New Resource: azurerm_redhat_openshift_cluster
#24375
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Collaborator
|
@teowa - have they resolved the general issue of the service always returning an uninformative "internal server error" that doesn't indicate what the problem is? |
Collaborator
Author
|
@katbyte The |
ms-zhenhua
suggested changes
Jan 9, 2024
Collaborator
ms-zhenhua
left a comment
ms-zhenhua
left a comment
There was a problem hiding this comment.
Hey @teowa,
Thanks for this PR - I've taken a look through and left some comments inline. If we can fix those up, this should be good to go 👍
Thanks!
| } | ||
|
|
||
| func NewClient(o *common.ClientOptions) (*Client, error) { | ||
| openshiftClustersClient, err := openshiftclusters.NewOpenShiftClustersClientWithBaseURI(o.Environment.ResourceManager) |
Collaborator
There was a problem hiding this comment.
Suggested change
| openshiftClustersClient, err := openshiftclusters.NewOpenShiftClustersClientWithBaseURI(o.Environment.ResourceManager) | |
| openShiftClustersClient, err := openshiftclusters.NewOpenShiftClustersClientWithBaseURI(o.Environment.ResourceManager) |
|
|
||
| type WorkerProfile struct { | ||
| VmSize string `tfschema:"vm_size"` | ||
| DiskSizeGb int64 `tfschema:"disk_size_gb"` |
Collaborator
There was a problem hiding this comment.
Suggested change
| DiskSizeGb int64 `tfschema:"disk_size_gb"` | |
| DiskSizeGb int `tfschema:"disk_size_gb"` |
Contributor
There was a problem hiding this comment.
(just passing through) but FWIW these should be int64 and not int - since we're expecting int64's everywhere else (SDK etc) even if that's downcast to a smaller variable size
| type WorkerProfile struct { | ||
| VmSize string `tfschema:"vm_size"` | ||
| DiskSizeGb int64 `tfschema:"disk_size_gb"` | ||
| NodeCount int64 `tfschema:"node_count"` |
Collaborator
There was a problem hiding this comment.
Suggested change
| NodeCount int64 `tfschema:"node_count"` | |
| NodeCount int `tfschema:"node_count"` |
| ForceNew: true, | ||
| Default: false, | ||
| }, | ||
| "pull_secret": { |
Collaborator
There was a problem hiding this comment.
should pull_secret be a sensitive value?
Collaborator
Author
There was a problem hiding this comment.
yes, this is sensitive
|
|
||
| parameters := openshiftclusters.OpenShiftCluster{ | ||
| Name: pointer.To(id.OpenShiftClusterName), | ||
| Location: azure.NormalizeLocation(config.Location), |
Collaborator
There was a problem hiding this comment.
Suggested change
| Location: azure.NormalizeLocation(config.Location), | |
| Location: location.Normalize(config.Location), |
|
|
||
| * `client_id` - (Required) The Client ID for the Service Principal. Changing this forces a new resource to be created. | ||
|
|
||
| * `client_secret` - (Required) The Client Secret for the Service Principal. Changing this forces a new resource to be created. |
Collaborator
There was a problem hiding this comment.
is client_secret forcenew?
|
|
||
| * `encryption_at_host_enabled` - (Optional) Whether main virtual machines are encrypted at host. Defaults to `false`. Changing this forces a new resource to be created. | ||
|
|
||
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. |
Collaborator
There was a problem hiding this comment.
Suggested change
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. | |
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. |
|
|
||
| * `encryption_at_host_enabled` - (Optional) Whether worker virtual machines are encrypted at host. Defaults to `false`. Changing this forces a new resource to be created. | ||
|
|
||
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. |
Collaborator
There was a problem hiding this comment.
Suggested change
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. | |
| **NOTE:** `encryption_at_host_enabled` is only available for certain VM sizes and the `EncryptionAtHost` feature must be enabled for your subscription. Please see the [Azure documentation](https://learn.microsoft.com/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell) for more information. |
|
|
||
| A `api_server_profile` block supports the following: | ||
|
|
||
| * `visibility` - (Optional) Cluster API server visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. |
Collaborator
There was a problem hiding this comment.
Suggested change
| * `visibility` - (Optional) Cluster API server visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. | |
| * `visibility` - (Required) Cluster API server visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. |
|
|
||
| A `ingress_profile` block supports the following: | ||
|
|
||
| * `visibility` - (Optional) Cluster Ingress visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. |
Collaborator
There was a problem hiding this comment.
Suggested change
| * `visibility` - (Optional) Cluster Ingress visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. | |
| * `visibility` - (Required) Cluster Ingress visibility. Supported values are `Public` and `Private`. Defaults to `Public`. Changing this forces a new resource to be created. |
Collaborator
|
@teowa - the issue we were seeing was that all errors returned an internal server error and we would have to reach out to the service team to figure out each one, there were multiple different causes iirc |
Collaborator
Author
|
Hi @katbyte , I have confirmed with service team, currently there are two cases will lead to
They are working on the fix at backend. On the other hand, they think these cases are more like user errors (customers should have not tampered with the first party sp in their tenant), so they hope we can go ahead. |
ms-zhenhua
approved these changes
Jan 19, 2024
Collaborator
Author
|
|
mbfrahry
approved these changes
Jan 19, 2024
mbfrahry
changed the title
azurerm_redhat_openshift_clusterazurerm_redhat_openshift_cluster
mbfrahry
added a commit
that referenced
this pull request
Jan 19, 2024
puneetsarna
added a commit
to puneetsarna/terraform-provider-azurerm
that referenced
this pull request
Jan 21, 2024
It looks like the SDK was updated on Jan 18th 2024 (3 days ago), and Openshift changes with vendor landed on Jan 19th. It was very likely the case that the openshift vendor changes were not regenerated when the SDK changed and the new resource was merged here hashicorp#24375. This commit updates the vendors directory with latest changes.
puneetsarna
added a commit
to puneetsarna/terraform-provider-azurerm
that referenced
this pull request
Jan 21, 2024
It looks like the SDK was updated on Jan 18th 2024 (3 days ago), and Openshift changes with vendor landed on Jan 19th. It was very likely the case that the openshift vendor changes were not regenerated when the SDK changed and the new resource was merged here hashicorp#24375. This commit updates the vendors directory with latest changes.
Contributor
|
This functionality has been released in v3.89.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
dduportal
referenced
this pull request
in jenkins-infra/azure
Jan 25, 2024
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
<h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
<summary>Update Terraform lock file</summary>
<p>changes detected:
	"hashicorp/azurerm" updated from
"3.88.0" to "3.89.0" in file
".terraform.lock.hcl"</p>
<details>
<summary>3.89.0</summary>
<pre>Changelog retrieved
from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.89.0
FEATURES:

*
New Data Source: `azurerm_data_factory_trigger_schedule`
([#24572](hashicorp/terraform-provider-azurerm#24572
New Data Source: `azurerm_data_factory_trigger_schedules`
([#24572](hashicorp/terraform-provider-azurerm#24572
New Data Source: `azurerm_ip_groups`
([#24540](hashicorp/terraform-provider-azurerm#24540
New Data Source: `azurerm_nginx_certificate`
([#24577](hashicorp/terraform-provider-azurerm#24577
New Resource: `azurerm_chaos_studio_target`
([#24580](hashicorp/terraform-provider-azurerm#24580
New Resource: `azurerm_elastic_san_volume_group`
([#24166](hashicorp/terraform-provider-azurerm#24166
New Resource: `azurerm_netapp_account_encryption`
([#23733](hashicorp/terraform-provider-azurerm#23733
New Resource: `azurerm_redhat_openshift_cluster`
([#24375](https://github.com/hashicorp/terraform-provider-azurerm/issues/24375))

ENHANCEMENTS:

*
dependencies: updating to `v0.66.1` of
`github.com/hashicorp/go-azure-helpers`
([#24561](hashicorp/terraform-provider-azurerm#24561
dependencies: updating to `v0.20240124.1115501` of
`github.com/hashicorp/go-azure-sdk`
([#24619](hashicorp/terraform-provider-azurerm#24619
`bot`: updating to API Version `2021-05-01-preview`
([#24555](hashicorp/terraform-provider-azurerm#24555
`containerservice`: the SDK Clients now support logging
([#24564](hashicorp/terraform-provider-azurerm#24564
`cosmosdb`: updating to API Version `2023-04-15`
([#24541](hashicorp/terraform-provider-azurerm#24541
`loadtestservice`: updating to use the base layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest` (and support
logging)
([#24578](hashicorp/terraform-provider-azurerm#24578
`managedidentity`: updating to use the base layer from
`hashicorp/go-azure-sdk` rather than `Azure/go-autorest` (and support
logging)
([#24578](hashicorp/terraform-provider-azurerm#24578
`azurerm_api_management_api` - change the `id` format so specific
`revision`s can be managed by Terraform
([#23031](hashicorp/terraform-provider-azurerm#23031
`azurerm_data_protection_backup_vault` - the `redundancy` propety can
now be set to `ZoneRedundant`
([#24556](hashicorp/terraform-provider-azurerm#24556
`azurerm_data_factory_integration_runtime_azure_ssis` - support for the
`credential_name` property
([#24458](hashicorp/terraform-provider-azurerm#24458
`azurerm_orchestrated_virtual_machine_scale_set` - support
`2022-datacenter-azure-edition-hotpatch` and
`2022-datacenter-azure-edition-hotpatch-smalldisk` hotpatching images
([#23500](hashicorp/terraform-provider-azurerm#23500
`azurerm_stream_analytics_job` - support for the `sku_name` property
([#24554](https://github.com/hashicorp/terraform-provider-azurerm/issues/24554))

BUG
FIXES:

* Data Source: `azurerm_app_service` - parsing the API
Response for `app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
Data Source: `azurerm_function_app` - parsing the API Response for
`app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
`azurerm_app_configuration_key` - the value for the `value` property can
now be removed/emptied
([#24582](https://github.com/hashicorp/terraform-provider-azurerm/issues/24582))

*
`azurerm_app_service` - parsing the API Response for
`app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
`azurerm_app_service_plan` - fix casing in `serverFarms` due to ID
update
([#24562](hashicorp/terraform-provider-azurerm#24562
`azurerm_app_service_slot` - parsing the API Response for
`app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
`azurerm_automation_schedule` - only one `monthly_occurence` block can
now be specified
([#24614](hashicorp/terraform-provider-azurerm#24614
`azurerm_cognitive_deployment` - the `model.version` property is no
longer required
([#24264](hashicorp/terraform-provider-azurerm#24264
`azurerm_container_app` - multiple `custom_scale_rule` can not be
updated
([#24509](hashicorp/terraform-provider-azurerm#24509
`azurerm_container_registry_task_schedule_run_now` - prevent issue where
the incorrect scheduled run in tracked if there have been multiple
([#24592](hashicorp/terraform-provider-azurerm#24592
`azurerm_function_app` - parsing the API Response for
`app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
`azurerm_function_app_slot` - parsing the API Response for
`app_service_plan_id` case-insensitively
([#24626](hashicorp/terraform-provider-azurerm#24626
`azurerm_logic_app_standard` - now will parse the app service ID
insensitively
([#24562](hashicorp/terraform-provider-azurerm#24562
`azurerm_logic_app_workflow` - the `workflow_parameters` will now
correctly handle information specified by `$connections`
([#24141](hashicorp/terraform-provider-azurerm#24141
`azurerm_mssql_managed_instance_security_alert_policy` - can not update
empty storage attributes
([#24553](hashicorp/terraform-provider-azurerm#24553
`azurerm_network_interface` - the `ip_configuration` properties are no
longer added to a Load Balancer Backend if one of those
`ip_configurations` is associated with a backend
([#24470](https://github.com/hashicorp/terraform-provider-azurerm/issues/24470))


</pre>
</details>
</details>
<a
href="https://infra.ci.jenkins.io/job/terraform-jobs/job/azure/job/main/1052/">Jenkins
pipeline link</a>
</action>
</Actions>
---
<table>
<tr>
<td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
</td>
<td>
<p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
</p>
<details><summary>Options:</summary>
<br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
<ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
</ul>
<p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
</p>
</details>
</td>
</tr>
</table>
Co-authored-by: Jenkins Infra Bot (updatecli) <[email protected]>
Co-authored-by: Damien Duportal <[email protected]>
Contributor
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
supersede #20266
Reference:
Notes:
internal server errormentioned in previous PR, it is caused by deletion ofAzure Red Hat OpenShift RPapp. And resource created in acctest cannot be deleted if the RP app is deleted. From service team, the deletion of RP app is not expected. The app is created when registeringMicrosoft.RedHatOpenShiftresource provider for subscription. To recover the deleted app, re-register theMicrosoft.RedHatOpenShiftresource provider. In Terraform config, we should NOT use resource for theazuread_service_principal, data source should be used.For PUT-GET inconsistence issue for
workerProfilementioned in New Resource:azurerm_redhat_openshift_cluster#20266 (review), this is fixed in2023-09-04version of API. A newworkerProfilesStatusfield is added to display seperated workers.Updated to use
hashicorp/go-azure-sdkand typed sdk.Test: