Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade containerservice API to 2020-09-01 #8982

Merged
merged 15 commits into from
Nov 5, 2020
Merged

Upgrade containerservice API to 2020-09-01 #8982

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
dc1079f
Upgrade containerservice API to 2020-09-01
favoretti Oct 22, 2020
555aa44
go mod tidy
favoretti Oct 22, 2020
c861595
Fixing some of the tests, removed node_taints from default node pool
favoretti Oct 23, 2020
dedc72e
Make a few fields computed
favoretti Oct 23, 2020
9aed1a6
fmt
favoretti Oct 23, 2020
df73c0d
Remove docs about enable_pod_security_policy as it has been deprecate…
favoretti Oct 23, 2020
5172f8a
Disable check for azure_policy.version as it seems to not be returned…
favoretti Oct 23, 2020
1a1bdd8
Do not add route_table to a cluster with managed identity as it's no …
favoretti Oct 23, 2020
804aba8
Remove outboundUDR test, since UDR is not allowed on MIS-enabled clus…
favoretti Oct 23, 2020
87d57c3
Update azurerm/internal/services/containers/kubernetes_addons.go
favoretti Oct 31, 2020
361340d
Update azurerm/internal/services/containers/kubernetes_addons.go
favoretti Oct 31, 2020
50f72e5
Address feedback part 1
favoretti Nov 3, 2020
349858f
Remove obsolete property from a test
favoretti Nov 4, 2020
25b7e1e
Revert Computed for availability_zones for now
favoretti Nov 4, 2020
618d101
add default value for node_taints back
favoretti Nov 4, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion azurerm/internal/services/containers/client/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package client
import (
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2019-12-01/containerinstance"
"github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2019-05-01/containerregistry"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
)
Expand Down
2 changes: 1 addition & 1 deletion azurerm/internal/services/containers/kubernetes_addons.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"fmt"
"strings"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
Expand Down
4 changes: 2 additions & 2 deletions azurerm/internal/services/containers/kubernetes_cluster_data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"strings"
"time"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
Expand Down Expand Up @@ -1085,7 +1085,7 @@ func flattenKubernetesClusterDataSourceKubeConfigAAD(config kubernetes.KubeConfi

func flattenKubernetesClusterDataSourceManagedClusterIdentity(input *containerservice.ManagedClusterIdentity) []interface{} {
// if it's none, omit the block
if input == nil || input.Type == containerservice.None {
if input == nil || input.Type == containerservice.ResourceIdentityTypeNone {
return []interface{}{}
}

Expand Down
2 changes: 1 addition & 1 deletion azurerm/internal/services/containers/kubernetes_cluster_node_pool_data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"fmt"
"time"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
Expand Down
2 changes: 1 addition & 1 deletion azurerm/internal/services/containers/kubernetes_cluster_node_pool_resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"strings"
"time"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
Expand Down
43 changes: 21 additions & 22 deletions azurerm/internal/services/containers/kubernetes_cluster_resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (
"strings"
"time"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/customdiff"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
Expand Down Expand Up @@ -178,7 +178,7 @@ func resourceArmKubernetesCluster() *schema.Resource {
Required: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice([]string{
string(containerservice.SystemAssigned),
string(containerservice.ResourceIdentityTypeSystemAssigned),
}, false),
},
"principal_id": {
Expand Down Expand Up @@ -729,7 +729,9 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{}

nodeResourceGroup := d.Get("node_resource_group").(string)

enablePodSecurityPolicy := d.Get("enable_pod_security_policy").(bool)
favoretti marked this conversation as resolved.
Show resolved Hide resolved
if d.Get("enable_pod_security_policy").(bool) {
return fmt.Errorf("The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy - as such you'll need to set `enable_pod_security_policy` to `false`")
}

autoScalerProfileRaw := d.Get("auto_scaler_profile").([]interface{})
autoScalerProfile := expandKubernetesClusterAutoScalerProfile(autoScalerProfileRaw)
Expand All @@ -742,19 +744,18 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{}
Tier: containerservice.ManagedClusterSKUTier(d.Get("sku_tier").(string)),
},
ManagedClusterProperties: &containerservice.ManagedClusterProperties{
APIServerAccessProfile: &apiAccessProfile,
AadProfile: azureADProfile,
AddonProfiles: *addonProfiles,
AgentPoolProfiles: agentProfiles,
AutoScalerProfile: autoScalerProfile,
DNSPrefix: utils.String(dnsPrefix),
EnableRBAC: utils.Bool(rbacEnabled),
KubernetesVersion: utils.String(kubernetesVersion),
LinuxProfile: linuxProfile,
WindowsProfile: windowsProfile,
NetworkProfile: networkProfile,
NodeResourceGroup: utils.String(nodeResourceGroup),
EnablePodSecurityPolicy: utils.Bool(enablePodSecurityPolicy),
APIServerAccessProfile: &apiAccessProfile,
AadProfile: azureADProfile,
AddonProfiles: *addonProfiles,
AgentPoolProfiles: agentProfiles,
AutoScalerProfile: autoScalerProfile,
DNSPrefix: utils.String(dnsPrefix),
EnableRBAC: utils.Bool(rbacEnabled),
KubernetesVersion: utils.String(kubernetesVersion),
LinuxProfile: linuxProfile,
WindowsProfile: windowsProfile,
NetworkProfile: networkProfile,
NodeResourceGroup: utils.String(nodeResourceGroup),
},
Tags: tags.Expand(t),
}
Expand Down Expand Up @@ -951,10 +952,8 @@ func resourceArmKubernetesClusterUpdate(d *schema.ResourceData, meta interface{}
existing.ManagedClusterProperties.AutoScalerProfile = autoScalerProfile
}

if d.HasChange("enable_pod_security_policy") {
favoretti marked this conversation as resolved.
Show resolved Hide resolved
updateCluster = true
enablePodSecurityPolicy := d.Get("enable_pod_security_policy").(bool)
existing.ManagedClusterProperties.EnablePodSecurityPolicy = utils.Bool(enablePodSecurityPolicy)
if d.HasChange("enable_pod_security_policy") && d.Get("enable_pod_security_policy").(bool) {
return fmt.Errorf("The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy - as such you'll need to set `enable_pod_security_policy` to `false`")
}

if d.HasChange("linux_profile") {
Expand Down Expand Up @@ -1706,7 +1705,7 @@ func expandKubernetesClusterRoleBasedAccessControl(input []interface{}, provider
func expandKubernetesClusterManagedClusterIdentity(input []interface{}) *containerservice.ManagedClusterIdentity {
if len(input) == 0 || input[0] == nil {
return &containerservice.ManagedClusterIdentity{
Type: containerservice.None,
Type: containerservice.ResourceIdentityTypeNone,
}
}

Expand Down Expand Up @@ -1859,7 +1858,7 @@ func flattenKubernetesClusterKubeConfigAAD(config kubernetes.KubeConfigAAD) []in

func flattenKubernetesClusterManagedClusterIdentity(input *containerservice.ManagedClusterIdentity) []interface{} {
// if it's none, omit the block
if input == nil || input.Type == containerservice.None {
if input == nil || input.Type == containerservice.ResourceIdentityTypeNone {
return []interface{}{}
}

Expand Down
4 changes: 2 additions & 2 deletions azurerm/internal/services/containers/kubernetes_cluster_validate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"net/http"
"strings"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/containers/client"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
Expand Down Expand Up @@ -105,7 +105,7 @@ func validateKubernetesCluster(d *schema.ResourceData, cluster *containerservice

hasIdentity := false
if identity := cluster.Identity; identity != nil {
hasIdentity = identity.Type != containerservice.None
hasIdentity = identity.Type != containerservice.ResourceIdentityTypeNone
}

if hasIdentity {
Expand Down
15 changes: 7 additions & 8 deletions azurerm/internal/services/containers/kubernetes_nodepool.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package containers
import (
"fmt"

"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-04-01/containerservice"
"github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2020-09-01/containerservice"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
Expand Down Expand Up @@ -176,14 +176,18 @@ func ExpandDefaultNodePool(d *schema.ResourceData) (*[]containerservice.ManagedC
nodeLabels := utils.ExpandMapStringPtrString(nodeLabelsRaw)
nodeTaintsRaw := raw["node_taints"].([]interface{})
nodeTaints := utils.ExpandStringSlice(nodeTaintsRaw)

if len(*nodeTaints) != 0 {
return nil, fmt.Errorf("The AKS API has removed support for tainting all nodes in the default node pool and it is no longer possible to configure this. To taint a node pool, create a separate one")
}

t := raw["tags"].(map[string]interface{})

profile := containerservice.ManagedClusterAgentPoolProfile{
EnableAutoScaling: utils.Bool(enableAutoScaling),
EnableNodePublicIP: utils.Bool(raw["enable_node_public_ip"].(bool)),
Name: utils.String(raw["name"].(string)),
NodeLabels: nodeLabels,
NodeTaints: nodeTaints,
Tags: tags.Expand(t),
Type: containerservice.AgentPoolType(raw["type"].(string)),
VMSize: containerservice.VMSizeTypes(raw["vm_size"].(string)),
Expand Down Expand Up @@ -337,11 +341,6 @@ func FlattenDefaultNodePool(input *[]containerservice.ManagedClusterAgentPoolPro
}
}

var nodeTaints []string
if agentPool.NodeTaints != nil {
nodeTaints = *agentPool.NodeTaints
}

osDiskSizeGB := 0
if agentPool.OsDiskSizeGB != nil {
osDiskSizeGB = int(*agentPool.OsDiskSizeGB)
Expand All @@ -368,7 +367,7 @@ func FlattenDefaultNodePool(input *[]containerservice.ManagedClusterAgentPoolPro
"name": name,
"node_count": count,
"node_labels": nodeLabels,
"node_taints": nodeTaints,
favoretti marked this conversation as resolved.
Show resolved Hide resolved
"node_taints": []string{},
"os_disk_size_gb": osDiskSizeGB,
"tags": tags.Flatten(agentPool.Tags),
"type": string(agentPool.Type),
Expand Down
61 changes: 0 additions & 61 deletions azurerm/internal/services/containers/tests/kubernetes_cluster_auth_resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import (

var kubernetesAuthTests = map[string]func(t *testing.T){
"apiServerAuthorizedIPRanges": testAccAzureRMKubernetesCluster_apiServerAuthorizedIPRanges,
"enablePodSecurityPolicy": testAccAzureRMKubernetesCluster_enablePodSecurityPolicy,
"managedClusterIdentity": testAccAzureRMKubernetesCluster_managedClusterIdentity,
"roleBasedAccessControl": testAccAzureRMKubernetesCluster_roleBasedAccessControl,
"AAD": testAccAzureRMKubernetesCluster_roleBasedAccessControlAAD,
Expand Down Expand Up @@ -57,31 +56,6 @@ func testAccAzureRMKubernetesCluster_apiServerAuthorizedIPRanges(t *testing.T) {
})
}

func TestAccAzureRMKubernetesCluster_enablePodSecurityPolicy(t *testing.T) {
checkIfShouldRunTestsIndividually(t)
testAccAzureRMKubernetesCluster_enablePodSecurityPolicy(t)
}

func testAccAzureRMKubernetesCluster_enablePodSecurityPolicy(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test")

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acceptance.PreCheck(t) },
Providers: acceptance.SupportedProviders,
CheckDestroy: testCheckAzureRMKubernetesClusterDestroy,
Steps: []resource.TestStep{
{
Config: testAccAzureRMKubernetesCluster_enablePodSecurityPolicyConfig(data),
Check: resource.ComposeTestCheckFunc(
testCheckAzureRMKubernetesClusterExists(data.ResourceName),
resource.TestCheckResourceAttr(data.ResourceName, "enable_pod_security_policy", "true"),
),
},
data.ImportStep(),
},
})
}

func TestAccAzureRMKubernetesCluster_managedClusterIdentity(t *testing.T) {
checkIfShouldRunTestsIndividually(t)
testAccAzureRMKubernetesCluster_managedClusterIdentity(t)
Expand Down Expand Up @@ -475,41 +449,6 @@ resource "azurerm_kubernetes_cluster" "test" {
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger)
}

func testAccAzureRMKubernetesCluster_enablePodSecurityPolicyConfig(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}

resource "azurerm_resource_group" "test" {
name = "acctestRG-aks-%d"
location = "%s"
}

resource "azurerm_kubernetes_cluster" "test" {
name = "acctestaks%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
dns_prefix = "acctestaks%d"
enable_pod_security_policy = true

role_based_access_control {
enabled = true
}

default_node_pool {
name = "default"
node_count = 1
vm_size = "Standard_DS2_v2"
}

identity {
type = "SystemAssigned"
}
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger)
}

func testAccAzureRMKubernetesCluster_managedClusterIdentityConfig(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
Expand Down
38 changes: 0 additions & 38 deletions azurerm/internal/services/containers/tests/kubernetes_cluster_data_source_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ var kubernetesDataSourceTests = map[string]func(t *testing.T){
"autoscalingNoAvailabilityZones": testAccDataSourceAzureRMKubernetesCluster_autoscalingNoAvailabilityZones,
"autoscalingWithAvailabilityZones": testAccDataSourceAzureRMKubernetesCluster_autoscalingWithAvailabilityZones,
"nodeLabels": testAccDataSourceAzureRMKubernetesCluster_nodeLabels,
"nodeTaints": testAccDataSourceAzureRMKubernetesCluster_nodeTaints,
"enableNodePublicIP": testAccDataSourceAzureRMKubernetesCluster_enableNodePublicIP,
"privateCluster": testAccDataSourceAzureRMKubernetesCluster_privateCluster,
}
Expand Down Expand Up @@ -500,7 +499,6 @@ func testAccDataSourceAzureRMKubernetesCluster_addOnProfileAzurePolicy(t *testin
testCheckAzureRMKubernetesClusterExists(data.ResourceName),
resource.TestCheckResourceAttr(data.ResourceName, "addon_profile.0.azure_policy.#", "1"),
resource.TestCheckResourceAttr(data.ResourceName, "addon_profile.0.azure_policy.0.enabled", "true"),
resource.TestCheckResourceAttr(data.ResourceName, "addon_profile.0.azure_policy.0.version", "v2"),
),
},
},
Expand Down Expand Up @@ -617,30 +615,6 @@ func testAccDataSourceAzureRMKubernetesCluster_nodeLabels(t *testing.T) {
})
}

func TestAccDataSourceAzureRMKubernetesCluster_nodeTaints(t *testing.T) {
checkIfShouldRunTestsIndividually(t)
testAccDataSourceAzureRMKubernetesCluster_nodeTaints(t)
}

func testAccDataSourceAzureRMKubernetesCluster_nodeTaints(t *testing.T) {
data := acceptance.BuildTestData(t, "data.azurerm_kubernetes_cluster", "test")

resource.Test(t, resource.TestCase{
PreCheck: func() { acceptance.PreCheck(t) },
Providers: acceptance.SupportedProviders,
CheckDestroy: testCheckAzureRMKubernetesClusterDestroy,
Steps: []resource.TestStep{
{
Config: testAccDataSourceAzureRMKubernetesCluster_nodeTaintsConfig(data),
Check: resource.ComposeTestCheckFunc(
testCheckAzureRMKubernetesClusterExists(data.ResourceName),
resource.TestCheckResourceAttr(data.ResourceName, "agent_pool_profile.1.node_taints.0", "key=value:NoSchedule"),
),
},
},
})
}

func TestAccDataSourceAzureRMKubernetesCluster_enableNodePublicIP(t *testing.T) {
checkIfShouldRunTestsIndividually(t)
testAccDataSourceAzureRMKubernetesCluster_enableNodePublicIP(t)
Expand Down Expand Up @@ -893,18 +867,6 @@ data "azurerm_kubernetes_cluster" "test" {
`, r)
}

func testAccDataSourceAzureRMKubernetesCluster_nodeTaintsConfig(data acceptance.TestData) string {
r := testAccAzureRMKubernetesCluster_nodeTaintsConfig(data)
return fmt.Sprintf(`
%s

data "azurerm_kubernetes_cluster" "test" {
name = azurerm_kubernetes_cluster.test.name
resource_group_name = azurerm_kubernetes_cluster.test.resource_group_name
}
`, r)
}

func testAccDataSourceAzureRMKubernetesCluster_enableNodePublicIPConfig(data acceptance.TestData) string {
r := testAccAzureRMKubernetesCluster_enableNodePublicIPConfig(data, true)
return fmt.Sprintf(`
Expand Down
Loading