From c4e25f560b4a853a5db14ad57a7a3e7a21147e9f Mon Sep 17 00:00:00 2001 From: Mauritz Uphoff <39736813+h3adex@users.noreply.github.com> Date: Mon, 10 Feb 2025 10:14:11 +0100 Subject: [PATCH] Feat: add egress_address_ranges attribute to ske resource (#672) * feat: add egress_address_ranges attribute to ske resource * docs: generate new docs for ske --- docs/data-sources/ske_cluster.md | 1 + docs/resources/ske_cluster.md | 1 + .../services/ske/cluster/datasource.go | 6 ++++- .../internal/services/ske/cluster/resource.go | 15 +++++++++++++ .../services/ske/cluster/resource_test.go | 22 +++++++++++++++---- 5 files changed, 40 insertions(+), 5 deletions(-) diff --git a/docs/data-sources/ske_cluster.md b/docs/data-sources/ske_cluster.md index 54c83a52..1d5573f6 100644 --- a/docs/data-sources/ske_cluster.md +++ b/docs/data-sources/ske_cluster.md @@ -32,6 +32,7 @@ data "stackit_ske_cluster" "example" { - `allow_privileged_containers` (Boolean, Deprecated) DEPRECATED as of Kubernetes 1.25+ Flag to specify if privileged mode for containers is enabled or not. This should be used with care since it also disables a couple of other features like the use of some volume type (e.g. PVCs). +- `egress_address_ranges` (List of String) The outgoing network ranges (in CIDR notation) of traffic originating from workload on the cluster. - `extensions` (Attributes) A single extensions block as defined below (see [below for nested schema](#nestedatt--extensions)) - `hibernations` (Attributes List) One or more hibernation block as defined below. (see [below for nested schema](#nestedatt--hibernations)) - `id` (String) Terraform's internal data source. ID. It is structured as "`project_id`,`name`". diff --git a/docs/resources/ske_cluster.md b/docs/resources/ske_cluster.md index 30dfa1d2..12991f08 100644 --- a/docs/resources/ske_cluster.md +++ b/docs/resources/ske_cluster.md @@ -62,6 +62,7 @@ Deprecated as of Kubernetes 1.25 and later ### Read-Only +- `egress_address_ranges` (List of String) The outgoing network ranges (in CIDR notation) of traffic originating from workload on the cluster. - `id` (String) Terraform's internal resource ID. It is structured as "`project_id`,`name`". - `kubernetes_version_used` (String) Full Kubernetes version used. For example, if 1.22 was set in `kubernetes_version_min`, this value may result to 1.22.15. SKE automatically updates the cluster Kubernetes version if you have set `maintenance.enable_kubernetes_version_updates` to true or if there is a mandatory update, as described in [Updates for Kubernetes versions and Operating System versions in SKE](https://docs.stackit.cloud/stackit/en/version-updates-in-ske-10125631.html). diff --git a/stackit/internal/services/ske/cluster/datasource.go b/stackit/internal/services/ske/cluster/datasource.go index 7b3e15a1..02676443 100644 --- a/stackit/internal/services/ske/cluster/datasource.go +++ b/stackit/internal/services/ske/cluster/datasource.go @@ -110,7 +110,11 @@ func (r *clusterDataSource) Schema(_ context.Context, _ datasource.SchemaRequest DeprecationMessage: "Please remove this flag from your configuration when using Kubernetes version 1.25+.", Computed: true, }, - + "egress_address_ranges": schema.ListAttribute{ + Description: "The outgoing network ranges (in CIDR notation) of traffic originating from workload on the cluster.", + Computed: true, + ElementType: types.StringType, + }, "node_pools": schema.ListNestedAttribute{ Description: "One or more `node_pool` block as defined below.", Computed: true, diff --git a/stackit/internal/services/ske/cluster/resource.go b/stackit/internal/services/ske/cluster/resource.go index 5d4ae2e9..ff1021f4 100644 --- a/stackit/internal/services/ske/cluster/resource.go +++ b/stackit/internal/services/ske/cluster/resource.go @@ -77,6 +77,7 @@ type Model struct { Network types.Object `tfsdk:"network"` Hibernations types.List `tfsdk:"hibernations"` Extensions types.Object `tfsdk:"extensions"` + EgressAddressRanges types.List `tfsdk:"egress_address_ranges"` } // Struct corresponding to Model.NodePools[i] @@ -374,6 +375,11 @@ func (r *clusterResource) Schema(_ context.Context, _ resource.SchemaRequest, re Description: "Flag to specify if privileged mode for containers is enabled or not.\nThis should be used with care since it also disables a couple of other features like the use of some volume type (e.g. PVCs).\nDeprecated as of Kubernetes 1.25 and later", Optional: true, }, + "egress_address_ranges": schema.ListAttribute{ + Description: "The outgoing network ranges (in CIDR notation) of traffic originating from workload on the cluster.", + Computed: true, + ElementType: types.StringType, + }, "node_pools": schema.ListNestedAttribute{ Description: "One or more `node_pool` block as defined below.", Required: true, @@ -1320,6 +1326,15 @@ func mapFields(ctx context.Context, cl *ske.Cluster, m *Model) error { m.AllowPrivilegedContainers = types.BoolPointerValue(cl.Kubernetes.AllowPrivilegedContainers) } + m.EgressAddressRanges = types.ListNull(types.StringType) + if cl.Status != nil { + var diags diag.Diagnostics + m.EgressAddressRanges, diags = types.ListValueFrom(ctx, types.StringType, cl.Status.EgressAddressRanges) + if diags.HasError() { + return fmt.Errorf("map egressAddressRanges: %w", core.DiagsToError(diags)) + } + } + err := mapNodePools(ctx, cl, m) if err != nil { return fmt.Errorf("map node_pools: %w", err) diff --git a/stackit/internal/services/ske/cluster/resource_test.go b/stackit/internal/services/ske/cluster/resource_test.go index 8c47ecc6..d1f260e2 100644 --- a/stackit/internal/services/ske/cluster/resource_test.go +++ b/stackit/internal/services/ske/cluster/resource_test.go @@ -57,6 +57,7 @@ func TestMapFields(t *testing.T) { Network: types.ObjectNull(networkTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), Extensions: types.ObjectNull(extensionsTypes), + EgressAddressRanges: types.ListNull(types.StringType), }, true, }, @@ -140,9 +141,10 @@ func TestMapFields(t *testing.T) { }, }, Status: &ske.ClusterStatus{ - Aggregated: &cs, - Error: nil, - Hibernated: nil, + Aggregated: &cs, + Error: nil, + Hibernated: nil, + EgressAddressRanges: &[]string{"0.0.0.0/32", "1.1.1.1/32"}, }, }, Model{ @@ -152,7 +154,13 @@ func TestMapFields(t *testing.T) { KubernetesVersion: types.StringNull(), KubernetesVersionUsed: types.StringValue("1.2.3"), AllowPrivilegedContainers: types.BoolValue(true), - + EgressAddressRanges: types.ListValueMust( + types.StringType, + []attr.Value{ + types.StringValue("0.0.0.0/32"), + types.StringValue("1.1.1.1/32"), + }, + ), NodePools: types.ListValueMust( types.ObjectType{AttrTypes: nodePoolTypes}, []attr.Value{ @@ -265,6 +273,7 @@ func TestMapFields(t *testing.T) { Network: types.ObjectNull(networkTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), Extensions: types.ObjectNull(extensionsTypes), + EgressAddressRanges: types.ListNull(types.StringType), }, true, }, @@ -298,6 +307,7 @@ func TestMapFields(t *testing.T) { NodePools: types.ListNull(types.ObjectType{AttrTypes: nodePoolTypes}), Maintenance: types.ObjectNull(maintenanceTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), + EgressAddressRanges: types.ListNull(types.StringType), Extensions: types.ObjectValueMust(extensionsTypes, map[string]attr.Value{ "acl": types.ObjectValueMust(aclTypes, map[string]attr.Value{ "enabled": types.BoolValue(true), @@ -345,6 +355,7 @@ func TestMapFields(t *testing.T) { NodePools: types.ListNull(types.ObjectType{AttrTypes: nodePoolTypes}), Maintenance: types.ObjectNull(maintenanceTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), + EgressAddressRanges: types.ListNull(types.StringType), Extensions: types.ObjectValueMust(extensionsTypes, map[string]attr.Value{ "acl": types.ObjectValueMust(aclTypes, map[string]attr.Value{ "enabled": types.BoolValue(false), @@ -403,6 +414,7 @@ func TestMapFields(t *testing.T) { NodePools: types.ListNull(types.ObjectType{AttrTypes: nodePoolTypes}), Maintenance: types.ObjectNull(maintenanceTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), + EgressAddressRanges: types.ListNull(types.StringType), Extensions: types.ObjectValueMust(extensionsTypes, map[string]attr.Value{ "acl": types.ObjectValueMust(aclTypes, map[string]attr.Value{ "enabled": types.BoolValue(true), @@ -440,6 +452,7 @@ func TestMapFields(t *testing.T) { Maintenance: types.ObjectNull(maintenanceTypes), Hibernations: types.ListNull(types.ObjectType{AttrTypes: hibernationTypes}), Extensions: types.ObjectNull(extensionsTypes), + EgressAddressRanges: types.ListNull(types.StringType), }, true, }, @@ -565,6 +578,7 @@ func TestMapFields(t *testing.T) { KubernetesVersion: types.StringNull(), KubernetesVersionUsed: types.StringValue("1.2.3"), AllowPrivilegedContainers: types.BoolValue(true), + EgressAddressRanges: types.ListNull(types.StringType), NodePools: types.ListValueMust( types.ObjectType{AttrTypes: nodePoolTypes}, []attr.Value{