Skip to content

Commit

Permalink
Support empty TLS blocks in Ingress resource (hashicorp#2344)
Browse files Browse the repository at this point in the history
  • Loading branch information
@andremarianiello
andremarianiello authored Dec 5, 2023
1 parent 772e2ba commit a7809cd
Show file tree
Hide file tree
Showing 11 changed files with 132 additions and 33 deletions.
7 changes: 7 additions & 0 deletions .changelog/2344.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:bug
`resource/kubernetes_ingress`: Fix an issue where the empty `tls` attribute in the configuration does not generate the corresponding Ingress object without any TLS configuration.
```

```release-note:bug
`resource/kubernetes_ingress_v1`: Fix an issue where the empty `tls` attribute in the configuration does not generate the corresponding Ingress object without any TLS configuration.
```
3 changes: 1 addition & 2 deletions kubernetes/provider_ignore_metadata_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,7 @@ func TestAccKubernetesIgnoreKubernetesMetadata_basic(t *testing.T) {
}

func testAccKubernetesIgnoreKubernetesMetadataProviderConfig(namespaceName string, ignoreKubernetesMetadata string) string {
return fmt.Sprintf(`
provider "kubernetes" {
return fmt.Sprintf(`provider "kubernetes" {
ignore_annotations = [
"%s",
]
Expand Down
53 changes: 53 additions & 0 deletions kubernetes/resource_kubernetes_ingress_v1_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,39 @@ func TestAccKubernetesIngressV1_TLS(t *testing.T) {
})
}

func TestAccKubernetesIngressV1_emptyTLS(t *testing.T) {
var conf networking.Ingress
name := fmt.Sprintf("tf-acc-test-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
resourceName := "kubernetes_ingress_v1.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
testAccPreCheck(t)
skipIfClusterVersionLessThan(t, "1.22.0")
},
IDRefreshName: resourceName,
ProviderFactories: testAccProviderFactories,
CheckDestroy: testAccCheckKubernetesIngressV1Destroy,
IDRefreshIgnore: []string{"metadata.0.resource_version"},
Steps: []resource.TestStep{
{
Config: testAccKubernetesIngressV1Config_emptyTLS(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckKubernetesIngressV1Exists(resourceName, &conf),
resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.generation"),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.resource_version"),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.uid"),
resource.TestCheckResourceAttr(resourceName, "spec.#", "1"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.#", "1"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.0.hosts.#", "0"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.0.secret_name", ""),
),
},
},
})
}

func TestAccKubernetesIngressV1_InternalKey(t *testing.T) {
var conf networking.Ingress
name := fmt.Sprintf("tf-acc-test-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
Expand Down Expand Up @@ -541,6 +574,26 @@ func testAccKubernetesIngressV1Config_TLS_modified(name string) string {
}`, name)
}

func testAccKubernetesIngressV1Config_emptyTLS(name string) string {
return fmt.Sprintf(`resource "kubernetes_ingress_v1" "test" {
metadata {
name = "%s"
}
spec {
default_backend {
service {
name = "app1"
port {
number = 443
}
}
}
tls {
}
}
}`, name)
}

func testAccKubernetesIngressV1Config_internalKey(name string) string {
return fmt.Sprintf(`resource "kubernetes_ingress_v1" "test" {
metadata {
Expand Down
50 changes: 49 additions & 1 deletion kubernetes/resource_kubernetes_ingress_v1beta1_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,39 @@ func TestAccKubernetesIngressV1Beta1_TLS(t *testing.T) {
})
}

func TestAccKubernetesIngressV1Beta1_emptyTLS(t *testing.T) {
var conf api.Ingress
name := fmt.Sprintf("tf-acc-test-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
resourceName := "kubernetes_ingress.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
testAccPreCheck(t)
skipIfClusterVersionGreaterThanOrEqual(t, "1.22.0")
},
IDRefreshName: resourceName,
IDRefreshIgnore: []string{"metadata.0.resource_version"},
ProviderFactories: testAccProviderFactories,
CheckDestroy: testAccCheckKubernetesIngressV1Beta1Destroy,
Steps: []resource.TestStep{
{
Config: testAccKubernetesIngressV1Beta1Config_TLS(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckKubernetesIngressV1Beta1Exists(resourceName, &conf),
resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.generation"),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.resource_version"),
resource.TestCheckResourceAttrSet(resourceName, "metadata.0.uid"),
resource.TestCheckResourceAttr(resourceName, "spec.#", "1"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.#", "1"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.0.hosts.#", "0"),
resource.TestCheckResourceAttr(resourceName, "spec.0.tls.0.secret_name", ""),
),
},
},
})
}

func TestAccKubernetesIngressV1Beta1_InternalKey(t *testing.T) {
var conf api.Ingress
name := fmt.Sprintf("tf-acc-test-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
Expand Down Expand Up @@ -194,7 +227,6 @@ func TestAccKubernetesIngressV1Beta1_WaitForLoadBalancerGoogleCloud(t *testing.T

func testAccCheckKubernetesIngressV1Beta1Destroy(s *terraform.State) error {
conn, err := testAccProvider.Meta().(KubeClientsets).MainClientset()

if err != nil {
return err
}
Expand Down Expand Up @@ -309,6 +341,22 @@ func testAccKubernetesIngressV1Beta1Config_TLS(name string) string {
}`, name)
}

func testAccKubernetesIngressV1Beta1Config_emptyTLS(name string) string {
return fmt.Sprintf(`resource "kubernetes_ingress" "test" {
metadata {
name = "%s"
}
spec {
backend {
service_name = "app1"
service_port = 443
}
tls {
}
}
}`, name)
}

func testAccKubernetesIngressV1Beta1Config_TLS_modified(name string) string {
return fmt.Sprintf(`resource "kubernetes_ingress" "test" {
metadata {
Expand Down
9 changes: 3 additions & 6 deletions kubernetes/resource_kubernetes_mutating_webhook_configuration_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,8 +216,7 @@ func testAccCheckKubernetesMutatingWebhookConfigurationExists(n string) resource
}

func testAccKubernetesMutatingWebhookConfigurationConfig_basic(name string) string {
return fmt.Sprintf(`
resource "kubernetes_mutating_webhook_configuration" "test" {
return fmt.Sprintf(`resource "kubernetes_mutating_webhook_configuration" "test" {
metadata {
name = %q
}
Expand Down Expand Up @@ -254,8 +253,7 @@ resource "kubernetes_mutating_webhook_configuration" "test" {
}

func testAccKubernetesMutatingWebhookConfigurationConfig_modified(name string) string {
return fmt.Sprintf(`
resource "kubernetes_mutating_webhook_configuration" "test" {
return fmt.Sprintf(`resource "kubernetes_mutating_webhook_configuration" "test" {
metadata {
name = %q
}
Expand Down Expand Up @@ -306,8 +304,7 @@ resource "kubernetes_mutating_webhook_configuration" "test" {
}

func testAccKubernetesMutatingWebhookConfigurationConfig_without_rules(name string) string {
return fmt.Sprintf(`
resource "kubernetes_mutating_webhook_configuration" "test" {
return fmt.Sprintf(`resource "kubernetes_mutating_webhook_configuration" "test" {
metadata {
name = %q
}
Expand Down
12 changes: 4 additions & 8 deletions kubernetes/resource_kubernetes_node_taint_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,8 +155,7 @@ func testAccKubernetesNodeTaintExists(n string) resource.TestCheckFunc {
}

func testAccKubernetesNodeTaintConfig_basic() string {
return fmt.Sprintf(`
data "kubernetes_nodes" "test" {}
return fmt.Sprintf(`data "kubernetes_nodes" "test" {}
resource "kubernetes_node_taint" "test" {
metadata {
Expand All @@ -173,8 +172,7 @@ resource "kubernetes_node_taint" "test" {
}

func testAccKubernetesNodeTaintConfig_multipleBasic() string {
return fmt.Sprintf(`
data "kubernetes_nodes" "test" {}
return fmt.Sprintf(`data "kubernetes_nodes" "test" {}
resource "kubernetes_node_taint" "test" {
metadata {
Expand All @@ -201,8 +199,7 @@ resource "kubernetes_node_taint" "test" {
}

func testAccKubernetesNodeTaintConfig_updateTaint() string {
return fmt.Sprintf(`
data "kubernetes_nodes" "test" {}
return fmt.Sprintf(`data "kubernetes_nodes" "test" {}
resource "kubernetes_node_taint" "test" {
metadata {
Expand All @@ -229,8 +226,7 @@ resource "kubernetes_node_taint" "test" {
}

func testAccKubernetesNodeTaintConfig_removeTaint() string {
return fmt.Sprintf(`
data "kubernetes_nodes" "test" {}
return fmt.Sprintf(`data "kubernetes_nodes" "test" {}
resource "kubernetes_node_taint" "test" {
metadata {
Expand Down
6 changes: 2 additions & 4 deletions kubernetes/resource_kubernetes_pod_v1_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1949,8 +1949,7 @@ func testAccKubernetesPodV1ConfigWithSecurityContextRunAsGroup(podName, imageNam
}

func testAccKubernetesPodV1ConfigWithSecurityContextSeccompProfile(podName, imageName, seccompProfileType string) string {
return fmt.Sprintf(`
resource "kubernetes_pod_v1" "test" {
return fmt.Sprintf(`resource "kubernetes_pod_v1" "test" {
metadata {
labels = {
app = "pod_label"
Expand Down Expand Up @@ -1982,8 +1981,7 @@ resource "kubernetes_pod_v1" "test" {
}

func testAccKubernetesPodV1ConfigWithSecurityContextSeccompProfileLocalhost(podName, imageName string) string {
return fmt.Sprintf(`
resource "kubernetes_pod_v1" "test" {
return fmt.Sprintf(`resource "kubernetes_pod_v1" "test" {
metadata {
labels = {
app = "pod_label"
Expand Down
9 changes: 3 additions & 6 deletions kubernetes/resource_kubernetes_validating_webhook_configuration_v1_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,8 +198,7 @@ func testAccCheckKubernetesValidatingWebhookConfigurationV1Exists(n string) reso
}

func testAccKubernetesValidatingWebhookConfigurationV1Config_basic(name string) string {
return fmt.Sprintf(`
resource "kubernetes_validating_webhook_configuration_v1" "test" {
return fmt.Sprintf(`resource "kubernetes_validating_webhook_configuration_v1" "test" {
metadata {
name = %q
}
Expand Down Expand Up @@ -235,8 +234,7 @@ resource "kubernetes_validating_webhook_configuration_v1" "test" {
}

func testAccKubernetesValidatingWebhookConfigurationV1Config_modified(name string) string {
return fmt.Sprintf(`
resource "kubernetes_validating_webhook_configuration_v1" "test" {
return fmt.Sprintf(`resource "kubernetes_validating_webhook_configuration_v1" "test" {
metadata {
name = %q
}
Expand Down Expand Up @@ -291,8 +289,7 @@ resource "kubernetes_validating_webhook_configuration_v1" "test" {
}

func testAccKubernetesValidatingWebhookConfigurationV1Config_without_rules(name string) string {
return fmt.Sprintf(`
resource "kubernetes_validating_webhook_configuration_v1" "test" {
return fmt.Sprintf(`resource "kubernetes_validating_webhook_configuration_v1" "test" {
metadata {
name = %q
}
Expand Down
6 changes: 2 additions & 4 deletions kubernetes/resource_kubernetes_validating_webhook_configuration_v1beta1_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,8 +192,7 @@ func testAccCheckKubernetesValidatingWebhookConfigurationV1Beta1Exists(n string)
}

func testAccKubernetesValidatingWebhookConfigurationV1Beta1Config_basic(name string) string {
return fmt.Sprintf(`
resource "kubernetes_validating_webhook_configuration" "test" {
return fmt.Sprintf(`resource "kubernetes_validating_webhook_configuration" "test" {
metadata {
name = %q
}
Expand Down Expand Up @@ -229,8 +228,7 @@ resource "kubernetes_validating_webhook_configuration" "test" {
}

func testAccKubernetesValidatingWebhookConfigurationV1Beta1Config_modified(name string) string {
return fmt.Sprintf(`
resource "kubernetes_validating_webhook_configuration" "test" {
return fmt.Sprintf(`resource "kubernetes_validating_webhook_configuration" "test" {
metadata {
name = %q
}
Expand Down
5 changes: 4 additions & 1 deletion kubernetes/structure_ingress_spec.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,12 +194,15 @@ func expandIngressBackend(l []interface{}) *v1beta1.IngressBackend {
}

func expandIngressTLS(l []interface{}) []v1beta1.IngressTLS {
if len(l) == 0 || l[0] == nil {
if len(l) == 0 {
return nil
}

tlsList := make([]v1beta1.IngressTLS, len(l))
for i, t := range l {
if t == nil {
t = map[string]interface{}{}
}
in := t.(map[string]interface{})
obj := v1beta1.IngressTLS{}

Expand Down
5 changes: 4 additions & 1 deletion kubernetes/structure_ingress_spec_v1.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,12 +252,15 @@ func expandIngressV1Backend(l []interface{}) *networking.IngressBackend {
}

func expandIngressV1TLS(l []interface{}) []networking.IngressTLS {
if len(l) == 0 || l[0] == nil {
if len(l) == 0 {
return nil
}

tlsList := make([]networking.IngressTLS, len(l))
for i, t := range l {
if t == nil {
t = map[string]interface{}{}
}
in := t.(map[string]interface{})
obj := networking.IngressTLS{}

Expand Down

0 comments on commit a7809cd

Please sign in to comment.