Terraform import Kubernetes secret

Question

I am trying to import an existing kubernetes secret into my Terraform state.

The secret resource should be located in a module, together with postgres resources. The idea is that I create the postgres user credentials and put them straight in a K8S secret.

The resource looks like this:

resource "kubernetes_secret" "database-credentials" {
  metadata {
    name = "${var.name}-database-credentials"
  } 
  data = {
    username = "${var.name}_user"
    password = random_password.password.result
  }
  type = "Opaque"
}

Then, I try to import it with the following command: terraform import module.<module_name>.kubernetes_secret.database-credentials default/<existing-secret-name>

Now, the problem is that this command fails with the following error message:

Error: Error initializing PostgreSQL client: error detecting capabilities: error PostgreSQL version: pq: no PostgreSQL user name specified in startup packet

I have no idea why the PostgreSQL client needs to do anything here or why it fails. There are postgres resources defined above the kubernetes secret resource config but I just want to import a k8s secret. I have defined all necessary environment variables needed. terraform apply works fine when I run it without the secret.

Could someone point me in the right direction please?

Are you saying you get that error when running the import? That looks like the error you might get when running a plan where you create the Postgresql host and attempt to use it at the same time but shouldn't happen during an import. — ydaetskcoR
Yes I did get that error during an import, but see answer below what I did to solve it. — kiwiidb

kiwiidb kiwiidb · Accepted Answer · 2020-02-14T10:32:46

Just figured it out myself.

https://github.com/terraform-providers/terraform-provider-postgresql/issues/2#issuecomment-567887609

TLDR: add expected_version = "<YOUR_POSTGRES_VERSION>" to the postgres provider block.

Terraform import Kubernetes secret

1 Answers