diff --git a/main.tf b/main.tf index d2971e1a..a3f29a2b 100644 --- a/main.tf +++ b/main.tf @@ -5,77 +5,246 @@ * */ +resource "kubernetes_service" "service" { + for_each = var.service + + metadata { + name = local.service[each.key].metadata.name == "" ? each.key : local.service[each.key].metadata.name + namespace = local.service[each.key].metadata.namespace + annotations = local.service[each.key].metadata.annotations + generate_name = local.service[each.key].metadata.generate_name + labels = local.service[each.key].metadata.labels + } + spec { + allocate_load_balancer_node_ports = local.service[each.key].spec.allocate_load_balancer_node_ports + cluster_ip = local.service[each.key].spec.cluster_ip + cluster_ips = local.service[each.key].spec.cluster_ips + external_ips = local.service[each.key].spec.external_ips + external_name = local.service[each.key].spec.external_name + external_traffic_policy = local.service[each.key].spec.external_traffic_policy + ip_families = local.service[each.key].spec.ip_families + ip_family_policy = local.service[each.key].spec.ip_family_policy + internal_traffic_policy = local.service[each.key].spec.internal_traffic_policy + load_balancer_class = local.service[each.key].spec.load_balancer_class + load_balancer_ip = local.service[each.key].spec.load_balancer_ip + load_balancer_source_ranges = local.service[each.key].spec.load_balancer_source_ranges + publish_not_ready_addresses = local.service[each.key].spec.publish_not_ready_addresses + selector = local.service[each.key].spec.selector + type = local.service[each.key].spec.type + health_check_node_port = local.service[each.key].spec.health_check_node_port + session_affinity = local.service[each.key].spec.session_affinity + + dynamic "port" { + for_each = local.service[each.key].spec.port + + content { + name = local.service[each.key].spec.port[port.key].name == "" ? port.key : local.service[each.key].spec.port[port.key].name + app_protocol = local.service[each.key].spec.port[port.key].app_protocol + node_port = local.service[each.key].spec.port[port.key].node_port + port = local.service[each.key].spec.port[port.key].port + protocol = local.service[each.key].spec.port[port.key].protocol + target_port = local.service[each.key].spec.port[port.key].target_port + } + } + + dynamic "session_affinity_config" { + for_each = local.service[each.key].spec.session_affinity_config.client_ip.timeout_seconds != null ? [1] : [] + + content { + client_ip { + timeout_seconds = local.service[each.key].spec.session_affinity_config.client_ip.timeout_seconds + } + } + } + } + wait_for_load_balancer = local.service[each.key].wait_for_load_balancer +} + resource "kubernetes_service_account" "service_account" { - for_each = var.kubernetes_service_account + for_each = var.service_account metadata { - name = local.kubernetes_service_account[each.key].metadata.name == "" ? each.key : local.kubernetes_service_account[each.key].metadata.name - namespace = local.kubernetes_service_account[each.key].metadata.namespace - annotations = local.kubernetes_service_account[each.key].metadata.annotations - generate_name = local.kubernetes_service_account[each.key].metadata.generate_name - labels = local.kubernetes_service_account[each.key].metadata.labels + name = local.service_account[each.key].metadata.name == "" ? each.key : local.service_account[each.key].metadata.name + namespace = local.service_account[each.key].metadata.namespace + annotations = local.service_account[each.key].metadata.annotations + generate_name = local.service_account[each.key].metadata.generate_name + labels = local.service_account[each.key].metadata.labels } - automount_service_account_token = local.kubernetes_service_account[each.key].automount_service_account_token + automount_service_account_token = local.service_account[each.key].automount_service_account_token } resource "kubernetes_cluster_role_binding" "cluster_role_binding" { - for_each = var.kubernetes_cluster_role_binding + for_each = var.cluster_role_binding + + metadata { + name = local.cluster_role_binding[each.key].metadata.name == "" ? each.key : local.cluster_role_binding[each.key].metadata.name + annotations = local.cluster_role_binding[each.key].metadata.annotations + #generate_name = local.cluster_role_binding[each.key].metadata.generate_name + labels = local.cluster_role_binding[each.key].metadata.labels + } + + role_ref { + name = local.cluster_role_binding[each.key].role_ref.name + kind = local.cluster_role_binding[each.key].role_ref.kind + api_group = local.cluster_role_binding[each.key].role_ref.api_group + } + + dynamic "subject" { + for_each = local.cluster_role_binding[each.key].subject + + content { + name = local.cluster_role_binding[each.key].subject[subject.key].name == "" ? each.key : local.cluster_role_binding[each.key].subject[subject.key].name + namespace = local.cluster_role_binding[each.key].subject[subject.key].namespace + kind = local.cluster_role_binding[each.key].subject[subject.key].kind + api_group = local.cluster_role_binding[each.key].subject[subject.key].api_group + } + } +} + +resource "kubernetes_role_binding" "role_binding" { + for_each = var.role_binding metadata { - name = local.kubernetes_cluster_role_binding[each.key].metadata.name == "" ? each.key : local.kubernetes_cluster_role_binding[each.key].metadata.name + name = local.role_binding[each.key].metadata.name == "" ? each.key : local.role_binding[each.key].metadata.name + namespace = local.role_binding[each.key].metadata.namespace + annotations = local.role_binding[each.key].metadata.annotations + #generate_name = local.role_binding[each.key].metadata.generate_name + labels = local.role_binding[each.key].metadata.labels } role_ref { - api_group = local.kubernetes_cluster_role_binding[each.key].role_ref.api_group - kind = local.kubernetes_cluster_role_binding[each.key].role_ref.kind - name = local.kubernetes_cluster_role_binding[each.key].role_ref.name + name = local.role_binding[each.key].role_ref.name + kind = local.role_binding[each.key].role_ref.kind + api_group = local.role_binding[each.key].role_ref.api_group } - subject { - kind = local.kubernetes_cluster_role_binding[each.key].subject.kind - name = local.kubernetes_cluster_role_binding[each.key].subject.name - namespace = local.kubernetes_cluster_role_binding[each.key].subject.namespace + + dynamic "subject" { + for_each = local.role_binding[each.key].subject + + content { + name = local.role_binding[each.key].subject[subject.key].name == "" ? each.key : local.role_binding[each.key].subject[subject.key].name + namespace = local.role_binding[each.key].subject[subject.key].namespace + kind = local.role_binding[each.key].subject[subject.key].kind + api_group = local.role_binding[each.key].subject[subject.key].api_group + } } } resource "kubernetes_namespace" "namespace" { - for_each = var.kubernetes_namespace + for_each = var.namespace metadata { - name = local.kubernetes_namespace[each.key].metadata.name == "" ? each.key : local.kubernetes_namespace[each.key].metadata.name - annotations = local.kubernetes_namespace[each.key].metadata.annotations - generate_name = local.kubernetes_namespace[each.key].metadata.generate_name - labels = local.kubernetes_namespace[each.key].metadata.labels + name = local.namespace[each.key].metadata.name == "" ? each.key : local.namespace[each.key].metadata.name + annotations = local.namespace[each.key].metadata.annotations + generate_name = local.namespace[each.key].metadata.generate_name + labels = local.namespace[each.key].metadata.labels } } resource "kubernetes_secret" "secret" { - for_each = var.kubernetes_secret + for_each = var.secret metadata { - name = local.kubernetes_secret[each.key].metadata.name == "" ? each.key : local.kubernetes_secret[each.key].metadata.name - namespace = local.kubernetes_secret[each.key].metadata.namespace - annotations = local.kubernetes_secret[each.key].metadata.annotations - generate_name = local.kubernetes_secret[each.key].metadata.generate_name - labels = local.kubernetes_secret[each.key].metadata.labels + name = local.secret[each.key].metadata.name == "" ? each.key : local.secret[each.key].metadata.name + namespace = local.secret[each.key].metadata.namespace + annotations = local.secret[each.key].metadata.annotations + generate_name = local.secret[each.key].metadata.generate_name + labels = local.secret[each.key].metadata.labels } - data = local.kubernetes_secret[each.key].data - binary_data = local.kubernetes_secret[each.key].binary_data - type = local.kubernetes_secret[each.key].type - immutable = local.kubernetes_secret[each.key].immutable + data = local.secret[each.key].data + binary_data = local.secret[each.key].binary_data + type = local.secret[each.key].type + immutable = local.secret[each.key].immutable } resource "kubernetes_config_map" "config_map" { - for_each = var.kubernetes_config_map + for_each = var.config_map + + metadata { + name = local.config_map[each.key].metadata.name == "" ? each.key : local.config_map[each.key].metadata.name + namespace = local.config_map[each.key].metadata.namespace + annotations = local.config_map[each.key].metadata.annotations + generate_name = local.config_map[each.key].metadata.generate_name + labels = local.config_map[each.key].metadata.labels + } + + data = local.config_map[each.key].data + binary_data = local.config_map[each.key].binary_data +} + +resource "kubernetes_storage_class" "storage_class" { + for_each = var.storage_class + + metadata { + name = local.storage_class[each.key].metadata.name == "" ? each.key : local.storage_class[each.key].metadata.name + annotations = local.storage_class[each.key].metadata.annotations + generate_name = local.storage_class[each.key].metadata.generate_name + labels = local.storage_class[each.key].metadata.labels + } + + parameters = local.storage_class[each.key].parameters + storage_provisioner = local.storage_class[each.key].storage_provisioner + reclaim_policy = local.storage_class[each.key].reclaim_policy + volume_binding_mode = local.storage_class[each.key].volume_binding_mode + allow_volume_expansion = local.storage_class[each.key].allow_volume_expansion + mount_options = local.storage_class[each.key].mount_options + + dynamic "allowed_topologies" { + for_each = local.storage_class[each.key].allowed_topologies.match_label_expressions != {} ? [1] : [] + + content { + dynamic "match_label_expressions" { + for_each = local.storage_class[each.key].allowed_topologies.match_label_expressions + + content { + key = local.storage_class[each.key].allowed_topologies.match_label_expressions[each.key] + values = local.storage_class[each.key].allowed_topologies.match_label_expressions[each.value] + } + } + } + } +} + +resource "kubernetes_persistent_volume_claim" "persistent_volume_claim" { + for_each = var.persistent_volume_claim metadata { - name = local.kubernetes_config_map[each.key].metadata.name == "" ? each.key : local.kubernetes_config_map[each.key].metadata.name - namespace = local.kubernetes_config_map[each.key].metadata.namespace - annotations = local.kubernetes_config_map[each.key].metadata.annotations - generate_name = local.kubernetes_config_map[each.key].metadata.generate_name - labels = local.kubernetes_config_map[each.key].metadata.labels + name = local.persistent_volume_claim[each.key].metadata.name == "" ? each.key : local.persistent_volume_claim[each.key].metadata.name + namespace = local.persistent_volume_claim[each.key].metadata.namespace + annotations = local.persistent_volume_claim[each.key].metadata.annotations + generate_name = local.persistent_volume_claim[each.key].metadata.generate_name + labels = local.persistent_volume_claim[each.key].metadata.labels } - data = local.kubernetes_config_map[each.key].data - binary_data = local.kubernetes_config_map[each.key].binary_data + spec { + access_modes = local.persistent_volume_claim[each.key].spec.access_modes + volume_name = local.persistent_volume_claim[each.key].spec.volume_name + storage_class_name = local.persistent_volume_claim[each.key].spec.storage_class_name + + resources { + limits = local.persistent_volume_claim[each.key].spec.resources.limits + requests = local.persistent_volume_claim[each.key].spec.resources.requests + } + + dynamic "selector" { + for_each = compact([ + local.persistent_volume_claim[each.key].spec.selector.match_labels, + local.persistent_volume_claim[each.key].spec.selector.match_expressions.key, + local.persistent_volume_claim[each.key].spec.selector.match_expressions.operator, + local.persistent_volume_claim[each.key].spec.selector.match_expressions.values + ]) + + content { + match_labels = local.persistent_volume_claim[each.key].spec.selector.match_labels + + match_expressions { + key = local.persistent_volume_claim[each.key].spec.selector.match_expressions.key + operator = local.persistent_volume_claim[each.key].spec.selector.match_expressions.operator + values = local.persistent_volume_claim[each.key].spec.selector.match_expressions.values + } + } + } + } + wait_until_bound = local.persistent_volume_claim[each.key].wait_until_bound } diff --git a/outputs.tf b/outputs.tf index b93e5cd6..e24b9903 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,3 +1,43 @@ +output "service" { + description = "kubernetes_service results" + value = { + for service in keys(kubernetes_service.service) : + service => { + metadata = kubernetes_service.service[service].metadata + } + } +} + +output "service_account" { + description = "kubernetes_service_account results" + value = { + for service_account in keys(kubernetes_service_account.service_account) : + service_account => { + metadata = kubernetes_service_account.service_account[service_account].metadata + } + } +} + +output "role_binding" { + description = "kubernetes_role_binding results" + value = { + for role_binding in keys(kubernetes_role_binding.role_binding) : + role_binding => { + metadata = kubernetes_role_binding.role_binding[role_binding].metadata + } + } +} + +output "cluster_role_binding" { + description = "kubernetes_cluster_role_binding results" + value = { + for cluster_role_binding in keys(kubernetes_cluster_role_binding.cluster_role_binding) : + cluster_role_binding => { + metadata = kubernetes_cluster_role_binding.cluster_role_binding[cluster_role_binding].metadata + } + } +} + output "namespace" { description = "kubernetes_namespace results" value = { @@ -7,3 +47,44 @@ output "namespace" { } } } + +output "secret" { + description = "kubernetes_secret results" + value = { + for secret in keys(kubernetes_secret.secret) : + secret => { + metadata = kubernetes_secret.secret[secret].metadata + } + } +} + +output "config_map" { + description = "kubernetes_config_map results" + value = { + for config_map in keys(kubernetes_config_map.config_map) : + config_map => { + metadata = kubernetes_config_map.config_map[config_map].metadata + data = kubernetes_config_map.config_map[config_map].data + } + } +} + +output "storage_class" { + description = "kubernetes_storage_class results" + value = { + for storage_class in keys(kubernetes_storage_class.storage_class) : + storage_class => { + metadata = kubernetes_storage_class.storage_class[storage_class].metadata + } + } +} + +output "persistent_volume_claim" { + description = "kubernetes_persistent_volume_claim results" + value = { + for persistent_volume_claim in keys(kubernetes_persistent_volume_claim.persistent_volume_claim) : + persistent_volume_claim => { + metadata = kubernetes_persistent_volume_claim.persistent_volume_claim[persistent_volume_claim].metadata + } + } +} diff --git a/variables.tf b/variables.tf index 6b0156fa..1b382394 100644 --- a/variables.tf +++ b/variables.tf @@ -1,24 +1,44 @@ -variable "kubernetes_service_account" { +variable "service" { type = any default = {} description = "resource definition, default settings are defined within locals and merged with var settings" } -variable "kubernetes_cluster_role_binding" { +variable "service_account" { type = any default = {} description = "resource definition, default settings are defined within locals and merged with var settings" } -variable "kubernetes_namespace" { +variable "role_binding" { type = any default = {} description = "resource definition, default settings are defined within locals and merged with var settings" } -variable "kubernetes_secret" { +variable "cluster_role_binding" { type = any default = {} description = "resource definition, default settings are defined within locals and merged with var settings" } -variable "kubernetes_config_map" { +variable "namespace" { + type = any + default = {} + description = "resource definition, default settings are defined within locals and merged with var settings" +} +variable "secret" { + type = any + default = {} + description = "resource definition, default settings are defined within locals and merged with var settings" +} +variable "config_map" { + type = any + default = {} + description = "resource definition, default settings are defined within locals and merged with var settings" +} +variable "storage_class" { + type = any + default = {} + description = "resource definition, default settings are defined within locals and merged with var settings" +} +variable "persistent_volume_claim" { type = any default = {} description = "resource definition, default settings are defined within locals and merged with var settings" @@ -27,7 +47,48 @@ variable "kubernetes_config_map" { locals { default = { # resource definition - kubernetes_service_account = { + service = { + metadata = { + name = "" + namespace = null + annotations = null + generate_name = null + labels = null + } + spec = { + allocate_load_balancer_node_ports= null + cluster_ip = null + cluster_ips = null + external_ips = null + external_name = null + external_traffic_policy = null + ip_families = null + ip_family_policy = null + internal_traffic_policy= null + load_balancer_class= null + load_balancer_ip = null + load_balancer_source_ranges= null + publish_not_ready_addresses = null + selector = null + type = null + health_check_node_port = null + session_affinity = "None" + port = { + name = "" + app_protocol= null + node_port= null + protocol= "TCP" + target_port= null + } + session_affinity_config = { + client_ip = { + timeout_seconds = null + } + } + } + wait_for_load_balancer = true + } + service_account = { metadata = { name = "" namespace = "kube-system" @@ -37,21 +98,43 @@ locals { } automount_service_account_token = true } - kubernetes_cluster_role_binding = { + cluster_role_binding = { metadata = { name = "" + annotations = null + generate_name = null + labels = null } role_ref = { + kind = "ClusterRole" api_group = "rbac.authorization.k8s.io" + } + subject = { + name = "" + namespace = null + kind = "ServiceAccount" + api_group = null + } + } + role_binding = { + metadata = { + name = "" + annotations = null + generate_name = null + labels = null + } + role_ref = { kind = "ClusterRole" - name = "cluster-admin" + api_group = "rbac.authorization.k8s.io" } subject = { + name = "" + namespace = null kind = "ServiceAccount" - namespace = "kube-system" + api_group = "rbac.authorization.k8s.io" } } - kubernetes_namespace = { + namespace = { metadata = { name = "" annotations = null @@ -59,7 +142,7 @@ locals { labels = null } } - kubernetes_secret = { + secret = { metadata = { name = "" namespace = null @@ -72,7 +155,7 @@ locals { type = null immutable = null } - kubernetes_config_map = { + config_map = { metadata = { name = "" namespace = null @@ -83,79 +166,227 @@ locals { data = null binary_data = null } + storage_class = { + metadata = { + name = "" + annotations = null + generate_name = null + labels = null + } + parameters= null + reclaim_policy= null + volume_binding_mode = null + allow_volume_expansion = null + mount_options = null + allowed_topologies = { + match_label_expressions = {} + } + } + persistent_volume_claim = { + metadata = { + name = "" + namespace = null + annotations = null + generate_name = null + labels = null + } + spec = { + volume_name = null + storage_class_name = null + resources = { + limits = null + requests = null + } + selector = { + match_expressions = { + key = null + operator = null + values = null + } + match_labels = null + } + } + wait_until_bound = null + } } # compare and merge custom and default values - kubernetes_service_account_values = { - for kubernetes_service_account in keys(var.kubernetes_service_account) : - kubernetes_service_account => merge(local.default.kubernetes_service_account, var.kubernetes_service_account[kubernetes_service_account]) + service_values = { + for service in keys(var.service) : + service => merge(local.default.service, var.service[service]) + } + service_account_values = { + for service_account in keys(var.service_account) : + service_account => merge(local.default.service_account, var.service_account[service_account]) } - kubernetes_cluster_role_binding_values = { - for kubernetes_cluster_role_binding in keys(var.kubernetes_cluster_role_binding) : - kubernetes_cluster_role_binding => merge(local.default.kubernetes_cluster_role_binding, var.kubernetes_cluster_role_binding[kubernetes_cluster_role_binding]) + role_binding_values = { + for role_binding in keys(var.role_binding) : + role_binding => merge(local.default.role_binding, var.role_binding[role_binding]) } - kubernetes_namespace_values = { - for kubernetes_namespace in keys(var.kubernetes_namespace) : - kubernetes_namespace => merge(local.default.kubernetes_namespace, var.kubernetes_namespace[kubernetes_namespace]) + cluster_role_binding_values = { + for cluster_role_binding in keys(var.cluster_role_binding) : + cluster_role_binding => merge(local.default.cluster_role_binding, var.cluster_role_binding[cluster_role_binding]) } - kubernetes_secret_values = { - for kubernetes_secret in keys(var.kubernetes_secret) : - kubernetes_secret => merge(local.default.kubernetes_secret, var.kubernetes_secret[kubernetes_secret]) + namespace_values = { + for namespace in keys(var.namespace) : + namespace => merge(local.default.namespace, var.namespace[namespace]) } - kubernetes_config_map_values = { - for kubernetes_config_map in keys(var.kubernetes_config_map) : - kubernetes_config_map => merge(local.default.kubernetes_config_map, var.kubernetes_config_map[kubernetes_config_map]) + secret_values = { + for secret in keys(var.secret) : + secret => merge(local.default.secret, var.secret[secret]) + } + config_map_values = { + for config_map in keys(var.config_map) : + config_map => merge(local.default.config_map, var.config_map[config_map]) + } + storage_class_values = { + for storage_class in keys(var.storage_class) : + storage_class => merge(local.default.storage_class, var.storage_class[storage_class]) + } + persistent_volume_claim_values = { + for persistent_volume_claim in keys(var.persistent_volume_claim) : + persistent_volume_claim => merge(local.default.persistent_volume_claim, var.persistent_volume_claim[persistent_volume_claim]) } # merge all custom and default values - kubernetes_service_account = { - for kubernetes_service_account in keys(var.kubernetes_service_account) : - kubernetes_service_account => merge( - local.kubernetes_service_account_values[kubernetes_service_account], + service = { + for service in keys(var.service) : + service => merge( + local.service_values[service], { for config in ["metadata"] : - config => merge(local.default.kubernetes_service_account[config], local.kubernetes_service_account_values[kubernetes_service_account][config]) + config => merge(local.default.service[config], local.service_values[service][config]) + }, + { + for config in ["spec"] : + config => merge( + merge(local.default.service[config], local.service_values[service][config]), + { + for subconfig in ["session_affinity_config"] : + subconfig => merge( + local.default.service[config][subconfig], + merge(local.default.service[config], local.service_values[service][config])[subconfig] + ) + }, + { + for subconfig in ["port"] : + subconfig => { + for key in keys(local.service_values[service][config][subconfig]) : + key => merge( + local.default.service[config][subconfig], + merge(local.default.service[config], local.service_values[service][config])[subconfig][key] + ) + } + } + ) } ) } - kubernetes_cluster_role_binding = { - for kubernetes_cluster_role_binding in keys(var.kubernetes_cluster_role_binding) : - kubernetes_cluster_role_binding => merge( - local.kubernetes_cluster_role_binding_values[kubernetes_cluster_role_binding], + service_account = { + for service_account in keys(var.service_account) : + service_account => merge( + local.service_account_values[service_account], { - for config in ["metadata", "role_ref", "subject"] : - config => merge(local.default.kubernetes_cluster_role_binding[config], local.kubernetes_cluster_role_binding_values[kubernetes_cluster_role_binding][config]) + for config in ["metadata"] : + config => merge(local.default.service_account[config], local.service_account_values[service_account][config]) } ) } - kubernetes_namespace = { - for kubernetes_namespace in keys(var.kubernetes_namespace) : - kubernetes_namespace => merge( - local.kubernetes_namespace_values[kubernetes_namespace], + role_binding = { + for role_binding in keys(var.role_binding) : + role_binding => merge( + local.role_binding_values[role_binding], + { + for config in ["metadata", "role_ref"] : + config => merge(local.default.role_binding[config], local.role_binding_values[role_binding][config]) + }, + { + for config in ["subject"] : + config => { + for key in keys(local.role_binding_values[role_binding][config]) : + key => merge(local.default.role_binding[config], local.role_binding_values[role_binding][config][key]) + } + } + ) + } + cluster_role_binding = { + for cluster_role_binding in keys(var.cluster_role_binding) : + cluster_role_binding => merge( + local.cluster_role_binding_values[cluster_role_binding], + { + for config in ["metadata", "role_ref"] : + config => merge(local.default.cluster_role_binding[config], local.cluster_role_binding_values[cluster_role_binding][config]) + }, + { + for config in ["subject"] : + config => { + for key in keys(local.cluster_role_binding_values[cluster_role_binding][config]) : + key => merge(local.default.cluster_role_binding[config], local.cluster_role_binding_values[cluster_role_binding][config][key]) + } + } + ) + } + namespace = { + for namespace in keys(var.namespace) : + namespace => merge( + local.namespace_values[namespace], + { + for config in ["metadata"] : + config => merge(local.default.namespace[config], local.namespace_values[namespace][config]) + } + ) + } + secret = { + for secret in keys(var.secret) : + secret => merge( + local.secret_values[secret], { for config in ["metadata"] : - config => merge(local.default.kubernetes_namespace[config], local.kubernetes_namespace_values[kubernetes_namespace][config]) + config => merge(local.default.secret[config], local.secret_values[secret][config]) } ) } - kubernetes_secret = { - for kubernetes_secret in keys(var.kubernetes_secret) : - kubernetes_secret => merge( - local.kubernetes_secret_values[kubernetes_secret], + config_map = { + for config_map in keys(var.config_map) : + config_map => merge( + local.config_map_values[config_map], { for config in ["metadata"] : - config => merge(local.default.kubernetes_secret[config], local.kubernetes_secret_values[kubernetes_secret][config]) + config => merge(local.default.config_map[config], local.config_map_values[config_map][config]) } ) } - kubernetes_config_map = { - for kubernetes_config_map in keys(var.kubernetes_config_map) : - kubernetes_config_map => merge( - local.kubernetes_config_map_values[kubernetes_config_map], + storage_class = { + for storage_class in keys(var.storage_class) : + storage_class => merge( + local.storage_class_values[storage_class], { for config in ["metadata"] : - config => merge(local.default.kubernetes_config_map[config], local.kubernetes_config_map_values[kubernetes_config_map][config]) + config => merge(local.default.storage_class[config], local.storage_class_values[storage_class][config]) + } + ) + } + persistent_volume_claim = { + for persistent_volume_claim in keys(var.persistent_volume_claim) : + persistent_volume_claim => merge( + local.persistent_volume_claim_values[persistent_volume_claim], + { + for config in ["metadata"] : + config => merge(local.default.persistent_volume_claim[config], local.persistent_volume_claim_values[persistent_volume_claim][config]) + }, + { + for config in ["spec"] : + config => merge( + local.default.persistent_volume_claim[config], + local.persistent_volume_claim_values[persistent_volume_claim][config], + { + resources = merge( + local.default.persistent_volume_claim[config].resources, local.persistent_volume_claim_values[persistent_volume_claim][config].resources + ) + } + ) } ) } } +