Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_kubernetes_cluster, azurerm_kubernetes_cluster_node_pool - deprecate preview features #26863

Merged
merged 9 commits into from
Aug 15, 2024
Merged

azurerm_kubernetes_cluster, azurerm_kubernetes_cluster_node_pool - deprecate preview features #26863

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
b7b3833
`azurerm_kubernetes_cluster`, `azurerm_kubernetes_cluster_node_pool` …
ms-henglu Jul 30, 2024
30998ff
make terrafmt
ms-henglu Jul 30, 2024
5a2fa72
only set custom_ca_trust_enabled if it's not 4.0 for node pool
ms-henglu Jul 30, 2024
a08406c
remove tests
ms-henglu Jul 31, 2024
4fd4f6b
add skip on the tests
ms-henglu Aug 1, 2024
11f3a28
fix tests format
ms-henglu Aug 1, 2024
8940da2
Merge branch 'main' into ticket-27055303-aks-switch-sdk-2024-05-01
ms-henglu Aug 13, 2024
7938c00
update the deprecate messages
ms-henglu Aug 13, 2024
bbaba18
fix panic
ms-henglu Aug 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 40 additions & 27 deletions internal/services/containers/kubernetes_cluster_data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -324,14 +324,6 @@ func dataSourceKubernetesCluster() *pluginsdk.Resource {
},
},

"custom_ca_trust_certificates_base64": {
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
},
},

"oms_agent": {
Type: pluginsdk.TypeList,
Computed: true,
Expand Down Expand Up @@ -654,10 +646,6 @@ func dataSourceKubernetesCluster() *pluginsdk.Resource {
Type: pluginsdk.TypeBool,
Computed: true,
},
"disk_driver_version": {
Type: pluginsdk.TypeString,
Computed: true,
},
"file_driver_enabled": {
Type: pluginsdk.TypeBool,
Computed: true,
Expand Down Expand Up @@ -745,6 +733,21 @@ func dataSourceKubernetesCluster() *pluginsdk.Resource {
Computed: true,
Deprecated: "This property is deprecated and will be removed in v4.0 of the AzureRM Provider in favour of the `node_public_ip_enabled` property.",
}
resource.Schema["storage_profile"].Elem.(*pluginsdk.Resource).Schema["disk_driver_version"] = &pluginsdk.Schema{
Deprecated: "This feature is a preview feature and will be removed in version 4.0 of the AzureRM Provider.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update all of the deprecation messages to the following:
This property is not available in the stable API and will be removed in v4.0 of the Azure Provider. Please see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/4.0-upgrade-guide#aks-migration-to-stable-api for more details

The link in the message isn't accessible right now, but it will be when the release goes out this week.

Type: pluginsdk.TypeString,
Computed: true,
}

resource.Schema["custom_ca_trust_certificates_base64"] = &pluginsdk.Schema{
Deprecated: "This feature is a preview feature and will be removed in version 4.0 of the AzureRM Provider.",
Type: pluginsdk.TypeList,
Computed: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
},
}

resource.Schema["azure_active_directory_role_based_access_control"] = &pluginsdk.Schema{
Type: pluginsdk.TypeList,
Computed: true,
Expand Down Expand Up @@ -865,9 +868,11 @@ func dataSourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{}
return fmt.Errorf("setting `key_management_service`: %+v", err)
}

customCaTrustCertList := flattenCustomCaTrustCerts(props.SecurityProfile)
if err := d.Set("custom_ca_trust_certificates_base64", customCaTrustCertList); err != nil {
return fmt.Errorf("setting `custom_ca_trust_certificates_base64`: %+v", err)
if !features.FourPointOhBeta() {
customCaTrustCertList := flattenCustomCaTrustCerts(props.SecurityProfile)
if err := d.Set("custom_ca_trust_certificates_base64", customCaTrustCertList); err != nil {
return fmt.Errorf("setting `custom_ca_trust_certificates_base64`: %+v", err)
}
}

serviceMeshProfile := flattenKubernetesClusterAzureServiceMeshProfile(props.ServiceMeshProfile)
Expand Down Expand Up @@ -1018,11 +1023,6 @@ func flattenKubernetesClusterDataSourceStorageProfile(input *managedclusters.Man
diskEnabled = *input.DiskCSIDriver.Enabled
}

diskVersion := ""
if input.DiskCSIDriver != nil && input.DiskCSIDriver.Version != nil {
diskVersion = *input.DiskCSIDriver.Version
}

fileEnabled := true
if input.FileCSIDriver != nil && input.FileCSIDriver.Enabled != nil {
fileEnabled = *input.FileCSIDriver.Enabled
Expand All @@ -1033,13 +1033,26 @@ func flattenKubernetesClusterDataSourceStorageProfile(input *managedclusters.Man
snapshotController = *input.SnapshotController.Enabled
}

storageProfile = append(storageProfile, map[string]interface{}{
"blob_driver_enabled": blobEnabled,
"disk_driver_enabled": diskEnabled,
"disk_driver_version": diskVersion,
"file_driver_enabled": fileEnabled,
"snapshot_controller_enabled": snapshotController,
})
if !features.FourPointOhBeta() {
diskVersion := ""
if input.DiskCSIDriver != nil && input.DiskCSIDriver.Version != nil {
diskVersion = *input.DiskCSIDriver.Version
}
storageProfile = append(storageProfile, map[string]interface{}{
"blob_driver_enabled": blobEnabled,
"disk_driver_enabled": diskEnabled,
"disk_driver_version": diskVersion,
"file_driver_enabled": fileEnabled,
"snapshot_controller_enabled": snapshotController,
})
} else {
storageProfile = append(storageProfile, map[string]interface{}{
"blob_driver_enabled": blobEnabled,
"disk_driver_enabled": diskEnabled,
"file_driver_enabled": fileEnabled,
"snapshot_controller_enabled": snapshotController,
})
}
}

return storageProfile
Expand Down
30 changes: 0 additions & 30 deletions internal/services/containers/kubernetes_cluster_data_source_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -554,26 +554,6 @@ func TestAccDataSourceKubernetesCluster_microsoftDefender(t *testing.T) {
})
}

func TestAccDataSourceKubernetesCluster_customCaTrustCerts(t *testing.T) {
Copy link
Member

@stephybun stephybun Aug 1, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't be removing these tests until after 4.0

  • We still need the ability to run these in case there are severe issues with any features that are still available in 3.x
  • In case of unforeseen consequences that may require us to roll back anything

Can you please skip the tests using the flag for now. We can worry about cleaning up unused tests and configs post major release.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it! I've updated this PR as suggested.

data := acceptance.BuildTestData(t, "data.azurerm_kubernetes_cluster", "test")
r := KubernetesClusterDataSource{}

fakeCertList := []string{
"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURjRENDQWxpZ0F3SUJBZ0lFU1QwSUhEQU5CZ2txaGtpRzl3MEJBUXNGQURCUk1Rc3dDUVlEVlFRR0V3SlEKVERFTk1Bc0dBMVVFQXd3RVZHVnpkREVWTUJNR0ExVUVCd3dNUkdWbVlYVnNkQ0JEYVhSNU1Sd3dHZ1lEVlFRSwpEQk5FWldaaGRXeDBJRU52YlhCaGJua2dUSFJrTUI0WERUSXpNRFV5T0RFeE1qY3dNMW9YRFRNek1EVXlOVEV4Ck1qY3dNMW93VVRFTE1Ba0dBMVVFQmhNQ1VFd3hEVEFMQmdOVkJBTU1CRlJsYzNReEZUQVRCZ05WQkFjTURFUmwKWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFQ2d3VFJHVm1ZWFZzZENCRGIyMXdZVzU1SUV4MFpEQ0NBU0l3RFFZSgpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFLN2JIYWtxSkdRMWVBOUFHUmlhNGl2anNDRXlGMDhDCjNpSzJZeWthNkREeldmTk1tRWpOUjJiQVZOMEhlLy9pWTd1VjJ2dXl6V1UxMzZGVkdMZkdyeTZGOHNQQUZaSzYKSE4vcWk1QVp6MUpoOGdWSTRwS1pjZEFxQS81clF3VVlvWVN3Q245dGVOYytsbU1ZUk5OcTVwdlV2NjcrNEM3MgpPc3BOSUxSclhBbWNUb1YveVRZVzFKWDBOeEJJSHZZaFZXUE9LQXpRZDQ5UEpSeFpqMUgydCszMEFsazgzTDFwClFzTGx2SzV3MjJpeXdkYVpRN1lmV0xXd1hPQzVPWXdRTUw1R3BHUFNQaEdxdjhqSUhpcHBVeTdrRDlNWFFZOFoKdDl2QkczMzVWSEdlUjI2QnNQQXRFbTJjR05ocjA5cmRvdWJGd2tDR05OYXNVamFoVW9CKzhPY0NBd0VBQWFOUQpNRTR3SFFZRFZSME9CQllFRk9CNmNpTGtUL21Cc2xXSm5Na2phQzZqbjd4ek1COEdBMVVkSXdRWU1CYUFGT0I2CmNpTGtUL21Cc2xXSm5Na2phQzZqbjd4ek1Bd0dBMVVkRXdRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQUQKZ2dFQkFKTklHdHJpeFlCRUc1Yy9iQWdOMHlMOEJvOW9nN29ha0hVMUc5TjBxOUNWWXhjOVhma2ZUaEhYOVBUeApMbVNGcHJEQlAyYnVGTzVIUDFpbnNFT1E2N1lGanAvRjVJWGdaQ2twZUpGdDBTL0R3N2ZRbFJJN2RCNGQzNmIzCmE1R2txU0M4aFlZemxLUm9DRGNhalp4QmdoVUFxK0tnTnV4RmNsM1Fnd1Uyam1QbkU4a1A4TmgyM3hlVUJ3WEkKL3pqbU1rdjV4SFhKdHBpdlpzTlpSSUttQW56RU9TWGlRK2JMTStTdlhtSkhYd29YYTZyTXg4YmkySzV4WkhIRwpkUHA1TnQ3L2dxOUdXcm95SkVjSFpEclBiSnR2WGFibTZYUXpxTTFYUzA3SDlaSFBXc0dENGlBM1k0T3JUUlRCClZ5blRPUDl5U3cwbklaVEk4YjZuR2RHTzBOOD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==",
"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURmakNDQW1hZ0F3SUJBZ0lFZnlWdk56QU5CZ2txaGtpRzl3MEJBUXNGQURCWU1Rc3dDUVlEVlFRR0V3SlEKVERFVU1CSUdBMVVFQXd3TFJtRnJaU0JEWlhKMElESXhGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFYwpNQm9HQTFVRUNnd1RSR1ZtWVhWc2RDQkRiMjF3WVc1NUlFeDBaREFlRncweU16QTJNRFF3TnpJME1qZGFGdzB5Ck5UQTJNRE13TnpJME1qZGFNRmd4Q3pBSkJnTlZCQVlUQWxCTU1SUXdFZ1lEVlFRRERBdEdZV3RsSUVObGNuUWcKTWpFVk1CTUdBMVVFQnd3TVJHVm1ZWFZzZENCRGFYUjVNUnd3R2dZRFZRUUtEQk5FWldaaGRXeDBJRU52YlhCaApibmtnVEhSa01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBMENTdVdUaGNjSG5MCkhFdjk4SUVNc2JLY3h4YVh4YTZiRXl1Yy9sUjRackpVN2p6eVlWNGVscTV5WTgwdDFCM0MyV3E2SXFoajErSGYKYW0xaStsU1FTejM1eWNnTWlwSWp2cUxKOVIzMVF0Wi9TRURkdGV2b2JqbytEa1dCOE55cG9Ia0pVbEIyQnR6ZgpOK09KeVFSdXU1b1cya2c5OE5Bd3JuTGpmQ0lremVWcFh5d0l4Tkx2ZmFrVGxpNWpYdG9WWG5pOTU5bmtINWVwClkrRnVoSEQwaU5CS25XYVkxR2QwVGhhSHNwTERmNFUycmo2WE5SZHd6QVZoVkdhUm02cndvSHRZeDVrYys1ZWMKQ0F4UEdRWFRzTzJUTHVrQzJ2YXI0M3RUM0ZjSC9taDRST2JaaThZS2xSQ3Fldm1QU1RmZ293RUFkTjlvSmxyRApXN2lzN2NnQjhRSURBUUFCbzFBd1RqQWRCZ05WSFE0RUZnUVVuRkRqN0pBQW9WZ2NzQkgyNzdMOHZlM0Q4U293Ckh3WURWUjBqQkJnd0ZvQVVuRkRqN0pBQW9WZ2NzQkgyNzdMOHZlM0Q4U293REFZRFZSMFRCQVV3QXdFQi96QU4KQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBT0diT0Zyek4rN2YxbzhJSDNtMXZxT3IyTUtvNEZMWExGRjBVbEhkNApwZXRhL05aQjArUmQ3TnUrOCtnUnlUbEJWZU9EZjN5SXU0TlFCUU92MlNqdS9Jakd0MUtmaUF3WkUwT1RUQXc3CnhIWStsMVBJWEFFVWNqNk00cjFKQzc4ZVZrc2pycTZoV1RPZ0RrSVZuRjY3bXlReXduR25EY1k0d0Fqc2pUajgKKzR4NTIrRi9QaVNQVGtjUFNuN0s2UjQzaEt5QUs2Z0poOHE5cVNhME5RQ2U2czhwTGU2SVY5SElWVVFFVERVOQpsM1VWWHNBMGx4dlB0blU1TXo2QWQ5cDA5L2w4d3o0cUdBdGFCUEd3K0R2cTNlaHdTd2VZZ3VHSktDQjhjb01JCjJRVUo0Zi9mNkFNVWtMeWxYZ3RSUEt1QjA3d3YwTmk1eWI5MjlFY1FJQ0l2dFE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t",
}

data.DataSourceTest(t, []acceptance.TestStep{
{
Config: r.customCaTrustCertificates(data, fakeCertList),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).Key("custom_ca_trust_certificates_base64.0").Exists(),
check.That(data.ResourceName).Key("custom_ca_trust_certificates_base64.1").Exists(),
),
},
})
}

func TestAccDataSourceKubernetesCluster_serviceMesh(t *testing.T) {
data := acceptance.BuildTestData(t, "data.azurerm_kubernetes_cluster", "test")
r := KubernetesClusterDataSource{}
Expand Down Expand Up @@ -992,16 +972,6 @@ data "azurerm_kubernetes_cluster" "test" {
`, KubernetesClusterResource{}.microsoftDefender(data))
}

func (KubernetesClusterDataSource) customCaTrustCertificates(data acceptance.TestData, fakeCertsList []string) string {
return fmt.Sprintf(`
%s
data "azurerm_kubernetes_cluster" "test" {
name = azurerm_kubernetes_cluster.test.name
resource_group_name = azurerm_kubernetes_cluster.test.resource_group_name
}
`, KubernetesClusterResource{}.customCATrustCertificates(data, fakeCertsList))
}

func (KubernetesClusterDataSource) serviceMesh(data acceptance.TestData) string {
return fmt.Sprintf(`
%s
Expand Down
177 changes: 0 additions & 177 deletions internal/services/containers/kubernetes_cluster_network_resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -978,36 +978,6 @@ func TestAccKubernetesCluster_networkDataPlane(t *testing.T) {
})
}

func TestAccKubernetesCluster_apiServerInManagedSubnet(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test")
r := KubernetesClusterResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.apiServerInManagedSubnet(data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep(),
})
}

func TestAccKubernetesCluster_apiServerInBYOSubnet(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test")
r := KubernetesClusterResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.apiServerInBYOSubnet(data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep(),
})
}

func TestAccKubernetesCluster_clusterPoolNodePublicIPTags(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test")
r := KubernetesClusterResource{}
Expand Down Expand Up @@ -1067,153 +1037,6 @@ func TestAccKubernetesCluster_clusterPoolNetworkProfileUpdate(t *testing.T) {
})
}

func (KubernetesClusterResource) apiServerInBYOSubnet(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}

resource "azurerm_resource_group" "test" {
name = "acctestRG-aks-%d"
location = "%s"
}

resource "azurerm_virtual_network" "test" {
name = "acctestvirtnet%d"
address_space = ["10.0.0.0/8"]
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
}

resource "azurerm_subnet" "test" {
name = "acctestsubnet%d"
resource_group_name = azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.test.name
address_prefixes = ["10.1.0.0/16"]

delegation {
name = "aks-delegation"

service_delegation {
actions = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
name = "Microsoft.ContainerService/managedClusters"
}
}
}

resource "azurerm_subnet" "test1" {
name = "acctestsubnet1%d"
resource_group_name = azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.test.name
address_prefixes = ["10.2.0.0/16"]
}

resource "azurerm_user_assigned_identity" "test" {
name = "acctestRG-aks-%d"
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
}

resource "azurerm_role_assignment" "test" {
scope = azurerm_subnet.test.id
role_definition_name = "Network Contributor"
principal_id = azurerm_user_assigned_identity.test.principal_id
}

resource "azurerm_kubernetes_cluster" "test" {
name = "acctestaks%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
dns_prefix = "acctestaks%d"

api_server_access_profile {
vnet_integration_enabled = true
subnet_id = azurerm_subnet.test.id
}

linux_profile {
admin_username = "acctestuser%d"

ssh_key {
key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt [email protected]"
}
}

default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_DS2_v2"
vnet_subnet_id = azurerm_subnet.test1.id
upgrade_settings {
max_surge = "10%%"
}
}

identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.test.id]
}

network_profile {
network_plugin = "azure"
}

depends_on = [
azurerm_role_assignment.test,
]
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger)
}

func (KubernetesClusterResource) apiServerInManagedSubnet(data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}

resource "azurerm_resource_group" "test" {
name = "acctestRG-aks-%d"
location = "%s"
}

resource "azurerm_kubernetes_cluster" "test" {
name = "acctestaks%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
dns_prefix = "acctestaks%d"

api_server_access_profile {
vnet_integration_enabled = true
}

linux_profile {
admin_username = "acctestuser%d"

ssh_key {
key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt [email protected]"
}
}

default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_DS2_v2"
upgrade_settings {
max_surge = "10%%"
}
}

identity {
type = "SystemAssigned"
}

network_profile {
network_plugin = "azure"
}
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger)
}

func (KubernetesClusterResource) advancedNetworkingConfig(data acceptance.TestData, networkPlugin string) string {
return fmt.Sprintf(`
provider "azurerm" {
Expand Down
Loading
Loading