ACM: Wait for gatekeeper & Hub: expose module_depends_on #689
Conversation
cloud-pharaoh
requested review from
bharathkkb,
Jberlinsky and
a team
as code owners
|
Thanks for the PR! 🚀 |
| kubectl --context "$1" -n "$2" get deploy "$3" &> /dev/null | ||
| export exit_code=$? | ||
| done | ||
| echo -e "Deployment $3 in cluster $1 created." |
There was a problem hiding this comment.
Can we not just do kubectl wait --for=condition=available --timeout=600s deployment/foo
There was a problem hiding this comment.
I tested a few times with kubectl wait and it did not work. There were other issues as well so it might not have been the most scientific testing strategy :) I can go back and test it if you think it is cleaner.
I ended up leaving it in as the service one required a "custom" check.
There was a problem hiding this comment.
I think we should try for the native wait if possible, although not a blocker. Yeah unfortunately we cant do that for svc.
Can you explain more about issues? I'm a little hesitant about why we need to solve this in the Terraform module. |
|
Resolved offline - this change LGTM assuming @bharathkkb signs off. |
|
@bharathkkb Any reason not to merge? |
feat: ACM - Wait for gatekeeper & Hub: expose module_depends_on (terraform-google-modules#689)
…aform-google-modules#689) * wait for gatekeeper if policy controller is enabled * destroy command * forgot the var * use deployment ready * add context * more wait * webhook * depends_on * concat modules * depends on * terraform format * update docs * shell check
While using the hub submodule we ran into issues where if ACM was installed on a cluster with policy controller enabled (currently default behavior), gatekeeper would cause issues if it were not ready prior to hub registration or ASM install.
This PR does the following:
kubectl_wrapperto ACM module with await_for_gatekeeper.shscript that ensures that the deployment and service that cause issues with ASM and Hub are ready.