From fbc29eabdf8e2cf376fa810d4c6c535fbe6eb029 Mon Sep 17 00:00:00 2001
From: Venkata Mutyala <venkata@venkatamutyala.com>
Date: Tue, 13 Jun 2023 18:55:03 -0700
Subject: [PATCH] MAJOR: adding hostNetwork mode toggle, new ports, and
 centralized version control for terraform providers (#51)

feat: add toggle for host network mode and new port numbers for all hostNetwork services
MAJOR: remove all pinned versions since they are now being centrally controlled by our provider versions module
MAJOR: update glueops-platform chart to 0.16.0
---
 README.md                                     | 96 +++++++++----------
 captain-repo.tf                               | 26 +++--
 generate-helm-values.tf                       |  3 +-
 .../0.1.0/providers.tf                        |  5 +-
 modules/opsgenie/0.1.0/providers.tf           |  5 +-
 modules/tenant-readme/0.1.0/readme.tf         |  2 +-
 providers.tf                                  | 10 +-
 variables.tf                                  |  2 +
 8 files changed, 78 insertions(+), 71 deletions(-)

diff --git a/README.md b/README.md
index 6582b39b..eb4278ad 100644
--- a/README.md
+++ b/README.md
@@ -28,20 +28,16 @@ Some dependencies for this module must be creates prior to its use, including:
 
 ## Requirements
 
-| Name | Version |
-|------|---------|
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 4.67.0 |
-| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | 4.5.0 |
-| <a name="requirement_random"></a> [random](#requirement\_random) | 3.5.1 |
+No requirements.
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws.clientaccount"></a> [aws.clientaccount](#provider\_aws.clientaccount) | 4.67.0 |
-| <a name="provider_aws.management-tenant-dns"></a> [aws.management-tenant-dns](#provider\_aws.management-tenant-dns) | 4.67.0 |
-| <a name="provider_aws.primaryregion"></a> [aws.primaryregion](#provider\_aws.primaryregion) | 4.67.0 |
-| <a name="provider_random"></a> [random](#provider\_random) | 3.5.1 |
+| <a name="provider_aws.clientaccount"></a> [aws.clientaccount](#provider\_aws.clientaccount) | n/a |
+| <a name="provider_aws.management-tenant-dns"></a> [aws.management-tenant-dns](#provider\_aws.management-tenant-dns) | n/a |
+| <a name="provider_aws.primaryregion"></a> [aws.primaryregion](#provider\_aws.primaryregion) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
 
 ## Modules
 
@@ -51,7 +47,7 @@ Some dependencies for this module must be creates prior to its use, including:
 | <a name="module_captain_repository"></a> [captain\_repository](#module\_captain\_repository) | ./modules/github-captain-repository/0.1.0 | n/a |
 | <a name="module_common_s3"></a> [common\_s3](#module\_common\_s3) | ./modules/multy-s3-bucket/0.1.0 | n/a |
 | <a name="module_dnssec_key"></a> [dnssec\_key](#module\_dnssec\_key) | git::https://github.com/GlueOps/terraform-module-cloud-aws-dnssec-kms-key.git | v0.1.0 |
-| <a name="module_glueops_platform_helm_values"></a> [glueops\_platform\_helm\_values](#module\_glueops\_platform\_helm\_values) | git::https://github.com/GlueOps/platform-helm-chart-platform.git | v0.15.0 |
+| <a name="module_glueops_platform_helm_values"></a> [glueops\_platform\_helm\_values](#module\_glueops\_platform\_helm\_values) | git::https://github.com/GlueOps/platform-helm-chart-platform.git | v0.16.0 |
 | <a name="module_loki_s3"></a> [loki\_s3](#module\_loki\_s3) | ./modules/multy-s3-bucket/0.1.0 | n/a |
 | <a name="module_opsgenie_teams"></a> [opsgenie\_teams](#module\_opsgenie\_teams) | ./modules/opsgenie/0.1.0 | n/a |
 | <a name="module_tenant_readmes"></a> [tenant\_readmes](#module\_tenant\_readmes) | ./modules/tenant-readme/0.1.0 | n/a |
@@ -60,52 +56,52 @@ Some dependencies for this module must be creates prior to its use, including:
 
 | Name | Type |
 |------|------|
-| [aws_iam_access_key.certmanager](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_access_key) | resource |
-| [aws_iam_access_key.externaldns](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_access_key) | resource |
-| [aws_iam_access_key.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_access_key) | resource |
-| [aws_iam_access_key.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_access_key) | resource |
-| [aws_iam_access_key.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_access_key) | resource |
-| [aws_iam_policy.loki_logs_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.route53](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.vault_s3_backup](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_policy) | resource |
-| [aws_iam_user.certmanager](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user) | resource |
-| [aws_iam_user.externaldns](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user) | resource |
-| [aws_iam_user.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user) | resource |
-| [aws_iam_user.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user) | resource |
-| [aws_iam_user.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user) | resource |
-| [aws_iam_user_policy_attachment.certmanager](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user_policy_attachment) | resource |
-| [aws_iam_user_policy_attachment.externaldns](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user_policy_attachment) | resource |
-| [aws_iam_user_policy_attachment.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user_policy_attachment) | resource |
-| [aws_iam_user_policy_attachment.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user_policy_attachment) | resource |
-| [aws_iam_user_policy_attachment.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/iam_user_policy_attachment) | resource |
-| [aws_route53_hosted_zone_dnssec.cluster_zones](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_hosted_zone_dnssec) | resource |
-| [aws_route53_hosted_zone_dnssec.parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_hosted_zone_dnssec) | resource |
-| [aws_route53_key_signing_key.cluster_zones](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_key_signing_key) | resource |
-| [aws_route53_key_signing_key.parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_key_signing_key) | resource |
-| [aws_route53_record.cluster_zone_dnssec_records](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_record) | resource |
-| [aws_route53_record.cluster_zone_ns_records](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_record) | resource |
-| [aws_route53_record.delegation_to_parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_record) | resource |
-| [aws_route53_record.enable_dnssec_for_parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_record) | resource |
-| [aws_route53_record.wildcard_for_apps](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_record) | resource |
-| [aws_route53_zone.clusters](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_zone) | resource |
-| [aws_route53_zone.main](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/route53_zone) | resource |
-| [aws_s3_object.argocd_helm_values](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/s3_object) | resource |
-| [aws_s3_object.combined_outputs](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/s3_object) | resource |
-| [aws_s3_object.platform_helm_values](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/resources/s3_object) | resource |
-| [random_password.dex_argocd_client_secret](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
-| [random_password.dex_grafana_client_secret](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
-| [random_password.dex_pomerium_client_secret](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
-| [random_password.dex_vault_client_secret](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
-| [random_password.grafana_admin_secret](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
-| [aws_route53_zone.management_tenant_dns](https://registry.terraform.io/providers/hashicorp/aws/4.67.0/docs/data-sources/route53_zone) | data source |
+| [aws_iam_access_key.certmanager](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_access_key.externaldns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_access_key.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_access_key.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_access_key.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_policy.loki_logs_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.route53](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.vault_s3_backup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_user.certmanager](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user.externaldns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user_policy_attachment.certmanager](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy_attachment) | resource |
+| [aws_iam_user_policy_attachment.externaldns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy_attachment) | resource |
+| [aws_iam_user_policy_attachment.loki_log_exporter_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy_attachment) | resource |
+| [aws_iam_user_policy_attachment.loki_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy_attachment) | resource |
+| [aws_iam_user_policy_attachment.vault_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy_attachment) | resource |
+| [aws_route53_hosted_zone_dnssec.cluster_zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_hosted_zone_dnssec) | resource |
+| [aws_route53_hosted_zone_dnssec.parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_hosted_zone_dnssec) | resource |
+| [aws_route53_key_signing_key.cluster_zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_key_signing_key) | resource |
+| [aws_route53_key_signing_key.parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_key_signing_key) | resource |
+| [aws_route53_record.cluster_zone_dnssec_records](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.cluster_zone_ns_records](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.delegation_to_parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.enable_dnssec_for_parent_tenant_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.wildcard_for_apps](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_zone.clusters](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
+| [aws_route53_zone.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
+| [aws_s3_object.argocd_helm_values](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
+| [aws_s3_object.combined_outputs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
+| [aws_s3_object.platform_helm_values](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
+| [random_password.dex_argocd_client_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [random_password.dex_grafana_client_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [random_password.dex_pomerium_client_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [random_password.dex_vault_client_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [random_password.grafana_admin_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [aws_route53_zone.management_tenant_dns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_backup_region"></a> [backup\_region](#input\_backup\_region) | The secondary S3 region to create S3 bucket in used for backups. This should be different than the primary region and will have the data from the primary region replicated to it. | `string` | n/a | yes |
-| <a name="input_cluster_environments"></a> [cluster\_environments](#input\_cluster\_environments) | The cluster environments and their respective github app ids | <pre>list(object({<br>    environment_name                     = string<br>    github_oauth_app_client_id           = string<br>    github_oauth_app_client_secret       = string<br>    github_tenant_app_id                 = string<br>    github_tenant_app_installation_id    = string<br>    github_tenant_app_b64enc_private_key = string<br>    admin_github_org_name                = string<br>    tenant_github_org_name               = string<br>    vault_github_org_team_policy_mappings = list(object({<br>      oidc_groups = list(string)<br>      policy_name = string<br>    }))<br>    argocd_rbac_policies = string<br><br>  }))</pre> | <pre>[<br>  {<br>    "admin_github_org_name": "GlueOps",<br>    "argocd_rbac_policies": "      g, GlueOps:argocd_super_admins, role:admin\n      g, glueops-rocks:developers, role:developers\n      p, role:developers, clusters, get, *, allow\n      p, role:developers, *, get, development, allow\n      p, role:developers, repositories, *, development/*, allow\n      p, role:developers, applications, *, development/*, allow\n      p, role:developers, exec, *, development/*, allow\n",<br>    "environment_name": "test",<br>    "github_oauth_app_client_id": "oauth-app-id",<br>    "github_oauth_app_client_secret": "oauth-app-secret",<br>    "github_tenant_app_b64enc_private_key": "tenant-github-app-b64enc-private-key",<br>    "github_tenant_app_id": "tenant-github-app-id",<br>    "github_tenant_app_installation_id": "tenant-github-app-installation-id",<br>    "tenant_github_org_name": "glueops-rocks",<br>    "vault_github_org_team_policy_mappings": [<br>      {<br>        "oidc_groups": [<br>          "GlueOps:vault_super_admins"<br>        ],<br>        "policy_name": "editor"<br>      },<br>      {<br>        "oidc_groups": [<br>          "GlueOps:vault_super_admins",<br>          "testing-okta:developers"<br>        ],<br>        "policy_name": "reader"<br>      }<br>    ]<br>  }<br>]</pre> | no |
+| <a name="input_cluster_environments"></a> [cluster\_environments](#input\_cluster\_environments) | The cluster environments and their respective github app ids | <pre>list(object({<br>    environment_name                     = string<br>    host_network_enabled                 = bool<br>    github_oauth_app_client_id           = string<br>    github_oauth_app_client_secret       = string<br>    github_tenant_app_id                 = string<br>    github_tenant_app_installation_id    = string<br>    github_tenant_app_b64enc_private_key = string<br>    admin_github_org_name                = string<br>    tenant_github_org_name               = string<br>    vault_github_org_team_policy_mappings = list(object({<br>      oidc_groups = list(string)<br>      policy_name = string<br>    }))<br>    argocd_rbac_policies = string<br><br>  }))</pre> | <pre>[<br>  {<br>    "admin_github_org_name": "GlueOps",<br>    "argocd_rbac_policies": "      g, GlueOps:argocd_super_admins, role:admin\n      g, glueops-rocks:developers, role:developers\n      p, role:developers, clusters, get, *, allow\n      p, role:developers, *, get, development, allow\n      p, role:developers, repositories, *, development/*, allow\n      p, role:developers, applications, *, development/*, allow\n      p, role:developers, exec, *, development/*, allow\n",<br>    "environment_name": "test",<br>    "github_oauth_app_client_id": "oauth-app-id",<br>    "github_oauth_app_client_secret": "oauth-app-secret",<br>    "github_tenant_app_b64enc_private_key": "tenant-github-app-b64enc-private-key",<br>    "github_tenant_app_id": "tenant-github-app-id",<br>    "github_tenant_app_installation_id": "tenant-github-app-installation-id",<br>    "host_network_enabled": true,<br>    "tenant_github_org_name": "glueops-rocks",<br>    "vault_github_org_team_policy_mappings": [<br>      {<br>        "oidc_groups": [<br>          "GlueOps:vault_super_admins"<br>        ],<br>        "policy_name": "editor"<br>      },<br>      {<br>        "oidc_groups": [<br>          "GlueOps:vault_super_admins",<br>          "testing-okta:developers"<br>        ],<br>        "policy_name": "reader"<br>      }<br>    ]<br>  }<br>]</pre> | no |
 | <a name="input_github_owner"></a> [github\_owner](#input\_github\_owner) | The GitHub Owner where the tenant repo will be deployed. | `string` | n/a | yes |
 | <a name="input_management_tenant_dns_aws_account_id"></a> [management\_tenant\_dns\_aws\_account\_id](#input\_management\_tenant\_dns\_aws\_account\_id) | The company AWS account id for the management-tenant-dns account | `string` | n/a | yes |
 | <a name="input_management_tenant_dns_zoneid"></a> [management\_tenant\_dns\_zoneid](#input\_management\_tenant\_dns\_zoneid) | The Route53 ZoneID that all the delegation is coming from. | `string` | n/a | yes |
diff --git a/captain-repo.tf b/captain-repo.tf
index 888aaa1e..2cdc4f02 100644
--- a/captain-repo.tf
+++ b/captain-repo.tf
@@ -1,12 +1,26 @@
+locals {
+
+  provider_versions_tf_file = <<EOT
+module "provider_versions" {
+  source = "git::https://github.com/GlueOps/terraform-module-provider-versions.git"
+}
+
+EOT
+
+}
+
 module "captain_repository" {
   for_each        = local.environment_map
   source          = "./modules/github-captain-repository/0.1.0"
   repository_name = "${each.value.environment_name}.${aws_route53_zone.main.name}"
   files_to_create = {
-    "argocd.yaml"                            = module.argocd_helm_values[each.value.environment_name].helm_values
-    "platform.yaml"                          = module.glueops_platform_helm_values[each.value.environment_name].helm_values
-    "README.md"                              = module.tenant_readmes[each.value.environment_name].tenant_readme
-    "terraform/kubernetes/.gitkeep"          = ""
+    "argocd.yaml"                                         = module.argocd_helm_values[each.value.environment_name].helm_values
+    "platform.yaml"                                       = module.glueops_platform_helm_values[each.value.environment_name].helm_values
+    "README.md"                                           = module.tenant_readmes[each.value.environment_name].tenant_readme
+    "terraform/kubernetes/provider_versions.tf"           = local.provider_versions_tf_file
+    "terraform/vault/initialization/provider_versions.tf" = local.provider_versions_tf_file
+    "terraform/vault/configuration/provider_versions.tf"  = local.provider_versions_tf_file
+
     ".gitignore"                             = <<EOT
 
 .terraform
@@ -15,13 +29,13 @@ module "captain_repository" {
 EOT
     "terraform/vault/initialization/main.tf" = <<EOT
 module "initialize_vault_cluster" {
-  source = "git::https://github.com/GlueOps/terraform-module-kubernetes-hashicorp-vault-initialization.git?ref=v0.3.0"
+  source = "git::https://github.com/GlueOps/terraform-module-kubernetes-hashicorp-vault-initialization.git?ref=v0.4.0"
 }
 
 EOT
     "terraform/vault/configuration/main.tf"  = <<EOT
 module "configure_vault_cluster" {
-    source = "git::https://github.com/GlueOps/terraform-module-kubernetes-hashicorp-vault-configuration.git?ref=v0.4.3"
+    source = "git::https://github.com/GlueOps/terraform-module-kubernetes-hashicorp-vault-configuration.git?ref=v0.5.1"
     oidc_client_secret = "${random_password.dex_vault_client_secret[each.key].result}"
     captain_domain = "${each.value.environment_name}.${aws_route53_zone.main.name}"
     org_team_policy_mappings = [
diff --git a/generate-helm-values.tf b/generate-helm-values.tf
index 3cd6d25c..c3b71eb3 100644
--- a/generate-helm-values.tf
+++ b/generate-helm-values.tf
@@ -38,7 +38,7 @@ resource "random_password" "grafana_admin_secret" {
 
 module "glueops_platform_helm_values" {
   for_each                             = local.environment_map
-  source                               = "git::https://github.com/GlueOps/platform-helm-chart-platform.git?ref=v0.15.0"
+  source                               = "git::https://github.com/GlueOps/platform-helm-chart-platform.git?ref=v0.16.0"
   this_is_development                  = var.this_is_development
   dex_github_client_id                 = each.value.github_oauth_app_client_id
   dex_github_client_secret             = each.value.github_oauth_app_client_secret
@@ -67,6 +67,7 @@ module "glueops_platform_helm_values" {
   github_tenant_app_id                 = each.value.github_tenant_app_id
   github_tenant_app_installation_id    = each.value.github_tenant_app_installation_id
   github_tenant_app_b64enc_private_key = each.value.github_tenant_app_b64enc_private_key
+  host_network_enabled                 = each.value.host_network_enabled
 }
 
 resource "aws_s3_object" "platform_helm_values" {
diff --git a/modules/github-captain-repository/0.1.0/providers.tf b/modules/github-captain-repository/0.1.0/providers.tf
index 6d2d53ee..fbe53be7 100644
--- a/modules/github-captain-repository/0.1.0/providers.tf
+++ b/modules/github-captain-repository/0.1.0/providers.tf
@@ -1,8 +1,7 @@
 terraform {
   required_providers {
     github = {
-      source  = "integrations/github"
-      version = "5.25.0"
+      source = "integrations/github"
     }
   }
-}
\ No newline at end of file
+}
diff --git a/modules/opsgenie/0.1.0/providers.tf b/modules/opsgenie/0.1.0/providers.tf
index ca416525..60183bfa 100644
--- a/modules/opsgenie/0.1.0/providers.tf
+++ b/modules/opsgenie/0.1.0/providers.tf
@@ -1,8 +1,7 @@
 terraform {
   required_providers {
     opsgenie = {
-      source  = "opsgenie/opsgenie"
-      version = "0.6.20"
+      source = "opsgenie/opsgenie"
     }
   }
-}
\ No newline at end of file
+}
diff --git a/modules/tenant-readme/0.1.0/readme.tf b/modules/tenant-readme/0.1.0/readme.tf
index 51dc01ca..6e8a4b2e 100644
--- a/modules/tenant-readme/0.1.0/readme.tf
+++ b/modules/tenant-readme/0.1.0/readme.tf
@@ -37,7 +37,7 @@ locals {
   codespace_version         = "v0.24.0"
   argocd_crd_version        = "v2.7.4"
   argocd_helm_chart_version = "5.36.1"
-  glueops_platform_version  = "0.15.0"
+  glueops_platform_version  = "0.16.0"
   tools_version             = "v0.1.4"
 }
 
diff --git a/providers.tf b/providers.tf
index e4b3a5e5..e943bf68 100644
--- a/providers.tf
+++ b/providers.tf
@@ -1,16 +1,13 @@
 terraform {
   required_providers {
     cloudflare = {
-      source  = "cloudflare/cloudflare"
-      version = "4.5.0"
+      source = "cloudflare/cloudflare"
     }
     aws = {
-      source  = "hashicorp/aws"
-      version = "4.67.0"
+      source = "hashicorp/aws"
     }
     random = {
-      source  = "hashicorp/random"
-      version = "3.5.1"
+      source = "hashicorp/random"
     }
   }
 }
@@ -46,4 +43,3 @@ provider "aws" {
     role_arn = "arn:aws:iam::${var.tenant_account_id}:role/OrganizationAccountAccessRole"
   }
 }
-
diff --git a/variables.tf b/variables.tf
index e52367a6..6d6a0ab3 100644
--- a/variables.tf
+++ b/variables.tf
@@ -41,6 +41,7 @@ variable "cluster_environments" {
   description = "The cluster environments and their respective github app ids"
   type = list(object({
     environment_name                     = string
+    host_network_enabled                 = bool
     github_oauth_app_client_id           = string
     github_oauth_app_client_secret       = string
     github_tenant_app_id                 = string
@@ -58,6 +59,7 @@ variable "cluster_environments" {
   default = [
     {
       environment_name                     = "test"
+      host_network_enabled                 = true
       github_oauth_app_client_id           = "oauth-app-id"
       github_oauth_app_client_secret       = "oauth-app-secret"
       github_tenant_app_id                 = "tenant-github-app-id"