github-personal/terraform-render-bootstrap
1
0
Fork 0
mirror of https://github.com/outbackdingo/terraform-render-bootstrap.git synced 2026-01-27 18:20:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
37f45cb28be2188befb5304794ba312cd8048fab
terraform-render-bootstrap/conditional.tf
Dalton Hubble 9037d7311b Remove asset_dir variable and optional asset writes 
* Originally, generated TLS certificates, manifests, and
cluster "assets" written to local disk (`asset_dir`) during
terraform apply cluster bootstrap
* Typhoon v1.17.0 introduced bootstrapping using only Terraform
state to store cluster assets, to avoid ever writing sensitive
materials to disk and improve automated use-cases. `asset_dir`
was changed to optional and defaulted to "" (no writes)
* Typhoon v1.18.0 deprecated the `asset_dir` variable, removed
docs, and announced it would be deleted in future.
* Remove the `asset_dir` variable

Cluster assets are now stored in Terraform state only. For those
who wish to write those assets to local files, this is possible
doing so explicitly.

```
resource local_file "assets" {
  for_each = module.bootstrap.assets_dist
  filename = "some-assets/${each.key}"
  content = each.value
}
```

Related:

* https://github.com/poseidon/typhoon/pull/595
* https://github.com/poseidon/typhoon/pull/678
2020-10-17 14:57:13 -07:00

60 lines
2.4 KiB
HCL
Raw Blame History

# Assets generated only when certain options are chosen
locals {
# flannel manifests map
# { manifests-networking/manifest.yaml => content }
flannel_manifests = {
for name in fileset("${path.module}/resources/flannel", "*.yaml") :
"manifests-networking/${name}" => templatefile(
"${path.module}/resources/flannel/${name}",
{
flannel_image = var.container_images["flannel"]
flannel_cni_image = var.container_images["flannel_cni"]
pod_cidr = var.pod_cidr
daemonset_tolerations = var.daemonset_tolerations
}
)
if var.networking == "flannel"
}
# calico manifests map
# { manifests-networking/manifest.yaml => content }
calico_manifests = {
for name in fileset("${path.module}/resources/calico", "*.yaml") :
"manifests-networking/${name}" => templatefile(
"${path.module}/resources/calico/${name}",
{
calico_image = var.container_images["calico"]
calico_cni_image = var.container_images["calico_cni"]
network_mtu = var.network_mtu
network_encapsulation = indent(2, var.network_encapsulation == "vxlan" ? "vxlanMode: Always" : "ipipMode: Always")
ipip_enabled = var.network_encapsulation == "ipip" ? true : false
ipip_readiness = var.network_encapsulation == "ipip" ? indent(16, "- --bird-ready") : ""
vxlan_enabled = var.network_encapsulation == "vxlan" ? true : false
network_ip_autodetection_method = var.network_ip_autodetection_method
pod_cidr = var.pod_cidr
enable_reporting = var.enable_reporting
daemonset_tolerations = var.daemonset_tolerations
}
)
if var.networking == "calico"
}
# cilium manifests map
# { manifests-networking/manifest.yaml => content }
cilium_manifests = {
for name in fileset("${path.module}/resources/cilium", "**/*.yaml") :
"manifests-networking/${name}" => templatefile(
"${path.module}/resources/cilium/${name}",
{
cilium_agent_image = var.container_images["cilium_agent"]
cilium_operator_image = var.container_images["cilium_operator"]
pod_cidr = var.pod_cidr
daemonset_tolerations = var.daemonset_tolerations
}
)
if var.networking == "cilium"
}
}
Reference in New Issue View Git Blame Copy Permalink