Replies: 1 comment
-
a quick poc that works well: 0x6a77/terraform-provider-flux@c7227c0 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
in the documents-based terraform datas we can share a core git repo across multiple clusters and that repo is read-only to flux, but managed centrally. under flux_bootstrap this core repo now gets
git push
from every cluster which has the surprising consequence of deleting every cluster when you delete one. yoink!a core repo is a nice model that we've used for years: the teams get their own, custom repo for their workloads, but otherwise the central services get managed from the core repo.
it feels like flux_boostrap resource could support this with a small change: mark the resource "git read-only." on
apply
the provider would skip any logic to update/push its gotk/kustomization. in read-only mode it might be nice to warn on diffs and fail on missing files. ondestroy
it would just skip anything related to file delete/push.the team that manages the core repo would use it in read/write mode and take responsibility for making sure resources match versions for all teams that share it. (which over the years has been reasonably stable, so this would not be a lot of work.)
Beta Was this translation helpful? Give feedback.
All reactions