Added aad-pod-identity crds back in

adamrushuk · adamrushuk · commit f02d1f328a2c · 2021-04-02T14:38:33.000+01:00
diff --git a/terraform/dns.tf b/terraform/dns.tf
@@ -43,37 +43,37 @@ resource "kubernetes_namespace" "external_dns" {
   depends_on = [module.aks]
 }
 
-# TODO: remove if azure.userAssignedIdentityID works in helm_release.external_dns
-# data "template_file" "azureIdentity_external_dns" {
-#   template = file(var.azureidentity_external_dns_yaml_path)
-#   vars = {
-#     managedIdentityResourceID = azurerm_user_assigned_identity.external_dns.id
-#     managedIdentityClientID   = azurerm_user_assigned_identity.external_dns.client_id
-#   }
-# }
+data "template_file" "azureIdentity_external_dns" {
+  template = file(var.azureidentity_external_dns_yaml_path)
+  vars = {
+    managedIdentityResourceID = azurerm_user_assigned_identity.external_dns.id
+    managedIdentityClientID   = azurerm_user_assigned_identity.external_dns.client_id
+  }
+}
 
 # https://www.terraform.io/docs/provisioners/local-exec.html
-# TODO: remove if azure.userAssignedIdentityID works in helm_release.external_dns
-# resource "null_resource" "azureIdentity_external_dns" {
-#   triggers = {
-#     # always_run = "${timestamp()}"
-#     azureidentity_external_dns_yaml_contents = filemd5(var.azureidentity_external_dns_yaml_path)
-#   }
-
-#   provisioner "local-exec" {
-#     interpreter = ["/bin/bash", "-c"]
-#     command     = <<EOT
-#       export KUBECONFIG=${var.aks_config_path}
-#       echo "${data.template_file.azureIdentity_external_dns.rendered}" | kubectl apply -f -
-#     EOT
-#   }
-
-#   depends_on = [
-#     local_file.kubeconfig,
-#     kubernetes_namespace.external_dns,
-#     helm_release.aad_pod_identity
-#   ]
-# }
+resource "null_resource" "azureIdentity_external_dns" {
+  triggers = {
+    # always_run = "${timestamp()}"
+    azureidentity_external_dns_yaml_contents = filemd5(var.azureidentity_external_dns_yaml_path)
+  }
+
+  provisioner "local-exec" {
+    interpreter = ["/bin/bash", "-c"]
+    environment = {
+      KUBECONFIG = var.aks_config_path
+    }
+    command = <<EOT
+      echo "${data.template_file.azureIdentity_external_dns.rendered}" | kubectl apply -f -
+    EOT
+  }
+
+  depends_on = [
+    local_file.kubeconfig,
+    kubernetes_namespace.external_dns,
+    helm_release.aad_pod_identity
+  ]
+}
 
 # https://github.com/bitnami/charts/tree/master/bitnami/external-dns
 # https://bitnami.com/stack/external-dns/helm
@@ -87,7 +87,7 @@ resource "helm_release" "external_dns" {
   atomic     = true
   # values     = [file("helm/NOT_USED.yaml")]
 
-  # adds msi pod identity binding
+  # specify user-assigned managed identity
   set {
     name  = "azure.userAssignedIdentityID"
     value = azurerm_user_assigned_identity.external_dns.client_id
diff --git a/terraform/files/azureIdentity-external-dns.yaml.tpl b/terraform/files/azureIdentity-external-dns.yaml.tpl
@@ -1,5 +1,4 @@
 # https://github.com/Azure/aad-pod-identity
-# TODO: delete if azure.userAssignedIdentityID works in helm_release.external_dns
 apiVersion: "aadpodidentity.k8s.io/v1"
 kind: AzureIdentity
 metadata:

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`# https://github.com/Azure/aad-pod-identity`
`2`		`-# TODO: delete if azure.userAssignedIdentityID works in helm_release.external_dns`
`3`	`2`	`apiVersion: "aadpodidentity.k8s.io/v1"`
`4`	`3`	`kind: AzureIdentity`
`5`	`4`	`metadata:`