fix terraform

Author: PMQ9

.gitignore

@@ -1 +1,28 @@
 k8s-security/secrets-management.yaml
+
+# Terraform - State files (contain secrets and local metadata)
+terraform/terraform.tfstate
+terraform/terraform.tfstate.backup
+terraform/crash.log
+
+# Terraform - Local provider cache 
+terraform/.terraform/
+.terraform/
+
+# Terraform - Variable files (often contain secrets)
+*.tfvars
+*.tfvars.json
+
+# Local development
+.claude/
+docs/*.md
+DEPLOY_NOW.md
+ENHANCEMENTS_SUMMARY.md
+FINAL_FIX_GUIDE.md
+GITHUB_ACTIONS_RESOLUTION.md
+RESUME_PROJECT_GUIDE.md
+SKILLS_ALIGNMENT.md
+START_HERE.md
+
+# Template files
+k8s-security/secrets-management-TEMPLATE.yaml

README.md

@@ -34,11 +34,13 @@ Production-ready monitoring solution demonstrating enterprise architecture:
 
 Prerequisites: Kubernetes cluster, Docker, Terraform, kubectl, helm, git
 
-Terraform deployment (recommended):
+Terraform deployment (recommended - WSL2):
 ```bash
+minikube start --driver=docker --force
+eval $(minikube docker-env)
+
 cd terraform
 terraform init
-cp terraform.tfvars.example terraform.tfvars
 terraform apply
 ```
 

terraform/.terraform.lock.hcl

@@ -12,6 +12,10 @@ terraform {
       source  = "hashicorp/helm"
       version = "~> 2.12"
     }
+    null = {
+      source  = "hashicorp/null"
+      version = "~> 3.2"
+    }
   }
 }
 
@@ -39,142 +43,112 @@ resource "kubernetes_namespace" "monitoring" {
   depends_on = []
 }
 
-# Add Prometheus Helm repository
-resource "helm_repository" "prometheus" {
-  name           = "prometheus-community"
-  url            = "https://prometheus-community.github.io/helm-charts"
-  repository_ca_certificate = var.helm_ca_cert
-}
-
-# Add Grafana Helm repository
-resource "helm_repository" "grafana" {
-  name           = "grafana"
-  url            = "https://grafana.github.io/helm-charts"
-  repository_ca_certificate = var.helm_ca_cert
-}
-
 # Deploy Prometheus using Helm
 resource "helm_release" "prometheus" {
-  name            = "prometheus"
-  repository      = helm_repository.prometheus.name
-  chart           = "prometheus"
-  namespace       = kubernetes_namespace.monitoring.metadata[0].name
+  name             = "prometheus"
+  repository       = "https://prometheus-community.github.io/helm-charts"
+  chart            = "prometheus"
+  namespace        = kubernetes_namespace.monitoring.metadata[0].name
   create_namespace = false
-  wait            = true
-  timeout         = 600
+  wait             = true
+  timeout          = 600
 
   values = [
     file("${path.module}/../observability/prometheus/values.yaml")
   ]
 
-  depends_on = [kubernetes_namespace.monitoring, helm_repository.prometheus]
+  depends_on = [kubernetes_namespace.monitoring]
 }
 
-# Deploy Jaeger
-resource "kubernetes_manifest" "jaeger" {
-  manifest = yamldecode(file("${path.module}/../observability/jaeger/jaeger-deployment.yaml"))
+# Deploy Jaeger using kubectl
+resource "null_resource" "jaeger" {
+  provisioner "local-exec" {
+    command = "kubectl apply -f ${path.module}/../observability/jaeger/jaeger-deployment.yaml"
+  }
 
   depends_on = [kubernetes_namespace.monitoring]
 }
 
 # Deploy Loki using Helm
 resource "helm_release" "loki" {
-  name            = "loki"
-  repository      = helm_repository.grafana.name
-  chart           = "loki"
-  namespace       = kubernetes_namespace.monitoring.metadata[0].name
+  name             = "loki"
+  repository       = "https://grafana.github.io/helm-charts"
+  chart            = "loki"
+  namespace        = kubernetes_namespace.monitoring.metadata[0].name
   create_namespace = false
-  wait            = true
-  timeout         = 600
+  wait             = true
+  timeout          = 600
 
   values = [
     file("${path.module}/../observability/loki/values.yaml")
   ]
 
-  depends_on = [kubernetes_namespace.monitoring, helm_repository.grafana]
+  depends_on = [kubernetes_namespace.monitoring]
 }
 
 # Deploy Grafana using Helm
 resource "helm_release" "grafana" {
-  name            = "grafana"
-  repository      = helm_repository.grafana.name
-  chart           = "grafana"
-  namespace       = kubernetes_namespace.monitoring.metadata[0].name
+  name             = "grafana"
+  repository       = "https://grafana.github.io/helm-charts"
+  chart            = "grafana"
+  namespace        = kubernetes_namespace.monitoring.metadata[0].name
   create_namespace = false
-  wait            = true
-  timeout         = 600
+  wait             = true
+  timeout          = 600
 
   values = [
     file("${path.module}/../observability/grafana/values.yaml")
   ]
 
-  depends_on = [kubernetes_namespace.monitoring, helm_repository.grafana]
+  depends_on = [kubernetes_namespace.monitoring]
 }
 
 # Deploy Prometheus Operator for ServiceMonitor support
 resource "helm_release" "kube_prometheus_stack" {
-  name            = "prometheus-operator"
-  repository      = helm_repository.prometheus.name
-  chart           = "kube-prometheus-stack"
-  namespace       = kubernetes_namespace.monitoring.metadata[0].name
+  name             = "prometheus-operator"
+  repository       = "https://prometheus-community.github.io/helm-charts"
+  chart            = "kube-prometheus-stack"
+  namespace        = kubernetes_namespace.monitoring.metadata[0].name
   create_namespace = false
-  wait            = true
-  timeout         = 900
+  wait             = true
+  timeout          = 900
 
   set {
     name  = "prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues"
     value = "false"
   }
 
-  depends_on = [kubernetes_namespace.monitoring, helm_repository.prometheus]
+  depends_on = [kubernetes_namespace.monitoring]
 }
 
-# Apply ServiceMonitor for OTel metrics
-resource "kubernetes_manifest" "service_monitor" {
-  manifest = yamldecode(file("${path.module}/../observability/prometheus/service-monitor.yaml"))
+# Apply ServiceMonitor for OTel metrics using kubectl
+resource "null_resource" "service_monitor" {
+  provisioner "local-exec" {
+    command = "kubectl apply -f ${path.module}/../observability/prometheus/service-monitor.yaml"
+  }
 
   depends_on = [helm_release.kube_prometheus_stack]
 }
 
-# Create default namespace resources (applications)
-resource "kubernetes_namespace" "default" {
-  metadata {
-    name = "default"
-    labels = {
-      "name" = "default"
-    }
-  }
-}
-
-# Deploy backend service
+# Deploy backend service (default namespace already exists)
 resource "kubernetes_manifest" "backend_deployment" {
   manifest = yamldecode(file("${path.module}/../app/backend/backend-deployment.yaml"))
-
-  depends_on = [kubernetes_namespace.default]
 }
 
 resource "kubernetes_manifest" "backend_service" {
   manifest = yamldecode(file("${path.module}/../app/backend/backend-service.yaml"))
-
-  depends_on = [kubernetes_namespace.default]
 }
 
 # Deploy frontend service
 resource "kubernetes_manifest" "frontend_deployment" {
   manifest = yamldecode(file("${path.module}/../app/frontend/frontend-deployment.yaml"))
-
-  depends_on = [kubernetes_namespace.default]
 }
 
 resource "kubernetes_manifest" "frontend_service" {
   manifest = yamldecode(file("${path.module}/../app/frontend/frontend-service.yaml"))
-
-  depends_on = [kubernetes_namespace.default]
 }
 
 # Deploy ConfigMap
 resource "kubernetes_manifest" "configmap" {
   manifest = yamldecode(file("${path.module}/../app/configmap.yaml"))
-
-  depends_on = [kubernetes_namespace.default]
 }