[QUESTION] How to customize the ControllerConfig?

[cer]

Please describe your quesiton here

I'm using Terraform resource "kubectl_manifest" to create a Crossplane SecurityGroup for an existing TF-created security group:

apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
metadata:
  name: postgres
  annotations:
    crossplane.io/external-name: ${postgres-sg-id}
spec:
  managementPolicies: ["Observe"]

This is later referenced by a (non-Terraform) k8s manifest that creates an RDS Instance. (This appears to be a good way for a Crossplane manifest to obtain the ID of an SG created by TF).

However, managementPolicies: ["Observe"] requires the ControllerConfig to have a --enable-management-policies argument:

spec:
  args:
    - "--enable-management-policies"

The blueprint doesn't appear to provide a way to specify this. I have currently hacked it by using resource "null_resource" "k8s_patcher" to run kubectl patch.

It would be good if the blueprint provided a way to specify additional args.

In the meantime, any suggestions for better workarounds?

More

• [X] Yes, I have checked the repo for existing issues before raising this question

[nabuskey]

Your workaround seems to be a reasonable one until there is a way to provide args to the helm chart. @candonov any thoughts here?

[candonov]

@cer, thank you for the recommendation. The blueprint example is now updated with --enable-management-policies to the args of the ControllerConfig and tested.