From f166961c98edf5b03fccdcfd5a1fdb94229481f4 Mon Sep 17 00:00:00 2001
From: dkeightley <derek@rancher.com>
Date: Wed, 8 Jan 2025 13:42:24 +1300
Subject: [PATCH 1/3] Add both kubeconfig path/file vars to tfvars.example

---
 recipes/upstream/aws/k3s/terraform.tfvars.example         | 5 +++--
 recipes/upstream/aws/rke/main.tf                          | 1 -
 recipes/upstream/aws/rke/terraform.tfvars.example         | 5 +++--
 recipes/upstream/aws/rke2/terraform.tfvars.example        | 5 +++--
 .../upstream/digitalocean/rke/terraform.tfvars.example    | 5 +++--
 .../upstream/google-cloud/k3s/terraform.tfvars.example    | 8 +++-----
 .../upstream/google-cloud/rke2/terraform.tfvars.example   | 8 +++-----
 7 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/recipes/upstream/aws/k3s/terraform.tfvars.example b/recipes/upstream/aws/k3s/terraform.tfvars.example
index 5fb3ee46..015e48f1 100644
--- a/recipes/upstream/aws/k3s/terraform.tfvars.example
+++ b/recipes/upstream/aws/k3s/terraform.tfvars.example
@@ -52,5 +52,6 @@ create_ssh_key_pair = true
 # ssh_key_pair_path  = "/path/to/private/key.pem"
 #####
 
-## -- Override the default (${prefix}_kube_config.yml) kubeconfig file/path
-# kube_config_path = "~/.kube/rancher-terraform.yml"
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
diff --git a/recipes/upstream/aws/rke/main.tf b/recipes/upstream/aws/rke/main.tf
index 96a58235..955feabb 100644
--- a/recipes/upstream/aws/rke/main.tf
+++ b/recipes/upstream/aws/rke/main.tf
@@ -26,7 +26,6 @@ module "rke" {
   kube_config_path     = var.kube_config_path
   kube_config_filename = var.kube_config_filename
   kubernetes_version   = var.kubernetes_version
-
 }
 
 locals {
diff --git a/recipes/upstream/aws/rke/terraform.tfvars.example b/recipes/upstream/aws/rke/terraform.tfvars.example
index 9f1a5425..e55711e1 100644
--- a/recipes/upstream/aws/rke/terraform.tfvars.example
+++ b/recipes/upstream/aws/rke/terraform.tfvars.example
@@ -47,5 +47,6 @@ create_ssh_key_pair = true
 # ssh_key_pair_path  = "/path/to/private/key.pem"
 #####
 
-## -- Override the default (${prefix}_kube_config.yml) kubeconfig file/path
-# kube_config_path = "~/.kube/rancher-terraform.yml"
\ No newline at end of file
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
\ No newline at end of file
diff --git a/recipes/upstream/aws/rke2/terraform.tfvars.example b/recipes/upstream/aws/rke2/terraform.tfvars.example
index e3f49a7e..ece1e729 100644
--- a/recipes/upstream/aws/rke2/terraform.tfvars.example
+++ b/recipes/upstream/aws/rke2/terraform.tfvars.example
@@ -50,5 +50,6 @@ create_ssh_key_pair = true
 # ssh_key_pair_path  = "/path/to/private/key.pem"
 #####
 
-## -- Override the default (${prefix}_kube_config.yml) kubeconfig file/path
-# kube_config_path = "~/.kube/rancher-terraform.yml"
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
\ No newline at end of file
diff --git a/recipes/upstream/digitalocean/rke/terraform.tfvars.example b/recipes/upstream/digitalocean/rke/terraform.tfvars.example
index 50aaded3..8b004fa4 100644
--- a/recipes/upstream/digitalocean/rke/terraform.tfvars.example
+++ b/recipes/upstream/digitalocean/rke/terraform.tfvars.example
@@ -40,8 +40,9 @@
 # If 'create_ssh_key_pair' is set to false, give the name of an ssh key on DigitalOcean
 # ssh_key_pair_name = "terraform"
 
-# Filepath to the private ssh key to be uploaded or already existing on DigitalOcean 
-# ssh_key_pair_path = "~/.ssh/terraform"
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
 
 # DigitalOcean authentication token 
 # do_token = ""
diff --git a/recipes/upstream/google-cloud/k3s/terraform.tfvars.example b/recipes/upstream/google-cloud/k3s/terraform.tfvars.example
index c567cabc..adf0bbfc 100644
--- a/recipes/upstream/google-cloud/k3s/terraform.tfvars.example
+++ b/recipes/upstream/google-cloud/k3s/terraform.tfvars.example
@@ -75,11 +75,9 @@ ssh_username = "ubuntu"
 ## -- K3s custom config file
 # k3s_config = "<K3s_CONFIG_FILE>"
 
-## -- K3s KUBECONFIG file path
-# kube_config_path = "<KUBE_CONFIG_PATH>"
-
-## -- K3s KUBECONFIG file
-# kube_config_filename = "<KUBE_CONFIG_FILENAME>"
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
 
 ## -- Bootstrap the Rancher installation
 # bootstrap_rancher = false
diff --git a/recipes/upstream/google-cloud/rke2/terraform.tfvars.example b/recipes/upstream/google-cloud/rke2/terraform.tfvars.example
index 940a2cb9..07a43306 100644
--- a/recipes/upstream/google-cloud/rke2/terraform.tfvars.example
+++ b/recipes/upstream/google-cloud/rke2/terraform.tfvars.example
@@ -69,11 +69,9 @@ ssh_username = "ubuntu"
 ## -- RKE2 custom config file
 # rke2_config = "<RKE2_CONFIG_FILE>"
 
-## -- RKE2 KUBECONFIG file path
-# kube_config_path = "<KUBE_CONFIG_PATH>"
-
-## -- RKE2 KUBECONFIG file
-# kube_config_filename = "<KUBE_CONFIG_FILENAME>"
+## -- Override the default (./${prefix}_kube_config.yml) kubeconfig path and filename
+# kube_config_path = "~/.kube"
+# kube_config_filename = "rancher-terraform.yml"
 
 ## -- Bootstrap the Rancher installation
 # bootstrap_rancher = false

From 936b82839ffb4d2998a2832246d578fc09954aa2 Mon Sep 17 00:00:00 2001
From: dkeightley <derek@rancher.com>
Date: Tue, 4 Feb 2025 11:16:59 +1300
Subject: [PATCH 2/3] Use pathexpand to handle shell expansions

---
 recipes/upstream/aws/k3s/main.tf           | 5 ++---
 recipes/upstream/aws/rke2/main.tf          | 5 ++---
 recipes/upstream/google-cloud/k3s/main.tf  | 6 ++----
 recipes/upstream/google-cloud/rke2/main.tf | 6 ++----
 4 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/recipes/upstream/aws/k3s/main.tf b/recipes/upstream/aws/k3s/main.tf
index fe61f54c..ae94190f 100644
--- a/recipes/upstream/aws/k3s/main.tf
+++ b/recipes/upstream/aws/k3s/main.tf
@@ -1,7 +1,6 @@
 locals {
   kc_path        = var.kube_config_path != null ? var.kube_config_path : path.cwd
   kc_file        = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
-  kc_file_backup = "${local.kc_file}.backup"
 }
 
 module "k3s_first" {
@@ -90,13 +89,13 @@ resource "ssh_resource" "retrieve_kubeconfig" {
 }
 
 resource "local_file" "kube_config_yaml" {
-  filename        = local.kc_file
+  filename        = pathexpand(local.kc_file)
   content         = ssh_resource.retrieve_kubeconfig.result
   file_permission = "0600"
 }
 
 resource "local_file" "kube_config_yaml_backup" {
-  filename        = local.kc_file_backup
+  filename        = pathexpand("${local.kc_file}.backup")
   content         = ssh_resource.retrieve_kubeconfig.result
   file_permission = "0600"
 }
diff --git a/recipes/upstream/aws/rke2/main.tf b/recipes/upstream/aws/rke2/main.tf
index d12eb656..69dc2ac0 100644
--- a/recipes/upstream/aws/rke2/main.tf
+++ b/recipes/upstream/aws/rke2/main.tf
@@ -1,7 +1,6 @@
 locals {
   kc_path        = var.kube_config_path != null ? var.kube_config_path : path.cwd
   kc_file        = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
-  kc_file_backup = "${local.kc_file}.backup"
 }
 
 module "rke2_first" {
@@ -71,13 +70,13 @@ resource "ssh_resource" "retrieve_kubeconfig" {
 }
 
 resource "local_file" "kube_config_yaml" {
-  filename        = local.kc_file
+  filename        = pathexpand(local.kc_file)
   content         = ssh_resource.retrieve_kubeconfig.result
   file_permission = "0600"
 }
 
 resource "local_file" "kube_config_yaml_backup" {
-  filename        = local.kc_file_backup
+  filename        = pathexpand("${local.kc_file}.backup")
   content         = ssh_resource.retrieve_kubeconfig.result
   file_permission = "0600"
 }
diff --git a/recipes/upstream/google-cloud/k3s/main.tf b/recipes/upstream/google-cloud/k3s/main.tf
index 29958bde..7ab120f7 100644
--- a/recipes/upstream/google-cloud/k3s/main.tf
+++ b/recipes/upstream/google-cloud/k3s/main.tf
@@ -115,11 +115,9 @@ resource "ssh_resource" "retrieve_kubeconfig" {
 }
 
 resource "local_file" "kube_config_yaml" {
-  depends_on = [ssh_resource.retrieve_kubeconfig]
-
-  filename        = local.kc_file
-  file_permission = "0600"
+  filename        = pathexpand(local.kc_file)
   content         = ssh_resource.retrieve_kubeconfig.result
+  file_permission = "0600"
 }
 
 provider "kubernetes" {
diff --git a/recipes/upstream/google-cloud/rke2/main.tf b/recipes/upstream/google-cloud/rke2/main.tf
index 87f7ca0c..46d83802 100644
--- a/recipes/upstream/google-cloud/rke2/main.tf
+++ b/recipes/upstream/google-cloud/rke2/main.tf
@@ -91,11 +91,9 @@ resource "ssh_resource" "retrieve_kubeconfig" {
 }
 
 resource "local_file" "kube_config_yaml" {
-  depends_on = [ssh_resource.retrieve_kubeconfig]
-
-  filename        = local.kc_file
-  file_permission = "0600"
+  filename        = pathexpand(local.kc_file)
   content         = ssh_resource.retrieve_kubeconfig.result
+  file_permission = "0600"
 }
 
 provider "kubernetes" {

From 77a0d59664583a765a24c0b89d20e650dd5fb119 Mon Sep 17 00:00:00 2001
From: dkeightley <derek@rancher.com>
Date: Tue, 4 Feb 2025 11:21:03 +1300
Subject: [PATCH 3/3] fmt

---
 recipes/upstream/aws/k3s/main.tf  | 4 ++--
 recipes/upstream/aws/rke2/main.tf | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/recipes/upstream/aws/k3s/main.tf b/recipes/upstream/aws/k3s/main.tf
index ae94190f..d7b9b08d 100644
--- a/recipes/upstream/aws/k3s/main.tf
+++ b/recipes/upstream/aws/k3s/main.tf
@@ -1,6 +1,6 @@
 locals {
-  kc_path        = var.kube_config_path != null ? var.kube_config_path : path.cwd
-  kc_file        = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
+  kc_path = var.kube_config_path != null ? var.kube_config_path : path.cwd
+  kc_file = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
 }
 
 module "k3s_first" {
diff --git a/recipes/upstream/aws/rke2/main.tf b/recipes/upstream/aws/rke2/main.tf
index 69dc2ac0..1d51f873 100644
--- a/recipes/upstream/aws/rke2/main.tf
+++ b/recipes/upstream/aws/rke2/main.tf
@@ -1,6 +1,6 @@
 locals {
-  kc_path        = var.kube_config_path != null ? var.kube_config_path : path.cwd
-  kc_file        = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
+  kc_path = var.kube_config_path != null ? var.kube_config_path : path.cwd
+  kc_file = var.kube_config_filename != null ? "${local.kc_path}/${var.kube_config_filename}" : "${local.kc_path}/${var.prefix}_kube_config.yml"
 }
 
 module "rke2_first" {