viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add git-crypt terraform

Browse source
This commit is contained in:
viktorbarzin 2021-02-14 13:17:24 +00:00
parent 53fa7b58d2
commit c01eed321d
No known key found for this signature in database
GPG key ID: 0EB088298288D958
10 changed files with 112 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

41
modules/kubernetes/drone/main.tf
View file

@ -28,25 +28,14 @@ module "tls_secret" {
tls_key = var.tls_key
}
resource "kubernetes_config_map" "tfvars" {
resource "kubernetes_config_map" "git_crypt_key" {
metadata {
name = "tfvars"
name = "git-crypt-key"
namespace = "drone"
}
data = {
"tfvars" = base64gzip(file("${path.root}/terraform.tfvars"))
}
}
resource "kubernetes_config_map" "tfstate" {
metadata {
name = "tfstate"
namespace = "drone"
}
data = {
"tfstate" = base64gzip(file("${path.root}/terraform.tfstate"))
"key" = filebase64("${path.root}/.git/git-crypt/keys/default")
}
}
@ -270,15 +259,6 @@ resource "kubernetes_deployment" "drone_runner" {
memory = "1Gi"
}
}
volume_mount {
mount_path = "/terraform.tfvars"
name = "tfvars"
sub_path = "tfvars"
}
# volume_mount {
# mount_path = "/data/"
# name = "data"
# }
env {
name = "DRONE_RPC_HOST"
value = var.rpc_host
@ -300,8 +280,7 @@ resource "kubernetes_deployment" "drone_runner" {
value = var.rpc_secret
}
env {
name = "DRONE_SECRET_PLUGIN_ENDPOINT"
# value = "http://localhost:3000"
name = "DRONE_SECRET_PLUGIN_ENDPOINT"
value = "http://drone-runner-secret.drone.svc.cluster.local:3000"
}
env {
@ -313,12 +292,12 @@ resource "kubernetes_deployment" "drone_runner" {
value = "true"
}
}
volume {
name = "tfvars"
config_map {
name = "tfvars"
}
}
# volume {
# name = "tfvars"
# config_map {
# name = "tfvars"
# }
# }
# volume {
# name = "data"
# iscsi {