terraform {
  required_providers {
    kubectl = {
      source  = "gavinbunney/kubectl"
      version = "1.19.0"
    }
    helm = {
      source  = "hashicorp/helm"
      version = "3.0.2"
    }
    kubernetes = {
      source = "hashicorp/kubernetes"
      version = "2.38.0"
    }
  }
}

resource "kubernetes_namespace" "metallb-system" {
  metadata {
    name = "metallb-system"
    labels = {
      "pod-security.kubernetes.io/enforce" = "privileged"
    }
  }
}

resource "helm_release" "metallb" {
  depends_on = [ kubernetes_namespace.metallb-system ]
  
  name       = "metallb"
  repository = "https://metallb.github.io/metallb"
  chart      = "metallb"
  namespace  = "metallb-system"
  version    = "0.14.9"

  timeout = 3600
}

resource "kubectl_manifest" "metallb_pool" {
  depends_on = [ helm_release.metallb ]

  yaml_body = yamlencode({
    apiVersion = "metallb.io/v1beta1"
    kind       = "IPAddressPool"
    metadata = {
      name      = "metallb-pool"
      namespace = "metallb-system"
    }
    spec = {
      addresses = [var.metallb_ip_range]
    }
  })

}

resource "kubectl_manifest" "metallb_l2_advertisement" {
  depends_on = [ kubectl_manifest.metallb_pool ]

  yaml_body = yamlencode({
    apiVersion = "metallb.io/v1beta1"
    kind       = "L2Advertisement"
    metadata = {
      name      = "l2-advertisement"
      namespace = "metallb-system"
    }
    spec = {
      ipAddressPools = ["metallb-pool"]
    }
  })
}