From 68f6c34e060498987c3c3009bc4a0bcecf6f90e8 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Sat, 22 Feb 2020 22:19:29 +0100 Subject: [PATCH 01/16] Changing load_balancer_profile settings to computed=false When the `load_balancer_profile` settings are calculated, changing (for example) from managed IPs to provided outbound IP addresses is not possible. The `effective_outbound_ips` are still `Computed`, but as only one of the three options `outbound_ip_address_ids`, `outbound_ip_prefix_ids` and `managed_outbound_ip_count` and at least one of them should be set, `Computed` doesnt make sense to me. If there is a better option to make a change possible, let me know --- .../services/containers/resource_arm_kubernetes_cluster.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index 6d75e381af68..64d8fbfc12d8 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -298,14 +298,14 @@ func resourceArmKubernetesCluster() *schema.Resource { "managed_outbound_ip_count": { Type: schema.TypeInt, Optional: true, - Computed: true, + Computed: false, ValidateFunc: validation.IntBetween(1, 100), ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, }, "outbound_ip_prefix_ids": { Type: schema.TypeSet, Optional: true, - Computed: true, + Computed: false, ConfigMode: schema.SchemaConfigModeAttr, ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, Elem: &schema.Schema{ @@ -316,7 +316,7 @@ func resourceArmKubernetesCluster() *schema.Resource { "outbound_ip_address_ids": { Type: schema.TypeSet, Optional: true, - Computed: true, + Computed: false, ConfigMode: schema.SchemaConfigModeAttr, ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids"}, Elem: &schema.Schema{ From 0106d5c8482af2d1f0c53577d8c68217d66959a9 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Sun, 23 Feb 2020 20:43:11 +0100 Subject: [PATCH 02/16] Computed: false removed as it is default --- .../services/containers/resource_arm_kubernetes_cluster.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index 64d8fbfc12d8..81c22b6d1d80 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -298,14 +298,12 @@ func resourceArmKubernetesCluster() *schema.Resource { "managed_outbound_ip_count": { Type: schema.TypeInt, Optional: true, - Computed: false, ValidateFunc: validation.IntBetween(1, 100), ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, }, "outbound_ip_prefix_ids": { Type: schema.TypeSet, Optional: true, - Computed: false, ConfigMode: schema.SchemaConfigModeAttr, ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, Elem: &schema.Schema{ @@ -316,7 +314,6 @@ func resourceArmKubernetesCluster() *schema.Resource { "outbound_ip_address_ids": { Type: schema.TypeSet, Optional: true, - Computed: false, ConfigMode: schema.SchemaConfigModeAttr, ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids"}, Elem: &schema.Schema{ From a5b6500ed7595815768bb80db72fe43ad16e8b86 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Tue, 10 Mar 2020 21:06:48 +0100 Subject: [PATCH 03/16] changingLoadBalancerProfileConfig test added --- ...rce_arm_kubernetes_cluster_network_test.go | 142 ++++++++++++++++++ 1 file changed, 142 insertions(+) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index e42a2ed19ecf..b1d67b1b2b38 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -576,6 +576,75 @@ func testAccAzureRMKubernetesCluster_prefixedLoadBalancerProfile(t *testing.T) { }) } +func TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { + checkIfShouldRunTestsIndividually(t) + testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t) +} + +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") + clientId := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acceptance.PreCheck(t) }, + Providers: acceptance.SupportedProviders, + CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_prefix_ids", "[azurerm_public_ip_prefix.test.id]"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), + ), + }, + data.ImportStep("service_principal.0.client_secret"), + { + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "1"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), + ), + }, + data.ImportStep("service_principal.0.client_secret"), + { + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_address_ids", "[azurerm_public_ip.test.id]"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), + ), + }, + data.ImportStep("service_principal.0.client_secret"), + { + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_prefix_ids", "[azurerm_public_ip_prefix.test.id]"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), + ), + }, + data.ImportStep("service_principal.0.client_secret"), + { + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "1"), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), + ), + }, + data.ImportStep("service_principal.0.client_secret"), + }, + }) +} + func testAccAzureRMKubernetesCluster_advancedNetworkingConfig(data acceptance.TestData, clientId string, clientSecret string, location string, networkPlugin string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { @@ -1415,3 +1484,76 @@ resource "azurerm_kubernetes_cluster" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } + +func testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, key string, value string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefix = "10.1.0.0/24" +} + +resource "azurerm_public_ip_prefix" "test" { + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + name = "acctestipprefix%d" + prefix_length = 31 +} + +resource "azurerm_public_ip" "test" { + name = "acctestipone%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + allocation_method = "Static" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + kubernetes_version = "%s" + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + default_node_pool { + name = "default" + node_count = 2 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } + + service_principal { + client_id = "%s" + client_secret = "%s" + } + + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + load_balancer_profile { + "%s" = "%s" + } + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret, key, value) +} From ad8833238f17a0945ce2c3a7e6e0ac7d4487a3b7 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Tue, 10 Mar 2020 21:46:43 +0100 Subject: [PATCH 04/16] Optimize test --- .../resource_arm_kubernetes_cluster_network_test.go | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index b1d67b1b2b38..ba405b0aee9f 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -625,22 +625,11 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_prefix_ids", "[azurerm_public_ip_prefix.test.id]"), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), }, data.ImportStep("service_principal.0.client_secret"), - { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "1"), - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMKubernetesClusterExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), - resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count.#", "1"), - resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), - ), - }, - data.ImportStep("service_principal.0.client_secret"), }, }) } From cf4a63c731ec3b22b74347a62bbaf482d1014f55 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Thu, 12 Mar 2020 00:07:29 +0100 Subject: [PATCH 05/16] Mistake in test fixed --- .../tests/resource_arm_kubernetes_cluster_network_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index ba405b0aee9f..075b1f0c650a 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -1474,7 +1474,7 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } -func testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, key string, value string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, key string, value string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" From b8d972003aa666f1783940fc06353efa06942d34 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 18 Mar 2020 07:17:33 +0100 Subject: [PATCH 06/16] Update of testcheck and linter problem --- .../tests/resource_arm_kubernetes_cluster_network_test.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index 015135a4e73e..e2911d905b4e 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -602,11 +602,11 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "1"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "\"1\""), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), - resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), }, @@ -1563,6 +1563,7 @@ resource "azurerm_public_ip" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name allocation_method = "Static" + sku = "Standard" } resource "azurerm_kubernetes_cluster" "test" { @@ -1596,7 +1597,7 @@ resource "azurerm_kubernetes_cluster" "test" { network_plugin = "azure" load_balancer_sku = "standard" load_balancer_profile { - "%s" = "%s" + %s = %s } } } From 57179a254027dc28576bd6b744873ffe5481f01a Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 18 Mar 2020 07:54:18 +0100 Subject: [PATCH 07/16] Add new test to aks combined tests --- .../containers/tests/resource_arm_kubernetes_cluster_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_test.go index 394407aa20f2..edb97920f5d7 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_test.go @@ -49,6 +49,7 @@ func TestAccAzureRMKubernetes_all(t *testing.T) { "enableNodePublicIP": testAccAzureRMKubernetesCluster_enableNodePublicIP, "internalNetwork": testAccAzureRMKubernetesCluster_internalNetwork, "basicLoadBalancerProfile": testAccAzureRMKubernetesCluster_basicLoadBalancerProfile, + "changingLoadBalancerProfile": testAccAzureRMKubernetesCluster_changingLoadBalancerProfile, "conflictingLoadBalancerProfile": testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfile, "prefixedLoadBalancerProfile": testAccAzureRMKubernetesCluster_prefixedLoadBalancerProfile, "standardLoadBalancer": testAccAzureRMKubernetesCluster_standardLoadBalancer, From 13fb55222a932dcb43e87d3496ca3ea4784fc62e Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Wed, 18 Mar 2020 08:30:15 +0100 Subject: [PATCH 08/16] Fix for terrafmt --- ...rce_arm_kubernetes_cluster_network_test.go | 164 +++++++++++++++++- 1 file changed, 156 insertions(+), 8 deletions(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index e2911d905b4e..de39a6ab27d7 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -592,7 +592,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_prefix_ids", "[azurerm_public_ip_prefix.test.id]"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -602,7 +602,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "managed_outbound_ip_count", "\"1\""), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -612,7 +612,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_address_ids", "[azurerm_public_ip.test.id]"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -622,7 +622,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "outbound_ip_prefix_ids", "[azurerm_public_ip_prefix.test.id]"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), @@ -1530,7 +1530,7 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, key string, value string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data acceptance.TestData, clientId string, clientSecret string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" @@ -1563,7 +1563,81 @@ resource "azurerm_public_ip" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name allocation_method = "Static" - sku = "Standard" + sku = "Standard" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + kubernetes_version = "%s" + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + default_node_pool { + name = "default" + node_count = 2 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } + + service_principal { + client_id = "%s" + client_secret = "%s" + } + + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + load_balancer_profile { + outbound_ip_prefix_ids = [azurerm_public_ip_prefix.test.id] + } + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +} + +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data acceptance.TestData, clientId string, clientSecret string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefix = "10.1.0.0/24" +} + +resource "azurerm_public_ip_prefix" "test" { + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + name = "acctestipprefix%d" + prefix_length = 31 +} + +resource "azurerm_public_ip" "test" { + name = "acctestipone%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + allocation_method = "Static" + sku = "Standard" } resource "azurerm_kubernetes_cluster" "test" { @@ -1597,9 +1671,83 @@ resource "azurerm_kubernetes_cluster" "test" { network_plugin = "azure" load_balancer_sku = "standard" load_balancer_profile { - %s = %s + managed_outbound_ip_count = "1" } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret, key, value) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +} + +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data acceptance.TestData, clientId string, clientSecret string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefix = "10.1.0.0/24" +} + +resource "azurerm_public_ip_prefix" "test" { + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + name = "acctestipprefix%d" + prefix_length = 31 +} + +resource "azurerm_public_ip" "test" { + name = "acctestipone%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + allocation_method = "Static" + sku = "Standard" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + kubernetes_version = "%s" + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + default_node_pool { + name = "default" + node_count = 2 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } + + service_principal { + client_id = "%s" + client_secret = "%s" + } + + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + load_balancer_profile { + outbound_ip_address_ids = [azurerm_public_ip.test.id] + } + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } From 4067ff0a77f2551016d79b855b10e9d721c4baa5 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sat, 21 Mar 2020 21:47:48 +0100 Subject: [PATCH 09/16] Implementation of suggestions --- .../resource_arm_kubernetes_cluster.go | 68 +++++-- ...rce_arm_kubernetes_cluster_network_test.go | 170 ++---------------- 2 files changed, 62 insertions(+), 176 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index 2d1e1b8d95b3..31500d9f4d9c 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -47,11 +47,17 @@ func resourceArmKubernetesCluster() *schema.Resource { if len(rawProfiles) == 0 { return nil } + profile := rawProfiles[0].(map[string]interface{}) + + // check a few properties of the loadbalancer + loadBalancerSku := profile["load_balancer_sku"].(string) + err := precheckLoadBalancerProfile(profile["load_balancer_profile"].([]interface{}), loadBalancerSku) + if err != nil { + return err + } // then ensure the conditionally-required fields are set - profile := rawProfiles[0].(map[string]interface{}) networkPlugin := profile["network_plugin"].(string) - if networkPlugin != "kubenet" && networkPlugin != "azure" { return nil } @@ -296,26 +302,26 @@ func resourceArmKubernetesCluster() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "managed_outbound_ip_count": { - Type: schema.TypeInt, - Optional: true, - ValidateFunc: validation.IntBetween(1, 100), - ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, + Type: schema.TypeInt, + Optional: true, + Computed: true, + ValidateFunc: validation.IntBetween(0, 100), }, "outbound_ip_prefix_ids": { - Type: schema.TypeSet, - Optional: true, - ConfigMode: schema.SchemaConfigModeAttr, - ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, + Type: schema.TypeSet, + Optional: true, + Computed: true, + ConfigMode: schema.SchemaConfigModeAttr, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: azure.ValidateResourceID, }, }, "outbound_ip_address_ids": { - Type: schema.TypeSet, - Optional: true, - ConfigMode: schema.SchemaConfigModeAttr, - ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids"}, + Type: schema.TypeSet, + Optional: true, + Computed: true, + ConfigMode: schema.SchemaConfigModeAttr, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: azure.ValidateResourceID, @@ -1162,10 +1168,6 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*conta return nil, nil } - if strings.ToLower(loadBalancerType) != "standard" { - return nil, fmt.Errorf("Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: %s", loadBalancerType) - } - config := d[0].(map[string]interface{}) var managedOutboundIps *containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs @@ -1193,6 +1195,36 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*conta }, nil } +func precheckLoadBalancerProfile(d []interface{}, loadBalancerType string) error { + if len(d) == 0 || d[0] == nil { + return nil + } + + if strings.ToLower(loadBalancerType) != "standard" { + return fmt.Errorf("Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: %s", loadBalancerType) + } + + config := d[0].(map[string]interface{}) + + ipCount := config["managed_outbound_ip_count"] + ipPrefixes := config["outbound_ip_prefix_ids"] + outIps := config["outbound_ip_address_ids"] + + if ipCount != 0 && ipPrefixes != nil && ipPrefixes.(*schema.Set).Len() != 0 { + return fmt.Errorf("'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids'. Set 'managed_outbound_ip_count = \"0\"' or 'outbound_ip_prefix_ids = []' ") + } + + if ipCount != 0 && outIps != nil && outIps.(*schema.Set).Len() != 0 { + return fmt.Errorf("'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'managed_outbound_ip_count = \"0\"' or 'outbound_ip_address_ids = []'") + } + + if outIps != nil && ipPrefixes != nil && ipPrefixes.(*schema.Set).Len() != 0 && outIps.(*schema.Set).Len() != 0 { + return fmt.Errorf("'network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'outbound_ip_prefix_ids = []' or 'outbound_ip_address_ids = []'") + } + + return nil +} + func idsToResourceReferences(set interface{}) *[]containerservice.ResourceReference { if set == nil { return nil diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index de39a6ab27d7..16a1c7326c3e 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -509,7 +509,7 @@ func testAccAzureRMKubernetesCluster_basicLoadBalancerProfile(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccAzureRMKubernetesCluster_basicLoadBalancerProfileConfig(data, clientId, clientSecret), - ExpectError: regexp.MustCompile("errors during apply: Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: basic"), + ExpectError: regexp.MustCompile("errors during plan: Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: basic"), }, }, }) @@ -532,7 +532,7 @@ func testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfile(t *testing.T Steps: []resource.TestStep{ { Config: testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfileConfig(data, clientId, clientSecret), - ExpectError: regexp.MustCompile(`- "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count": conflicts with network_profile.0.load_balancer_profile.0.outbound_ip_address_ids`), + ExpectError: regexp.MustCompile(`'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'managed_outbound_ip_count = "0"' or 'outbound_ip_address_ids = \[\]'`), }, { ResourceName: "azurerm_public_ip.test", @@ -592,7 +592,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", "azurerm_public_ip_prefix.test.id"), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -602,7 +602,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", ""), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -612,7 +612,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "azurerm_public_ip.test.id", ""), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -622,7 +622,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", "azurerm_public_ip_prefix.test.id"), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), @@ -1038,7 +1038,7 @@ resource "azurerm_kubernetes_cluster" "test" { load_balancer_sku = "standard" } - api_server_authorized_ip_ranges = ["%s"] + api_server_authorized_ip_ranges = ["%s" ] private_link_enabled = %t } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, clientId, clientSecret, cdir, enablePrivateLink) @@ -1530,7 +1530,7 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data acceptance.TestData, clientId string, clientSecret string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, managedIPCount string, ipAdressId string, ipPrefixId string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" @@ -1597,157 +1597,11 @@ resource "azurerm_kubernetes_cluster" "test" { network_plugin = "azure" load_balancer_sku = "standard" load_balancer_profile { - outbound_ip_prefix_ids = [azurerm_public_ip_prefix.test.id] - } - } -} -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) -} - -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data acceptance.TestData, clientId string, clientSecret string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} - -resource "azurerm_virtual_network" "test" { - name = "acctestvirtnet%d" - address_space = ["10.1.0.0/16"] - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name -} - -resource "azurerm_subnet" "test" { - name = "acctestsubnet%d" - resource_group_name = azurerm_resource_group.test.name - virtual_network_name = azurerm_virtual_network.test.name - address_prefix = "10.1.0.0/24" -} - -resource "azurerm_public_ip_prefix" "test" { - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - name = "acctestipprefix%d" - prefix_length = 31 -} - -resource "azurerm_public_ip" "test" { - name = "acctestipone%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - allocation_method = "Static" - sku = "Standard" -} - -resource "azurerm_kubernetes_cluster" "test" { - name = "acctestaks%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - dns_prefix = "acctestaks%d" - kubernetes_version = "%s" - - linux_profile { - admin_username = "acctestuser%d" - - ssh_key { - key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" - } - } - - default_node_pool { - name = "default" - node_count = 2 - vm_size = "Standard_DS2_v2" - vnet_subnet_id = azurerm_subnet.test.id - } - - service_principal { - client_id = "%s" - client_secret = "%s" - } - - network_profile { - network_plugin = "azure" - load_balancer_sku = "standard" - load_balancer_profile { - managed_outbound_ip_count = "1" + managed_outbound_ip_count = "%s" + outbound_ip_address_ids = [%s] + outbound_ip_prefix_ids = [%s] } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) -} - -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data acceptance.TestData, clientId string, clientSecret string) string { - return fmt.Sprintf(` -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" -} - -resource "azurerm_virtual_network" "test" { - name = "acctestvirtnet%d" - address_space = ["10.1.0.0/16"] - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name -} - -resource "azurerm_subnet" "test" { - name = "acctestsubnet%d" - resource_group_name = azurerm_resource_group.test.name - virtual_network_name = azurerm_virtual_network.test.name - address_prefix = "10.1.0.0/24" -} - -resource "azurerm_public_ip_prefix" "test" { - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - name = "acctestipprefix%d" - prefix_length = 31 -} - -resource "azurerm_public_ip" "test" { - name = "acctestipone%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - allocation_method = "Static" - sku = "Standard" -} - -resource "azurerm_kubernetes_cluster" "test" { - name = "acctestaks%d" - location = azurerm_resource_group.test.location - resource_group_name = azurerm_resource_group.test.name - dns_prefix = "acctestaks%d" - kubernetes_version = "%s" - - linux_profile { - admin_username = "acctestuser%d" - - ssh_key { - key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" - } - } - - default_node_pool { - name = "default" - node_count = 2 - vm_size = "Standard_DS2_v2" - vnet_subnet_id = azurerm_subnet.test.id - } - - service_principal { - client_id = "%s" - client_secret = "%s" - } - - network_profile { - network_plugin = "azure" - load_balancer_sku = "standard" - load_balancer_profile { - outbound_ip_address_ids = [azurerm_public_ip.test.id] - } - } -} -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret, managedIPCount, ipAdressId, ipPrefixId) } From 922f0cb31a6e4f41c246750bcf8831a63c813d67 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sat, 21 Mar 2020 21:48:29 +0100 Subject: [PATCH 10/16] Bonus: update of README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b781edef6474..7deae71636ca 100644 --- a/README.md +++ b/README.md @@ -96,7 +96,7 @@ $ make test The majority of tests in the provider are Acceptance Tests - which provisions real resources in Azure. It's possible to run the entire acceptance test suite by running `make testacc` - however it's likely you'll want to run a subset, which you can do using a prefix, by running: ```sh -make testacc SERVICE='resource' TESTARGS='-run=TestAccAzureRMResourceGroup' TESTTIMEOUT='60m' +make acctests SERVICE='resource' TESTARGS='-run=TestAccAzureRMResourceGroup' TESTTIMEOUT='60m' ``` The following Environment Variables must be set in your shell prior to running acceptance tests: From 9c9d79a4f5a85510a5b796f17f0a06448a0877de Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sun, 22 Mar 2020 18:30:55 +0100 Subject: [PATCH 11/16] Change of plans, improved solution --- .../resource_arm_kubernetes_cluster.go | 90 ++++++---- ...rce_arm_kubernetes_cluster_network_test.go | 154 +++++++++++++++--- 2 files changed, 189 insertions(+), 55 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index 31500d9f4d9c..dc383aa5d8f8 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -49,13 +49,6 @@ func resourceArmKubernetesCluster() *schema.Resource { } profile := rawProfiles[0].(map[string]interface{}) - // check a few properties of the loadbalancer - loadBalancerSku := profile["load_balancer_sku"].(string) - err := precheckLoadBalancerProfile(profile["load_balancer_profile"].([]interface{}), loadBalancerSku) - if err != nil { - return err - } - // then ensure the conditionally-required fields are set networkPlugin := profile["network_plugin"].(string) if networkPlugin != "kubenet" && networkPlugin != "azure" { @@ -302,26 +295,29 @@ func resourceArmKubernetesCluster() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "managed_outbound_ip_count": { - Type: schema.TypeInt, - Optional: true, - Computed: true, - ValidateFunc: validation.IntBetween(0, 100), + Type: schema.TypeInt, + Optional: true, + Computed: true, + ValidateFunc: validation.IntBetween(1, 100), + ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, }, "outbound_ip_prefix_ids": { - Type: schema.TypeSet, - Optional: true, - Computed: true, - ConfigMode: schema.SchemaConfigModeAttr, + Type: schema.TypeSet, + Optional: true, + Computed: true, + ConfigMode: schema.SchemaConfigModeAttr, + ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids"}, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: azure.ValidateResourceID, }, }, "outbound_ip_address_ids": { - Type: schema.TypeSet, - Optional: true, - Computed: true, - ConfigMode: schema.SchemaConfigModeAttr, + Type: schema.TypeSet, + Optional: true, + Computed: true, + ConfigMode: schema.SchemaConfigModeAttr, + ConflictsWith: []string{"network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids"}, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: azure.ValidateResourceID, @@ -759,6 +755,15 @@ func resourceArmKubernetesClusterUpdate(d *schema.ResourceData, meta interface{} return err } + if networkProfile.LoadBalancerSku == containerservice.LoadBalancerSku("Standard") && d.HasChange("network_profile.0.load_balancer_profile") { + log.Printf("[DEBUG] Updates found for the LoadBalancer of Kubernetes Cluster %q (Resource Group %q)..", id.Name, id.ResourceGroup) + loadBalancerProfile, err := expandChangedLoadBalancerProfile(d) + if err != nil { + return err + } + networkProfile.LoadBalancerProfile = loadBalancerProfile + } + existing.ManagedClusterProperties.NetworkProfile = networkProfile } @@ -1163,7 +1168,8 @@ func expandKubernetesClusterNetworkProfile(input []interface{}) (*containerservi return &networkProfile, nil } -func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*containerservice.ManagedClusterLoadBalancerProfile, error) { +func expandChangedLoadBalancerProfile(rd *schema.ResourceData) (*containerservice.ManagedClusterLoadBalancerProfile, error) { + d := rd.Get("network_profile.0.load_balancer_profile").([]interface{}) if len(d) == 0 || d[0] == nil { return nil, nil } @@ -1174,17 +1180,23 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*conta var outboundIpPrefixes *containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes var outboundIps *containerservice.ManagedClusterLoadBalancerProfileOutboundIPs - if ipCount := config["managed_outbound_ip_count"]; ipCount != nil { + if rd.HasChange("network_profile.0.load_balancer_profile.0.managed_outbound_ip_count") { + log.Printf("[DEBUG] changes found in 'managed_outbound_ip_count'") + ipCount := config["managed_outbound_ip_count"] if c := int32(ipCount.(int)); c > 0 { managedOutboundIps = &containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{Count: &c} } } - if ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]); ipPrefixes != nil { + if rd.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids") { + log.Printf("[DEBUG] changes found in 'outbound_ip_prefix_ids'") + ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]) outboundIpPrefixes = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes{PublicIPPrefixes: ipPrefixes} } - if outIps := idsToResourceReferences(config["outbound_ip_address_ids"]); outIps != nil { + if rd.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_address_ids") { + log.Printf("[DEBUG] changes found in 'outbound_ip_address_ids'") + outIps := idsToResourceReferences(config["outbound_ip_address_ids"]) outboundIps = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPs{PublicIPs: outIps} } @@ -1195,34 +1207,40 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*conta }, nil } -func precheckLoadBalancerProfile(d []interface{}, loadBalancerType string) error { +func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*containerservice.ManagedClusterLoadBalancerProfile, error) { if len(d) == 0 || d[0] == nil { - return nil + return nil, nil } if strings.ToLower(loadBalancerType) != "standard" { - return fmt.Errorf("Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: %s", loadBalancerType) + return nil, fmt.Errorf("Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: %s", loadBalancerType) } config := d[0].(map[string]interface{}) - ipCount := config["managed_outbound_ip_count"] - ipPrefixes := config["outbound_ip_prefix_ids"] - outIps := config["outbound_ip_address_ids"] + var managedOutboundIps *containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs + var outboundIpPrefixes *containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes + var outboundIps *containerservice.ManagedClusterLoadBalancerProfileOutboundIPs - if ipCount != 0 && ipPrefixes != nil && ipPrefixes.(*schema.Set).Len() != 0 { - return fmt.Errorf("'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids'. Set 'managed_outbound_ip_count = \"0\"' or 'outbound_ip_prefix_ids = []' ") + if ipCount := config["managed_outbound_ip_count"]; ipCount != nil { + if c := int32(ipCount.(int)); c > 0 { + managedOutboundIps = &containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{Count: &c} + } } - if ipCount != 0 && outIps != nil && outIps.(*schema.Set).Len() != 0 { - return fmt.Errorf("'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'managed_outbound_ip_count = \"0\"' or 'outbound_ip_address_ids = []'") + if ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]); ipPrefixes != nil { + outboundIpPrefixes = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes{PublicIPPrefixes: ipPrefixes} } - if outIps != nil && ipPrefixes != nil && ipPrefixes.(*schema.Set).Len() != 0 && outIps.(*schema.Set).Len() != 0 { - return fmt.Errorf("'network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'outbound_ip_prefix_ids = []' or 'outbound_ip_address_ids = []'") + if outIps := idsToResourceReferences(config["outbound_ip_address_ids"]); outIps != nil { + outboundIps = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPs{PublicIPs: outIps} } - return nil + return &containerservice.ManagedClusterLoadBalancerProfile{ + ManagedOutboundIPs: managedOutboundIps, + OutboundIPPrefixes: outboundIpPrefixes, + OutboundIPs: outboundIps, + }, nil } func idsToResourceReferences(set interface{}) *[]containerservice.ResourceReference { diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index 16a1c7326c3e..4ce44662e6b5 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -509,7 +509,7 @@ func testAccAzureRMKubernetesCluster_basicLoadBalancerProfile(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccAzureRMKubernetesCluster_basicLoadBalancerProfileConfig(data, clientId, clientSecret), - ExpectError: regexp.MustCompile("errors during plan: Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: basic"), + ExpectError: regexp.MustCompile("errors during apply: Only load balancer SKU 'Standard' supports load balancer profiles. Provided load balancer type: basic"), }, }, }) @@ -532,7 +532,7 @@ func testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfile(t *testing.T Steps: []resource.TestStep{ { Config: testAccAzureRMKubernetesCluster_conflictingLoadBalancerProfileConfig(data, clientId, clientSecret), - ExpectError: regexp.MustCompile(`'network_profile.0.load_balancer_profile.0.managed_outbound_ip_count' conflicts with 'network_profile.0.load_balancer_profile.0.outbound_ip_address_ids'. Set 'managed_outbound_ip_count = "0"' or 'outbound_ip_address_ids = \[\]'`), + ExpectError: regexp.MustCompile(`- "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count": conflicts with network_profile.0.load_balancer_profile.0.outbound_ip_address_ids`), }, { ResourceName: "azurerm_public_ip.test", @@ -592,7 +592,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", "azurerm_public_ip_prefix.test.id"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -602,7 +602,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", ""), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -612,7 +612,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "azurerm_public_ip.test.id", ""), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), @@ -622,7 +622,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { }, data.ImportStep("service_principal.0.client_secret"), { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data, clientId, clientSecret, "0", "", "azurerm_public_ip_prefix.test.id"), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), @@ -1530,34 +1530,30 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfig(data acceptance.TestData, clientId string, clientSecret string, managedIPCount string, ipAdressId string, ipPrefixId string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data acceptance.TestData, clientId string, clientSecret string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" location = "%s" } - resource "azurerm_virtual_network" "test" { name = "acctestvirtnet%d" address_space = ["10.1.0.0/16"] location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name } - resource "azurerm_subnet" "test" { name = "acctestsubnet%d" resource_group_name = azurerm_resource_group.test.name virtual_network_name = azurerm_virtual_network.test.name address_prefix = "10.1.0.0/24" } - resource "azurerm_public_ip_prefix" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name name = "acctestipprefix%d" prefix_length = 31 } - resource "azurerm_public_ip" "test" { name = "acctestipone%d" location = azurerm_resource_group.test.location @@ -1565,43 +1561,163 @@ resource "azurerm_public_ip" "test" { allocation_method = "Static" sku = "Standard" } - resource "azurerm_kubernetes_cluster" "test" { name = "acctestaks%d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name dns_prefix = "acctestaks%d" kubernetes_version = "%s" - linux_profile { admin_username = "acctestuser%d" - ssh_key { key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" } } - default_node_pool { name = "default" node_count = 2 vm_size = "Standard_DS2_v2" vnet_subnet_id = azurerm_subnet.test.id } + service_principal { + client_id = "%s" + client_secret = "%s" + } + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + load_balancer_profile { + outbound_ip_prefix_ids = [azurerm_public_ip_prefix.test.id] + } + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +} +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data acceptance.TestData, clientId string, clientSecret string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefix = "10.1.0.0/24" +} +resource "azurerm_public_ip_prefix" "test" { + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + name = "acctestipprefix%d" + prefix_length = 31 +} +resource "azurerm_public_ip" "test" { + name = "acctestipone%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + allocation_method = "Static" + sku = "Standard" +} +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + kubernetes_version = "%s" + linux_profile { + admin_username = "acctestuser%d" + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + default_node_pool { + name = "default" + node_count = 2 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } service_principal { client_id = "%s" client_secret = "%s" } + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + load_balancer_profile { + managed_outbound_ip_count = "1" + } + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +} +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data acceptance.TestData, clientId string, clientSecret string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefix = "10.1.0.0/24" +} +resource "azurerm_public_ip_prefix" "test" { + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + name = "acctestipprefix%d" + prefix_length = 31 +} +resource "azurerm_public_ip" "test" { + name = "acctestipone%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + allocation_method = "Static" + sku = "Standard" +} +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + kubernetes_version = "%s" + linux_profile { + admin_username = "acctestuser%d" + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + default_node_pool { + name = "default" + node_count = 2 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } + service_principal { + client_id = "%s" + client_secret = "%s" + } network_profile { network_plugin = "azure" load_balancer_sku = "standard" load_balancer_profile { - managed_outbound_ip_count = "%s" - outbound_ip_address_ids = [%s] - outbound_ip_prefix_ids = [%s] + outbound_ip_address_ids = [azurerm_public_ip.test.id] } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret, managedIPCount, ipAdressId, ipPrefixId) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) } From a110023a749e4d72443ac02192b94e6acb552b40 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sun, 22 Mar 2020 19:16:15 +0100 Subject: [PATCH 12/16] cleanup --- .../resource_arm_kubernetes_cluster.go | 70 ++++--------------- 1 file changed, 14 insertions(+), 56 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index dc383aa5d8f8..d7d5030a1126 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -556,7 +556,7 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{} addonProfiles := ExpandKubernetesAddOnProfiles(addOnProfilesRaw) networkProfileRaw := d.Get("network_profile").([]interface{}) - networkProfile, err := expandKubernetesClusterNetworkProfile(networkProfileRaw) + networkProfile, err := expandKubernetesClusterNetworkProfile(networkProfileRaw, true, true, true) if err != nil { return err } @@ -750,20 +750,17 @@ func resourceArmKubernetesClusterUpdate(d *schema.ResourceData, meta interface{} if d.HasChange("network_profile") { updateCluster = true networkProfileRaw := d.Get("network_profile").([]interface{}) - networkProfile, err := expandKubernetesClusterNetworkProfile(networkProfileRaw) + + // Check for changes to make sure only the configured load_balacer_profile variable is set + changeManagedIps := d.HasChange("network_profile.0.load_balancer_profile.0.managed_outbound_ip_count") + changeIpPrefixes := d.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids") + changeOutboundIps := d.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_address_ids") + + networkProfile, err := expandKubernetesClusterNetworkProfile(networkProfileRaw, changeManagedIps, changeIpPrefixes, changeOutboundIps) if err != nil { return err } - if networkProfile.LoadBalancerSku == containerservice.LoadBalancerSku("Standard") && d.HasChange("network_profile.0.load_balancer_profile") { - log.Printf("[DEBUG] Updates found for the LoadBalancer of Kubernetes Cluster %q (Resource Group %q)..", id.Name, id.ResourceGroup) - loadBalancerProfile, err := expandChangedLoadBalancerProfile(d) - if err != nil { - return err - } - networkProfile.LoadBalancerProfile = loadBalancerProfile - } - existing.ManagedClusterProperties.NetworkProfile = networkProfile } @@ -1122,7 +1119,7 @@ func flattenKubernetesClusterWindowsProfile(profile *containerservice.ManagedClu } } -func expandKubernetesClusterNetworkProfile(input []interface{}) (*containerservice.NetworkProfileType, error) { +func expandKubernetesClusterNetworkProfile(input []interface{}, changeManagedIps bool, changeIpPrefixes bool, changeOutboundIps bool) (*containerservice.NetworkProfileType, error) { if len(input) == 0 { return nil, nil } @@ -1133,7 +1130,7 @@ func expandKubernetesClusterNetworkProfile(input []interface{}) (*containerservi networkPolicy := config["network_policy"].(string) loadBalancerSku := config["load_balancer_sku"].(string) - loadBalancerProfile, err := expandLoadBalancerProfile(config["load_balancer_profile"].([]interface{}), loadBalancerSku) + loadBalancerProfile, err := expandLoadBalancerProfile(config["load_balancer_profile"].([]interface{}), loadBalancerSku, changeManagedIps, changeIpPrefixes, changeOutboundIps) if err != nil { return nil, err } @@ -1168,46 +1165,7 @@ func expandKubernetesClusterNetworkProfile(input []interface{}) (*containerservi return &networkProfile, nil } -func expandChangedLoadBalancerProfile(rd *schema.ResourceData) (*containerservice.ManagedClusterLoadBalancerProfile, error) { - d := rd.Get("network_profile.0.load_balancer_profile").([]interface{}) - if len(d) == 0 || d[0] == nil { - return nil, nil - } - - config := d[0].(map[string]interface{}) - - var managedOutboundIps *containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs - var outboundIpPrefixes *containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes - var outboundIps *containerservice.ManagedClusterLoadBalancerProfileOutboundIPs - - if rd.HasChange("network_profile.0.load_balancer_profile.0.managed_outbound_ip_count") { - log.Printf("[DEBUG] changes found in 'managed_outbound_ip_count'") - ipCount := config["managed_outbound_ip_count"] - if c := int32(ipCount.(int)); c > 0 { - managedOutboundIps = &containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{Count: &c} - } - } - - if rd.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids") { - log.Printf("[DEBUG] changes found in 'outbound_ip_prefix_ids'") - ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]) - outboundIpPrefixes = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes{PublicIPPrefixes: ipPrefixes} - } - - if rd.HasChange("network_profile.0.load_balancer_profile.0.outbound_ip_address_ids") { - log.Printf("[DEBUG] changes found in 'outbound_ip_address_ids'") - outIps := idsToResourceReferences(config["outbound_ip_address_ids"]) - outboundIps = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPs{PublicIPs: outIps} - } - - return &containerservice.ManagedClusterLoadBalancerProfile{ - ManagedOutboundIPs: managedOutboundIps, - OutboundIPPrefixes: outboundIpPrefixes, - OutboundIPs: outboundIps, - }, nil -} - -func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*containerservice.ManagedClusterLoadBalancerProfile, error) { +func expandLoadBalancerProfile(d []interface{}, loadBalancerType string, allowToSetIpCountSet bool, allowToSetIpPrefixes bool, allowToSetOutboundIp bool) (*containerservice.ManagedClusterLoadBalancerProfile, error) { if len(d) == 0 || d[0] == nil { return nil, nil } @@ -1222,17 +1180,17 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string) (*conta var outboundIpPrefixes *containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes var outboundIps *containerservice.ManagedClusterLoadBalancerProfileOutboundIPs - if ipCount := config["managed_outbound_ip_count"]; ipCount != nil { + if ipCount := config["managed_outbound_ip_count"]; ipCount != nil && allowToSetIpCountSet { if c := int32(ipCount.(int)); c > 0 { managedOutboundIps = &containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{Count: &c} } } - if ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]); ipPrefixes != nil { + if ipPrefixes := idsToResourceReferences(config["outbound_ip_prefix_ids"]); ipPrefixes != nil && allowToSetIpPrefixes { outboundIpPrefixes = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes{PublicIPPrefixes: ipPrefixes} } - if outIps := idsToResourceReferences(config["outbound_ip_address_ids"]); outIps != nil { + if outIps := idsToResourceReferences(config["outbound_ip_address_ids"]); outIps != nil && allowToSetOutboundIp { outboundIps = &containerservice.ManagedClusterLoadBalancerProfileOutboundIPs{PublicIPs: outIps} } From 24c082afe6994ed72f12fcbdfecd0ce8bf4d4648 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sun, 22 Mar 2020 19:31:07 +0100 Subject: [PATCH 13/16] remove unnecessary changes --- .../services/containers/resource_arm_kubernetes_cluster.go | 3 ++- .../tests/resource_arm_kubernetes_cluster_network_test.go | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index d7d5030a1126..fb84f7c90af5 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -47,10 +47,11 @@ func resourceArmKubernetesCluster() *schema.Resource { if len(rawProfiles) == 0 { return nil } - profile := rawProfiles[0].(map[string]interface{}) // then ensure the conditionally-required fields are set + profile := rawProfiles[0].(map[string]interface{}) networkPlugin := profile["network_plugin"].(string) + if networkPlugin != "kubenet" && networkPlugin != "azure" { return nil } diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index 4ce44662e6b5..5c7106b8e0ac 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -1038,7 +1038,7 @@ resource "azurerm_kubernetes_cluster" "test" { load_balancer_sku = "standard" } - api_server_authorized_ip_ranges = ["%s" ] + api_server_authorized_ip_ranges = ["%s"] private_link_enabled = %t } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, clientId, clientSecret, cdir, enablePrivateLink) From 7fbfd3442ba81b1080262e65b228900b8f4fede3 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Sun, 22 Mar 2020 19:54:30 +0100 Subject: [PATCH 14/16] typo --- .../services/containers/resource_arm_kubernetes_cluster.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go index fb84f7c90af5..1b2f0da3312f 100644 --- a/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go +++ b/azurerm/internal/services/containers/resource_arm_kubernetes_cluster.go @@ -1166,7 +1166,7 @@ func expandKubernetesClusterNetworkProfile(input []interface{}, changeManagedIps return &networkProfile, nil } -func expandLoadBalancerProfile(d []interface{}, loadBalancerType string, allowToSetIpCountSet bool, allowToSetIpPrefixes bool, allowToSetOutboundIp bool) (*containerservice.ManagedClusterLoadBalancerProfile, error) { +func expandLoadBalancerProfile(d []interface{}, loadBalancerType string, allowToSetIpCount bool, allowToSetIpPrefixes bool, allowToSetOutboundIp bool) (*containerservice.ManagedClusterLoadBalancerProfile, error) { if len(d) == 0 || d[0] == nil { return nil, nil } @@ -1181,7 +1181,7 @@ func expandLoadBalancerProfile(d []interface{}, loadBalancerType string, allowTo var outboundIpPrefixes *containerservice.ManagedClusterLoadBalancerProfileOutboundIPPrefixes var outboundIps *containerservice.ManagedClusterLoadBalancerProfileOutboundIPs - if ipCount := config["managed_outbound_ip_count"]; ipCount != nil && allowToSetIpCountSet { + if ipCount := config["managed_outbound_ip_count"]; ipCount != nil && allowToSetIpCount { if c := int32(ipCount.(int)); c > 0 { managedOutboundIps = &containerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{Count: &c} } From f73bfe2d22362af1fe7e6cd055ec51d6f96b1267 Mon Sep 17 00:00:00 2001 From: Aris van Ommeren Date: Tue, 7 Apr 2020 18:00:38 +0200 Subject: [PATCH 15/16] small refactor of the tests --- ...rce_arm_kubernetes_cluster_network_test.go | 73 ++++++++++++------- 1 file changed, 47 insertions(+), 26 deletions(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index 6a7f104cc164..c47b6f75d6e0 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -2,6 +2,7 @@ package tests import ( "fmt" + "os" "regexp" "testing" @@ -501,44 +502,40 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - }, - data.ImportStep("service_principal.0.client_secret"), + } { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - }, - data.ImportStep("service_principal.0.client_secret"), + } { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_sku", "Standard"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - }, - data.ImportStep("service_principal.0.client_secret"), + } { - Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data, clientId, clientSecret), + Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), }, - data.ImportStep("service_principal.0.client_secret"), }, }) } @@ -1346,30 +1343,34 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data acceptance.TestData, clientId string, clientSecret string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data acceptance.TestData) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" location = "%s" } + resource "azurerm_virtual_network" "test" { name = "acctestvirtnet%d" address_space = ["10.1.0.0/16"] location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name } + resource "azurerm_subnet" "test" { name = "acctestsubnet%d" resource_group_name = azurerm_resource_group.test.name virtual_network_name = azurerm_virtual_network.test.name address_prefix = "10.1.0.0/24" } + resource "azurerm_public_ip_prefix" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name name = "acctestipprefix%d" prefix_length = 31 } + resource "azurerm_public_ip" "test" { name = "acctestipone%d" location = azurerm_resource_group.test.location @@ -1377,28 +1378,32 @@ resource "azurerm_public_ip" "test" { allocation_method = "Static" sku = "Standard" } + resource "azurerm_kubernetes_cluster" "test" { name = "acctestaks%d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name dns_prefix = "acctestaks%d" kubernetes_version = "%s" + linux_profile { admin_username = "acctestuser%d" ssh_key { key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" } } + default_node_pool { name = "default" node_count = 2 vm_size = "Standard_DS2_v2" vnet_subnet_id = azurerm_subnet.test.id } - service_principal { - client_id = "%s" - client_secret = "%s" + + identity { + type = "SystemAssigned" } + network_profile { network_plugin = "azure" load_balancer_sku = "standard" @@ -1407,33 +1412,37 @@ resource "azurerm_kubernetes_cluster" "test" { } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data acceptance.TestData, clientId string, clientSecret string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data acceptance.TestData) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" location = "%s" } + resource "azurerm_virtual_network" "test" { name = "acctestvirtnet%d" address_space = ["10.1.0.0/16"] location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name } + resource "azurerm_subnet" "test" { name = "acctestsubnet%d" resource_group_name = azurerm_resource_group.test.name virtual_network_name = azurerm_virtual_network.test.name address_prefix = "10.1.0.0/24" } + resource "azurerm_public_ip_prefix" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name name = "acctestipprefix%d" prefix_length = 31 } + resource "azurerm_public_ip" "test" { name = "acctestipone%d" location = azurerm_resource_group.test.location @@ -1441,28 +1450,32 @@ resource "azurerm_public_ip" "test" { allocation_method = "Static" sku = "Standard" } + resource "azurerm_kubernetes_cluster" "test" { name = "acctestaks%d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name dns_prefix = "acctestaks%d" kubernetes_version = "%s" + linux_profile { admin_username = "acctestuser%d" ssh_key { key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" } } + default_node_pool { name = "default" node_count = 2 vm_size = "Standard_DS2_v2" vnet_subnet_id = azurerm_subnet.test.id } - service_principal { - client_id = "%s" - client_secret = "%s" + + identity { + type = "SystemAssigned" } + network_profile { network_plugin = "azure" load_balancer_sku = "standard" @@ -1471,33 +1484,37 @@ resource "azurerm_kubernetes_cluster" "test" { } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger) } -func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data acceptance.TestData, clientId string, clientSecret string) string { +func testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data acceptance.TestData) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestRG-%d" location = "%s" } + resource "azurerm_virtual_network" "test" { name = "acctestvirtnet%d" address_space = ["10.1.0.0/16"] location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name } + resource "azurerm_subnet" "test" { name = "acctestsubnet%d" resource_group_name = azurerm_resource_group.test.name virtual_network_name = azurerm_virtual_network.test.name address_prefix = "10.1.0.0/24" } + resource "azurerm_public_ip_prefix" "test" { location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name name = "acctestipprefix%d" prefix_length = 31 } + resource "azurerm_public_ip" "test" { name = "acctestipone%d" location = azurerm_resource_group.test.location @@ -1505,28 +1522,32 @@ resource "azurerm_public_ip" "test" { allocation_method = "Static" sku = "Standard" } + resource "azurerm_kubernetes_cluster" "test" { name = "acctestaks%d" location = azurerm_resource_group.test.location resource_group_name = azurerm_resource_group.test.name dns_prefix = "acctestaks%d" kubernetes_version = "%s" + linux_profile { admin_username = "acctestuser%d" ssh_key { key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" } } + default_node_pool { name = "default" node_count = 2 vm_size = "Standard_DS2_v2" vnet_subnet_id = azurerm_subnet.test.id } - service_principal { - client_id = "%s" - client_secret = "%s" + + identity { + type = "SystemAssigned" } + network_profile { network_plugin = "azure" load_balancer_sku = "standard" @@ -1535,5 +1556,5 @@ resource "azurerm_kubernetes_cluster" "test" { } } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger, clientId, clientSecret) +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, currentKubernetesVersion, data.RandomInteger) } From 10e651a0ddc10c483c6fd063107aee65becd99f9 Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Wed, 8 Apr 2020 11:28:31 +0200 Subject: [PATCH 16/16] r/kubernetes_cluster: fixing the build --- .../resource_arm_kubernetes_cluster_network_test.go | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go index c47b6f75d6e0..4069bab05f18 100644 --- a/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go +++ b/azurerm/internal/services/containers/tests/resource_arm_kubernetes_cluster_network_test.go @@ -2,7 +2,6 @@ package tests import ( "fmt" - "os" "regexp" "testing" @@ -493,8 +492,6 @@ func TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") - clientId := os.Getenv("ARM_CLIENT_ID") - clientSecret := os.Getenv("ARM_CLIENT_SECRET") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acceptance.PreCheck(t) }, @@ -509,7 +506,8 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_prefix_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - } + }, + data.ImportStep(), { Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigManagedIPs(data), Check: resource.ComposeTestCheckFunc( @@ -518,7 +516,8 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.managed_outbound_ip_count", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - } + }, + data.ImportStep(), { Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPIds(data), Check: resource.ComposeTestCheckFunc( @@ -527,7 +526,8 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.outbound_ip_address_ids.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), - } + }, + data.ImportStep(), { Config: testAccAzureRMKubernetesCluster_changingLoadBalancerProfileConfigIPPrefix(data), Check: resource.ComposeTestCheckFunc( @@ -536,6 +536,7 @@ func testAccAzureRMKubernetesCluster_changingLoadBalancerProfile(t *testing.T) { resource.TestCheckResourceAttr(data.ResourceName, "network_profile.0.load_balancer_profile.0.effective_outbound_ips.#", "1"), ), }, + data.ImportStep(), }, }) }