diff --git a/azurerm/data_source_kubernetes_cluster.go b/azurerm/data_source_kubernetes_cluster.go new file mode 100644 index 000000000000..10cd61503d02 --- /dev/null +++ b/azurerm/data_source_kubernetes_cluster.go @@ -0,0 +1,350 @@ +package azurerm + +import ( + "fmt" + + "github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2017-09-30/containerservice" + "github.com/hashicorp/terraform/helper/schema" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/kubernetes" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func dataSourceArmKubernetesCluster() *schema.Resource { + return &schema.Resource{ + Read: dataSourceArmKubernetesClusterRead, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + }, + + "resource_group_name": resourceGroupNameForDataSourceSchema(), + + "location": locationForDataSourceSchema(), + + "dns_prefix": { + Type: schema.TypeString, + Computed: true, + }, + + "fqdn": { + Type: schema.TypeString, + Computed: true, + }, + + "kubernetes_version": { + Type: schema.TypeString, + Computed: true, + }, + + "kube_config": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "host": { + Type: schema.TypeString, + Computed: true, + }, + "username": { + Type: schema.TypeString, + Computed: true, + }, + "password": { + Type: schema.TypeString, + Computed: true, + }, + "client_certificate": { + Type: schema.TypeString, + Computed: true, + }, + "client_key": { + Type: schema.TypeString, + Computed: true, + }, + "cluster_ca_certificate": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "kube_config_raw": { + Type: schema.TypeString, + Computed: true, + }, + + "linux_profile": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "admin_username": { + Type: schema.TypeString, + Computed: true, + }, + "ssh_key": { + Type: schema.TypeList, + Computed: true, + + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key_data": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + + "agent_pool_profile": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Computed: true, + }, + + "count": { + Type: schema.TypeInt, + Computed: true, + }, + + "dns_prefix": { + Type: schema.TypeString, + Computed: true, + }, + + "vm_size": { + Type: schema.TypeString, + Computed: true, + }, + + "os_disk_size_gb": { + Type: schema.TypeInt, + Computed: true, + }, + + "vnet_subnet_id": { + Type: schema.TypeString, + Computed: true, + }, + + "os_type": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "service_principal": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "client_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "tags": tagsForDataSourceSchema(), + }, + } +} + +func dataSourceArmKubernetesClusterRead(d *schema.ResourceData, meta interface{}) error { + kubernetesClustersClient := meta.(*ArmClient).kubernetesClustersClient + client := meta.(*ArmClient) + + name := d.Get("name").(string) + resourceGroup := d.Get("resource_group_name").(string) + + ctx := client.StopContext + resp, err := kubernetesClustersClient.Get(ctx, resourceGroup, name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + d.SetId("") + return nil + } + + return fmt.Errorf("Error making Read request on AKS Managed Cluster %q (resource group %q): %+v", name, resourceGroup, err) + } + + profile, err := kubernetesClustersClient.GetAccessProfiles(ctx, resourceGroup, name, "clusterUser") + if err != nil { + return fmt.Errorf("Error getting access profile while making Read request on AKS Managed Cluster %q (resource group %q): %+v", name, resourceGroup, err) + } + + d.SetId(*resp.ID) + + d.Set("name", resp.Name) + d.Set("resource_group_name", resourceGroup) + if location := resp.Location; location != nil { + d.Set("location", azureRMNormalizeLocation(*location)) + } + + if props := resp.ManagedClusterProperties; props != nil { + d.Set("dns_prefix", props.DNSPrefix) + d.Set("fqdn", props.Fqdn) + d.Set("kubernetes_version", props.KubernetesVersion) + + linuxProfile := flattenKubernetesClusterDataSourceLinuxProfile(props.LinuxProfile) + if err := d.Set("linux_profile", linuxProfile); err != nil { + return fmt.Errorf("Error setting `linux_profile`: %+v", err) + } + + agentPoolProfiles := flattenKubernetesClusterDataSourceAgentPoolProfiles(props.AgentPoolProfiles) + if err := d.Set("agent_pool_profile", agentPoolProfiles); err != nil { + return fmt.Errorf("Error setting `agent_pool_profile`: %+v", err) + } + + servicePrincipal := flattenKubernetesClusterDataSourceServicePrincipalProfile(resp.ManagedClusterProperties.ServicePrincipalProfile) + if err := d.Set("service_principal", servicePrincipal); err != nil { + return fmt.Errorf("Error setting `service_principal`: %+v", err) + } + } + + kubeConfigRaw, kubeConfig := flattenKubernetesClusterDataSourceAccessProfile(&profile) + d.Set("kube_config_raw", kubeConfigRaw) + + if err := d.Set("kube_config", kubeConfig); err != nil { + return fmt.Errorf("Error setting `kube_config`: %+v", err) + } + + flattenAndSetTags(d, resp.Tags) + + return nil +} + +func flattenKubernetesClusterDataSourceLinuxProfile(input *containerservice.LinuxProfile) []interface{} { + values := make(map[string]interface{}) + sshKeys := make([]interface{}, 0) + + if profile := input; profile != nil { + if username := profile.AdminUsername; username != nil { + values["admin_username"] = *username + } + + if ssh := profile.SSH; ssh != nil { + if keys := ssh.PublicKeys; keys != nil { + for _, sshKey := range *keys { + if keyData := sshKey.KeyData; keyData != nil { + outputs := make(map[string]interface{}, 0) + outputs["key_data"] = *keyData + sshKeys = append(sshKeys, outputs) + } + } + } + } + } + + values["ssh_key"] = sshKeys + + return []interface{}{values} +} + +func flattenKubernetesClusterDataSourceAgentPoolProfiles(input *[]containerservice.AgentPoolProfile) []interface{} { + agentPoolProfiles := make([]interface{}, 0) + + if input == nil { + return agentPoolProfiles + } + + for _, profile := range *input { + agentPoolProfile := make(map[string]interface{}) + + if profile.Count != nil { + agentPoolProfile["count"] = int(*profile.Count) + } + + if profile.DNSPrefix != nil { + agentPoolProfile["dns_prefix"] = *profile.DNSPrefix + } + + if profile.Name != nil { + agentPoolProfile["name"] = *profile.Name + } + + if profile.VMSize != "" { + agentPoolProfile["vm_size"] = string(profile.VMSize) + } + + if profile.OsDiskSizeGB != nil { + agentPoolProfile["os_disk_size_gb"] = int(*profile.OsDiskSizeGB) + } + + if profile.VnetSubnetID != nil { + agentPoolProfile["vnet_subnet_id"] = *profile.VnetSubnetID + } + + if profile.OsType != "" { + agentPoolProfile["os_type"] = string(profile.OsType) + } + + agentPoolProfiles = append(agentPoolProfiles, agentPoolProfile) + } + + return agentPoolProfiles +} + +func flattenKubernetesClusterDataSourceServicePrincipalProfile(profile *containerservice.ServicePrincipalProfile) []interface{} { + if profile == nil { + return []interface{}{} + } + + values := make(map[string]interface{}) + + if clientId := profile.ClientID; clientId != nil { + values["client_id"] = *clientId + } + + return []interface{}{values} +} + +func flattenKubernetesClusterDataSourceAccessProfile(profile *containerservice.ManagedClusterAccessProfile) (*string, []interface{}) { + if profile == nil || profile.AccessProfile == nil { + return nil, []interface{}{} + } + + if kubeConfigRaw := profile.AccessProfile.KubeConfig; kubeConfigRaw != nil { + rawConfig := string(*kubeConfigRaw) + + kubeConfig, err := kubernetes.ParseKubeConfig(rawConfig) + if err != nil { + return utils.String(rawConfig), []interface{}{} + } + + flattenedKubeConfig := flattenKubernetesClusterDataSourceKubeConfig(*kubeConfig) + return utils.String(rawConfig), flattenedKubeConfig + } + + return nil, []interface{}{} +} + +func flattenKubernetesClusterDataSourceKubeConfig(config kubernetes.KubeConfig) []interface{} { + values := make(map[string]interface{}) + + cluster := config.Clusters[0].Cluster + user := config.Users[0].User + name := config.Users[0].Name + + values["host"] = cluster.Server + values["username"] = name + values["password"] = user.Token + values["client_certificate"] = user.ClientCertificteData + values["client_key"] = user.ClientKeyData + values["cluster_ca_certificate"] = cluster.ClusterAuthorityData + + return []interface{}{values} +} diff --git a/azurerm/data_source_kubernetes_cluster_test.go b/azurerm/data_source_kubernetes_cluster_test.go new file mode 100644 index 000000000000..f5cb8dfb7e42 --- /dev/null +++ b/azurerm/data_source_kubernetes_cluster_test.go @@ -0,0 +1,87 @@ +package azurerm + +import ( + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccDataSourceAzureRMKubernetesCluster_basic(t *testing.T) { + dataSourceName := "data.azurerm_kubernetes_cluster.test" + ri := acctest.RandInt() + clientId := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + location := testLocation() + config := testAccDataSourceAzureRMKubernetesCluster_basic(ri, clientId, clientSecret, location) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(dataSourceName), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.client_key"), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.client_certificate"), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.cluster_ca_certificate"), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.host"), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.username"), + resource.TestCheckResourceAttrSet(dataSourceName, "kube_config.0.password"), + ), + }, + }, + }) +} + +func TestAccDataSourceAzureRMKubernetesCluster_internalNetwork(t *testing.T) { + dataSourceName := "data.azurerm_kubernetes_cluster.test" + ri := acctest.RandInt() + clientId := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + location := testLocation() + config := testAccDataSourceAzureRMKubernetesCluster_internalNetwork(ri, clientId, clientSecret, location) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(dataSourceName), + resource.TestCheckResourceAttrSet(dataSourceName, "agent_pool_profile.0.vnet_subnet_id"), + ), + }, + }, + }) +} + +func testAccDataSourceAzureRMKubernetesCluster_basic(rInt int, clientId string, clientSecret string, location string) string { + resource := testAccAzureRMKubernetesCluster_basic(rInt, clientId, clientSecret, location) + return fmt.Sprintf(` +%s + +data "azurerm_kubernetes_cluster" "test" { + name = "${azurerm_kubernetes_cluster.test.name}" + resource_group_name = "${azurerm_kubernetes_cluster.test.resource_group_name}" +} +`, resource) +} + +func testAccDataSourceAzureRMKubernetesCluster_internalNetwork(rInt int, clientId string, clientSecret string, location string) string { + resource := testAccAzureRMKubernetesCluster_internalNetwork(rInt, clientId, clientSecret, location) + return fmt.Sprintf(` +%s + +data "azurerm_kubernetes_cluster" "test" { + name = "${azurerm_kubernetes_cluster.test.name}" + resource_group_name = "${azurerm_kubernetes_cluster.test.resource_group_name}" +} +`, resource) +} diff --git a/azurerm/provider.go b/azurerm/provider.go index 13388cb2e9a4..7ae4a5fd21f5 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -87,6 +87,7 @@ func Provider() terraform.ResourceProvider { "azurerm_eventhub_namespace": dataSourceEventHubNamespace(), "azurerm_image": dataSourceArmImage(), "azurerm_key_vault_access_policy": dataSourceArmKeyVaultAccessPolicy(), + "azurerm_kubernetes_cluster": dataSourceArmKubernetesCluster(), "azurerm_managed_disk": dataSourceArmManagedDisk(), "azurerm_network_interface": dataSourceArmNetworkInterface(), "azurerm_network_security_group": dataSourceArmNetworkSecurityGroup(), diff --git a/azurerm/resource_arm_kubernetes_cluster.go b/azurerm/resource_arm_kubernetes_cluster.go index be96c7932f5c..5bf257794951 100644 --- a/azurerm/resource_arm_kubernetes_cluster.go +++ b/azurerm/resource_arm_kubernetes_cluster.go @@ -288,34 +288,36 @@ func resourceArmKubernetesClusterRead(d *schema.ResourceData, meta interface{}) return fmt.Errorf("Error making Read request on AKS Managed Cluster %q (resource group %q): %+v", name, resGroup, err) } + profile, err := kubernetesClustersClient.GetAccessProfiles(ctx, resGroup, name, "clusterUser") + if err != nil { + return fmt.Errorf("Error getting access profile while making Read request on AKS Managed Cluster %q (resource group %q): %+v", name, resGroup, err) + } + d.Set("name", resp.Name) d.Set("resource_group_name", resGroup) if location := resp.Location; location != nil { d.Set("location", azureRMNormalizeLocation(*location)) } - d.Set("dns_prefix", resp.DNSPrefix) - d.Set("fqdn", resp.Fqdn) - d.Set("kubernetes_version", resp.KubernetesVersion) - - linuxProfile := flattenAzureRmKubernetesClusterLinuxProfile(*resp.ManagedClusterProperties.LinuxProfile) - if err := d.Set("linux_profile", &linuxProfile); err != nil { - return fmt.Errorf("Error setting `linux_profile`: %+v", err) - } + if props := resp.ManagedClusterProperties; props != nil { + d.Set("dns_prefix", props.DNSPrefix) + d.Set("fqdn", props.Fqdn) + d.Set("kubernetes_version", props.KubernetesVersion) - agentPoolProfiles := flattenAzureRmKubernetesClusterAgentPoolProfiles(resp.ManagedClusterProperties.AgentPoolProfiles, resp.Fqdn) - if err := d.Set("agent_pool_profile", &agentPoolProfiles); err != nil { - return fmt.Errorf("Error setting `agent_pool_profile`: %+v", err) - } + linuxProfile := flattenAzureRmKubernetesClusterLinuxProfile(props.LinuxProfile) + if err := d.Set("linux_profile", linuxProfile); err != nil { + return fmt.Errorf("Error setting `linux_profile`: %+v", err) + } - servicePrincipal := flattenAzureRmKubernetesClusterServicePrincipalProfile(resp.ManagedClusterProperties.ServicePrincipalProfile) - if servicePrincipal != nil { - d.Set("service_principal", servicePrincipal) - } + agentPoolProfiles := flattenAzureRmKubernetesClusterAgentPoolProfiles(props.AgentPoolProfiles, resp.Fqdn) + if err := d.Set("agent_pool_profile", agentPoolProfiles); err != nil { + return fmt.Errorf("Error setting `agent_pool_profile`: %+v", err) + } - profile, err := kubernetesClustersClient.GetAccessProfiles(ctx, resGroup, name, "clusterUser") - if err != nil { - return fmt.Errorf("Error getting access profile while making Read request on AKS Managed Cluster %q (resource group %q): %+v", name, resGroup, err) + servicePrincipal := flattenAzureRmKubernetesClusterServicePrincipalProfile(resp.ManagedClusterProperties.ServicePrincipalProfile) + if err := d.Set("service_principal", servicePrincipal); err != nil { + return fmt.Errorf("Error setting `service_principal`: %+v", err) + } } kubeConfigRaw, kubeConfig := flattenAzureRmKubernetesClusterAccessProfile(&profile) @@ -350,27 +352,34 @@ func resourceArmKubernetesClusterDelete(d *schema.ResourceData, meta interface{} return future.WaitForCompletion(ctx, kubernetesClustersClient.Client) } -func flattenAzureRmKubernetesClusterLinuxProfile(profile containerservice.LinuxProfile) []interface{} { - profiles := make([]interface{}, 0) +func flattenAzureRmKubernetesClusterLinuxProfile(input *containerservice.LinuxProfile) []interface{} { values := make(map[string]interface{}) - sshKeys := make([]interface{}, 0, len(*profile.SSH.PublicKeys)) + sshKeys := make([]interface{}, 0) - for _, ssh := range *profile.SSH.PublicKeys { - keys := make(map[string]interface{}) - keys["key_data"] = *ssh.KeyData - sshKeys = append(sshKeys, keys) - } + if profile := input; profile != nil { + if username := profile.AdminUsername; username != nil { + values["admin_username"] = *username + } - values["admin_username"] = *profile.AdminUsername + if ssh := profile.SSH; ssh != nil { + if keys := ssh.PublicKeys; keys != nil { + for _, sshKey := range *keys { + outputs := make(map[string]interface{}, 0) + if keyData := sshKey.KeyData; keyData != nil { + outputs["key_data"] = *keyData + } + sshKeys = append(sshKeys, outputs) + } + } + } + } values["ssh_key"] = sshKeys - profiles = append(profiles, values) - - return profiles + return []interface{}{values} } func flattenAzureRmKubernetesClusterAgentPoolProfiles(profiles *[]containerservice.AgentPoolProfile, fqdn *string) []interface{} { - agentPoolProfiles := make([]interface{}, 0, len(*profiles)) + agentPoolProfiles := make([]interface{}, 0) for _, profile := range *profiles { agentPoolProfile := make(map[string]interface{}) @@ -425,9 +434,11 @@ func flattenAzureRmKubernetesClusterServicePrincipalProfile(profile *containerse values := make(map[string]interface{}) - values["client_id"] = *profile.ClientID - if profile.Secret != nil { - values["client_secret"] = *profile.Secret + if clientId := profile.ClientID; clientId != nil { + values["client_id"] = *clientId + } + if secret := profile.Secret; secret != nil { + values["client_secret"] = *secret } servicePrincipalProfiles.Add(values) @@ -446,7 +457,7 @@ func flattenAzureRmKubernetesClusterAccessProfile(profile *containerservice.Mana return utils.String(rawConfig), []interface{}{} } - flattenedKubeConfig := flattenKubeConfig(*kubeConfig) + flattenedKubeConfig := flattenKubernetesClusterKubeConfig(*kubeConfig) return utils.String(rawConfig), flattenedKubeConfig } } @@ -454,7 +465,7 @@ func flattenAzureRmKubernetesClusterAccessProfile(profile *containerservice.Mana return nil, []interface{}{} } -func flattenKubeConfig(config kubernetes.KubeConfig) []interface{} { +func flattenKubernetesClusterKubeConfig(config kubernetes.KubeConfig) []interface{} { values := make(map[string]interface{}) cluster := config.Clusters[0].Cluster diff --git a/website/azurerm.erb b/website/azurerm.erb index f52739eeb4cf..42a79d91365b 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -67,6 +67,10 @@ azurerm_key_vault_access_policy +