search

nerc-project / operations

Issues related to the operation of the NERC OpenShift environment
2 stars 0 forks source link

Issue related to using OpenTofu (Terraform) IaC to create OCP Routes #765

Open Milstein opened 1 month ago

Milstein commented 1 month ago

User tries to setup infrastructure using OpenTofu (Terraform) but unable to use the kubernetes_manifest provider due to Permission issue.

Description

Hi Milson, et al:

I am trying to use the kubernetes_manifest provider for OpenTofu (Terraform). This will allow me to create OpenShift route objects as these are custom RH created objects. However, I encountered a problem. The kubernetes_manifest provider requires that I have CRD list permissions (ro).

This is a bug filed (by a different person) with TF below which explains the issue. Hashicorp responds:

"The provider needs to list CRDs, because it needs to determine if the resource type given in the manifest is defined by a CRD, the built-in API objects or an aggregated API server."

https://github.com/hashicorp/terraform-provider-kubernetes/issues/1665

Do you mind providing the project CRD list?

Thank you

Evan

larsks commented 1 month ago

@Milstein please update this issue to include the project namespace associated with this request, and the name of a ServiceAccount to which we can grant additional privileges. Thanks!

hpdempsey commented 1 month ago

@Milstein also, please let me know which Evan this is off-issue. It is not one from Red Hat.