Ability to wait for CRD Resources to be ready
rmb938 opened this issue · 5 comments
Describe the solution you'd like to see
The ability to give a json path (or something similar) to wait for a certain value before the resource is considered ready.
Describe alternatives you've considered
Local exec to use kubectl and make a dependency chain somehow?
Additional context
Some CRDs have things in their status to determine if they are ready or not. So for example a cert-manager certificate.
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: my-cert
spec:
dnsNames:
- example.com
issuerRef:
kind: ClusterIssuer
name: aws-pca
secretName: cert-thanos
status:
conditions:
- lastTransitionTime: "2019-11-26T17:22:36Z"
message: Certificate is up to date and has not expired
reason: Ready
status: "True"
type: Ready
notAfter: "2020-06-23T17:22:41Z"
Having some sort of way to select the Ready condition and waiting for it to be true.
Making something universal to work with any crd may be a bit difficult.
Some CRDs don't have simple status attributes that can be checked with a single JSONPath ( Like Conditions on Cert-manager Certificates ). A higher level language may be needed to parse the correct status. Argo (a k8s CI/CD tool) uses lua https://argoproj.github.io/argo-cd/operator-manual/health/
I'm really open to integrate something like this into the provider, I have faced the issue several times, and we have built-in "wait for status" for the most common standard resources only.
What about using https://github.com/google/cel-go instead of Lua, it is much more embeddable and we won't need a full-blown VM here in a terraform provider :)
I never personally used CEL but it looks like it could work.
Hopefully the community can converge on some common status like kubernetes/enhancements#1624
Why not mimic the behavior in the kubernetes provider?
https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/manifest#wait_for