Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the tf v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=tf.isaaguilar.com
Package v1alpha1 contains API Schema definitions for the tf v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=tf.isaaguilar.com
Index ¶
- Variables
- func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
- type AWSCredentials
- type ConfigMapSelector
- type Credentials
- type ExportRepo
- type Exported
- type GitHTTPS
- type GitSCM
- type GitSSH
- type Inline
- type Interruptible
- type PodType
- type ProxyOpts
- type ReconcileTerraformDeployment
- type ResourceDownload
- type SCMAuthMethod
- type SSHKeySecretRef
- type SecretNameRef
- type Stage
- type StageState
- type StatusPhase
- type Terraform
- type TerraformList
- type TerraformSpec
- type TerraformStatus
- type TokenSecretRef
Constants ¶
This section is empty.
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "tf.isaaguilar.com", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
func GetOpenAPIDefinitions ¶
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
Types ¶
type AWSCredentials ¶ added in v0.3.0
type AWSCredentials struct {
// IRSA requires the irsa role-arn as the string input. This will create a
// serice account named tf-<resource-name>. In order for the pod to be able to
// use this role, the "Trusted Entity" of the IAM role must allow this
// serice account name and namespace.
//
// Using a TrustEntity policy that includes "StringEquals" setting it as the serivce account name
// is the most secure way to use IRSA.
//
// However, for a reusable policy consider "StringLike" with a few wildcards to make
// the irsa role usable by pods created by terraform-operator. The example below is
// pretty liberal, but will work for any pod created by the terraform-operator.
//
// {
// "Version": "2012-10-17",
// "Statement": [
// {
// "Effect": "Allow",
// "Principal": {
// "Federated": "${OIDC_ARN}"
// },
// "Action": "sts:AssumeRoleWithWebIdentity",
// "Condition": {
// "StringLike": {
// "${OIDC_URL}:sub": "system:serviceaccount:*:tf-*"
// }
// }
// }
// ]
// }
IRSA string `json:"irsa,omitempty"`
// KIAM requires the kiam role-name as the string input. This will add the
// correct annotation to the terraform execution pod
KIAM string `json:"kiam,omitempty"`
}
AWSCredentials provides a few different k8s-specific methods of adding crednetials to pods. This includes KIAM and IRSA.
To use environment variables, use a secretNameRef instead.
func (*AWSCredentials) DeepCopy ¶ added in v0.3.0
func (in *AWSCredentials) DeepCopy() *AWSCredentials
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSCredentials.
func (*AWSCredentials) DeepCopyInto ¶ added in v0.3.0
func (in *AWSCredentials) DeepCopyInto(out *AWSCredentials)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConfigMapSelector ¶ added in v0.5.0
A simple selector for configmaps that can select on the name of the configmap with the optional key. The namespace is not an option since only runners with a namespace'd role will utilize this map.
func (*ConfigMapSelector) DeepCopy ¶ added in v0.5.0
func (in *ConfigMapSelector) DeepCopy() *ConfigMapSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapSelector.
func (*ConfigMapSelector) DeepCopyInto ¶ added in v0.5.0
func (in *ConfigMapSelector) DeepCopyInto(out *ConfigMapSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Credentials ¶ added in v0.3.0
type Credentials struct {
// SecretNameRef will load environment variables into the terraform runner
// from a kubernetes secret
SecretNameRef SecretNameRef `json:"secretNameRef,omitempty"`
// AWSCredentials contains the different methods to load AWS credentials
// for the Terraform AWS Provider. If using AWS_ACCESS_KEY_ID and/or environment
// variables for credentials, use fromEnvs.
AWSCredentials AWSCredentials `json:"aws,omitempty"`
// ServiceAccountAnnotations allows the service account to be annotated with
// cloud IAM roles such as Workload Identity on GCP
ServiceAccountAnnotations map[string]string `json:"serviceAccountAnnotations,omitempty"`
}
Credentials are used for adding credentials for terraform providers. For example, in AWS, the AWS Terraform Provider uses the default credential chain of the AWS SDK, one of which are environment variables (eg AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY)
func (*Credentials) DeepCopy ¶ added in v0.3.0
func (in *Credentials) DeepCopy() *Credentials
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Credentials.
func (*Credentials) DeepCopyInto ¶ added in v0.3.0
func (in *Credentials) DeepCopyInto(out *Credentials)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExportRepo ¶ added in v0.1.2
type ExportRepo struct {
// Address is the git repo to save to. At this time, only SSH is allowed
Address string `json:"address"`
// TFVarsFile is the full path relative to the root of the repo
TFVarsFile string `json:"tfvarsFile,omitempty"`
// ConfFile is the full path relative to the root of the repo
ConfFile string `json:"confFile,omitempty"`
// GitEmail is the email of the user who pushes to git. This email is
// typically an automation user and probably the user whose token or sshkey
// is configured in scmAuthMethod
GitEmail string `json:"gitEmail,omitempty"`
// GitUsername is the name of the user who pushes to git. This name is
// typically an automation user and probably the user whose token or sshkey
// is configured in scmAuthMethod
GitUsername string `json:"gitUsername,omitempty"`
// RetryOnFailure sets the export pod's restartPolicy to "OnFailure"
RetryOnFailure bool `json:"retryOnFailure,omitempty"`
}
ExportRepo is used to allow the tfvars passed into the job to also be exported to a different git repo. The main use-case for this would be to allow terraform execution outside of the terraform-operator for any reason
func (*ExportRepo) DeepCopy ¶ added in v0.1.2
func (in *ExportRepo) DeepCopy() *ExportRepo
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExportRepo.
func (*ExportRepo) DeepCopyInto ¶ added in v0.1.2
func (in *ExportRepo) DeepCopyInto(out *ExportRepo)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitHTTPS ¶ added in v0.1.1
type GitHTTPS struct {
RequireProxy bool `json:"requireProxy,omitempty"`
TokenSecretRef *TokenSecretRef `json:"tokenSecretRef"`
}
GitHTTPS configures the setup for git over https using tokens. Proxy is not supported in the terraform job pod at this moment TODO HTTPS Proxy support
func (*GitHTTPS) DeepCopy ¶ added in v0.1.1
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitHTTPS.
func (*GitHTTPS) DeepCopyInto ¶ added in v0.1.1
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitSCM ¶ added in v0.1.1
GitSCM define the auth methods of git
func (*GitSCM) DeepCopy ¶ added in v0.1.1
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitSCM.
func (*GitSCM) DeepCopyInto ¶ added in v0.1.1
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitSSH ¶ added in v0.1.1
type GitSSH struct {
RequireProxy bool `json:"requireProxy,omitempty"`
SSHKeySecretRef *SSHKeySecretRef `json:"sshKeySecretRef"`
}
GitSSH configurs the setup for git over ssh with optional proxy
func (*GitSSH) DeepCopy ¶ added in v0.1.1
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitSSH.
func (*GitSSH) DeepCopyInto ¶ added in v0.1.1
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Inline ¶
Inline definitions of configmaps
func (*Inline) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Inline.
func (*Inline) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Interruptible ¶ added in v0.4.0
type Interruptible bool
const ( CanNotBeInterrupt Interruptible = false CanBeInterrupt Interruptible = true )
type PodType ¶ added in v0.4.0
type PodType string
const ( PodSetupDelete PodType = "setup-delete" PodPreInitDelete PodType = "init0-delete" PodInitDelete PodType = "init-delete" PodPostInitDelete PodType = "init1-delete" PodPrePlanDelete PodType = "plan0-delete" PodPlanDelete PodType = "plan-delete" PodPostPlanDelete PodType = "plan1-delete" PodPreApplyDelete PodType = "apply0-delete" PodApplyDelete PodType = "apply-delete" PodPostApplyDelete PodType = "post-delete" PodSetup PodType = "setup" PodPreInit PodType = "init0" PodInit PodType = "init" PodPostInit PodType = "init1" PodPrePlan PodType = "plan0" PodPlan PodType = "plan" PodPostPlan PodType = "plan1" PodPreApply PodType = "apply0" PodApply PodType = "apply" PodPostApply PodType = "post" PodNil PodType = "" PodExport PodType = "export" )
type ProxyOpts ¶
type ProxyOpts struct {
Host string `json:"host,omitempty"`
User string `json:"user,omitempty"`
SSHKeySecretRef SSHKeySecretRef `json:"sshKeySecretRef"`
}
ProxyOpts configures ssh tunnel/socks5 for downloading ssh/https resources
func (*ProxyOpts) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyOpts.
func (*ProxyOpts) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReconcileTerraformDeployment ¶ added in v0.1.1
type ReconcileTerraformDeployment struct {
// Enable used to turn on the auto reconciliation of tfstate to actual
// provisions. Default to false
Enable bool `json:"enable"`
// SyncPeriod can be used to set a custom time to check actual provisions
// to tfstate. Defaults to 60 minutes
SyncPeriod int64 `json:"syncPeriod,omitempty"`
}
ReconcileTerraformDeployment is used to configure auto watching the resources created by terraform and re-applying them automatically if they are not in-sync with the terraform state.
func (*ReconcileTerraformDeployment) DeepCopy ¶ added in v0.1.1
func (in *ReconcileTerraformDeployment) DeepCopy() *ReconcileTerraformDeployment
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReconcileTerraformDeployment.
func (*ReconcileTerraformDeployment) DeepCopyInto ¶ added in v0.1.1
func (in *ReconcileTerraformDeployment) DeepCopyInto(out *ReconcileTerraformDeployment)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceDownload ¶ added in v0.5.0
type ResourceDownload struct {
// Address defines the source address resources to fetch.
Address string `json:"address"`
// Path will download the resources into this path which is relative to
// the main module directory.
Path string `json:"path,omitempty"`
// UseAsVar will add the file as a tfvar via the -var-file flag of the
// terraform plan command. The downloaded resource must not be a directory.
UseAsVar bool `json:"useAsVar,omitempty"`
}
ResourceDownload (formerly SrcOpts) defines a resource to fetch using one of the configured protocols: ssh|http|https (eg git::SSH or git::HTTPS)
func (*ResourceDownload) DeepCopy ¶ added in v0.5.0
func (in *ResourceDownload) DeepCopy() *ResourceDownload
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceDownload.
func (*ResourceDownload) DeepCopyInto ¶ added in v0.5.0
func (in *ResourceDownload) DeepCopyInto(out *ResourceDownload)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SCMAuthMethod ¶ added in v0.1.1
type SCMAuthMethod struct {
Host string `json:"host"`
// Git configuration options for auth methods of git
Git *GitSCM `json:"git,omitempty"`
}
SCMAuthMethod definition of SCMs that require tokens/keys
func (*SCMAuthMethod) DeepCopy ¶ added in v0.1.1
func (in *SCMAuthMethod) DeepCopy() *SCMAuthMethod
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SCMAuthMethod.
func (*SCMAuthMethod) DeepCopyInto ¶ added in v0.1.1
func (in *SCMAuthMethod) DeepCopyInto(out *SCMAuthMethod)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SSHKeySecretRef ¶
type SSHKeySecretRef struct {
// Name the secret name that has the SSH key
Name string `json:"name"`
// Namespace of the secret; Default is the namespace of the terraform resource
Namespace string `json:"namespace,omitempty"`
// Key in the secret ref. Default to `id_rsa`
Key string `json:"key,omitempty"`
}
SSHKeySecretRef defines the secret where the SSH key (for the proxy, git, etc) is stored
func (*SSHKeySecretRef) DeepCopy ¶
func (in *SSHKeySecretRef) DeepCopy() *SSHKeySecretRef
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSHKeySecretRef.
func (*SSHKeySecretRef) DeepCopyInto ¶
func (in *SSHKeySecretRef) DeepCopyInto(out *SSHKeySecretRef)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretNameRef ¶ added in v0.3.0
type SecretNameRef struct {
// Name of the secret
Name string `json:"name"`
// Namespace of the secret; Defaults to namespace of the tf resource
Namespace string `json:"namespace,omitempty"`
// Key of the secret
Key string `json:"key,omitempty"`
}
SecretNameRef is the name of the kubernetes secret to use
func (*SecretNameRef) DeepCopy ¶ added in v0.3.0
func (in *SecretNameRef) DeepCopy() *SecretNameRef
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretNameRef.
func (*SecretNameRef) DeepCopyInto ¶ added in v0.3.0
func (in *SecretNameRef) DeepCopyInto(out *SecretNameRef)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Stage ¶ added in v0.4.0
type Stage struct {
Generation int64 `json:"generation"`
State StageState `json:"state"`
PodType PodType `json:"podType"`
// Interruptible is set to false when the pod should not be terminated
// such as when doing a terraform apply
Interruptible Interruptible `json:"interruptible"`
Reason string `json:"reason"`
StartTime metav1.Time `json:"startTime,omitempty"`
StopTime metav1.Time `json:"stopTime,omitempty"`
}
func (*Stage) DeepCopy ¶ added in v0.5.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Stage.
func (*Stage) DeepCopyInto ¶ added in v0.5.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type StageState ¶ added in v0.4.0
type StageState string
const ( StateInitializing StageState = "initializing" StateComplete StageState = "complete" StateFailed StageState = "failed" StateInProgress StageState = "in-progress" StateUnknown StageState = "unknown" )
type StatusPhase ¶ added in v0.4.0
type StatusPhase string
const ( PhaseInitializing StatusPhase = "initializing" PhaseCompleted StatusPhase = "completed" PhaseRunning StatusPhase = "running" PhaseInitDelete StatusPhase = "initializing-delete" PhaseDeleting StatusPhase = "deleting" PhaseDeleted StatusPhase = "deleted" )
type Terraform ¶
type Terraform struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec TerraformSpec `json:"spec,omitempty"`
Status TerraformStatus `json:"status,omitempty"`
}
+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +genclient Terraform is the Schema for the terraforms API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +k8s:openapi-gen=true +kubebuilder:deprecatedversion:warning="tf.isaaguilar.com/v1alpha1 is no longer supported. Please upgrade to tf.isaaguilar.com/v1alpha2" +kubebuilder:subresource:status +kubebuilder:resource:path=terraforms,shortName=tf +kubebuilder:singular=terraform
func (*Terraform) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Terraform.
func (*Terraform) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Terraform) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TerraformList ¶
type TerraformList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Terraform `json:"items"`
}
TerraformList contains a list of Terraform
func (*TerraformList) DeepCopy ¶
func (in *TerraformList) DeepCopy() *TerraformList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerraformList.
func (*TerraformList) DeepCopyInto ¶
func (in *TerraformList) DeepCopyInto(out *TerraformList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TerraformList) DeepCopyObject ¶
func (in *TerraformList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TerraformSpec ¶
type TerraformSpec struct {
// KeepLatestPodsOnly when true will keep only the pods that match the
// current generation of the terraform k8s-resource. This overrides the
// behavior of `keepCompletedPods`.
KeepLatestPodsOnly bool `json:"keepLatestPodsOnly,omitempty"`
// KeepCompletedPods when true will keep completed pods. Default is false
// and completed pods are removed.
KeepCompletedPods bool `json:"keepCompletedPods,omitempty"`
// CleanupDisk will clear out previous terraform run data from the
// persistent volume.
CleanupDisk bool `json:"cleanupDisk,omitempty"`
// PersistentVolumeSize define the size of the disk used to store
// terraform run data. If not defined, a default of "2Gi" is used.
PersistentVolumeSize *resource.Quantity `json:"persistentVolumeSize,omitempty"`
// RunnerRules are RBAC rules that will be added to all runner pods.
RunnerRules []rbacv1.PolicyRule `json:"runnerRules,omitempty"`
// RunnerAnnotations are annotations that will be added to all runner pods.
RunnerAnnotations map[string]string `json:"runnerAnnotations,omitempty"`
// RunnerLabels key/value pairs that will be added as labels to runner pods
RunnerLabels map[string]string `json:"runnerLabels,omitempty"`
// TerraformVersion helps the operator decide which image tag to pull for
// the terraform runner. Defaults to "0.11.14"
TerraformVersion string `json:"terraformVersion,omitempty"`
ScriptRunnerVersion string `json:"scriptRunnerVersion,omitempty"`
SetupRunnerVersion string `json:"setupRunnerVersion,omitempty"`
// TerraformRunner gives the user the ability to inject their own container
// image to execute terraform. This is very helpful for users who need to
// have a certain toolset installed on their images, or who can't pull
// public images, such as the default image "isaaguilar/tfops".
TerraformRunner string `json:"terraformRunner,omitempty"`
ScriptRunner string `json:"scriptRunner,omitempty"`
SetupRunner string `json:"setupRunner,omitempty"`
// TerraformRunnerExecutionScriptConfigMap allows the user to define a
// custom terraform runner script that gets executed instead of the default
// script built into the runner image. The configmap "name" and "key" are
// required.
TerraformRunnerExecutionScriptConfigMap *corev1.ConfigMapKeySelector `json:"terraformRunnerExecutionScriptConfigMap,omitempty"`
// ScriptRunnerExecutionScriptConfigMap allows the user to define a
// custom terraform runner script that gets executed instead of the default
// script built into the runner image. The configmap "name" and "key" are
// required.
ScriptRunnerExecutionScriptConfigMap *corev1.ConfigMapKeySelector `json:"scriptRunnerExecutionScriptConfigMap,omitempty"`
// SetupRunnerExecutionScriptConfigMap allows the user to define a
// custom terraform runner script that gets executed instead of the default
// script built into the runner image. The configmap "name" and "key" are
// required.
SetupRunnerExecutionScriptConfigMap *corev1.ConfigMapKeySelector `json:"setupRunnerExecutionScriptConfigMap,omitempty"`
// TerraformRunnerPullPolicy describes a policy for if/when to pull the
// TerraformRunner image. Acceptable values are "Always", "Never", or
// "IfNotPresent".
TerraformRunnerPullPolicy corev1.PullPolicy `json:"terraformRunnerPullPolicy,omitempty"`
ScriptRunnerPullPolicy corev1.PullPolicy `json:"scriptRunnerPullPolicy,omitempty"`
SetupRunnerPullPolicy corev1.PullPolicy `json:"setupRunnerPullPolicy,omitempty"`
// TerraformModule is the terraform module scm address. Currently supports
// git protocol over SSH or HTTPS.
//
// Precedence of "terraformModule*" to use as the main module is
// determined by the setup runner. See the runners/setup.sh for the
// module configuration.
TerraformModule string `json:"terraformModule,omitempty"`
// TerraformModuleConfigMap is the configMap that contains terraform module
// resources. The module will be fetched by the setup runner. In order
// for terraform to understand it's a module reosurce, the configmap keys
// must end in `.tf` or `.tf.json`.
TerraformModuleConfigMap *ConfigMapSelector `json:"terraformModuleConfigMap,omitempty"`
// TerraformModuleInline is an incline terraform module definition. The
// contents of the inline definition will be used to create
// `inline-module.tf`
TerraformModuleInline string `json:"terraformModuleInline,omitempty"`
// OutputsSecret will create a secret with the outputs from the module. All
// outputs from the module will be written to the secret unless the user
// defines "outputsToInclude" or "outputsToOmit".
OutputsSecret string `json:"outputsSecret,omitempty"`
// OutputsToInclude is a whitelist of outputs to write when writing the
// outputs to kubernetes.
OutputsToInclude []string `json:"outputsToInclude,omitempty"`
// OutputsToOmit is a blacklist of outputs to omit when writing the
// outputs to kubernetes.
OutputsToOmit []string `json:"outputsToOmit,omitempty"`
// WriteOutputsToStatus will add the outputs from the module to the status
// of the Terraform CustomResource.
WriteOutputsToStatus bool `json:"writeOutputsToStatus,omitempty"`
// ResourceDownloads defines other files to download into the module
// directory that can be used by the terraform workflow runners.
// The `tfvar` type will also be fetched by the `exportRepo` option (if
// defined) to aggregate the set of tfvars to save to an scm system.
ResourceDownloads []*ResourceDownload `json:"resourceDownloads,omitempty"`
// Env is used to define a common set of environment variables into the
// workflow runners. The `TF_VAR_` prefix will also be used by the
// `exportRepo` option.
Env []corev1.EnvVar `json:"env,omitempty"`
// ServiceAccount use a specific kubernetes ServiceAccount for running the create + destroy pods.
// If not specified we create a new ServiceAccount per Terraform
ServiceAccount string `json:"serviceAccount,omitempty"`
// Credentials is an array of credentials generally used for Terraform
// providers
Credentials []Credentials `json:"credentials,omitempty"`
// IgnoreDelete will bypass the finalization process and remove the tf
// resource without running any delete jobs.
IgnoreDelete bool `json:"ignoreDelete,omitempty"`
// Reconcile are the settings used for auto-reconciliation
Reconcile *ReconcileTerraformDeployment `json:"reconcile,omitempty"`
// CustomBackend will allow the user to configure the backend of their
// choice. If this is omitted, the default consul template will be used.
CustomBackend string `json:"customBackend,omitempty"`
// ExportRepo allows the user to define
ExportRepo *ExportRepo `json:"exportRepo,omitempty"`
// PreInitScript lets the user define a script that will run before
// terraform commands are executed on the terraform-execution pod. The pod
// will have already set up cloudProfile (eg cloud credentials) so the
// script can make use of it.
//
// Setting this field will create a key in the tfvars configmap called
// "prerun.sh". This means the user can also pass in a prerun.sh file via
// config "Sources".
PreInitScript string `json:"preInitScript,omitempty"`
PostInitScript string `json:"postInitScript,omitempty"`
PrePlanScript string `json:"prePlanScript,omitempty"`
PostPlanScript string `json:"postPlanScript,omitempty"`
PreApplyScript string `json:"preApplyScript,omitempty"`
// PostApplyScript lets the user define a script that will run after
// terraform commands are executed on the terraform-execution pod. The pod
// will have already set up cloudProfile (eg cloud credentials) so the
// script can make use of it.
//
// Setting this field will create a key in the tfvars configmap called
// "postrun.sh". This means the user can alternatively pass in a
// posterun.sh file via config "Sources".
PostApplyScript string `json:"postApplyScript,omitempty"`
PreInitDeleteScript string `json:"preInitDeleteScript,omitempty"`
PostInitDeleteScript string `json:"postInitDeleteScript,omitempty"`
PrePlanDeleteScript string `json:"prePlanDeleteScript,omitempty"`
PostPlanDeleteScript string `json:"postPlanDeleteScript,omitempty"`
PreApplyDeleteScript string `json:"preApplyDeleteScript,omitempty"`
PostApplyDeleteScript string `json:"postApplyDeleteScript,omitempty"`
// SSHTunnel can be defined for pulling from scm sources that cannot be
// accessed by the network the operator/runner runs in. An example is
// Enterprise Github servers running on a private network.
SSHTunnel *ProxyOpts `json:"sshTunnel,omitempty"`
// SCMAuthMethods define multiple SCMs that require tokens/keys
SCMAuthMethods []SCMAuthMethod `json:"scmAuthMethods,omitempty"`
}
TerraformSpec defines the desired state of Terraform +k8s:openapi-gen=true
func (*TerraformSpec) DeepCopy ¶
func (in *TerraformSpec) DeepCopy() *TerraformSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerraformSpec.
func (*TerraformSpec) DeepCopyInto ¶
func (in *TerraformSpec) DeepCopyInto(out *TerraformSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TerraformStatus ¶
type TerraformStatus struct {
// PodNamePrefix is used to identify this installation of the resource. For
// very long resource names, like those greater than 220 characters, the
// prefix ensures resource uniqueness for runners and other resources used
// by the runner.
// Another case for the pod name prefix is when rapidly deleteing a resource
// and recreating it, the chance of recycling existing resources is reduced
// to virtually nil.
PodNamePrefix string `json:"podNamePrefix"`
Phase StatusPhase `json:"phase"`
LastCompletedGeneration int64 `json:"lastCompletedGeneration"`
Outputs map[string]string `json:"outputs,omitempty"`
Stages []Stage `json:"stages"`
Exported Exported `json:"exported,omitempty"`
}
TerraformStatus defines the observed state of Terraform +k8s:openapi-gen=true
func (*TerraformStatus) DeepCopy ¶
func (in *TerraformStatus) DeepCopy() *TerraformStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerraformStatus.
func (*TerraformStatus) DeepCopyInto ¶
func (in *TerraformStatus) DeepCopyInto(out *TerraformStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TokenSecretRef ¶
type TokenSecretRef struct {
// Name the secret name that has the token or password
Name string `json:"name"`
// Namespace of the secret; Default is the namespace of the terraform resource
Namespace string `json:"namespace,omitempty"`
// Key in the secret ref. Default to `token`
Key string `json:"key,omitempty"`
}
TokenSecretRef defines the token or password that can be used to log into a system (eg git)
func (*TokenSecretRef) DeepCopy ¶
func (in *TokenSecretRef) DeepCopy() *TokenSecretRef
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenSecretRef.
func (*TokenSecretRef) DeepCopyInto ¶
func (in *TokenSecretRef) DeepCopyInto(out *TokenSecretRef)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files