[ci skip] Move Terraform modules into stack directories

Move all 88 service modules (66 individual + 22 platform) from modules/kubernetes/<service>/ into their corresponding stack directories: - Service stacks: stacks/<service>/module/ - Platform stack: stacks/platform/modules/<service>/ This collocates module source code with its Terragrunt definition. Only shared utility modules remain in modules/kubernetes/: ingress_factory, setup_tls_secret, dockerhub_secret, oauth-proxy. All cross-references to shared modules updated to use correct relative paths. Verified with terragrunt run --all -- plan: 0 adds, 0 destroys across all 68 stacks.
2026-02-22 14:38:14 +00:00 · 2026-02-22 14:38:14 +00:00 · e225e81ebf
commit e225e81ebf
parent 73cb696f12
614 changed files with 12075 additions and 352 deletions
--- a/stacks/descheduler/module/main.tf
+++ b/stacks/descheduler/module/main.tf
@ -0,0 +1,87 @@
+resource "kubernetes_namespace" "descheduler" {
+  metadata {
+    name = "descheduler"
+  }
+}
+
+resource "kubernetes_cluster_role" "descheduler" {
+  metadata {
+    name = "descheduler-cluster-role"
+  }
+  rule {
+    api_groups = [""]
+    resources  = ["events"]
+    verbs      = ["create", "update"]
+  }
+  rule {
+    api_groups = ["metrics.k8s.io"]
+    resources  = ["nodes"]
+    verbs      = ["get", "watch", "list"]
+  }
+  rule {
+    api_groups = [""]
+    resources  = ["namespaces"]
+    verbs      = ["get", "list", "watch"]
+  }
+  rule {
+    api_groups = ["metrics.k8s.io"]
+    resources  = ["pods"]
+    verbs      = ["get", "watch", "list", "delete"]
+  }
+  rule {
+    api_groups = [""]
+    resources  = ["pods/eviction"]
+    verbs      = ["create"]
+  }
+  rule {
+    api_groups = [""]
+    resources  = ["scheduling.k8s.io"]
+    verbs      = ["get", "watch", "list"]
+  }
+  rule {
+    api_groups = ["scheduling.k8s.io"]
+    resources  = ["priorityclasses"]
+    verbs      = ["get", "list", "watch"]
+  }
+  rule {
+    api_groups = ["policy"]
+    resources  = ["poddisruptionbudgets"]
+    verbs      = ["get", "list", "watch"]
+  }
+}
+
+resource "kubernetes_service_account" "descheduler" {
+  metadata {
+    name      = "descheduler-sa"
+    namespace = kubernetes_namespace.descheduler.metadata[0].name
+  }
+}
+
+resource "kubernetes_cluster_role_binding" "descheduler" {
+  metadata {
+    name = "descheduler-cluster-role-binding"
+
+  }
+  role_ref {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "ClusterRole"
+    name      = "descheduler-cluster-role"
+  }
+  subject {
+    name      = "descheduler-sa"
+    kind      = "ServiceAccount"
+    namespace = kubernetes_namespace.descheduler.metadata[0].name
+  }
+}
+
+resource "helm_release" "descheduler" { # rename me
+  namespace = kubernetes_namespace.descheduler.metadata[0].name
+  name      = "descheduler"
+
+  repository = "https://kubernetes-sigs.github.io/descheduler/"
+  chart      = "descheduler"
+
+
+
+  values = [templatefile("${path.module}/values.yaml", {})]
+}