diff --git a/coderd/templateversions.go b/coderd/templateversions.go index c389d8098c..070500a26d 100644 --- a/coderd/templateversions.go +++ b/coderd/templateversions.go @@ -1069,12 +1069,12 @@ func (api *API) postTemplateVersionsByOrganization(rw http.ResponseWriter, r *ht // templateVersionResources returns the workspace agent resources associated // with a template version. A template can specify more than one resource to be -// provisioned, each resource can have an agent that dials back to coderd. -// The agents returned are informative of the template version, and do not -// return agents associated with any particular workspace. +// provisioned, each resource can have an agent that dials back to coderd. The +// agents returned are informative of the template version, and do not return +// agents associated with any particular workspace. func (api *API) templateVersionResources(rw http.ResponseWriter, r *http.Request) { - ctx := r.Context() var ( + ctx = r.Context() templateVersion = httpmw.TemplateVersionParam(r) template = httpmw.TemplateParam(r) ) @@ -1100,8 +1100,8 @@ func (api *API) templateVersionResources(rw http.ResponseWriter, r *http.Request // and not any build logs for a workspace. // Eg: Logs returned from 'terraform plan' when uploading a new terraform file. func (api *API) templateVersionLogs(rw http.ResponseWriter, r *http.Request) { - ctx := r.Context() var ( + ctx = r.Context() templateVersion = httpmw.TemplateVersionParam(r) template = httpmw.TemplateParam(r) ) diff --git a/provisioner/terraform/executor.go b/provisioner/terraform/executor.go index 413bf28f90..be6f7a056f 100644 --- a/provisioner/terraform/executor.go +++ b/provisioner/terraform/executor.go @@ -7,7 +7,6 @@ import ( "encoding/json" "fmt" "io" - "io/ioutil" "os" "os/exec" "path/filepath" @@ -270,7 +269,7 @@ func (e *executor) graph(ctx, killCtx context.Context) (string, error) { return "", ctx.Err() } - var out bytes.Buffer + var out strings.Builder cmd := exec.CommandContext(killCtx, e.binaryPath, "graph") // #nosec cmd.Stdout = &out cmd.Dir = e.workdir @@ -289,14 +288,13 @@ func (e *executor) graph(ctx, killCtx context.Context) (string, error) { return out.String(), nil } -// revive:disable-next-line:flag-parameter func (e *executor) apply( ctx, killCtx context.Context, plan []byte, env []string, logr logSink, ) (*proto.Provision_Response, error) { e.mut.Lock() defer e.mut.Unlock() - planFile, err := ioutil.TempFile("", "coder-terrafrom-plan") + planFile, err := os.CreateTemp("", "coder-terrafrom-plan") if err != nil { return nil, xerrors.Errorf("create plan file: %w", err) } diff --git a/provisioner/terraform/resources.go b/provisioner/terraform/resources.go index 3e23e9673a..7ffdf14806 100644 --- a/provisioner/terraform/resources.go +++ b/provisioner/terraform/resources.go @@ -68,8 +68,8 @@ type metadataItem struct { IsNull bool `mapstructure:"is_null"` } -// ConvertResources consumes Terraform state and a GraphViz representation produced by -// `terraform graph` to produce resources consumable by Coder. +// ConvertResources consumes Terraform state and a GraphViz representation +// produced by `terraform graph` to produce resources consumable by Coder. // nolint:gocyclo func ConvertResources(module *tfjson.StateModule, rawGraph string) ([]*proto.Resource, error) { parsedGraph, err := gographviz.ParseString(rawGraph) @@ -84,13 +84,9 @@ func ConvertResources(module *tfjson.StateModule, rawGraph string) ([]*proto.Res resources := make([]*proto.Resource, 0) resourceAgents := map[string][]*proto.Agent{} - // Indexes Terraform resources by their label and ID. - // The label is what "terraform graph" uses to reference nodes, and the ID - // is used by "coder_metadata" resources to refer to their targets. (The ID - // field is only available when reading a state file, and not when reading a - // plan file.) + // Indexes Terraform resources by their label. + // The label is what "terraform graph" uses to reference nodes. tfResourceByLabel := map[string]*tfjson.StateResource{} - resourceLabelByID := map[string]string{} var findTerraformResources func(mod *tfjson.StateModule) findTerraformResources = func(mod *tfjson.StateModule) { for _, module := range mod.ChildModules { @@ -100,14 +96,6 @@ func ConvertResources(module *tfjson.StateModule, rawGraph string) ([]*proto.Res label := convertAddressToLabel(resource.Address) // index by label tfResourceByLabel[label] = resource - // index by ID, if it exists - id, ok := resource.AttributeValues["id"] - if ok { - idString, ok := id.(string) - if ok { - resourceLabelByID[idString] = label - } - } } } findTerraformResources(module) @@ -319,58 +307,48 @@ func ConvertResources(module *tfjson.StateModule, rawGraph string) ([]*proto.Res if resource.Type != "coder_metadata" { continue } + var attrs metadataAttributes err = mapstructure.Decode(resource.AttributeValues, &attrs) if err != nil { return nil, xerrors.Errorf("decode metadata attributes: %w", err) } - var targetLabel string - // This occurs in a plan, because there is no resource ID. - // We attempt to find the closest node, just so we can hide it from the UI. - if attrs.ResourceID == "" { - resourceLabel := convertAddressToLabel(resource.Address) + resourceLabel := convertAddressToLabel(resource.Address) - var attachedNode *gographviz.Node - for _, node := range graph.Nodes.Lookup { - // The node attributes surround the label with quotes. - if strings.Trim(node.Attrs["label"], `"`) != resourceLabel { - continue - } - attachedNode = node - break - } - if attachedNode == nil { + var attachedNode *gographviz.Node + for _, node := range graph.Nodes.Lookup { + // The node attributes surround the label with quotes. + if strings.Trim(node.Attrs["label"], `"`) != resourceLabel { continue } - var attachedResource *graphResource - for _, resource := range findResourcesInGraph(graph, tfResourceByLabel, attachedNode.Name, 0, false) { - if attachedResource == nil { - // Default to the first resource because we have nothing to compare! - attachedResource = resource - continue - } - if resource.Depth < attachedResource.Depth { - // There's a closer resource! - attachedResource = resource - continue - } - if resource.Depth == attachedResource.Depth && resource.Label < attachedResource.Label { - attachedResource = resource - continue - } - } - if attachedResource == nil { - continue - } - targetLabel = attachedResource.Label + attachedNode = node + break } - if targetLabel == "" { - targetLabel = resourceLabelByID[attrs.ResourceID] - } - if targetLabel == "" { + if attachedNode == nil { continue } + var attachedResource *graphResource + for _, resource := range findResourcesInGraph(graph, tfResourceByLabel, attachedNode.Name, 0, false) { + if attachedResource == nil { + // Default to the first resource because we have nothing to compare! + attachedResource = resource + continue + } + if resource.Depth < attachedResource.Depth { + // There's a closer resource! + attachedResource = resource + continue + } + if resource.Depth == attachedResource.Depth && resource.Label < attachedResource.Label { + attachedResource = resource + continue + } + } + if attachedResource == nil { + continue + } + targetLabel := attachedResource.Label resourceHidden[targetLabel] = attrs.Hide resourceIcon[targetLabel] = attrs.Icon @@ -416,9 +394,11 @@ func ConvertResources(module *tfjson.StateModule, rawGraph string) ([]*proto.Res } // convertAddressToLabel returns the Terraform address without the count -// specifier. eg. "module.ec2_dev.ec2_instance.dev[0]" becomes "module.ec2_dev.ec2_instance.dev" +// specifier. +// eg. "module.ec2_dev.ec2_instance.dev[0]" becomes "module.ec2_dev.ec2_instance.dev" func convertAddressToLabel(address string) string { - return strings.Split(address, "[")[0] + cut, _, _ := strings.Cut(address, "[") + return cut } type graphResource struct { diff --git a/provisioner/terraform/resources_test.go b/provisioner/terraform/resources_test.go index ebcc07dc84..583f07e784 100644 --- a/provisioner/terraform/resources_test.go +++ b/provisioner/terraform/resources_test.go @@ -8,14 +8,14 @@ import ( "sort" "testing" + protobuf "github.com/golang/protobuf/proto" tfjson "github.com/hashicorp/terraform-json" "github.com/stretchr/testify/require" + "golang.org/x/exp/slices" "github.com/coder/coder/cryptorand" "github.com/coder/coder/provisioner/terraform" "github.com/coder/coder/provisionersdk/proto" - - protobuf "github.com/golang/protobuf/proto" ) func TestConvertResources(t *testing.T) { @@ -165,6 +165,53 @@ func TestConvertResources(t *testing.T) { Sensitive: true, }}, }}, + // Tests that resources with the same id correctly get metadata applied + // to them. + "kubernetes-metadata": {{ + Name: "coder_workspace", + Type: "kubernetes_service_account", + }, { + Name: "coder_workspace", + Type: "kubernetes_config_map", + }, { + Name: "coder_workspace", + Type: "kubernetes_role", + }, { + Name: "coder_workspace", + Type: "kubernetes_role_binding", + }, { + Name: "coder_workspace", + Type: "kubernetes_secret", + }, { + Name: "main", + Type: "kubernetes_pod", + Metadata: []*proto.Resource_Metadata{{ + Key: "cpu", + Value: "1", + }, { + Key: "memory", + Value: "1Gi", + }, { + Key: "gpu", + Value: "1", + }}, + Agents: []*proto.Agent{{ + Name: "main", + OperatingSystem: "linux", + Architecture: "amd64", + StartupScript: " #!/bin/bash\n # home folder can be empty, so copying default bash settings\n if [ ! -f ~/.profile ]; then\n cp /etc/skel/.profile $HOME\n fi\n if [ ! -f ~/.bashrc ]; then\n cp /etc/skel/.bashrc $HOME\n fi\n # install and start code-server\n curl -fsSL https://code-server.dev/install.sh | sh | tee code-server-install.log\n code-server --auth none --port 13337 | tee code-server-install.log &\n", + Apps: []*proto.App{ + { + Icon: "/icon/code.svg", + Slug: "code-server", + DisplayName: "code-server", + Url: "http://localhost:13337?folder=/home/coder", + }, + }, + Auth: &proto.Agent_Token{}, + ConnectionTimeoutSeconds: 120, + }}, + }}, } { folderName := folderName expected := expected @@ -210,6 +257,17 @@ func TestConvertResources(t *testing.T) { err = json.Unmarshal(data, &resourcesMap) require.NoError(t, err) + slices.SortFunc(expectedNoMetadataMap, func(a, b map[string]interface{}) bool { + //nolint:forcetypeassert + return a["name"].(string)+a["type"].(string) < + b["name"].(string)+b["type"].(string) + }) + slices.SortFunc(resourcesMap, func(a, b map[string]interface{}) bool { + //nolint:forcetypeassert + return a["name"].(string)+a["type"].(string) < + b["name"].(string)+b["type"].(string) + }) + require.Equal(t, expectedNoMetadataMap, resourcesMap) }) @@ -251,6 +309,17 @@ func TestConvertResources(t *testing.T) { err = json.Unmarshal(data, &resourcesMap) require.NoError(t, err) + slices.SortFunc(expectedMap, func(a, b map[string]interface{}) bool { + //nolint:forcetypeassert + return a["name"].(string)+a["type"].(string) < + b["name"].(string)+b["type"].(string) + }) + slices.SortFunc(resourcesMap, func(a, b map[string]interface{}) bool { + //nolint:forcetypeassert + return a["name"].(string)+a["type"].(string) < + b["name"].(string)+b["type"].(string) + }) + require.Equal(t, expectedMap, resourcesMap) }) }) diff --git a/provisioner/terraform/testdata/calling-module/calling-module.tfplan.json b/provisioner/terraform/testdata/calling-module/calling-module.tfplan.json index 348af6e0f3..363b4f52fd 100644 --- a/provisioner/terraform/testdata/calling-module/calling-module.tfplan.json +++ b/provisioner/terraform/testdata/calling-module/calling-module.tfplan.json @@ -1,6 +1,6 @@ { "format_version": "1.1", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "planned_values": { "root_module": { "resources": [ diff --git a/provisioner/terraform/testdata/calling-module/calling-module.tfstate.json b/provisioner/terraform/testdata/calling-module/calling-module.tfstate.json index d4287a851a..fc8751b6e6 100644 --- a/provisioner/terraform/testdata/calling-module/calling-module.tfstate.json +++ b/provisioner/terraform/testdata/calling-module/calling-module.tfstate.json @@ -1,6 +1,6 @@ { "format_version": "1.0", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "values": { "root_module": { "resources": [ @@ -17,11 +17,11 @@ "connection_timeout": 120, "dir": null, "env": null, - "id": "5c92d003-112d-4eb1-8e5f-d3009aa52fcb", + "id": "411bdd93-0ea4-4376-a032-52b1fbf44ca5", "init_script": "", "os": "linux", "startup_script": null, - "token": "fedbf404-c42d-4360-815b-5ffc34198df3", + "token": "eeac85aa-19f9-4a50-8002-dfd11556081b", "troubleshooting_url": null }, "sensitive_values": {} @@ -46,7 +46,7 @@ "outputs": { "script": "" }, - "random": "5577006791947779410" + "random": "5816533441722838433" }, "sensitive_values": { "inputs": {}, @@ -61,7 +61,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "8674665223082153551", + "id": "5594550025354402054", "triggers": null }, "sensitive_values": {}, diff --git a/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfplan.json b/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfplan.json index a7d149ee63..e3e1fe4440 100644 --- a/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfplan.json +++ b/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfplan.json @@ -1,6 +1,6 @@ { "format_version": "1.1", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "planned_values": { "root_module": { "resources": [ diff --git a/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfstate.json b/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfstate.json index 0261042eb3..a55aa267bf 100644 --- a/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfstate.json +++ b/provisioner/terraform/testdata/chaining-resources/chaining-resources.tfstate.json @@ -1,6 +1,6 @@ { "format_version": "1.0", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "values": { "root_module": { "resources": [ @@ -17,11 +17,11 @@ "connection_timeout": 120, "dir": null, "env": null, - "id": "6cc2be0d-fe90-4256-944f-482787433587", + "id": "4dc52ff5-b270-47a2-8b6a-695b4872f07b", "init_script": "", "os": "linux", "startup_script": null, - "token": "1927809c-5fcf-4fdd-94d7-9a619fb86d13", + "token": "c5c8378e-66df-4f3f-94a2-84bff1dc6fc9", "troubleshooting_url": null }, "sensitive_values": {} @@ -34,7 +34,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "8674665223082153551", + "id": "7372487656283423086", "triggers": null }, "sensitive_values": {}, @@ -51,7 +51,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "5577006791947779410", + "id": "2553224683756509362", "triggers": null }, "sensitive_values": {}, diff --git a/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfplan.json b/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfplan.json index 773e0b31f0..89793191c8 100644 --- a/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfplan.json +++ b/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfplan.json @@ -1,6 +1,6 @@ { "format_version": "1.1", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "planned_values": { "root_module": { "resources": [ diff --git a/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfstate.json b/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfstate.json index f090953a2c..e696c33fea 100644 --- a/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfstate.json +++ b/provisioner/terraform/testdata/conflicting-resources/conflicting-resources.tfstate.json @@ -1,6 +1,6 @@ { "format_version": "1.0", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "values": { "root_module": { "resources": [ @@ -17,11 +17,11 @@ "connection_timeout": 120, "dir": null, "env": null, - "id": "bcaf2577-5dfd-4083-a446-789092a7babe", + "id": "3cd9cbba-31f7-482c-a8a0-bf39dfe42dc2", "init_script": "", "os": "linux", "startup_script": null, - "token": "862867af-cf08-4aea-a2af-70d0014f848b", + "token": "8b063f22-9e66-4dbf-9f13-7b09ac2a470f", "troubleshooting_url": null }, "sensitive_values": {} @@ -34,7 +34,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "8674665223082153551", + "id": "3370347998754925285", "triggers": null }, "sensitive_values": {}, @@ -50,7 +50,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "5577006791947779410", + "id": "4707694957868093590", "triggers": null }, "sensitive_values": {}, diff --git a/provisioner/terraform/testdata/generate.sh b/provisioner/terraform/testdata/generate.sh index 41e94f9c20..9e6b7ccdc0 100755 --- a/provisioner/terraform/testdata/generate.sh +++ b/provisioner/terraform/testdata/generate.sh @@ -6,6 +6,12 @@ cd "$(dirname "${BASH_SOURCE[0]}")" for d in */; do pushd "$d" name=$(basename "$(pwd)") + + # This needs care to update correctly. + if [[ $name == "kubernetes-metadata" ]]; then + continue + fi + terraform init -upgrade terraform plan -out terraform.tfplan terraform show -json ./terraform.tfplan | jq >"$name".tfplan.json diff --git a/provisioner/terraform/testdata/instance-id/instance-id.tfplan.json b/provisioner/terraform/testdata/instance-id/instance-id.tfplan.json index f2c2863a8e..6bafb713b3 100644 --- a/provisioner/terraform/testdata/instance-id/instance-id.tfplan.json +++ b/provisioner/terraform/testdata/instance-id/instance-id.tfplan.json @@ -1,6 +1,6 @@ { "format_version": "1.1", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "planned_values": { "root_module": { "resources": [ diff --git a/provisioner/terraform/testdata/instance-id/instance-id.tfstate.json b/provisioner/terraform/testdata/instance-id/instance-id.tfstate.json index d13bba529a..0344e88948 100644 --- a/provisioner/terraform/testdata/instance-id/instance-id.tfstate.json +++ b/provisioner/terraform/testdata/instance-id/instance-id.tfstate.json @@ -1,6 +1,6 @@ { "format_version": "1.0", - "terraform_version": "1.3.3", + "terraform_version": "1.3.6", "values": { "root_module": { "resources": [ @@ -17,11 +17,11 @@ "connection_timeout": 120, "dir": null, "env": null, - "id": "30431432-7afb-4d73-8eeb-ee464a28e157", + "id": "36189f12-6eed-4094-9179-6584a8659219", "init_script": "", "os": "linux", "startup_script": null, - "token": "3ce9bbd8-0f31-4460-842b-8e9c1de9a567", + "token": "907fa482-fd3b-44be-8cfb-4515e3122e78", "troubleshooting_url": null }, "sensitive_values": {} @@ -34,8 +34,8 @@ "provider_name": "registry.terraform.io/coder/coder", "schema_version": 0, "values": { - "agent_id": "30431432-7afb-4d73-8eeb-ee464a28e157", - "id": "679f9bf2-8887-4201-a5cd-e53913e8d361", + "agent_id": "36189f12-6eed-4094-9179-6584a8659219", + "id": "c9bd849e-ac37-440b-9c5b-a288344be41c", "instance_id": "example" }, "sensitive_values": {}, @@ -51,7 +51,7 @@ "provider_name": "registry.terraform.io/hashicorp/null", "schema_version": 0, "values": { - "id": "5577006791947779410", + "id": "4399071137990404376", "triggers": null }, "sensitive_values": {}, diff --git a/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tf b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tf new file mode 100644 index 0000000000..e8d6b1d08b --- /dev/null +++ b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tf @@ -0,0 +1,183 @@ +terraform { + required_providers { + coder = { + source = "coder/coder" + version = "0.6.5" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "~> 2.13.1" + } + google = { + source = "hashicorp/google" + version = "4.46.0" + } + } +} + +data "google_client_config" "provider" {} + +data "google_container_cluster" "dev-4-2" { + project = "coder-dev-1" + name = "dev-4-2" + location = "us-central1-a" +} + +locals { + namespace = "colin-coder" + workspace_name = lower("coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}") + cpu = 1 + memory = "1Gi" + gpu = 1 +} + +provider "kubernetes" { + host = "https://${data.google_container_cluster.dev-4-2.endpoint}" + token = data.google_client_config.provider.access_token + cluster_ca_certificate = base64decode( + data.google_container_cluster.dev-4-2.master_auth[0].cluster_ca_certificate, + ) +} + +data "coder_workspace" "me" {} + +resource "coder_agent" "main" { + os = "linux" + arch = "amd64" + startup_script = < "[root] provider[\"registry.terraform.io/coder/coder\"]" + "[root] coder_app.code-server (expand)" -> "[root] coder_agent.main (expand)" + "[root] coder_metadata.kubernetes_pod_main (expand)" -> "[root] kubernetes_pod.main (expand)" + "[root] coder_metadata.kubernetes_pod_main (expand)" -> "[root] local.gpu (expand)" + "[root] data.coder_workspace.me (expand)" -> "[root] provider[\"registry.terraform.io/coder/coder\"]" + "[root] data.google_client_config.provider (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"]" + "[root] data.google_container_cluster.dev-4-2 (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"]" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_pod.main (expand)" -> "[root] coder_agent.main (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_config_map.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_role.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_role_binding.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_secret.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_service_account.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] local.cpu (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] local.memory (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] local.workspace_name (expand)" -> "[root] data.coder_workspace.me (expand)" + "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" -> "[root] coder_app.code-server (expand)" + "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" -> "[root] coder_metadata.kubernetes_pod_main (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" -> "[root] data.google_client_config.provider (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" -> "[root] data.google_container_cluster.dev-4-2 (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"] (close)" -> "[root] kubernetes_pod.main (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" -> "[root] data.google_client_config.provider (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" -> "[root] data.google_container_cluster.dev-4-2 (expand)" + "[root] root" -> "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" + "[root] root" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" + "[root] root" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"] (close)" + } +} + diff --git a/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfplan.json b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfplan.json new file mode 100644 index 0000000000..b684abd4ef --- /dev/null +++ b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfplan.json @@ -0,0 +1,2179 @@ +{ + "format_version": "1.1", + "terraform_version": "1.3.6", + "planned_values": { + "root_module": { + "resources": [ + { + "address": "coder_agent.main", + "mode": "managed", + "type": "coder_agent", + "name": "main", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "arch": "amd64", + "auth": "token", + "connection_timeout": 120, + "dir": null, + "env": null, + "motd_file": null, + "os": "linux", + "shutdown_script": null, + "startup_script": " #!/bin/bash\n # home folder can be empty, so copying default bash settings\n if [ ! -f ~/.profile ]; then\n cp /etc/skel/.profile $HOME\n fi\n if [ ! -f ~/.bashrc ]; then\n cp /etc/skel/.bashrc $HOME\n fi\n # install and start code-server\n curl -fsSL https://code-server.dev/install.sh | sh | tee code-server-install.log\n code-server --auth none --port 13337 | tee code-server-install.log &\n", + "troubleshooting_url": null + }, + "sensitive_values": {} + }, + { + "address": "coder_app.code-server", + "mode": "managed", + "type": "coder_app", + "name": "code-server", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "command": null, + "display_name": null, + "healthcheck": [], + "icon": "/icon/code.svg", + "name": null, + "relative_path": true, + "share": "owner", + "slug": "code-server", + "subdomain": null, + "url": "http://localhost:13337?folder=/home/coder" + }, + "sensitive_values": { + "healthcheck": [] + } + }, + { + "address": "coder_metadata.kubernetes_pod_main[0]", + "mode": "managed", + "type": "coder_metadata", + "name": "kubernetes_pod_main", + "index": 0, + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "daily_cost": null, + "hide": null, + "icon": null, + "item": [ + { + "key": "cpu", + "sensitive": false, + "value": "1" + }, + { + "key": "memory", + "sensitive": false, + "value": "1Gi" + }, + { + "key": "gpu", + "sensitive": false, + "value": "1" + } + ] + }, + "sensitive_values": { + "item": [ + {}, + {}, + {} + ] + } + }, + { + "address": "kubernetes_config_map.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_config_map", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "binary_data": null, + "data": null, + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ] + } + }, + { + "address": "kubernetes_pod.main[0]", + "mode": "managed", + "type": "kubernetes_pod", + "name": "main", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 1, + "values": { + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "spec": [ + { + "active_deadline_seconds": null, + "affinity": [], + "automount_service_account_token": true, + "container": [ + { + "args": null, + "env": [ + { + "name": "CODER_AGENT_TOKEN", + "value_from": [] + } + ], + "env_from": [], + "image": "codercom/enterprise-base:ubuntu", + "lifecycle": [], + "liveness_probe": [], + "name": "dev", + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": { + "cpu": "1", + "memory": "1Gi" + } + } + ], + "security_context": [ + { + "allow_privilege_escalation": true, + "capabilities": [], + "privileged": false, + "read_only_root_filesystem": false, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": "1000", + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "stdin": false, + "stdin_once": false, + "termination_message_path": "/dev/termination-log", + "tty": false, + "volume_mount": [], + "working_dir": null + } + ], + "dns_config": [], + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "host_aliases": [], + "host_ipc": false, + "host_network": false, + "host_pid": false, + "init_container": [], + "node_selector": null, + "priority_class_name": null, + "restart_policy": "Always", + "security_context": [], + "service_account_name": "coder-default-default", + "share_process_namespace": false, + "subdomain": null, + "termination_grace_period_seconds": 30, + "toleration": [], + "topology_spread_constraint": [] + } + ], + "timeouts": null + }, + "sensitive_values": { + "metadata": [ + {} + ], + "spec": [ + { + "affinity": [], + "container": [ + { + "command": [], + "env": [ + { + "value": true, + "value_from": [] + } + ], + "env_from": [], + "lifecycle": [], + "liveness_probe": [], + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": {}, + "requests": {} + } + ], + "security_context": [ + { + "capabilities": [], + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "volume_mount": [] + } + ], + "dns_config": [], + "host_aliases": [], + "image_pull_secrets": [], + "init_container": [], + "readiness_gate": [], + "security_context": [], + "toleration": [], + "topology_spread_constraint": [], + "volume": [] + } + ] + } + }, + { + "address": "kubernetes_role.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "rule": [ + { + "api_groups": [ + "*" + ], + "resource_names": [ + "coder-default-default" + ], + "resources": [ + "configmaps" + ], + "verbs": [ + "*" + ] + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ], + "rule": [ + { + "api_groups": [ + false + ], + "resource_names": [ + false + ], + "resources": [ + false + ], + "verbs": [ + false + ] + } + ] + } + }, + { + "address": "kubernetes_role_binding.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role_binding", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "metadata": [ + { + "annotations": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "role_ref": [ + { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "coder-default-default" + } + ], + "subject": [ + { + "kind": "ServiceAccount", + "name": "coder-default-default", + "namespace": "colin-coder" + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ], + "role_ref": [ + {} + ], + "subject": [ + {} + ] + } + }, + { + "address": "kubernetes_secret.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_secret", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "binary_data": null, + "immutable": null, + "metadata": [ + { + "annotations": { + "kubernetes.io/service-account.name": "coder-default-default", + "kubernetes.io/service-account.namespace": "colin-coder" + }, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "type": "kubernetes.io/service-account-token" + }, + "sensitive_values": { + "data": {}, + "metadata": [ + { + "annotations": {} + } + ] + } + }, + { + "address": "kubernetes_service_account.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_service_account", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "automount_service_account_token": true, + "image_pull_secret": [], + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "secret": [], + "timeouts": null + }, + "sensitive_values": { + "image_pull_secret": [], + "metadata": [ + {} + ], + "secret": [] + } + } + ] + } + }, + "resource_changes": [ + { + "address": "coder_agent.main", + "mode": "managed", + "type": "coder_agent", + "name": "main", + "provider_name": "registry.terraform.io/coder/coder", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "arch": "amd64", + "auth": "token", + "connection_timeout": 120, + "dir": null, + "env": null, + "motd_file": null, + "os": "linux", + "shutdown_script": null, + "startup_script": " #!/bin/bash\n # home folder can be empty, so copying default bash settings\n if [ ! -f ~/.profile ]; then\n cp /etc/skel/.profile $HOME\n fi\n if [ ! -f ~/.bashrc ]; then\n cp /etc/skel/.bashrc $HOME\n fi\n # install and start code-server\n curl -fsSL https://code-server.dev/install.sh | sh | tee code-server-install.log\n code-server --auth none --port 13337 | tee code-server-install.log &\n", + "troubleshooting_url": null + }, + "after_unknown": { + "id": true, + "init_script": true, + "token": true + }, + "before_sensitive": false, + "after_sensitive": { + "token": true + } + } + }, + { + "address": "coder_app.code-server", + "mode": "managed", + "type": "coder_app", + "name": "code-server", + "provider_name": "registry.terraform.io/coder/coder", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "command": null, + "display_name": null, + "healthcheck": [], + "icon": "/icon/code.svg", + "name": null, + "relative_path": true, + "share": "owner", + "slug": "code-server", + "subdomain": null, + "url": "http://localhost:13337?folder=/home/coder" + }, + "after_unknown": { + "agent_id": true, + "healthcheck": [], + "id": true + }, + "before_sensitive": false, + "after_sensitive": { + "healthcheck": [] + } + } + }, + { + "address": "coder_metadata.kubernetes_pod_main[0]", + "mode": "managed", + "type": "coder_metadata", + "name": "kubernetes_pod_main", + "index": 0, + "provider_name": "registry.terraform.io/coder/coder", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "daily_cost": null, + "hide": null, + "icon": null, + "item": [ + { + "key": "cpu", + "sensitive": false, + "value": "1" + }, + { + "key": "memory", + "sensitive": false, + "value": "1Gi" + }, + { + "key": "gpu", + "sensitive": false, + "value": "1" + } + ] + }, + "after_unknown": { + "id": true, + "item": [ + { + "is_null": true + }, + { + "is_null": true + }, + { + "is_null": true + } + ], + "resource_id": true + }, + "before_sensitive": false, + "after_sensitive": { + "item": [ + {}, + {}, + {} + ] + } + } + }, + { + "address": "kubernetes_config_map.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_config_map", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "binary_data": null, + "data": null, + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ] + }, + "after_unknown": { + "id": true, + "metadata": [ + { + "generation": true, + "resource_version": true, + "uid": true + } + ] + }, + "before_sensitive": false, + "after_sensitive": { + "metadata": [ + {} + ] + } + } + }, + { + "address": "kubernetes_pod.main[0]", + "mode": "managed", + "type": "kubernetes_pod", + "name": "main", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "spec": [ + { + "active_deadline_seconds": null, + "affinity": [], + "automount_service_account_token": true, + "container": [ + { + "args": null, + "env": [ + { + "name": "CODER_AGENT_TOKEN", + "value_from": [] + } + ], + "env_from": [], + "image": "codercom/enterprise-base:ubuntu", + "lifecycle": [], + "liveness_probe": [], + "name": "dev", + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": { + "cpu": "1", + "memory": "1Gi" + } + } + ], + "security_context": [ + { + "allow_privilege_escalation": true, + "capabilities": [], + "privileged": false, + "read_only_root_filesystem": false, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": "1000", + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "stdin": false, + "stdin_once": false, + "termination_message_path": "/dev/termination-log", + "tty": false, + "volume_mount": [], + "working_dir": null + } + ], + "dns_config": [], + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "host_aliases": [], + "host_ipc": false, + "host_network": false, + "host_pid": false, + "init_container": [], + "node_selector": null, + "priority_class_name": null, + "restart_policy": "Always", + "security_context": [], + "service_account_name": "coder-default-default", + "share_process_namespace": false, + "subdomain": null, + "termination_grace_period_seconds": 30, + "toleration": [], + "topology_spread_constraint": [] + } + ], + "timeouts": null + }, + "after_unknown": { + "id": true, + "metadata": [ + { + "generation": true, + "resource_version": true, + "uid": true + } + ], + "spec": [ + { + "affinity": [], + "container": [ + { + "command": true, + "env": [ + { + "value": true, + "value_from": [] + } + ], + "env_from": [], + "image_pull_policy": true, + "lifecycle": [], + "liveness_probe": [], + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": {}, + "requests": true + } + ], + "security_context": [ + { + "capabilities": [], + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "termination_message_policy": true, + "volume_mount": [] + } + ], + "dns_config": [], + "host_aliases": [], + "hostname": true, + "image_pull_secrets": true, + "init_container": [], + "node_name": true, + "readiness_gate": true, + "security_context": [], + "toleration": [], + "topology_spread_constraint": [], + "volume": true + } + ] + }, + "before_sensitive": false, + "after_sensitive": { + "metadata": [ + {} + ], + "spec": [ + { + "affinity": [], + "container": [ + { + "command": [], + "env": [ + { + "value": true, + "value_from": [] + } + ], + "env_from": [], + "lifecycle": [], + "liveness_probe": [], + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": {}, + "requests": {} + } + ], + "security_context": [ + { + "capabilities": [], + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "volume_mount": [] + } + ], + "dns_config": [], + "host_aliases": [], + "image_pull_secrets": [], + "init_container": [], + "readiness_gate": [], + "security_context": [], + "toleration": [], + "topology_spread_constraint": [], + "volume": [] + } + ] + } + } + }, + { + "address": "kubernetes_role.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "rule": [ + { + "api_groups": [ + "*" + ], + "resource_names": [ + "coder-default-default" + ], + "resources": [ + "configmaps" + ], + "verbs": [ + "*" + ] + } + ] + }, + "after_unknown": { + "id": true, + "metadata": [ + { + "generation": true, + "resource_version": true, + "uid": true + } + ], + "rule": [ + { + "api_groups": [ + false + ], + "resource_names": [ + false + ], + "resources": [ + false + ], + "verbs": [ + false + ] + } + ] + }, + "before_sensitive": false, + "after_sensitive": { + "metadata": [ + {} + ], + "rule": [ + { + "api_groups": [ + false + ], + "resource_names": [ + false + ], + "resources": [ + false + ], + "verbs": [ + false + ] + } + ] + } + } + }, + { + "address": "kubernetes_role_binding.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role_binding", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "metadata": [ + { + "annotations": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "role_ref": [ + { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "coder-default-default" + } + ], + "subject": [ + { + "kind": "ServiceAccount", + "name": "coder-default-default", + "namespace": "colin-coder" + } + ] + }, + "after_unknown": { + "id": true, + "metadata": [ + { + "generation": true, + "resource_version": true, + "uid": true + } + ], + "role_ref": [ + {} + ], + "subject": [ + { + "api_group": true + } + ] + }, + "before_sensitive": false, + "after_sensitive": { + "metadata": [ + {} + ], + "role_ref": [ + {} + ], + "subject": [ + {} + ] + } + } + }, + { + "address": "kubernetes_secret.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_secret", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "binary_data": null, + "immutable": null, + "metadata": [ + { + "annotations": { + "kubernetes.io/service-account.name": "coder-default-default", + "kubernetes.io/service-account.namespace": "colin-coder" + }, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "type": "kubernetes.io/service-account-token" + }, + "after_unknown": { + "data": true, + "id": true, + "metadata": [ + { + "annotations": {}, + "generation": true, + "resource_version": true, + "uid": true + } + ] + }, + "before_sensitive": false, + "after_sensitive": { + "binary_data": true, + "data": true, + "metadata": [ + { + "annotations": {} + } + ] + } + } + }, + { + "address": "kubernetes_service_account.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_service_account", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "automount_service_account_token": true, + "image_pull_secret": [], + "metadata": [ + { + "annotations": null, + "generate_name": null, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder" + } + ], + "secret": [], + "timeouts": null + }, + "after_unknown": { + "default_secret_name": true, + "id": true, + "image_pull_secret": [], + "metadata": [ + { + "generation": true, + "resource_version": true, + "uid": true + } + ], + "secret": [] + }, + "before_sensitive": false, + "after_sensitive": { + "image_pull_secret": [], + "metadata": [ + {} + ], + "secret": [] + } + } + } + ], + "prior_state": { + "format_version": "1.0", + "terraform_version": "1.3.6", + "values": { + "root_module": { + "resources": [ + { + "address": "data.coder_workspace.me", + "mode": "data", + "type": "coder_workspace", + "name": "me", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "access_port": 443, + "access_url": "https://mydeployment.coder.com", + "id": "c5370d91-41d6-4d00-a6c2-95b03007aec9", + "name": "default", + "owner": "default", + "owner_email": "", + "owner_id": "00000000-0000-0000-0000-000000000000", + "start_count": 1, + "transition": "start" + }, + "sensitive_values": {} + }, + { + "address": "data.google_client_config.provider", + "mode": "data", + "type": "google_client_config", + "name": "provider", + "provider_name": "registry.terraform.io/hashicorp/google", + "schema_version": 0, + "values": { + "access_token": "", + "id": "projects//regions//zones/", + "project": "", + "region": "", + "zone": "" + }, + "sensitive_values": {} + }, + { + "address": "data.google_container_cluster.dev-4-2", + "mode": "data", + "type": "google_container_cluster", + "name": "dev-4-2", + "provider_name": "registry.terraform.io/hashicorp/google", + "schema_version": 0, + "values": { + "addons_config": [ + { + "cloudrun_config": [], + "dns_cache_config": [ + { + "enabled": true + } + ], + "gce_persistent_disk_csi_driver_config": [ + { + "enabled": true + } + ], + "gcp_filestore_csi_driver_config": [], + "horizontal_pod_autoscaling": [ + { + "disabled": false + } + ], + "http_load_balancing": [], + "network_policy_config": [ + { + "disabled": true + } + ] + } + ], + "authenticator_groups_config": [ + { + "security_group": "gke-security-groups@coder.com" + } + ], + "binary_authorization": [ + { + "enabled": false, + "evaluation_mode": "" + } + ], + "cluster_autoscaling": [ + { + "auto_provisioning_defaults": [], + "enabled": false, + "resource_limits": [] + } + ], + "cluster_ipv4_cidr": "10.48.0.0/14", + "confidential_nodes": [], + "cost_management_config": [], + "database_encryption": [ + { + "key_name": "", + "state": "DECRYPTED" + } + ], + "datapath_provider": "ADVANCED_DATAPATH", + "default_max_pods_per_node": 110, + "default_snat_status": [ + { + "disabled": false + } + ], + "description": "", + "dns_config": [], + "enable_autopilot": false, + "enable_binary_authorization": false, + "enable_intranode_visibility": false, + "enable_kubernetes_alpha": false, + "enable_l4_ilb_subsetting": false, + "enable_legacy_abac": false, + "enable_shielded_nodes": true, + "enable_tpu": false, + "endpoint": "", + "id": "projects/coder-dev-1/locations/us-central1-a/clusters/dev-4-2", + "initial_node_count": 1, + "ip_allocation_policy": [ + { + "cluster_ipv4_cidr_block": "10.48.0.0/14", + "cluster_secondary_range_name": "gke-dev-4-2-pods-ac8c82cd", + "services_ipv4_cidr_block": "10.52.0.0/20", + "services_secondary_range_name": "gke-dev-4-2-services-ac8c82cd" + } + ], + "label_fingerprint": "a9dc16a7", + "location": "us-central1-a", + "logging_config": [ + { + "enable_components": [ + "SYSTEM_COMPONENTS", + "WORKLOADS" + ] + } + ], + "logging_service": "logging.googleapis.com/kubernetes", + "maintenance_policy": [ + { + "daily_maintenance_window": [], + "maintenance_exclusion": [], + "recurring_window": [ + { + "end_time": "2022-09-16T05:00:00Z", + "recurrence": "FREQ=WEEKLY;BYDAY=SU", + "start_time": "2022-09-15T05:00:00Z" + } + ] + } + ], + "master_auth": [ + { + "client_certificate": "", + "client_certificate_config": [ + { + "issue_client_certificate": false + } + ], + "client_key": "", + "cluster_ca_certificate": "" + } + ], + "master_authorized_networks_config": [], + "master_version": "1.24.5-gke.600", + "mesh_certificates": [], + "min_master_version": null, + "monitoring_config": [ + { + "enable_components": [ + "SYSTEM_COMPONENTS" + ], + "managed_prometheus": [] + } + ], + "monitoring_service": "monitoring.googleapis.com/kubernetes", + "name": "dev-4-2", + "network": "projects/coder-dev-1/global/networks/main", + "network_policy": [ + { + "enabled": false, + "provider": "PROVIDER_UNSPECIFIED" + } + ], + "networking_mode": "VPC_NATIVE", + "node_config": [ + { + "boot_disk_kms_key": "", + "disk_size_gb": 100, + "disk_type": "pd-ssd", + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "image_type": "UBUNTU_CONTAINERD", + "labels": {}, + "local_ssd_count": 0, + "logging_variant": "DEFAULT", + "machine_type": "e2-standard-4", + "metadata": { + "disable-legacy-endpoints": "true" + }, + "min_cpu_platform": "", + "node_group": "", + "oauth_scopes": [ + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring" + ], + "preemptible": true, + "reservation_affinity": [], + "resource_labels": {}, + "service_account": "default", + "shielded_instance_config": [ + { + "enable_integrity_monitoring": true, + "enable_secure_boot": false + } + ], + "spot": false, + "tags": [], + "taint": [], + "workload_metadata_config": [ + { + "mode": "GKE_METADATA" + } + ] + } + ], + "node_locations": [], + "node_pool": [ + { + "autoscaling": [ + { + "location_policy": "ANY", + "max_node_count": 8, + "min_node_count": 2, + "total_max_node_count": 0, + "total_min_node_count": 0 + } + ], + "initial_node_count": 2, + "instance_group_urls": [ + "https://www.googleapis.com/compute/v1/projects/coder-dev-1/zones/us-central1-a/instanceGroupManagers/gke-dev-4-2-coder-node-pool-8b0aaa9c-grp" + ], + "managed_instance_group_urls": [ + "https://www.googleapis.com/compute/v1/projects/coder-dev-1/zones/us-central1-a/instanceGroups/gke-dev-4-2-coder-node-pool-8b0aaa9c-grp" + ], + "management": [ + { + "auto_repair": true, + "auto_upgrade": true + } + ], + "max_pods_per_node": 110, + "name": "coder-node-pool", + "name_prefix": "", + "network_config": [ + { + "create_pod_range": false, + "enable_private_nodes": false, + "pod_ipv4_cidr_block": "10.48.0.0/14", + "pod_range": "gke-dev-4-2-pods-ac8c82cd" + } + ], + "node_config": [ + { + "boot_disk_kms_key": "", + "disk_size_gb": 100, + "disk_type": "pd-ssd", + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "image_type": "UBUNTU_CONTAINERD", + "labels": {}, + "local_ssd_count": 0, + "logging_variant": "DEFAULT", + "machine_type": "e2-standard-4", + "metadata": { + "disable-legacy-endpoints": "true" + }, + "min_cpu_platform": "", + "node_group": "", + "oauth_scopes": [ + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring" + ], + "preemptible": true, + "reservation_affinity": [], + "resource_labels": {}, + "service_account": "default", + "shielded_instance_config": [ + { + "enable_integrity_monitoring": true, + "enable_secure_boot": false + } + ], + "spot": false, + "tags": [], + "taint": [], + "workload_metadata_config": [ + { + "mode": "GKE_METADATA" + } + ] + } + ], + "node_count": 2, + "node_locations": [ + "us-central1-a" + ], + "upgrade_settings": [ + { + "blue_green_settings": [], + "max_surge": 1, + "max_unavailable": 0, + "strategy": "SURGE" + } + ], + "version": "1.24.4-gke.800" + } + ], + "node_pool_defaults": [ + { + "node_config_defaults": [ + { + "logging_variant": "DEFAULT" + } + ] + } + ], + "node_version": "1.24.4-gke.800", + "notification_config": [ + { + "pubsub": [ + { + "enabled": false, + "filter": [], + "topic": "" + } + ] + } + ], + "operation": null, + "private_cluster_config": [], + "private_ipv6_google_access": "", + "project": "coder-dev-1", + "release_channel": [ + { + "channel": "RAPID" + } + ], + "remove_default_node_pool": null, + "resource_labels": {}, + "resource_usage_export_config": [ + { + "bigquery_destination": [ + { + "dataset_id": "gke_usage" + } + ], + "enable_network_egress_metering": true, + "enable_resource_consumption_metering": true + } + ], + "self_link": "https://container.googleapis.com/v1/projects/coder-dev-1/zones/us-central1-a/clusters/dev-4-2", + "service_external_ips_config": [ + { + "enabled": false + } + ], + "services_ipv4_cidr": "10.52.0.0/20", + "subnetwork": "projects/coder-dev-1/regions/us-central1/subnetworks/internal", + "tpu_ipv4_cidr_block": "", + "vertical_pod_autoscaling": [ + { + "enabled": true + } + ], + "workload_identity_config": [ + { + "workload_pool": "coder-dev-1.svc.id.goog" + } + ] + }, + "sensitive_values": { + "addons_config": [ + { + "cloudrun_config": [], + "dns_cache_config": [ + {} + ], + "gce_persistent_disk_csi_driver_config": [ + {} + ], + "gcp_filestore_csi_driver_config": [], + "horizontal_pod_autoscaling": [ + {} + ], + "http_load_balancing": [], + "network_policy_config": [ + {} + ] + } + ], + "authenticator_groups_config": [ + {} + ], + "binary_authorization": [ + {} + ], + "cluster_autoscaling": [ + { + "auto_provisioning_defaults": [], + "resource_limits": [] + } + ], + "confidential_nodes": [], + "cost_management_config": [], + "database_encryption": [ + {} + ], + "default_snat_status": [ + {} + ], + "dns_config": [], + "ip_allocation_policy": [ + {} + ], + "logging_config": [ + { + "enable_components": [ + false, + false + ] + } + ], + "maintenance_policy": [ + { + "daily_maintenance_window": [], + "maintenance_exclusion": [], + "recurring_window": [ + {} + ] + } + ], + "master_auth": [ + { + "client_certificate_config": [ + {} + ] + } + ], + "master_authorized_networks_config": [], + "mesh_certificates": [], + "monitoring_config": [ + { + "enable_components": [ + false + ], + "managed_prometheus": [] + } + ], + "network_policy": [ + {} + ], + "node_config": [ + { + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "labels": {}, + "metadata": {}, + "oauth_scopes": [ + false, + false + ], + "reservation_affinity": [], + "resource_labels": {}, + "shielded_instance_config": [ + {} + ], + "tags": [], + "taint": [], + "workload_metadata_config": [ + {} + ] + } + ], + "node_locations": [], + "node_pool": [ + { + "autoscaling": [ + {} + ], + "instance_group_urls": [ + false + ], + "managed_instance_group_urls": [ + false + ], + "management": [ + {} + ], + "network_config": [ + {} + ], + "node_config": [ + { + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "labels": {}, + "metadata": {}, + "oauth_scopes": [ + false, + false + ], + "reservation_affinity": [], + "resource_labels": {}, + "shielded_instance_config": [ + {} + ], + "tags": [], + "taint": [], + "workload_metadata_config": [ + {} + ] + } + ], + "node_locations": [ + false + ], + "upgrade_settings": [ + { + "blue_green_settings": [] + } + ] + } + ], + "node_pool_defaults": [ + { + "node_config_defaults": [ + {} + ] + } + ], + "notification_config": [ + { + "pubsub": [ + { + "filter": [] + } + ] + } + ], + "private_cluster_config": [], + "release_channel": [ + {} + ], + "resource_labels": {}, + "resource_usage_export_config": [ + { + "bigquery_destination": [ + {} + ] + } + ], + "service_external_ips_config": [ + {} + ], + "vertical_pod_autoscaling": [ + {} + ], + "workload_identity_config": [ + {} + ] + } + } + ] + } + } + }, + "configuration": { + "provider_config": { + "coder": { + "name": "coder", + "full_name": "registry.terraform.io/coder/coder", + "version_constraint": "0.6.5" + }, + "google": { + "name": "google", + "full_name": "registry.terraform.io/hashicorp/google", + "version_constraint": "4.46.0" + }, + "kubernetes": { + "name": "kubernetes", + "full_name": "registry.terraform.io/hashicorp/kubernetes", + "version_constraint": "~> 2.13.1", + "expressions": { + "cluster_ca_certificate": { + "references": [ + "data.google_container_cluster.dev-4-2.master_auth[0].cluster_ca_certificate", + "data.google_container_cluster.dev-4-2.master_auth[0]", + "data.google_container_cluster.dev-4-2.master_auth", + "data.google_container_cluster.dev-4-2" + ] + }, + "host": { + "references": [ + "data.google_container_cluster.dev-4-2.endpoint", + "data.google_container_cluster.dev-4-2" + ] + }, + "token": { + "references": [ + "data.google_client_config.provider.access_token", + "data.google_client_config.provider" + ] + } + } + } + }, + "root_module": { + "resources": [ + { + "address": "coder_agent.main", + "mode": "managed", + "type": "coder_agent", + "name": "main", + "provider_config_key": "coder", + "expressions": { + "arch": { + "constant_value": "amd64" + }, + "os": { + "constant_value": "linux" + }, + "startup_script": { + "constant_value": " #!/bin/bash\n # home folder can be empty, so copying default bash settings\n if [ ! -f ~/.profile ]; then\n cp /etc/skel/.profile $HOME\n fi\n if [ ! -f ~/.bashrc ]; then\n cp /etc/skel/.bashrc $HOME\n fi\n # install and start code-server\n curl -fsSL https://code-server.dev/install.sh | sh | tee code-server-install.log\n code-server --auth none --port 13337 | tee code-server-install.log &\n" + } + }, + "schema_version": 0 + }, + { + "address": "coder_app.code-server", + "mode": "managed", + "type": "coder_app", + "name": "code-server", + "provider_config_key": "coder", + "expressions": { + "agent_id": { + "references": [ + "coder_agent.main.id", + "coder_agent.main" + ] + }, + "icon": { + "constant_value": "/icon/code.svg" + }, + "relative_path": { + "constant_value": true + }, + "slug": { + "constant_value": "code-server" + }, + "url": { + "constant_value": "http://localhost:13337?folder=/home/coder" + } + }, + "schema_version": 0 + }, + { + "address": "coder_metadata.kubernetes_pod_main", + "mode": "managed", + "type": "coder_metadata", + "name": "kubernetes_pod_main", + "provider_config_key": "coder", + "expressions": { + "item": [ + { + "key": { + "constant_value": "cpu" + }, + "value": { + "references": [ + "local.cpu" + ] + } + }, + { + "key": { + "constant_value": "memory" + }, + "value": { + "references": [ + "local.memory" + ] + } + }, + { + "key": { + "constant_value": "gpu" + }, + "value": { + "references": [ + "local.gpu" + ] + } + } + ], + "resource_id": { + "references": [ + "kubernetes_pod.main[0].id", + "kubernetes_pod.main[0]", + "kubernetes_pod.main" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "kubernetes_config_map.coder_workspace", + "mode": "managed", + "type": "kubernetes_config_map", + "name": "coder_workspace", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "kubernetes_pod.main", + "mode": "managed", + "type": "kubernetes_pod", + "name": "main", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ], + "spec": [ + { + "container": [ + { + "command": { + "references": [ + "coder_agent.main.init_script", + "coder_agent.main" + ] + }, + "env": [ + { + "name": { + "constant_value": "CODER_AGENT_TOKEN" + }, + "value": { + "references": [ + "coder_agent.main.token", + "coder_agent.main" + ] + } + } + ], + "image": { + "constant_value": "codercom/enterprise-base:ubuntu" + }, + "name": { + "constant_value": "dev" + }, + "resources": [ + { + "limits": { + "references": [ + "local.cpu", + "local.memory" + ] + } + } + ], + "security_context": [ + { + "run_as_user": { + "constant_value": "1000" + } + } + ] + } + ], + "service_account_name": { + "references": [ + "local.workspace_name" + ] + } + } + ] + }, + "schema_version": 1, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + }, + "depends_on": [ + "kubernetes_role.coder_workspace", + "kubernetes_role_binding.coder_workspace", + "kubernetes_service_account.coder_workspace", + "kubernetes_secret.coder_workspace", + "kubernetes_config_map.coder_workspace" + ] + }, + { + "address": "kubernetes_role.coder_workspace", + "mode": "managed", + "type": "kubernetes_role", + "name": "coder_workspace", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ], + "rule": [ + { + "api_groups": { + "constant_value": [ + "*" + ] + }, + "resource_names": { + "references": [ + "local.workspace_name" + ] + }, + "resources": { + "constant_value": [ + "configmaps" + ] + }, + "verbs": { + "constant_value": [ + "*" + ] + } + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "kubernetes_role_binding.coder_workspace", + "mode": "managed", + "type": "kubernetes_role_binding", + "name": "coder_workspace", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ], + "role_ref": [ + { + "api_group": { + "constant_value": "rbac.authorization.k8s.io" + }, + "kind": { + "constant_value": "Role" + }, + "name": { + "references": [ + "local.workspace_name" + ] + } + } + ], + "subject": [ + { + "kind": { + "constant_value": "ServiceAccount" + }, + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "kubernetes_secret.coder_workspace", + "mode": "managed", + "type": "kubernetes_secret", + "name": "coder_workspace", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "annotations": { + "references": [ + "local.workspace_name", + "local.namespace" + ] + }, + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ], + "type": { + "constant_value": "kubernetes.io/service-account-token" + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "kubernetes_service_account.coder_workspace", + "mode": "managed", + "type": "kubernetes_service_account", + "name": "coder_workspace", + "provider_config_key": "kubernetes", + "expressions": { + "metadata": [ + { + "name": { + "references": [ + "local.workspace_name" + ] + }, + "namespace": { + "references": [ + "local.namespace" + ] + } + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "data.coder_workspace.me.start_count", + "data.coder_workspace.me" + ] + } + }, + { + "address": "data.coder_workspace.me", + "mode": "data", + "type": "coder_workspace", + "name": "me", + "provider_config_key": "coder", + "schema_version": 0 + }, + { + "address": "data.google_client_config.provider", + "mode": "data", + "type": "google_client_config", + "name": "provider", + "provider_config_key": "google", + "schema_version": 0 + }, + { + "address": "data.google_container_cluster.dev-4-2", + "mode": "data", + "type": "google_container_cluster", + "name": "dev-4-2", + "provider_config_key": "google", + "expressions": { + "location": { + "constant_value": "us-central1-a" + }, + "name": { + "constant_value": "dev-4-2" + }, + "project": { + "constant_value": "coder-dev-1" + } + }, + "schema_version": 0 + } + ] + } + }, + "relevant_attributes": [ + { + "resource": "coder_agent.main", + "attribute": [ + "init_script" + ] + }, + { + "resource": "coder_agent.main", + "attribute": [ + "token" + ] + }, + { + "resource": "kubernetes_pod.main[0]", + "attribute": [ + "id" + ] + }, + { + "resource": "data.coder_workspace.me", + "attribute": [ + "owner" + ] + }, + { + "resource": "data.coder_workspace.me", + "attribute": [ + "name" + ] + }, + { + "resource": "coder_agent.main", + "attribute": [ + "id" + ] + } + ] +} diff --git a/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.dot b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.dot new file mode 100644 index 0000000000..9591ad253c --- /dev/null +++ b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.dot @@ -0,0 +1,63 @@ +digraph { + compound = "true" + newrank = "true" + subgraph "root" { + "[root] coder_agent.main (expand)" [label = "coder_agent.main", shape = "box"] + "[root] coder_app.code-server (expand)" [label = "coder_app.code-server", shape = "box"] + "[root] coder_metadata.kubernetes_pod_main (expand)" [label = "coder_metadata.kubernetes_pod_main", shape = "box"] + "[root] data.coder_workspace.me (expand)" [label = "data.coder_workspace.me", shape = "box"] + "[root] data.google_client_config.provider (expand)" [label = "data.google_client_config.provider", shape = "box"] + "[root] data.google_container_cluster.dev-4-2 (expand)" [label = "data.google_container_cluster.dev-4-2", shape = "box"] + "[root] kubernetes_config_map.coder_workspace (expand)" [label = "kubernetes_config_map.coder_workspace", shape = "box"] + "[root] kubernetes_pod.main (expand)" [label = "kubernetes_pod.main", shape = "box"] + "[root] kubernetes_role.coder_workspace (expand)" [label = "kubernetes_role.coder_workspace", shape = "box"] + "[root] kubernetes_role_binding.coder_workspace (expand)" [label = "kubernetes_role_binding.coder_workspace", shape = "box"] + "[root] kubernetes_secret.coder_workspace (expand)" [label = "kubernetes_secret.coder_workspace", shape = "box"] + "[root] kubernetes_service_account.coder_workspace (expand)" [label = "kubernetes_service_account.coder_workspace", shape = "box"] + "[root] provider[\"registry.terraform.io/coder/coder\"]" [label = "provider[\"registry.terraform.io/coder/coder\"]", shape = "diamond"] + "[root] provider[\"registry.terraform.io/hashicorp/google\"]" [label = "provider[\"registry.terraform.io/hashicorp/google\"]", shape = "diamond"] + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" [label = "provider[\"registry.terraform.io/hashicorp/kubernetes\"]", shape = "diamond"] + "[root] coder_agent.main (expand)" -> "[root] provider[\"registry.terraform.io/coder/coder\"]" + "[root] coder_app.code-server (expand)" -> "[root] coder_agent.main (expand)" + "[root] coder_metadata.kubernetes_pod_main (expand)" -> "[root] kubernetes_pod.main (expand)" + "[root] coder_metadata.kubernetes_pod_main (expand)" -> "[root] local.gpu (expand)" + "[root] data.coder_workspace.me (expand)" -> "[root] provider[\"registry.terraform.io/coder/coder\"]" + "[root] data.google_client_config.provider (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"]" + "[root] data.google_container_cluster.dev-4-2 (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"]" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_config_map.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_pod.main (expand)" -> "[root] coder_agent.main (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_config_map.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_role.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_role_binding.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_secret.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] kubernetes_service_account.coder_workspace (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] local.cpu (expand)" + "[root] kubernetes_pod.main (expand)" -> "[root] local.memory (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_role.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_role_binding.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_secret.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] local.namespace (expand)" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] local.workspace_name (expand)" + "[root] kubernetes_service_account.coder_workspace (expand)" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" + "[root] local.workspace_name (expand)" -> "[root] data.coder_workspace.me (expand)" + "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" -> "[root] coder_app.code-server (expand)" + "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" -> "[root] coder_metadata.kubernetes_pod_main (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" -> "[root] data.google_client_config.provider (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" -> "[root] data.google_container_cluster.dev-4-2 (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"] (close)" -> "[root] kubernetes_pod.main (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" -> "[root] data.google_client_config.provider (expand)" + "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"]" -> "[root] data.google_container_cluster.dev-4-2 (expand)" + "[root] root" -> "[root] provider[\"registry.terraform.io/coder/coder\"] (close)" + "[root] root" -> "[root] provider[\"registry.terraform.io/hashicorp/google\"] (close)" + "[root] root" -> "[root] provider[\"registry.terraform.io/hashicorp/kubernetes\"] (close)" + } +} + diff --git a/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.json b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.json new file mode 100644 index 0000000000..08b5456535 --- /dev/null +++ b/provisioner/terraform/testdata/kubernetes-metadata/kubernetes-metadata.tfstate.json @@ -0,0 +1,1116 @@ +{ + "format_version": "1.0", + "terraform_version": "1.3.6", + "values": { + "root_module": { + "resources": [ + { + "address": "coder_agent.main", + "mode": "managed", + "type": "coder_agent", + "name": "main", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "arch": "amd64", + "auth": "token", + "connection_timeout": 120, + "dir": null, + "env": null, + "id": "b65f06b5-8698-4e47-80fb-e78f9b920e3d", + "init_script": "", + "motd_file": null, + "os": "linux", + "shutdown_script": null, + "startup_script": " #!/bin/bash\n # home folder can be empty, so copying default bash settings\n if [ ! -f ~/.profile ]; then\n cp /etc/skel/.profile $HOME\n fi\n if [ ! -f ~/.bashrc ]; then\n cp /etc/skel/.bashrc $HOME\n fi\n # install and start code-server\n curl -fsSL https://code-server.dev/install.sh | sh | tee code-server-install.log\n code-server --auth none --port 13337 | tee code-server-install.log &\n", + "token": "", + "troubleshooting_url": null + }, + "sensitive_values": {} + }, + { + "address": "coder_app.code-server", + "mode": "managed", + "type": "coder_app", + "name": "code-server", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "agent_id": "b65f06b5-8698-4e47-80fb-e78f9b920e3d", + "command": null, + "display_name": null, + "healthcheck": [], + "icon": "/icon/code.svg", + "id": "00ddd54c-ffe1-429e-b178-bb04b6650056", + "name": null, + "relative_path": true, + "share": "owner", + "slug": "code-server", + "subdomain": null, + "url": "http://localhost:13337?folder=/home/coder" + }, + "sensitive_values": { + "healthcheck": [] + }, + "depends_on": [ + "coder_agent.main" + ] + }, + { + "address": "coder_metadata.kubernetes_pod_main[0]", + "mode": "managed", + "type": "coder_metadata", + "name": "kubernetes_pod_main", + "index": 0, + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "daily_cost": null, + "hide": null, + "icon": null, + "id": "c814b5cd-c211-4d43-9e16-1a381a24ac8b", + "item": [ + { + "is_null": false, + "key": "cpu", + "sensitive": false, + "value": "1" + }, + { + "is_null": false, + "key": "memory", + "sensitive": false, + "value": "1Gi" + }, + { + "is_null": false, + "key": "gpu", + "sensitive": false, + "value": "1" + } + ], + "resource_id": "colin-coder/coder-default-default" + }, + "sensitive_values": { + "item": [ + {}, + {}, + {} + ] + }, + "depends_on": [ + "coder_agent.main", + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2", + "kubernetes_config_map.coder_workspace", + "kubernetes_pod.main", + "kubernetes_role.coder_workspace", + "kubernetes_role_binding.coder_workspace", + "kubernetes_secret.coder_workspace", + "kubernetes_service_account.coder_workspace" + ] + }, + { + "address": "data.coder_workspace.me", + "mode": "data", + "type": "coder_workspace", + "name": "me", + "provider_name": "registry.terraform.io/coder/coder", + "schema_version": 0, + "values": { + "access_port": 443, + "access_url": "https://mydeployment.coder.com", + "id": "bff3bc9e-d4da-4a6a-9065-951229cfc367", + "name": "default", + "owner": "default", + "owner_email": "", + "owner_id": "00000000-0000-0000-0000-000000000000", + "start_count": 1, + "transition": "start" + }, + "sensitive_values": {} + }, + { + "address": "data.google_client_config.provider", + "mode": "data", + "type": "google_client_config", + "name": "provider", + "provider_name": "registry.terraform.io/hashicorp/google", + "schema_version": 0, + "values": { + "access_token": "", + "id": "projects//regions//zones/", + "project": "", + "region": "", + "zone": "" + }, + "sensitive_values": {} + }, + { + "address": "data.google_container_cluster.dev-4-2", + "mode": "data", + "type": "google_container_cluster", + "name": "dev-4-2", + "provider_name": "registry.terraform.io/hashicorp/google", + "schema_version": 0, + "values": { + "addons_config": [ + { + "cloudrun_config": [], + "dns_cache_config": [ + { + "enabled": true + } + ], + "gce_persistent_disk_csi_driver_config": [ + { + "enabled": true + } + ], + "gcp_filestore_csi_driver_config": [], + "horizontal_pod_autoscaling": [ + { + "disabled": false + } + ], + "http_load_balancing": [], + "network_policy_config": [ + { + "disabled": true + } + ] + } + ], + "authenticator_groups_config": [ + { + "security_group": "gke-security-groups@coder.com" + } + ], + "binary_authorization": [ + { + "enabled": false, + "evaluation_mode": "" + } + ], + "cluster_autoscaling": [ + { + "auto_provisioning_defaults": [], + "enabled": false, + "resource_limits": [] + } + ], + "cluster_ipv4_cidr": "10.48.0.0/14", + "confidential_nodes": [], + "cost_management_config": [], + "database_encryption": [ + { + "key_name": "", + "state": "DECRYPTED" + } + ], + "datapath_provider": "ADVANCED_DATAPATH", + "default_max_pods_per_node": 110, + "default_snat_status": [ + { + "disabled": false + } + ], + "description": "", + "dns_config": [], + "enable_autopilot": false, + "enable_binary_authorization": false, + "enable_intranode_visibility": false, + "enable_kubernetes_alpha": false, + "enable_l4_ilb_subsetting": false, + "enable_legacy_abac": false, + "enable_shielded_nodes": true, + "enable_tpu": false, + "endpoint": "", + "id": "projects/coder-dev-1/locations/us-central1-a/clusters/dev-4-2", + "initial_node_count": 1, + "ip_allocation_policy": [ + { + "cluster_ipv4_cidr_block": "10.48.0.0/14", + "cluster_secondary_range_name": "gke-dev-4-2-pods-ac8c82cd", + "services_ipv4_cidr_block": "10.52.0.0/20", + "services_secondary_range_name": "gke-dev-4-2-services-ac8c82cd" + } + ], + "label_fingerprint": "a9dc16a7", + "location": "us-central1-a", + "logging_config": [ + { + "enable_components": [ + "SYSTEM_COMPONENTS", + "WORKLOADS" + ] + } + ], + "logging_service": "logging.googleapis.com/kubernetes", + "maintenance_policy": [ + { + "daily_maintenance_window": [], + "maintenance_exclusion": [], + "recurring_window": [ + { + "end_time": "2022-09-16T05:00:00Z", + "recurrence": "FREQ=WEEKLY;BYDAY=SU", + "start_time": "2022-09-15T05:00:00Z" + } + ] + } + ], + "master_auth": [ + { + "client_certificate": "", + "client_certificate_config": [ + { + "issue_client_certificate": false + } + ], + "client_key": "", + "cluster_ca_certificate": "" + } + ], + "master_authorized_networks_config": [], + "master_version": "1.24.5-gke.600", + "mesh_certificates": [], + "min_master_version": null, + "monitoring_config": [ + { + "enable_components": [ + "SYSTEM_COMPONENTS" + ], + "managed_prometheus": [] + } + ], + "monitoring_service": "monitoring.googleapis.com/kubernetes", + "name": "dev-4-2", + "network": "projects/coder-dev-1/global/networks/main", + "network_policy": [ + { + "enabled": false, + "provider": "PROVIDER_UNSPECIFIED" + } + ], + "networking_mode": "VPC_NATIVE", + "node_config": [ + { + "boot_disk_kms_key": "", + "disk_size_gb": 100, + "disk_type": "pd-ssd", + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "image_type": "UBUNTU_CONTAINERD", + "labels": {}, + "local_ssd_count": 0, + "logging_variant": "DEFAULT", + "machine_type": "e2-standard-4", + "metadata": { + "disable-legacy-endpoints": "true" + }, + "min_cpu_platform": "", + "node_group": "", + "oauth_scopes": [ + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring" + ], + "preemptible": true, + "reservation_affinity": [], + "resource_labels": {}, + "service_account": "default", + "shielded_instance_config": [ + { + "enable_integrity_monitoring": true, + "enable_secure_boot": false + } + ], + "spot": false, + "tags": [], + "taint": [], + "workload_metadata_config": [ + { + "mode": "GKE_METADATA" + } + ] + } + ], + "node_locations": [], + "node_pool": [ + { + "autoscaling": [ + { + "location_policy": "ANY", + "max_node_count": 8, + "min_node_count": 2, + "total_max_node_count": 0, + "total_min_node_count": 0 + } + ], + "initial_node_count": 2, + "instance_group_urls": [ + "https://www.googleapis.com/compute/v1/projects/coder-dev-1/zones/us-central1-a/instanceGroupManagers/gke-dev-4-2-coder-node-pool-8b0aaa9c-grp" + ], + "managed_instance_group_urls": [ + "https://www.googleapis.com/compute/v1/projects/coder-dev-1/zones/us-central1-a/instanceGroups/gke-dev-4-2-coder-node-pool-8b0aaa9c-grp" + ], + "management": [ + { + "auto_repair": true, + "auto_upgrade": true + } + ], + "max_pods_per_node": 110, + "name": "coder-node-pool", + "name_prefix": "", + "network_config": [ + { + "create_pod_range": false, + "enable_private_nodes": false, + "pod_ipv4_cidr_block": "10.48.0.0/14", + "pod_range": "gke-dev-4-2-pods-ac8c82cd" + } + ], + "node_config": [ + { + "boot_disk_kms_key": "", + "disk_size_gb": 100, + "disk_type": "pd-ssd", + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "image_type": "UBUNTU_CONTAINERD", + "labels": {}, + "local_ssd_count": 0, + "logging_variant": "DEFAULT", + "machine_type": "e2-standard-4", + "metadata": { + "disable-legacy-endpoints": "true" + }, + "min_cpu_platform": "", + "node_group": "", + "oauth_scopes": [ + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring" + ], + "preemptible": true, + "reservation_affinity": [], + "resource_labels": {}, + "service_account": "default", + "shielded_instance_config": [ + { + "enable_integrity_monitoring": true, + "enable_secure_boot": false + } + ], + "spot": false, + "tags": [], + "taint": [], + "workload_metadata_config": [ + { + "mode": "GKE_METADATA" + } + ] + } + ], + "node_count": 2, + "node_locations": [ + "us-central1-a" + ], + "upgrade_settings": [ + { + "blue_green_settings": [], + "max_surge": 1, + "max_unavailable": 0, + "strategy": "SURGE" + } + ], + "version": "1.24.4-gke.800" + } + ], + "node_pool_defaults": [ + { + "node_config_defaults": [ + { + "logging_variant": "DEFAULT" + } + ] + } + ], + "node_version": "1.24.4-gke.800", + "notification_config": [ + { + "pubsub": [ + { + "enabled": false, + "filter": [], + "topic": "" + } + ] + } + ], + "operation": null, + "private_cluster_config": [], + "private_ipv6_google_access": "", + "project": "coder-dev-1", + "release_channel": [ + { + "channel": "RAPID" + } + ], + "remove_default_node_pool": null, + "resource_labels": {}, + "resource_usage_export_config": [ + { + "bigquery_destination": [ + { + "dataset_id": "gke_usage" + } + ], + "enable_network_egress_metering": true, + "enable_resource_consumption_metering": true + } + ], + "self_link": "https://container.googleapis.com/v1/projects/coder-dev-1/zones/us-central1-a/clusters/dev-4-2", + "service_external_ips_config": [ + { + "enabled": false + } + ], + "services_ipv4_cidr": "10.52.0.0/20", + "subnetwork": "projects/coder-dev-1/regions/us-central1/subnetworks/internal", + "tpu_ipv4_cidr_block": "", + "vertical_pod_autoscaling": [ + { + "enabled": true + } + ], + "workload_identity_config": [ + { + "workload_pool": "coder-dev-1.svc.id.goog" + } + ] + }, + "sensitive_values": { + "addons_config": [ + { + "cloudrun_config": [], + "dns_cache_config": [ + {} + ], + "gce_persistent_disk_csi_driver_config": [ + {} + ], + "gcp_filestore_csi_driver_config": [], + "horizontal_pod_autoscaling": [ + {} + ], + "http_load_balancing": [], + "network_policy_config": [ + {} + ] + } + ], + "authenticator_groups_config": [ + {} + ], + "binary_authorization": [ + {} + ], + "cluster_autoscaling": [ + { + "auto_provisioning_defaults": [], + "resource_limits": [] + } + ], + "confidential_nodes": [], + "cost_management_config": [], + "database_encryption": [ + {} + ], + "default_snat_status": [ + {} + ], + "dns_config": [], + "ip_allocation_policy": [ + {} + ], + "logging_config": [ + { + "enable_components": [ + false, + false + ] + } + ], + "maintenance_policy": [ + { + "daily_maintenance_window": [], + "maintenance_exclusion": [], + "recurring_window": [ + {} + ] + } + ], + "master_auth": [ + { + "client_certificate_config": [ + {} + ] + } + ], + "master_authorized_networks_config": [], + "mesh_certificates": [], + "monitoring_config": [ + { + "enable_components": [ + false + ], + "managed_prometheus": [] + } + ], + "network_policy": [ + {} + ], + "node_config": [ + { + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "labels": {}, + "metadata": {}, + "oauth_scopes": [ + false, + false + ], + "reservation_affinity": [], + "resource_labels": {}, + "shielded_instance_config": [ + {} + ], + "tags": [], + "taint": [], + "workload_metadata_config": [ + {} + ] + } + ], + "node_locations": [], + "node_pool": [ + { + "autoscaling": [ + {} + ], + "instance_group_urls": [ + false + ], + "managed_instance_group_urls": [ + false + ], + "management": [ + {} + ], + "network_config": [ + {} + ], + "node_config": [ + { + "gcfs_config": [], + "guest_accelerator": [], + "gvnic": [], + "labels": {}, + "metadata": {}, + "oauth_scopes": [ + false, + false + ], + "reservation_affinity": [], + "resource_labels": {}, + "shielded_instance_config": [ + {} + ], + "tags": [], + "taint": [], + "workload_metadata_config": [ + {} + ] + } + ], + "node_locations": [ + false + ], + "upgrade_settings": [ + { + "blue_green_settings": [] + } + ] + } + ], + "node_pool_defaults": [ + { + "node_config_defaults": [ + {} + ] + } + ], + "notification_config": [ + { + "pubsub": [ + { + "filter": [] + } + ] + } + ], + "private_cluster_config": [], + "release_channel": [ + {} + ], + "resource_labels": {}, + "resource_usage_export_config": [ + { + "bigquery_destination": [ + {} + ] + } + ], + "service_external_ips_config": [ + {} + ], + "vertical_pod_autoscaling": [ + {} + ], + "workload_identity_config": [ + {} + ] + } + }, + { + "address": "kubernetes_config_map.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_config_map", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "binary_data": null, + "data": null, + "id": "colin-coder/coder-default-default", + "metadata": [ + { + "annotations": null, + "generate_name": "", + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397492", + "uid": "7a1345aa-ba53-4da6-881a-8a12dc1d7431" + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ] + }, + "depends_on": [ + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2" + ] + }, + { + "address": "kubernetes_pod.main[0]", + "mode": "managed", + "type": "kubernetes_pod", + "name": "main", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 1, + "values": { + "id": "colin-coder/coder-default-default", + "metadata": [ + { + "annotations": null, + "generate_name": "", + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397540", + "uid": "514566c3-3d0a-4273-81eb-e0ba15ec633c" + } + ], + "spec": [ + { + "active_deadline_seconds": 0, + "affinity": [], + "automount_service_account_token": true, + "container": [ + { + "args": null, + "command": [ + "sh", + "-c", + "" + ], + "env": [ + { + "name": "CODER_AGENT_TOKEN", + "value": "", + "value_from": [] + } + ], + "env_from": [], + "image": "codercom/enterprise-base:ubuntu", + "image_pull_policy": "IfNotPresent", + "lifecycle": [], + "liveness_probe": [], + "name": "dev", + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": { + "cpu": "1", + "memory": "1Gi" + }, + "requests": { + "cpu": "1", + "memory": "1Gi" + } + } + ], + "security_context": [ + { + "allow_privilege_escalation": true, + "capabilities": [], + "privileged": false, + "read_only_root_filesystem": false, + "run_as_group": "", + "run_as_non_root": false, + "run_as_user": "1000", + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "stdin": false, + "stdin_once": false, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": false, + "volume_mount": [], + "working_dir": "" + } + ], + "dns_config": [], + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "host_aliases": [], + "host_ipc": false, + "host_network": false, + "host_pid": false, + "hostname": "", + "image_pull_secrets": [], + "init_container": [], + "node_name": "gke-dev-4-2-coder-node-pool-8b0aaa9c-sxm6", + "node_selector": null, + "priority_class_name": "", + "readiness_gate": [], + "restart_policy": "Always", + "security_context": [], + "service_account_name": "coder-default-default", + "share_process_namespace": false, + "subdomain": "", + "termination_grace_period_seconds": 30, + "toleration": [], + "topology_spread_constraint": [], + "volume": [] + } + ], + "timeouts": null + }, + "sensitive_values": { + "metadata": [ + {} + ], + "spec": [ + { + "affinity": [], + "container": [ + { + "command": [ + false, + false, + false + ], + "env": [ + { + "value": true, + "value_from": [] + } + ], + "env_from": [], + "lifecycle": [], + "liveness_probe": [], + "port": [], + "readiness_probe": [], + "resources": [ + { + "limits": {}, + "requests": {} + } + ], + "security_context": [ + { + "capabilities": [], + "se_linux_options": [], + "seccomp_profile": [] + } + ], + "startup_probe": [], + "volume_mount": [] + } + ], + "dns_config": [], + "host_aliases": [], + "image_pull_secrets": [], + "init_container": [], + "readiness_gate": [], + "security_context": [], + "toleration": [], + "topology_spread_constraint": [], + "volume": [] + } + ] + }, + "depends_on": [ + "coder_agent.main", + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2", + "kubernetes_config_map.coder_workspace", + "kubernetes_role.coder_workspace", + "kubernetes_role_binding.coder_workspace", + "kubernetes_secret.coder_workspace", + "kubernetes_service_account.coder_workspace" + ] + }, + { + "address": "kubernetes_role.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "id": "colin-coder/coder-default-default", + "metadata": [ + { + "annotations": null, + "generate_name": "", + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397493", + "uid": "1e13ad6c-19fc-4f1c-be71-ad93a3917dce" + } + ], + "rule": [ + { + "api_groups": [ + "*" + ], + "resource_names": [ + "coder-default-default" + ], + "resources": [ + "configmaps" + ], + "verbs": [ + "*" + ] + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ], + "rule": [ + { + "api_groups": [ + false + ], + "resource_names": [ + false + ], + "resources": [ + false + ], + "verbs": [ + false + ] + } + ] + }, + "depends_on": [ + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2" + ] + }, + { + "address": "kubernetes_role_binding.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_role_binding", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "id": "colin-coder/coder-default-default", + "metadata": [ + { + "annotations": null, + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397491", + "uid": "3b19e824-82e6-44e5-b457-4424ebd08b39" + } + ], + "role_ref": [ + { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "coder-default-default" + } + ], + "subject": [ + { + "api_group": "", + "kind": "ServiceAccount", + "name": "coder-default-default", + "namespace": "colin-coder" + } + ] + }, + "sensitive_values": { + "metadata": [ + {} + ], + "role_ref": [ + {} + ], + "subject": [ + {} + ] + }, + "depends_on": [ + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2" + ] + }, + { + "address": "kubernetes_secret.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_secret", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "binary_data": null, + "data": { + "ca.crt": "", + "namespace": "colin-coder", + "token": "" + }, + "id": "colin-coder/coder-default-default", + "immutable": false, + "metadata": [ + { + "annotations": { + "kubernetes.io/service-account.name": "coder-default-default", + "kubernetes.io/service-account.namespace": "colin-coder" + }, + "generate_name": "", + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397490", + "uid": "5edc0d6f-3270-4089-9a7a-0c146e17437f" + } + ], + "type": "kubernetes.io/service-account-token" + }, + "sensitive_values": { + "data": {}, + "metadata": [ + { + "annotations": {} + } + ] + }, + "depends_on": [ + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2" + ] + }, + { + "address": "kubernetes_service_account.coder_workspace[0]", + "mode": "managed", + "type": "kubernetes_service_account", + "name": "coder_workspace", + "index": 0, + "provider_name": "registry.terraform.io/hashicorp/kubernetes", + "schema_version": 0, + "values": { + "automount_service_account_token": true, + "default_secret_name": "", + "id": "colin-coder/coder-default-default", + "image_pull_secret": [], + "metadata": [ + { + "annotations": null, + "generate_name": "", + "generation": 0, + "labels": null, + "name": "coder-default-default", + "namespace": "colin-coder", + "resource_version": "249397488", + "uid": "6591f317-519a-48d9-9fba-dcb3ca42fc2f" + } + ], + "secret": [], + "timeouts": null + }, + "sensitive_values": { + "image_pull_secret": [], + "metadata": [ + {} + ], + "secret": [] + }, + "depends_on": [ + "data.coder_workspace.me", + "data.google_client_config.provider", + "data.google_container_cluster.dev-4-2" + ] + } + ] + } + } +}