
+  name           = var.service_account_name
+  namespace      = module.tiller_namespace.name
   num_rbac_roles = 2
 
   rbac_roles = [
     {
-      name      = "${module.tiller_namespace.rbac_tiller_metadata_access_role}"
-      namespace = "${module.tiller_namespace.name}"
+      name      = module.tiller_namespace.rbac_tiller_metadata_access_role
+      namespace = module.tiller_namespace.name
     },
     {
-      name      = "${module.resource_namespace.rbac_tiller_resource_access_role}"
-      namespace = "${module.resource_namespace.name}"
+      name      = module.resource_namespace.rbac_tiller_resource_access_role
+      namespace = module.resource_namespace.name
     },
   ]
 
@@ -73,31 +77,31 @@ module "tiller" {
   # source = "git::https://github.com/gruntwork-io/terraform-kubernetes-helm.git//modules/k8s-tiller?ref=v0.3.0"
   source = "../../modules/k8s-tiller"
 
-  tiller_service_account_name              = "${module.tiller_service_account.name}"
-  tiller_service_account_token_secret_name = "${module.tiller_service_account.token_secret_name}"
-  namespace                                = "${module.tiller_namespace.name}"
-  tiller_image_version                     = "${var.tiller_version}"
+  tiller_service_account_name              = module.tiller_service_account.name
+  tiller_service_account_token_secret_name = module.tiller_service_account.token_secret_name
+  namespace                                = module.tiller_namespace.name
+  tiller_image_version                     = var.tiller_version
 
   tiller_tls_gen_method   = "kubergrunt"
-  tiller_tls_subject      = "${var.tls_subject}"
-  private_key_algorithm   = "${var.private_key_algorithm}"
-  private_key_ecdsa_curve = "${var.private_key_ecdsa_curve}"
-  private_key_rsa_bits    = "${var.private_key_rsa_bits}"
+  tiller_tls_subject      = var.tls_subject
+  private_key_algorithm   = var.private_key_algorithm
+  private_key_ecdsa_curve = var.private_key_ecdsa_curve
+  private_key_rsa_bits    = var.private_key_rsa_bits
 
-  kubectl_config_context_name = "${var.kubectl_config_context_name}"
-  kubectl_config_path         = "${var.kubectl_config_path}"
+  kubectl_config_context_name = var.kubectl_config_context_name
+  kubectl_config_path         = var.kubectl_config_path
 }
 
 # We use kubergrunt to wait for Tiller to be deployed. Any resources that depend on this can assume Tiller is
 # successfully deployed and up at that point.
 resource "null_resource" "wait_for_tiller" {
   provisioner "local-exec" {
     command = <<-EOF
-    ${lookup(module.require_executables.executables, "kubergrunt")} helm wait-for-tiller ${local.esc_newl}
-      --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
-      --tiller-deployment-name ${module.tiller.deployment_name} ${local.esc_newl}
-      --expected-tiller-version ${var.tiller_version}
-    EOF
+      ${module.require_executables.executables["kubergrunt"]} helm wait-for-tiller ${local.esc_newl}
+        --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
+        --tiller-deployment-name ${module.tiller.deployment_name} ${local.esc_newl}
+        --expected-tiller-version ${var.tiller_version}
+      EOF
   }
 }
 
@@ -106,24 +110,24 @@ resource "null_resource" "wait_for_tiller" {
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 resource "null_resource" "grant_helm_access" {
-  count      = "${var.configure_helm}"
-  depends_on = ["null_resource.wait_for_tiller"]
+  count = var.configure_helm ? 1 : 0
+  depends_on = [null_resource.wait_for_tiller]
 
   provisioner "local-exec" {
     command = <<-EOF
-    ${lookup(module.require_executables.executables, "kubergrunt")} helm grant ${local.esc_newl}
-      --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
-      ${local.kubectl_config_options} ${local.esc_newl}
-      --tls-subject-json '${jsonencode(var.client_tls_subject)}' ${local.esc_newl}
-      ${local.configure_args}
-
-    ${lookup(module.require_executables.executables, "kubergrunt")} helm configure ${local.esc_newl}
-      --helm-home ${local.helm_home_with_default} ${local.esc_newl}
-      --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
-      --resource-namespace ${module.resource_namespace.name} ${local.esc_newl}
-      ${local.kubectl_config_options} ${local.esc_newl}
-      ${local.configure_args}
-    EOF
+      ${module.require_executables.executables["kubergrunt"]} helm grant ${local.esc_newl}
+        --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
+        ${local.kubectl_config_options} ${local.esc_newl}
+        --tls-subject-json '${jsonencode(var.client_tls_subject)}' ${local.esc_newl}
+        ${local.configure_args}
+
+      ${module.require_executables.executables["kubergrunt"]} helm configure ${local.esc_newl}
+        --helm-home ${local.helm_home_with_default} ${local.esc_newl}
+        --tiller-namespace ${module.tiller_namespace.name} ${local.esc_newl}
+        --resource-namespace ${module.resource_namespace.name} ${local.esc_newl}
+        ${local.kubectl_config_options} ${local.esc_newl}
+        ${local.configure_args}
+      EOF
   }
 }
 
@@ -135,24 +139,19 @@ resource "null_resource" "grant_helm_access" {
 locals {
   kubectl_config_options = "${var.kubectl_config_context_name != "" ? "--kubectl-context-name ${var.kubectl_config_context_name}" : ""} ${var.kubectl_config_path != "" ? "--kubeconfig ${var.kubectl_config_path}" : ""}"
 
-  helm_home_with_default = "${var.helm_home == "" ? pathexpand("~/.helm") : var.helm_home}"
+  helm_home_with_default = var.helm_home == "" ? pathexpand("~/.helm") : var.helm_home
 
-  configure_args = "${
-    var.helm_client_rbac_user != "" ? "--rbac-user ${var.helm_client_rbac_user}"
-      : var.helm_client_rbac_group != "" ? "--rbac-group ${var.helm_client_rbac_group}"
-        : var.helm_client_rbac_service_account != "" ? "--rbac-service-account ${var.helm_client_rbac_service_account}"
-          : ""
-  }"
+  configure_args = var.helm_client_rbac_user != "" ? "--rbac-user ${var.helm_client_rbac_user}" : var.helm_client_rbac_group != "" ? "--rbac-group ${var.helm_client_rbac_group}" : var.helm_client_rbac_service_account != "" ? "--rbac-service-account ${var.helm_client_rbac_service_account}" : ""
 
-  esc_newl = "${module.os.name == "Windows" ? "`" : "\\"}"
+  esc_newl = module.os.name == "Windows" ? "`" : "\\"
 }
 
 module "os" {
-  source = "git::https://github.com/gruntwork-io/package-terraform-utilities.git//modules/operating-system?ref=v0.0.8"
+  source = "git::https://github.com/gruntwork-io/package-terraform-utilities.git//modules/operating-system?ref=v0.1.0"
 }
 
 module "require_executables" {
-  source = "git::https://github.com/gruntwork-io/package-terraform-utilities.git//modules/require-executable?ref=v0.0.8"
+  source = "git::https://github.com/gruntwork-io/package-terraform-utilities.git//modules/require-executable?ref=v0.1.0"
 
   required_executables = ["kubergrunt"]
   error_message        = "The __EXECUTABLE_NAME__ binary is not available in your PATH. Install the binary by following the instructions at https://github.com/gruntwork-io/terraform-kubernetes-helm/blob/master/examples/k8s-tiller-kubergrunt-minikube/README.md#installing-necessary-tools, or update your PATH variable to search where you installed __EXECUTABLE_NAME__."
 
@@ -1,9 +1,9 @@
 output "tiller_namespace" {
   description = "The name of the namespace that houses Tiller."
-  value       = "${module.tiller_namespace.name}"
+  value       = module.tiller_namespace.name
 }
 
 output "resource_namespace" {
   description = "The name of the namespace where Tiller will deploy resources into."
-  value       = "${module.resource_namespace.name}"
+  value       = module.resource_namespace.name
 }
Original file line number	Diff line number	Diff line change
`@@ -1,24 +1,24 @@`
`1`	`1`	`output "name" {`
`2`	`2`	`description = "Name of the created namespace"`
`3`		`- value = "${module.namespace.name}"`
	`3`	`+ value = module.namespace.name`
`4`	`4`	`}`
`5`	`5`
`6`	`6`	`output "rbac_access_all_role" {`
`7`	`7`	`description = "The name of the RBAC role that grants admin level permissions on the namespace."`
`8`		`- value = "${module.namespace.rbac_access_all_role}"`
	`8`	`+ value = module.namespace.rbac_access_all_role`
`9`	`9`	`}`
`10`	`10`
`11`	`11`	`output "rbac_access_read_only_role" {`
`12`	`12`	`description = "The name of the RBAC role that grants read only permissions on the namespace."`
`13`		`- value = "${module.namespace.rbac_access_read_only_role}"`
	`13`	`+ value = module.namespace.rbac_access_read_only_role`
`14`	`14`	`}`
`15`	`15`
`16`	`16`	`output "service_account_access_all" {`
`17`	`17`	`description = "The name of the ServiceAccount that has admin level permissions."`
`18`		`- value = "${module.service_account_access_all.name}"`
	`18`	`+ value = module.service_account_access_all.name`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`output "service_account_access_read_only" {`
`22`	`22`	`description = "The name of the ServiceAccount that has read only level permissions."`
`23`		`- value = "${module.service_account_access_read_only.name}"`
	`23`	`+ value = module.service_account_access_read_only.name`
`24`	`24`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,14 +5,17 @@`
`5`	`5`
`6`	`6`	`variable "name" {`
`7`	`7`	`description = "Name of the namespace to be created"`
	`8`	`+ type = string`
`8`	`9`	`}`
`9`	`10`
`10`	`11`	`variable "kubectl_config_context_name" {`
`11`	`12`	`description = "The config context to use when authenticating to the Kubernetes cluster. If empty, defaults to the current context specified in the kubeconfig file."`
	`13`	`+ type = string`
`12`	`14`	`default = ""`
`13`	`15`	`}`
`14`	`16`
`15`	`17`	`variable "kubectl_config_path" {`
`16`	`18`	`description = "The path to the config file to use for kubectl. If empty, defaults to $HOME/.kube/config"`
	`19`	`+ type = string`
`17`	`20`	`default = "~/.kube/config"`
`18`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,9 @@`
`1`	`1`	`output "tiller_namespace" {`
`2`	`2`	`description = "The name of the namespace that houses Tiller."`
`3`		`- value = "${module.tiller_namespace.name}"`
	`3`	`+ value = module.tiller_namespace.name`
`4`	`4`	`}`
`5`	`5`
`6`	`6`	`output "resource_namespace" {`
`7`	`7`	`description = "The name of the namespace where Tiller will deploy resources into."`
`8`		`- value = "${module.resource_namespace.name}"`
	`8`	`+ value = module.resource_namespace.name`
`9`	`9`	`}`