From ce72323f2266bd33385130ac70e9a511b284015c Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 17 Jul 2024 11:50:23 +0200
Subject: [PATCH] chore(deps): update minor-grouped (#87)

* fix policy

* make sure that eks cluster is created before modifying storage

* chore(deps): update minor-grouped

| datasource       | package                            | from     | to       |
| ---------------- | ---------------------------------- | -------- | -------- |
| github-tags      | compilerla/conventional-pre-commit | v3.2.0   | v3.3.0   |
| github-tags      | eksctl-io/eksctl                   | 0.183.0  | 0.187.0  |
| go               | github.com/gruntwork-io/terratest  | v0.46.16 | v0.47.0  |
| github-releases  | casey/just                         | 1.29.1   | 1.31.0   |
| github-tags      | renovatebot/pre-commit-hooks       | 37.421.3 | 37.432.0 |
| terraform-module | terraform-aws-modules/eks/aws      | 20.15.0  | 20.19.0  |
| terraform-module | terraform-aws-modules/iam/aws      | 5.39.1   | 5.41.0   |
| terraform-module | terraform-aws-modules/vpc/aws      | 5.8.1    | 5.9.0    |
| github-tags      | terraform-linters/tflint           | 0.51.2   | 0.52.0   |
| eks | amazon | 1.28 | 1.30 |
* fix doc

---------

Co-authored-by: Leo J. <153937047+leiicamundi@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .pre-commit-config.yaml                 |  4 +--
 .tool-versions                          |  6 ++--
 modules/eks-cluster/README.md           | 13 ++++-----
 modules/eks-cluster/cluster.tf          | 18 +++++++++++-
 modules/eks-cluster/iam.tf              |  6 ++--
 modules/eks-cluster/k8s-storageclass.tf | 39 -------------------------
 modules/eks-cluster/variables.tf        |  3 +-
 modules/eks-cluster/vpc.tf              |  2 +-
 test/src/go.mod                         |  2 +-
 test/src/go.sum                         |  2 ++
 test/src/upgrade_eks_test.go            |  2 +-
 11 files changed, 38 insertions(+), 59 deletions(-)
 delete mode 100644 modules/eks-cluster/k8s-storageclass.tf

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 9942f853..ea802c3d 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -22,13 +22,13 @@ repos:
     - id: actionlint-docker
 
 - repo: https://github.com/renovatebot/pre-commit-hooks
-  rev: 37.421.3
+  rev: 37.432.0
   hooks:
     - id: renovate-config-validator
       args: ["--strict"]
 
 - repo: https://github.com/compilerla/conventional-pre-commit
-  rev: v3.2.0 # use tags until renovate supports sha: https://github.com/renovatebot/renovate/issues/22567
+  rev: v3.3.0 # use tags until renovate supports sha: https://github.com/renovatebot/renovate/issues/22567
   hooks:
     - id: conventional-pre-commit
       stages: [commit-msg]
diff --git a/.tool-versions b/.tool-versions
index b436e8fc..d27c8a56 100644
--- a/.tool-versions
+++ b/.tool-versions
@@ -16,11 +16,11 @@
 awscli 2.17.13
 
 # renovate: datasource=github-tags depName=eksctl-io/eksctl
-eksctl 0.183.0
+eksctl 0.187.0
 
 golang 1.22.5
 
-just 1.29.1
+just 1.31.0
 
 opentofu 1.7.3
 
@@ -30,6 +30,6 @@ terraform 1.9.2
 
 terraform-docs 0.18.0
 
-tflint 0.51.2
+tflint 0.52.0
 
 tfsec 1.28.10
diff --git a/modules/eks-cluster/README.md b/modules/eks-cluster/README.md
index 24bf98a3..17187118 100644
--- a/modules/eks-cluster/README.md
+++ b/modules/eks-cluster/README.md
@@ -25,11 +25,11 @@ module "eks_cluster" {
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_cert_manager_role"></a> [cert\_manager\_role](#module\_cert\_manager\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.39.1 |
-| <a name="module_ebs_cs_role"></a> [ebs\_cs\_role](#module\_ebs\_cs\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.39.1 |
-| <a name="module_eks"></a> [eks](#module\_eks) | terraform-aws-modules/eks/aws | 20.15.0 |
-| <a name="module_external_dns_role"></a> [external\_dns\_role](#module\_external\_dns\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.39.1 |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 5.8.1 |
+| <a name="module_cert_manager_role"></a> [cert\_manager\_role](#module\_cert\_manager\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.41.0 |
+| <a name="module_ebs_cs_role"></a> [ebs\_cs\_role](#module\_ebs\_cs\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.41.0 |
+| <a name="module_eks"></a> [eks](#module\_eks) | terraform-aws-modules/eks/aws | 20.19.0 |
+| <a name="module_external_dns_role"></a> [external\_dns\_role](#module\_external\_dns\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | 5.41.0 |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 5.9.0 |
 ## Resources
 
 | Name | Type |
@@ -41,7 +41,6 @@ module "eks_cluster" {
 | [aws_iam_policy.external_dns_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_kms_key.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
 | [aws_security_group_rule.cluster_api_to_nodes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [kubernetes_annotations.default_storageclass](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/annotations) | resource |
 | [kubernetes_storage_class_v1.ebs_sc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/storage_class_v1) | resource |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_eks_cluster.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
@@ -56,7 +55,7 @@ module "eks_cluster" {
 | <a name="input_cluster_node_ipv4_cidr"></a> [cluster\_node\_ipv4\_cidr](#input\_cluster\_node\_ipv4\_cidr) | The CIDR block for public and private subnets of loadbalancers and nodes. Between /28 and /16. | `string` | n/a | yes |
 | <a name="input_cluster_service_ipv4_cidr"></a> [cluster\_service\_ipv4\_cidr](#input\_cluster\_service\_ipv4\_cidr) | The CIDR block to assign Kubernetes service IP addresses from. Between /24 and /12. | `string` | n/a | yes |
 | <a name="input_enable_cluster_creator_admin_permissions"></a> [enable\_cluster\_creator\_admin\_permissions](#input\_enable\_cluster\_creator\_admin\_permissions) | Indicates whether or not to add the cluster creator (the identity used by Terraform) as an administrator via access entry. | `bool` | `true` | no |
-| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Kubernetes version to be used by EKS | `string` | `"1.28"` | no |
+| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Kubernetes version to be used by EKS | `string` | `"1.30"` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name being used for relevant resources - including EKS cluster name | `string` | n/a | yes |
 | <a name="input_np_ami_type"></a> [np\_ami\_type](#input\_np\_ami\_type) | Amazon Machine Image | `string` | `"AL2_x86_64"` | no |
 | <a name="input_np_capacity_type"></a> [np\_capacity\_type](#input\_np\_capacity\_type) | Allows setting the capacity type to ON\_DEMAND or SPOT to determine stable nodes | `string` | `"ON_DEMAND"` | no |
diff --git a/modules/eks-cluster/cluster.tf b/modules/eks-cluster/cluster.tf
index fc6719ff..9d91daa1 100644
--- a/modules/eks-cluster/cluster.tf
+++ b/modules/eks-cluster/cluster.tf
@@ -32,7 +32,7 @@ provider "kubernetes" {
 # https://github.com/terraform-aws-modules/terraform-aws-eks
 module "eks" {
   source  = "terraform-aws-modules/eks/aws"
-  version = "20.15.0"
+  version = "20.19.0"
 
   cluster_name                    = var.name
   cluster_version                 = var.kubernetes_version
@@ -152,3 +152,19 @@ module "eks" {
   access_entries                           = var.access_entries
   enable_cluster_creator_admin_permissions = var.enable_cluster_creator_admin_permissions
 }
+
+# gp3 storage class
+resource "kubernetes_storage_class_v1" "ebs_sc" {
+  metadata {
+    name = "ebs-sc"
+    annotations = {
+      "storageclass.kubernetes.io/is-default-class" = "true"
+    }
+  }
+  storage_provisioner = "ebs.csi.aws.com"
+  reclaim_policy      = "Retain"
+  parameters = {
+    type = "gp3" # starting eks 1.30, gp3 is the default
+  }
+  volume_binding_mode = "WaitForFirstConsumer"
+}
diff --git a/modules/eks-cluster/iam.tf b/modules/eks-cluster/iam.tf
index b04b1efb..099387b7 100644
--- a/modules/eks-cluster/iam.tf
+++ b/modules/eks-cluster/iam.tf
@@ -5,7 +5,7 @@
 
 module "ebs_cs_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.39.1"
+  version = "5.41.0"
 
   role_name = "${var.name}-ebs-cs-role"
 
@@ -25,7 +25,7 @@ module "ebs_cs_role" {
 # Following role allows cert-manager to do the DNS01 challenge
 module "cert_manager_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.39.1"
+  version = "5.41.0"
 
   role_name = "${var.name}-cert-manager-role"
 
@@ -44,7 +44,7 @@ module "cert_manager_role" {
 # Following role allows external-dns to adjust values in hosted zones
 module "external_dns_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.39.1"
+  version = "5.41.0"
 
   role_name = "${var.name}-external-dns-role"
 
diff --git a/modules/eks-cluster/k8s-storageclass.tf b/modules/eks-cluster/k8s-storageclass.tf
deleted file mode 100644
index 08a6ad26..00000000
--- a/modules/eks-cluster/k8s-storageclass.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-
-# gp3 storage class
-resource "kubernetes_storage_class_v1" "ebs_sc" {
-  metadata {
-    name = "ebs-sc"
-    annotations = {
-      "storageclass.kubernetes.io/is-default-class" = "true"
-    }
-  }
-  storage_provisioner = "ebs.csi.aws.com"
-  reclaim_policy      = "Retain"
-  parameters = {
-    type = "gp3"
-  }
-  volume_binding_mode = "WaitForFirstConsumer"
-
-  depends_on = [
-    aws_iam_policy.ebs_sc_access
-  ]
-}
-
-# remove default storage class of gp2
-resource "kubernetes_annotations" "default_storageclass" {
-  api_version = "storage.k8s.io/v1"
-  kind        = "StorageClass"
-  force       = "true"
-
-  metadata {
-    name = "gp2"
-  }
-
-  annotations = {
-    "storageclass.kubernetes.io/is-default-class" = "false"
-  }
-
-  depends_on = [
-    aws_iam_policy.ebs_sc_access
-  ]
-}
diff --git a/modules/eks-cluster/variables.tf b/modules/eks-cluster/variables.tf
index d689ef0d..73bff109 100644
--- a/modules/eks-cluster/variables.tf
+++ b/modules/eks-cluster/variables.tf
@@ -11,7 +11,8 @@ variable "name" {
 variable "kubernetes_version" {
   type        = string
   description = "Kubernetes version to be used by EKS"
-  default     = "1.28"
+  # renovate: datasource=endoflife-date depName=amazon-eks versioning=semver
+  default = "1.30"
 }
 
 variable "np_min_node_count" {
diff --git a/modules/eks-cluster/vpc.tf b/modules/eks-cluster/vpc.tf
index 221ca300..08a44a08 100644
--- a/modules/eks-cluster/vpc.tf
+++ b/modules/eks-cluster/vpc.tf
@@ -4,7 +4,7 @@ locals {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "5.8.1"
+  version = "5.9.0"
 
   name = local.vpc_name
   # requires a /16 range, resulting in 2 leftover subnets, which can be used for DBs
diff --git a/test/src/go.mod b/test/src/go.mod
index 5fa8ecb9..1c4c5249 100644
--- a/test/src/go.mod
+++ b/test/src/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/kms v1.35.3
 	github.com/aws/aws-sdk-go-v2/service/rds v1.81.4
 	github.com/aws/smithy-go v1.20.3
-	github.com/gruntwork-io/terratest v0.46.16
+	github.com/gruntwork-io/terratest v0.47.0
 	github.com/stretchr/testify v1.9.0
 	go.uber.org/zap v1.27.0
 	k8s.io/api v0.30.2
diff --git a/test/src/go.sum b/test/src/go.sum
index 22ea7a1a..f4e247f5 100644
--- a/test/src/go.sum
+++ b/test/src/go.sum
@@ -619,6 +619,8 @@ github.com/gruntwork-io/terratest v0.46.15 h1:qfqjTFveymaqe7aAWn3LjlK0SwVGpRfoOu
 github.com/gruntwork-io/terratest v0.46.15/go.mod h1:9bd22zAojjBBiYdsp+AR1iyl2iB6bRUVm2Yf1AFhfrA=
 github.com/gruntwork-io/terratest v0.46.16 h1:l+HHuU7lNLwoAl2sP8zkYJy0uoE2Mwha2nw+rim+OhQ=
 github.com/gruntwork-io/terratest v0.46.16/go.mod h1:oywHw1cFKXSYvKPm27U7quZVzDUlA22H2xUrKCe26xM=
+github.com/gruntwork-io/terratest v0.47.0 h1:xIy1pT7NbGVlMLDZEHl3+3iSnvffh8tN2pL6idn448c=
+github.com/gruntwork-io/terratest v0.47.0/go.mod h1:oywHw1cFKXSYvKPm27U7quZVzDUlA22H2xUrKCe26xM=
 github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
diff --git a/test/src/upgrade_eks_test.go b/test/src/upgrade_eks_test.go
index 8d77de96..af91f682 100644
--- a/test/src/upgrade_eks_test.go
+++ b/test/src/upgrade_eks_test.go
@@ -46,7 +46,7 @@ func (suite *UpgradeEKSTestSuite) SetupTest() {
 	suite.tfBinaryName = utils.GetEnv("TESTS_TF_BINARY_NAME", "terraform")
 	suite.sugaredLogger.Infow("Terraform binary for the suite", "binary", suite.tfBinaryName)
 	suite.expectedNodes = 3
-	suite.kubeVersion = "1.28"
+	suite.kubeVersion = "1.29"
 	var errAbsPath error
 	suite.tfDataDir, errAbsPath = filepath.Abs(fmt.Sprintf("../../test/states/tf-data-%s", suite.clusterName))
 	suite.Require().NoError(errAbsPath)