Skip to content
This repository has been archived by the owner on Aug 11, 2021. It is now read-only.

Error in plan-stage when having both the CRD definitons (using Helm) and using the CRD #218

Open
sindreij opened this issue May 26, 2021 · 0 comments
Open

Error in plan-stage when having both the CRD definitons (using Helm) and using the CRD #218

sindreij opened this issue May 26, 2021 · 0 comments
Labels
bug Something isn't working progressive-apply

Comments

@sindreij
Copy link

Terraform, Provider, Kubernetes versions

Terraform version: v0.15.4
Provider version: v0.4.1
Kubernetes version: 1.18.17-gke.700

Affected Resource(s)

  • kubernetes_manifest

Terraform Configuration Files

provider "kubernetes-alpha" {
  host = "https://${google_container_cluster.primary.endpoint}"

  token                  = data.google_client_config.default.access_token
  cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth[0].cluster_ca_certificate)
}


provider "helm" {
  kubernetes {
    host                   = google_container_cluster.primary.endpoint
    cluster_ca_certificate = base64decode(google_container_cluster.primary.master_auth[0].cluster_ca_certificate)
    token                  = data.google_client_config.default.access_token
  }
}

resource "helm_release" "cert_manager" {
  name             = "cert-manager"
  repository       = "https://charts.jetstack.io"
  version          = "1.3.1"
  chart            = "cert-manager"
  namespace        = "cert-manager"
  create_namespace = true
  wait             = true
  wait_for_jobs    = true
  values = [
    "${templatefile("helm_config/cert_manager.yaml", {})}"
  ]
}

resource "kubernetes_manifest" "clusterissuer_letsencrypt_prod" {
  depends_on = [helm_release.cert_manager]
  provider   = kubernetes-alpha
  manifest = {
    "apiVersion" = "cert-manager.io/v1"
    "kind"       = "ClusterIssuer"
    "metadata" = {
      "name"      = "letsencrypt-prod"
      "namespace" = "cert-manager"
    }
    "spec" = {
      "acme" = {
        "server" = "https://acme-v02.api.letsencrypt.org/directory"
        "email"  = "SNIP"
        "privateKeySecretRef" = {
          "name" = "letsencrypt-prod"
        }
        "solvers" = [
          {
            "http01" = {
              "ingress" = {
                "class" = "nginx"
              }
            }
            "selector" = {}
          },
        ]
      }
    }
  }
}

Error

When running terraform plan the above config I get the following error.

Error: Failed to determine GroupVersionResource for manifest
│ 
│   with kubernetes_manifest.clusterissuer_letsencrypt_prod,
│   on cert_manager.tf line 54, in resource "kubernetes_manifest" "clusterissuer_letsencrypt_prod":
│   54: resource "kubernetes_manifest" "clusterissuer_letsencrypt_prod" {
│ 
│ no matches for kind "ClusterIssuer" in group "cert-manager.io"

It's correct that cert-manager.io don't exist. It will be created by the helm resource. However it cannot be created because it blocks in the planning state.

References

The same issue has been mentioned in #72.

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working progressive-apply
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sindreij @jrhouston