pelotech · chomatdam · Nov 27, 2024
diff --git a/gitops/base-install/argocd/cluster-install/kustomization.yaml b/gitops/base-install/argocd/cluster-install/kustomization.yaml
@@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-- https://raw.githubusercontent.com/argoproj/argo-cd/v2.11.3/manifests/install.yaml
+- https://raw.githubusercontent.com/argoproj/argo-cd/v2.13.1/manifests/install.yaml
 
 namespace: argocd
 labels:

diff --git a/gitops/base-install/argocd/ha-install/kustomization.yaml b/gitops/base-install/argocd/ha-install/kustomization.yaml
@@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-- https://raw.githubusercontent.com/argoproj/argo-cd/v2.11.3/manifests/ha/install.yaml
+- https://raw.githubusercontent.com/argoproj/argo-cd/v2.13.1/manifests/ha/install.yaml
 
 
 namespace: argocd

diff --git a/gitops/base-install/cert-manager/install.yaml b/gitops/base-install/cert-manager/install.yaml
@@ -11,7 +11,7 @@ spec:
   source:
     chart: cert-manager
     repoURL: https://charts.jetstack.io
-    targetRevision: 1.14.4
+    targetRevision: 1.16.2
     helm:
       releaseName: cert-manager
       valuesObject:

diff --git a/gitops/base-install/ebs-csi/install.yaml b/gitops/base-install/ebs-csi/install.yaml
@@ -14,7 +14,7 @@ spec:
     targetRevision: main
   - chart: aws-ebs-csi-driver
     repoURL: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
-    targetRevision: 2.31.0
+    targetRevision: 2.37.0
     helm:
       # TODO: figure out correct roles for controller vs node
       releaseName: aws-ebs-csi-driver

diff --git a/gitops/base-install/external-dns/install.yaml b/gitops/base-install/external-dns/install.yaml
@@ -11,7 +11,7 @@ spec:
   source:
     chart: external-dns
     repoURL: https://charts.bitnami.com/bitnami
-    targetRevision: 6.28.4
+    targetRevision: 8.6.0
     helm:
       releaseName: external-dns
       valuesObject:

diff --git a/gitops/base-install/ingress-controller/kustomization.yaml b/gitops/base-install/ingress-controller/kustomization.yaml
@@ -1,6 +1,6 @@
 resources:
   - ./resources.yaml
-  - https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.0/deploy/static/provider/aws/deploy.yaml
+  - https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.11.3/deploy/static/provider/aws/deploy.yaml
 
 patches:
   - path: overlays/ingress-class-nginx-patch.yaml

diff --git a/gitops/base-install/reloader/install.yaml b/gitops/base-install/reloader/install.yaml
@@ -18,7 +18,7 @@ spec:
   source:
     repoURL: https://stakater.github.io/stakater-charts
     chart: reloader
-    targetRevision: v1.0.51
+    targetRevision: v1.2.0
     helm:
       releaseName: reloader
       valuesObject:

diff --git a/gitops/components/crossplane/resources.yaml b/gitops/components/crossplane/resources.yaml
@@ -18,7 +18,7 @@ spec:
   source:
     chart: crossplane
     repoURL: https://charts.crossplane.io/stable
-    targetRevision: 1.15.2
+    targetRevision: 1.18.0
     helm:
       releaseName: crossplane
       valuesObject:

diff --git a/gitops/components/image-updater/resources.yaml b/gitops/components/image-updater/resources.yaml
@@ -16,7 +16,7 @@ spec:
   source:
     repoURL: https://argoproj.github.io/argo-helm
     chart: argocd-image-updater
-    targetRevision: 0.13.1
+    targetRevision: 0.15.1
     helm:
       valuesObject:
         # guide: https://github.com/argoproj-labs/argocd-image-updater/issues/112#issuecomment-1058465942

diff --git a/gitops/components/s3-csi/resources.yaml b/gitops/components/s3-csi/resources.yaml
@@ -18,7 +18,7 @@ spec:
   source:
     chart: aws-mountpoint-s3-csi-driver
     repoURL: https://awslabs.github.io/mountpoint-s3-csi-driver
-    targetRevision: v1.3.0
+    targetRevision: v1.10.0
     helm:
       releaseName: aws-mountpoint-s3-csi-driver
       valuesObject:

diff --git a/terraform/foundation-stack/main.tf b/terraform/foundation-stack/main.tf
@@ -56,7 +56,7 @@ locals {
 
 module "vpc" {
   source                                 = "terraform-aws-modules/vpc/aws"
-  version                                = "5.13.0"
+  version                                = "5.16.0"
   name                                   = var.stack_name
   enable_dns_hostnames                   = "true"
   enable_dns_support                     = "true"
@@ -84,7 +84,7 @@ module "vpc" {
 
 module "eks" {
   source          = "terraform-aws-modules/eks/aws"
-  version         = "20.24.3"
+  version         = "20.30.1"
   cluster_name    = var.stack_name
   cluster_version = "1.29"
   create          = var.stack_create
@@ -138,7 +138,7 @@ module "eks" {
 module "karpenter" {
   count                           = var.stack_create ? 1 : 0
   source                          = "terraform-aws-modules/eks/aws//modules/karpenter"
-  version                         = "20.24.3"
+  version                         = "20.30.1"
   cluster_name                    = module.eks.cluster_name
   enable_irsa                     = true
   enable_pod_identity             = false # TODO: PR because it doesn't work in govcloud (-> it works now since 8/24)
@@ -158,7 +158,7 @@ module "karpenter" {
 # IAM roles and policies for the cluster
 module "load_balancer_controller_irsa_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.46.0"
+  version = "5.48.0"
 
   create_role = var.stack_create
 
@@ -177,7 +177,7 @@ module "load_balancer_controller_irsa_role" {
 
 module "ebs_csi_driver_irsa_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.46.0"
+  version = "5.48.0"
 
   create_role = var.stack_create
 
@@ -196,7 +196,7 @@ module "ebs_csi_driver_irsa_role" {
 
 module "s3_csi" {
   source  = "terraform-aws-modules/s3-bucket/aws"
-  version = "4.2.1"
+  version = "4.2.2"
   bucket  = "${var.stack_tags.Owner}-${var.stack_name}-csi-bucket"
 
   create_bucket                         = var.s3_csi_driver_create_bucket
@@ -219,7 +219,7 @@ module "s3_csi" {
 module "s3_driver_irsa_role" {
   count       = var.stack_create ? 1 : 0
   source      = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version     = "5.46.0"
+  version     = "5.48.0"
   create_role = var.stack_create
 
   role_name                       = "${var.stack_name}-s3-csi-driver-role"
@@ -239,7 +239,7 @@ module "s3_driver_irsa_role" {
 module "external_dns_irsa_role" {
   count   = var.stack_create ? 1 : 0
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.46.0"
+  version = "5.48.0"
 
   create_role = var.stack_create
 
@@ -260,7 +260,7 @@ module "external_dns_irsa_role" {
 module "cert_manager_irsa_role" {
   count   = var.stack_create ? 1 : 0
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "5.46.0"
+  version = "5.48.0"
 
   create_role = var.stack_create