├── app ├── .gitignore ├── configmap.yaml ├── views │ ├── partials │ │ └── header.ejs │ └── pages │ │ └── index.ejs ├── docker-compose.yaml ├── index.js ├── README.md ├── public │ ├── logo.svg │ ├── hashi.svg │ ├── stylesheets │ │ └── main.css │ ├── language.svg │ ├── pattern-tl.svg │ └── pattern-br.svg ├── package.json └── waypoint.hcl ├── azure.tf ├── resource_groups.tf ├── charts ├── vault.yaml └── consul.yaml ├── kubernetes.tf ├── helm.tf ├── .gitignore ├── azure_key_vault_key.tf ├── vault_configuration.example ├── helm_release_vault.tf ├── network.tf ├── kubernetes_secret.tf ├── variables.tf ├── aks.tf ├── helm_release_consul.tf ├── azure_key_vault.tf ├── terraform.tf ├── README.md ├── .terraform.lock.hcl └── LICENSE /app/.gitignore: -------------------------------------------------------------------------------- 1 | .waypoint -------------------------------------------------------------------------------- /app/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: waypoint-demo 5 | data: 6 | username: Taylor -------------------------------------------------------------------------------- /azure.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/azurerm/latest 2 | provider "azurerm" { 3 | features {} 4 | } 5 | -------------------------------------------------------------------------------- /app/views/partials/header.ejs: -------------------------------------------------------------------------------- 1 | Waypoint Node.js Example 2 | 3 | -------------------------------------------------------------------------------- /app/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | services: 3 | vault: 4 | image: vault:1.6.2 5 | ports: 6 | - 8200:8200 7 | cap_add: 8 | - IPC_LOCK -------------------------------------------------------------------------------- /resource_groups.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group 2 | resource "azurerm_resource_group" "project" { 3 | name = var.project_name 4 | location = var.region 5 | } 6 | -------------------------------------------------------------------------------- /charts/vault.yaml: -------------------------------------------------------------------------------- 1 | injector: 2 | enabled: true 3 | metrics: 4 | enabled: true 5 | server: 6 | image: 7 | repository: "vault" 8 | tag: "1.6.1" 9 | auditStorage: 10 | enabled: true 11 | ha: 12 | enabled: true 13 | raft: 14 | enabled: True -------------------------------------------------------------------------------- /charts/consul.yaml: -------------------------------------------------------------------------------- 1 | global: 2 | name: consul 3 | enabled: true 4 | gossipEncryption: 5 | secretName: consul-gossip-encryption-key 6 | secretKey: key 7 | tls: 8 | enabled: true 9 | enableAutoEncrypt: true 10 | verify: true 11 | acls: 12 | manageSystemACLs: true 13 | 14 | connectInject: 15 | enabled: true 16 | 17 | controller: 18 | enabled: true -------------------------------------------------------------------------------- /kubernetes.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/kubernetes/2.0.1 2 | provider "kubernetes" { 3 | host = module.aks.host 4 | client_certificate = base64decode(module.aks.client_certificate) 5 | client_key = base64decode(module.aks.client_key) 6 | cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate) 7 | } 8 | -------------------------------------------------------------------------------- /app/index.js: -------------------------------------------------------------------------------- 1 | const express = require('express') 2 | const path = require('path') 3 | const PORT = process.env.PORT || 5000 4 | 5 | express() 6 | .use(express.static(path.join(__dirname, 'public'))) 7 | .set('views', path.join(__dirname, 'views')) 8 | .set('view engine', 'ejs') 9 | .get('/', (req, res) => res.render('pages/index')) 10 | .listen(PORT, () => console.log(`Listening on ${ PORT }`)) 11 | -------------------------------------------------------------------------------- /helm.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/helm/2.0.2 2 | provider "helm" { 3 | debug = false 4 | 5 | kubernetes { 6 | host = module.aks.host 7 | client_certificate = base64decode(module.aks.client_certificate) 8 | client_key = base64decode(module.aks.client_key) 9 | cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate) 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /app/README.md: -------------------------------------------------------------------------------- 1 | # Waypoint Kubernetes Example 2 | 3 | |Title|Description| 4 | |---|---| 5 | |Pack|Cloud Native Buildpack| 6 | |Cloud|Any| 7 | |Language|NodeJS| 8 | |Docs|[Kubernetes](https://www.waypointproject.io/plugins/kubernetes)| 9 | |Tutorial|[HashiCorp Learn](https://learn.hashicorp.com/tutorials/waypoint/get-started-kubernetes)| 10 | 11 | Waypoint can deploy to a local Kubernetes server or a cloud-hosted cluster. See the tutorial for details. -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | #.tfvars files 9 | *.tfvars 10 | 11 | # Crash log files 12 | crash.log 13 | 14 | # Ignore override files as they are usually used to override resources locally and so 15 | # are not checked in 16 | override.tf 17 | override.tf.json 18 | *_override.tf 19 | *_override 20 | 21 | # Packer variables 22 | *.pkrvars.hcl 23 | *auto.pkrvars.hcl -------------------------------------------------------------------------------- /azure_key_vault_key.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key 2 | resource "azurerm_key_vault_key" "generated" { 3 | name = "vault-aks" 4 | key_vault_id = azurerm_key_vault.vault.id 5 | key_type = "RSA" 6 | key_size = 2048 7 | 8 | key_opts = [ 9 | "decrypt", 10 | "encrypt", 11 | "sign", 12 | "unwrapKey", 13 | "verify", 14 | "wrapKey", 15 | ] 16 | } 17 | -------------------------------------------------------------------------------- /vault_configuration.example: -------------------------------------------------------------------------------- 1 | ui = true 2 | listener "tcp" { 3 | tls_disable = 1 4 | address = "[::]:8200" 5 | cluster_address = "[::]:8201" 6 | } 7 | 8 | storage "raft" { 9 | path = "/vault/data" 10 | } 11 | 12 | seal "azurekeyvault" { 13 | tenant_id = "" 14 | client_id = "" 15 | client_secret = "" 16 | vault_name = "vault-on-aks" 17 | key_name = "vault-aks" 18 | subscription_id = "" 19 | } 20 | 21 | service_registration "kubernetes" {} -------------------------------------------------------------------------------- /app/public/logo.svg: -------------------------------------------------------------------------------- 1 | 4 | -------------------------------------------------------------------------------- /helm_release_vault.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/helm/2.0.2/docs/resources/release 2 | resource "helm_release" "vault" { 3 | name = "vault" 4 | chart = "vault" 5 | repository = "https://helm.releases.hashicorp.com" 6 | 7 | # see https://github.com/hashicorp/vault-helm/tags 8 | version = "0.9.1" 9 | 10 | values = [ 11 | file("charts/vault.yaml") 12 | ] 13 | 14 | set { 15 | name = "server.ha.raft.config" 16 | value = var.vault_config 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /network.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/modules/Azure/network/azurerm/3.2.1 2 | module "network" { 3 | source = "Azure/network/azurerm" 4 | version = "3.2.1" 5 | 6 | resource_group_name = azurerm_resource_group.project.name 7 | address_space = "11.0.0.0/16" 8 | subnet_prefixes = ["11.0.1.0/24"] 9 | subnet_names = ["subnet1"] 10 | 11 | # see https://www.terraform.io/docs/language/meta-arguments/depends_on.html 12 | depends_on = [ 13 | azurerm_resource_group.project 14 | ] 15 | } 16 | -------------------------------------------------------------------------------- /kubernetes_secret.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/kubernetes/2.0.1/docs/resources/secret 2 | resource "kubernetes_secret" "consul_gossip_encryption_key" { 3 | metadata { 4 | name = "consul-gossip-encryption-key" 5 | } 6 | 7 | # This hard-coded value is for demonstration purposes only. This is NOT a best-practice! 8 | # For secrets management, we recommend HashiCorp Vault and your preferred cloud secret management service(s). 9 | data = { 10 | key = "VuM/Fj4rf+QFUD8jo4Hg7k2JEKMjAMFHOePPXTkXqxE=" 11 | } 12 | 13 | type = "Opaque" 14 | } 15 | -------------------------------------------------------------------------------- /app/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-js-getting-started", 3 | "version": "0.3.0", 4 | "description": "A sample Node.js app using Express 4", 5 | "engines": { 6 | "node": "12.x" 7 | }, 8 | "main": "index.js", 9 | "scripts": { 10 | "start": "node index.js", 11 | "test": "node test.js" 12 | }, 13 | "dependencies": { 14 | "ejs": "^2.5.6", 15 | "express": "^4.15.2" 16 | }, 17 | "devDependencies": { 18 | "got": "^11.3.0", 19 | "tape": "^4.7.0" 20 | }, 21 | "keywords": [ 22 | "node", 23 | "express" 24 | ], 25 | "license": "MIT" 26 | } 27 | -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | variable "project_name" { 2 | type = string 3 | description = "Globally used project name" 4 | default = "aks-hashicorp" 5 | } 6 | 7 | variable "region" { 8 | type = string 9 | description = "Azure Region that will be used" 10 | default = "West US" 11 | } 12 | 13 | variable "cluster_version" { 14 | type = string 15 | description = "The Kubernetes version for our clusters" 16 | default = "1.20.2" 17 | } 18 | 19 | variable "vault_config" { 20 | type = string 21 | description = "Vault configuration for Kubernetes" 22 | } 23 | -------------------------------------------------------------------------------- /aks.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/modules/Azure/aks/azurerm/4.7.0 2 | module "aks" { 3 | source = "Azure/aks/azurerm" 4 | version = "4.7.0" 5 | 6 | kubernetes_version = var.cluster_version 7 | orchestrator_version = var.cluster_version 8 | resource_group_name = azurerm_resource_group.project.name 9 | prefix = var.project_name 10 | agents_count = 3 11 | vnet_subnet_id = module.network.vnet_subnets[0] 12 | os_disk_size_gb = 100 13 | 14 | # see https://www.terraform.io/docs/language/meta-arguments/depends_on.html 15 | depends_on = [ 16 | module.network 17 | ] 18 | } 19 | -------------------------------------------------------------------------------- /helm_release_consul.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/helm/2.0.2/docs/resources/release 2 | resource "helm_release" "consul" { 3 | name = "hashicorp" 4 | chart = "consul" 5 | repository = "https://helm.releases.hashicorp.com" 6 | 7 | # see https://github.com/hashicorp/consul-helm/tags 8 | version = "0.29.0" 9 | 10 | values = [ 11 | file("charts/consul.yaml") 12 | ] 13 | 14 | set { 15 | name = "global.datacenter" 16 | value = var.project_name 17 | } 18 | 19 | # see https://www.terraform.io/docs/language/meta-arguments/depends_on.html 20 | depends_on = [ 21 | kubernetes_secret.consul_gossip_encryption_key 22 | ] 23 | } 24 | -------------------------------------------------------------------------------- /app/waypoint.hcl: -------------------------------------------------------------------------------- 1 | project = "example-nodejs" 2 | 3 | config { 4 | env = { 5 | "SECRET_NAME" = configdynamic("kubernetes", { 6 | name = "waypoint-demo" 7 | key = "username" 8 | }) 9 | } 10 | } 11 | 12 | app "example-nodejs" { 13 | labels = { 14 | "service" = "example-nodejs", 15 | "env" = "dev" 16 | } 17 | 18 | build { 19 | use "pack" {} 20 | registry { 21 | use "docker" { 22 | image = "onlydole/example-nodejs" 23 | tag = "1" 24 | } 25 | } 26 | } 27 | 28 | deploy { 29 | use "kubernetes" { 30 | probe_path = "/" 31 | } 32 | } 33 | 34 | release { 35 | use "kubernetes" { 36 | } 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /app/public/hashi.svg: -------------------------------------------------------------------------------- 1 | 4 | -------------------------------------------------------------------------------- /azure_key_vault.tf: -------------------------------------------------------------------------------- 1 | # see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault 2 | data "azurerm_client_config" "current" {} 3 | 4 | resource "azurerm_key_vault" "vault" { 5 | name = "vault-on-aks" 6 | location = azurerm_resource_group.project.location 7 | resource_group_name = azurerm_resource_group.project.name 8 | tenant_id = data.azurerm_client_config.current.tenant_id 9 | soft_delete_retention_days = 7 10 | purge_protection_enabled = false 11 | 12 | sku_name = "standard" 13 | 14 | access_policy { 15 | tenant_id = data.azurerm_client_config.current.tenant_id 16 | object_id = data.azurerm_client_config.current.object_id 17 | 18 | key_permissions = [ 19 | "create", 20 | "delete", 21 | "purge", 22 | "get", 23 | "list" 24 | ] 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /terraform.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | null = { 4 | source = "hashicorp/null" 5 | version = "3.0.0" 6 | } 7 | template = { 8 | source = "hashicorp/template" 9 | version = "2.2.0" 10 | } 11 | kubernetes = { 12 | source = "hashicorp/kubernetes" 13 | version = "2.0.2" 14 | } 15 | azurerm = { 16 | source = "hashicorp/azurerm" 17 | version = "2.46.1" 18 | } 19 | random = { 20 | source = "hashicorp/random" 21 | version = "3.0.1" 22 | } 23 | local = { 24 | source = "hashicorp/local" 25 | version = "2.0.0" 26 | } 27 | helm = { 28 | source = "hashicorp/helm" 29 | version = "2.0.2" 30 | } 31 | } 32 | 33 | required_version = "0.14.7" 34 | 35 | backend "remote" { 36 | hostname = "app.terraform.io" 37 | organization = "onlydole" 38 | 39 | workspaces { 40 | name = "aks-the-hashicorp-way" 41 | } 42 | } 43 | } 44 | 45 | -------------------------------------------------------------------------------- /app/views/pages/index.ejs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | <% include ../partials/header.ejs %> 5 | 6 | 7 | 8 |

9 |

10 | 11 |

12 | 13 |

14 |

15 |

16 |

17 |

18 |

Hello, <%= process.env.SECRET_NAME %> ! This Node.js app was deployed with Waypoint.

19 |

20 | Try making a change to this text locally and run waypoint up again to see it. 21 |

22 |

23 | Read the documentation for more about Waypoint. 24 |

25 |

26 | 31 |

32 | 33 | 34 | -------------------------------------------------------------------------------- /app/public/stylesheets/main.css: -------------------------------------------------------------------------------- 1 | :root { 2 | --text: #E4E5E7; 3 | --background: #000; 4 | --brand: 4, 198, 194; 5 | --headline: #FFF; 6 | } 7 | 8 | * { 9 | margin: 0; 10 | padding: 0; 11 | } 12 | 13 | html, 14 | body { 15 | min-height: 100vh; 16 | } 17 | 18 | body { 19 | font-family: BlinkMacSystemFont, -apple-system, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Cantarell", "Fira Sans", "Droid Sans", "Helvetica Neue", "Helvetica", "Arial", sans-serif; 20 | font-size: 15px; 21 | line-height: 24px; 22 | color: var(--text); 23 | text-align: center; 24 | background-image: url(/pattern-tl.svg), url(/pattern-br.svg); 25 | background-position: top left, bottom right; 26 | background-repeat: no-repeat; 27 | background-color: var(--background); 28 | } 29 | 30 | .container { 31 | display: flex; 32 | flex-direction: column; 33 | min-height: calc(100vh - 80px - 60px); 34 | padding: 80px 60px 60px; 35 | } 36 | 37 | section { 38 | display: flex; 39 | flex-direction: column; 40 | align-items: center; 41 | justify-content: center; 42 | flex-grow: 1; 43 | padding: 60px 0; 44 | } 45 | 46 | section .language-icon { 47 | display: flex; 48 | align-items: center; 49 | justify-content: center; 50 | width: 80px; 51 | height: 80px; 52 | border-radius: 100%; 53 | border: 1px solid rgba(var(--brand), .5); 54 | background: rgba(var(--brand), .15); 55 | } 56 | 57 | section h1 { 58 | color: var(--headline); 59 | font-size: 18px; 60 | font-weight: 600; 61 | padding: 40px 0 8px; 62 | } 63 | 64 | section p { 65 | padding-top: 12px; 66 | } 67 | 68 | section code { 69 | font-family: 'SFMono-Regular', Consolas, 'Liberation Mono', Menlo, Courier, monospace; 70 | font-size: 14px; 71 | padding: 4px 6px; 72 | margin: 0 2px; 73 | border-radius: 3px; 74 | background: rgba(255, 255, 255, .15); 75 | } 76 | 77 | section a { 78 | color: rgb(var(--brand)); 79 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Vault on AKS 2 | 3 | > Deploying Vault on Azure Kubernetes Service using Terraform 4 | 5 | ## Table of Contents 6 | 7 | - [Vault on AKS](#vault-on-aks) 8 | - [Table of Contents](#table-of-contents) 9 | - [Requirements](#requirements) 10 | - [Additional Reading](#additional-reading) 11 | - [Author Information](#author-information) 12 | - [License](#license) 13 | 14 | ## Requirements 15 | 16 | To use the code in this repository, you will need the following applications: 17 | 18 | - [HashiCorp Terraform](https://www.terraform.io/downloads.html) `0.14.6` (or later) 19 | - Azure CLI [az](https://docs.microsoft.com/en-us/cli/azure/) `2.0.0` (or later) 20 | 21 | ## Author Information 22 | 23 | This repository is maintained by [Taylor Dolezal](https://github.com/onlydole) 24 | 25 | ## Additional Reading 26 | 27 | ### Terraform 28 | 29 | - Creating Terraform resources: [learn.hashicorp.com/tutorials/terraform/azure-dependency](https://learn.hashicorp.com/tutorials/terraform/azure-dependency?in=terraform/azure-get-started) 30 | - Terraform Remote State: [learn.hashicorp.com/tutorials/terraform/azure-remote](https://learn.hashicorp.com/tutorials/terraform/azure-remote?in=terraform/azure-get-started) 31 | - Provisioning AKS Clusters: [learn.hashicorp.com/tutorials/terraform/aks](https://learn.hashicorp.com/tutorials/terraform/aks?in=terraform/kubernetes) 32 | - Managing Kubernetes resources: [learn.hashicorp.com/tutorials/terraform/kubernetes-provider](https://learn.hashicorp.com/tutorials/terraform/kubernetes-provider?in=terraform/kubernetes) 33 | 34 | ### Consul 35 | 36 | - Introduction to Consul [learn.hashicorp.com/tutorials/consul/deployment-overview](https://learn.hashicorp.com/tutorials/consul/deployment-overview?in=consul/production-deploy) 37 | - Consul on Kubernetes: [learn.hashicorp.com/collections/consul/gs-consul-service-mesh](https://learn.hashicorp.com/collections/consul/gs-consul-service-mesh) 38 | 39 | ## License 40 | 41 | Licensed under the Apache License, Version 2.0 (the "License"). 42 | 43 | You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0). 44 | 45 | Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied. 46 | 47 | See the License for the specific language governing permissions and limitations under the License. 48 | -------------------------------------------------------------------------------- /app/public/language.svg: -------------------------------------------------------------------------------- 1 | 4 | -------------------------------------------------------------------------------- /.terraform.lock.hcl: -------------------------------------------------------------------------------- 1 | # This file is maintained automatically by "terraform init". 2 | # Manual edits may be lost in future updates. 3 | 4 | provider "registry.terraform.io/hashicorp/azurerm" { 5 | version = "2.46.1" 6 | constraints = "~> 2.34, 2.46.1" 7 | hashes = [ 8 | "h1:JxNFB4W/mD8xHtz/c1fBZyMDOYRZSxxGO0/OFRjNCUU=", 9 | "zh:16f6748a13d0c99b93b7edb293bcc9090c162b36a9ea6fe0e0e8b626190d969a", 10 | "zh:488aef4b9481f2cc598eea739f4ec0d17a753c75e4ca9ab2e9e6b043c1dbc1c0", 11 | "zh:667c4decb7942f8ea7e4c2d6b32e110ec1b318a25c919a363d1b54c3e406bc3d", 12 | "zh:6f5737c283d23bcf703f33b4b3c4b222e9efdb11c54db99f8e41e59567292baa", 13 | "zh:7e317512824775ca6d8c49e977527c47c7c38a77fd42f9e45e7425848123cb45", 14 | "zh:884371bb4a00a4832b032f2a773c3214a3dfea5f29688339ffef8aafb956b0bb", 15 | "zh:a090a778822c99b0bb0e81c4783ebfbc2899d20acea885b262d8ae8c76778f83", 16 | "zh:ed524db85122718f3fef002cafa96a324037f125bc54f2e8de4715ad0fcf15a5", 17 | "zh:f7064f17b4db9f250490f221683ed5db71a6a9dbaeaba717589f6b9f7470710c", 18 | "zh:ff0a1fe028e40e3652656a5b5ce889355a70e41daa899bf543715c599e313a98", 19 | ] 20 | } 21 | 22 | provider "registry.terraform.io/hashicorp/helm" { 23 | version = "2.0.2" 24 | constraints = "2.0.2" 25 | hashes = [ 26 | "h1:GJjzJSGrKLlrAX1hJf/FdrP7kYkkEBqtuFjcaKMX/rw=", 27 | "zh:09f7b2389f0e41f51c933d014fe3a89aa53c12801ab45c082d3626689961d5a6", 28 | "zh:0af792512adf59648b7cb7f0f194151ac926ae6805ffdb2baf61512b55933e17", 29 | "zh:0e29837d65bf4dbe3b9766221a1a4448b2c9df7f4d3049a0b6812055e299c063", 30 | "zh:25a0c4d1cba9a22f4d12f6465f191db6e2ec675cbc2c7751bf128bcae23848a8", 31 | "zh:6d92f9ffd43a45f0f0da4c59cbb1790b163235882532a88344a53b8526808979", 32 | "zh:7c98a0e05f106d4bbfc0c81f7d8b41bc8e867a99b30ccd472367d0414e778c30", 33 | "zh:8de8232eedfa4ade990faea4ed3706f0846eb1d66fb82aa22718c7a9aeda92b1", 34 | "zh:baff5ff10c9573104d25eece9f79477112ed6882c0ea9280ecbfa944d117838d", 35 | "zh:d151fac8be471922cbe137f5a263f4854cdcfbf3fb8af7db83c709d64956934b", 36 | "zh:e4d238facc27fc91d26aef79b7f398a6b9f3a1fe078c8d3f0cd4df47ec5aaacd", 37 | ] 38 | } 39 | 40 | provider "registry.terraform.io/hashicorp/kubernetes" { 41 | version = "2.0.2" 42 | constraints = "2.0.2" 43 | hashes = [ 44 | "h1:vNrgTrqsLcL2Uw8kr89ZIq2NF858MZ15sLtNfd55hVA=", 45 | "zh:4e66d509c828b0a2e599a567ad470bf85ebada62788aead87a8fb621301dec55", 46 | "zh:55ca6466a82f60d2c9798d171edafacc9ea4991aa7aa32ed5d82d6831cf44542", 47 | "zh:65741e6910c8b1322d9aef5dda4d98d1e6409aebc5514b518f46019cd06e1b47", 48 | "zh:79456ca037c19983977285703f19f4b04f7eadcf8eb6af21f5ea615026271578", 49 | "zh:7c39ced4dc44181296721715005e390021770077012c206ab4c209fb704b34d0", 50 | "zh:86856c82a6444c19b3e3005e91408ac68eb010c9218c4c4119fc59300b107026", 51 | "zh:999865090c72fa9b85c45e76b20839da51714ae429d1ab14b7d8ce66c2655abf", 52 | "zh:a3ea0ae37c61b4bfe81f7a395fb7b5ba61564e7d716d7a191372c3c983271d13", 53 | "zh:d9061861822933ebb2765fa691aeed2930ee495bfb6f72a5bdd88f43ccd9e038", 54 | "zh:e04adbe0d5597d1fdd4f418be19c9df171f1d709009f63b8ce1239b71b4fa45a", 55 | ] 56 | } 57 | 58 | provider "registry.terraform.io/hashicorp/local" { 59 | version = "2.0.0" 60 | constraints = "2.0.0" 61 | hashes = [ 62 | "h1:pO1ANXtOCRfecKsY9Hn4UsXoPBLv6LFiDIEiS1MZ09E=", 63 | "zh:34ce8b79493ace8333d094752b579ccc907fa9392a2c1d6933a6c95d0786d3f1", 64 | "zh:5c5a19c4f614a4ffb68bae0b0563f3860115cf7539b8adc21108324cfdc10092", 65 | "zh:67ddb1ca2cd3e1a8f948302597ceb967f19d2eeb2d125303493667388fe6330e", 66 | "zh:68e6b16f3a8e180fcba1a99754118deb2d82331b51f6cca39f04518339bfdfa6", 67 | "zh:8393a12eb11598b2799d51c9b0a922a3d9fadda5a626b94a1b4914086d53120e", 68 | "zh:90daea4b2010a86f2aca1e3a9590e0b3ddcab229c2bd3685fae76a832e9e836f", 69 | "zh:99308edc734a0ac9149b44f8e316ca879b2670a1cae387a8ae754c180b57cdb4", 70 | "zh:c76594db07a9d1a73372a073888b672df64adb455d483c2426cc220eda7e092e", 71 | "zh:dc09c1fb36c6a706bdac96cce338952888c8423978426a09f5df93031aa88b84", 72 | "zh:deda88134e9780319e8de91b3745520be48ead6ec38cb662694d09185c3dac70", 73 | ] 74 | } 75 | 76 | provider "registry.terraform.io/hashicorp/null" { 77 | version = "3.0.0" 78 | constraints = "3.0.0" 79 | hashes = [ 80 | "h1:V1tzrSG6t3e7zWvUwRbGbhsWU2Jd/anrJpOl9XM+R/8=", 81 | "zh:05fb7eab469324c97e9b73a61d2ece6f91de4e9b493e573bfeda0f2077bc3a4c", 82 | "zh:1688aa91885a395c4ae67636d411475d0b831e422e005dcf02eedacaafac3bb4", 83 | "zh:24a0b1292e3a474f57c483a7a4512d797e041bc9c2fbaac42fe12e86a7fb5a3c", 84 | "zh:2fc951bd0d1b9b23427acc93be09b6909d72871e464088171da60fbee4fdde03", 85 | "zh:6db825759425599a326385a68acc6be2d9ba0d7d6ef587191d0cdc6daef9ac63", 86 | "zh:85985763d02618993c32c294072cc6ec51f1692b803cb506fcfedca9d40eaec9", 87 | "zh:a53186599c57058be1509f904da512342cfdc5d808efdaf02dec15f0f3cb039a", 88 | "zh:c2e07b49b6efa676bdc7b00c06333ea1792a983a5720f9e2233db27323d2707c", 89 | "zh:cdc8fe1096103cf5374751e2e8408ec4abd2eb67d5a1c5151fe2c7ecfd525bef", 90 | "zh:dbdef21df0c012b0d08776f3d4f34eb0f2f229adfde07ff252a119e52c0f65b7", 91 | ] 92 | } 93 | 94 | provider "registry.terraform.io/hashicorp/random" { 95 | version = "3.0.1" 96 | constraints = "3.0.1" 97 | hashes = [ 98 | "h1:0QaSbRBgBi8vI/8IRwec1INdOqBxXbgsSFElx1O4k4g=", 99 | "zh:0d4f683868324af056a9eb2b06306feef7c202c88dbbe6a4ad7517146a22fb50", 100 | "zh:4824b3c7914b77d41dfe90f6f333c7ac9860afb83e2a344d91fbe46e5dfbec26", 101 | "zh:4b82e43712f3cf0d0cbc95b2cbcd409ba8f0dc7848fdfb7c13633c27468ed04a", 102 | "zh:78b3a2b860c3ebc973a794000015f5946eb59b82705d701d487475406b2612f1", 103 | "zh:88bc65197bd74ff408d147b32f0045372ae3a3f2a2fdd7f734f315d988c0e4a2", 104 | "zh:91bd3c9f625f177f3a5d641a64e54d4b4540cb071070ecda060a8261fb6eb2ef", 105 | "zh:a6818842b28d800f784e0c93284ff602b0c4022f407e4750da03f50b853a9a2c", 106 | "zh:c4a1a2b52abd05687e6cfded4a789dcd7b43e7a746e4d02dd1055370cf9a994d", 107 | "zh:cf65041bf12fc3bde709c1d267dbe94142bc05adcabc4feb17da3b12249132ac", 108 | "zh:e385e00e7425dda9d30b74ab4ffa4636f4b8eb23918c0b763f0ffab84ece0c5c", 109 | ] 110 | } 111 | 112 | provider "registry.terraform.io/hashicorp/template" { 113 | version = "2.2.0" 114 | constraints = "2.2.0" 115 | hashes = [ 116 | "h1:0wlehNaxBX7GJQnPfQwTNvvAf38Jm0Nv7ssKGMaG6Og=", 117 | "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386", 118 | "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53", 119 | "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603", 120 | "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16", 121 | "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776", 122 | "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451", 123 | "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae", 124 | "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde", 125 | "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d", 126 | "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2", 127 | ] 128 | } 129 | 130 | provider "registry.terraform.io/hashicorp/tls" { 131 | version = "3.1.0" 132 | hashes = [ 133 | "h1:XTU9f6sGMZHOT8r/+LWCz2BZOPH127FBTPjMMEAAu1U=", 134 | "zh:3d46616b41fea215566f4a957b6d3a1aa43f1f75c26776d72a98bdba79439db6", 135 | "zh:623a203817a6dafa86f1b4141b645159e07ec418c82fe40acd4d2a27543cbaa2", 136 | "zh:668217e78b210a6572e7b0ecb4134a6781cc4d738f4f5d09eb756085b082592e", 137 | "zh:95354df03710691773c8f50a32e31fca25f124b7f3d6078265fdf3c4e1384dca", 138 | "zh:9f97ab190380430d57392303e3f36f4f7835c74ea83276baa98d6b9a997c3698", 139 | "zh:a16f0bab665f8d933e95ca055b9c8d5707f1a0dd8c8ecca6c13091f40dc1e99d", 140 | "zh:be274d5008c24dc0d6540c19e22dbb31ee6bfdd0b2cddd4d97f3cd8a8d657841", 141 | "zh:d5faa9dce0a5fc9d26b2463cea5be35f8586ab75030e7fa4d4920cd73ee26989", 142 | "zh:e9b672210b7fb410780e7b429975adcc76dd557738ecc7c890ea18942eb321a5", 143 | "zh:eb1f8368573d2370605d6dbf60f9aaa5b64e55741d96b5fb026dbfe91de67c0d", 144 | "zh:fc1e12b713837b85daf6c3bb703d7795eaf1c5177aebae1afcf811dd7009f4b0", 145 | ] 146 | } 147 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. -------------------------------------------------------------------------------- /app/public/pattern-tl.svg: -------------------------------------------------------------------------------- 1 | 220 | -------------------------------------------------------------------------------- /app/public/pattern-br.svg: -------------------------------------------------------------------------------- 1 | 293 | --------------------------------------------------------------------------------