sdorsett/gist:3412cf944e782a784be9db28da955557

## gistfile1.txt
[root@terraform_test terraform_external_data_test]# cat kube-token.sh
#! /bin/bash
# openssl and kubeadmin need to be installed on kube-controller before running this script
token=$(/usr/bin/ssh kube-controller "kubeadm token list | grep -v DESCRIPTION | awk '{print \$1}'")
certhash=$(/usr/bin/ssh kube-controller "openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'")
jq -n --arg token "$token" --arg certhash "$certhash" '{"token":$token, "certhash":$certhash}'
[root@puppet terraform_external_data_test]#

[root@terraform_test terraform_external_data_test]# cat main.tf
data "external" "kube-token" {
  program = ["/usr/bin/bash", "kube-token.sh"]
}

output "kube-token" {
  value = "${data.external.kube-token.result.token}"
}

output "kube-certhash" {
  value = "${data.external.kube-token.result.certhash}"
}
[root@terraform_test terraform_external_data_test]#

[root@terraform_test terraform_external_data_test]# terraform apply
data.external.kube-token: Refreshing state...

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

kube-certhash = acfac4fdcc40093f9e401c94a2b46bd6d93eb88228d9ef7a20d1fff1df6d3bd8
kube-token = am77av.37ysj7b8oqwf126m
[root@terraform_test terraform_external_data_test]#
	[root@terraform_test terraform_external_data_test]# cat kube-token.sh
	#! /bin/bash
	# openssl and kubeadmin need to be installed on kube-controller before running this script
	token=$(/usr/bin/ssh kube-controller "kubeadm token list \| grep -v DESCRIPTION \| awk '{print \$1}'")
	certhash=$(/usr/bin/ssh kube-controller "openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt \| openssl rsa -pubin -outform der 2>/dev/null \| openssl dgst -sha256 -hex \| sed 's/^.* //'")
	jq -n --arg token "$token" --arg certhash "$certhash" '{"token":$token, "certhash":$certhash}'
	[root@puppet terraform_external_data_test]#

	[root@terraform_test terraform_external_data_test]# cat main.tf
	data "external" "kube-token" {
	program = ["/usr/bin/bash", "kube-token.sh"]
	}

	output "kube-token" {
	value = "${data.external.kube-token.result.token}"
	}

	output "kube-certhash" {
	value = "${data.external.kube-token.result.certhash}"
	}
	[root@terraform_test terraform_external_data_test]#

	[root@terraform_test terraform_external_data_test]# terraform apply
	data.external.kube-token: Refreshing state...

	Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

	Outputs:

	kube-certhash = acfac4fdcc40093f9e401c94a2b46bd6d93eb88228d9ef7a20d1fff1df6d3bd8
	kube-token = am77av.37ysj7b8oqwf126m
	[root@terraform_test terraform_external_data_test]#