resource "kubectl_manifest" "marker" {
  yaml_body  = <<-EOF
    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
      name: bridge-marker
      namespace: ${var.namespace}
      labels: ${jsonencode(local.common-labels)}
      ownerReferences: ${jsonencode(var.install_owner)}
    spec:
      revisionHistoryLimit: 10
      selector:
        matchLabels:
          name: bridge-marker
      template:
        metadata:
          annotations:
            description: Bridge marker exposes network bridges available on nodes as node
              resources
          creationTimestamp: null
          labels:
            app: bridge-marker
            app.kubernetes.io/component: network
            name: bridge-marker
            tier: node
        spec:
          containers:
          - args:
            - -node-name
            - $(NODE_NAME)
            env:
            - name: NODE_NAME
              valueFrom:
                fieldRef:
                  apiVersion: v1
                  fieldPath: spec.nodeName
            image: ${var.images.marker.registry}/${var.images.marker.repository}:${var.images.marker.tag}
            imagePullPolicy: ${var.images.marker.pull_policy}
            name: bridge-marker
            resources:
              requests:
                cpu: 10m
                memory: 15Mi
          hostNetwork: true
          nodeSelector:
            kubernetes.io/arch: amd64
          priorityClassName: system-node-critical
          restartPolicy: Always
          serviceAccount: bridge-marker
          serviceAccountName: bridge-marker
          tolerations:
          - effect: NoSchedule
            operator: Exists
EOF
}