diff --git a/CHANGELOG.md b/CHANGELOG.md
index f0b28c1..99d8bd7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/) and this
project adheres to [Semantic Versioning](http://semver.org/).
+
+## [v1.27.2.0] - 2023-06-21
+
+- add ecr credentail provider config
+
## [v1.23.10.0] - 2022-08-26
@@ -73,7 +78,8 @@ FEATURES:
- add Docker drop-in module ([#1](https://github.com/getamis/terraform-ignition-kubernetes/issues/1))
-[Unreleased]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.23.10.0...HEAD
+[Unreleased]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.27.2.0...HEAD
+[v1.27.2.0]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.23.10.0...v1.27.2.0
[v1.23.10.0]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.19.16.1...v1.23.10.0
[v1.19.16.1]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.19.16.0...v1.19.16.1
[v1.19.16.0]: https://github.com/getamis/terraform-ignition-kubernetes/compare/v1.1.5...v1.19.16.0
diff --git a/modules/containerd/files/crictl.yaml.tpl b/modules/containerd/files/crictl.yaml.tpl
new file mode 100644
index 0000000..2a1074f
--- /dev/null
+++ b/modules/containerd/files/crictl.yaml.tpl
@@ -0,0 +1 @@
+${replace(yamlencode(content),"\"", "")}
\ No newline at end of file
diff --git a/modules/containerd/main.tf b/modules/containerd/main.tf
index 24e60c9..b91cc08 100644
--- a/modules/containerd/main.tf
+++ b/modules/containerd/main.tf
@@ -1,3 +1,11 @@
+locals {
+ crictl_config = {
+ runtime-endpoint = "unix:///run/containerd/containerd.sock"
+ image-endpoint = "unix:///run/containerd/containerd.sock"
+ timeout = 2
+ }
+}
+
data "ignition_file" "containerd_config" {
mode = 292
path = "/etc/containerd/config.toml"
@@ -7,4 +15,17 @@ data "ignition_file" "containerd_config" {
content = file("${path.module}/files/config.toml")
}
+}
+
+data "ignition_file" "crictl_config" {
+ path = "/etc/crictl.yaml"
+ mode = 420
+ overwrite = true
+
+ content {
+ content = templatefile("${path.module}/files/crictl.yaml.tpl", {
+ content = local.crictl_config
+ })
+ mime = "text/yaml"
+ }
}
\ No newline at end of file
diff --git a/modules/containerd/outputs.tf b/modules/containerd/outputs.tf
index dfa95f5..7e6fc80 100644
--- a/modules/containerd/outputs.tf
+++ b/modules/containerd/outputs.tf
@@ -1,5 +1,6 @@
output "files" {
value = [
- data.ignition_file.containerd_config.rendered
+ data.ignition_file.containerd_config.rendered,
+ data.ignition_file.crictl_config.rendered,
]
}
diff --git a/modules/ecr-credential-provider/ecr-credential-provider.tf b/modules/ecr-credential-provider/ecr-credential-provider.tf
new file mode 100644
index 0000000..604a292
--- /dev/null
+++ b/modules/ecr-credential-provider/ecr-credential-provider.tf
@@ -0,0 +1,10 @@
+data "ignition_file" "ecr_credential_provider" {
+ filesystem = "root"
+ path = "/opt/bin/ecr-credential-provider/ecr-credential-provider"
+ mode = 493
+
+ source {
+ source = var.binary.source
+ verification = var.binary.checksum
+ }
+}
\ No newline at end of file
diff --git a/modules/ecr-credential-provider/outputs.tf b/modules/ecr-credential-provider/outputs.tf
new file mode 100644
index 0000000..4a5a273
--- /dev/null
+++ b/modules/ecr-credential-provider/outputs.tf
@@ -0,0 +1,9 @@
+output "systemd_units" {
+ value = []
+}
+
+output "files" {
+ value = [
+ data.ignition_file.ecr_credential_provider.rendered,
+ ]
+}
\ No newline at end of file
diff --git a/modules/ecr-credential-provider/variables.tf b/modules/ecr-credential-provider/variables.tf
new file mode 100644
index 0000000..f0eae15
--- /dev/null
+++ b/modules/ecr-credential-provider/variables.tf
@@ -0,0 +1,11 @@
+variable "binary" {
+ description = "Desired binary file url and checksum(sha512)."
+ type = object({
+ source = string
+ checksum = string
+ })
+ default = {
+ source = "https://artifacts.k8s.io/binaries/cloud-provider-aws/v1.27.1/linux/amd64/ecr-credential-provider-linux-amd64"
+ checksum = "sha512-b132e19a8b1330ae6b363e5332405f1781c71b73f36ca691c1f7add5a6573e39ce352e332062bf474489fb730906f172be024c7da3bc7aacbb49e6592832223c"
+ }
+}
diff --git a/modules/ecr-credential-provider/versions.tf b/modules/ecr-credential-provider/versions.tf
new file mode 100644
index 0000000..5135356
--- /dev/null
+++ b/modules/ecr-credential-provider/versions.tf
@@ -0,0 +1,14 @@
+terraform {
+ required_providers {
+ ignition = {
+ source = "terraform-providers/ignition"
+ }
+ local = {
+ source = "hashicorp/local"
+ }
+ template = {
+ source = "hashicorp/template"
+ }
+ }
+ required_version = ">= 0.13"
+}