Remove asset_dir variable and optional asset writes

* Originally, poseidon/terraform-render-bootstrap generated TLS certificates, manifests, and cluster "assets" written to local disk (`asset_dir`) during terraform apply cluster bootstrap * Typhoon v1.17.0 introduced bootstrapping using only Terraform state to store cluster assets, to avoid ever writing sensitive materials to disk and improve automated use-cases. `asset_dir` was changed to optional and defaulted to "" (no writes) * Typhoon v1.18.0 deprecated the `asset_dir` variable, removed docs, and announced it would be deleted in future. * Add Terraform output `assets_dir` map * Remove the `asset_dir` variable Cluster assets are now stored in Terraform state only. For those who wish to write those assets to local files, this is possible doing so explicitly. ``` resource local_file "assets" { for_each = module.yavin.assets_dist filename = "some-assets/${each.key}" content = each.value } ``` Related: * poseidon/typhoon#595 * poseidon/typhoon#678
poseidon · Oct 17, 2020 · ed2c689 · ed2c689
1 parent 4eed5a3
commit ed2c689
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 8 deletions.
diff --git a/bootstrap.tf b/bootstrap.tf
@@ -1,11 +1,10 @@
 # Kubernetes assets (kubeconfig, manifests)
 module "bootstrap" {
-  source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=7988fb7159cb81e2d080b365b147fe90542fd258"
+  source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=9037d7311b949439b217cd9c657d4500eab3e16b"
 
   cluster_name          = var.cluster_name
   api_servers           = [format("%s.%s", var.cluster_name, var.dns_zone)]
   etcd_servers          = google_dns_record_set.etcds.*.name
-  asset_dir             = var.asset_dir
   networking            = var.networking
   network_mtu           = 1440
   pod_cidr              = var.pod_cidr

diff --git a/outputs.tf b/outputs.tf
@@ -42,3 +42,9 @@ output "worker_target_pool" {
   value       = module.workers.target_pool
 }
 
+# Outputs for debug
+
+output "assets_dist" {
+  value = module.bootstrap.assets_dist
+}
+
diff --git a/variables.tf b/variables.tf
@@ -124,12 +124,6 @@ variable "worker_node_labels" {
 
 # unofficial, undocumented, unsupported
 
-variable "asset_dir" {
-  type        = string
-  description = "Absolute path to a directory where generated assets should be placed (contains secrets)"
-  default     = ""
-}
-
 variable "cluster_domain_suffix" {
   type        = string
   description = "Queries for domains with the suffix will be answered by coredns. Default is cluster.local (e.g. foo.default.svc.cluster.local) "