You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
While looking into #2811 and the bug that was causing Nexus bootstrapping to fail, it was found that because the Firewall step was occurring after the Main bundle step in the template_schema pipeline, the necessary firewall rules weren't in place for the bundle to deploy Nexus successfully.
After moving the Firewall step to before the Main bundle, there were then missing resource properties that were previously derived from Terraform outputs from the main step (such as the SHARED_ADDRESS_PREFIXES). The API has no way of accessing properties like this (address spaces from the core network for example) without the main bundle being ran first to output properties from Terraform and mapping them to bundle resource properties. This means that we can't apply Firewall steps that a bundle might need as a pre-requisite, if they contain dynamic values.
Describe the solution you'd like
A potential solution could be adding a "Load properties" step that bundles can invoke in the template pipeline, accepting a map of properties to retrieve, which runs terraform and populates the resource properties that are then needed by the subsequent firewall or other pre-requisite steps before the main bundle.
Alternatively, we could introduce another keyword (the pipeline currently looks for handlebars and then "resource" to fetch properties from the bundle resource) called environment or outputs which could request a property from terraform, which the API would then retrieve whenever this keyword is detected with a valid reference to a terraform output.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
While looking into #2811 and the bug that was causing Nexus bootstrapping to fail, it was found that because the Firewall step was occurring after the Main bundle step in the template_schema pipeline, the necessary firewall rules weren't in place for the bundle to deploy Nexus successfully.
After moving the Firewall step to before the Main bundle, there were then missing resource properties that were previously derived from Terraform outputs from the main step (such as the
SHARED_ADDRESS_PREFIXES
). The API has no way of accessing properties like this (address spaces from the core network for example) without the main bundle being ran first to output properties from Terraform and mapping them to bundle resource properties. This means that we can't apply Firewall steps that a bundle might need as a pre-requisite, if they contain dynamic values.Describe the solution you'd like
A potential solution could be adding a "Load properties" step that bundles can invoke in the template pipeline, accepting a map of properties to retrieve, which runs terraform and populates the resource properties that are then needed by the subsequent firewall or other pre-requisite steps before the main bundle.
Alternatively, we could introduce another keyword (the pipeline currently looks for handlebars and then "resource" to fetch properties from the bundle resource) called
environment
oroutputs
which could request a property from terraform, which the API would then retrieve whenever this keyword is detected with a valid reference to a terraform output.The text was updated successfully, but these errors were encountered: