Skip to content

Commit

Permalink
azurerm_kubernetes_cluster - fix several AKS tests (hashicorp#27787)
Browse files Browse the repository at this point in the history 
* fix several AKS tests

* remove unused configs
  • Loading branch information
@stephybun
stephybun authored Oct 29, 2024
1 parent e5af1f8 commit a04a353
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 673 deletions.
273 changes: 2 additions & 271 deletions internal/services/containers/kubernetes_cluster_addons_resource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ import (

"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check"
"github.com/hashicorp/terraform-provider-azurerm/internal/features"
)

var addOnAppGatewaySubnetCIDR string = "10.225.0.0/16" // AKS will use 10.224.0.0/12 for the aks subnet so use 10.225.0.0/16 for the app gateway subnet
Expand Down Expand Up @@ -309,23 +308,19 @@ func TestAccKubernetesCluster_addonProfileServiceMeshProfile_certificateAuthorit
}

func TestAccKubernetesCluster_addonProfileServiceMeshProfile_revisions(t *testing.T) {
if !features.FourPointOhBeta() {
t.Skip("Service Mesh Profile Revisions are only available in version 4.0.0 and later")
}

data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test")
r := KubernetesClusterResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.addonProfileServiceMeshProfileRevisionsConfig(data, `["asm-1-20"]`),
Config: r.addonProfileServiceMeshProfileRevisionsConfig(data, `["asm-1-22"]`),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep(),
{
Config: r.addonProfileServiceMeshProfileRevisionsConfig(data, `["asm-1-20", "asm-1-21"]`),
Config: r.addonProfileServiceMeshProfileRevisionsConfig(data, `["asm-1-22", "asm-1-23"]`),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
Expand Down Expand Up @@ -1209,270 +1204,6 @@ resource "azurerm_kubernetes_cluster" "test" {
}

func (k KubernetesClusterResource) addonProfileServiceMeshProfileCertificateAuthorityConfig(data acceptance.TestData) string {
if !features.FourPointOhBeta() {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "test" {
name = "acctestRG-aks-%[1]s"
location = "%[2]s"
}
resource "azurerm_virtual_network" "test" {
name = "acctestvirtnet%[1]s"
address_space = ["10.1.0.0/16", "fd00:db8:deca::/48"]
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
}
resource "azurerm_subnet" "test" {
name = "acctestsubnet%[1]s"
resource_group_name = azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.test.name
address_prefixes = ["10.1.0.0/24", "fd00:db8:deca:deed::/64"]
}
data "azurerm_client_config" "current" {}
resource "azurerm_key_vault" "test" {
name = "acctestKV-%[1]s"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
tenant_id = data.azurerm_client_config.current.tenant_id
sku_name = "standard"
}
resource "azurerm_key_vault_access_policy" "test" {
key_vault_id = azurerm_key_vault.test.id
tenant_id = data.azurerm_client_config.current.tenant_id
object_id = data.azurerm_client_config.current.object_id
certificate_permissions = [
"Create",
"Delete",
"DeleteIssuers",
"Get",
"GetIssuers",
"Import",
"List",
"ListIssuers",
"ManageContacts",
"ManageIssuers",
"SetIssuers",
"Update",
"Purge",
]
key_permissions = [
"Create",
"Delete",
"Get",
"List",
"Purge",
"Recover",
"Update",
"GetRotationPolicy",
"SetRotationPolicy",
]
}
resource "azurerm_key_vault_certificate" "test_cert1" {
name = "acctestKVcert%[1]s-cert1"
key_vault_id = azurerm_key_vault.test.id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject_alternative_names {
dns_names = ["api.pluginsdk.io"]
}
subject = "CN=api.pluginsdk.io"
validity_in_months = 1
}
}
depends_on = [azurerm_key_vault_access_policy.test]
}
resource "azurerm_key_vault_certificate" "test_cert2" {
name = "acctestKVcert%[1]s-cert2"
key_vault_id = azurerm_key_vault.test.id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject_alternative_names {
dns_names = ["api.pluginsdk.io"]
}
subject = "CN=api.pluginsdk.io"
validity_in_months = 1
}
}
depends_on = [azurerm_key_vault_access_policy.test]
}
resource "azurerm_key_vault_certificate" "test_cert3" {
name = "acctestKVcert%[1]s-cert3"
key_vault_id = azurerm_key_vault.test.id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject_alternative_names {
dns_names = ["api.pluginsdk.io"]
}
subject = "CN=api.pluginsdk.io"
validity_in_months = 1
}
}
depends_on = [azurerm_key_vault_access_policy.test]
}
resource "azurerm_key_vault_key" "test" {
name = "testkeyvaultkey%[1]s"
key_vault_id = azurerm_key_vault.test.id
key_type = "RSA"
key_size = 2048
key_opts = [
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
]
depends_on = [azurerm_key_vault_access_policy.test]
}
resource "azurerm_user_assigned_identity" "test" {
name = "acctestUAI-%[1]s"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
}
resource "azurerm_kubernetes_cluster" "test" {
name = "acctestaks%[1]s"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
dns_prefix = "acctestaks%[1]s"
linux_profile {
admin_username = "acctestuser%[1]s"
ssh_key {
key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt [email protected]"
}
}
default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_DS2_v2"
vnet_subnet_id = azurerm_subnet.test.id
upgrade_settings {
max_surge = "10%%"
}
}
identity {
type = "UserAssigned"
identity_ids = [
azurerm_user_assigned_identity.test.id,
]
}
network_profile {
network_plugin = "kubenet"
dns_service_ip = "10.10.0.10"
service_cidr = "10.10.0.0/16"
}
key_vault_secrets_provider {
secret_rotation_enabled = true
}
service_mesh_profile {
mode = "Istio"
internal_ingress_gateway_enabled = true
external_ingress_gateway_enabled = true
certificate_authority {
key_vault_id = azurerm_key_vault.test.id
root_cert_object_name = azurerm_key_vault_certificate.test_cert1.name
cert_chain_object_name = azurerm_key_vault_certificate.test_cert2.name
cert_object_name = azurerm_key_vault_certificate.test_cert3.name
key_object_name = azurerm_key_vault_key.test.name
}
}
}
`, data.RandomString, data.Locations.Primary)
}

return fmt.Sprintf(`
provider "azurerm" {
features {}
Expand Down
Loading

0 comments on commit a04a353

Please sign in to comment.