mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-03 01:01:06 +00:00
Add support for Kubernetes alpha features (#646)
* Add support for Kubernetes alpha features * Add tests for support of Kubernetes alpha features * Fix dodgy copy and paste operations * Add documentation
This commit is contained in:
parent
c8673a300e
commit
026d76616d
@ -156,6 +156,13 @@ func resourceContainerCluster() *schema.Resource {
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"enable_kubernetes_alpha": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
Default: false,
|
||||
},
|
||||
|
||||
"enable_legacy_abac": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
@ -380,6 +387,10 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
|
||||
cluster.NodeConfig = expandNodeConfig(v)
|
||||
}
|
||||
|
||||
if v, ok := d.GetOk("enable_kubernetes_alpha"); ok {
|
||||
cluster.EnableKubernetesAlpha = v.(bool)
|
||||
}
|
||||
|
||||
nodePoolsCount := d.Get("node_pool.#").(int)
|
||||
if nodePoolsCount > 0 {
|
||||
nodePools := make([]*container.NodePool, 0, nodePoolsCount)
|
||||
@ -476,6 +487,7 @@ func resourceContainerClusterRead(d *schema.ResourceData, meta interface{}) erro
|
||||
d.Set("node_version", cluster.CurrentNodeVersion)
|
||||
d.Set("cluster_ipv4_cidr", cluster.ClusterIpv4Cidr)
|
||||
d.Set("description", cluster.Description)
|
||||
d.Set("enable_kubernetes_alpha", cluster.EnableKubernetesAlpha)
|
||||
d.Set("enable_legacy_abac", cluster.LegacyAbac.Enabled)
|
||||
d.Set("logging_service", cluster.LoggingService)
|
||||
d.Set("monitoring_service", cluster.MonitoringService)
|
||||
|
@ -134,6 +134,28 @@ func TestAccContainerCluster_withAdditionalZones(t *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccContainerCluster_withKubernetesAlpha(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
clusterName := fmt.Sprintf("cluster-test-%s", acctest.RandString(10))
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckContainerClusterDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccContainerCluster_withKubernetesAlpha(clusterName),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckContainerCluster(
|
||||
"google_container_cluster.with_kubernetes_alpha"),
|
||||
resource.TestCheckResourceAttr("google_container_cluster.with_kubernetes_alpha", "enable_kubernetes_alpha", "true"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccContainerCluster_withLegacyAbac(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
@ -577,6 +599,7 @@ func testAccCheckContainerCluster(n string) resource.TestCheckFunc {
|
||||
{"zone", cluster.Zone},
|
||||
{"cluster_ipv4_cidr", cluster.ClusterIpv4Cidr},
|
||||
{"description", cluster.Description},
|
||||
{"enable_kubernetes_alpha", strconv.FormatBool(cluster.EnableKubernetesAlpha)},
|
||||
{"enable_legacy_abac", strconv.FormatBool(cluster.LegacyAbac.Enabled)},
|
||||
{"endpoint", cluster.Endpoint},
|
||||
{"instance_group_urls", igUrls},
|
||||
@ -898,6 +921,17 @@ resource "google_container_cluster" "with_additional_zones" {
|
||||
}`, clusterName)
|
||||
}
|
||||
|
||||
func testAccContainerCluster_withKubernetesAlpha(clusterName string) string {
|
||||
return fmt.Sprintf(`
|
||||
resource "google_container_cluster" "with_kubernetes_alpha" {
|
||||
name = "cluster-test-%s"
|
||||
zone = "us-central1-a"
|
||||
initial_node_count = 1
|
||||
|
||||
enable_kubernetes_alpha = true
|
||||
}`, clusterName)
|
||||
}
|
||||
|
||||
func testAccContainerCluster_withLegacyAbac(clusterName string) string {
|
||||
return fmt.Sprintf(`
|
||||
resource "google_container_cluster" "with_legacy_abac" {
|
||||
|
@ -74,6 +74,10 @@ resource "google_container_cluster" "primary" {
|
||||
|
||||
* `description` - (Optional) Description of the cluster.
|
||||
|
||||
* `enable_kubernetes_alpha` - (Optional) Whether to enable Kubernetes Alpha features for
|
||||
this cluster. Note that when this option is enabled, the cluster cannot be upgraded
|
||||
and will be automatically deleted after 30 days.
|
||||
|
||||
* `enable_legacy_abac` - (Optional) Whether the ABAC authorizer is enabled for this cluster.
|
||||
When enabled, identities in the system, including service accounts, nodes, and controllers,
|
||||
will have statically granted permissions beyond those provided by the RBAC configuration or IAM.
|
||||
|
Loading…
Reference in New Issue
Block a user