What's the correct way to use the ignoreChanges config to ignore changes of a specific annotation of a kubernetes deployment?
One of my kubernetes deployments has the following annotation automatically injected by a CRD based on some external state change:
metadata:
annotations:
secrets.doppler.com/secretsupdate.api: W/"8673f9c59166f300cacd436f95f83d3379f84643d8259297c18facf0076b50e7"
I'd like terraform to not trigger a redeployment when it sees changes to this annotation.
I suspect something like the following would be correct but I'm not sure what the right syntax is when using terraform cdk:
new k8s.Deployment(this, name, {
lifecycle: {
ignoreChanges: ["metadata.annotations.\"secrets.doppler.com/secretsupdate.api\""],
},
// ...
})
I tried using the above syntax but it didn't work.
│ Error: Invalid expression
│
│ on cdk.tf.json line 2492, in resource.kubernetes_deployment.api_BA7F1523.lifecycle.ignore_changes:
│ 2492: "metadata.annotations.\"secrets.doppler.com/secretsupdate.api\""
│
│ A single static variable reference is required: only attribute access and
│ indexing with constant keys. No calculations, function calls, template
│ expressions, etc are allowed here.
What's the correct syntax for ignore an annotation like this?
As is typical, I figured it out immediately after posting.
metadata[0].annotations[\"secrets.doppler.com/secretsupdate.api\"]