Skip to content

Commit

Permalink
[HELM] - Custom Backend Secret
Browse files Browse the repository at this point in the history
Extending the helm chart to allow for the creation of the backend secret
  • Loading branch information
gambol99 committed May 20, 2023
1 parent bb435de commit 80349c8
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 9 deletions.
10 changes: 10 additions & 0 deletions charts/terranetes-controller/templates/backend.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
{{- if and ( .Values.controller.backend.name ) ( .Values.controller.backend.template ) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.controller.backend.name }}
stringData:
backend.tf: |
{{ .Values.controller.backend.template }}
{{- end }}
4 changes: 2 additions & 2 deletions charts/terranetes-controller/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,8 @@ spec:
{{- if .Values.controller.costs.secret }}
- --cost-secret={{ .Values.controller.costs.secret }}
{{- end }}
{{- if .Values.controller.backendTemplate }}
- --backend-template={{ .Values.controller.backendTemplate }}
{{- if .Values.controller.backend.name }}
- --backend-template={{ .Values.controller.backend.name }}
{{- end }}
- --drift-controller-interval={{ .Values.controller.driftControllerInterval }}
- --drift-interval={{ .Values.controller.driftInterval }}
Expand Down
12 changes: 8 additions & 4 deletions charts/terranetes-controller/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,14 @@ controller:
# Executor secrets includes the following secrets in 'all' execution jobs. The secret is added
# as an environment variables (spec.envFrom) into the terranetes container of the executor
executorSecrets: []
# Overrides the default terraform state backend from Kubernetes secret to anything defined on the
# template. This value is the name of a secret in the controller namespace which contains a
# backend.tf key, holding a golang template to use for the terraform state
backendTemplate: ""
# Configuration for the backend terraform state template
backend:
# Overrides the default terraform state backend from Kubernetes secret to anything defined on the
# template. This value is the name of a secret in the controller namespace which contains a
# backend.tf key, holding a golang template to use for the terraform state
name: ""
# Template will automatically create a backend secret for you
template: ""
# Configuration related to costs
costs:
# Name of the secret containing the infracost api token
Expand Down
8 changes: 5 additions & 3 deletions test/e2e/integration/custom-state-backend.bats
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ teardown() {
terraform {
backend "s3" {
bucket = "terranetes-controller-state-e2e"
key = "${GITHUB_RUN_ID:-'test'}/{{ .namespace }}/{{ .name }}"
key = "${GITHUB_RUN_ID:-test}/{{ .namespace }}/{{ .name }}"
region = "eu-west-2"
access_key = "${AWS_ACCESS_KEY_ID}"
secret_key = "${AWS_SECRET_ACCESS_KEY}"
Expand All @@ -58,7 +58,8 @@ EOF
if [[ "${USE_CHART}" == "false" ]]; then
cat <<EOF > ${BATS_TMPDIR}/my_values.yaml
controller:
backendTemplate: terraform-backend-config
backend:
name: terraform-backend-config
images:
controller: "ghcr.io/appvia/terranetes-controller:${VERSION}"
executor: "ghcr.io/appvia/terranetes-executor:${VERSION}"
Expand All @@ -70,7 +71,8 @@ EOF

cat <<EOF > ${BATS_TMPDIR}/my_values.yaml
controller:
backendTemplate: terraform-backend-config
backend:
name: terraform-backend-config
costs:
secret: infracost-api
EOF
Expand Down

0 comments on commit 80349c8

Please sign in to comment.