From f56eb5a75d2ff1c0470397b8af83ba610fda6584 Mon Sep 17 00:00:00 2001
From: Valentin Khramtsov <valentin.kh@maddevs.io>
Date: Mon, 25 Nov 2024 12:12:04 +0300
Subject: [PATCH 1/4] fix: added node security group additional rule to allow
 all traffic inside the group

---
 terraform/modules/aws-eks/main.tf | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/terraform/modules/aws-eks/main.tf b/terraform/modules/aws-eks/main.tf
index edbe3e1..42f5ebb 100644
--- a/terraform/modules/aws-eks/main.tf
+++ b/terraform/modules/aws-eks/main.tf
@@ -42,6 +42,17 @@ module "eks" {
 
   node_security_group_tags = { "karpenter.sh/discovery" = var.name }
 
+  node_security_group_additional_rules = {
+    ingress_allow_all_traffic_inside = {
+      description = "Allow all traffic inside security group"
+      protocol    = "all"
+      from_port   = 0
+      to_port     = 0
+      type        = "ingress"
+      self        = true
+    }
+  }
+
   self_managed_node_group_defaults = {
     ami_type = "AL2023_ARM_64_STANDARD"
     block_device_mappings = {

From 33dadd0441df66a03a69f338964083ea0fcf928c Mon Sep 17 00:00:00 2001
From: Valentin Khramtsov <valentin.kh@maddevs.io>
Date: Mon, 25 Nov 2024 16:17:29 +0300
Subject: [PATCH 2/4] fix: added depends on for external secrets and loki,
 update helm chart version for external secrets

---
 terraform/modules/k8s-addons/eks-external-secrets.tf | 1 +
 terraform/modules/k8s-addons/eks-loki-stack.tf       | 5 ++++-
 terraform/modules/k8s-addons/helm-releases.yaml      | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/terraform/modules/k8s-addons/eks-external-secrets.tf b/terraform/modules/k8s-addons/eks-external-secrets.tf
index 5d14fee..2a59371 100644
--- a/terraform/modules/k8s-addons/eks-external-secrets.tf
+++ b/terraform/modules/k8s-addons/eks-external-secrets.tf
@@ -154,4 +154,5 @@ resource "helm_release" "external_secrets" {
     local.external_secrets_values
   ]
 
+  depends_on = [helm_release.aws_loadbalancer_controller]
 }
diff --git a/terraform/modules/k8s-addons/eks-loki-stack.tf b/terraform/modules/k8s-addons/eks-loki-stack.tf
index 3c22eb6..b358690 100644
--- a/terraform/modules/k8s-addons/eks-loki-stack.tf
+++ b/terraform/modules/k8s-addons/eks-loki-stack.tf
@@ -180,5 +180,8 @@ resource "helm_release" "loki_stack" {
     local.loki_stack_values
   ]
 
-  depends_on = [kubectl_manifest.kube_prometheus_stack_operator_crds]
+  depends_on = [
+    kubectl_manifest.kube_prometheus_stack_operator_crds,
+    helm_release.aws_loadbalancer_controller
+  ]
 }
diff --git a/terraform/modules/k8s-addons/helm-releases.yaml b/terraform/modules/k8s-addons/helm-releases.yaml
index 16710c9..fd6a4eb 100644
--- a/terraform/modules/k8s-addons/helm-releases.yaml
+++ b/terraform/modules/k8s-addons/helm-releases.yaml
@@ -39,7 +39,7 @@ releases:
     enabled: true
     chart: external-secrets
     repository: https://charts.external-secrets.io
-    chart_version: 0.10.0
+    chart_version: 0.10.4
     namespace: external-secrets
   - id: gitlab-runner
     enabled: false

From 4ba8d1c8ef5bbdb6618a6ae12b9f9eb73d51a1ad Mon Sep 17 00:00:00 2001
From: Valentin Khramtsov <valentin.kh@maddevs.io>
Date: Wed, 11 Dec 2024 15:03:44 +0300
Subject: [PATCH 3/4] fix: Removed unnecessary for this PR changes

---
 terraform/modules/k8s-addons/eks-external-secrets.tf | 2 --
 terraform/modules/k8s-addons/eks-loki-stack.tf       | 5 +----
 terraform/modules/k8s-addons/helm-releases.yaml      | 2 +-
 3 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/terraform/modules/k8s-addons/eks-external-secrets.tf b/terraform/modules/k8s-addons/eks-external-secrets.tf
index 2a59371..cedf7e0 100644
--- a/terraform/modules/k8s-addons/eks-external-secrets.tf
+++ b/terraform/modules/k8s-addons/eks-external-secrets.tf
@@ -153,6 +153,4 @@ resource "helm_release" "external_secrets" {
   values = [
     local.external_secrets_values
   ]
-
-  depends_on = [helm_release.aws_loadbalancer_controller]
 }
diff --git a/terraform/modules/k8s-addons/eks-loki-stack.tf b/terraform/modules/k8s-addons/eks-loki-stack.tf
index b358690..3c22eb6 100644
--- a/terraform/modules/k8s-addons/eks-loki-stack.tf
+++ b/terraform/modules/k8s-addons/eks-loki-stack.tf
@@ -180,8 +180,5 @@ resource "helm_release" "loki_stack" {
     local.loki_stack_values
   ]
 
-  depends_on = [
-    kubectl_manifest.kube_prometheus_stack_operator_crds,
-    helm_release.aws_loadbalancer_controller
-  ]
+  depends_on = [kubectl_manifest.kube_prometheus_stack_operator_crds]
 }
diff --git a/terraform/modules/k8s-addons/helm-releases.yaml b/terraform/modules/k8s-addons/helm-releases.yaml
index fd6a4eb..16710c9 100644
--- a/terraform/modules/k8s-addons/helm-releases.yaml
+++ b/terraform/modules/k8s-addons/helm-releases.yaml
@@ -39,7 +39,7 @@ releases:
     enabled: true
     chart: external-secrets
     repository: https://charts.external-secrets.io
-    chart_version: 0.10.4
+    chart_version: 0.10.0
     namespace: external-secrets
   - id: gitlab-runner
     enabled: false

From 7ce0cd93b50eb1a7f09084fcdc13cbdda339a760 Mon Sep 17 00:00:00 2001
From: Valentin Khramtsov <valentin.kh@maddevs.io>
Date: Wed, 11 Dec 2024 15:04:42 +0300
Subject: [PATCH 4/4] fix: Removed unnecessary for this PR changes

---
 terraform/modules/k8s-addons/eks-external-secrets.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/terraform/modules/k8s-addons/eks-external-secrets.tf b/terraform/modules/k8s-addons/eks-external-secrets.tf
index cedf7e0..5d14fee 100644
--- a/terraform/modules/k8s-addons/eks-external-secrets.tf
+++ b/terraform/modules/k8s-addons/eks-external-secrets.tf
@@ -153,4 +153,5 @@ resource "helm_release" "external_secrets" {
   values = [
     local.external_secrets_values
   ]
+
 }