search

env0 / k8s-modules

3 stars 2 forks source link

Chore: replace kubectl TF provider with kuberentes provider #9

Closed yaronya closed 2 years ago

yaronya commented 2 years ago

Issue & Steps to Reproduce / Feature Request

Remove kubectl TF provider in favor of the more native and official kuberentes provider

Solution

  1. GCP stack:
    • Removed kubectl provider and switched to kuberentes provider (this can be done since nobody uses this stack just yet)
  2. AWS stack:
    • Replaced csi_storage_account and storage_class resources to use kubernetes provider instead of kubectl (only replaced resources, haven't removed the kubectl provider yet because customer use it and they need it to make the transition - otherwise kubectl resources would fail on destroy)
  3. Removed redundant (i.e not needed) providers from aws/autoscaler and aws/eks modules.
yaronya commented 2 years ago

Prefer hashicorp/kubernetes over gavinbunney/kubectl provider #4

liranfarage89 commented 2 years ago

Close the 3 issues in env0/k8s-module

env0-dev[bot] commented 2 years ago

🚀  env0 had composed a PR Plan for environment Google Cloud - Kusheild agent / Google Cloud - Modules:

Plan: 5 to add, 1 to change, 5 to destroy.
Plan Details ``` Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place - destroy Terraform will perform the following actions: # module.pd_backed_nfs_server.google_compute_region_disk.env0_internal_state_disk will be updated in-place ~ resource "google_compute_region_disk" "env0_internal_state_disk" { id = "projects/env0project/regions/us-central1/disks/env0-internal-state-disk" ~ labels = { - "goog-gke-volume" = "" -> null } name = "env0-internal-state-disk" # (11 unchanged attributes hidden) } # module.pd_backed_nfs_server.kubectl_manifest.nfs_server_deployment["deployment"] will be destroyed - resource "kubectl_manifest" "nfs_server_deployment" { - api_version = "apps/v1" -> null - force_new = false -> null - id = "/apis/apps/v1/namespaces/env0-agent/deployments/env0-nfs-server" -> null - kind = "Deployment" -> null - live_manifest_incluster = (sensitive value) - live_uid = "e22b39d5-f8d9-42b6-aa75-e377c1e0eb94" -> null - name = "env0-nfs-server" -> null - namespace = "env0-agent" -> null - server_side_apply = false -> null - uid = "e22b39d5-f8d9-42b6-aa75-e377c1e0eb94" -> null - validate_schema = true -> null - wait_for_rollout = true -> null - yaml_body = (sensitive value) - yaml_body_parsed = <<-EOT apiVersion: apps/v1 kind: Deployment metadata: name: env0-nfs-server namespace: env0-agent spec: replicas: 1 selector: matchLabels: role: env0-nfs-server template: metadata: labels: role: env0-nfs-server spec: containers: - image: gcr.io/google_containers/volume-nfs:0.8 name: nfs-server ports: - containerPort: 2049 name: nfs - containerPort: 20048 name: mountd - containerPort: 111 name: rpcbind resources: limits: cpu: 250m memory: 1000Mi securityContext: privileged: true volumeMounts: - mountPath: /data name: nfs-pvc nodeSelector: topology.kubernetes.io/zone: us-central1-a volumes: - name: nfs-pvc persistentVolumeClaim: claimName: env0-pvc-for-nfs-server EOT -> null - yaml_incluster = (sensitive value) } # module.pd_backed_nfs_server.kubectl_manifest.nfs_server_deployment["pv-for-deployment-pods"] will be destroyed - resource "kubectl_manifest" "nfs_server_deployment" { - api_version = "v1" -> null - force_new = false -> null - id = "/api/v1/persistentvolumes/env0-nfs-pv" -> null - kind = "PersistentVolume" -> null - live_manifest_incluster = (sensitive value) - live_uid = "7d07581c-ff62-47e6-bf0e-86058ce9f92f" -> null - name = "env0-nfs-pv" -> null - namespace = "env0-agent" -> null - server_side_apply = false -> null - uid = "7d07581c-ff62-47e6-bf0e-86058ce9f92f" -> null - validate_schema = true -> null - wait_for_rollout = true -> null - yaml_body = (sensitive value) - yaml_body_parsed = <<-EOT apiVersion: v1 kind: PersistentVolume metadata: name: env0-nfs-pv namespace: env0-agent spec: accessModes: - ReadWriteMany capacity: storage: 300Gi nfs: path: / server: env0-nfs-server.env0-agent.svc.cluster.local persistentVolumeReclaimPolicy: Retain storageClassName: env0-state-sc EOT -> null - yaml_incluster = (sensitive value) } # module.pd_backed_nfs_server.kubectl_manifest.nfs_server_deployment["pv-for-nfs-server"] will be destroyed - resource "kubectl_manifest" "nfs_server_deployment" { - api_version = "v1" -> null - force_new = false -> null - id = "/api/v1/persistentvolumes/env0-pv-for-nfs-server" -> null - kind = "PersistentVolume" -> null - live_manifest_incluster = (sensitive value) - live_uid = "e2f76272-55b0-4887-8db8-a3429030f78e" -> null - name = "env0-pv-for-nfs-server" -> null - namespace = "env0-agent" -> null - server_side_apply = false -> null - uid = "e2f76272-55b0-4887-8db8-a3429030f78e" -> null - validate_schema = true -> null - wait_for_rollout = true -> null - yaml_body = (sensitive value) - yaml_body_parsed = <<-EOT apiVersion: v1 kind: PersistentVolume metadata: name: env0-pv-for-nfs-server namespace: env0-agent spec: accessModes: - ReadWriteOnce capacity: storage: 300Gi gcePersistentDisk: fsType: ext4 pdName: env0-internal-state-disk nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: topology.kubernetes.io/zone operator: In values: - us-central1-a - us-central1-b storageClassName: env0-sc-for-nfs-server EOT -> null - yaml_incluster = (sensitive value) } # module.pd_backed_nfs_server.kubectl_manifest.nfs_server_deployment["pvc-for-nfs-server"] will be destroyed - resource "kubectl_manifest" "nfs_server_deployment" { - api_version = "v1" -> null - force_new = false -> null - id = "/api/v1/namespaces/env0-agent/persistentvolumeclaims/env0-pvc-for-nfs-server" -> null - kind = "PersistentVolumeClaim" -> null - live_manifest_incluster = (sensitive value) - live_uid = "c61da0b5-2e81-4494-8a5d-63b144539511" -> null - name = "env0-pvc-for-nfs-server" -> null - namespace = "env0-agent" -> null - server_side_apply = false -> null - uid = "c61da0b5-2e81-4494-8a5d-63b144539511" -> null - validate_schema = true -> null - wait_for_rollout = true -> null - yaml_body = (sensitive value) - yaml_body_parsed = <<-EOT apiVersion: v1 kind: PersistentVolumeClaim metadata: name: env0-pvc-for-nfs-server namespace: env0-agent spec: accessModes: - ReadWriteOnce resources: requests: storage: 300Gi storageClassName: env0-sc-for-nfs-server EOT -> null - yaml_incluster = (sensitive value) } # module.pd_backed_nfs_server.kubectl_manifest.nfs_server_deployment["service"] will be destroyed - resource "kubectl_manifest" "nfs_server_deployment" { - api_version = "v1" -> null - force_new = false -> null - id = "/api/v1/namespaces/env0-agent/services/env0-nfs-server" -> null - kind = "Service" -> null - live_manifest_incluster = (sensitive value) - live_uid = "96e85b72-83e9-4949-b728-0e56e0daa5f5" -> null - name = "env0-nfs-server" -> null - namespace = "env0-agent" -> null - server_side_apply = false -> null - uid = "96e85b72-83e9-4949-b728-0e56e0daa5f5" -> null - validate_schema = true -> null - wait_for_rollout = true -> null - yaml_body = (sensitive value) - yaml_body_parsed = <<-EOT apiVersion: v1 kind: Service metadata: name: env0-nfs-server namespace: env0-agent spec: ports: - name: nfs port: 2049 - name: mountd port: 20048 - name: rpcbind port: 111 selector: role: env0-nfs-server EOT -> null - yaml_incluster = (sensitive value) } # module.pd_backed_nfs_server.kubernetes_manifest.nfs_server_deployment["deployment"] will be created + resource "kubernetes_manifest" "nfs_server_deployment" { + manifest = { + apiVersion = "apps/v1" + kind = "Deployment" + metadata = { + name = "env0-nfs-server" + namespace = "env0-agent" } + spec = { + replicas = 1 + selector = { + matchLabels = { + role = "env0-nfs-server" } } + template = { + metadata = { + labels = { + role = "env0-nfs-server" } } + spec = { + containers = [ + { + image = "gcr.io/google_containers/volume-nfs:0.8" + name = "nfs-server" + ports = [ + { + containerPort = 2049 + name = "nfs" }, + { + containerPort = 20048 + name = "mountd" }, + { + containerPort = 111 + name = "rpcbind" }, ] + securityContext = { + privileged = true } + volumeMounts = [ + { + mountPath = "/data" + name = "nfs-pvc" }, ] }, ] + nodeSelector = { + topology.kubernetes.io/zone = "us-central1-a" } + volumes = [ + { + name = "nfs-pvc" + persistentVolumeClaim = { + claimName = "env0-pvc-for-nfs-server" } }, ] } } } } + object = { + apiVersion = "apps/v1" + kind = "Deployment" + metadata = { + annotations = (known after apply) + clusterName = (known after apply) + creationTimestamp = (known after apply) + deletionGracePeriodSeconds = (known after apply) + deletionTimestamp = (known after apply) + finalizers = (known after apply) + generateName = (known after apply) + generation = (known after apply) + labels = (known after apply) + managedFields = (known after apply) + name = "env0-nfs-server" + namespace = "env0-agent" + ownerReferences = (known after apply) + resourceVersion = (known after apply) + selfLink = (known after apply) + uid = (known after apply) } + spec = { + minReadySeconds = (known after apply) + paused = (known after apply) + progressDeadlineSeconds = (known after apply) + replicas = 1 + revisionHistoryLimit = (known after apply) + selector = { + matchExpressions = (known after apply) + matchLabels = { + "role" = "env0-nfs-server" } } + strategy = { + rollingUpdate = { + maxSurge = (known after apply) + maxUnavailable = (known after apply) } + type = (known after apply) } + template = { + metadata = { + annotations = (known after apply) + clusterName = (known after apply) + creationTimestamp = (known after apply) + deletionGracePeriodSeconds = (known after apply) + deletionTimestamp = (known after apply) + finalizers = (known after apply) + generateName = (known after apply) + generation = (known after apply) + labels = { + "role" = "env0-nfs-server" } + managedFields = (known after apply) + name = (known after apply) + namespace = (known after apply) + ownerReferences = (known after apply) + resourceVersion = (known after apply) + selfLink = (known after apply) + uid = (known after apply) } + spec = { + activeDeadlineSeconds = (known after apply) + affinity = { + nodeAffinity = { + preferredDuringSchedulingIgnoredDuringExecution = (known after apply) + requiredDuringSchedulingIgnoredDuringExecution = { + nodeSelectorTerms = (known after apply) } } + podAffinity = { + preferredDuringSchedulingIgnoredDuringExecution = (known after apply) + requiredDuringSchedulingIgnoredDuringExecution = (known after apply) } + podAntiAffinity = { + preferredDuringSchedulingIgnoredDuringExecution = (known after apply) + requiredDuringSchedulingIgnoredDuringExecution = (known after apply) } } + automountServiceAccountToken = (known after apply) + containers = [ + { + args = (known after apply) + command = (known after apply) + env = (known after apply) + envFrom = (known after apply) + image = "gcr.io/google_containers/volume-nfs:0.8" + imagePullPolicy = (known after apply) + lifecycle = { + postStart = { + exec = { + command = (known after apply) } + httpGet = { + host = (known after apply) + httpHeaders = (known after apply) + path = (known after apply) + port = (known after apply) + scheme = (known after apply) } + tcpSocket = { + host = (known after apply) + port = (known after apply) } } + preStop = { + exec = { + command = (known after apply) } + httpGet = { + host = (known after apply) + httpHeaders = (known after apply) + path = (known after apply) + port = (known after apply) + scheme = (known after apply) } + tcpSocket = { + host = (known after apply) + port = (known after apply) } } } + livenessProbe = { + exec = { + command = (known after apply) } + failureThreshold = (known after apply) + httpGet = { + host = (known after apply) + httpHeaders = (known after apply) + path = (known after apply) + port = (known after apply) + scheme = (known after apply) } + initialDelaySeconds = (known after apply) + periodSeconds = (known after apply) + successThreshold = (known after apply) + tcpSocket = { + host = (known after apply) + port = (known after apply) } + timeoutSeconds = (known after apply) } + name = "nfs-server" + ports = [ + { + containerPort = 2049 + hostIP = (known after apply) + hostPort = (known after apply) + name = "nfs" + protocol = (known after apply) }, + { + containerPort = 20048 + hostIP = (known after apply) + hostPort = (known after apply) + name = "mountd" + protocol = (known after apply) }, + { + containerPort = 111 + hostIP = (known after apply) + hostPort = (known after apply) + name = "rpcbind" + protocol = (known after apply) }, ] + readinessProbe = { + exec = { + command = (known after apply) } + failureThreshold = (known after apply) + httpGet = { + host = (known after apply) + httpHeaders = (known after apply) + path = (known after apply) + port = (known after apply) + scheme = (known after apply) } + initialDelaySeconds = (known after apply) + periodSeconds = (known after apply) + successThreshold = (known after apply) + tcpSocket = { + host = (known after apply) + port = (known after apply) } + timeoutSeconds = (known after apply) } + resources = { + limits = (known after apply) + requests = (known after apply) } + securityContext = { + allowPrivilegeEscalation = (known after apply) + capabilities = { + add = (known after apply) + drop = (known after apply) } + privileged = true + procMount = (known after apply) + readOnlyRootFilesystem = (known after apply) + runAsGroup = (known after apply) + runAsNonRoot = (known after apply) + runAsUser = (known after apply) + seLinuxOptions = { + level = (known after apply) + role = (known after apply) + type = (known after apply) + user = (known after apply) } + seccompProfile = { + localhostProfile = (known after apply) + type = (known after apply) } + windowsOptions = { + gmsaCredentialSpec = (known after apply) + gmsaCredentialSpecName = (known after apply) + runAsUserName = (known after apply) } } + startupProbe = { + exec = { + command = (known after apply) } + failureThreshold = (known after apply) + httpGet = { + host = (known after apply) + httpHeaders = (known after apply) + path = (known after apply) + port = (known after apply) + scheme = (known after apply) } + initialDelaySeconds = (known after apply) + periodSeconds = (known after apply) + successThreshold = (known after apply) + tcpSocket = { + host = (known after apply) + port = (known after apply) } + timeoutSeconds = (known after apply) } + stdin = (known after apply) + stdinOnce = (known after apply) + terminationMessagePath = (known after apply) + terminationMessagePolicy = (known after apply) + tty = (known after apply) + volumeDevices = (known after apply) + volumeMounts = [ + { + mountPath = "/data" + mountPropagation = (known after apply) + name = "nfs-pvc" + readOnly = (known after apply) + subPath = (known after apply) + subPathExpr = (known after apply) }, ] + workingDir = (known after apply) }, ] + dnsConfig = { + nameservers = (known after apply) + options = (known after apply) + searches = (known after apply) } + dnsPolicy = (known after apply) + enableServiceLinks = (known after apply) + ephemeralContainers = (known after apply) + hostAliases = (known after apply) + hostIPC = (known after apply) + hostNetwork = (known after apply) + hostPID = (known after apply) + hostname = (known after apply) + imagePullSecrets = (known after apply) + initContainers = (known after apply) + nodeName = (known after apply) + nodeSelector = { + "topology.kubernetes.io/zone" = "us-central1-a" } + overhead = (known after apply) + preemptionPolicy = (known after apply) + priority = (known after apply) + priorityClassName = (known after apply) + readinessGates = (known after apply) + restartPolicy = (known after apply) + runtimeClassName = (known after apply) + schedulerName = (known after apply) + securityContext = { + fsGroup = (known after apply) + fsGroupChangePolicy = (known after apply) + runAsGroup = (known after apply) + runAsNonRoot = (known after apply) + runAsUser = (known after apply) + seLinuxOptions = { + level = (known after apply) + role = (known after apply) + type = (known after apply) + user = (known after apply) } + seccompProfile = { + localhostProfile = (known after apply) + type = (known after apply) } + supplementalGroups = (known after apply) + sysctls = (known after apply) + windowsOptions = { + gmsaCredentialSpec = (known after apply) + gmsaCredentialSpecName = (known after apply) + runAsUserName = (known after apply) } } + serviceAccount = (known after apply) + serviceAccountName = (known after apply) + setHostnameAsFQDN = (known after apply) + shareProcessNamespace = (known after apply) + subdomain = (known after apply) + terminationGracePeriodSeconds = (known after apply) + tolerations = (known after apply) + topologySpreadConstraints = (known after apply) + volumes = [ + { + awsElasticBlockStore = { + fsType = (known after apply) + partition = (known after apply) + readOnly = (known after apply) + volumeID = (known after apply) } + azureDisk = { + cachingMode = (known after apply) + diskName = (known after apply) + diskURI = (known after apply) + fsType = (known after apply) + kind = (known after apply) + readOnly = (known after apply) } + azureFile = { + readOnly = (known after apply) + secretName = (known after apply) + shareName = (known after apply) } + cephfs = { + monitors = (known after apply) + path = (known after apply) + readOnly = (known after apply) + secretFile = (known after apply) + secretRef = { + name = (known after apply) } + user = (known after apply) } + cinder = { + fsType = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } + volumeID = (known after apply) } + configMap = { + defaultMode = (known after apply) + items = (known after apply) + name = (known after apply) + optional = (known after apply) } + csi = { + driver = (known after apply) + fsType = (known after apply) + nodePublishSecretRef = { + name = (known after apply) } + readOnly = (known after apply) + volumeAttributes = (known after apply) } + downwardAPI = { + defaultMode = (known after apply) + items = (known after apply) } + emptyDir = { + medium = (known after apply) + sizeLimit = (known after apply) } + ephemeral = { + readOnly = (known after apply) + volumeClaimTemplate = { + metadata = { + annotations = (known after apply) + clusterName = (known after apply) + creationTimestamp = (known after apply) + deletionGracePeriodSeconds = (known after apply) + deletionTimestamp = (known after apply) + finalizers = (known after apply) + generateName = (known after apply) + generation = (known after apply) + labels = (known after apply) + managedFields = (known after apply) + name = (known after apply) + namespace = (known after apply) + ownerReferences = (known after apply) + resourceVersion = (known after apply) + selfLink = (known after apply) + uid = (known after apply) } + spec = { + accessModes = (known after apply) + dataSource = { + apiGroup = (known after apply) + kind = (known after apply) + name = (known after apply) } + resources = { + limits = (known after apply) + requests = (known after apply) } + selector = { + matchExpressions = (known after apply) + matchLabels = (known after apply) } + storageClassName = (known after apply) + volumeMode = (known after apply) + volumeName = (known after apply) } } } + fc = { + fsType = (known after apply) + lun = (known after apply) + readOnly = (known after apply) + targetWWNs = (known after apply) + wwids = (known after apply) } + flexVolume = { + driver = (known after apply) + fsType = (known after apply) + options = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } } + flocker = { + datasetName = (known after apply) + datasetUUID = (known after apply) } + gcePersistentDisk = { + fsType = (known after apply) + partition = (known after apply) + pdName = (known after apply) + readOnly = (known after apply) } + gitRepo = { + directory = (known after apply) + repository = (known after apply) + revision = (known after apply) } + glusterfs = { + endpoints = (known after apply) + path = (known after apply) + readOnly = (known after apply) } + hostPath = { + path = (known after apply) + type = (known after apply) } + iscsi = { + chapAuthDiscovery = (known after apply) + chapAuthSession = (known after apply) + fsType = (known after apply) + initiatorName = (known after apply) + iqn = (known after apply) + iscsiInterface = (known after apply) + lun = (known after apply) + portals = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } + targetPortal = (known after apply) } + name = "nfs-pvc" + nfs = { + path = (known after apply) + readOnly = (known after apply) + server = (known after apply) } + persistentVolumeClaim = { + claimName = "env0-pvc-for-nfs-server" + readOnly = (known after apply) } + photonPersistentDisk = { + fsType = (known after apply) + pdID = (known after apply) } + portworxVolume = { + fsType = (known after apply) + readOnly = (known after apply) + volumeID = (known after apply) } + projected = { + defaultMode = (known after apply) + sources = (known after apply) } + quobyte = { + group = (known after apply) + readOnly = (known after apply) + registry = (known after apply) + tenant = (known after apply) + user = (known after apply) + volume = (known after apply) } + rbd = { + fsType = (known after apply) + image = (known after apply) + keyring = (known after apply) + monitors = (known after apply) + pool = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } + user = (known after apply) } + scaleIO = { + fsType = (known after apply) + gateway = (known after apply) + protectionDomain = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } + sslEnabled = (known after apply) + storageMode = (known after apply) + storagePool = (known after apply) + system = (known after apply) + volumeName = (known after apply) } + secret = { + defaultMode = (known after apply) + items = (known after apply) + optional = (known after apply) + secretName = (known after apply) } + storageos = { + fsType = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) } + volumeName = (known after apply) + volumeNamespace = (known after apply) } + vsphereVolume = { + fsType = (known after apply) + storagePolicyID = (known after apply) + storagePolicyName = (known after apply) + volumePath = (known after apply) } }, ] } } } } } # module.pd_backed_nfs_server.kubernetes_manifest.nfs_server_deployment["pv-for-deployment-pods"] will be created + resource "kubernetes_manifest" "nfs_server_deployment" { + manifest = { + apiVersion = "v1" + kind = "PersistentVolume" + metadata = { + name = "env0-nfs-pv" } + spec = { + accessModes = [ + "ReadWriteMany", ] + capacity = { + storage = "300Gi" } + nfs = { + path = "/" + server = "env0-nfs-server.env0-agent.svc.cluster.local" } + persistentVolumeReclaimPolicy = "Retain" + storageClassName = "env0-state-sc" } } + object = { + apiVersion = "v1" + kind = "PersistentVolume" + metadata = { + annotations = (known after apply) + clusterName = (known after apply) + creationTimestamp = (known after apply) + deletionGracePeriodSeconds = (known after apply) + deletionTimestamp = (known after apply) + finalizers = (known after apply) + generateName = (known after apply) + generation = (known after apply) + labels = (known after apply) + managedFields = (known after apply) + name = "env0-nfs-pv" + namespace = (known after apply) + ownerReferences = (known after apply) + resourceVersion = (known after apply) + selfLink = (known after apply) + uid = (known after apply) } + spec = { + accessModes = [ + "ReadWriteMany", ] + awsElasticBlockStore = { + fsType = (known after apply) + partition = (known after apply) + readOnly = (known after apply) + volumeID = (known after apply) } + azureDisk = { + cachingMode = (known after apply) + diskName = (known after apply) + diskURI = (known after apply) + fsType = (known after apply) + kind = (known after apply) + readOnly = (known after apply) } + azureFile = { + readOnly = (known after apply) + secretName = (known after apply) + secretNamespace = (known after apply) + shareName = (known after apply) } + capacity = { + "storage" = "300Gi" } + cephfs = { + monitors = (known after apply) + path = (known after apply) + readOnly = (known after apply) + secretFile = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } + user = (known after apply) } + cinder = { + fsType = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } + volumeID = (known after apply) } + claimRef = { + apiVersion = (known after apply) + fieldPath = (known after apply) + kind = (known after apply) + name = (known after apply) + namespace = (known after apply) + resourceVersion = (known after apply) + uid = (known after apply) } + csi = { + controllerExpandSecretRef = { + name = (known after apply) + namespace = (known after apply) } + controllerPublishSecretRef = { + name = (known after apply) + namespace = (known after apply) } + driver = (known after apply) + fsType = (known after apply) + nodePublishSecretRef = { + name = (known after apply) + namespace = (known after apply) } + nodeStageSecretRef = { + name = (known after apply) + namespace = (known after apply) } + readOnly = (known after apply) + volumeAttributes = (known after apply) + volumeHandle = (known after apply) } + fc = { + fsType = (known after apply) + lun = (known after apply) + readOnly = (known after apply) + targetWWNs = (known after apply) + wwids = (known after apply) } + flexVolume = { + driver = (known after apply) + fsType = (known after apply) + options = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } } + flocker = { + datasetName = (known after apply) + datasetUUID = (known after apply) } + gcePersistentDisk = { + fsType = (known after apply) + partition = (known after apply) + pdName = (known after apply) + readOnly = (known after apply) } + glusterfs = { + endpoints = (known after apply) + endpointsNamespace = (known after apply) + path = (known after apply) + readOnly = (known after apply) } + hostPath = { + path = (known after apply) + type = (known after apply) } + iscsi = { + chapAuthDiscovery = (known after apply) + chapAuthSession = (known after apply) + fsType = (known after apply) + initiatorName = (known after apply) + iqn = (known after apply) + iscsiInterface = (known after apply) + lun = (known after apply) + portals = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } + targetPortal = (known after apply) } + local = { + fsType = (known after apply) + path = (known after apply) } + mountOptions = (known after apply) + nfs = { + path = "/" + readOnly = (known after apply) + server = "env0-nfs-server.env0-agent.svc.cluster.local" } + nodeAffinity = { + required = { + nodeSelectorTerms = (known after apply) } } + persistentVolumeReclaimPolicy = "Retain" + photonPersistentDisk = { + fsType = (known after apply) + pdID = (known after apply) } + portworxVolume = { + fsType = (known after apply) + readOnly = (known after apply) + volumeID = (known after apply) } + quobyte = { + group = (known after apply) + readOnly = (known after apply) + registry = (known after apply) + tenant = (known after apply) + user = (known after apply) + volume = (known after apply) } + rbd = { + fsType = (known after apply) + image = (known after apply) + keyring = (known after apply) + monitors = (known after apply) + pool = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } + user = (known after apply) } + scaleIO = { + fsType = (known after apply) + gateway = (known after apply) + protectionDomain = (known after apply) + readOnly = (known after apply) + secretRef = { + name = (known after apply) + namespace = (known after apply) } + sslEnabled = (known after apply) + storageMode = (known after apply) + storagePool = (known after apply) + system = (known after apply) + volumeName = (known after apply) } + storageClassName = "env0-state-sc" + storageos = { + fsType = (known after apply) + readOnly = (known after apply) + secretRef = { + apiVersion = (known after apply) + fieldPath = (known after apply) + kind = (known after apply) + name = (known after apply) + namespace = (known after apply) + resourceVersion = (known after apply) ... This plan was truncated as it was too long to show in a comment. See full log on env0. ```

Full Plan Logs on env0