From 24600a339f6cd6ad099c95022b6e16b79dae5c6a Mon Sep 17 00:00:00 2001 From: Heng Lu Date: Tue, 28 May 2024 13:31:25 +0800 Subject: [PATCH 1/5] `azurerm_kubernetes_cluster` - support for the `web_app_routing.dns_zone_ids` property --- .../kubernetes_cluster_other_resource_test.go | 71 +++++++++++++++ .../containers/kubernetes_cluster_resource.go | 86 ++++++++++++++----- .../docs/r/kubernetes_cluster.html.markdown | 2 +- 3 files changed, 137 insertions(+), 22 deletions(-) diff --git a/internal/services/containers/kubernetes_cluster_other_resource_test.go b/internal/services/containers/kubernetes_cluster_other_resource_test.go index f6445f5444cd..7daf4c26b102 100644 --- a/internal/services/containers/kubernetes_cluster_other_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_other_resource_test.go @@ -886,6 +886,22 @@ func TestAccKubernetesCluster_customCATrustEnabled(t *testing.T) { }) } +func TestAccKubernetesCluster_webAppRoutingWithMultipleDnsZone(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") + r := KubernetesClusterResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.webAppRoutingWithMultipleDnsZone(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("web_app_routing.0.web_app_routing_identity.#").HasValue("1"), + ), + }, + data.ImportStep(), + }) +} + func TestAccKubernetesCluster_webAppRouting(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") r := KubernetesClusterResource{} @@ -912,6 +928,14 @@ func TestAccKubernetesCluster_webAppRouting(t *testing.T) { check.That(data.ResourceName).ExistsInAzure(r), ), }, + data.ImportStep("web_app_routing.0.dns_zone_id", "web_app_routing.0.dns_zone_ids.#", "web_app_routing.0.dns_zone_ids.0"), + { + Config: r.webAppRoutingWithMultipleDnsZone(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("web_app_routing.0.web_app_routing_identity.#").HasValue("1"), + ), + }, data.ImportStep(), }) } @@ -3041,6 +3065,53 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger) } +func (KubernetesClusterResource) webAppRoutingWithMultipleDnsZone(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-aks-%[2]d" + location = "%[1]s" +} + +resource "azurerm_dns_zone" "test" { + name = "acctestzone%[2]d.com" + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_dns_zone" "test2" { + name = "acctestzone2%[2]d.com" + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%[2]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%[2]d" + + default_node_pool { + name = "default" + node_count = 1 + vm_size = "Standard_DS2_v2" + upgrade_settings { + max_surge = "10%%" + } + } + + identity { + type = "SystemAssigned" + } + + web_app_routing { + dns_zone_ids = [azurerm_dns_zone.test.id, azurerm_dns_zone.test2.id] + } +} + `, data.Locations.Primary, data.RandomInteger) +} + func (KubernetesClusterResource) webAppRouting(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { diff --git a/internal/services/containers/kubernetes_cluster_resource.go b/internal/services/containers/kubernetes_cluster_resource.go index 6889b4c467bf..91ba5ecf16a4 100644 --- a/internal/services/containers/kubernetes_cluster_resource.go +++ b/internal/services/containers/kubernetes_cluster_resource.go @@ -425,14 +425,18 @@ func resourceKubernetesCluster() *pluginsdk.Resource { MaxItems: 1, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ - "dns_zone_id": { - Type: pluginsdk.TypeString, + "dns_zone_ids": { + Type: pluginsdk.TypeList, Required: true, - ValidateFunc: validation.Any( - dnsValidate.ValidateDnsZoneID, - privatezones.ValidatePrivateDnsZoneID, - validation.StringIsEmpty, - ), + MinItems: 1, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + ValidateFunc: validation.Any( + dnsValidate.ValidateDnsZoneID, + privatezones.ValidatePrivateDnsZoneID, + validation.StringIsEmpty, + ), + }, }, "web_app_routing_identity": { Type: pluginsdk.TypeList, @@ -1666,6 +1670,31 @@ func resourceKubernetesCluster() *pluginsdk.Resource { }, }, } + resource.Schema["web_app_routing"].Elem.(*pluginsdk.Resource).Schema["dns_zone_id"] = &pluginsdk.Schema{ + Deprecated: "`dns_zone_id` has been deprecated in favor of `dns_zone_ids` and will be removed in v4.0 of the AzureRM Provider.", + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: validation.Any( + dnsValidate.ValidateDnsZoneID, + privatezones.ValidatePrivateDnsZoneID, + validation.StringIsEmpty, + ), + ConflictsWith: []string{"web_app_routing.0.dns_zone_ids"}, + } + resource.Schema["web_app_routing"].Elem.(*pluginsdk.Resource).Schema["dns_zone_ids"] = &pluginsdk.Schema{ + Type: pluginsdk.TypeList, + Optional: true, + MinItems: 1, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + ValidateFunc: validation.Any( + dnsValidate.ValidateDnsZoneID, + privatezones.ValidatePrivateDnsZoneID, + validation.StringIsEmpty, + ), + }, + ConflictsWith: []string{"web_app_routing.0.dns_zone_id"}, + } } if features.FourPointOhBeta() { @@ -2951,7 +2980,7 @@ func resourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{}) return fmt.Errorf("setting `microsoft_defender`: %+v", err) } - ingressProfile := flattenKubernetesClusterIngressProfile(props.IngressProfile) + ingressProfile := flattenKubernetesClusterIngressProfile(props.IngressProfile, d.Get("web_app_routing").([]interface{})) if err := d.Set("web_app_routing", ingressProfile); err != nil { return fmt.Errorf("setting `web_app_routing`: %+v", err) } @@ -4695,22 +4724,40 @@ func expandKubernetesClusterIngressProfile(d *pluginsdk.ResourceData, input []in } if input[0] != nil { config := input[0].(map[string]interface{}) - dnsZoneResourceId := config["dns_zone_id"].(string) - if dnsZoneResourceId != "" { - out.WebAppRouting.DnsZoneResourceIds = pointer.To([]string{dnsZoneResourceId}) + if !features.FourPointOhBeta() { + dnsZoneResourceId := config["dns_zone_id"].(string) + if dnsZoneResourceId != "" { + out.WebAppRouting.DnsZoneResourceIds = pointer.To([]string{dnsZoneResourceId}) + } + } + if v := config["dns_zone_ids"]; v != nil { + if dnsZoneResourceIds, ok := v.([]interface{}); ok && len(dnsZoneResourceIds) > 0 { + out.WebAppRouting.DnsZoneResourceIds = utils.ExpandStringSlice(dnsZoneResourceIds) + } } } return &out } -func flattenKubernetesClusterIngressProfile(input *managedclusters.ManagedClusterIngressProfile) []interface{} { +func flattenKubernetesClusterIngressProfile(input *managedclusters.ManagedClusterIngressProfile, old []interface{}) []interface{} { if input == nil || input.WebAppRouting == nil || (input.WebAppRouting.Enabled != nil && !*input.WebAppRouting.Enabled) { return []interface{}{} } - dnsZoneId := "" - if v := input.WebAppRouting.DnsZoneResourceIds; v != nil && len(*v) != 0 { - dnsZoneId = (*v)[0] + out := map[string]interface{}{} + useDnsZoneId := false + if !features.FourPointOhBeta() { + if len(old) > 0 && old[0] != nil { + oldConfig := old[0].(map[string]interface{}) + useDnsZoneId = oldConfig["dns_zone_id"].(string) != "" + } + } + if useDnsZoneId { + if v := input.WebAppRouting.DnsZoneResourceIds; v != nil && len(*v) != 0 { + out["dns_zone_id"] = (*v)[0] + } + } else { + out["dns_zone_ids"] = utils.FlattenStringSlice(input.WebAppRouting.DnsZoneResourceIds) } webAppRoutingIdentity := []interface{}{} @@ -4719,12 +4766,9 @@ func flattenKubernetesClusterIngressProfile(input *managedclusters.ManagedCluste webAppRoutingIdentity = flattenKubernetesClusterAddOnIdentityProfile(v) } - return []interface{}{ - map[string]interface{}{ - "dns_zone_id": dnsZoneId, - "web_app_routing_identity": webAppRoutingIdentity, - }, - } + out["web_app_routing_identity"] = webAppRoutingIdentity + + return []interface{}{out} } func expandKubernetesClusterAzureMonitorProfile(input []interface{}) *managedclusters.ManagedClusterAzureMonitorProfile { diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index ac00e680354c..b2ca30805757 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -891,7 +891,7 @@ A `sysctl_config` block supports the following: A `web_app_routing` block supports the following: -* `dns_zone_id` - (Required) Specifies the ID of the DNS Zone in which DNS entries are created for applications deployed to the cluster when Web App Routing is enabled. For Bring-Your-Own DNS zones this property should be set to an empty string `""`. +* `dns_zone_ids` - (Required) Specifies the list of the DNS Zone IDs in which DNS entries are created for applications deployed to the cluster when Web App Routing is enabled. For Bring-Your-Own DNS zones this property should be set to an empty string `""`. --- From e05cba35362100e1357462d43d4d70c76ff3937e Mon Sep 17 00:00:00 2001 From: Heng Lu Date: Tue, 28 May 2024 15:47:41 +0800 Subject: [PATCH 2/5] update ignores in the import step --- .../containers/kubernetes_cluster_other_resource_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/services/containers/kubernetes_cluster_other_resource_test.go b/internal/services/containers/kubernetes_cluster_other_resource_test.go index 7daf4c26b102..5a22e8877bb9 100644 --- a/internal/services/containers/kubernetes_cluster_other_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_other_resource_test.go @@ -952,7 +952,7 @@ func TestAccKubernetesCluster_webAppRoutingPrivateDNS(t *testing.T) { check.That(data.ResourceName).Key("web_app_routing.0.web_app_routing_identity.#").HasValue("1"), ), }, - data.ImportStep(), + data.ImportStep("web_app_routing.0.dns_zone_id", "web_app_routing.0.dns_zone_ids.#", "web_app_routing.0.dns_zone_ids.0"), }) } From af50e1fe8f32052a73ce41ad0fd47ab0ed62edda Mon Sep 17 00:00:00 2001 From: Heng Lu Date: Wed, 5 Jun 2024 09:26:12 +0800 Subject: [PATCH 3/5] update doc description --- website/docs/r/kubernetes_cluster.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index b2ca30805757..1b60584859ec 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -891,7 +891,7 @@ A `sysctl_config` block supports the following: A `web_app_routing` block supports the following: -* `dns_zone_ids` - (Required) Specifies the list of the DNS Zone IDs in which DNS entries are created for applications deployed to the cluster when Web App Routing is enabled. For Bring-Your-Own DNS zones this property should be set to an empty string `""`. +* `dns_zone_ids` - (Required) Specifies the list of the DNS Zone IDs in which DNS entries are created for applications deployed to the cluster when Web App Routing is enabled. If not using Bring-Your-Own DNS zones this property should be set to an empty list. --- From e89daf1905f3a6360b0193980cf26168492324ad Mon Sep 17 00:00:00 2001 From: Heng Lu Date: Thu, 6 Jun 2024 14:24:31 +0800 Subject: [PATCH 4/5] skip tests in 4.0 --- internal/features/four_point_oh.go | 2 +- .../containers/kubernetes_cluster_other_resource_test.go | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/internal/features/four_point_oh.go b/internal/features/four_point_oh.go index d3723a348066..8f252e3ad0a3 100644 --- a/internal/features/four_point_oh.go +++ b/internal/features/four_point_oh.go @@ -38,5 +38,5 @@ func FourPointOh() bool { // This exists to allow breaking changes to be piped through the provider // during the development of 3.x until 4.0 is ready. func FourPointOhBeta() bool { - return FourPointOh() || false + return true } diff --git a/internal/services/containers/kubernetes_cluster_other_resource_test.go b/internal/services/containers/kubernetes_cluster_other_resource_test.go index 41c547713e09..2599dff64ac0 100644 --- a/internal/services/containers/kubernetes_cluster_other_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_other_resource_test.go @@ -903,6 +903,9 @@ func TestAccKubernetesCluster_webAppRoutingWithMultipleDnsZone(t *testing.T) { } func TestAccKubernetesCluster_webAppRouting(t *testing.T) { + if !features.FourPointOhBeta() { + t.Skip("Skipping test in 4.0 as `dns_zone_id` is removed") + } data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") r := KubernetesClusterResource{} @@ -941,6 +944,9 @@ func TestAccKubernetesCluster_webAppRouting(t *testing.T) { } func TestAccKubernetesCluster_webAppRoutingPrivateDNS(t *testing.T) { + if !features.FourPointOhBeta() { + t.Skip("Skipping test in 4.0 as `dns_zone_id` is removed") + } data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") r := KubernetesClusterResource{} From 8c30ea43ddca4bb8ade62abc6cc90aad518f26b6 Mon Sep 17 00:00:00 2001 From: Heng Lu Date: Thu, 6 Jun 2024 14:48:48 +0800 Subject: [PATCH 5/5] revert test code --- internal/features/four_point_oh.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/features/four_point_oh.go b/internal/features/four_point_oh.go index 8f252e3ad0a3..d3723a348066 100644 --- a/internal/features/four_point_oh.go +++ b/internal/features/four_point_oh.go @@ -38,5 +38,5 @@ func FourPointOh() bool { // This exists to allow breaking changes to be piped through the provider // during the development of 3.x until 4.0 is ready. func FourPointOhBeta() bool { - return true + return FourPointOh() || false }