search

jenkins-x / terraform-aws-eks-jx

A Terraform module for creating Jenkins X infrastructure on AWS
Apache License 2.0
63 stars 43 forks source link

Ensure role-arn annotation in external-dns SA matches actual external-dns role ARN (eks external-dns support) #176

Closed ajp-lqx closed 4 years ago

ajp-lqx commented 4 years ago

Summary

This issue is almost the inverse of #175. The role-arn annotation in the external-dns service account does not match the ARN of the IAM role created for external-dns. The ARN in the annotation is something like arn:aws:iam::<ACCOUNT ID>:role/<CLUSTER NAME>-jx-external-dns whereas the actual ARN is more like arn:aws:iam::<ACCOUNT ID>:role/tf-<CLUSTER NAME>-sa-role-external_dns-baghXAqy. The last bit is a random seed.

Steps to reproduce the behavior

  1. Set enable_external_dns = true in the main.tf file when terraforming the cluster, this will create the appropriate IAM role
  2. Add the bitnami/external-dns chart in the helmfile.yaml and set externalDNS: true in the jx-requirements.yml for boot
  3. Observe that the created service account in the cluster has a role-arn annotation that does match the role ARN of the IAM role created in step 1.

Expected behavior

The role-arn annotation match the actual IAM role's ARN.

Actual behavior

The role-arn annotation does not match the actual IAM role's ARN.

Module version

v1.8.1

ajpauwels commented 4 years ago

/assign

ankitm123 commented 4 years ago

:tada: This issue has been resolved in version 1.8.2 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: