Support for running port-forward while Terraform is operating

### Community Note

* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request
* Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
* If you are interested in working on this issue or have submitted a pull request, please leave a comment



### Description

It would be helpful to have a way to temporarily enable port-forwarding, perhaps as some sort of data resource, that would allow us to temporarily expose services in Kubernetes so that Terraform may send requests over that local port.

For example, let's say you're running Spinnaker in your Kubernetes cluster (as is typical). In order to use the Spinnaker provider, you need to be able to connect to Spinnaker's API gateway on port 8084. You could leave that port open 24/7, but it would likely be safer to only access it over an authenticated tunnel ala `kubectl port-forward svc/spin-gate 8084`, and only when necessary.

I'm sure this would be generally useful for other providers. SQL, for example.

Currently, I run the port-forward command in a loop in the background while terraform runs. Sometimes the tunnel is successfully creaetd before Terraform gets to the resources that require the tunnel, but most of the time it doesn't, and then I have to run terraform again to finish the entire plan.



### Potential Terraform Configuration



```hcl
data "kubernetes_service" "svc" { # or resource
  metadata {
    name      = "svc"
    namespace = "ns"
  }
}

data "kubernetes_port_forward" "svc" {
  namespace    = kubernetes_service.svc.metadata[0].namespace
  service_name = kubernetes_service.svc.metadata[0].name
  service_port = 8084 # or maybe strings for named ports
  local_port   = 9000 # optional
}
```

The data resource would need to be able to export the local port. If `local_port` isn't set perhaps the resource could allocate a random port.

The data resource would need to block until the service is reporting ready/referring to live pods (or some timeout is hit).

### References

This is distinct from the existing provisioner + connection tunneling as it's for resources, not running specific commands on a remote server.

[Example of port-forward use](https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/)

[Port forward API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#create-connect-portforward-pod-v1-core)

[Example of someone programmatically enabling port forwarding](https://gianarb.it/blog/programmatically-kube-port-forward-in-go)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Support for running port-forward while Terraform is operating #812

Community Note

Description

Potential Terraform Configuration

References

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Support for running port-forward while Terraform is operating #812

Description

Community Note

Description

Potential Terraform Configuration

References

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions