From 7be725282cc84c66083372af3e82cda905e4c8b3 Mon Sep 17 00:00:00 2001
From: mcgin314 <luther.coleman.mcginty@census.gov>
Date: Fri, 6 Sep 2024 14:21:05 -0400
Subject: [PATCH] Use cluster api from variable instead of data source

---
 main.tf      | 13 +++++++------
 variables.tf |  6 ++++++
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/main.tf b/main.tf
index 46df6ca..8a73964 100644
--- a/main.tf
+++ b/main.tf
@@ -55,11 +55,11 @@ resource "kubernetes_namespace" "ns" {
   }
 }
 
-data "kubernetes_service" "apiserver" {
-  metadata {
-    name = "kubernetes"
-  }
-}
+# data "kubernetes_service" "apiserver" {
+#   metadata {
+#     name = "kubernetes"
+#   }
+# }
 
 resource "helm_release" "base" {
   depends_on = [module.images]
@@ -110,7 +110,8 @@ resource "helm_release" "istiod" {
   }
   set {
     name  = "globalproxy.excludeIPRanges"
-    value = "${data.kubernetes_service.apiserver.spec[0].cluster_ip}/32"
+    value = "${var.kubernetes_service_apiserver}/32"
+    # value = "${data.kubernetes_service.apiserver.spec[0].cluster_ip}/32"
   }
 }
 
diff --git a/variables.tf b/variables.tf
index d980faf..79cf6d2 100644
--- a/variables.tf
+++ b/variables.tf
@@ -62,3 +62,9 @@ variable "enable_egress_gateway" {
   type        = bool
   default     = true
 }
+
+variable "kubernetes_service_apiserver" {
+  description = "Use to exclude internal API service traffic from the service mesh; it should not change but could be necessary to lookup"
+  type        = string
+  default     = "172.20.0.1"
+}
\ No newline at end of file