spec.template.spec.containers.securityContext is not supported
DimamoN opened this issue · comments
Dmitriy Gutman commented
Hi, I found an issue in k2tf, version 0.2.5.
The spec.template.spec.containers.securityContext is not appears in a result file.
Example:
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: metricbeat
namespace: default
labels:
k8s-app: metricbeat
spec:
template:
metadata:
labels:
k8s-app: metricbeat
spec:
serviceAccountName: metricbeat
containers:
- name: metricbeat
image: docker.elastic.co/beats/metricbeat:7.0.0-alpha2
args: [
"-c", "/etc/metricbeat.yml",
"-e",
]
env:
- name: ELASTICSEARCH_HOST
value: elastic-service
securityContext:
runAsUser: 0
Converting:
k2tf -F -f file.yaml -o output.tf
Result:
resource "kubernetes_deployment" "metricbeat" {
metadata {
name = "metricbeat"
namespace = "default"
labels = { k8s-app = "metricbeat" }
}
spec {
template {
metadata {
labels = { k8s-app = "metricbeat" }
}
spec {
container {
name = "metricbeat"
image = "docker.elastic.co/beats/metricbeat:7.0.0-alpha2"
args = ["-c", "/etc/metricbeat.yml", "-e"]
env {
name = "ELASTICSEARCH_HOST"
value = "elastic-service"
}
}
service_account_name = "metricbeat"
}
}
}
}
There no securityContext in converted terraform file.
How it should be:
resource "kubernetes_deployment" "metricbeat" {
metadata {
name = "metricbeat"
namespace = "default"
labels = { k8s-app = "metricbeat" }
}
spec {
template {
metadata {
labels = { k8s-app = "metricbeat" }
}
spec {
container {
name = "metricbeat"
image = "docker.elastic.co/beats/metricbeat:7.0.0-alpha2"
args = ["-c", "/etc/metricbeat.yml", "-e"]
env {
name = "ELASTICSEARCH_HOST"
value = "elastic-service"
}
security_context {
run_as_user = 0
}
}
service_account_name = "metricbeat"
}
}
}
}
Pedro de la Cruz Jr. commented
I also ran into this issue. Please fix.
Matt Morrison commented
The issue here is that k2tf skips outputting any attribute that appear to be unset (e.g. empty string or zero value).
In this case run_as_user
is 0, so it's deliberately not included in the output. I'm exploring ways to fix this.
chandankashyap19 commented
Any fix on the reported issue. Getting same error at my end.