65 lines
1.7 KiB
HCL
65 lines
1.7 KiB
HCL
locals {
|
|
k8s_config = yamldecode(file(var.k8s_config_path))
|
|
k8s_host = local.k8s_config.clusters[0].cluster.server
|
|
k8s_auth = try(
|
|
{
|
|
token = local.k8s_config.users[0].user.token
|
|
using_token = true
|
|
},
|
|
{
|
|
client_certificate = base64decode(local.k8s_config.users[0].user["client-certificate-data"])
|
|
client_key = base64decode(local.k8s_config.users[0].user["client-key-data"])
|
|
using_token = false
|
|
}
|
|
)
|
|
}
|
|
|
|
provider "kubernetes" {
|
|
host = local.k8s_host
|
|
insecure = true
|
|
token = local.k8s_auth.using_token ? local.k8s_auth.token : null
|
|
client_certificate = local.k8s_auth.using_token ? null : local.k8s_auth.client_certificate
|
|
client_key = local.k8s_auth.using_token ? null : local.k8s_auth.client_key
|
|
}
|
|
|
|
provider "helm" {
|
|
kubernetes {
|
|
host = local.k8s_host
|
|
insecure = true
|
|
token = local.k8s_auth.using_token ? local.k8s_auth.token : null
|
|
client_certificate = local.k8s_auth.using_token ? null : local.k8s_auth.client_certificate
|
|
client_key = local.k8s_auth.using_token ? null : local.k8s_auth.client_key
|
|
}
|
|
}
|
|
|
|
terraform {
|
|
required_providers {
|
|
rancher2 = {
|
|
source = "rancher/rancher2"
|
|
version = "3.0.0"
|
|
}
|
|
}
|
|
required_version = ">= 1.0.0"
|
|
}
|
|
|
|
# Rancher2 bootstrapping provider
|
|
provider "rancher2" {
|
|
alias = "bootstrap"
|
|
|
|
api_url = "https://${local.rancher_server_dns}"
|
|
insecure = true
|
|
# ca_certs = data.kubernetes_secret.rancher_cert.data["ca.crt"]
|
|
bootstrap = true
|
|
}
|
|
|
|
# Rancher2 administration provider
|
|
provider "rancher2" {
|
|
alias = "admin"
|
|
|
|
api_url = "https://${local.rancher_server_dns}"
|
|
insecure = true
|
|
# ca_certs = data.kubernetes_secret.rancher_cert.data["ca.crt"]
|
|
token_key = rancher2_bootstrap.admin.token
|
|
timeout = "300s"
|
|
}
|