From 5055436967ea1f93f942bc2a585a2d471b4ab16c Mon Sep 17 00:00:00 2001 From: Zhenguo Niu Date: Sat, 30 Mar 2019 15:31:43 +0800 Subject: [PATCH] Add authentication mode option support for CCE cluster --- .../resource_huaweicloud_cce_cluster_v3.go | 9 +++ ...esource_huaweicloud_cce_cluster_v3_test.go | 5 ++ .../openstack/cce/v3/clusters/results.go | 62 ++++++++++++++++++- vendor/vendor.json | 6 +- 4 files changed, 76 insertions(+), 6 deletions(-) diff --git a/huaweicloud/resource_huaweicloud_cce_cluster_v3.go b/huaweicloud/resource_huaweicloud_cce_cluster_v3.go index 90ee1a2e7d..8458571632 100644 --- a/huaweicloud/resource_huaweicloud_cce_cluster_v3.go +++ b/huaweicloud/resource_huaweicloud_cce_cluster_v3.go @@ -112,6 +112,12 @@ func resourceCCEClusterV3() *schema.Resource { Computed: true, ForceNew: true, }, + "authentication_mode": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Default: "x509", + }, "status": { Type: schema.TypeString, Computed: true, @@ -166,6 +172,8 @@ func resourceCCEClusterV3Create(d *schema.ResourceData, meta interface{}) error HighwaySubnet: d.Get("highway_subnet_id").(string)}, ContainerNetwork: clusters.ContainerNetworkSpec{Mode: d.Get("container_network_type").(string), Cidr: d.Get("container_network_cidr").(string)}, + Authentication: clusters.AuthenticationSpec{Mode: d.Get("authentication_mode").(string), + AuthenticatingProxy: make(map[string]string)}, BillingMode: d.Get("billing_mode").(int), ExtendParam: resourceClusterExtendParamV3(d), }, @@ -225,6 +233,7 @@ func resourceCCEClusterV3Read(d *schema.ResourceData, meta interface{}) error { d.Set("highway_subnet_id", n.Spec.HostNetwork.HighwaySubnet) d.Set("container_network_type", n.Spec.ContainerNetwork.Mode) d.Set("container_network_cidr", n.Spec.ContainerNetwork.Cidr) + d.Set("authentication_mode", n.Spec.Authentication.Mode) d.Set("region", GetRegion(d, config)) return nil diff --git a/huaweicloud/resource_huaweicloud_cce_cluster_v3_test.go b/huaweicloud/resource_huaweicloud_cce_cluster_v3_test.go index aec3555d42..a9b835e2d3 100644 --- a/huaweicloud/resource_huaweicloud_cce_cluster_v3_test.go +++ b/huaweicloud/resource_huaweicloud_cce_cluster_v3_test.go @@ -34,6 +34,8 @@ func TestAccCCEClusterV3_basic(t *testing.T) { "huaweicloud_cce_cluster_v3.cluster_1", "cluster_version", "v1.7.3-r10"), resource.TestCheckResourceAttr( "huaweicloud_cce_cluster_v3.cluster_1", "container_network_type", "overlay_l2"), + resource.TestCheckResourceAttr( + "huaweicloud_cce_cluster_v3.cluster_1", "authentication_mode", "x509"), ), }, { @@ -59,6 +61,8 @@ func TestAccCCEClusterV3_timeout(t *testing.T) { Config: testAccCCEClusterV3_timeout, Check: resource.ComposeTestCheckFunc( testAccCheckCCEClusterV3Exists("huaweicloud_cce_cluster_v3.cluster_1", &cluster), + resource.TestCheckResourceAttr( + "huaweicloud_cce_cluster_v3.cluster_1", "authentication_mode", "rbac"), ), }, }, @@ -150,6 +154,7 @@ resource "huaweicloud_cce_cluster_v3" "cluster_1" { vpc_id="%s" subnet_id="%s" container_network_type="overlay_l2" + authentication_mode = "rbac" timeouts { create = "10m" delete = "10m" diff --git a/vendor/github.com/huaweicloud/golangsdk/openstack/cce/v3/clusters/results.go b/vendor/github.com/huaweicloud/golangsdk/openstack/cce/v3/clusters/results.go index 09b2d6625d..530dc4cbd9 100644 --- a/vendor/github.com/huaweicloud/golangsdk/openstack/cce/v3/clusters/results.go +++ b/vendor/github.com/huaweicloud/golangsdk/openstack/cce/v3/clusters/results.go @@ -1,6 +1,8 @@ package clusters import ( + "encoding/json" + "github.com/huaweicloud/golangsdk" ) @@ -52,6 +54,8 @@ type Spec struct { HostNetwork HostNetworkSpec `json:"hostNetwork" required:"true"` //Container network parameters ContainerNetwork ContainerNetworkSpec `json:"containerNetwork" required:"true"` + //Authentication parameters + Authentication AuthenticationSpec `json:"authentication,omitempty"` // Charging mode of the cluster, which is 0 (on demand) BillingMode int `json:"billingMode,omitempty"` //Extended parameter for a cluster @@ -77,6 +81,13 @@ type ContainerNetworkSpec struct { Cidr string `json:"cidr,omitempty"` } +//Authentication parameters +type AuthenticationSpec struct { + //Authentication mode: rbac , x509 or authenticating_proxy + Mode string `json:"mode" required:"true"` + AuthenticatingProxy map[string]string `json:"authenticatingProxy" required:"true"` +} + type Status struct { //The state of the cluster Phase string `json:"phase"` @@ -87,7 +98,7 @@ type Status struct { //The status of each component in the cluster Conditions Conditions `json:"conditions"` //Kube-apiserver access address in the cluster - Endpoints []Endpoints `json:"endpoints"` + Endpoints []Endpoints `json:"-"` } type Conditions struct { @@ -100,10 +111,55 @@ type Conditions struct { } type Endpoints struct { - //The address accessed within the user's subnet + //The address accessed within the user's subnet - Huawei Url string `json:"url"` - //Public network access address + //Public network access address - Huawei Type string `json:"type"` + //Internal network address - OTC + Internal string `json:"internal"` + //External network address - OTC + External string `json:"external"` + //Endpoint of the cluster to be accessed through API Gateway - OTC + ExternalOTC string `json:"external_otc"` +} + +// UnmarshalJSON helps to unmarshal Status fields into needed values. +//OTC and Huawei have different data types and child fields for `endpoints` field in Cluster Status. +//This function handles the unmarshal for both +func (r *Status) UnmarshalJSON(b []byte) error { + type tmp Status + var s struct { + tmp + Endpoints []Endpoints `json:"endpoints"` + } + + err := json.Unmarshal(b, &s) + + if err != nil { + switch err.(type) { + case *json.UnmarshalTypeError: //check if type error occurred (handles the different endpoint structure for huawei and otc) + var s struct { + tmp + Endpoints Endpoints `json:"endpoints"` + } + err := json.Unmarshal(b, &s) + if err != nil { + return err + } + *r = Status(s.tmp) + r.Endpoints = []Endpoints{{Internal: s.Endpoints.Internal, + External: s.Endpoints.External, + ExternalOTC: s.Endpoints.ExternalOTC}} + return nil + default: + return err + } + } + + *r = Status(s.tmp) + r.Endpoints = s.Endpoints + + return err } type commonResult struct { diff --git a/vendor/vendor.json b/vendor/vendor.json index 6fea420dcf..991a514a72 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -1323,10 +1323,10 @@ "revisionTime": "2018-09-28T03:11:13Z" }, { - "checksumSHA1": "N8RK6MuOrE9TYdvOnEVQy/chKOM=", + "checksumSHA1": "hS4sckNAKv+fxg+Jn/V8WqlT+SA=", "path": "github.com/huaweicloud/golangsdk/openstack/cce/v3/clusters", - "revision": "fdea87e5a2d61c3072101509ebd93f755d9cbc4f", - "revisionTime": "2018-07-20T15:04:31Z" + "revision": "09c428020ade44ba52bfe3591b779ceb90d9e339", + "revisionTime": "2019-03-29T01:54:31Z" }, { "checksumSHA1": "xDEoWEA9ygauLBKnsNzsa1XKvOc=",