-
Notifications
You must be signed in to change notification settings - Fork 1.4k
/
Copy pathmanifests.tf
85 lines (74 loc) · 3.68 KB
/
manifests.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
variable "manifest_names" {
default = [
"01-tectonic-namespace.yaml",
"02-ingress-namespace.yaml",
"03-openshift-web-console-namespace.yaml",
"app-version-kind.yaml",
"app-version-tectonic-network.yaml",
"app-version-tnc.yaml",
"kube-apiserver-secret.yaml",
"kube-cloud-config.yaml",
"kube-controller-manager-secret.yaml",
"node-config-kind.yaml",
"openshift-apiserver-secret.yaml",
"cluster-apiserver-secret.yaml",
"pull.json",
"tectonic-network-operator.yaml",
"tectonic-node-controller-operator.yaml",
"tnc-tls-secret.yaml",
]
}
# Self-hosted manifests (resources/generated/manifests/)
data "template_file" "manifest_file_list" {
count = "${length(var.manifest_names)}"
template = "${file("${path.module}/resources/manifests/${var.manifest_names[count.index]}")}"
vars {
tectonic_network_operator_image = "${var.container_images["tectonic_network_operator"]}"
tnc_operator_image = "${var.container_images["tnc_operator"]}"
cloud_provider_config = "${var.cloud_provider_config}"
root_ca_cert = "${base64encode(var.root_ca_cert_pem)}"
aggregator_ca_cert = "${base64encode(var.aggregator_ca_cert_pem)}"
aggregator_ca_key = "${base64encode(var.aggregator_ca_key_pem)}"
kube_ca_cert = "${base64encode(var.kube_ca_cert_pem)}"
kube_ca_key = "${base64encode(var.kube_ca_key_pem)}"
service_serving_ca_cert = "${base64encode(var.service_serving_ca_cert_pem)}"
service_serving_ca_key = "${base64encode(var.service_serving_ca_key_pem)}"
apiserver_key = "${base64encode(var.apiserver_key_pem)}"
apiserver_cert = "${base64encode(var.apiserver_cert_pem)}"
openshift_apiserver_key = "${base64encode(var.openshift_apiserver_key_pem)}"
openshift_apiserver_cert = "${base64encode(var.openshift_apiserver_cert_pem)}"
apiserver_proxy_key = "${base64encode(var.apiserver_proxy_key_pem)}"
apiserver_proxy_cert = "${base64encode(var.apiserver_proxy_cert_pem)}"
clusterapi_ca_cert = "${base64encode(var.clusterapi_ca_cert_pem)}"
clusterapi_ca_key = "${base64encode(var.clusterapi_ca_key_pem)}"
oidc_ca_cert = "${base64encode(var.oidc_ca_cert)}"
pull_secret = "${base64encode(var.pull_secret)}"
serviceaccount_pub = "${base64encode(var.service_account_public_key_pem)}"
serviceaccount_key = "${base64encode(var.service_account_private_key_pem)}"
kube_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
openshift_loopback_kubeconfig = "${base64encode(data.template_file.kubeconfig.rendered)}"
etcd_ca_cert = "${base64encode(var.etcd_ca_cert_pem)}"
etcd_client_cert = "${base64encode(var.etcd_client_cert_pem)}"
etcd_client_key = "${base64encode(var.etcd_client_key_pem)}"
tnc_tls_cert = "${base64encode(var.tnc_cert_pem)}"
tnc_tls_key = "${base64encode(var.tnc_key_pem)}"
}
}
# Ignition entry for every bootkube manifest
# Drops them in /opt/tectonic/manifests/<path>
data "ignition_file" "manifest_file_list" {
count = "${length(var.manifest_names)}"
filesystem = "root"
mode = "0644"
path = "/opt/tectonic/manifests/${var.manifest_names[count.index]}"
content {
content = "${data.template_file.manifest_file_list.*.rendered[count.index]}"
}
}
# Log the generated manifest files to disk for debugging and user visibility
# Dest: ./generated/manifests/<path>
resource "local_file" "manifest_files" {
count = "${length(var.manifest_names)}"
filename = "./generated/manifests/${var.manifest_names[count.index]}"
content = "${data.template_file.manifest_file_list.*.rendered[count.index]}"
}