$ terraform -v
Terraform v0.13.2
+ provider registry.terraform.io/hashicorp/github v2.9.2
+ provider registry.terraform.io/hashicorp/google v3.40.0
+ provider registry.terraform.io/hashicorp/google-beta v3.40.0
+ provider registry.terraform.io/hashicorp/helm v1.3.2
+ provider registry.terraform.io/hashicorp/kubernetes v1.10.0
+ provider registry.terraform.io/hashicorp/local v1.4.0
+ provider registry.terraform.io/hashicorp/null v2.1.2
+ provider registry.terraform.io/hashicorp/random v2.2.1
+ provider registry.terraform.io/hashicorp/tls v2.2.0
Your version of Terraform is out of date! The latest version
is 0.13.4. You can update by downloading from https://www.terraform.io/downloads.html
variable "extraArgs" {
description = "List of additional arguments for cert-manager"
type = list
default = [
"--dns01-recursive-nameservers-only",
"--dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53",
]
}
resource helm_release "cert-manager" {
set {
name = "extraArgs"
// https://github.com/hashicorp/terraform-provider-helm/issues/92#issuecomment-407807183
value = "{${join(",", var.extraArgs)}}"
}
}
N/A
When viewing args in the pod description, should retain original formatting.
Args:
--v=2
--cluster-resource-namespace=$(POD_NAMESPACE)
--leader-election-namespace=kube-system
--dns01-recursive-nameservers-only
--dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
Original format is not preserved
Args:
--v=2
--cluster-resource-namespace=$(POD_NAMESPACE)
--leader-election-namespace=kube-system
--dns01-recursive-nameservers-only
--dns01-recursive-nameservers=8.8.8.8:53
1.1.1.1:53
terraform applyI'm not really sure that this is related to cert-manager as I've seen this behavior in other helm charts.
When I try to escape the items and surround with quotes, I get a different error. Instead of a silent failure this doesn't allow the state the complete and it just hangs:
variable "extraArgs" {
description = "List of additional arguments for cert-manager"
type = list
default = [
"--dns01-recursive-nameservers-only",
"--dns01-recursive-nameservers=\"8.8.8.8:53,1.1.1.1:53\"",
]
}
Args:
--v=2
--cluster-resource-namespace=$(POD_NAMESPACE)
--leader-election-namespace=kube-system
--dns01-recursive-nameservers-only
--dns01-recursive-nameservers="8.8.8.8:53
1.1.1.1:53"
md5-b481bb485f2c1e417b4ab1bbee5d218a
```bash
Error: Invalid escape sequence
On variables.tf
line 36: The symbol "," is not a valid escape sequence selector.
N/A
Thanks for opening this @wimo7083. I had a play around with this, and I found a solution but it is slightly confusing. This is a weird artifact of us passing along values from terraform to be parsed by by Helm's strvals module.
Solution: If you double escape the comma it seems to work: "--dns01-recursive-nameservers="8.8.8.8:53\\,1.1.1.1:53"
You're getting the error with only one slash because \, is not a valid escape sequence in Terraform, but it _is_ a valid escape sequence when Helm parses the value. Helm actually implements its own parser for this, which lets you escape the ,. So you need to escape your escape so terraform doesn't think it's an escape sequence so it can be passed onto Helm. 馃く
@jrhouston that's definitely it. Your explanation is dead on, but it feels bad because it's not something that can be 'fixed', just something to know/be aware of while using the provider. I can confirm this was also an issue with service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags in ingress-nginx, but your solution solved it.
I wonder if this is something that can instead be added as a documentation snippet regarding the set values function, as a quick note, If there are commas in your set values, they must be double escaped using '\' to avoid both terraform and helm parsing issues.
Most helpful comment
@jrhouston that's definitely it. Your explanation is dead on, but it feels bad because it's not something that can be 'fixed', just something to know/be aware of while using the provider. I can confirm this was also an issue with
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tagsiningress-nginx, but your solution solved it.I wonder if this is something that can instead be added as a documentation snippet regarding the set values function, as a quick note,
If there are commas in your set values, they must be double escaped using '\' to avoid both terraform and helm parsing issues.