-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapp.tf
More file actions
29 lines (27 loc) · 1.31 KB
/
app.tf
File metadata and controls
29 lines (27 loc) · 1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
data "ns_app_env" "this" {
stack_id = data.ns_workspace.this.stack_id
app_id = data.ns_workspace.this.block_id
env_id = data.ns_workspace.this.env_id
}
locals {
app_namespace = local.kubernetes_namespace
app_name = data.ns_workspace.this.block_name
app_version = coalesce(data.ns_app_env.this.version, "latest")
app_commit_sha = data.ns_app_env.this.commit_sha
}
locals {
app_metadata = tomap({
// Inject app metadata into capabilities here (e.g. service_account_id)
service_account_id = google_service_account.app.id
service_account_email = google_service_account.app.email
service_name = local.service_name
container_port = var.container_port
service_port = var.service_port
internal_subdomain = var.service_port == 0 ? "" : "${local.block_name}.${local.kubernetes_namespace}.svc.cluster.local"
// Shared external-secrets SecretStore in the app's namespace. Capabilities can
// reference this to create ExternalSecrets without standing up their own store.
// Reading the name through the resource attribute (instead of local.app_secret_store_name)
// makes capabilities wait on the SecretStore being applied before their ExternalSecrets run.
secret_store_name = kubernetes_manifest.gsm_secret_store.manifest.metadata.name
})
}