Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to remove last authorizedNetworks for CloudSQLInstance #410

Open
mogensen opened this issue Jan 3, 2022 · 1 comment
Open

Unable to remove last authorizedNetworks for CloudSQLInstance #410

mogensen opened this issue Jan 3, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@mogensen
Copy link

mogensen commented Jan 3, 2022
edited
Loading

What happened?

When managing CloudSQL instances with Crossplane, we can set multiple different authorizedNetworks to allow for public access to the instance.

Adding new CIDR ranges and removing old ranges seems to work as expected. This bug surfaces when removing the last authorizedNetwork from the list. When we do this, Crossplane chooses to import the existing authorizedNetwork from GCP instead of deleting it.

How can we reproduce it?

  1. Create CloudSQLInstance
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
  name: public-access-postgresql
spec:
  forProvider:
    settings:
      ipConfiguration:
        authorizedNetworks:
          - name: authorized network 1
            value: 1.0.0.0/30
  1. Remove last authorizedNetwork from list
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
  name: public-access-postgresql
spec:
  forProvider:
    settings:
      ipConfiguration:
        authorizedNetworks: []
  1. Observe that Crossplane has reimported the authorizedNetwork from GCP
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
  name: public-access-postgresql
spec:
  forProvider:
    settings:
      ipConfiguration:
        authorizedNetworks: 
          - expirationTime: ""
            name: authorized network 1
            value: 1.0.0.0/30

What environment did it happen in?

  • Crossplane version: crossplane/crossplane:v1.5.0
  • GCP provider: crossplane/provider-gcp-controller:v0.19.0
  • Kubernetes distribution: GKE / v1.20.10-gke.1600
@mogensen mogensen added the bug Something isn't working label Jan 3, 2022
@turkenh
Copy link
Contributor

turkenh commented Jan 3, 2022

Related issue: crossplane/crossplane-runtime#105

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mogensen @turkenh