apiVersion: tf.upbound.io/v1beta1
kind: Workspace
metadata:
name: example-random-generator
annotations:
meta.upbound.io/example-id: tf/v1beta1/workspace
# The terraform workspace will be named 'random'. If you omit this
# annotation it would be derived from metadata.name - e.g. 'example-random-generator.
crossplane.io/external-name: crossplane
spec:
forProvider:
source: Inline
module: |
resource "random_id" "example_id" {
byte_length = 4
}
resource "random_password" "password" {
length = 16
special = true
}
// Non-sensitive Outputs are written to status.atProvider.outputs and to the connection secret.
output "random_id_hex" {
value = random_id.example_id.hex
}
// Sensitive Outputs are only written to the connection secret
output "random_password" {
value = random_password.password
sensitive = true
}
// Terraform has several other random resources, see the random provider for details
providerConfigRef:
name: ess-terraform
publishConnectionDetailsTo:
name: random-to-vault
configRef:
name: vault
Unfortunately, we need to also bump the crossplane-runtime dependency to a more recent version, which breaks the build for some not so trivial issue on the generated code.
What happened?
Following https://docs.crossplane.io/knowledge-base/integrations/vault-as-secret-store/#configure-vault-kubernetes-authentication and deploying the manifest below, results in the following error:
This is due to the missing injection of the ESS TLS secrets here, as done by other providers, e.g. see https://github.com/upbound/provider-aws/pull/677 or https://github.com/upbound/provider-gcp/pull/294.
Unfortunately, we need to also bump the
crossplane-runtime
dependency to a more recent version, which breaks the build for some not so trivial issue on the generated code.How can we reproduce it?
See above.
What environment did it happen in?