[Bug]: flux_bootstrap_git destroy should align with the behavior of flux uninstall #720
Description
Describe the bug
Behavior of flux uninstall removes all the CRDs and necessary finalizers from the cluster. However, executing destroy with the Flux Terraform provider causes HelmRelease CRD to get stuck in a Terminating state. It is imperative to run flux uninstall to ensure proper cleanup, including their finalizers. There are helm.toolkit.fluxcd.io/v2beta1 HelmRelease objects defined on the cluster.
Status of HelmRelease CRD after running terraform destroy:
status:
acceptedNames:
kind: HelmRelease
listKind: HelmReleaseList
plural: helmreleases
shortNames:
- hr
singular: helmrelease
conditions:
- lastTransitionTime: "2024-09-29T16:48:09Z"
message: no conflicts found
reason: NoConflicts
status: "True"
type: NamesAccepted
- lastTransitionTime: "2024-09-29T16:48:09Z"
message: the initial names have been accepted
reason: InitialNamesAccepted
status: "True"
type: Established
- lastTransitionTime: "2024-09-29T16:56:36Z"
message: CustomResource deletion is in progress
reason: InstanceDeletionInProgress
status: "True"
type: Terminating
storedVersions:
- v2
Steps to reproduce
terraform applyto installfluxon AKS clusterfluxinstalled successfullyterrform destroyto uninstallfluxkubectl get crds | grep flux
helmreleases.helm.toolkit.fluxcd.ioflux uninstall --namespace=flux-system --keep-namespace
Are you sure you want to delete Flux and its custom resource definitions: y
► deleting components in flux-system namespace
► deleting toolkit.fluxcd.io finalizers in all namespaces
✔ HelmRelease/ingress-nginx/ingress-nginx finalizers deleted
✔ HelmRelease/monitoring/prometheus finalizers deleted
► deleting toolkit.fluxcd.io custom resource definitions
✗ CustomResourceDefinition/helmreleases.helm.toolkit.fluxcd.io deletion failed: customresourcedefinitions.apiextensions.k8s.io "helmreleases.helm.toolkit.fluxcd.io" not found
✔ uninstall finishedkubectl get crds | grep fluxnow returns nothing
Expected behavior
Running terraform destroy should have deleted HelmRelease CRD and its finalizers.
Screenshots and recordings
No response
Terraform and provider versions
Terraform v1.9.3 on darwin_arm64
FluxCD 1.30
Kubernetes v2.32.0
Azure RM v3.116.0
AKS Cluster v1.29.4
Terraform provider configurations
provider "flux" {
kubernetes = {
host = local.kube_provider.host
client_certificate = local.kube_provider.client_certificate
client_key = local.kube_provider.client_key
cluster_ca_certificate = local.kube_provider.cluster_ca_certificate
}
git = {
url = local.url
branch = var.flux2_git_branch
ssh = {
username = "git"
private_key = data.azurerm_key_vault_secret.flux2_private_key.value
}
}
}
provider "kubernetes" {
host = local.kube_provider.host
client_certificate = local.kube_provider.client_certificate
client_key = local.kube_provider.client_key
cluster_ca_certificate = local.kube_provider.cluster_ca_certificate
}
provider "azurerm" {
features {}
}
locals.tf
locals {
kube_provider = {
host = coalesce(try(data.azurerm_kubernetes_cluster.this.kube_admin_config[0].host, null), data.azurerm_kubernetes_cluster.this.kube_config[0].host)
client_certificate = base64decode(coalesce(try(data.azurerm_kubernetes_cluster.this.kube_admin_config[0].client_certificate, null), data.azurerm_kubernetes_cluster.this.kube_config[0].client_certificate))
client_key = base64decode(coalesce(try(data.azurerm_kubernetes_cluster.this.kube_admin_config[0].client_key, null), data.azurerm_kubernetes_cluster.this.kube_config[0].client_key))
cluster_ca_certificate = base64decode(coalesce(try(data.azurerm_kubernetes_cluster.this.kube_admin_config[0].cluster_ca_certificate, null), data.azurerm_kubernetes_cluster.this.kube_config[0].cluster_ca_certificate))
}
}
flux_bootstrap_git resource
resource "flux_bootstrap_git" "this" {
embedded_manifests = true
interval = 10m0s
version = "v2.3.0"
path = "./"
}
Flux version
v2.3.0
Additional context
No response
Code of Conduct
- I agree to follow this project's Code of Conduct
Would you like to implement a fix?
None