From 070ce71e34d01399309e7d34a406db33e23f7123 Mon Sep 17 00:00:00 2001 From: tuna Date: Fri, 23 Aug 2024 16:51:07 +0200 Subject: [PATCH] fix --- terraform/app.tf | 118 +++++++++++++++++++++++------------------------ 1 file changed, 59 insertions(+), 59 deletions(-) diff --git a/terraform/app.tf b/terraform/app.tf index f2a395c..4ae45e7 100644 --- a/terraform/app.tf +++ b/terraform/app.tf @@ -1,60 +1,60 @@ -# # This hcl file is responsible for the configuration deployment that will be used by ArgoCD - -# # ApplicationSet resource for the applications that argoCD will manage -# data "kubectl_file_documents" "apps" { -# content = file("../manifests/argocd/apps.yaml") -# } - -# resource "kubectl_manifest" "apps" { -# # Needs to depend on argocd deployment, since we'll configure it after deployment finishes -# depends_on = [kubectl_manifest.argocd] -# # for_each iterates over each manifest in the namespace file -# for_each = data.kubectl_file_documents.apps.manifests -# # Applies the content of each manifest to the Kubernetes cluster -# yaml_body = each.value -# # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace -# override_namespace = "argocd" -# } - -# # MANAGING SECRETS USING External Secrets -# # External-Secrets operator for the retrieval of secrets -# data "kubectl_file_documents" "external-secrets" { -# content = file("../manifests/argocd/external-secrets.yaml") -# } - -# resource "kubectl_manifest" "external-secrets" { -# # It needs to depend on argocd creation, since we'll deploy external-secrets right after argocd gets created -# depends_on = [ -# kubectl_manifest.argocd, -# ] -# # for_each iterates over each manifest in the namespace file -# for_each = data.kubectl_file_documents.external-secrets.manifests -# # Applies the content of each manifest to the Kubernetes cluster -# yaml_body = each.value -# # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace -# override_namespace = "argocd" -# } - -# # # File that holds the secret resource that have service account credentials -# data "kubectl_file_documents" "gcpsm-secret" { -# content = file("../manifests/argocd/gcpsm-secret.yaml") -# } - -# resource "kubectl_manifest" "gcpsm-secret" { -# for_each = data.kubectl_file_documents.gcpsm-secret.manifests -# yaml_body = each.value -# } - -# # SecretStore resource that uses secret resource to retrieve external secrets -# data "kubectl_file_documents" "secret-store" { -# content = file("../manifests/argocd/secret-store.yaml") -# } - -# resource "kubectl_manifest" "secret-store" { -# depends_on = [ -# kubectl_manifest.gcpsm-secret, -# ] -# for_each = data.kubectl_file_documents.secret-store.manifests -# yaml_body = each.value -# } +# This hcl file is responsible for the configuration deployment that will be used by ArgoCD + +# ApplicationSet resource for the applications that argoCD will manage +data "kubectl_file_documents" "apps" { + content = file("../manifests/argocd/apps.yaml") +} + +resource "kubectl_manifest" "apps" { + # Needs to depend on argocd deployment, since we'll configure it after deployment finishes + depends_on = [kubectl_manifest.argocd] + # for_each iterates over each manifest in the namespace file + for_each = data.kubectl_file_documents.apps.manifests + # Applies the content of each manifest to the Kubernetes cluster + yaml_body = each.value + # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace + override_namespace = "argocd" +} + +# MANAGING SECRETS USING External Secrets +# External-Secrets operator for the retrieval of secrets +data "kubectl_file_documents" "external-secrets" { + content = file("../manifests/argocd/external-secrets.yaml") +} + +resource "kubectl_manifest" "external-secrets" { + # It needs to depend on argocd creation, since we'll deploy external-secrets right after argocd gets created + depends_on = [ + kubectl_manifest.argocd, + ] + # for_each iterates over each manifest in the namespace file + for_each = data.kubectl_file_documents.external-secrets.manifests + # Applies the content of each manifest to the Kubernetes cluster + yaml_body = each.value + # Forces the namespace to be set to argocd, ensuring that all resources are created in the correct namespace + override_namespace = "argocd" +} + +# # File that holds the secret resource that have service account credentials +data "kubectl_file_documents" "gcpsm-secret" { + content = file("../manifests/argocd/gcpsm-secret.yaml") +} + +resource "kubectl_manifest" "gcpsm-secret" { + for_each = data.kubectl_file_documents.gcpsm-secret.manifests + yaml_body = each.value +} + +# SecretStore resource that uses secret resource to retrieve external secrets +data "kubectl_file_documents" "secret-store" { + content = file("../manifests/argocd/secret-store.yaml") +} + +resource "kubectl_manifest" "secret-store" { + depends_on = [ + kubectl_manifest.gcpsm-secret, + ] + for_each = data.kubectl_file_documents.secret-store.manifests + yaml_body = each.value +}