Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r/kubernetes_cluster: allowing the Service Principal to be updated #4469

Merged
merged 11 commits into from
Oct 1, 2019

Conversation

tombuildsstuff
Copy link
Contributor

@tombuildsstuff tombuildsstuff commented Oct 1, 2019

This PR fixes both #4356 and #3375 by allowing the Service Principal to be updated - and also attempts to retrieve it from the state using either a Set (prior to 1.34) or a List (after 1.34)

In addition to ensure the state is consistent for nested fields this PR also updates the flatten functions to ensure that all fields within nested blocks are set

Fixes #4356
Fixes #3375

@tombuildsstuff tombuildsstuff requested a review from katbyte October 1, 2019 08:15
Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@tombuildsstuff tombuildsstuff changed the title [WIP] r/kubernetes_cluster: allowing the Service Principal to be updated r/kubernetes_cluster: allowing the Service Principal to be updated Oct 1, 2019
@tombuildsstuff
Copy link
Contributor Author

Ignoring a couple of temporary AKS capacity tests (which passed on a retry) the tests pass:

Screenshot 2019-10-01 at 12 46 03

@tombuildsstuff
Copy link
Contributor Author

Seems fine in state migrations from 1.33.1 -> this branch & 1.33.1 -> 1.34.0 -> this branch

@tombuildsstuff tombuildsstuff merged commit 5b71408 into master Oct 1, 2019
@tombuildsstuff tombuildsstuff deleted the b/aks-service-principal branch October 1, 2019 11:04
tombuildsstuff added a commit that referenced this pull request Oct 1, 2019
@ghost
Copy link

ghost commented Oct 4, 2019

This has been released in version 1.35.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.35.0"
}
# ... other configuration ...

@Bowbaq
Copy link
Contributor

Bowbaq commented Oct 4, 2019

@tombuildsstuff this breaks for me locally. Running terraform apply, I get:

Error: rpc error: code = Unavailable desc = transport is closing

Running with TF_LOG=debug I get:

Error: rpc error: code = Unavailable desc = transport is closing



Error: rpc error: code = Unavailable desc = transport is closing


Releasing state lock. This may take a few moments...
panic: interface conversion: interface {} is nil, not map[string]interface {}
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: goroutine 265 [running]:
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/azurerm.flattenAzureRmKubernetesClusterServicePrincipalProfile(0xc00097d550, 0xc000016460, 0x19, 0x3e7ece0, 0xc0009f1020)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/azurerm/resource_arm_kubernetes_cluster.go:1593 +0x370
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/azurerm.resourceArmKubernetesClusterRead(0xc000016460, 0x3e18720, 0xc00077a480, 0xc000016460, 0x0)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/azurerm/resource_arm_kubernetes_cluster.go:902 +0x163c
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc0005d9500, 0xc0005ae230, 0x3e18720, 0xc00077a480, 0xc000795b00, 0xc0005ae230, 0x0)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/helper/schema/resource.go:455 +0x119
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/helper/plugin.(*GRPCProviderServer).ReadResource(0xc0000cc038, 0x4b95d80, 0xc000610000, 0xc0005ae140, 0xc0000cc038, 0xc000610000, 0xc001225ba8)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/helper/plugin/grpc_provider.go:525 +0x3d7
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/internal/tfplugin5._Provider_ReadResource_Handler(0x42c4620, 0xc0000cc038, 0x4b95d80, 0xc000610000, 0xc0005ae0a0, 0x0, 0x4b95d80, 0xc000610000, 0xc000b3a000, 0x539a)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/github.com/hashicorp/terraform/internal/tfplugin5/tfplugin5.pb.go:3181 +0x23e
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc.(*Server).processUnaryRPC(0xc000547500, 0x4be3780, 0xc000547800, 0xc00132c000, 0xc0006e4d20, 0x820f510, 0x0, 0x0, 0x0)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc/server.go:972 +0x470
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc.(*Server).handleStream(0xc000547500, 0x4be3780, 0xc000547800, 0xc00132c000, 0x0)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc/server.go:1252 +0xda6
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc0005e2020, 0xc000547500, 0x4be3780, 0xc000547800, 0xc00132c000)
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc/server.go:691 +0x9f
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: created by github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc.(*Server).serveStreams.func1
2019-10-04T15:29:20.023-0700 [DEBUG] plugin.terraform-provider-azurerm_v1.35.0_x4: 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-azurerm/vendor/google.golang.org/grpc/server.go:689 +0xa1

Applying using 1.34 seems to work fine. Our service principal config looks like this:

  service_principal {
    client_id     = module.k8s-principal.client_id
    client_secret = module.k8s-principal.client_secret
  }

We're using terraform 0.12

@tbsquare01
Copy link

@tombuildsstuff is the fix for #4356 expected in "~> 1.35.0" Azure provider?
AKS cluster is still destroying in "1.35.0", the plugin I am using for my deployment.

2019-11-28T23:08:02.1134262Z
2019-11-28T23:08:02.1134390Z �[0m�[1mInitializing the backend...�[0m
2019-11-28T23:08:02.1134505Z �[0m�[32m
2019-11-28T23:08:02.1134657Z Successfully configured the backend "azurerm"! Terraform will automatically
2019-11-28T23:08:02.1134837Z use this backend unless the backend configuration changes.�[0m
2019-11-28T23:08:02.1134931Z
2019-11-28T23:08:02.1135064Z �[0m�[1mInitializing provider plugins...�[0m
2019-11-28T23:08:02.1135226Z - Checking for available provider plugins...
2019-11-28T23:08:02.3278343Z - Downloading plugin for provider "random" (hashicorp/random) 2.2.1...
2019-11-28T23:08:03.0505287Z - Downloading plugin for provider "azurerm" (hashicorp/azurerm) 1.37.0...
2019-11-28T23:08:05.1823490Z

�[0m�[1mrandom_string.id_string: Refreshing state... [id=b0dyrs]�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Refreshing state... [id=/subscriptions/.../resourcegroups/myRG/providers/Microsoft.ContainerService/managedClusters/K8SAKS]�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Destroying... [id=/subscriptions/-.../resourcegroups/myRG/providers/Microsoft.ContainerService/managedClusters/K8SAKS]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still destroying... [id=/subscriptions/-...erService/managedClusters/K8SAKS, 10s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still destroying... [id=/subscriptions/-...erService/managedClusters/K8SAKS, 20s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still destroying... [id=/subscriptions/-...erService/managedClusters/K8SAKS, 30s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still destroying... [id=/subscriptions/-...erService/managedClusters/K8SAKS, 50s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still destroying... [id=/subscriptions/-...erService/managedClusters/K8SAKS, 1m0s elapsed]�[0m�[0m
[...]
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Destruction complete after 11m5s�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Creating...�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still creating... [10s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still creating... [21s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still creating... [31s elapsed]�[0m�[0m
�[0m�[1mazurerm_kubernetes_cluster.aks_cluster: Still creating... [41s elapsed]�[0m�[0m

@tombuildsstuff
Copy link
Contributor Author

@tbsquare01 the AKS API has undergone a bunch of changes of late - as such at this time I'd recommend using version 1.37 of the Azure Provider instead

@ghost
Copy link

ghost commented Nov 29, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 29, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

aks forces to destroy Can't update service principal client secret
4 participants