soufi
commented
4 months ago @faust64 The registration process is a one time action similar to getting a token. so the most suitable would be to develop a datasource. However, since the registration process relies on the CLI, we would need to reverse engineer the process... not ideal in this case, since it would require a bigger effort for maintenance. This project is an open source initiative aiming to provide the community something reliable and that can be maintained fairly easily :)
On the other hand, what you can eventually do is to create a terraform module that you can execute when you need to. The module will use the data source to get the token and then you can create execute the registration command using some virtual machine or a docker image that you run to: A - Create the registration file B - Copy the registration file to a bucket, vault or something
Having this in a terraform module, will allow you to destroy the virtual machine or whatever resource you've used to host the registration process.
This how I would do it. Good luck.
Thanks for using this tool.
We are currently automating deployment for lots of Flex Gateways, in Kubernetes. We do so using a mix of Terraform and Helm Charts.
As we are looking into automating registrations, currently the "best" approach may just be to use some "null_resource", so that I can execute some flexctl commands in Terraform ... then somehow store the resulting file into our parameter store ... in our case using some aws / ssm with kms encryption ... All from my null_resource.
This is not ideal. I found about that terraform provider here ... Sounds pretty nice ... but all I can see is some data, fetching registration tokens? In my case, I have some client-id/client-secret/oidc-lookalike credentials, ... Isn't there a way to generate a registration out of those? Would be nice to have here.