Upgrade Infrastructure tools and software dependencies

Infrastructure software versions for the following components need to be upgraded to the latest releases.

  1. Terraform (0.12.29 -> 0.14.3)
  2. Terraform AzureRM Provider (2.33.0 -> 2.41.0)
  3. Terraform AzureAD Provider (1.0.0 -> 1.1.1)
  4. Terraform Kubernetes Provider (1.11.3 -> 1.13.3)
  5. Terraform Helm Provider (1.2.3 -> 2.0.1)
  6. Application Gateway Ingress Controller (1.2.0 -> 1.3.0)
  7. Jetstack Certificate Manager (0.16.1 -> 1.1.0)
  8. Flux CD (1.5.0 -> 1.6.0)
  9. Keda (1.4.2 -> 1.5.0)
  10. Key Vault CSI Driver (0.0.13 -> 0.0.15)
  11. Azure Active Directory Pod Identity (2.0.0 -> 3.0.0)

Upgrade Path

Testing for an Upgrade Path to accomplish the Upgrades require the following process.

  1. Upgrade Terraform from Version 0.12.29 --> 0.13.5.

This will require a single MR that updates the Pipelines to use the new Terraform Version. The state objects should be naturally upgraded. Manual environments would require a tf init, tf plan and tf apply on all 3 templates.

  1. Upgrade Terraform from Version 0.13.5 --> 0.14.3

This will require a single MR that updates the Pipelines to use the new Terraform Version. The state objects should be naturally upgraded. Manual environments would require a tf init, tf plan and tf apply on all 3 templates.

Warning will occur on this version regarding deprecated provisioning blocks

Warning: Version constraints inside provider configuration blocks are deprecated

  on main.tf line 41, in provider "azurerm":
  41:   version = "=2.33.0"

Terraform 0.13 and earlier allowed provider version constraints inside the
provider configuration block, but that is now deprecated and will be removed
in a future version of Terraform. To silence this warning, move the provider
version constraint into the required_providers block.
  1. Now the full MR can be moved in that will accomplish the provider upgrades.

This will require a tf init -upgrade flag to be set for the provider version to allow the change. Manual environments would require a tf init -upgrade, tf plan and tf apply on all 3 templates

Acceptance Criteria

  • All Module and Template Unit Tests Should Pass.
  • All Template Integration Tests Should Pass.
  • Application Should Load and Function Successfully.
  • Documentation Should be updated.
  • This will be an infrastructure major version change but identify and document if any upgrade path is possible.
Edited by Daniel Scholl (MS]