Skip to content

Commit

Permalink
Make policy_types property required because the default value is only…
Browse files Browse the repository at this point in the history 
… evaluated server side on resource creation
  • Loading branch information
@pdecat
pdecat committed May 15, 2018
1 parent ad04b1b commit 3f17665
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 6 deletions.
9 changes: 7 additions & 2 deletions kubernetes/resource_kubernetes_network_policy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,12 +215,17 @@ func resourceKubernetesNetworkPolicy() *schema.Resource {
Schema: labelSelectorFields(),
},
},
// The policy_types property is made required because the default value is only evaluated server side on resource creation.
// During the initial creation, a default value is determined and stored, then PolicyTypes is no longer considered unset,
// it will stick to that value on further updates unless explicitly overridden.
// Leaving the policy_types property optional here would prevent further updates adding egress rules after the initial resource creation
// without egress rules nor policy types from working as expected as PolicyTypes will stick to Ingress server side.
"policy_types": {
Type: schema.TypeList,
Description: networkPolicySpecPolicyTypesDoc,
Optional: true,
Required: true,
MinItems: 1,
MaxItems: 2,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
},
Expand Down
23 changes: 23 additions & 0 deletions kubernetes/resource_kubernetes_network_policy_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ func TestAccKubernetesNetworkPolicy_basic(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.pod_selector.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
),
},
{
Expand All @@ -65,6 +67,8 @@ func TestAccKubernetesNetworkPolicy_basic(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.pod_selector.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
),
},
{
Expand Down Expand Up @@ -98,6 +102,8 @@ func TestAccKubernetesNetworkPolicy_basic(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.0.namespace_selector.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.0.namespace_selector.0.match_labels.name", "default"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.0.pod_selector.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
),
},
{
Expand Down Expand Up @@ -138,6 +144,8 @@ func TestAccKubernetesNetworkPolicy_basic(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.1.namespace_selector.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.1.pod_selector.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.ingress.0.from.1.pod_selector.0.match_labels.app", "myapp"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "1"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
),
},
{
Expand Down Expand Up @@ -189,6 +197,9 @@ func TestAccKubernetesNetworkPolicy_basic(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.ip_block.0.except.0", "10.0.0.0/24"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.ip_block.0.except.1", "10.0.1.0/24"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.pod_selector.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "2"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.1", "Egress"),
),
},
},
Expand Down Expand Up @@ -254,6 +265,9 @@ func TestAccKubernetesNetworkPolicy_withEgressAtCreation(t *testing.T) {
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.ip_block.0.except.0", "10.0.0.0/24"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.ip_block.0.except.1", "10.0.1.0/24"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.egress.0.to.0.pod_selector.#", "0"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.#", "2"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.0", "Ingress"),
resource.TestCheckResourceAttr("kubernetes_network_policy.test", "spec.0.policy_types.1", "Egress"),
),
},
},
Expand Down Expand Up @@ -349,6 +363,8 @@ resource "kubernetes_network_policy" "test" {
spec {
pod_selector {}
policy_types = [ "Ingress" ]
}
}
`, name)
Expand Down Expand Up @@ -376,6 +392,7 @@ resource "kubernetes_network_policy" "test" {
spec {
pod_selector = {}
ingress = []
policy_types = [ "Ingress" ]
}
}
`, name)
Expand Down Expand Up @@ -421,6 +438,8 @@ resource "kubernetes_network_policy" "test" {
]
},
]
policy_types = [ "Ingress" ]
}
}
`, name)
Expand Down Expand Up @@ -476,6 +495,8 @@ resource "kubernetes_network_policy" "test" {
]
},
]
policy_types = [ "Ingress" ]
}
}
`, name)
Expand Down Expand Up @@ -554,6 +575,8 @@ resource "kubernetes_network_policy" "test" {
]
},
]
policy_types = [ "Ingress", "Egress" ]
}
}
`, name)
Expand Down
17 changes: 13 additions & 4 deletions kubernetes/structure_network_policy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,7 @@ func expandNetworkPolicySpec(l []interface{}) v1.NetworkPolicySpec {
if v, ok := in["egress"].([]interface{}); ok && len(v) > 0 {
obj.Egress = expandNetworkPolicyEgress(v)
}
obj.PolicyTypes = expandNetworkPolicyTypes(in["policy_types"].([]interface{}))
}
return obj
}
Expand All @@ -140,9 +141,9 @@ func expandNetworkPolicyIngress(l []interface{}) []v1.NetworkPolicyIngressRule {

func expandNetworkPolicyEgress(l []interface{}) []v1.NetworkPolicyEgressRule {
obj := make([]v1.NetworkPolicyEgressRule, len(l), len(l))
for i, ingress := range l {
if ingress != nil {
in := ingress.(map[string]interface{})
for i, egress := range l {
if egress != nil {
in := egress.(map[string]interface{})
obj[i] = v1.NetworkPolicyEgressRule{}
if v, ok := in["ports"].([]interface{}); ok && len(v) > 0 {
obj[i].Ports = expandNetworkPolicyPorts(v)
Expand Down Expand Up @@ -210,6 +211,14 @@ func expandIPBlock(l []interface{}) *v1.IPBlock {
return obj
}

func expandNetworkPolicyTypes(l []interface{}) []v1.PolicyType {
obj := make([]v1.PolicyType, 0, 0)
for _, policyType := range l {
obj = append(obj, v1.PolicyType(policyType.(string)))
}
return obj
}

// Patchers

func patchNetworkPolicySpec(keyPrefix, pathPrefix string, d *schema.ResourceData) PatchOperations {
Expand Down Expand Up @@ -253,7 +262,7 @@ func patchNetworkPolicySpec(keyPrefix, pathPrefix string, d *schema.ResourceData
if d.HasChange(keyPrefix + "policy_types") {
ops = append(ops, &ReplaceOperation{
Path: pathPrefix + "/policyTypes",
Value: expandStringSlice(d.Get(keyPrefix + "policy_types").([]interface{})),
Value: expandNetworkPolicyTypes(d.Get(keyPrefix + "policy_types").([]interface{})),
})
}
return ops
Expand Down

0 comments on commit 3f17665

Please sign in to comment.