diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
index ea12f01a..cf7c8934 100644
--- a/.github/workflows/pre-commit.yaml
+++ b/.github/workflows/pre-commit.yaml
@@ -36,15 +36,42 @@ jobs:
matrix:
directory: ${{ fromJson(needs.collectInputs.outputs.directories) }}
steps:
+ # https://github.com/orgs/community/discussions/25678#discussioncomment-5242449
+ - name: Delete huge unnecessary tools folder
+ run: |
+ rm -rf /opt/hostedtoolcache/CodeQL
+ rm -rf /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk
+ rm -rf /opt/hostedtoolcache/Ruby
+ rm -rf /opt/hostedtoolcache/go
- name: Checkout
- uses: actions/checkout@v4
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ - name: Setup Go
+ uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+ with:
+ go-version-file: 'go.mod'
+ cache: true
+ cache-dependency-path: |
+ **/go.sum
+ **/go.mod
+ - name: Build provider
+ run: |
+ make build
+ make terraformrc
+ TF_IN_AUTOMATION=true
+ TF_PLUGIN_VERSION="99.0.0"
+ TF_PLUGIN_BINARY_NAME="terraform-provider-flux"
+ TF_PLUGIN_BINARY_PATH="${HOME}/.terraform.d/plugins/registry.terraform.io/fluxcd/flux/$TF_PLUGIN_VERSION/$(go env GOOS)_$(go env GOARCH)/"
+
+ if [ ! -f $TF_PLUGIN_BINARY_PATH ]; then
+ mkdir -p $TF_PLUGIN_BINARY_PATH
+ fi
+ cp ./bin/$TF_PLUGIN_BINARY_NAME $TF_PLUGIN_BINARY_PATH
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/terraform-min-max@v1.3.1
with:
directory: ${{ matrix.directory }}
-
- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory != '.' }}
@@ -54,7 +81,6 @@ jobs:
tflint-version: ${{ env.TFLINT_VERSION }}
terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
args: 'terraform_validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*'
-
- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory == '.' }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 0260b8fa..d5063ffd 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
- rev: v4.3.0
+ rev: v4.5.0
hooks:
- id: check-byte-order-marker
- id: check-case-conflict
@@ -20,10 +20,9 @@ repos:
- id: go-imports
- id: go-mod-tidy
- id: go-build
- - id: go-unit-tests
- id: golangci-lint
- repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.88.0
+ rev: v1.88.2
files: examples
hooks:
- id: terraform_fmt
@@ -33,18 +32,19 @@ repos:
- '--args=--lockfile=false'
- id: terraform_tflint
args:
- - '--args=--only=terraform_deprecated_interpolation'
- - '--args=--only=terraform_deprecated_index'
- - '--args=--only=terraform_unused_declarations'
- '--args=--only=terraform_comment_syntax'
+ - '--args=--only=terraform_deprecated_index'
+ - '--args=--only=terraform_deprecated_interpolation'
- '--args=--only=terraform_documented_outputs'
- '--args=--only=terraform_documented_variables'
- - '--args=--only=terraform_typed_variables'
- '--args=--only=terraform_module_pinned_source'
- '--args=--only=terraform_naming_convention'
- - '--args=--only=terraform_required_version'
- '--args=--only=terraform_required_providers'
+ - '--args=--only=terraform_required_version'
- '--args=--only=terraform_standard_module_structure'
+ - '--args=--only=terraform_typed_variables'
+ - '--args=--only=terraform_unused_declarations'
+ - '--args=--only=terraform_unused_required_providers'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/FalcoSuessgott/tfplugindocs
rev: v0.0.2
diff --git a/Makefile b/Makefile
index 90f12836..13d7a06e 100644
--- a/Makefile
+++ b/Makefile
@@ -41,7 +41,7 @@ testacc: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet
# Requires the following entry in /etc/hosts:
# 127.0.0.1 gitea-flux
testmacos: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet
- TF_ACC=1 GITEA_HOSTNAME=gitea-flux go test ./... -v -parallel 1 -run TestAccBootstrapGit_Drift
+ export GITEA_HOSTNAME=gitea-flux && TF_ACC=1 go test ./... -v -parallel 1 -run TestAccBootstrapGit_Drift
build: $(EMBEDDED_MANIFESTS_TARGET)
CGO_ENABLED=0 go build -o ./bin/terraform-provider-flux main.go
diff --git a/examples/github-self-managed-ssh-keypair/main.tf b/examples/github-self-managed-ssh-keypair/main.tf
index d5af0ff2..3ad874c0 100644
--- a/examples/github-self-managed-ssh-keypair/main.tf
+++ b/examples/github-self-managed-ssh-keypair/main.tf
@@ -40,7 +40,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -98,6 +98,7 @@ resource "kubernetes_secret" "ssh_keypair" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this, kubernetes_secret.ssh_keypair]
- path = "clusters/my-cluster"
disable_secret_creation = true
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/github-via-pat/main.tf b/examples/github-via-pat/main.tf
index 3b23324e..9fc5075f 100644
--- a/examples/github-via-pat/main.tf
+++ b/examples/github-via-pat/main.tf
@@ -32,7 +32,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -43,5 +43,6 @@ resource "github_repository" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository.this]
- path = "clusters/my-cluster"
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/github-via-ssh-with-gpg/main.tf b/examples/github-via-ssh-with-gpg/main.tf
index 26c0874e..949ad8aa 100644
--- a/examples/github-via-ssh-with-gpg/main.tf
+++ b/examples/github-via-ssh-with-gpg/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -63,5 +63,6 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]
- path = "clusters/my-cluster"
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/github-via-ssh/main.tf b/examples/github-via-ssh/main.tf
index 26c0874e..949ad8aa 100644
--- a/examples/github-via-ssh/main.tf
+++ b/examples/github-via-ssh/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -63,5 +63,6 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]
- path = "clusters/my-cluster"
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/github-with-customizations/main.tf b/examples/github-with-customizations/main.tf
index 4f7b29e1..f4a3a581 100644
--- a/examples/github-with-customizations/main.tf
+++ b/examples/github-with-customizations/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -63,10 +63,11 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]
- path = "clusters/my-cluster"
components_extra = [
"image-reflector-controller",
"image-automation-controller"
]
+ embedded_manifests = true
kustomization_override = file("${path.root}/resources/flux-kustomization-patch.yaml")
+ path = "clusters/my-cluster"
}
diff --git a/examples/github-with-inline-customizations/main.tf b/examples/github-with-inline-customizations/main.tf
index 32154c38..5aa78169 100644
--- a/examples/github-with-inline-customizations/main.tf
+++ b/examples/github-with-inline-customizations/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "github_repository" "this" {
name = var.github_repository
description = var.github_repository
- visibility = "public"
+ visibility = "private"
auto_init = true # This is extremely important as flux_bootstrap_git will not work without a repository that has been initialised
}
@@ -63,10 +63,11 @@ resource "github_repository_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [github_repository_deploy_key.this]
- path = "clusters/my-cluster"
components_extra = [
"image-reflector-controller",
"image-automation-controller"
]
+ embedded_manifests = true
kustomization_override = templatefile("${path.root}/resources/flux-kustomization-patch.tftpl", { role_arn = var.role_arn })
+ path = "clusters/my-cluster"
}
diff --git a/examples/gitlab-via-ssh-with-gpg/main.tf b/examples/gitlab-via-ssh-with-gpg/main.tf
index 4d0bfaf1..7d5358d7 100644
--- a/examples/gitlab-via-ssh-with-gpg/main.tf
+++ b/examples/gitlab-via-ssh-with-gpg/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "gitlab_project" "this" {
name = var.gitlab_project
description = "flux-bootstrap"
- visibility_level = "public"
+ visibility_level = "private"
initialize_with_readme = true # This is extremely important as Flux expects an initialised repository
}
@@ -63,5 +63,6 @@ resource "gitlab_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [gitlab_deploy_key.this]
- path = "clusters/my-cluster"
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/gitlab-via-ssh/main.tf b/examples/gitlab-via-ssh/main.tf
index 1882fed3..f6dcbe57 100644
--- a/examples/gitlab-via-ssh/main.tf
+++ b/examples/gitlab-via-ssh/main.tf
@@ -36,7 +36,7 @@ resource "kind_cluster" "this" {
resource "gitlab_project" "this" {
name = var.gitlab_project
description = "flux-bootstrap"
- visibility_level = "public"
+ visibility_level = "private"
initialize_with_readme = true # This is extremely important as Flux expects an initialised repository
}
@@ -63,5 +63,6 @@ resource "gitlab_deploy_key" "this" {
resource "flux_bootstrap_git" "this" {
depends_on = [gitlab_deploy_key.this]
- path = "clusters/my-cluster"
+ embedded_manifests = true
+ path = "clusters/my-cluster"
}
diff --git a/examples/helm-install/README.md b/examples/helm-install/README.md
index 1711340f..fe342d59 100644
--- a/examples/helm-install/README.md
+++ b/examples/helm-install/README.md
@@ -14,7 +14,6 @@ However, using the Flux Helm chart is a better option when Flux needs to be inst
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.7.0 |
-| [flux](#requirement\_flux) | >= 1.2 |
| [github](#requirement\_github) | >= 6.1 |
| [helm](#requirement\_helm) | >= 2.12 |
| [kind](#requirement\_kind) | >= 0.4 |
diff --git a/examples/helm-install/main.tf b/examples/helm-install/main.tf
index c514959d..96efc973 100644
--- a/examples/helm-install/main.tf
+++ b/examples/helm-install/main.tf
@@ -2,10 +2,6 @@ terraform {
required_version = ">= 1.7.0"
required_providers {
- flux = {
- source = "fluxcd/flux"
- version = ">= 1.2"
- }
github = {
source = "integrations/github"
version = ">= 6.1"
diff --git a/internal/provider/resource_bootstrap_git.go b/internal/provider/resource_bootstrap_git.go
index e277b58b..a2b46e24 100644
--- a/internal/provider/resource_bootstrap_git.go
+++ b/internal/provider/resource_bootstrap_git.go
@@ -203,6 +203,8 @@ func (r *bootstrapGitResource) Schema(ctx context.Context, req resource.SchemaRe
"embedded_manifests": schema.BoolAttribute{
Description: "When enabled, the Flux manifests will be extracted from the provider binary instead of being downloaded from GitHub.com. Defaults to `false`.",
Optional: true,
+ Computed: true,
+ Default: booldefault.StaticBool(false),
},
"id": schema.StringAttribute{
Computed: true,
@@ -842,8 +844,9 @@ func (r *bootstrapGitResource) ImportState(ctx context.Context, req resource.Imp
data.TolerationKeys = types.SetNull(types.StringType)
// Stub keep namespace and delete git manifests to their defaults.
- data.KeepNamespace = types.BoolValue(false)
data.DeleteGitManifests = types.BoolValue(true)
+ data.EmbeddedManifests = types.BoolValue(false)
+ data.KeepNamespace = types.BoolValue(false)
// Get Network NetworkPolicy.
networkPolicy := networkingv1.NetworkPolicy{
diff --git a/internal/provider/resource_bootstrap_git_test.go b/internal/provider/resource_bootstrap_git_test.go
index ebf5259b..eac95d8e 100644
--- a/internal/provider/resource_bootstrap_git_test.go
+++ b/internal/provider/resource_bootstrap_git_test.go
@@ -699,6 +699,7 @@ func setupEnvironment(t *testing.T) environment {
httpPort := rand.Intn(65535-1024) + 1024
sshPort := httpPort + 10
randSuffix := acctest.RandStringFromCharSet(10, acctest.CharSetAlpha)
+
giteaName := os.Getenv("GITEA_HOSTNAME")
if giteaName == "" {
giteaName = fmt.Sprintf("gitea-%s", randSuffix)