-
Notifications
You must be signed in to change notification settings - Fork 20
Switch to shared gRPC server implementation #166
Conversation
6a06414
to
b2fec9f
Compare
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
f9b9d48
to
74d633c
Compare
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thanks @ulucinar !
"gopkg.in/alecthomas/kingpin.v2" | ||
kerrors "k8s.io/apimachinery/pkg/api/errors" | ||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
"k8s.io/client-go/tools/leaderelection/resourcelock" | ||
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/log/zap" | ||
|
||
tjcontroller "github.com/crossplane/terrajet/pkg/controller" | ||
"github.com/crossplane/terrajet/pkg/terraform" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the crossplane-runtime imports should be moved to this group.
fmt.Sprintf(fmtEnvVar, envClientID, azureCreds[keyAzureClientID]), | ||
fmt.Sprintf(fmtEnvVar, envClientSecret, azureCreds[keyAzureClientSecret]), | ||
} | ||
ps.Configuration[keyTenantID] = azureCreds[keyAzureTenantID] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you confirm that these are not printed in the error logs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @muvaf,
I gave this a try by injecting an invalid key in Terraform provider configuration block. Here's what appears in managed resource status:
- message: 'observe failed: cannot run refresh: refresh failed: Extraneous JSON
object property: No argument or block type is named "non-existent".: File name:
main.tf.json'
reason: ReconcileError
status: "False"
type: Synced
And no relevant provider logs unless debug logging is enabled. If debug logs are enabled, then I think we are dumping Terraform output, which may, in theory, leak sensitive data. We can discuss this general issue in Terrajet.
@@ -5,29 +5,32 @@ ARG ARCH | |||
ARG TERRAFORM_VERSION | |||
ARG TERRAFORM_PROVIDER_SOURCE | |||
ARG TERRAFORM_PROVIDER_VERSION | |||
ARG TINI_VERSION |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was this a remnant of something else?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, looks like it's no longer used.
Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Description of your changes
Fixes crossplane/terrajet#261
Switches to the shared gRPC server implementation in
provider-jet-azure
.I have:
make reviewable test
to ensure this PR is ready for review.How has this code been tested
Tested using the corresponding Terrajet PR: crossplane/terrajet#267