kubernetesterraformkubernetes-helmconfigmapterraform-provider-helm

Mount Kubernetes ConfigMap to Helm Chart values.yaml inside volume[ ] settings

Hello iam trying to insert a Kubernetes ConfigMap inside the cert-manager Helm Chart. The Helm Chart gets defined with a values.yaml.

The needed ConfigMap is already defined with the corresponding data inside the same namespace as my Helm Chart.

resource "helm_release" "certmanager" {
name       = "cert-manager"
repository = "https://charts.jetstack.io"
chart      = "cert-manager"
namespace  = kubernetes_namespace.certmanager.metadata.0.name
version    = local.helm_cert_manager_version

values = [
  file("./config/cert-manager-values.yml")
]
}

# !! ConfigMap is defined with Terraform !! #
resource "kubernetes_config_map" "example" {
 metadata {
    name      = "test-config"
    namespace = kubernetes_namespace.certmanager.metadata.0.name
 }
 data = {
   "test_ca" = "${data.google_secret_manager_secret_version.test_crt.secret_data}"
 }
}

The data of the ConfigMap should be mounted to the path /etc/ssl/certs inside my Helm Chart.

I think down below is the rigth spot to mount the data?

...
volumes: []
volumeMounts: []
..

Do you have any idea how to mount that ConfigMap over /etc/ssl/certs within the cert-manager Chart?

Solution

  • Based on your question, there could be two things you could do:

    1. Pre-populate the ./config/cert-manager-values.yml file with the values you want.
    2. Use the templatefile [1] built-in function and pass the values dynamically.

    In the first case, the changes to the file would probably have to be as follows:

    ...
volumes:
  - name: config-map-volume
    configMap:
        name: test-config
volumeMounts:
  - name: config-map-volume
    mountPath: /etc/ssl/certs
...

    Make sure the indentation is correct since this is YML. In the second case, you could do something like this in the helm_release resource:

    resource "helm_release" "certmanager" {
  name       = "cert-manager"
  repository = "https://charts.jetstack.io"
  chart      = "cert-manager"
  namespace  = kubernetes_namespace.certmanager.metadata.0.name
  version    = local.helm_cert_manager_version

  values = [templatefile("./config/cert-manager-values.yml", {
    config_map_name   = kubernetes_config_map.example.metadata[0].name
    volume_mount_path = "/etc/ssl/certs"
  })]
}

    In this case, you would also have to use template variables as placeholders inside of the cert-manager-values.yml file:

    ...
volumes:
  - name: config-map-volume
    configMap:
        name: ${config_map_name}
volumeMounts:
  - name: config-map-volume
    mountPath: ${mount_path}
...

    Note that the first option might not work as expected due to Terraform parallelism which tries to create as many resources as possible. If the ConfigMap is not created before the chart is applied it might fail.

    [1] https://www.terraform.io/language/functions/templatefile