search

terraform-ibm-modules / terraform-ibm-scc-da

A deployable architecture solution to deploy IBM Security and Compliance related resources
Apache License 2.0
0 stars 2 forks source link

Add support to SCC DA (agents) to wait till cluster is ready [requires ibm provider 1.68.0] #132

Closed ocofaigh closed 1 month ago

ocofaigh commented 2 months ago

The IKS tf provider team have added a new feature to the ibm_container_vpc_cluster data lookup (see this PR) which allows you to specify a wait_till value. By default the data lookup will not wait, and some teams found this an issue because they were not using terraform to provision their clusters, but were using our terraform module to deploy helm charts and the clusters were not fully ready yet, so the download of kubeconfig failed with an error.

Once the PR is merged and a new provider release is out (ETA 1.68.0), we need to update the SCC WP agents DA to use this feature so it will wait until cluster is ready before proceeding.

Proposed fix in solutions/agents/provider.tf (needs to be tested):


data "ibm_container_vpc_cluster" "cluster" {
  name      = var.cluster_name
  wait_till = "Normal"
}

data "ibm_container_cluster_config" "cluster_config" {
  depeneds_on     = [data.ibm_container_vpc_cluster.cluster]
  cluster_name_id = var.cluster_name
  config_dir      = "${path.module}/kubeconfig"
  endpoint_type   = var.cluster_endpoint_type
}
terraform-ibm-modules-ops commented 1 month ago

:tada: This issue has been resolved in version 1.16.0 :tada:

The release is available on:

Your semantic-release bot :package::rocket: