search

sl1pm4t / k2tf

Kubernetes YAML to Terraform HCL converter
Mozilla Public License 2.0
1.18k stars 108 forks source link

kubernetes_deployment.spec.template.spec.volume.empty_dir should be block, not attribute #104

Open flokli opened 2 years ago

flokli commented 2 years ago

k2tf imports https://github.com/kubernetes-sigs/metrics-server/releases/193ce3be9d8b28c1863920258c4d1f4f1e656f25/download/components.yaml, but the generated kubernetes_deployment resource has an empty_dir key, which should be a block:

resource "kubernetes_deployment" "metrics_server" {
  metadata {
    name      = "metrics-server"
    namespace = "kube-system"

    labels = {
      k8s-app = "metrics-server"
    }
  }

  spec {
    selector {
      match_labels = {
        k8s-app = "metrics-server"
      }
    }

    template {
      metadata {
        labels = {
          k8s-app = "metrics-server"
        }
      }

      spec {
        volume {
          name      = "tmp-dir"
          empty_dir = {}
        }

        container {
          name  = "metrics-server"
          image = "k8s.gcr.io/metrics-server/metrics-server:v0.6.1"
          args  = ["--cert-dir=/tmp", "--secure-port=4443", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-use-node-status-port", "--metric-resolution=15s"]

          port {
            name           = "https"
            container_port = 4443
            protocol       = "TCP"
          }

          resources {
            requests = {
              cpu = "100m"

              memory = "200Mi"
            }
          }

          volume_mount {
            name       = "tmp-dir"
            mount_path = "/tmp"
          }

          liveness_probe {
            http_get {
              path   = "/livez"
              port   = "https"
              scheme = "HTTPS"
            }

            period_seconds    = 10
            failure_threshold = 3
          }

          readiness_probe {
            http_get {
              path   = "/readyz"
              port   = "https"
              scheme = "HTTPS"
            }

            initial_delay_seconds = 20
            period_seconds        = 10
            failure_threshold     = 3
          }

          image_pull_policy = "IfNotPresent"

          security_context {
            run_as_user               = 1000
            run_as_non_root           = true
            read_only_root_filesystem = true
          }
        }

        node_selector = {
          "kubernetes.io/os" = "linux"
        }

        service_account_name = "metrics-server"
        priority_class_name  = "system-cluster-critical"
      }
    }
  }
}

If I manually drop the = in empty_dir = {}, it plans successfully.

mossad-zika commented 2 years ago

+1

mattburgess commented 1 year ago

I've got no idea what's going on here. Applying this patch locally to exercise the issue, make test passes on both master and v0.7.0:

$ git diff
diff --git a/test-fixtures/deployment.tf.golden b/test-fixtures/deployment.tf.golden
index bb50538..9c2ec96 100644
--- a/test-fixtures/deployment.tf.golden
+++ b/test-fixtures/deployment.tf.golden
@@ -33,6 +33,11 @@ resource "kubernetes_deployment" "backend_api" {
             default_mode = "0644"
           }
         }
+        volume {
+          name = "tmp-dir"
+          empty_dir {
+          }
+        }
         container {
           name  = "esp"
           image = "gcr.io/endpoints-release/endpoints-runtime:1"
diff --git a/test-fixtures/deployment.yaml b/test-fixtures/deployment.yaml
index 7963415..7de34cb 100644
--- a/test-fixtures/deployment.yaml
+++ b/test-fixtures/deployment.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   creationTimestamp: 2018-11-13T07:27:00Z
@@ -140,6 +140,8 @@ spec:
             defaultMode: 420
             optional: false
             secretName: nginx-ssl
+        - name: tmp-dir
+          emptyDir: {}
 status:
   availableReplicas: 4
   conditions:
jsm3031 commented 1 year ago

It seems that using the -F flag creates the block form as expected.