From e3c3e1a50aaaec2b555134ddcdfb6df43ea987b9 Mon Sep 17 00:00:00 2001
From: Rui <mail@ruicampos.org>
Date: Mon, 2 Sep 2024 09:46:59 +0000
Subject: [PATCH 1/2] fix: node policy attachment

---
 k8s/eks.tf | 116 +++++++++++++++++++++++++++++++----------------------
 1 file changed, 68 insertions(+), 48 deletions(-)

diff --git a/k8s/eks.tf b/k8s/eks.tf
index c4c7562..1b03ed1 100644
--- a/k8s/eks.tf
+++ b/k8s/eks.tf
@@ -1,9 +1,18 @@
 
+# ------------------------------------------------------------------
+# DATA
+# ------------------------------------------------------------------
+
 # https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/ 
 data "aws_iam_policy" "ebs_csi_policy" {
   arn = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy"
 }
 
+
+# ------------------------------------------------------------------
+# RESOURCES
+# ------------------------------------------------------------------
+
 module "irsa-ebs-csi" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
   version = "5.44.0"
@@ -15,6 +24,54 @@ module "irsa-ebs-csi" {
   oidc_fully_qualified_subjects = ["system:serviceaccount:kube-system:ebs-csi-controller-sa"]
 }
 
+
+module "eks" {
+  source  = "terraform-aws-modules/eks/aws"
+  version = "20.24.0"
+
+  cluster_name    = "cloud-dev-infra"
+  cluster_version = "1.29"
+
+  cluster_endpoint_private_access = true
+
+  cluster_enabled_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
+
+  enable_cluster_creator_admin_permissions = true
+
+  vpc_id     = module.vpc.vpc_id
+  subnet_ids = module.vpc.private_subnets
+
+  create_iam_role = true
+
+  cluster_addons = {
+    aws-ebs-csi-driver = {
+      service_account_role_arn = module.irsa-ebs-csi.iam_role_arn
+    }
+  }
+
+  cluster_additional_security_group_ids = [
+    module.https_443_security_group.security_group_id
+  ]
+
+  eks_managed_node_group_defaults = {
+    ami_type = "AL2_x86_64"
+  }
+
+  # https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest/submodules/eks-managed-node-group
+  eks_managed_node_groups = {
+    one = {
+      name = "node-group-1"
+
+      instance_types = ["t3.small"]
+      capacity_type  = "SPOT"
+
+      min_size     = 0
+      max_size     = 3
+      desired_size = 1
+    }
+  }
+}
+
 resource "aws_iam_policy" "coder_policy" {
   name        = "cloud-infra-coder-policy"
   path        = "/"
@@ -69,57 +126,20 @@ resource "aws_iam_policy" "coder_policy" {
   })
 }
 
-module "eks" {
-  source  = "terraform-aws-modules/eks/aws"
-  version = "20.24.0"
-
-  cluster_name    = "cloud-dev-infra"
-  cluster_version = "1.29"
-
-  cluster_endpoint_private_access = true
-
-  cluster_enabled_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
-
-  enable_cluster_creator_admin_permissions = true
-
-  vpc_id     = module.vpc.vpc_id
-  subnet_ids = module.vpc.private_subnets
-
-  create_iam_role = true
-  iam_role_additional_policies = {
-    "additional-policie" : aws_iam_policy.coder_policy.arn
-  }
-
-  cluster_addons = {
-    aws-ebs-csi-driver = {
-      service_account_role_arn = module.irsa-ebs-csi.iam_role_arn
-    }
-  }
-
-  cluster_additional_security_group_ids = [
-    module.https_443_security_group.security_group_id
-  ]
-
-  eks_managed_node_group_defaults = {
-    ami_type = "AL2_x86_64"
-  }
-
-  # https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest/submodules/eks-managed-node-group
-  eks_managed_node_groups = {
-    one = {
-      name = "node-group-1"
-
-      instance_types = ["t3.small"]
-      capacity_type  = "SPOT"
-
-      min_size     = 0
-      max_size     = 3
-      desired_size = 1
-    }
-  }
+resource "aws_iam_role_policy_attachment" "attach-to-one" {
+  role       = module.eks.eks_managed_node_groups.one.iam_role_name
+  policy_arn = aws_iam_policy.coder_policy.arn
 }
 
+# ------------------------------------------------------------------
+# OUTPUT
+# ------------------------------------------------------------------
+
 output "aws_configuration_command" {
   value = "aws eks update-kubeconfig --region eu-south-1 --name ${module.eks.cluster_name}"
 }
 
+output "eks_managed_groups_iam_role_arn" {
+  value = module.eks.eks_managed_node_groups.one.iam_role_name
+}
+

From 0e5a53f227ad2c3edc4e8e3094868ff32932a78a Mon Sep 17 00:00:00 2001
From: Rui <mail@ruicampos.org>
Date: Mon, 2 Sep 2024 09:48:05 +0000
Subject: [PATCH 2/2] feat: add autosetupremote config

---
 .devcontainer/postCreateCommand.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.devcontainer/postCreateCommand.sh b/.devcontainer/postCreateCommand.sh
index 103936b..fa9557e 100755
--- a/.devcontainer/postCreateCommand.sh
+++ b/.devcontainer/postCreateCommand.sh
@@ -1,4 +1,4 @@
-
+git config push.autoSetupRemote true
 git config --global --add safe.directory /workspaces/cloud-infrastructure
 git clone https://github.com/RuiFilipeCampos/nvim.git "${XDG_CONFIG_HOME:-$HOME/.config}"/nvim
 git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf