62 lines
1.4 KiB
YAML
62 lines
1.4 KiB
YAML
# Configmap containing Terraform file
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: terraform-sa
|
|
data:
|
|
main.tf: |
|
|
terraform {
|
|
required_providers {
|
|
harbor = {
|
|
source = "goharbor/harbor"
|
|
version = "3.9.4"
|
|
}
|
|
kubernetes = {
|
|
source = "hashicorp/kubernetes"
|
|
version = "2.22.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "kubepath" {
|
|
type = string
|
|
default = "/var/run/secrets/kubernetes.io/serviceaccount"
|
|
}
|
|
|
|
provider "kubernetes" {
|
|
host = "https://kubernetes.default.svc"
|
|
token = file("${var.kubepath}/token")
|
|
cluster_ca_certificate = file("${var.kubepath}/ca.crt")
|
|
}
|
|
|
|
resource "kubernetes_secret_v1" "kubeconfig" {
|
|
metadata {
|
|
name = "kubeconfig"
|
|
namespace = "{{.Release.Namespace}}"
|
|
}
|
|
data = {
|
|
"kubeconfig" = <<EOF
|
|
apiVersion: v1
|
|
kind: Config
|
|
clusters:
|
|
- name: tpl
|
|
cluster:
|
|
server: https://kubernetes.default.svc
|
|
certificate-authority-data: >-
|
|
${base64encode(file("${var.kubepath}/ca.crt"))}
|
|
users:
|
|
- name: tpl
|
|
user:
|
|
token: >-
|
|
${file("${var.kubepath}/token")}
|
|
contexts:
|
|
- name: tpl
|
|
context:
|
|
user: tpl
|
|
cluster: tpl
|
|
namespace: {{.Release.Namespace}}
|
|
current-context: tpl
|
|
EOF
|
|
}
|
|
}
|