stackit-dev-tools/terraform-provider-stackitprivatepreview
2
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Feat/674070 tfp | cleanup logic for old ske credentials rotation flow (#611)

Browse source 
* feat: removed deprecated getCredentials call

* feat: update generated documentation

* feature: removed further kube_config references

* feature: updated documentation

* chore: integrated review findings
This commit is contained in:
Rüdiger Schmitz 2024-12-19 08:30:34 +01:00 committed by GitHub
parent 0a456a71b8
commit a297043c72
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 130 additions and 220 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/data-sources/resourcemanager_project.md
View file

@ -3,7 +3,7 @@
page_title: "stackit_resourcemanager_project Data Source - stackit"
subcategory: ""
description: |-
Resource Manager project data source schema. To identify the project, you need to provider either projectid or containerid. If you provide both, project_id will be used.
Resource Manager project data source schema. To identify the project, you need to provider either project_id or container_id. If you provide both, project_id will be used.
---
# stackit_resourcemanager_project (Data Source)
@ -20,7 +20,6 @@ data "stackit_resourcemanager_project" "example" {
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional

1
docs/data-sources/ske_cluster.md
View file

@ -35,7 +35,6 @@ This should be used with care since it also disables a couple of other features
- `extensions` (Attributes) A single extensions block as defined below (see [below for nested schema](#nestedatt--extensions))
- `hibernations` (Attributes List) One or more hibernation block as defined below. (see [below for nested schema](#nestedatt--hibernations))
- `id` (String) Terraform's internal data source. ID. It is structured as "`project_id`,`name`".
- `kube_config` (String, Sensitive, Deprecated) Kube config file used for connecting to the cluster. This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see How to rotate SKE credentials (https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).
- `kubernetes_version` (String, Deprecated) Kubernetes version. This field is deprecated, use `kubernetes_version_used` instead
- `kubernetes_version_min` (String) The minimum Kubernetes version, this field is always nil. SKE automatically updates the cluster Kubernetes version if you have set `maintenance.enable_kubernetes_version_updates` to true or if there is a mandatory update, as described in [Updates for Kubernetes versions and Operating System versions in SKE](https://docs.stackit.cloud/stackit/en/version-updates-in-ske-10125631.html). To get the current kubernetes version being used for your cluster, use the `kubernetes_version_used` field.
- `kubernetes_version_used` (String) Full Kubernetes version used. For example, if `1.22` was selected, this value may result to `1.22.15`

26
docs/resources/key_pair.md
View file

@ -5,24 +5,26 @@ subcategory: ""
description: |-
Key pair resource schema. Must have a region specified in the provider configuration. Allows uploading an SSH public key to be used for server authentication.
Usage with server
```terraform
resource "stackitkeypair" "keypair" {
resource "stackit_key_pair" "keypair" {
name = "example-key-pair"
publickey = chomp(file("path/to/idrsa.pub"))
public_key = chomp(file("path/to/id_rsa.pub"))
}
resource "stackitserver" "example-server" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_server" "example-server" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-server"
bootvolume = {
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
availabilityzone = "eu01-1"
machinetype = "g1.1"
keypairname = "example-key-pair"
availability_zone = "eu01-1"
machine_type = "g1.1"
keypair_name = "example-key-pair"
}
```
~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources for how to opt-in to use beta resources.
---

209
docs/resources/server.md
View file

@ -7,43 +7,46 @@ description: |-
~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources for how to opt-in to use beta resources.
Example Usage
With key pair
```terraform
resource "stackitkeypair" "keypair" {
resource "stackit_key_pair" "keypair" {
name = "example-key-pair"
publickey = chomp(file("path/to/idrsa.pub"))
public_key = chomp(file("path/to/id_rsa.pub"))
}
resource "stackitserver" "user-data-from-file" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
bootvolume = {
resource "stackit_server" "user-data-from-file" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
name = "example-server"
machinetype = "g1.1"
keypairname = stackitkeypair.keypair.name
userdata = file("${path.module}/cloud-init.yaml")
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
user_data = file("${path.module}/cloud-init.yaml")
}
```
Boot from volume
```terraform
resource "stackitserver" "boot-from-volume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_server" "boot-from-volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-server"
bootvolume = {
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
availabilityzone = "eu01-1"
machinetype = "g1.1"
keypairname = "example-keypair"
availability_zone = "eu01-1"
machine_type = "g1.1"
keypair_name = "example-keypair"
}
```
Boot from existing volume
```terraform
resource "stackitvolume" "example-volume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_volume" "example-volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
size = 12
source = {
type = "image"
@ -52,117 +55,129 @@ description: |-
name = "example-volume"
availability_zone = "eu01-1"
}
resource "stackitserver" "boot-from-volume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_server" "boot-from-volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-server"
bootvolume = {
sourcetype = "volume"
sourceid = stackitvolume.example-volume.volumeid
boot_volume = {
source_type = "volume"
source_id = stackit_volume.example-volume.volume_id
}
availabilityzone = "eu01-1"
machinetype = "g1.1"
keypairname = stackitkeypair.keypair.name
availability_zone = "eu01-1"
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
}
```
Network setup
```terraform
resource "stackitserver" "server-with-network" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_server" "server-with-network" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-server"
bootvolume = {
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
machinetype = "g1.1"
keypairname = stackitkey_pair.keypair.name
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
}
resource "stackitnetwork" "network" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_network" "network" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-network"
nameservers = ["192.0.2.0", "198.51.100.0", "203.0.113.0"]
ipv4prefixlength = 24
ipv4_prefix_length = 24
}
resource "stackitsecuritygroup" "sec-group" {
resource "stackit_security_group" "sec-group" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-security-group"
stateful = true
}
resource "stackitsecuritygrouprule" "rule" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
securitygroupid = stackitsecuritygroup.sec-group.securitygroupid
resource "stackit_security_group_rule" "rule" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
security_group_id = stackit_security_group.sec-group.security_group_id
direction = "ingress"
ether_type = "IPv4"
}
resource "stackitnetworkinterface" "nic" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
networkid = stackitnetwork.network.networkid
securitygroupids = [stackitsecuritygroup.sec-group.securitygroupid]
resource "stackit_network_interface" "nic" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
network_id = stackit_network.network.network_id
security_group_ids = [stackit_security_group.sec-group.security_group_id]
}
resource "stackitpublicip" "public-ip" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
networkinterfaceid = stackitnetworkinterface.nic.networkinterface_id
resource "stackit_public_ip" "public-ip" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
network_interface_id = stackit_network_interface.nic.network_interface_id
}
resource "stackitservernetworkinterfaceattach" "nic-attachment" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
serverid = stackitserver.server-with-network.serverid
networkinterfaceid = stackitnetworkinterface.nic.networkinterfaceid
resource "stackit_server_network_interface_attach" "nic-attachment" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
server_id = stackit_server.server-with-network.server_id
network_interface_id = stackit_network_interface.nic.network_interface_id
}
```
Server with attached volume
```terraform
resource "stackitvolume" "example-volume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_volume" "example-volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
size = 12
performanceclass = "storagepremiumperf6"
performance_class = "storage_premium_perf6"
name = "example-volume"
availabilityzone = "eu01-1"
availability_zone = "eu01-1"
}
resource "stackitserver" "server-with-volume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
resource "stackit_server" "server-with-volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-server"
bootvolume = {
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
availabilityzone = "eu01-1"
machinetype = "g1.1"
keypairname = stackitkeypair.keypair.name
availability_zone = "eu01-1"
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
}
resource "stackitservervolumeattach" "attachvolume" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
serverid = stackitserver.server-with-volume.serverid
volumeid = stackitvolume.example-volume.volume_id
resource "stackit_server_volume_attach" "attach_volume" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
server_id = stackit_server.server-with-volume.server_id
volume_id = stackit_volume.example-volume.volume_id
}
```
Server with user data (cloud-init)
```terraform
resource "stackitserver" "user-data" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
bootvolume = {
resource "stackit_server" "user-data" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
name = "example-server"
machinetype = "g1.1"
keypairname = stackitkeypair.keypair.name
userdata = "#!/bin/bash\n/bin/su"
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
user_data = "#!/bin/bash\n/bin/su"
}
resource "stackitserver" "user-data-from-file" {
projectid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
bootvolume = {
resource "stackit_server" "user-data-from-file" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
boot_volume = {
size = 64
sourcetype = "image"
sourceid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
source_type = "image"
source_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
name = "example-server"
machinetype = "g1.1"
keypairname = stackitkeypair.keypair.name
userdata = file("${path.module}/cloud-init.yaml")
machine_type = "g1.1"
keypair_name = stackit_key_pair.keypair.name
user_data = file("${path.module}/cloud-init.yaml")
}
```
---
# stackit_server (Resource)

1
docs/resources/ske_cluster.md
View file

@ -63,7 +63,6 @@ Deprecated as of Kubernetes 1.25 and later
### Read-Only
- `id` (String) Terraform's internal resource ID. It is structured as "`project_id`,`name`".
- `kube_config` (String, Sensitive, Deprecated) Static token kubeconfig used for connecting to the cluster. This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see [How to rotate SKE credentials](https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).
- `kubernetes_version_used` (String) Full Kubernetes version used. For example, if 1.22 was set in `kubernetes_version_min`, this value may result to 1.22.15. SKE automatically updates the cluster Kubernetes version if you have set `maintenance.enable_kubernetes_version_updates` to true or if there is a mandatory update, as described in [Updates for Kubernetes versions and Operating System versions in SKE](https://docs.stackit.cloud/stackit/en/version-updates-in-ske-10125631.html).
<a id="nestedatt--node_pools"></a>

42
stackit/internal/services/ske/cluster/datasource.go
View file

@ -7,7 +7,6 @@ import (
"github.com/hashicorp/terraform-plugin-framework/datasource"
"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
"github.com/hashicorp/terraform-plugin-framework/diag"
"github.com/hashicorp/terraform-plugin-framework/schema/validator"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/hashicorp/terraform-plugin-log/tflog"
@ -16,7 +15,6 @@ import (
"github.com/stackitcloud/stackit-sdk-go/services/ske"
"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/core"
"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/validate"
"golang.org/x/mod/semver"
)
// Ensure the implementation satisfies the expected interfaces.
@ -317,12 +315,6 @@ func (r *clusterDataSource) Schema(_ context.Context, _ datasource.SchemaRequest
},
},
},
"kube_config": schema.StringAttribute{
Description: "Kube config file used for connecting to the cluster. This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see How to rotate SKE credentials (https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).",
Sensitive: true,
Computed: true,
DeprecationMessage: "This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see How to rotate SKE credentials (https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).",
},
},
}
}
@ -355,12 +347,7 @@ func (r *clusterDataSource) Read(ctx context.Context, req datasource.ReadRequest
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading cluster", fmt.Sprintf("Processing API payload: %v", err))
return
}
// Handle credential
err = r.getCredential(ctx, &resp.Diagnostics, &state)
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading cluster", fmt.Sprintf("Getting credential: %v", err))
return
}
// Set refreshed state
diags = resp.State.Set(ctx, state)
resp.Diagnostics.Append(diags...)
@ -369,30 +356,3 @@ func (r *clusterDataSource) Read(ctx context.Context, req datasource.ReadRequest
}
tflog.Info(ctx, "SKE cluster read")
}
func (r *clusterDataSource) getCredential(ctx context.Context, diags *diag.Diagnostics, model *Model) error {
c := r.client
// for kubernetes with version >= 1.27, the deprecated endpoint will not work, so we set kubeconfig to nil
if semver.Compare(fmt.Sprintf("v%s", model.KubernetesVersion.ValueString()), "v1.27") >= 0 {
core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "Kubernetes version is 1.27 or higher, you must use the stackit_ske_kubeconfig resource instead.")
model.KubeConfig = types.StringPointerValue(nil)
return nil
}
res, err := c.GetCredentials(ctx, model.ProjectId.ValueString(), model.Name.ValueString()).Execute() //nolint:staticcheck //This endpoint is deprecated but is called to support a deprecated attribute, will be removed with the attribute
if err != nil {
oapiErr, ok := err.(*oapierror.GenericOpenAPIError) //nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
if !ok {
return fmt.Errorf("fetch cluster credentials: could not convert error to oapierror.GenericOpenAPIError")
}
if oapiErr.StatusCode == http.StatusBadRequest {
// deprecated endpoint will return 400 if the new endpoints have been used
// if that's the case, we set the field to null
core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "The call to GetCredentials failed, which means the new credentials rotation flow might already been triggered for this cluster. If you are already using the stackit_ske_kubeconfig resource you can ignore this warning. If not, you must start using it.")
model.KubeConfig = types.StringPointerValue(nil)
return nil
}
return fmt.Errorf("fetching cluster credentials: %w", err)
}
model.KubeConfig = types.StringPointerValue(res.Kubeconfig)
return nil
}

48
stackit/internal/services/ske/cluster/resource.go
View file

@ -77,7 +77,6 @@ type Model struct {
Network types.Object `tfsdk:"network"`
Hibernations types.List `tfsdk:"hibernations"`
Extensions types.Object `tfsdk:"extensions"`
KubeConfig types.String `tfsdk:"kube_config"`
}
// Struct corresponding to Model.NodePools[i]
@ -637,12 +636,6 @@ func (r *clusterResource) Schema(_ context.Context, _ resource.SchemaRequest, re
},
},
},
"kube_config": schema.StringAttribute{
Description: "Static token kubeconfig used for connecting to the cluster. This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see [How to rotate SKE credentials](https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).",
Sensitive: true,
Computed: true,
DeprecationMessage: "This field will be empty for clusters with Kubernetes v1.27+, or if you have obtained the kubeconfig or performed credentials rotation using the new process, either through the Portal or the SKE API. Use the stackit_ske_kubeconfig resource instead. For more information, see [How to rotate SKE credentials](https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html).",
},
},
}
}
@ -859,40 +852,6 @@ func (r *clusterResource) createOrUpdateCluster(ctx context.Context, diags *diag
core.LogAndAddError(ctx, diags, "Error creating/updating cluster", fmt.Sprintf("Processing API payload: %v", err))
return
}
// Handle credential
err = r.getCredential(ctx, diags, model)
if err != nil {
core.LogAndAddError(ctx, diags, "Error creating/updating cluster", fmt.Sprintf("Getting credential: %v", err))
return
}
}
func (r *clusterResource) getCredential(ctx context.Context, diags *diag.Diagnostics, model *Model) error {
c := r.skeClient
// for kubernetes with version >= 1.27, the deprecated endpoint will not work, so we set kubeconfig to nil
if semver.Compare(fmt.Sprintf("v%s", model.KubernetesVersion.ValueString()), "v1.27") >= 0 {
core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "Kubernetes version is 1.27 or higher, you must use the stackit_ske_kubeconfig resource instead.")
model.KubeConfig = types.StringPointerValue(nil)
return nil
}
res, err := c.GetCredentials(ctx, model.ProjectId.ValueString(), model.Name.ValueString()).Execute() //nolint:staticcheck //This endpoint is deprecated but is called to support a deprecated attribute, will be removed with the attribute
if err != nil {
oapiErr, ok := err.(*oapierror.GenericOpenAPIError) //nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
if !ok {
return fmt.Errorf("fetch cluster credentials: could not convert error to oapierror.GenericOpenAPIError")
}
if oapiErr.StatusCode == http.StatusBadRequest {
// deprecated endpoint will return 400 if the new endpoints have been used
// if that's the case, we set the field to null
core.LogAndAddWarning(ctx, diags, "The kubelogin field is set to null", "Failed to get static token kubeconfig, which means the new credentials rotation flow might already been triggered for this cluster. If you are already using the stackit_ske_kubeconfig resource you can ignore this warning. If not, you must use it to access this cluster's short-lived admin kubeconfig.")
model.KubeConfig = types.StringPointerValue(nil)
return nil
}
return fmt.Errorf("fetching cluster credentials: %w", err)
}
model.KubeConfig = types.StringPointerValue(res.Kubeconfig)
return nil
}
func toNodepoolsPayload(ctx context.Context, m *Model, availableMachineVersions []ske.MachineImage, currentMachineImages map[string]*ske.Image) ([]ske.Nodepool, []string, error) {
@ -1995,13 +1954,6 @@ func (r *clusterResource) Read(ctx context.Context, req resource.ReadRequest, re
return
}
// Handle credential
err = r.getCredential(ctx, &resp.Diagnostics, &state)
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading cluster", fmt.Sprintf("Getting credential: %v", err))
return
}
diags = resp.State.Set(ctx, state)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {

8
stackit/internal/services/ske/cluster/resource_test.go
View file

@ -56,7 +56,6 @@ func TestMapFields(t *testing.T) {
Network: types.ObjectNull(networkTypes),
Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}),
Extensions: types.ObjectNull(extensionsTypes),
KubeConfig: types.StringNull(),
},
true,
},
@ -243,7 +242,6 @@ func TestMapFields(t *testing.T) {
}),
}),
}),
KubeConfig: types.StringNull(),
},
true,
},
@ -266,7 +264,6 @@ func TestMapFields(t *testing.T) {
Network: types.ObjectNull(networkTypes),
Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}),
Extensions: types.ObjectNull(extensionsTypes),
KubeConfig: types.StringNull(),
},
true,
},
@ -314,7 +311,6 @@ func TestMapFields(t *testing.T) {
"zones": types.ListNull(types.StringType),
}),
}),
KubeConfig: types.StringNull(),
},
true,
},
@ -362,7 +358,6 @@ func TestMapFields(t *testing.T) {
"zones": types.ListNull(types.StringType),
}),
}),
KubeConfig: types.StringNull(),
},
true,
},
@ -423,7 +418,6 @@ func TestMapFields(t *testing.T) {
"zones": types.ListNull(types.StringType),
}),
}),
KubeConfig: types.StringNull(),
},
true,
},
@ -445,7 +439,6 @@ func TestMapFields(t *testing.T) {
Maintenance: types.ObjectNull(maintenanceTypes),
Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}),
Extensions: types.ObjectNull(extensionsTypes),
KubeConfig: types.StringNull(),
},
true,
},
@ -649,7 +642,6 @@ func TestMapFields(t *testing.T) {
}),
}),
}),
KubeConfig: types.StringNull(),
},
true,
},

12
stackit/internal/services/ske/ske_acc_test.go
View file

@ -254,7 +254,6 @@ func TestAccSKE(t *testing.T) {
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.enable_machine_image_version_updates", clusterResource["maintenance_enable_machine_image_version_updates"]),
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.start", clusterResource["maintenance_start"]),
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.end", clusterResource["maintenance_end"]),
resource.TestCheckNoResourceAttr("stackit_ske_cluster.cluster", "kube_config"),
// Kubeconfig
@ -267,7 +266,6 @@ func TestAccSKE(t *testing.T) {
"stackit_ske_cluster.cluster", "name",
),
resource.TestCheckResourceAttr("stackit_ske_kubeconfig.kubeconfig", "expiration", clusterResource["kubeconfig_expiration"]),
resource.TestCheckResourceAttrSet("stackit_ske_kubeconfig.kubeconfig", "kube_config"),
resource.TestCheckResourceAttrSet("stackit_ske_kubeconfig.kubeconfig", "expires_at"),
// Minimal cluster
@ -295,7 +293,6 @@ func TestAccSKE(t *testing.T) {
resource.TestCheckResourceAttrSet("stackit_ske_cluster.cluster_min", "maintenance.enable_machine_image_version_updates"),
resource.TestCheckResourceAttrSet("stackit_ske_cluster.cluster_min", "maintenance.start"),
resource.TestCheckResourceAttrSet("stackit_ske_cluster.cluster_min", "maintenance.end"),
resource.TestCheckNoResourceAttr("stackit_ske_cluster.cluster_min", "kube_config"),
),
},
// 2) Data source
@ -362,8 +359,6 @@ func TestAccSKE(t *testing.T) {
resource.TestCheckResourceAttr("data.stackit_ske_cluster.cluster", "maintenance.start", clusterResource["maintenance_start"]),
resource.TestCheckResourceAttr("data.stackit_ske_cluster.cluster", "maintenance.end", clusterResource["maintenance_end"]),
resource.TestCheckNoResourceAttr("data.stackit_ske_cluster.cluster", "kube_config"), // when using the kubeconfig resource, the kubeconfig field becomes null
// Minimal cluster
resource.TestCheckResourceAttr("data.stackit_ske_cluster.cluster_min", "name", clusterResource["name_min"]),
resource.TestCheckResourceAttrSet("data.stackit_ske_cluster.cluster_min", "kubernetes_version_used"),
@ -388,7 +383,6 @@ func TestAccSKE(t *testing.T) {
resource.TestCheckResourceAttrSet("data.stackit_ske_cluster.cluster_min", "maintenance.enable_machine_image_version_updates"),
resource.TestCheckResourceAttrSet("data.stackit_ske_cluster.cluster_min", "maintenance.start"),
resource.TestCheckResourceAttrSet("data.stackit_ske_cluster.cluster_min", "maintenance.end"),
resource.TestCheckNoResourceAttr("data.stackit_ske_cluster.cluster_min", "kube_config"),
),
},
// 3) Import cluster
@ -412,7 +406,7 @@ func TestAccSKE(t *testing.T) {
ImportState: true,
ImportStateVerify: true,
// The fields are not provided in the SKE API when disabled, although set actively.
ImportStateVerifyIgnore: []string{"kubernetes_version_min", "kube_config", "node_pools.0.os_version_min", "extensions.argus.%", "extensions.argus.argus_instance_id", "extensions.argus.enabled", "extensions.acl.enabled", "extensions.acl.allowed_cidrs", "extensions.acl.allowed_cidrs.#", "extensions.acl.%", "extensions.dns.enabled", "extensions.dns.zones", "extensions.dns.zones.#", "extensions.dns.zones.%"},
ImportStateVerifyIgnore: []string{"kubernetes_version_min", "node_pools.0.os_version_min", "extensions.argus.%", "extensions.argus.argus_instance_id", "extensions.argus.enabled", "extensions.acl.enabled", "extensions.acl.allowed_cidrs", "extensions.acl.allowed_cidrs.#", "extensions.acl.%", "extensions.dns.enabled", "extensions.dns.zones", "extensions.dns.zones.#", "extensions.dns.zones.%"},
},
// 4) Import minimal cluster
{
@ -434,7 +428,7 @@ func TestAccSKE(t *testing.T) {
},
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"kubernetes_version_min", "kube_config", "node_pools.0.os_version_min"},
ImportStateVerifyIgnore: []string{"kubernetes_version_min", "node_pools.0.os_version_min"},
},
// 5) Update kubernetes version, OS version and maintenance end
{
@ -480,8 +474,6 @@ func TestAccSKE(t *testing.T) {
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.enable_machine_image_version_updates", clusterResource["maintenance_enable_machine_image_version_updates"]),
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.start", clusterResource["maintenance_start"]),
resource.TestCheckResourceAttr("stackit_ske_cluster.cluster", "maintenance.end", clusterResource["maintenance_end_new"]),
resource.TestCheckNoResourceAttr("stackit_ske_cluster.cluster", "kube_config"), // when using the kubeconfig resource, the kubeconfig field becomes null
),
},
// 6) Downgrade kubernetes and nodepool machine OS version