Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_linux_virtual_machine azurerm_windows_virtual_machine - support bypass_platform_safety_checks_on_user_schedule_enabled and reboot_setting #22349

Merged
merged 3 commits into from
Jul 27, 2023
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
126 changes: 123 additions & 3 deletions internal/services/compute/linux_virtual_machine_resource.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"strings"
"time"

"github.com/hashicorp/go-azure-helpers/lang/pointer"
"github.com/hashicorp/go-azure-helpers/lang/response"
"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
"github.com/hashicorp/go-azure-helpers/resourcemanager/location"
Expand Down Expand Up @@ -128,6 +129,12 @@ func resourceLinuxVirtualMachine() *pluginsdk.Resource {

"boot_diagnostics": bootDiagnosticsSchema(),

"bypass_platform_safety_checks_on_user_schedule_enabled": {
Type: pluginsdk.TypeBool,
Optional: true,
Default: false,
},

"capacity_reservation_group_id": {
Type: pluginsdk.TypeString,
Optional: true,
Expand Down Expand Up @@ -282,6 +289,16 @@ func resourceLinuxVirtualMachine() *pluginsdk.Resource {
},
},

"reboot_setting": {
Type: pluginsdk.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{
string(compute.LinuxVMGuestPatchAutomaticByPlatformRebootSettingAlways),
string(compute.LinuxVMGuestPatchAutomaticByPlatformRebootSettingIfRequired),
string(compute.LinuxVMGuestPatchAutomaticByPlatformRebootSettingNever),
}, false),
},

"secret": linuxSecretSchema(),

"secure_boot_enabled": {
Expand Down Expand Up @@ -517,13 +534,14 @@ func resourceLinuxVirtualMachineCreate(d *pluginsdk.ResourceData, meta interface
params.VirtualMachineProperties.LicenseType = utils.String(v.(string))
}

if v, ok := d.GetOk("patch_mode"); ok {
if v.(string) == string(compute.LinuxVMGuestPatchModeAutomaticByPlatform) && !provisionVMAgent {
patchMode := d.Get("patch_mode").(string)
if patchMode != "" {
if patchMode == string(compute.LinuxVMGuestPatchModeAutomaticByPlatform) && !provisionVMAgent {
return fmt.Errorf("%q cannot be set to %q when %q is set to %q", "patch_mode", "AutomaticByPlatform", "provision_vm_agent", "false")
}

params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings = &compute.LinuxPatchSettings{
PatchMode: compute.LinuxVMGuestPatchMode(v.(string)),
PatchMode: compute.LinuxVMGuestPatchMode(patchMode),
}
}

Expand All @@ -538,6 +556,38 @@ func resourceLinuxVirtualMachineCreate(d *pluginsdk.ResourceData, meta interface
params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AssessmentMode = compute.LinuxPatchAssessmentMode(v.(string))
}

if d.Get("bypass_platform_safety_checks_on_user_schedule_enabled").(bool) {
if patchMode != string(compute.LinuxVMGuestPatchModeAutomaticByPlatform) {
return fmt.Errorf("`patch_mode` must be set to `AutomaticByPlatform` when `bypass_platform_safety_checks_on_user_schedule_enabled` is set to `true`")
}

if params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings == nil {
params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings = &compute.LinuxPatchSettings{}
}

if params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings == nil {
params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings = &compute.LinuxVMGuestPatchAutomaticByPlatformSettings{}
}

params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings.BypassPlatformSafetyChecksOnUserSchedule = pointer.To(true)
}

if v, ok := d.GetOk("reboot_setting"); ok {
if patchMode != string(compute.LinuxVMGuestPatchModeAutomaticByPlatform) {
return fmt.Errorf("`patch_mode` must be set to `AutomaticByPlatform` when `reboot_setting` is specified")
}

if params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings == nil {
params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings = &compute.LinuxPatchSettings{}
}

if params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings == nil {
params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings = &compute.LinuxVMGuestPatchAutomaticByPlatformSettings{}
}

params.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings.RebootSetting = compute.LinuxVMGuestPatchAutomaticByPlatformRebootSetting(v.(string))
}

secureBootEnabled := d.Get("secure_boot_enabled").(bool)
vtpmEnabled := d.Get("vtpm_enabled").(bool)
if securityEncryptionType != "" {
Expand Down Expand Up @@ -842,6 +892,19 @@ func resourceLinuxVirtualMachineRead(d *pluginsdk.ResourceData, meta interface{}
assessmentMode = string(patchSettings.AssessmentMode)
}
d.Set("patch_assessment_mode", assessmentMode)

bypassPlatformSafetyChecksOnUserScheduleEnabled := false
rebootSetting := ""
if patchSettings := config.PatchSettings; patchSettings != nil && patchSettings.AutomaticByPlatformSettings != nil {
if v := patchSettings.AutomaticByPlatformSettings.BypassPlatformSafetyChecksOnUserSchedule; v != nil {
bypassPlatformSafetyChecksOnUserScheduleEnabled = pointer.From(v)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pointer.From contains nil checking so this can be condensed down to

Suggested change
if v := patchSettings.AutomaticByPlatformSettings.BypassPlatformSafetyChecksOnUserSchedule; v != nil {
bypassPlatformSafetyChecksOnUserScheduleEnabled = pointer.From(v)
bypassPlatformSafetyChecksOnUserScheduleEnabled = pointer.From(v)

}
if v := patchSettings.AutomaticByPlatformSettings.RebootSetting; v != "" {
rebootSetting = string(v)
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can condense this as well

Suggested change
if v := patchSettings.AutomaticByPlatformSettings.RebootSetting; v != "" {
rebootSetting = string(v)
}
rebootSetting = string(v)

}
d.Set("bypass_platform_safety_checks_on_user_schedule_enabled", bypassPlatformSafetyChecksOnUserScheduleEnabled)
d.Set("reboot_setting", rebootSetting)
}

if err := d.Set("secret", flattenLinuxSecrets(profile.Secrets)); err != nil {
Expand Down Expand Up @@ -1243,6 +1306,63 @@ func resourceLinuxVirtualMachineUpdate(d *pluginsdk.ResourceData, meta interface
update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AssessmentMode = compute.LinuxPatchAssessmentMode(assessmentMode)
}

isPatchModeAutomaticByPlatform := d.Get("patch_mode") == string(compute.LinuxVMGuestPatchModeAutomaticByPlatform)
bypassPlatformSafetyChecksOnUserScheduleEnabled := d.Get("bypass_platform_safety_checks_on_user_schedule_enabled").(bool)
if bypassPlatformSafetyChecksOnUserScheduleEnabled && !isPatchModeAutomaticByPlatform {
return fmt.Errorf("`patch_mode` must be set to `AutomaticByPlatform` when `bypass_platform_safety_checks_on_user_schedule_enabled` is set to `true`")
}
if d.HasChange("bypass_platform_safety_checks_on_user_schedule_enabled") {
shouldUpdate = true

if update.VirtualMachineProperties.OsProfile == nil {
update.VirtualMachineProperties.OsProfile = &compute.OSProfile{}
}

if update.VirtualMachineProperties.OsProfile.LinuxConfiguration == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration = &compute.LinuxConfiguration{}
}

if update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings = &compute.LinuxPatchSettings{}
}

if isPatchModeAutomaticByPlatform {
if update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings = &compute.LinuxVMGuestPatchAutomaticByPlatformSettings{}
}

update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings.BypassPlatformSafetyChecksOnUserSchedule = pointer.To(bypassPlatformSafetyChecksOnUserScheduleEnabled)
}
}

rebootSetting := d.Get("reboot_setting").(string)
if rebootSetting != "" && !isPatchModeAutomaticByPlatform {
return fmt.Errorf("`patch_mode` must be set to `AutomaticByPlatform` when `reboot_setting` is specified")
}
if d.HasChange("reboot_setting") {
shouldUpdate = true

if update.VirtualMachineProperties.OsProfile == nil {
update.VirtualMachineProperties.OsProfile = &compute.OSProfile{}
}

if update.VirtualMachineProperties.OsProfile.LinuxConfiguration == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration = &compute.LinuxConfiguration{}
}

if update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings = &compute.LinuxPatchSettings{}
}

if isPatchModeAutomaticByPlatform {
if update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings == nil {
update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings = &compute.LinuxVMGuestPatchAutomaticByPlatformSettings{}
}

update.VirtualMachineProperties.OsProfile.LinuxConfiguration.PatchSettings.AutomaticByPlatformSettings.RebootSetting = compute.LinuxVMGuestPatchAutomaticByPlatformRebootSetting(rebootSetting)
}
}

if d.HasChange("allow_extension_operations") {
allowExtensionOperations := d.Get("allow_extension_operations").(bool)

Expand Down
Loading