堆栈内存溢出
  简体   繁体   English

如何将 Terraform 创建的资源传递给 Kustomize

[英]How do I pass resources that were created by Terraform to Kustomize

 原文  2022-08-25 19:03:14       terraform/ github-actions/ kustomize/ skaffold

问题描述

Am using a combination of these tools我正在使用这些工具的组合

  • Terraform - To deploy the Application specific AWS resources I need (For instance a secret) Terraform - 部署我需要的应用程序特定 AWS 资源(例如秘密)
  • Skaffold - To help with the inner development loop, surrounding the deployment of K8s resources to local and remote cluster Skaffold - 帮助内部开发循环,围绕将 K8s 资源部署到本地和远程集群
  • Kustomize - To help with templating of different configurations for different environment Kustomize - 帮助模板化不同环境的不同配置

My github action steps are as follows我的github动作步骤如下

  • Terraform to create the AWS resources. Terraform 创建 AWS 资源。 At this point it creates a AWS secrets arn.此时,它会创建一个 AWS 机密 arn。
  • Skaffold to deploy the k8s manifests. Skaffold 部署 k8s 清单。 Skaffold in-turn delegates K8s manifest generation to Kustomize. Skaffold 反过来将 K8s 清单生成委托给 Kustomize。 Within the Kustomize overlay files i need to be able to access the Secrets arn that was created earlier, this arn needs to be injected into the container that is being deployed.在 Kustomize 覆盖文件中,我需要能够访问之前创建的 Secrets arn ,这个 arn 需要注入到正在部署的容器中。 How do I achieve this ?我该如何做到这一点

Rephrasing the question: How do I pass resources that were created by terraform to be consumed by something like Kustomize (Which is used by skaffold)重新表述问题:如何将由 terraform 创建的资源传递给 Kustomize 之类的东西(由 skaffold 使用)

(ps, I really like the choice of my tools thus far as each one excels at one thing. I realize that terraform can possibly do all of it, but that is a choice that I dont want to make unless there are no easier options) (ps,到目前为止,我真的很喜欢我的工具的选择,因为每个人都擅长一件事。我意识到 terraform 可以完成所有这些,但这是我不想做出的选择,除非没有更简单的选择)

1 个解决方案

解决方案1
 0 已采纳  2022-08-31 18:59:32

Here is what I have learnt: I don't think there are any industry standards in terms of how to share this data between the tools across different steps within github actions.以下是我所学到的:我认为在 github 操作中的不同步骤之间如何在工具之间共享这些数据方面没有任何行业标准。 That being said here are some of the options话虽如此,这里有一些选项

  1. Have the Terraform store the secrets arn in a parameter store.让 Terraform 将机密存储在参数存储中。 Retrieve the arn from the parameter store in later steps.在后面的步骤中从参数存储中检索 arn。 This means that the steps have to share a static key这意味着这些步骤必须共享一个 static 密钥
  2. Have Terraform update the kustomize files directly (or use kustomize_overlays as datasource)让 Terraform 直接更新 kustomize 文件(或使用 kustomize_overlays 作为数据源)

There could be other similar approaches, but none of these tools have a native way of passing/sharing data可能还有其他类似的方法,但这些工具都没有传递/共享数据的本地方式

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 terraform 中引用使用 for_each 创建的资源 - how to refer to resources created with for_each in terraform 我如何使 terraform 跳过破坏资源? - How do I cause terraform to skip destroying resources? 如何在 Terraform 中引用 for_each 创建的资源 - How to reference resources created by for_each in Terraform 使用管理控制台创建的资源是直接还是间接的方式来创建 terraform 代码? - Is the a direct or indirect way to create terraform code from resources, that were created with the management console? Terraform如何输出使用count创建的对象ID - Terraform how to output object id that were created using count 如何将对象(列表)传递给字符串(列表)-Terraform - How do I pass object(list) to string(list) - Terraform terraform 获取已创建资源列表 - Get a list of created resources in terraform 链接到使用 Terraform 中的计数创建的资源 - Chain to resources created with count in Terraform Terraform - 如何获取在 for_each 块中创建的资源的引用 - Terraform - How to get the reference of resources created in for_each block 如何将管道任务中的变量传递给 terraform 任务并将其应用到我的 terraform 代码中? - How do I pass a variable from a pipeline task into a terraform task and apply it in my terraform code?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM