From 9aa78c2e2f0f70e604f9019380070d35892080e5 Mon Sep 17 00:00:00 2001 From: juvdiaz Date: Thu, 28 May 2026 00:09:03 -0600 Subject: [PATCH] Adopt existing platform resources before apply --- lab.sh | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/lab.sh b/lab.sh index 281a8cf..deb50ec 100755 --- a/lab.sh +++ b/lab.sh @@ -26,6 +26,102 @@ require_debian_server() { fi } +tofu_state_has_resource() { + local stack="$1" + local resource_address="$2" + + tofu -chdir="${REPO_ROOT}/${stack}" state show "${resource_address}" >/dev/null 2>&1 +} + +helm_release_secret_exists() { + local namespace="$1" + local release_name="$2" + local secret_name + + secret_name="$(kubectl --kubeconfig "${KUBECONFIG_PATH}" -n "${namespace}" get secrets \ + -l "owner=helm,name=${release_name}" \ + -o jsonpath='{.items[0].metadata.name}' 2>/dev/null || true)" + + [[ -n "${secret_name}" ]] +} + +kubernetes_resource_exists() { + local namespace="$1" + local resource_kind="$2" + local resource_name="$3" + + if [[ -n "${namespace}" ]]; then + kubectl --kubeconfig "${KUBECONFIG_PATH}" -n "${namespace}" get "${resource_kind}" "${resource_name}" >/dev/null 2>&1 + return $? + fi + + kubectl --kubeconfig "${KUBECONFIG_PATH}" get "${resource_kind}" "${resource_name}" >/dev/null 2>&1 +} + +adopt_tofu_helm_release() { + local stack="$1" + local resource_address="$2" + local namespace="$3" + local release_name="$4" + + if tofu_state_has_resource "${stack}" "${resource_address}"; then + return 0 + fi + if ! helm_release_secret_exists "${namespace}" "${release_name}"; then + return 0 + fi + + echo "Importing existing Helm release ${namespace}/${release_name} into ${stack} state (${resource_address})..." + tofu -chdir="${REPO_ROOT}/${stack}" import -input=false "${resource_address}" "${namespace}/${release_name}" +} + +adopt_tofu_kubernetes_resource() { + local stack="$1" + local resource_address="$2" + local namespace="$3" + local resource_kind="$4" + local resource_name="$5" + local import_id="$6" + + if tofu_state_has_resource "${stack}" "${resource_address}"; then + return 0 + fi + if ! kubernetes_resource_exists "${namespace}" "${resource_kind}" "${resource_name}"; then + return 0 + fi + + echo "Importing existing Kubernetes ${resource_kind} ${resource_name} into ${stack} state (${resource_address})..." + tofu -chdir="${REPO_ROOT}/${stack}" import -input=false "${resource_address}" "${import_id}" +} + +adopt_platform_existing_resources() { + local stack="bootstrap/platform" + + adopt_tofu_helm_release "${stack}" "helm_release.calico_crds" "tigera-operator" "calico-crds" + adopt_tofu_helm_release "${stack}" "helm_release.calico" "tigera-operator" "calico" + adopt_tofu_helm_release "${stack}" "helm_release.openebs" "openebs" "openebs" + adopt_tofu_helm_release "${stack}" "helm_release.argocd" "argocd" "argocd" + adopt_tofu_helm_release "${stack}" "helm_release.kyverno" "kyverno" "kyverno" + adopt_tofu_helm_release "${stack}" "helm_release.kyverno_policies" "kyverno" "kyverno-policies" + adopt_tofu_helm_release "${stack}" "helm_release.loki" "monitoring" "loki" + adopt_tofu_helm_release "${stack}" "helm_release.promtail" "monitoring" "promtail" + adopt_tofu_helm_release "${stack}" "helm_release.prometheus_stack" "monitoring" "prometheus-stack" + adopt_tofu_kubernetes_resource \ + "${stack}" \ + "kubernetes_storage_class_v1.openebs_hostpath_retain" \ + "" \ + "storageclass" \ + "openebs-hostpath-retain" \ + "openebs-hostpath-retain" + adopt_tofu_kubernetes_resource \ + "${stack}" \ + "kubernetes_namespace_v1.monitoring" \ + "" \ + "namespace" \ + "monitoring" \ + "monitoring" +} + run_tofu_stack() { local stack="$1" local -a apply_args=(-auto-approve) @@ -35,6 +131,9 @@ run_tofu_stack() { fi tofu -chdir="${REPO_ROOT}/${stack}" init + if [[ "${stack}" == "bootstrap/platform" ]]; then + adopt_platform_existing_resources + fi tofu -chdir="${REPO_ROOT}/${stack}" apply "${apply_args[@]}" }