diff --git a/apps/dbgate/configs.tf b/apps/dbgate/configs.tf index 02cc48c..d94226c 100644 --- a/apps/dbgate/configs.tf +++ b/apps/dbgate/configs.tf @@ -1,5 +1,6 @@ locals { - pg_vars = merge([for pg in var.pg: { + pg = concat(var.pg, var.detected.pgs) + pg_vars = merge([for pg in local.pg: { join("_",["LABEL_pg", pg.namespace, pg.name, pg.dbname]) = join(" | ",[pg.namespace, pg.name, pg.dbname]) join("_",["ENGINE_pg", pg.namespace, pg.name, pg.dbname]) = "postgres@dbgate-plugin-postgres" join("_",["SERVER_pg", pg.namespace, pg.name, pg.dbname]) = join(".",["${pg.name}-rw", pg.namespace, "svc"]) @@ -7,45 +8,48 @@ locals { join("_",["DATABASE_pg", pg.namespace, pg.name, pg.dbname]) = pg.dbname join("_",["USER_pg", pg.namespace, pg.name, pg.dbname]) = pg.username }]...) - pg_secrets = merge([for index, pg in var.pg: { + pg_secrets = merge([for index, pg in local.pg: { join("_",["PASSWORD_pg", pg.namespace, pg.name, pg.dbname]) = lookup(coalesce(data.kubernetes_secret_v1.pgs[index].data,{}),lookup(pg.secret,"key", "password"), "not-found") }]...) - pg_conns = [for pg in var.pg: join("_",["pg", pg.namespace, pg.name, pg.dbname])] + pg_conns = [for pg in local.pg: join("_",["pg", pg.namespace, pg.name, pg.dbname])] - maria_vars = merge([for m in var.maria: { - join("_",["LABEL_maria", m.namespace, m.name]) = join(" | ",[m.namespace, m.name]) - join("_",["ENGINE_maria", m.namespace, m.name]) = "mysql@dbgate-plugin-mysql" - join("_",["SERVER_maria", m.namespace, m.name]) = join(".",["${m.name}-svc", m.namespace, "svc"]) - join("_",["PORT_maria", m.namespace, m.name]) = "3306" - join("_",["DATABASE_maria", m.namespace, m.name]) = m.dbname - join("_",["USER_maria", m.namespace, m.name]) = m.username + ndb = concat(var.ndb, var.detected.ndbs) + ndb_vars = merge([for m in local.ndb: { + join("_",["LABEL_ndb", m.namespace, m.name]) = join(" | ",[m.namespace, m.name]) + join("_",["ENGINE_ndb", m.namespace, m.name]) = "mysql@dbgate-plugin-mysql" + join("_",["SERVER_ndb", m.namespace, m.name]) = join(".",["${m.name}-svc", m.namespace, "svc"]) + join("_",["PORT_ndb", m.namespace, m.name]) = "3306" + join("_",["DATABASE_ndb", m.namespace, m.name]) = m.dbname + join("_",["USER_ndb", m.namespace, m.name]) = m.username }]...) - maria_secrets = merge([for index, m in var.maria: { - join("_",["PASSWORD_maria", m.namespace, m.name]) = "unimplemented" + ndb_secrets = merge([for index, m in local.ndb: { + join("_",["PASSWORD_ndb", m.namespace, m.name]) = lookup(coalesce(data.kubernetes_secret_v1.ndbs[index].data,{}),lookup(m.secret,"key", "password"), "not-found") }]...) - maria_conns = [for m in var.maria: join("_",["maria", m.namespace, m.name])] + ndb_conns = [for m in local.ndb: join("_",["ndb", m.namespace, m.name])] - redis_vars = merge([for m in var.redis: { + redis = concat(var.redis, var.detected.rediss) + redis_vars = merge([for m in local.redis: { join("_",["LABEL_redis", m.namespace, m.name]) = join(" | ",[m.namespace, m.name]) join("_",["ENGINE_redis", m.namespace, m.name]) = "redis@dbgate-plugin-redis" join("_",["SERVER_redis", m.namespace, m.name]) = join(".",[m.name, m.namespace, "svc"]) join("_",["PORT_redis", m.namespace, m.name]) = "6379" }]...) - redis-privs = [for m in var.redis: merge({secret = lookup(m,"secret",{})},m) if contains(keys(m),"secret")] + redis-privs = [for m in local.redis: merge({secret = lookup(m,"secret",{})},m) if contains(keys(m),"secret")] redis_secrets = merge([for index, m in local.redis-privs: { join("_",["PASSWORD_redis", m.namespace, m.name]) = data.kubernetes_secret_v1.redis[index].data[lookup(m.secret,"key", "password")] }]...) - redis_conns = [for m in var.redis: join("_",["redis", m.namespace, m.name])] + redis_conns = [for m in local.redis: join("_",["redis", m.namespace, m.name])] - mongo_vars = merge([for m in var.mongo: { + mongo = concat(var.mongo, var.detected.mongos) + mongo_vars = merge([for m in local.mongo: { join("_",["LABEL_mongo", m.namespace, m.name]) = join(" | ",[m.namespace, m.name]) join("_",["ENGINE_mongo", m.namespace, m.name]) = "mongo@dbgate-plugin-mongo" join("_",["DATABASE_mongo", m.namespace, m.name]) = m.dbname }]...) - mongo_secrets = merge([for index, m in var.mongo: { + mongo_secrets = merge([for index, m in local.mongo: { join("_",["URL_mongo", m.namespace, m.name]) = "mongodb://${m.username}:${urlencode(data.kubernetes_secret_v1.mongos[index].data[m.secret.key])}@${join(".",["${m.name}-svc", m.namespace, "svc"])}:27017/${m.dbname}" }]...) - mongo_conns = [for m in var.mongo: join("_",["mongo", m.namespace, m.name])] + mongo_conns = [for m in local.mongo: join("_",["mongo", m.namespace, m.name])] oauth_config = { "OAUTH_AUTH" = "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/application/o/authorize/" "OAUTH_TOKEN" = "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/application/o/token/" @@ -54,8 +58,8 @@ locals { "OAUTH_SCOPE" = "email" "NODE_EXTRA_CA_CERTS" = "/etc/local-ca/ca.crt" } - connections = join(",", concat(local.pg_conns, local.maria_conns, local.mongo_conns, local.redis_conns)) - connection_vars = merge(local.pg_vars, local.maria_vars, local.mongo_vars, local.redis_vars) + connections = join(",", concat(local.pg_conns, local.ndb_conns, local.mongo_conns, local.redis_conns)) + connection_vars = merge(local.pg_vars, local.ndb_vars, local.mongo_vars, local.redis_vars) connection_secrets = merge(local.pg_secrets, local.mongo_secrets, local.redis_secrets) } @@ -81,18 +85,26 @@ resource "kubernetes_secret_v1" "dbgate-config-secret" { data "kubernetes_secret_v1" "pgs" { - count = length(var.pg) + count = length(local.pg) metadata { - name = "${var.pg[count.index].secret.name}" - namespace = "${var.pg[count.index].namespace}" + name = "${local.pg[count.index].secret.name}" + namespace = "${local.pg[count.index].namespace}" + } +} + +data "kubernetes_secret_v1" "ndbs" { + count = length(local.ndb) + metadata { + name = "${local.ndb[count.index].secret.name}" + namespace = "${local.ndb[count.index].namespace}" } } data "kubernetes_secret_v1" "mongos" { - count = length(var.mongo) + count = length(local.mongo) metadata { - name = "${var.mongo[count.index].secret.name}" - namespace = "${var.mongo[count.index].namespace}" + name = "${local.mongo[count.index].secret.name}" + namespace = "${local.mongo[count.index].namespace}" } } data "kubernetes_secret_v1" "redis" { diff --git a/apps/dbgate/index.yaml b/apps/dbgate/index.yaml index 3469f6e..7dd989a 100644 --- a/apps/dbgate/index.yaml +++ b/apps/dbgate/index.yaml @@ -12,9 +12,9 @@ options: - dev type: string domain: - default: media + default: your-company examples: - - media + - your-company type: string domain_name: default: your_company.com @@ -70,7 +70,7 @@ options: examples: - letsencrypt-prod type: string - maria: + mongo: default: [] examples: - [] @@ -99,7 +99,7 @@ options: type: string type: object type: array - mongo: + ndb: default: [] examples: - [] @@ -238,4 +238,4 @@ providers: restapi: null http: null gitea: null -tfaddtype: null +tfaddtype: true diff --git a/apps/dbgate/template.rhai b/apps/dbgate/template.rhai index 26de1d3..7cc1cf1 100644 --- a/apps/dbgate/template.rhai +++ b/apps/dbgate/template.rhai @@ -1,16 +1,16 @@ const DEST=dest; const DOMAIN = config.domain; fn post_template() { - let nss = list_namespace().items.filter(|ns| ns.metadata.name.starts_with(global::DOMAIN)).map(|ns| ns.metadata.name); + let nss = list_namespace().items.filter(|ns| ns.metadata.name.starts_with(`${global::DOMAIN}-`)).map(|ns| ns.metadata.name); let pgs = []; let rediss = []; let mongos = []; - let marias = []; + let ndbs = []; for ns in nss { let svcs = list_service(ns).items; let secrets = list_secret(ns).items; for svc in svcs { - if svc.metadata.name.ends_with("-pg-rw") { + if svc.metadata.name.ends_with("-pg-rw") && svc.spec.ports.some(|p| p.port==5432) { let basename = svc.metadata.name-"-pg-rw"; let pg_secrets = secrets.filter(|s| s.metadata.name == `${basename}-pg-app`); if pg_secrets.len>0 && basename.split("-").len>1 { @@ -29,7 +29,7 @@ fn post_template() { }; } } - if svc.metadata.name.ends_with("-mongo-svc") { + if svc.metadata.name.ends_with("-mongo-svc") && svc.spec.ports.some(|p| p.port == 27017) { let basename = svc.metadata.name-"-mongo-svc"; let mongo_secrets = secrets.filter(|s| s.metadata.name == `${basename}-mongo`); if mongo_secrets.len>0 && basename.split("-").len>1 { @@ -48,12 +48,53 @@ fn post_template() { }; } } + if svc.metadata.name.ends_with("-mysqld") && svc.spec.ports.some(|p| p.port == 3306) { + let basename = svc.metadata.name-"-mysqld"; + let ndb_secrets = secrets.filter(|s| s.metadata.name == `${basename}-mysql-app`); + if ndb_secrets.len>0 && basename.split("-").len>1 { + let tmp = (basename-"-dataset").split("-"); + let comp = tmp[tmp.len-1]; + log_info(`Found a Mysql(NDB) database ${svc.metadata.namespace} ${basename}`); + ndbs += #{ + name: svc.metadata.name, + dbname: comp, + username: comp, + namespace: svc.metadata.namespace, + secret: #{ + name: `${basename}-mysql-app`, + key: "password" + } + }; + } + } + if svc.metadata.name.ends_with("-redis") && svc.spec.ports.some(|p| p.port == 6379) { + let basename = svc.metadata.name-"-redis"; + let ndb_secrets = secrets.filter(|s| s.metadata.name == `${basename}-mysql-app`); + let tmp = (basename-"-dataset").split("-"); + let comp = tmp[tmp.len-1]; + log_info(`Found a Redis database ${svc.metadata.namespace} ${basename}`); + if comp == "authentik" { + rediss += #{ + name: svc.metadata.name, + namespace: svc.metadata.namespace, + secret: #{ + name: comp, + key: "AUTHENTIK_REDIS__PASSWORD" + } + }; + } else { + rediss += #{ + name: svc.metadata.name, + namespace: svc.metadata.namespace + }; + } + } } } save_to_tf(`${global::DEST}/detected.tf`, "detected", #{ pgs: pgs, mongos: mongos, rediss: rediss, - marias: marias + ndbs: ndbs }); } diff --git a/apps/gramo/index.yaml b/apps/gramo/index.yaml index 9ddebf9..9fbdf69 100644 --- a/apps/gramo/index.yaml +++ b/apps/gramo/index.yaml @@ -103,4 +103,4 @@ providers: restapi: true http: true gitea: null -tfaddtype: null +tfaddtype: true diff --git a/apps/gramo/rbac.tf b/apps/gramo/rbac.tf index a626cf0..5d61725 100644 --- a/apps/gramo/rbac.tf +++ b/apps/gramo/rbac.tf @@ -1,5 +1,5 @@ locals { - sorted-namespaces = reverse(distinct(sort(var.namespaces))) + sorted-namespaces = reverse(distinct(sort(concat(var.namespaces,var.detected.namespaces)))) } resource "kubectl_manifest" "gramo_sa" { yaml_body = <<-EOF diff --git a/apps/gramo/template.rhai b/apps/gramo/template.rhai new file mode 100644 index 0000000..b73b6dc --- /dev/null +++ b/apps/gramo/template.rhai @@ -0,0 +1,7 @@ +const DEST=dest; +const DOMAIN = config.domain; +fn post_template() { + save_to_tf(`${global::DEST}/detected.tf`, "detected", #{ + namespaces: list_namespace().items.filter(|ns| ns.metadata.name.starts_with(`${global::DOMAIN}-`)).map(|ns| ns.metadata.name)+[global::DOMAIN] + }); +} diff --git a/apps/okd/index.yaml b/apps/okd/index.yaml index d115036..de82b68 100644 --- a/apps/okd/index.yaml +++ b/apps/okd/index.yaml @@ -103,4 +103,4 @@ providers: restapi: true http: true gitea: null -tfaddtype: null +tfaddtype: true diff --git a/apps/okd/rbac.tf b/apps/okd/rbac.tf index 001648e..d11f28f 100644 --- a/apps/okd/rbac.tf +++ b/apps/okd/rbac.tf @@ -1,5 +1,5 @@ locals { - sorted-namespaces = reverse(distinct(sort(var.namespaces))) + sorted-namespaces = reverse(distinct(sort(concat(var.namespaces,var.detected.namespaces)))) } resource "kubectl_manifest" "okd_sa" { yaml_body = <<-EOF diff --git a/apps/okd/template.rhai b/apps/okd/template.rhai new file mode 100644 index 0000000..b73b6dc --- /dev/null +++ b/apps/okd/template.rhai @@ -0,0 +1,7 @@ +const DEST=dest; +const DOMAIN = config.domain; +fn post_template() { + save_to_tf(`${global::DEST}/detected.tf`, "detected", #{ + namespaces: list_namespace().items.filter(|ns| ns.metadata.name.starts_with(`${global::DOMAIN}-`)).map(|ns| ns.metadata.name)+[global::DOMAIN] + }); +} diff --git a/meta/domain-devspaces/apps.tf b/meta/domain-devspaces/apps.tf index 799fa99..6998638 100644 --- a/meta/domain-devspaces/apps.tf +++ b/meta/domain-devspaces/apps.tf @@ -49,147 +49,19 @@ locals { "domain_name" = "devtools.${var.domain_name}" "app_group" = "dev" }) - okd = merge(local.global-apps,{ - "namespaces" = concat([ - for station in local.sorted-station-names: "${var.domain}-devspaces-${station}" - ],flatten([ - for org in local.sorted-organisations:[ - for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}" - ] - ]) - ) - }, { for k, v in var.apps.okd : k => v if !contains(["enable","storage","backups"],k) },{ + okd = merge(local.global-apps, { for k, v in var.apps.okd : k => v if !contains(["enable","storage","backups"],k) },{ backups = merge(local.global-backups, lookup(var.apps.okd, "backups", {})) storage = merge({ for k, v in lookup(var.apps.okd, "storage", {}) : k => v if !contains(["volume"],k) }, { volume = merge(local.global-volume, lookup(lookup(var.apps.okd, "storage", {}), "volume", {})) }) }) - gramo = merge(local.global-apps, { - "namespaces" = concat([ - for station in local.sorted-station-names: "${var.domain}-devspaces-${station}" - ],flatten([ - for org in local.sorted-organisations:[ - for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}" - ] - ]) - ) - }, { for k, v in var.apps.gramo : k => v if !contains(["enable","storage","backups"],k) },{ + gramo = merge(local.global-apps, { for k, v in var.apps.gramo : k => v if !contains(["enable","storage","backups"],k) },{ backups = merge(local.global-backups, lookup(var.apps.gramo, "backups", {})) storage = merge({ for k, v in lookup(var.apps.gramo, "storage", {}) : k => v if !contains(["volume"],k) }, { volume = merge(local.global-volume, lookup(lookup(var.apps.gramo, "storage", {}), "volume", {})) }) }) - dbgate = merge(local.global-apps, { - "namespaces" = concat([ - for station in local.sorted-station-names: "${var.domain}-devspaces-${station}" - ],flatten([ - for org in local.sorted-organisations:[ - for stage in reverse(distinct(sort([for s in lookup(org, "stages", []): s.name]))): "${var.domain}-org-${org.name}-${stage}" - ] - ]) - ) - }, { - "pg" = concat( - flatten([for ds in local.sorted-datasets: [for db in lookup(ds, "databases", []): { - "name" = "${ds.name}-dataset-pg" - "namespace" = ds.namespace - "dbname" = db.name - "username" = db.name - "secret" = { - "name" = "${ds.name}-dataset-pg-${db.name}" - "key" = "POSGRESQL_PASSWORD" - } - }] if ds.engine=="pg"]), - flatten([for ds in local.sorted-datasets: { - "name" = "${ds.name}-dataset-pg" - "namespace" = ds.namespace - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-pg-app" - "key" = "password" - } - } if ds.engine=="pg"]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): flatten([for ds in org.datasets: [for db in lookup(ds, "databases", []):{ - "name" = "${ds.name}-dataset-pg" - "namespace" = "${var.domain}-org-${org.name}-${stage.name}" - "dbname" = db.name - "username" = db.name - "secret" = { - "name" = "${ds.name}-dataset-pg-${db.name}" - "key" = "POSGRESQL_PASSWORD" - } - }] if ds.engine=="pg"])])]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): flatten([for ds in org.datasets: { - "name" = "${ds.name}-dataset-pg" - "namespace" = "${var.domain}-org-${org.name}-${stage.name}" - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-pg-app" - "key" = "password" - } - } if ds.engine=="pg"])])]), - var.external-pgs - ) - "maria" = concat( - flatten([for ds in local.sorted-datasets: { - "name" = "${ds.name}-dataset-maria" - "namespace" = ds.namespace - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-maria" - "key" = "password" - } - } if ds.engine=="maria"]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: { - "name" = "${ds.name}-dataset-maria" - "namespace" = "${var.domain}-org-${org.name}-${stage.name}" - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-maria" - "key" = "password" - } - } if ds.engine=="maria"]])]), - var.external-marias - ) - "mongo" = concat( - flatten([for ds in local.sorted-datasets: { - "name" = "${ds.name}-dataset-mongo" - "namespace" = ds.namespace - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-mongo" - "key" = "password" - } - } if ds.engine=="mongo"]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: { - "name" = "${ds.name}-dataset-mongo" - "namespace" = "${var.domain}-org-${org.name}-${stage.name}" - "dbname" = ds.name - "username" = ds.name - "secret" = { - "name" = "${ds.name}-dataset-mongo" - "key" = "password" - } - } if ds.engine=="mongo"]])]), - var.external-mongos - ) - "redis" = concat( - flatten([for ds in local.sorted-datasets: { - "name" = "${ds.name}-dataset-redis" - "namespace" = ds.namespace - } if ds.engine=="mongo"]), - flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: { - "name" = "${ds.name}-dataset-redis" - "namespace" = "${var.domain}-org-${org.name}-${stage.name}" - } if ds.engine=="mongo"]])]), - var.external-redis - ) - }, { for k, v in var.apps.dbgate : k => v if !contains(["enable","storage","backups"],k) },{ + dbgate = merge(local.global-apps, { for k, v in var.apps.dbgate : k => v if !contains(["enable","storage","backups"],k) },{ backups = merge(local.global-backups, lookup(var.apps.dbgate, "backups", {})) storage = merge({ for k, v in lookup(var.apps.dbgate, "storage", {}) : k => v if !contains(["volume"],k) }, { volume = merge(local.global-volume, lookup(lookup(var.apps.dbgate, "storage", {}), "volume", {})) diff --git a/meta/domain/installs.tf b/meta/domain/installs.tf index e1316ad..fc2e494 100644 --- a/meta/domain/installs.tf +++ b/meta/domain/installs.tf @@ -71,7 +71,7 @@ locals { }) # Force install authentik and it's modules when any are needed - use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable) + use-ldap = var.erp.enable && var.erp.dolibarr.enable use-forward = var.infra.enable && var.infra.traefik.enable use-other-auth = false added-auth-ldap = local.use-ldap?{ @@ -100,73 +100,6 @@ locals { "divisions" = [] } } - devspaces-custom = { - external-pgs = concat(var.erp.enable&&var.erp.dolibarr.enable?[{ - "name" = "dolibarr-dolibarr-pg" - "dbname" = "dolibarr" - "username" = "dolibarr" - "namespace" = "${var.namespace}-erp" - "secret" = { - "name" = "dolibarr-dolibarr-pg-app" - "key" = "password" - } - }]:[], var.apps.enable&&var.apps.nextcloud.enable?[{ - "name" = "nextcloud-nextcloud-pg" - "dbname" = "nextcloud" - "username" = "nextcloud" - "namespace" = "${var.namespace}-files" - "secret" = { - "name" = "nextcloud-nextcloud-pg-app" - "key" = "password" - } - }]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{ - "name" = "authentik-authentik-pg" - "dbname" = "authentik" - "username" = "authentik" - "namespace" = "${var.namespace}-auth" - "secret" = { - "name" = "authentik-authentik-pg-app" - "key" = "password" - } - }]:[], var.ci.enable&&var.ci.gitea.enable?[{ - "name" = "gitea-gitea-pg" - "dbname" = "gitea" - "username" = "gitea" - "namespace" = "${var.namespace}-ci" - "secret" = { - "name" = "gitea-gitea-pg-app" - "key" = "password" - } - }]:[], lookup(var.devspaces, "external-pgs", [])) - external-mongos = concat(var.mail.enable&&var.mail.wildduck.enable?[{ - "name" = "wildduck-wildduck-mongo" - "dbname" = "wildduck" - "username" = "wildduck" - "namespace" = "${var.namespace}-mail" - "secret" = { - "name" = "wildduck-wildduck-mongo" - "key" = "password" - } - }]:[], lookup(var.devspaces, "external-mongos", [])) - external-redis = concat(var.mail.enable&&var.mail.wildduck.enable?[{ - "name" = "wildduck-wildduck-redis" - "namespace" = "${var.namespace}-mail" - }]:[], var.auth.enable&&lookup(lookup(merge(var.auth,local.added-auth), "authentik",{}),"enable",false)?[{ - "name" = "authentik-authentik-redis" - "namespace" = "${var.namespace}-auth" - "secret" = { - "name" = "authentik" - "key" = "AUTHENTIK_REDIS__PASSWORD" - } - }]:[], var.erp.enable&&var.erp.dolibarr.enable?[{ - "name" = "dolibarr-dolibarr-redis" - "namespace" = "${var.namespace}-erp" - }]:[], var.apps.enable&&var.apps.nextcloud.enable?[{ - "name" = "nextcloud-nextcloud-redis" - "namespace" = "${var.namespace}-files" - }]:[], lookup(var.devspaces, "external-redis", [])) - "haveGitea" = var.ci.enable && var.ci.gitea.enable - } } resource "kubectl_manifest" "auth" { @@ -294,6 +227,6 @@ resource "kubectl_manifest" "devspaces" { distrib: "${var.distributions.domain}" category: "meta" component: "domain-devspaces" - options: ${jsonencode(merge(local.devspaces, local.devspaces-custom))} + options: ${jsonencode(local.devspaces)} EOF }