Replies: 2 comments
-
As of v0.12.0, we still don't have a way to do so. |
Beta Was this translation helpful? Give feedback.
0 replies
-
image-automation-controller is the only flux controller that currently makes commits back to git based on image tag updates. Your use case would be a totally new operator that watches for secrets (with an annotation), SOPS encrypt them, and commit back to git. This is a hefty operation... |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm tinkering with a harebrained scheme where I want to run whole an ephemeral GitOps cluster inside a ci pipeline.
The plan is to define a little k3d cluster that will run inside a cloud runner (like Github Actions, Azure DevOps Pipelines, Bitbucket pipelines etc.), bootstrap itself with flux and the terraform-controller - and then proceeds to reconcile all Terraform resources defined in source, and shut down when completed.
I've got the necessary building blocks to achieve this by using something like Velero to dump the cluster state to cloud storage. While this does suit my purpose of persisting cluster state between runs of the cluster, I'd prefer not to have to rely on cloud storage - I want a git repo and a docker container registry as my only dependencies.
What I'd love to happen, is for the tf-controller to SOPS encrypt the tfstate and selected output secrets, and commit these as new resources into my git repo - thus using git itself to persist Terraform state between runs of the config-cluster. Everything I'm seeing in the documentation at the moment only shows one-way updates from git -> k8s cluster, and I'm not seeing anything that will do the reverse i.e. taking k8s resource from inside the cluster that doesn't exist yet in git, and then committing them back to source control. (It's totally possible that I've just missed an important step somewhere).
In the meanwhile, I'm just going to roll my own solution where I'll use shell scripts within my pipeline runner logic to interact with the k3d cluster and handle the commit of new resources. (I may well be reinventing the wheel).
Is there a native way for any of the flux controllers to commit new or changes k8s resources back to git?
Beta Was this translation helpful? Give feedback.
All reactions