-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathgcp_csi_secrets_store.tf
31 lines (24 loc) · 1.11 KB
/
gcp_csi_secrets_store.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
resource "helm_release" "csi_secrets_store" {
count = var.csi_secrets_store_enabled ? 1 : 0
name = "csi-secrets-store"
repository = "https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts"
chart = "secrets-store-csi-driver"
namespace = "csi"
create_namespace = true
depends_on = [google_container_cluster.primary, google_container_node_pool.node_pool]
}
data "http" "csi_secrets_store_gcp_provider" {
url = "https://raw.githubusercontent.com/GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp/main/deploy/provider-gcp-plugin.yaml"
}
resource "null_resource" "csi_secrets_store_aws_provider" {
count = var.csi_secrets_store_enabled ? 1 : 0
triggers = {
name = helm_release.csi_secrets_store[count.index].name
namespace = helm_release.csi_secrets_store[count.index].namespace
repository = helm_release.csi_secrets_store[count.index].repository
}
depends_on = [helm_release.csi_secrets_store]
provisioner "local-exec" {
command = "kubectl apply -f -<<EOF\n${data.http.csi_secrets_store_gcp_provider.response_body}\nEOF"
}
}