Skip to content
This repository has been archived by the owner on Dec 16, 2020. It is now read-only.

Releases: gruntwork-io/terraform-kubernetes-helm

v0.6.2

15 Dec 17:28
4544410
Compare
Choose a tag to compare

This repo is now deprecated. Please upgrade to Helm v3 and migrate Namespace related modules to terraform-kubernetes-namespace.

Related links

v0.6.1

23 Oct 16:08
3ff147f
Compare
Choose a tag to compare

Modules affected

  • k8s-tiller

Description

Fix regression bug from v0.6.0, where kubergrunt expects base64 encoded data, but we decode the data before passing it through.

Related links

v0.6.0

22 Oct 21:20
d99ec1c
Compare
Choose a tag to compare

Modules affected

  • k8s-tiller [BACKWARDS INCOMPATIBLE when using kubergrunt mode]

Description

The local-exec calls for k8s-tiller have been updated to be compatible with Windows. Note that this requires Powershell.

Migration guide

The destroy provisioners for the TLS certificates have been updated when using kubergrunt mode for TLS generation to resolve a bug where kubectl did not accept certificate-authority-data when there is an entry in the kubeconfig for the server. This has been updated to use kubergrunt to pass the authentication parameters to kubectl using a temporary kubeconfig that is generated by kubergrunt. This fix requires kubergrunt v0.5.8 or greater, so you will need to upgrade kubergrunt if you wish to use the updated version.

Related links

v0.5.3

21 Oct 18:26
720588a
Compare
Choose a tag to compare

Modules affected

  • k8s-service-account
  • k8s-namespace
  • k8s-namespace-roles

Description

Fixes a regression bug introduced in k8s-namespace and k8s-namespace-roles with the behavior of create_resources. Starting with terraform v0.12.11, referencing resource index 0 of those that were not created with count = 0 is an error where as before it was null. This means that we need to add a conditional for referencing those resources to only index into it when count > 0.

This release also adds the create_resources parameter to k8s-service-account.

Related links

v0.5.2

09 Oct 21:45
1bd61be
Compare
Choose a tag to compare

Modules affected

  • k8s-tiller

Special thanks

Special thanks to @bhegazy for their contribution!

Description

Listening on localhost is now optional. To disable localhost listening, set the tiller_listen_localhost input variable to false.

Related links

v0.5.1

26 Jul 20:13
2e27da0
Compare
Choose a tag to compare

Modules affected

No changes to underlying modules

Description

  • Improve testing: test latest version of kubergrunt and update setup-minikube script for CI.
  • Fix typo in root example where the helm client TLS public certificate was not being returned.

Related links

v0.5.0

11 Jun 02:21
2e3dd10
Compare
Choose a tag to compare

Modules affected

  • k8s-tiller [BACKWARDS INCOMPATIBLE]
  • k8s-tiller-tls-certs [BACKWARDS INCOMPATIBLE]
  • k8s-service-account [BACKWARDS INCOMPATIBLE]
  • k8s-namespace [BACKWARDS INCOMPATIBLE]
  • k8s-namespace-roles [BACKWARDS INCOMPATIBLE]
  • k8s-helm-client-tls-certs [BACKWARDS INCOMPATIBLE]

Description

All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.

All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.

Note that as part of this, we switched to using null to indicate unset values when passing them through to resources. If you were previously using a 0 value ("" for strings and 0 for numbers), review the module variables.tf file to double check if the 0 value has been converted to a null.

Note: there is one major interface change due to the upgrade. For the TLS modules, we no longer cannot pass through the subject info of the TLS cert as an inline block due to type issues. The main issue here is with the street_address attribute, which is of type list(string). To support the types, the street_address must be provided as newline delimited string, which will be later converted to list(string).

Related links

v0.4.0

16 May 05:03
1a06c66
Compare
Choose a tag to compare

Modules affected

  • k8s-tiller [BREAKING]
  • k8s-tiller-tls-certs [NEW]
  • k8s-helm-client-tls-certs [NEW]

Description

This brings in TLS generation into the k8s-tiller module. In particular, k8s-tiller has a new required variable tiller_tls_gen_method which indicates how the module should generate the TLS certificates. Currently there are three options:

  • kubergrunt: Use the kubergrunt utility to generate the TLS certificates and upload as a Kubernetes Secret resource.
  • provider: Use the tls Terraform provider to generate the TLS certs, and then use the kubernetes provider to upload them as a Kubernetes Secret resource.
  • none: Don't generate any TLS certs and look them up based on the input variable tiller_tls_secret_name.

The characteristics of the three approaches are summarized in the table below. You can refer to the module README for more details.

Method Amount of Control Terraform Features Secrets in Terraform State External Dependencies
Direct Full control N/A Only references Yes (TLS certs must be generated externally)
Provider Limited control Full support All Secrets are stored in Terraform State No
Kubergrunt Limited control Limited support Only references Yes (kubergrunt binary)

Additionally, this introduces the k8s-tiller-tls-certs and k8s-helm-client-tls-certs modules, which can be used to manually manage the TLS certificates for Tiller using the tls Terraform provider. Refer to the module READMEs for more details.

You can refer to the updated root example for example usage of the new modules.

Migration guide

To replicate the old behavior, pass in tiller_tls_gen_method = "none" to the module block for k8s-tiller.

Related links

v0.3.2

08 May 16:51
f7ee4a6
Compare
Choose a tag to compare

Description

This updates the READMEs in all the modules to be compatible with the Terraform registry.

Related links

v0.3.1

06 May 21:32
fb4271f
Compare
Choose a tag to compare

Modules affected

  • k8s-namespace
  • k8s-namespace-roles

Description

  • k8s-namespace and k8s-namespace-roles modules now support conditionally creating the namespace and roles via the create_resources input variable.

Related links