From 80251e5370af619a842beb7a637debb763bd0caf Mon Sep 17 00:00:00 2001
From: Rustie Lin <rustie117@gmail.com>
Date: Wed, 7 Dec 2022 10:47:06 -0700
Subject: [PATCH] [tf/gcp] option to separate k8s workloads from TF state

---
 terraform/aptos-node/aws/kubernetes.tf |  2 +-
 terraform/aptos-node/gcp/kubernetes.tf | 20 ++++++++++++++++++++
 terraform/aptos-node/gcp/variables.tf  |  5 +++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/terraform/aptos-node/aws/kubernetes.tf b/terraform/aptos-node/aws/kubernetes.tf
index 05001911b6f6d..238fd4b84620b 100644
--- a/terraform/aptos-node/aws/kubernetes.tf
+++ b/terraform/aptos-node/aws/kubernetes.tf
@@ -172,7 +172,7 @@ locals {
 
   # these values are the most likely to be changed by the user and may be managed by terraform to trigger re-deployment
   helm_values_managed = {
-    "imageTag" = var.image_tag
+    "imageTag"  = var.image_tag
     "chain.era" = var.era
   }
 }
diff --git a/terraform/aptos-node/gcp/kubernetes.tf b/terraform/aptos-node/gcp/kubernetes.tf
index 70ce263c4cbae..444307d947b6d 100644
--- a/terraform/aptos-node/gcp/kubernetes.tf
+++ b/terraform/aptos-node/gcp/kubernetes.tf
@@ -28,6 +28,12 @@ locals {
   monitoring_helm_chart_path = "${path.module}/../../helm/monitoring"
   logger_helm_chart_path     = "${path.module}/../../helm/logger"
   aptos_node_helm_chart_path = var.helm_chart != "" ? var.helm_chart : "${path.module}/../../helm/aptos-node"
+
+  # these values are the most likely to be changed by the user and may be managed by terraform to trigger re-deployment
+  helm_values_managed = {
+    "imageTag"  = var.image_tag
+    "chain.era" = var.era
+  }
 }
 
 resource "helm_release" "validator" {
@@ -36,6 +42,12 @@ resource "helm_release" "validator" {
   max_history = 5
   wait        = false
 
+  lifecycle {
+    ignore_changes = [
+      values,
+    ]
+  }
+
   values = [
     jsonencode({
       imageTag = var.image_tag
@@ -76,6 +88,14 @@ resource "helm_release" "validator" {
     jsonencode(var.helm_values),
   ]
 
+  dynamic "set" {
+    for_each = var.manage_via_tf ? local.helm_values_managed : {}
+    content {
+      name  = set.key
+      value = set.value
+    }
+  }
+
   # inspired by https://stackoverflow.com/a/66501021 to trigger redeployment whenever any of the charts file contents change.
   set {
     name  = "chart_sha1"
diff --git a/terraform/aptos-node/gcp/variables.tf b/terraform/aptos-node/gcp/variables.tf
index 81080935ddefa..e4a952ddd2d49 100644
--- a/terraform/aptos-node/gcp/variables.tf
+++ b/terraform/aptos-node/gcp/variables.tf
@@ -142,3 +142,8 @@ variable "node_exporter_helm_values" {
   type        = any
   default     = {}
 }
+
+variable "manage_via_tf" {
+  description = "Whether to manage the aptos-node k8s workload via Terraform"
+  default     = true
+}