-
Notifications
You must be signed in to change notification settings - Fork 666
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add satellite features and add support to the user can direct which security groups are added to their workers #4953
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -37,3 +37,4 @@ vendor/ | |
!command/test-fixtures/**/*.tfstate | ||
!command/test-fixtures/**/.terraform/ | ||
|
||
*.sh |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -322,6 +322,15 @@ func ResourceIBMContainerVpcCluster() *schema.Resource { | |
RequiredWith: []string{"kms_instance_id", "crk"}, | ||
}, | ||
|
||
"security_groups": { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it looks like this parameter can only be set at create or it can be marked with forcenew to recreate the cluster if this param is changed. this means the original cluster will be deleted, so this should be handled with extra care There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think we should go with ApplyOnce rather than ForceNew. At the moment, these values can not be changed in the API. If the ability to change the security groups was added in the future and customers update the security groups outside of TF, TF would replace the cluster. If we go with ApplyOnce, the changes would be ignored until the TF provider supported that functionality at which point we could provide guidance to customers on importing the updated changes and avoid cluster deletion. |
||
Type: schema.TypeSet, | ||
Optional: true, | ||
Description: "Allow user to set which security groups added to their workers", | ||
Elem: &schema.Schema{Type: schema.TypeString}, | ||
Set: flex.ResourceIBMVPCHash, | ||
DiffSuppressFunc: flex.ApplyOnce, | ||
}, | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it looks like it is missing from the API, but... |
||
//Get Cluster info Request | ||
"state": { | ||
Type: schema.TypeString, | ||
|
@@ -587,6 +596,11 @@ func resourceIBMContainerVpcClusterCreate(d *schema.ResourceData, meta interface | |
params.CosInstanceCRN = v.(string) | ||
} | ||
|
||
if v, ok := d.GetOk("security_groups"); ok { | ||
securityGroups := flex.FlattenSet(v.(*schema.Set)) | ||
params.SecurityGroupIDs = securityGroups | ||
} | ||
|
||
targetEnv, err := getVpcClusterTargetHeader(d, meta) | ||
if err != nil { | ||
return err | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -212,6 +212,15 @@ func ResourceIBMContainerVpcWorkerPool() *schema.Resource { | |
Computed: true, | ||
Description: "Autoscaling is enabled on the workerpool", | ||
}, | ||
|
||
"security_groups": { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. can you please add the ApplyOnce diff suppress here too? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. sure, will do There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. can you please add a test for this too? |
||
Type: schema.TypeSet, | ||
Optional: true, | ||
Description: "Allow user to set which security groups added to their workers", | ||
Elem: &schema.Schema{Type: schema.TypeString}, | ||
Set: flex.ResourceIBMVPCHash, | ||
DiffSuppressFunc: flex.ApplyOnce, | ||
}, | ||
}, | ||
} | ||
} | ||
|
@@ -283,6 +292,11 @@ func resourceIBMContainerVpcWorkerPoolCreate(d *schema.ResourceData, meta interf | |
}, | ||
} | ||
|
||
if v, ok := d.GetOk("security_groups"); ok { | ||
securityGroups := flex.FlattenSet(v.(*schema.Set)) | ||
params.SecurityGroupIDs = securityGroups | ||
} | ||
|
||
if kmsid, ok := d.GetOk("kms_instance_id"); ok { | ||
crk := d.Get("crk").(string) | ||
wve := v2.WorkerVolumeEncryption{ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why did you rename this function?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
previously it was used only for flatten Host Labels, but I renamed it and we can use it for everything when we should flatten key-values (map[string]string), and I used it too (and it was not host labels)