diff --git a/README.md b/README.md
index 83fb48b7..5190ebd4 100644
--- a/README.md
+++ b/README.md
@@ -494,7 +494,7 @@ You need the following permissions to run this module.
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.9.0 |
-| [helm](#requirement\_helm) | >= 2.11.0, < 3.0.0 |
+| [helm](#requirement\_helm) | >= 3.0.0, <4.0.0 |
| [kubernetes](#requirement\_kubernetes) | >= 2.16.1, < 3.0.0 |
### Modules
diff --git a/examples/all-combined/provider.tf b/examples/all-combined/provider.tf
index 97dc8d6c..16bcb96e 100644
--- a/examples/all-combined/provider.tf
+++ b/examples/all-combined/provider.tf
@@ -18,7 +18,7 @@ provider "kubernetes" {
provider "helm" {
- kubernetes {
+ kubernetes = {
host = data.ibm_container_cluster_config.cluster_config.host
token = data.ibm_container_cluster_config.cluster_config.token
cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate
diff --git a/examples/all-combined/version.tf b/examples/all-combined/version.tf
index a4c86ada..54a785cf 100644
--- a/examples/all-combined/version.tf
+++ b/examples/all-combined/version.tf
@@ -7,7 +7,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = ">= 2.11.0"
+ version = ">= 3.0.0, <4.0.0"
}
time = {
source = "hashicorp/time"
diff --git a/examples/basic/provider.tf b/examples/basic/provider.tf
index 8d6884a3..2d710348 100644
--- a/examples/basic/provider.tf
+++ b/examples/basic/provider.tf
@@ -17,7 +17,7 @@ provider "kubernetes" {
provider "helm" {
- kubernetes {
+ kubernetes = {
host = data.ibm_container_cluster_config.cluster_config.host
token = data.ibm_container_cluster_config.cluster_config.token
cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate
diff --git a/examples/basic/version.tf b/examples/basic/version.tf
index 7568a445..0d085ccc 100644
--- a/examples/basic/version.tf
+++ b/examples/basic/version.tf
@@ -7,7 +7,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = "= 2.11.0"
+ version = "= 3.0.0"
}
time = {
source = "hashicorp/time"
diff --git a/examples/trusted-profiles-authentication/providers.tf b/examples/trusted-profiles-authentication/providers.tf
index 249afe5e..c6e581b0 100644
--- a/examples/trusted-profiles-authentication/providers.tf
+++ b/examples/trusted-profiles-authentication/providers.tf
@@ -30,7 +30,7 @@ provider "kubernetes" {
provider "helm" {
- kubernetes {
+ kubernetes = {
client_certificate = data.ibm_container_cluster_config.cluster_config.admin_certificate
client_key = data.ibm_container_cluster_config.cluster_config.admin_key
cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate
diff --git a/examples/trusted-profiles-authentication/version.tf b/examples/trusted-profiles-authentication/version.tf
index fb67aa6d..a0aadcfc 100644
--- a/examples/trusted-profiles-authentication/version.tf
+++ b/examples/trusted-profiles-authentication/version.tf
@@ -7,7 +7,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = ">= 2.8.0"
+ version = ">= 3.0.0, <4.0.0"
}
ibm = {
source = "IBM-Cloud/ibm"
diff --git a/main.tf b/main.tf
index f0b545d5..03063e6a 100644
--- a/main.tf
+++ b/main.tf
@@ -178,46 +178,60 @@ resource "helm_release" "external_secrets_operator" {
wait = true
repository = var.eso_chart_location
- set {
+ set = [{
name = "image.repository"
type = "string"
value = var.eso_image
- }
-
- set {
- name = "image.tag"
- type = "string"
- value = var.eso_image_version
- }
-
- set {
- name = "webhook.image.repository"
- type = "string"
- value = var.eso_image
- }
-
- set {
- name = "webhook.image.tag"
- type = "string"
- value = var.eso_image_version
- }
-
- set {
- name = "certController.image.repository"
- type = "string"
- value = var.eso_image
- }
-
- set {
- name = "certController.image.tag"
- type = "string"
- value = var.eso_image_version
- }
+ },
+ {
+ name = "image.tag"
+ type = "string"
+ value = var.eso_image_version
+ },
+ {
+ name = "webhook.image.repository"
+ type = "string"
+ value = var.eso_image
+ },
+ {
+ name = "webhook.image.tag"
+ type = "string"
+ value = var.eso_image_version
+ },
+ {
+ name = "certController.image.repository"
+ type = "string"
+ value = var.eso_image
+ },
+ {
+ name = "certController.image.tag"
+ type = "string"
+ value = var.eso_image_version
+ }]
# The following mounts are needed for the CRI based authentication with Trusted Profiles
values = [local.eso_helm_release_values_cri, local.eso_helm_release_values_workerselector]
}
+locals {
+ reloader_namespaces_to_ignore = var.reloader_namespaces_to_ignore != null ? [{
+ name = "reloader.namespacesToIgnore"
+ value = var.reloader_namespaces_to_ignore
+ }] : []
+ reloader_resources_to_ignore = var.reloader_resources_to_ignore != null ? [{
+ name = "reloader.resourcesToIgnore"
+ value = var.reloader_resources_to_ignore
+ }] : []
+ reloader_is_openshift = var.reloader_is_openshift ? [{
+ name = "reloader.deployment.securityContext.runAsUser"
+ value = "null"
+ }] : []
+ reloader_log_format = var.reloader_log_format == "json" ? [{
+ name = "reloader.logFormat"
+ value = var.reloader_log_format
+ }] : []
+}
+
resource "helm_release" "pod_reloader" {
depends_on = [module.eso_namespace, data.kubernetes_namespace.existing_eso_namespace]
count = var.reloader_deployed == true ? 1 : 0
@@ -228,100 +242,68 @@ resource "helm_release" "pod_reloader" {
version = var.reloader_chart_version
wait = true
- set {
- name = "image.repository"
- type = "string"
- value = var.reloader_image
- }
-
- set {
- name = "image.tag"
- type = "string"
- value = var.reloader_image_version
- }
-
- # Set reload strategy
- set {
- name = "reloader.reloadStrategy"
- type = "string"
- value = var.reloader_reload_strategy
- }
-
- # Set namespaces to ignore
- dynamic "set" {
- for_each = var.reloader_namespaces_to_ignore != null ? [1] : []
- content {
- name = "reloader.namespacesToIgnore"
- value = var.reloader_namespaces_to_ignore
- }
- }
-
- # Set resources to ignore
- dynamic "set" {
- for_each = var.reloader_resources_to_ignore != null ? [1] : []
- content {
- name = "reloader.resourcesToIgnore"
- value = var.reloader_resources_to_ignore
- }
- }
-
- # Set watchGlobally based on conditions
- set {
- name = "reloader.watchGlobally"
- value = var.reloader_namespaces_selector == null && var.reloader_resource_label_selector == null ? true : false
- }
-
- # Set ignoreSecrets and ignoreConfigMaps
- set {
- name = "reloader.ignoreSecrets"
- value = var.reloader_ignore_secrets
- }
-
- set {
- name = "reloader.ignoreConfigMaps"
- value = var.reloader_ignore_configmaps
- }
-
- # Set OpenShift and Argo Rollouts options
- set {
- name = "reloader.isOpenshift"
- value = var.reloader_is_openshift
- }
- # Set runAsUser to null if isOpenShift is true
- dynamic "set" {
- for_each = var.reloader_is_openshift ? [1] : []
- content {
- name = "reloader.deployment.securityContext.runAsUser"
- value = "null"
- }
- }
-
- set {
- name = "reloader.podMonitor.enabled"
- value = var.reloader_pod_monitor_metrics
- }
- dynamic "set" {
- for_each = var.reloader_log_format == "json" ? [1] : []
- content {
- name = "reloader.logFormat"
- value = var.reloader_log_format
+ set = concat([
+ {
+ name = "image.repository"
+ type = "string"
+ value = var.reloader_image
+ },
+ {
+ name = "image.tag"
+ type = "string"
+ value = var.reloader_image_version
+ },
+ # Set reload strategy
+ {
+ name = "reloader.reloadStrategy"
+ type = "string"
+ value = var.reloader_reload_strategy
+ },
+ # Set watchGlobally based on conditions
+ {
+ name = "reloader.watchGlobally"
+ value = var.reloader_namespaces_selector == null && var.reloader_resource_label_selector == null ? true : false
+ },
+ # Set ignoreSecrets and ignoreConfigMaps
+ {
+ name = "reloader.ignoreSecrets"
+ value = var.reloader_ignore_secrets
+ },
+ {
+ name = "reloader.ignoreConfigMaps"
+ value = var.reloader_ignore_configmaps
+ },
+ # Set OpenShift and Argo Rollouts options
+ {
+ name = "reloader.isOpenshift"
+ value = var.reloader_is_openshift
+ },
+ {
+ name = "reloader.podMonitor.enabled"
+ value = var.reloader_pod_monitor_metrics
+ },
+ {
+ name = "reloader.isArgoRollouts"
+ value = var.reloader_is_argo_rollouts
+ },
+ # Set reloadOnCreate and syncAfterRestart options
+ {
+ name = "reloader.reloadOnCreate"
+ value = var.reloader_reload_on_create
+ },
+ {
+ name = "reloader.syncAfterRestart"
+ value = var.reloader_sync_after_restart
}
- }
- set {
- name = "reloader.isArgoRollouts"
- value = var.reloader_is_argo_rollouts
- }
-
- # Set reloadOnCreate and syncAfterRestart options
- set {
- name = "reloader.reloadOnCreate"
- value = var.reloader_reload_on_create
- }
-
- set {
- name = "reloader.syncAfterRestart"
- value = var.reloader_sync_after_restart
- }
+ ],
+ # Set namespaces to ignore
+ local.reloader_namespaces_to_ignore,
+ # Set resources to ignore
+ local.reloader_resources_to_ignore,
+ # Set runAsUser to null if isOpenShift is true
+ local.reloader_is_openshift,
+ local.reloader_log_format
+ )
# Set the values attribute conditionally
values = var.reloader_custom_values != null ? yamldecode(var.reloader_custom_values) : []
diff --git a/modules/eso-clusterstore/README.md b/modules/eso-clusterstore/README.md
index 1f099d1f..f09d7dea 100644
--- a/modules/eso-clusterstore/README.md
+++ b/modules/eso-clusterstore/README.md
@@ -16,7 +16,7 @@ For more information about Trusted Profiles refer to the IBM Cloud documentation
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.9.0 |
-| [helm](#requirement\_helm) | >= 2.8.0 |
+| [helm](#requirement\_helm) | >= 3.0.0, <4.0.0 |
| [kubernetes](#requirement\_kubernetes) | >= 2.16.1, <3.0.0 |
### Modules
diff --git a/modules/eso-clusterstore/version.tf b/modules/eso-clusterstore/version.tf
index da93cb0b..2561813e 100644
--- a/modules/eso-clusterstore/version.tf
+++ b/modules/eso-clusterstore/version.tf
@@ -8,7 +8,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = ">= 2.8.0"
+ version = ">= 3.0.0, <4.0.0"
}
}
}
diff --git a/modules/eso-external-secret/README.md b/modules/eso-external-secret/README.md
index 366b7b93..99e258fa 100644
--- a/modules/eso-external-secret/README.md
+++ b/modules/eso-external-secret/README.md
@@ -15,7 +15,7 @@ For more information about ExternalSecrets on ESO please refer to the ESO docume
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.9.0 |
-| [helm](#requirement\_helm) | >= 2.8.0 |
+| [helm](#requirement\_helm) | >= 3.0.0, <4.0.0 |
### Modules
diff --git a/modules/eso-external-secret/version.tf b/modules/eso-external-secret/version.tf
index adf74385..4a22a669 100644
--- a/modules/eso-external-secret/version.tf
+++ b/modules/eso-external-secret/version.tf
@@ -4,7 +4,7 @@ terraform {
# Use "greater than or equal to" range in modules
helm = {
source = "hashicorp/helm"
- version = ">= 2.8.0"
+ version = ">= 3.0.0, <4.0.0"
}
}
}
diff --git a/modules/eso-secretstore/README.md b/modules/eso-secretstore/README.md
index 51f38357..729c7318 100644
--- a/modules/eso-secretstore/README.md
+++ b/modules/eso-secretstore/README.md
@@ -16,7 +16,7 @@ For more information about Trusted Profiles refer to the IBM Cloud documentation
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.9.0 |
-| [helm](#requirement\_helm) | >= 2.8.0 |
+| [helm](#requirement\_helm) | >= 3.0.0, <4.0.0 |
| [kubernetes](#requirement\_kubernetes) | >= 2.16.1, <3.0.0 |
### Modules
diff --git a/modules/eso-secretstore/version.tf b/modules/eso-secretstore/version.tf
index da93cb0b..2561813e 100644
--- a/modules/eso-secretstore/version.tf
+++ b/modules/eso-secretstore/version.tf
@@ -8,7 +8,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = ">= 2.8.0"
+ version = ">= 3.0.0, <4.0.0"
}
}
}
diff --git a/solutions/fully-configurable/provider.tf b/solutions/fully-configurable/provider.tf
index 0033f25b..73a661d2 100644
--- a/solutions/fully-configurable/provider.tf
+++ b/solutions/fully-configurable/provider.tf
@@ -20,7 +20,7 @@ provider "kubernetes" {
}
provider "helm" {
- kubernetes {
+ kubernetes = {
host = data.ibm_container_cluster_config.cluster_config.host
token = data.ibm_container_cluster_config.cluster_config.token
cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate
diff --git a/solutions/fully-configurable/version.tf b/solutions/fully-configurable/version.tf
index a8f2d072..0f4cfbaa 100644
--- a/solutions/fully-configurable/version.tf
+++ b/solutions/fully-configurable/version.tf
@@ -7,7 +7,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = "2.17.0"
+ version = "3.0.2"
}
ibm = {
source = "IBM-Cloud/ibm"
diff --git a/version.tf b/version.tf
index beb097bf..6e320538 100644
--- a/version.tf
+++ b/version.tf
@@ -8,7 +8,7 @@ terraform {
}
helm = {
source = "hashicorp/helm"
- version = ">= 2.11.0, < 3.0.0"
+ version = ">= 3.0.0, <4.0.0"
}
}
}