My intention is to create a k8s Job via terraform.
In process I need to create volumes and project list of secret item in it.
i am able to achieve that via following snippet of yaml config
volumeMounts:
- name: certs
mountPath: /app/certs
- name: ca-certs
mountPath: /app/ca-certs
volumes:
- name: certs
secret:
secretName: "tls-cert-internal"
items:
- key: tls.crt
path: crt.pem
- key: tls.key
path: key.pem
- name: ca-certs
secret:
secretName: ca-bundle
items:
- key: tls.crt
path: ca_crt.pem
however i like to create it using terraform which I try as
resource "kubernetes_job" "xxx" {
metadata {
name = "xxxxx"
namespace = "test"
}
wait_for_completion = true
spec {
template {
metadata {}
spec {
container {
name = "test"
image = "test"
image_pull_policy = "Always"
volume_mount {
name = "certs"
mount_path = "/app/certs"
}
volume_mount {
name = "ca-certs"
mount_path = "/app/ca-certs"
}
volume {
name = "certs"
secret {
secret_name = "tls-cert-internal"
items = [
{
key = tls.crt
path = crt.pem
},
{
key = tls.key
path= key.pem
}
]
}
}
volume {
name = "ca-certs"
secret {
secret_name = "ca-bundle"
items = [
{
key = tls.crt
path = tls.crt
}
]
}
}
}
However it fails as :
on xxxxx, in resource "kubernetes_job" "xxx":
: items = [
An argument named "items" is not expected here. Did you mean to define a block
of type "items"?
I tired following this https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#secret
However seems like I am not providing incorrect syntax. kindly guide me for same
I think you can have multiple items blocks:
secret {
secret_name = "ca-bundle"
items {
key = tls.crt
path = tls.crt
}
items {
key = tls2.crt
path = tls2.crt
}
}