Skip to content

Commit e51804e

Browse files
apeabodyapeabody
authored
fix: policy bundles now use idx as resource name (bundles will be re-applied) (terraform-google-modules#1657)
1 parent 044968d commit e51804e

File tree

2 files changed

+6
-5
lines changed

2 files changed

+6
-5
lines changed

modules/acm/creds.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,12 @@ resource "tls_private_key" "k8sop_creds" {
3030
rsa_bits = 4096
3131
}
3232

33-
# Wait for the ACM operator to create the namespace
33+
# Wait for ACM
3434
resource "time_sleep" "wait_acm" {
3535
count = (var.create_ssh_key == true || var.ssh_auth_key != null || var.enable_policy_controller || var.enable_config_sync) ? 1 : 0
3636
depends_on = [google_gke_hub_feature_membership.main]
3737

38-
create_duration = "300s"
38+
create_duration = (length(var.policy_bundles) > 0) ? "600s" : "300s"
3939
}
4040

4141
resource "google_service_account_iam_binding" "ksa_iam" {

modules/acm/policy_bundles.tf

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,12 +18,13 @@ module "policy_bundles" {
1818
source = "terraform-google-modules/gcloud/google//modules/kubectl-wrapper"
1919
version = "~> 3.1"
2020

21-
for_each = toset(var.policy_bundles)
21+
# Use index as name to avoid long url or special filesystem chars
22+
for_each = { for i, v in var.policy_bundles : i => v }
2223
project_id = var.project_id
2324
cluster_name = var.cluster_name
2425
cluster_location = var.location
25-
kubectl_create_command = "kubectl apply -k ${each.key}"
26-
kubectl_destroy_command = "kubectl delete -k ${each.key}"
26+
kubectl_create_command = "kubectl apply -k ${each.value}"
27+
kubectl_destroy_command = "kubectl delete -k ${each.value}"
2728

2829
module_depends_on = [time_sleep.wait_acm]
2930
}

0 commit comments

Comments
 (0)