Commit e009c192 authored by Maksimelyan Tamashevich (EPAM)'s avatar Maksimelyan Tamashevich (EPAM)
Browse files

Deleted modules/osdu/helm-opa.tf file

parent 3a98ca83
Pipeline #98095 passed with stage
in 28 seconds
locals {
opa_service_account_name = "opa"
opa_roles_name = [
"roles/iam.serviceAccountTokenCreator",
"roles/storage.objectAdmin"
]
}
module "opa_workload_identity" {
depends_on = [google_container_node_pool.cluster_node_pool]
source = "./modules/workload_identity"
google_project = var.service_google_project
workload_service_account = local.opa_service_account_name
kubernetes_namespace = "default"
google_service_account_iam_roles = local.opa_roles_name
}
# Apply configmap from helm chart
resource "helm_release" "opa-config" {
depends_on = [
kubernetes_job.infra_config
]
name = "opa-config"
repository = "https://community.opengroup.org/api/v4/projects/420/packages/helm/stable"
chart = "gcp-opa-configmap"
namespace = "default"
version = "0.1.0"
recreate_pods = true
set {
name = "data.bucket_name"
value = module.buckets_for_all_projects[var.service_google_project].buckets["${var.service_google_project}-opa-policies"].name
}
}
# Apply OPA deployment from helm chart
resource "helm_release" "opa-deploy" {
depends_on = [
helm_release.opa-config,
kubernetes_job.infra_config,
module.opa_workload_identity
]
name = "opa-deploy"
repository = "https://community.opengroup.org/api/v4/projects/420/packages/helm/stable"
chart = "opa"
namespace = "default"
version = "0.1.0"
recreate_pods = true
set {
name = "data.image"
value = local.opa_image
}
set {
name = "data.serviceAccountName"
value = module.opa_workload_identity.service_account
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment