No pdcsi disable on create

GoogleCloudPlatform · Dec 7, 2023 · 1c938f0 · 1c938f0
1 parent 61f0388
commit 1c938f0
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 11 deletions.
diff --git a/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb b/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb
@@ -2384,12 +2384,29 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
 		cluster.SecurityPostureConfig = expandSecurityPostureConfig(v)
 	}
 
+  needUpdateAfterCreate := false
+
 	// For now PSC based cluster don't support `enable_private_endpoint` on `create`, but only on `update` API call.
 	// If cluster is PSC based and enable_private_endpoint is set to true we will ignore it on `create` call and update cluster right after creation.
 	enablePrivateEndpointPSCCluster := isEnablePrivateEndpointPSCCluster(cluster)
 	if enablePrivateEndpointPSCCluster {
 		cluster.PrivateClusterConfig.EnablePrivateEndpoint = false
-	}
+    needUpdateAfterCreate = true
+	}
+
+  enablePDCSI := isEnablePDCSI(cluster);
+  if !enablePDCSI {
+    // GcePersistentDiskCsiDriver cannot be disabled at cluster create, only on cluster update. Ignore on create then update after creation.
+    // If pdcsi is disabled, the config should be defined. But we will be paranoid and double-check.
+    needUpdateAfterCreate = true
+    if cluster.AddonsConfig == nil {
+      cluster.AddonsConfig = &container.AddonsConfig{}
+    }
+    if cluster.AddonsConfig.GcePersistentDiskCsiDriverConfig == nil {
+      cluster.AddonsConfig.GcePersistentDiskCsiDriverConfig = &container.GcePersistentDiskCsiDriverConfig{}
+    }
+    cluster.AddonsConfig.GcePersistentDiskCsiDriverConfig.Enabled = true
+  }
 
 	req := &container.CreateClusterRequest{
 		Cluster: cluster,
@@ -2475,14 +2492,22 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
 		}
 	}
 
-	if enablePrivateEndpointPSCCluster {
+	if needUpdateAfterCreate {
 		name := containerClusterFullName(project, location, clusterName)
-		req := &container.UpdateClusterRequest{
-			Update: &container.ClusterUpdate{
-				DesiredEnablePrivateEndpoint: true,
-				ForceSendFields:              []string{"DesiredEnablePrivateEndpoint"},
-			},
-		}
+    update := &container.ClusterUpdate{}
+    if enablePrivateEndpointPSCCluster {
+      update.DesiredEnablePrivateEndpoint = true
+      update.ForceSendFields = append(update.ForceSendFields, "DesiredEnablePrivateEndpoint");
+    }
+    if !enablePDCSI {
+      update.DesiredAddonsConfig = &container.AddonsConfig{
+        GcePersistentDiskCsiDriverConfig: &container.GcePersistentDiskCsiDriverConfig{
+          Enabled: false,
+        },
+      }
+      update.ForceSendFields = append(update.ForceSendFields, "DesiredAddonsConfig.GcePersistentDiskCsiDriverConfig.Enabled");
+    }
+		req := &container.UpdateClusterRequest{Update: update}
 
 		err = transport_tpg.Retry(transport_tpg.RetryOptions{
 			RetryFunc: func() error {
@@ -2495,15 +2520,16 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
 			},
 		})
 		if err != nil {
-			return errwrap.Wrapf("Error updating enable private endpoint: {{err}}", err)
+			return errwrap.Wrapf(fmt.Sprintf("Error updating cluster for %v: {{err}}", update.ForceSendFields), err)
 		}
 
 		err = ContainerOperationWait(config, op, project, location, "updating enable private endpoint", userAgent, d.Timeout(schema.TimeoutCreate))
 		if err != nil {
-			return errwrap.Wrapf("Error while waiting to enable private endpoint: {{err}}", err)
+			return errwrap.Wrapf(fmt.Sprintf("Error while waiting on cluster update for %v: {{err}}", update.ForceSendFields), err)
 		}
 	}
 
+  // The update for additional pod ranges has to be done after all other updates.
 	if names, ok := d.GetOk("ip_allocation_policy.0.additional_pod_ranges_config.0.pod_range_names"); ok {
 		name := containerClusterFullName(project, location, clusterName)
 		additionalPodRangesConfig := &container.AdditionalPodRangesConfig{
@@ -4935,6 +4961,13 @@ func isEnablePrivateEndpointPSCCluster(cluster *container.Cluster) bool {
 	return false
 }
 
+func isEnablePDCSI(cluster *container.Cluster) bool {
+  if cluster.AddonsConfig == nil || cluster.AddonsConfig.GcePersistentDiskCsiDriverConfig == nil {
+    return true;  // PDCSI is enabled by default.
+  }
+  return cluster.AddonsConfig.GcePersistentDiskCsiDriverConfig.Enabled
+}
+
 func expandPrivateClusterConfig(configured interface{}) *container.PrivateClusterConfig {
 	l := configured.([]interface{})
 	if len(l) == 0 {

diff --git a/mmv1/third_party/terraform/services/container/resource_container_cluster_test.go.erb b/mmv1/third_party/terraform/services/container/resource_container_cluster_test.go.erb
@@ -127,7 +127,6 @@ func TestAccContainerCluster_misc(t *testing.T) {
 }
 
 func TestAccContainerCluster_withAddons(t *testing.T) {
-	t.Skipf("Skipping test %s due to https://github.com/hashicorp/terraform-provider-google/issues/16114", t.Name())
 	t.Parallel()
 
 	clusterName := fmt.Sprintf("tf-test-cluster-%s", acctest.RandString(t, 10))