Skip to content
This repository has been archived by the owner on Apr 7, 2020. It is now read-only.

Adapt to gardener/terraformer@v1.0.0 #629

Closed
wants to merge 1 commit into from
Closed

Adapt to gardener/terraformer@v1.0.0 #629

wants to merge 1 commit into from

Conversation

rfranzke
Copy link
Contributor

What this PR does / why we need it:
Adapt terraformer package to v1.0 of gardener/terraformer.

Special notes for your reviewer:

Release note:

When using this version of the Gardener Extensions library you have to make sure that you use at least `v1.0` of the `gardener/terraformer` image.

@gardener-robot-ci-2 gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 23, 2020
@gardener-robot-ci-3 gardener-robot-ci-3 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 23, 2020
ialidzhikov
ialidzhikov suggested changes Mar 24, 2020
View reviewed changes
pkg/terraformer/terraformer.go
{Name: "TF_STATE_CONFIG_MAP_NAME", Value: t.stateName},
{Name: "TF_VARIABLES_SECRET_NAME", Value: t.variablesName},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess terraformer rbac needs to be updated

Error from server (Forbidden): secrets "bar.infra.tf-vars" is forbidden: User "system:serviceaccount:shoot--foo--bar:terraformer" cannot get resource "secrets" in API group "" in the namespace "shoot--foo--bar"

Btw what is the idea of this secret as its content is always # New line is needed! Do not remove this comment.?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, will do, nice catch, thanks.

The secret contains the Terraform variables that themselves might include credentials. It's up to the caller to fill them. In our Gardener Extensions we decided to not use them, that's why the file is always empty (just has this comment). Generally, we don't know how others are calling or deploying our Terraformer. Though, as TF variables are a first-class citizen in the TF project I guess it makes sense to support it.

@rfranzke rfranzke mentioned this pull request Mar 27, 2020
Merged
@rfranzke
Copy link
Contributor Author

rfranzke commented Apr 2, 2020

/close as @ialidzhikov will incorporate the changes of this PR into his, #624

@rfranzke rfranzke closed this Apr 2, 2020
@rfranzke rfranzke deleted the feature/adapt-terraformer-v1.0 branch April 2, 2020 07:33
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ialidzhikov ialidzhikov ialidzhikov requested changes

Assignees
No one assigned
Labels
needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rfranzke @ialidzhikov @gardener-robot-ci-2 @gardener-robot-ci-3