search

kbst / terraform-provider-kustomization

Terraform provider for Kustomize
https://www.kubestack.com
Apache License 2.0
267 stars 53 forks source link

Secretly allow `--enable-alpha-plugins` #218

Closed almereyda closed 1 year ago

almereyda commented 1 year ago

After reading through the code of Kustomize and this plugin here, I found it hard to find a reason why the binary plugins hidden behind the --enable-alpha-plugins should be hidden. Any pointers to a rationale would be highly welcomed.

Yet when this didn't work, I built my own fork of this with the following patch:

diff --git a/kustomize/data_source_kustomization.go b/kustomize/data_source_kustomization.go
index 3882b41..e1eed72 100644
--- a/kustomize/data_source_kustomization.go
+++ b/kustomize/data_source_kustomization.go
@@ -131,6 +131,12 @@ func getKustomizeOptions(d *schema.ResourceData) (opts *krusty.Options) {
            }
        }

+       if kOpts["enable_alpha_plugins"] != nil {
+           if kOpts["enable_alpha_plugins"].(bool) == true {
+               opts.PluginConfig = types.EnabledPluginConfig(types.BploUseStaticallyLinked)
+           }
+       }
+
        if kOpts["enable_helm"] != nil {
            if kOpts["enable_helm"].(bool) == true {
                opts.PluginConfig = types.EnabledPluginConfig(types.BploUseStaticallyLinked)
diff --git a/kustomize/data_source_kustomization_build.go b/kustomize/data_source_kustomization_build.go
index 3af5318..5cc0a9f 100644
--- a/kustomize/data_source_kustomization_build.go
+++ b/kustomize/data_source_kustomization_build.go
@@ -27,6 +27,10 @@ func dataSourceKustomization() *schema.Resource {
                            Type:     schema.TypeString,
                            Optional: true,
                        },
+                       "enable_alpha_plugins": {
+                           Type:     schema.TypeBool,
+                           Optional: true,
+                       },
                        "enable_helm": {
                            Type:     schema.TypeBool,
                            Optional: true,

The output of terraform init right after make build could also be implanted into a third-party repository's lock file, and together with a little correction in versions.tf (where the provider was defined) and manual dropping of the newly generated binary into the 1.0.0 folder even allowed for the custom provider to run.

Until I saw that the code path that I had copied from the enable_helm feature is already available there.

So the secret way to --enable-alpha-plugins is to merely use enable_helm = true, which works fine with KSOPS and also SopsSecretsGenerator.

*g*

This way we can manage Kustomizations from Terraform, and from ArgoCD, which is nice.

nazarewk commented 1 year ago

somehow addressed this in #220

pst commented 1 year ago

Indeed, I'll close this issue. You change is in v0.9.1. Thanks!

almereyda commented 1 year ago

Beautiful, thanks to you all!