Skip to content

Commit

Permalink
Setting embedded_manifest to true and repo visibility to private.
Browse files Browse the repository at this point in the history
Signed-off-by: Steven Wade <steven@stevenwade.co.uk>
  • Loading branch information
swade1987 committed Apr 22, 2024
1 parent 990e3dd commit ead4a25
Show file tree
Hide file tree
Showing 13 changed files with 63 additions and 31 deletions.
32 changes: 29 additions & 3 deletions .github/workflows/pre-commit.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,42 @@ jobs:
matrix:
directory: ${{ fromJson(needs.collectInputs.outputs.directories) }}
steps:
# https://github.com/orgs/community/discussions/25678#discussioncomment-5242449
- name: Delete huge unnecessary tools folder
run: |
rm -rf /opt/hostedtoolcache/CodeQL
rm -rf /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk
rm -rf /opt/hostedtoolcache/Ruby
rm -rf /opt/hostedtoolcache/go
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version-file: 'go.mod'
cache: true
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Build provider
run: |
make build
make terraformrc
TF_IN_AUTOMATION=true
TF_PLUGIN_VERSION="99.0.0"
TF_PLUGIN_BINARY_NAME="terraform-provider-flux"
TF_PLUGIN_BINARY_PATH="${HOME}/.terraform.d/plugins/registry.terraform.io/fluxcd/flux/$TF_PLUGIN_VERSION/$(go env GOOS)_$(go env GOARCH)/"
if [ ! -f $TF_PLUGIN_BINARY_PATH ]; then
mkdir -p $TF_PLUGIN_BINARY_PATH
fi
cp ./bin/$TF_PLUGIN_BINARY_NAME $TF_PLUGIN_BINARY_PATH
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/terraform-min-max@v1.3.1
with:
directory: ${{ matrix.directory }}

- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory != '.' }}
Expand All @@ -54,7 +81,6 @@ jobs:
tflint-version: ${{ env.TFLINT_VERSION }}
terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
args: 'terraform_validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*'

- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory == '.' }}
Expand Down
15 changes: 8 additions & 7 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.3.0
rev: v4.5.0
hooks:
- id: check-byte-order-marker
- id: check-case-conflict
Expand All @@ -23,7 +23,7 @@ repos:
- id: go-unit-tests
- id: golangci-lint
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.88.0
rev: v1.88.2
files: examples
hooks:
- id: terraform_fmt
Expand All @@ -33,18 +33,19 @@ repos:
- '--args=--lockfile=false'
- id: terraform_tflint
args:
- '--args=--only=terraform_deprecated_interpolation'
- '--args=--only=terraform_deprecated_index'
- '--args=--only=terraform_unused_declarations'
- '--args=--only=terraform_comment_syntax'
- '--args=--only=terraform_deprecated_index'
- '--args=--only=terraform_deprecated_interpolation'
- '--args=--only=terraform_documented_outputs'
- '--args=--only=terraform_documented_variables'
- '--args=--only=terraform_typed_variables'
- '--args=--only=terraform_module_pinned_source'
- '--args=--only=terraform_naming_convention'
- '--args=--only=terraform_required_version'
- '--args=--only=terraform_required_providers'
- '--args=--only=terraform_required_version'
- '--args=--only=terraform_standard_module_structure'
- '--args=--only=terraform_typed_variables'
- '--args=--only=terraform_unused_declarations'
- '--args=--only=terraform_unused_required_providers'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/FalcoSuessgott/tfplugindocs
rev: v0.0.2
Expand Down
5 changes: 3 additions & 2 deletions examples/github-self-managed-ssh-keypair/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand Down Expand Up @@ -98,6 +98,7 @@ resource "kubernetes_secret" "ssh_keypair" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this, kubernetes_secret.ssh_keypair]

path = "clusters/my-cluster"
disable_secret_creation = true
embedded_manifests = true
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/github-via-pat/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand All @@ -43,5 +43,6 @@ resource "github_repository" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository.this]

path = "clusters/my-cluster"
embedded_manifests = true
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/github-via-ssh-with-gpg/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand All @@ -63,5 +63,6 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]

path = "clusters/my-cluster"
embedded_manifests = true
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/github-via-ssh/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand All @@ -63,5 +63,6 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]

path = "clusters/my-cluster"
embedded_manifests = true
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/github-with-customizations/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand All @@ -63,10 +63,11 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]

path = "clusters/my-cluster"
components_extra = [
"image-reflector-controller",
"image-automation-controller"
]
embedded_manifests = true
kustomization_override = file("${path.root}/resources/flux-kustomization-patch.yaml")
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/github-with-inline-customizations/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
visibility = "public"
visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}

Expand All @@ -63,10 +63,11 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]

path = "clusters/my-cluster"
components_extra = [
"image-reflector-controller",
"image-automation-controller"
]
embedded_manifests = true
kustomization_override = templatefile("${path.root}/resources/flux-kustomization-patch.tftpl", { role_arn = var.role_arn })
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/gitlab-via-ssh-with-gpg/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "gitlab_project" "this" {
name = var.gitlab_project
description = "flux-bootstrap"
visibility_level = "public"
visibility_level = "private"
initialize_with_readme = true # This is extremely important as Flux expects an initialised repository
}

Expand All @@ -63,5 +63,6 @@ resource "gitlab_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [gitlab_deploy_key.this]

path = "clusters/my-cluster"
embedded_manifests = true
path = "clusters/my-cluster"
}
5 changes: 3 additions & 2 deletions examples/gitlab-via-ssh/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "gitlab_project" "this" {
name = var.gitlab_project
description = "flux-bootstrap"
visibility_level = "public"
visibility_level = "private"
initialize_with_readme = true # This is extremely important as Flux expects an initialised repository
}

Expand All @@ -63,5 +63,6 @@ resource "gitlab_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [gitlab_deploy_key.this]

path = "clusters/my-cluster"
embedded_manifests = true
path = "clusters/my-cluster"
}
1 change: 0 additions & 1 deletion examples/helm-install/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ However, using the Flux Helm chart is a better option when Flux needs to be inst
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.7.0 |
| <a name="requirement_flux"></a> [flux](#requirement\_flux) | >= 1.2 |
| <a name="requirement_github"></a> [github](#requirement\_github) | >= 6.1 |
| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.12 |
| <a name="requirement_kind"></a> [kind](#requirement\_kind) | >= 0.4 |
Expand Down
4 changes: 0 additions & 4 deletions examples/helm-install/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,6 @@ terraform {
required_version = ">= 1.7.0"

required_providers {
flux = {
source = "fluxcd/flux"
version = ">= 1.2"
}
github = {
source = "integrations/github"
version = ">= 6.1"
Expand Down
2 changes: 2 additions & 0 deletions internal/provider/resource_bootstrap_git.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,8 @@ func (r *bootstrapGitResource) Schema(ctx context.Context, req resource.SchemaRe
"embedded_manifests": schema.BoolAttribute{
Description: "When enabled, the Flux manifests will be extracted from the provider binary instead of being downloaded from GitHub.com. Defaults to `false`.",
Optional: true,
Computed: true,
Default: booldefault.StaticBool(false),
},
"id": schema.StringAttribute{
Computed: true,
Expand Down

0 comments on commit ead4a25

Please sign in to comment.