From 58a7ef9d03e9600c2646543d6ee82dbd179bb1d7 Mon Sep 17 00:00:00 2001 From: Nathan McKinley Date: Thu, 1 Mar 2018 13:19:18 -0800 Subject: [PATCH] Fix incorrect result on Read ignoring most authorized networks. (#1097) --- google/resource_container_cluster.go | 52 ++++++++++++----------- google/resource_container_cluster_test.go | 31 ++++++++++---- 2 files changed, 49 insertions(+), 34 deletions(-) diff --git a/google/resource_container_cluster.go b/google/resource_container_cluster.go index af39680a8f7..4f6482a3824 100644 --- a/google/resource_container_cluster.go +++ b/google/resource_container_cluster.go @@ -16,6 +16,30 @@ import ( var ( instanceGroupManagerURL = regexp.MustCompile("^https://www.googleapis.com/compute/v1/projects/([a-z][a-z0-9-]{5}(?:[-a-z0-9]{0,23}[a-z0-9])?)/zones/([a-z0-9-]*)/instanceGroupManagers/([^/]*)") + networkConfig = &schema.Resource{ + Schema: map[string]*schema.Schema{ + "cidr_blocks": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + MaxItems: 10, + Elem: cidrBlockConfig, + }, + }, + } + cidrBlockConfig = &schema.Resource{ + Schema: map[string]*schema.Schema{ + "cidr_block": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.CIDRNetwork(0, 32), + }, + "display_name": { + Type: schema.TypeString, + Optional: true, + }, + }, + } ) func resourceContainerCluster() *schema.Resource { @@ -246,29 +270,7 @@ func resourceContainerCluster() *schema.Resource { Type: schema.TypeList, Optional: true, MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "cidr_blocks": { - Type: schema.TypeSet, - Optional: true, - Computed: true, - MaxItems: 10, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "cidr_block": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.CIDRNetwork(0, 32), - }, - "display_name": { - Type: schema.TypeString, - Optional: true, - }, - }, - }, - }, - }, - }, + Elem: networkConfig, }, "min_master_version": { @@ -1239,14 +1241,14 @@ func flattenMaintenancePolicy(mp *container.MaintenancePolicy) []map[string]inte func flattenMasterAuthorizedNetworksConfig(c *container.MasterAuthorizedNetworksConfig) []map[string]interface{} { result := make(map[string]interface{}) if c.Enabled && len(c.CidrBlocks) > 0 { - cidrBlocks := make([]map[string]interface{}, 0, len(c.CidrBlocks)) + cidrBlocks := make([]interface{}, 0, len(c.CidrBlocks)) for _, v := range c.CidrBlocks { cidrBlocks = append(cidrBlocks, map[string]interface{}{ "cidr_block": v.CidrBlock, "display_name": v.DisplayName, }) } - result["cidr_blocks"] = cidrBlocks + result["cidr_blocks"] = schema.NewSet(schema.HashResource(cidrBlockConfig), cidrBlocks) } return []map[string]interface{}{result} } diff --git a/google/resource_container_cluster_test.go b/google/resource_container_cluster_test.go index adf94f08526..5edcad70928 100644 --- a/google/resource_container_cluster_test.go +++ b/google/resource_container_cluster_test.go @@ -165,7 +165,7 @@ func TestAccContainerCluster_withMasterAuthorizedNetworksConfig(t *testing.T) { CheckDestroy: testAccCheckContainerClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{"0.0.0.0/0"}), + Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{"8.8.8.8/32"}), Check: resource.ComposeTestCheckFunc( testAccCheckContainerCluster("google_container_cluster.with_master_authorized_networks"), resource.TestCheckResourceAttr("google_container_cluster.with_master_authorized_networks", @@ -173,19 +173,29 @@ func TestAccContainerCluster_withMasterAuthorizedNetworksConfig(t *testing.T) { ), }, { - Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{}), + ResourceName: "google_container_cluster.with_master_authorized_networks", + ImportState: true, + ImportStateVerify: true, + ImportStateIdPrefix: "us-central1-a/", + }, + { + Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{"10.0.0.0/8", "8.8.8.8/32"}), Check: resource.ComposeTestCheckFunc( testAccCheckContainerCluster("google_container_cluster.with_master_authorized_networks"), - resource.TestCheckNoResourceAttr("google_container_cluster.with_master_authorized_networks", - "master_authorized_networks_config.0.cidr_blocks"), ), }, { - Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{"8.8.8.8/32"}), + ResourceName: "google_container_cluster.with_master_authorized_networks", + ImportState: true, + ImportStateVerify: true, + ImportStateIdPrefix: "us-central1-a/", + }, + { + Config: testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName, []string{}), Check: resource.ComposeTestCheckFunc( testAccCheckContainerCluster("google_container_cluster.with_master_authorized_networks"), - resource.TestCheckResourceAttr("google_container_cluster.with_master_authorized_networks", - "master_authorized_networks_config.0.cidr_blocks.#", "1"), + resource.TestCheckNoResourceAttr("google_container_cluster.with_master_authorized_networks", + "master_authorized_networks_config.0.cidr_blocks"), ), }, }, @@ -1116,12 +1126,15 @@ func testAccContainerCluster_withMasterAuthorizedNetworksConfig(clusterName stri cidrBlocks := "" if len(cidrs) > 0 { var buf bytes.Buffer + buf.WriteString("cidr_blocks = [") for _, c := range cidrs { buf.WriteString(fmt.Sprintf(` - cidr_blocks { + { cidr_block = "%s" - }`, c)) + display_name = "disp-%s" + },`, c, c)) } + buf.WriteString("]") cidrBlocks = buf.String() }