mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-15 17:51:01 +00:00
51532ca8a1
Migrate azure e2e tests to use the new TFC_* secrets which are provisioned through external-secrets/infrastructure. Also enable the use of `/ok-to-test-managed provider=azure` command to run e2e managed tests that verify integration with AKS and Azure Workload Identity (AZWI). Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
35 lines
1.3 KiB
HCL
35 lines
1.3 KiB
HCL
terraform {
|
|
required_providers {
|
|
azuread = {
|
|
source = "hashicorp/azuread"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "azurerm" {
|
|
features {}
|
|
# set this to false when running locally
|
|
use_oidc = true
|
|
}
|
|
|
|
data "azurerm_kubernetes_cluster" "default" {
|
|
depends_on = [module.test_aks] # refresh cluster state before reading
|
|
name = var.cluster_name
|
|
resource_group_name = var.resource_group_name
|
|
}
|
|
|
|
provider "helm" {
|
|
kubernetes {
|
|
host = data.azurerm_kubernetes_cluster.default.kube_config.0.host
|
|
client_certificate = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.client_certificate)
|
|
client_key = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.client_key)
|
|
cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.cluster_ca_certificate)
|
|
}
|
|
}
|
|
|
|
provider "kubernetes" {
|
|
host = data.azurerm_kubernetes_cluster.default.kube_config.0.host
|
|
client_certificate = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.client_certificate)
|
|
client_key = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.client_key)
|
|
cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.default.kube_config.0.cluster_ca_certificate)
|
|
}
|