Expose additional properties during cluster creation #384
Conversation
Allow for sending IssueClientCertificate as part of the cluster creation request Allow for sending the Management object as part of the cluster creation request Allow for sending the AutoScale object as part of the cluster creation request
brianhealeyRMN
changed the title
There was a problem hiding this comment.
Thanks so much @brianhealeyRMN for the PR! I'm excited to see these improvements to our GKE handling in Terraform.
This PR had a few test failures, mind fixing them?
$ make testacc TEST=./google TESTARGS='-run=TestAccContainerCluster_withNodePoolManagement'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./google -v -run=TestAccContainerCluster_withNodePoolManagement -timeout 120m
=== RUN TestAccContainerCluster_withNodePoolManagement
--- FAIL: TestAccContainerCluster_withNodePoolManagement (2.65s)
testing.go:435: Step 0 error: Error applying: 1 error(s) occurred:
* google_container_cluster.with_node_pool_node_management: 1 error(s) occurred:
* google_container_cluster.with_node_pool_node_management: googleapi: Error 400: Cannot have autoUpgrade or autoRepair set while image is CONTAINER_VM., badRequest
FAIL
$ make testacc TEST=./google TESTARGS='-run=TestAccContainerCluster_withNodePoolAutoScaling'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./google -v -run=TestAccContainerCluster_withNodePoolAutoScaling -timeout 120m
=== RUN TestAccContainerCluster_withNodePoolAutoScaling
--- FAIL: TestAccContainerCluster_withNodePoolAutoScaling (0.02s)
testing.go:435: Step 0 error: Configuration is invalid.
Warnings: []string(nil)
Errors: []string{"google_container_cluster.with_node_pool_node_auto_scaling: node_pool.0.node_config.0: invalid or unknown key: auto_scaling"}
FAIL
google/resource_container_cluster.go
Outdated
| "issue_client_certificate": { | ||
| Type: schema.TypeBool, | ||
| Optional: true, | ||
| DiffSuppressFunc: linkDiffSuppress, |
There was a problem hiding this comment.
Since this is a boolean, it shouldn't need this particular DiffSuppressFunc
google/resource_container_cluster.go
Outdated
| @@ -66,6 +66,11 @@ func resourceContainerCluster() *schema.Resource { | |||
| Required: true, | |||
| ForceNew: true, | |||
| }, | |||
| "issue_client_certificate": { | |||
There was a problem hiding this comment.
Looks like the other elements here are roughly alphabetical- mind maintaining that?
There was a problem hiding this comment.
Updated the order for the schema to be alphabetical
google/resource_container_cluster.go
Outdated
| @@ -266,6 +271,60 @@ func resourceContainerCluster() *schema.Resource { | |||
| }, | |||
|
|
|||
| "node_config": schemaNodeConfig, | |||
|
|
|||
| "management": { | |||
There was a problem hiding this comment.
likewise (alphabetical)
google/resource_container_cluster.go
Outdated
| Elem: &schema.Resource{ | ||
| Schema: map[string]*schema.Schema{ | ||
|
|
||
| "enabled": { |
There was a problem hiding this comment.
Consider removing this boolean and using the presence of the autoscaling object instead (this is what was done in #157)
google/resource_container_cluster.go
Outdated
| }, | ||
| }, | ||
|
|
||
| "auto_scaling": { |
There was a problem hiding this comment.
Can this be autoscaling to match what's in google_container_node_pool and the API docs (which has it as one word)?
google/resource_container_cluster.go
Outdated
| "client_certificate": cluster.MasterAuth.ClientCertificate, | ||
| "client_key": cluster.MasterAuth.ClientKey, | ||
| "cluster_ca_certificate": cluster.MasterAuth.ClusterCaCertificate, | ||
| "issue_client_certificate": true, |
There was a problem hiding this comment.
Instead of setting it to true here and potentially overriding it later, how about just set it later?
There was a problem hiding this comment.
Not a problem. Default behavior is "true". This is a flag vs an actual setting so I added code so that it behaves "as a setting" by checking for the existence of the client certificate on the response
| @@ -635,6 +687,7 @@ resource "google_container_cluster" "with_master_auth" { | |||
| master_auth { | |||
| username = "mr.yoda" | |||
| password = "adoy.rm" | |||
| issue_client_certificate = false | |||
There was a problem hiding this comment.
Does this change anything from what was there before? I think if you want to test issue_client_certificate it probably makes more sense to set it to true
There was a problem hiding this comment.
True is the default behavior, so setting it to false does change, however I think the larger concern is that both cases were not being tested. I added test specifically to test true/false
google/resource_container_cluster.go
Outdated
| @@ -66,6 +66,11 @@ func resourceContainerCluster() *schema.Resource { | |||
| Required: true, | |||
| ForceNew: true, | |||
| }, | |||
| "issue_client_certificate": { | |||
| Type: schema.TypeBool, | |||
| Optional: true, | |||
There was a problem hiding this comment.
I think this needs to be ForceNew as well.
Ordered the schema alphabetically. Modified the behavior of issue_client_certificate to not default then override the value Updated integration tests to include tests with and without issue_client_certificate Fixed the integration tests for Management and AutoScale Updated autoscale tage to match the google schema convention.
|
Thanks @danawillow |
| @@ -304,6 +360,12 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er | |||
| Password: masterAuth["password"].(string), | |||
| Username: masterAuth["username"].(string), | |||
| } | |||
|
|
|||
| if v, ok := masterAuth["issue_client_certificate"]; ok { | |||
There was a problem hiding this comment.
nit: since you set a default, you can remove this if statement
|
|
||
| // default behavior is disabled. Set to true as the cluster has it defined giving the intent to enable | ||
| // it | ||
| nodePool.Autoscaling.Enabled = true |
There was a problem hiding this comment.
nit: you can put this in the block on line 480
| // it | ||
| nodePool.Autoscaling.Enabled = true | ||
|
|
||
| var minNodeCount int |
There was a problem hiding this comment.
I don't think you need this var
| Schema: map[string]*schema.Schema{ | ||
| "min_node_count": { | ||
| Type: schema.TypeInt, | ||
| Optional: true, |
There was a problem hiding this comment.
I'm pretty sure the API requires these to be set, no? https://github.com/terraform-providers/terraform-provider-google/blob/master/google/resource_container_node_pool.go#L78 has it as Required
| } | ||
| } | ||
|
|
||
| if np.Autoscaling != nil { |
There was a problem hiding this comment.
you probably also want to check that np.Autoscaling.Enabled
|
Yeah, this is awesome @brianhealeyRMN! @danawillow and I were discussing version upgrades in #633, which led me here. Would it be possible to extend the |
|
I would love to see the |
|
I'm not @brianhealeyRMN, but I think you should go for it @justinsb :) |
|
This PR has been inactive for a long time, with no response, so I'm going to close it out. If the author wants to carry on with it, feel free to post in this thread, and we can re-open it. If someone else is interested in picking this up, feel free to open a new PR for it. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
ghost
locked and limited conversation to collaborators
Allow for sending IssueClientCertificate as part of the cluster creation request
Allow for sending the Management object as part of the cluster creation request
Allow for sending the AutoScale object as part of the cluster creation request