From 8ba33a12c807193bc1d50076ec7bd3b5d681255a Mon Sep 17 00:00:00 2001
From: phaer <hello@phaer.org>
Date: Sat, 12 Feb 2022 00:52:13 +0100
Subject: [PATCH] fix post-install kustomization, keep file...

this risks exposing secrets from the deployed manifests,
but those are currently deployed beforehand so we should
be good as long as kustomization.yaml does not contain
any.
---
 master.tf | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/master.tf b/master.tf
index 1c77478..8e7f32f 100644
--- a/master.tf
+++ b/master.tf
@@ -146,8 +146,16 @@ resource "hcloud_server" "first_control_plane" {
   # Deploy our post-installation kustomization
   provisioner "remote-exec" {
     inline = [
+      # This ugly hack is here, because terraform serializes the
+      # embedded yaml files with "- |2", when there is more than
+      # one yamldocument in the embedded file. Kustomize does not understand
+      # that syntax and tries to parse the blocks content as a file, resulting
+      # in weird errors. so gnu sed with funny escaping is used to
+      # replace lines like "- |3" by "- |" (yaml block syntax).
+      # due to indendation this should not changes the embedded
+      # manifests themselves
+      "sed -i 's/^- |[0-9]\\+$/- |/g' /tmp/post_install/kustomization.yaml",
       "kubectl apply -k /tmp/post_install",
-      "rm -rf /tmp/post_install"
     ]
   }