danlester/kubernetes.tf

## kubernetes.tf
terraform {
  required_providers {
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "2.7.1"
    }
  }
  required_version = ">= 1.0"
}

provider "kubernetes" {
  config_path = "~/.kube/config"
}

resource "kubernetes_manifest" "ingress_route" {

  manifest = {
    apiVersion = "apiextensions.k8s.io/v1"
    kind       = "CustomResourceDefinition"
    metadata = {
      name = "ingressroutes.traefik.containo.us"
    }
    spec = {
      group = "traefik.containo.us"
      names = {
        kind     = "IngressRoute"
        plural   = "ingressroutes"
        singular = "ingressroute"
      }
      scope = "Namespaced"
      versions = [
        {
          name    = "v1alpha1"
          served  = true
          storage = true
          schema = {
            openAPIV3Schema = {
              type = "object"
              properties = {
                spec = {
                  type = "object"
                  properties = {
                    routes = {
                      type = "array"
                      items = {
                        type     = "object"
                        required = ["match", "kind"]
                        properties = {
                          match = {
                            type = "string"
                          }
                          kind = {
                            type = "string"
                            enum = ["Rule"]
                          }
                          priority = {
                            type = "integer"
                          }
                          services = {
                            type = "array"
                            items = {
                              type     = "object"
                              required = ["name", "port"]
                              properties = {
                                name = {
                                  type = "string"
                                }
                                kind = {
                                  type = "string"
                                  enum = ["Service", "TraefikService"]
                                }
                                namespace = {
                                  type = "string"
                                }
                                sticky = {
                                  type = "object"
                                  properties = {
                                    cookie = {
                                      type = "object"
                                      properties = {
                                        name = {
                                          type = "string"
                                        }
                                        secure = {
                                          type = "boolean"
                                        }
                                        httpOnly = {
                                          type = "boolean"
                                        }
                                        sameSite = {
                                          type = "string"
                                          enum = ["None", "Lax", "Strict"]
                                        }
                                      }
                                    }
                                  }
                                }
                                port = {
                                  x-kubernetes-int-or-string = true
                                  pattern                    = "^[1-9]\\d*$"
                                }
                                scheme = {
                                  type = "string"
                                  enum = ["http", "https", "h2c"]
                                }
                                strategy = {
                                  type = "string"
                                  enum = ["RoundRobin"]
                                }
                                passHostHeader = {
                                  type = "boolean"
                                }
                                responseForwarding = {
                                  type = "object"
                                  properties = {
                                    flushInterval = {
                                      type = "string"
                                    }
                                  }
                                }
                                weight = {
                                  type = "integer"
                                }
                              }
                            }
                          }
                          middlewares = {
                            type = "array"
                            items = {
                              type     = "object"
                              required = ["name", "namespace"]
                              properties = {
                                name = {
                                  type = "string"
                                }
                                namespace = {
                                  type = "string"
                                }
                              }
                            }
                          }
                        }
                      }
                    }
                    entryPoints = {
                      type = "array"
                      items = {
                        type = "string"
                      }
                    }
                    tls = {
                      type = "object"
                      properties = {
                        secretName = {
                          type = "string"
                        }
                        options = {
                          type     = "object"
                          required = ["name", "namespace"]
                          properties = {
                            name = {
                              type = "string"
                            }
                            namespace = {
                              type = "string"
                            }
                          }
                        }
                        store = {
                          type     = "object"
                          required = ["name", "namespace"]
                          properties = {
                            name = {
                              type = "string"
                            }
                            namespace = {
                              type = "string"
                            }
                          }
                        }
                        certResolver = {
                          type = "string"
                        }
                        domains = {
                          type = "array"
                          items = {
                            type = "object"
                            properties = {
                              main = {
                                type = "string"
                              }
                              sans = {
                                type = "array"
                                items = {
                                  type = "string"
                                }
                              }
                            }
                          }
                        }
                      }
                    }
                  }
                }
              }
            }
          }
        }
      ]
    }
  }
}


resource "kubernetes_manifest" "my-http" {
  count = 0

  manifest = {
    apiVersion = "traefik.containo.us/v1alpha1"
    kind       = "IngressRoute"
    metadata = {
      name      = "my-http"
      namespace = "default"
    }
    spec = {
      entryPoints = ["websecure"]
      routes = [
        {
          kind  = "Rule"
          match = "Host(`localhost`) && PathPrefix(`/auth`) "
          services = [
            {
              name = "my-http-service"
              port      = 80
              namespace = "default"
            }
          ]
        }
      ]
      tls = {
         certResolver = "default"
      }
    }
  }

  depends_on = [
    kubernetes_manifest.ingress_route
  ]
}
	terraform {
	required_providers {
	kubernetes = {
	source = "hashicorp/kubernetes"
	version = "2.7.1"
	}
	}
	required_version = ">= 1.0"
	}

	provider "kubernetes" {
	config_path = "~/.kube/config"
	}

	resource "kubernetes_manifest" "ingress_route" {

	manifest = {
	apiVersion = "apiextensions.k8s.io/v1"
	kind = "CustomResourceDefinition"
	metadata = {
	name = "ingressroutes.traefik.containo.us"
	}
	spec = {
	group = "traefik.containo.us"
	names = {
	kind = "IngressRoute"
	plural = "ingressroutes"
	singular = "ingressroute"
	}
	scope = "Namespaced"
	versions = [
	{
	name = "v1alpha1"
	served = true
	storage = true
	schema = {
	openAPIV3Schema = {
	type = "object"
	properties = {
	spec = {
	type = "object"
	properties = {
	routes = {
	type = "array"
	items = {
	type = "object"
	required = ["match", "kind"]
	properties = {
	match = {
	type = "string"
	}
	kind = {
	type = "string"
	enum = ["Rule"]
	}
	priority = {
	type = "integer"
	}
	services = {
	type = "array"
	items = {
	type = "object"
	required = ["name", "port"]
	properties = {
	name = {
	type = "string"
	}
	kind = {
	type = "string"
	enum = ["Service", "TraefikService"]
	}
	namespace = {
	type = "string"
	}
	sticky = {
	type = "object"
	properties = {
	cookie = {
	type = "object"
	properties = {
	name = {
	type = "string"
	}
	secure = {
	type = "boolean"
	}
	httpOnly = {
	type = "boolean"
	}
	sameSite = {
	type = "string"
	enum = ["None", "Lax", "Strict"]
	}
	}
	}
	}
	}
	port = {
	x-kubernetes-int-or-string = true
	pattern = "^[1-9]\\d*$"
	}
	scheme = {
	type = "string"
	enum = ["http", "https", "h2c"]
	}
	strategy = {
	type = "string"
	enum = ["RoundRobin"]
	}
	passHostHeader = {
	type = "boolean"
	}
	responseForwarding = {
	type = "object"
	properties = {
	flushInterval = {
	type = "string"
	}
	}
	}
	weight = {
	type = "integer"
	}
	}
	}
	}
	middlewares = {
	type = "array"
	items = {
	type = "object"
	required = ["name", "namespace"]
	properties = {
	name = {
	type = "string"
	}
	namespace = {
	type = "string"
	}
	}
	}
	}
	}
	}
	}
	entryPoints = {
	type = "array"
	items = {
	type = "string"
	}
	}
	tls = {
	type = "object"
	properties = {
	secretName = {
	type = "string"
	}
	options = {
	type = "object"
	required = ["name", "namespace"]
	properties = {
	name = {
	type = "string"
	}
	namespace = {
	type = "string"
	}
	}
	}
	store = {
	type = "object"
	required = ["name", "namespace"]
	properties = {
	name = {
	type = "string"
	}
	namespace = {
	type = "string"
	}
	}
	}
	certResolver = {
	type = "string"
	}
	domains = {
	type = "array"
	items = {
	type = "object"
	properties = {
	main = {
	type = "string"
	}
	sans = {
	type = "array"
	items = {
	type = "string"
	}
	}
	}
	}
	}
	}
	}
	}
	}
	}
	}
	}
	}
	]
	}
	}
	}


	resource "kubernetes_manifest" "my-http" {
	count = 0

	manifest = {
	apiVersion = "traefik.containo.us/v1alpha1"
	kind = "IngressRoute"
	metadata = {
	name = "my-http"
	namespace = "default"
	}
	spec = {
	entryPoints = ["websecure"]
	routes = [
	{
	kind = "Rule"
	match = "Host(`localhost`) && PathPrefix(`/auth`) "
	services = [
	{
	name = "my-http-service"
	port = 80
	namespace = "default"
	}
	]
	}
	]
	tls = {
	certResolver = "default"
	}
	}
	}

	depends_on = [
	kubernetes_manifest.ingress_route
	]
	}