module "node_autoscaler_required_aws_resources" {
  source                            = "terraform-aws-modules/eks/aws//modules/karpenter"
  version                           = "20.34.0"
  create                            = var.cluster_autoscaler_create
  access_entry_type                 = "EC2_LINUX"
  ami_id_ssm_parameter_arns         = []
  cluster_ip_family                 = "ipv4"
  cluster_name                      = module.kubernetes.cluster_name
  create_access_entry               = false
  create_iam_role                   = true
  create_instance_profile           = false
  create_node_iam_role              = false
  enable_irsa                       = true
  enable_pod_identity               = true
  enable_spot_termination           = true
  iam_policy_description            = "Karpenter controller IAM policy for ${var.prefix} Kubernetes cluster"
  iam_policy_path                   = "/eks/cluster/${var.prefix}/"
  iam_policy_use_name_prefix        = true
  iam_role_description              = "Karpenter controller IAM role for ${var.prefix} Kubernetes cluster"
  iam_role_max_session_duration     = null
  iam_role_name                     = "EKS${upper(var.prefix)}KarpenterController"
  iam_role_path                     = "/eks/cluster/${var.prefix}/"
  iam_role_permissions_boundary_arn = null
  iam_role_policies                 = {}
  iam_role_tags                     = {}
  iam_role_use_name_prefix          = false
  irsa_assume_role_condition_test   = "StringEquals"
  irsa_namespace_service_accounts   = ["kube-node-autoscaler:karpenter"]
  irsa_oidc_provider_arn            = module.kubernetes.oidc_provider_arn
  node_iam_role_additional_policies = {
    AmazonSSMManagedInstanceCore = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
  }
  node_iam_role_arn                       = module.kubernetes.eks_managed_node_groups["main"].iam_role_arn
  node_iam_role_attach_cni_policy         = true
  node_iam_role_description               = null
  node_iam_role_max_session_duration      = null
  node_iam_role_path                      = "/eks/cluster/${var.prefix}/"
  node_iam_role_permissions_boundary      = null
  node_iam_role_tags                      = {}
  node_iam_role_use_name_prefix           = true
  queue_kms_data_key_reuse_period_seconds = null
  queue_kms_master_key_id                 = null
  queue_managed_sse_enabled               = true
  queue_name                              = null
  rule_name_prefix                        = "Karpenter"
  tags                                    = var.tags
}

module "kube_node_autoscaler" {
  count                        = var.cluster_autoscaler_create ? 1 : 0
  source                       = "./modules/feature-node-autoscaler"
  helm_chart_repository        = try(coalesce(var.cluster_autoscaler.helm_chart_repository, "oci://public.registry.jetbrains.space/p/helm/library"), "oci://public.registry.jetbrains.space/p/helm/library")
  helm_chart_name              = try(coalesce(var.cluster_autoscaler.helm_chart_name, "kube-karpenter"), "kube-karpenter")
  helm_chart_version           = try(coalesce(var.cluster_autoscaler.helm_chart_version, "0.35.1"), "0.35.1")
  helm_chart_repository_config = try(coalesce(var.cluster_autoscaler.helm_chart_repository_config, null), null)
  helm_chart_values            = try(coalesce(var.cluster_autoscaler.helm_chart_values, null), null)
  helm_chart_params = concat(var.cluster_autoscaler.helm_chart_params, [{
    name  = "spec.serviceMonitor.enabled"
    value = "true"
  }])
  helm_chart_secrets           = var.cluster_autoscaler.helm_chart_secrets
  kubernetes_cluster_name      = module.kubernetes.cluster_name
  kubernetes_cluster_endpoint  = module.kubernetes.cluster_endpoint
  kubernetes_cluster_ca_bundle = module.kubernetes.cluster_certificate_authority_data
  aws_iam_role_arn             = module.node_autoscaler_required_aws_resources.iam_role_arn
  aws_interruption_queue       = module.node_autoscaler_required_aws_resources.queue_name
  depends_on = [
    module.cluster_monitoring,
    module.node_autoscaler_required_aws_resources
  ]
}


resource "kubectl_manifest" "default_ec2_node_class" {
  depends_on = [module.kube_node_autoscaler]
  count      = var.cluster_autoscaler_create ? 1 : 0
  yaml_body  = <<YAML
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
  name: default
spec:
    amiFamily: AL2
    role: "${module.kubernetes.eks_managed_node_groups["main"].iam_role_name}"
    subnetSelectorTerms:
        - tags:
            karpenter.sh/discovery: "${coalesce(var.cluster_autoscaler_subnet_selector, module.kubernetes.cluster_name)}"
    securityGroupSelectorTerms:
        - tags:
            karpenter.sh/discovery: "${module.kubernetes.cluster_name}"
    tags:
        Name: "${module.kubernetes.cluster_name}-node"
        karpenter.sh/discovery: "${module.kubernetes.cluster_name}"
    userData:
        #!/bin/bash
        sudo systemctl enable amazon-ssm-agent || true
        sudo systemctl start amazon-ssm-agent || true
    blockDeviceMappings:
    - deviceName: /dev/xvda
      ebs:
        volumeSize: 100Gi
        volumeType: gp3
        iops: 10000
YAML
}

resource "kubectl_manifest" "default_node_pool" {
  count      = var.cluster_autoscaler_create ? 1 : 0
  depends_on = [module.kube_node_autoscaler]
  yaml_body  = <<YAML
apiVersion: "karpenter.sh/v1beta1"
kind: NodePool
metadata:
  name: "default"
spec:
    template:
        spec:
          nodeClassRef:
              apiVersion: karpenter.k8s.aws/v1beta1
              kind: EC2NodeClass
              name: default
          requirements:
              - key: instance-storage
                operator: In
                values:
                  - 100Gi
                  - 200Gi
              - key: capacity-type
                operator: In
                values:
                  - spot
                  - on-demand
          kubelet:
              maxPods: 25
    disruption:
        consolidationPolicy: WhenUnderutilized
    limits:
        cpu: "2000"
        memory: "2000Gi"
    weight: 10
YAML
}