Update 'worker.tf'

From terraform plan --help
>  -detailed-exitcode  Return detailed exit codes when the command exits. This
>                      will change the meaning of exit codes to:
>                      0 - Succeeded, diff is empty (no changes)
>                      1 - Errored
>                      2 - Succeeded, there is a diff

.drone.yml

@@ -34,7 +34,7 @@ steps:
 - name: terraform plan
   image: hashicorp/terraform:1.1.8
   commands:
-    - terraform plan -var-file ci.tfvars -out .tfplan
+    - terraform plan $([[ $${DRONE_BUILD_EVENT} = cron ]] && echo "-detailed-exitcode") -var-file ci.tfvars -out .tfplan
   environment:
     AWS_ACCESS_KEY_ID:
       from_secret: terraform-aws-key-id
@@ -61,13 +61,6 @@ steps:
       from_secret: terraform-aws-key-id
     AWS_SECRET_ACCESS_KEY:
       from_secret: terraform-aws-secret-access-key
-    KUBE_TOKEN:
-      from_secret: lawndale-k8s-ci-token
-    TF_VAR_lawndale_dns_key_secret:
-      from_secret: lawndale-dns-key-secret
-    TF_VAR_lawndale_dns_key_algorithm:
-      from_secret: lawndale-dns-key-algorithm
-
 ---
 kind: pipeline
 type: kubernetes
@@ -92,6 +85,6 @@ steps:
 
 ---
 kind: signature
-hmac: 1a1e96092143802284d04077f335273f767aeeb7122438b1538e170da4d35da5
+hmac: 95f8db197163e884f2eee4b14af136b9ea1e0f88f626079b4a3b38b43b91c6a8
 
 ...

README.md

@@ -69,6 +69,7 @@ Version:
 The following resources are used by this module:
 
 - [helm_release.coredns](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
+- [helm_release.kube_state_metrics](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
 - [helm_release.metrics_server](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
 - [helm_release.traefik](https://registry.terraform.io/providers/hashicorp/helm/2.5.1/docs/resources/release) (resource)
 - [kubernetes_cluster_role.ci_cd](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role) (resource)

ci.tf

@@ -100,4 +100,20 @@ resource "kubernetes_cluster_role" "ci_cd" {
     ]
     verbs = ["create", "delete", "get", "list", "patch", "update", "watch"]
   }
+
+  rule {
+    api_groups = ["traefik.containo.us"]
+    resources = [
+      "ingressroutes",
+      "ingressroutetcps",
+      "ingressrouteudps",
+      "middlewares",
+      "middlewaretcps",
+      "serverstransports",
+      "tlsoptions",
+      "tlsstores",
+      "traefikservices",
+    ]
+    verbs = ["create", "delete", "get", "list", "patch", "update", "watch"]
+  }
 }

kube-state-metrics.tf

@@ -0,0 +1,35 @@
+resource "helm_release" "kube_state_metrics" {
+  name      = "kube-state-metrics"
+  namespace = "kube-system"
+
+  repository = "https://prometheus-community.github.io/helm-charts"
+  chart      = "kube-state-metrics"
+  version    = "4.13.0"
+
+  values = [
+    jsonencode({
+      rbac = {
+        create         = true
+        useClusterRole = true
+      }
+      serviceAccount = {
+        create = true
+      }
+      podSecurityPolicy = {
+        enabled = false
+      }
+    }),
+    jsonencode({
+      autosharding = {
+        enabled = false
+      }
+    }),
+    jsonencode({
+      customLabels = {
+        "prometheus.io/scrape" = "true"
+        "prometheus.io/port"   = "8080"
+        "prometheus.io/scheme" = "http"
+      }
+    }),
+  ]
+}

worker.tf

@@ -1,7 +1,7 @@
 locals {
   pool_name       = "kubernetes-workers"
   worker_id_start = 80
-  worker_count    = 1
+  worker_count    = 2
 }
 
 resource "libvirt_pool" "kubernetes_workers" {