Epic based on Production Usage

[voatsap]

We have been used cluster.dev in several production infrastructures and some outputs after 3-4 month of usage:

0. Project or Account ID's should be configurable within manifest.
1. Cluster full name should be configurable without using repo name (need to add separate organization field).
2. User should be able to define state storage bucket name/location-arn(now its only generated).
3. The cloud secret storage should be provisioned along with env. 3.1. Secret propagation with https://github.com/godaddy/kubernetes-external-secrets should be used as a default approach.
4. Core modules: External-dns, Cert-manager, Nginx-ingress, ArgoCD, ExternalSecrets should be provisioned by Terraform along with the k8s cluster.
5. Other k8s addons could be provisioned by ArgoCD itself using configurable apps-of-the apps approach passing git urls' for addon locations. This prevents additional Terraform reconcilation loop for addons and workloads. 5.1. Adding new git repo url with workloads should trigger TF reconcilation.
6. More flexible module structure. We should avoid using remote states. Utilize outputs and pass it to next modules using reconciler itself(possible side-effects should be investigated). 6.1. Modules should have dependency graphs (some concept behind it could be found in terraspace implementation: https://terraspace.cloud/docs/dependencies/)
7. User management should be done using Cloud User Accounts instead of external integrations(too complex to implement) 7.1. IAM policies and roles and should be more configurable and possibly handled by separate module.

[MaxymVlasov]

6. ... We should avoid using remote states. ...

Can you describe the problem of remote-state usage?

[voatsap]

Resolved by Refactoring of cdev itself