terranetes-controller icon indicating copy to clipboard operation
terranetes-controller copied to clipboard

Published 20 hours ago verified publisher icon appvia

Support valueFrom against specific variable names

Open KashifSaadat opened this issue 2 years ago • 0 comments

Currently you can specify valueFrom to retrieve variables from Kubernetes Secrets, as follows:

spec:
  valueFrom:
  - secret: db-details
    key: database-password

This translates to the following Terranetes Configuration Spec:

spec:
  variables:
    database-password: <secret_value>

This has a limitation in that the Secret Key Name must match precisely the Terraform Variable name that the module requires. If you cannot change the variable expected in the module you are using, then you must either manually create a new secret (if it's pre-existing) with the Key Name as expected, or fork and modify the Terraform Module so the variable name matches your secret key.

It would be nice to support valueFrom as a type on a variable itself, for example:

spec:
  variables:
    username: "mydbuser"
    password:
      valueFrom:
        secret: db-details
        key: database-password
        optional: false
    vpc_security_group_ids:
    - valueFrom:
        secret: db-details
        key: database-security-group-id
        optional: false

KashifSaadat avatar Sep 14 '22 11:09 KashifSaadat