From 560369ce9a3b05c503357528ce96eb9c518ee359 Mon Sep 17 00:00:00 2001
From: Sergey Nazarov <natarajaya@gmail.com>
Date: Tue, 21 Aug 2018 15:31:59 -0700
Subject: [PATCH 1/3] [GPII-3251]: Idempotence for helm-release destroy

---
 modules/helm-release/main.tf | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/modules/helm-release/main.tf b/modules/helm-release/main.tf
index 958b687..221808d 100644
--- a/modules/helm-release/main.tf
+++ b/modules/helm-release/main.tf
@@ -2,15 +2,31 @@
 # PROVIDER
 # ------------------------------------------------------------------------------
 
+data "external" "client_auth" {
+  program = [
+    "sh", "-c",
+    <<EOF
+      ca_cert=$(cat ${var.client_auth}/ca.cert.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
+      helm_cert=$(cat ${var.client_auth}/helm.cert.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
+      helm_key=$(cat ${var.client_auth}/helm.key.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
+      jq -n \
+        --arg ca_cert "$ca_cert" \
+        --arg helm_cert "$helm_cert" \
+        --arg helm_key "$helm_key" \
+        '{"ca_cert":$ca_cert,"helm_cert":$helm_cert,"helm_key":$helm_key}'
+    EOF
+  ]
+}
+
 provider "helm" {
   namespace  = "${var.tiller_namespace}"
   enable_tls = true
   insecure   = false
   debug      = true
 
-  ca_certificate     = "${file("${var.client_auth}/ca.cert.pem")}"
-  client_certificate = "${file("${var.client_auth}/helm.cert.pem")}"
-  client_key         = "${file("${var.client_auth}/helm.key.pem")}"
+  ca_certificate     = "${data.external.client_auth.result.ca_cert}"
+  client_certificate = "${data.external.client_auth.result.helm_cert}"
+  client_key         = "${data.external.client_auth.result.helm_key}"
 }
 
 # ------------------------------------------------------------------------------

From 6bcbaf4a8ee93470bc68d77a27ce34ec0133d3d1 Mon Sep 17 00:00:00 2001
From: Sergey Nazarov <natarajaya@gmail.com>
Date: Wed, 22 Aug 2018 17:13:39 -0700
Subject: [PATCH 2/3] Excessive newline treatment is not necessary

---
 modules/helm-release/main.tf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/helm-release/main.tf b/modules/helm-release/main.tf
index 221808d..26df78f 100644
--- a/modules/helm-release/main.tf
+++ b/modules/helm-release/main.tf
@@ -6,9 +6,9 @@ data "external" "client_auth" {
   program = [
     "sh", "-c",
     <<EOF
-      ca_cert=$(cat ${var.client_auth}/ca.cert.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
-      helm_cert=$(cat ${var.client_auth}/helm.cert.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
-      helm_key=$(cat ${var.client_auth}/helm.key.pem 2>/dev/null | awk '$1=$1' ORS='  \n')
+      ca_cert=$(cat ${var.client_auth}/ca.cert.pem 2>/dev/null)
+      helm_cert=$(cat ${var.client_auth}/helm.cert.pem 2>/dev/null)
+      helm_key=$(cat ${var.client_auth}/helm.key.pem 2>/dev/null)
       jq -n \
         --arg ca_cert "$ca_cert" \
         --arg helm_cert "$helm_cert" \

From b01d6d48f8184123f415157f9dfb97ff550deb91 Mon Sep 17 00:00:00 2001
From: Sergey Nazarov <natarajaya@gmail.com>
Date: Wed, 22 Aug 2018 18:02:21 -0700
Subject: [PATCH 3/3] Add comment

---
 modules/helm-release/main.tf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/helm-release/main.tf b/modules/helm-release/main.tf
index 26df78f..a34bff7 100644
--- a/modules/helm-release/main.tf
+++ b/modules/helm-release/main.tf
@@ -2,6 +2,10 @@
 # PROVIDER
 # ------------------------------------------------------------------------------
 
+# Following code loads Helm certificates from files into Terraform data object.
+# In case there are no certificate files, data will be populated with empty values
+# so provider configuration can still be successful.
+# This helps to achieve idempotence for destroy operation.
 data "external" "client_auth" {
   program = [
     "sh", "-c",