default_mode item converts its value to the octal representation under the spec.volume.config_map

enkron commented 4 months ago

Terraform Version, Provider Version and Kubernetes Version

Terraform version: v1.8.4
Kubernetes provider version: 2.31.0
Kubernetes version: v1.30.0

Affected Resource(s)

kubernetes_deployment
kubernetes_pod

Terraform Configuration Files

resource "kubernetes_deployment" "grafana" {
  metadata {
    name      = "grafana"
    namespace = var.kubernetes_monitoring_namespace
  }

  spec {
    replicas               = 1
    revision_history_limit = 4
    selector {
      match_labels = {
        "app.grafana.workload.type" = "worker"
      }
    }

    template {
      metadata {
        labels = {
          "app.grafana.workload.type" = "worker"
        }
      }
      spec {
        container {
          name              = "grafana"
          image             = "grafana/grafana:11.0.0"
          image_pull_policy = "Always"
          resources {
            requests = {
              memory = "1Gi"
              cpu    = "1000m"
            }
            limits = {
              memory = "1Gi"
              cpu    = "1000m"
            }
          }

          port {
            name           = "pod-http"
            container_port = 3000
          }

          volume_mount {
            name       = "grafana"
            mount_path = "/var/lib/grafana"
          }

          volume_mount {
            name       = "datasources"
            mount_path = "/etc/grafana/provisioning/datasources"
          }
        }

        volume {
          name = "grafana"
          empty_dir {}
        }

        volume {
          name = "datasources"
          config_map {
            default_mode = "0420"
            name = kubernetes_config_map.grafana.metadata.0.name
          }
        }
      }
    }
  }
}

Steps to Reproduce

terraform apply

Expected Behavior

default_mode config_map's value must be an octal value between 0 and 0777

Actual Behavior

It looks like the default_mode value actually accepts a decimal number which is then converted to an octal value, for example if the "0420" is specified as a default access mode it's converts to the 272 (which is the result of converting 0420 to 0o272).

Important Factoids

environment: AWS EKS on Fargate

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

arybolovlev commented 4 months ago

Hi @enkron,

If I understand this issue correctly, you are referring to a decimal value that you obtain from kubectl output. If that is the case, then this is the way it works and no changes on the provider end can affect this. You will get the same result if you use YAML manifests instead of our provider.

Here is the description of this field that can bring some clarity of why that happens:

Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.

I hope that helps.

Thanks.

enkron commented 4 months ago

Hello @arybolovlev,

Thank you for the clarification.

Seems i mixed up decimal -> octal conversion without reading documentation properly: if i assign 420 value to the defaultMode parameter in yaml manifest it converts to 0644 octal representation.

I'll close the issue and apologies for inconvenience

hashicorp / terraform-provider-kubernetes