[TF] Fix container cluster private cluster diff suppress/validation (#3110)

Signed-off-by: Modular Magician <magic-modules@google.com>
2024-10-01 16:21:06 +00:00 · 2019-02-25 14:01:02 -08:00 · 2019-02-25 14:01:02 -08:00 · 92a2409c11
commit 92a2409c11
parent 29bfc64c85
1 changed files with 33 additions and 12 deletions
--- a/google/resource_container_cluster.go
+++ b/google/resource_container_cluster.go
@ -547,28 +547,31 @@ func resourceContainerCluster() *schema.Resource {
 			},

 			"private_cluster_config": {
-				Type:          schema.TypeList,
-				Optional:      true,
-				MaxItems:      1,
-				Computed:      true,
-				ConflictsWith: []string{"private_cluster", "master_ipv4_cidr_block"},
+				Type:             schema.TypeList,
+				Optional:         true,
+				MaxItems:         1,
+				Computed:         true,
+				DiffSuppressFunc: containerClusterPrivateClusterConfigSuppress,
+				ConflictsWith:    []string{"private_cluster", "master_ipv4_cidr_block"},
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"enable_private_endpoint": {
-							Type:     schema.TypeBool,
-							Optional: true,
-							ForceNew: true,
+							Type:             schema.TypeBool,
+							Optional:         true,
+							ForceNew:         true,
+							DiffSuppressFunc: containerClusterPrivateClusterConfigSuppress,
 						},
 						"enable_private_nodes": {
-							Type:     schema.TypeBool,
-							Optional: true,
-							ForceNew: true,
+							Type:             schema.TypeBool,
+							Optional:         true,
+							ForceNew:         true,
+							DiffSuppressFunc: containerClusterPrivateClusterConfigSuppress,
 						},
 						"master_ipv4_cidr_block": {
 							Type:         schema.TypeString,
 							Optional:     true,
 							ForceNew:     true,
-							ValidateFunc: validation.CIDRNetwork(28, 28),
+							ValidateFunc: orEmpty(validation.CIDRNetwork(28, 28)),
 						},
 						"private_endpoint": {
 							Type:     schema.TypeString,
@ -1823,3 +1826,21 @@ func masterAuthClientCertCfgSuppress(k, old, new string, r *schema.ResourceData)

 	return strings.HasSuffix(k, ".issue_client_certificate") && old == "" && new == "true"
 }
+
+// We want to suppress diffs for empty/disabled private cluster config.
+func containerClusterPrivateClusterConfigSuppress(k, old, new string, d *schema.ResourceData) bool {
+	o, n := d.GetChange("private_cluster_config.0.enable_private_endpoint")
+	suppressEndpoint := !o.(bool) && !n.(bool)
+
+	o, n = d.GetChange("private_cluster_config.0.enable_private_nodes")
+	suppressNodes := !o.(bool) && !n.(bool)
+
+	if k == "private_cluster_config.0.enable_private_endpoint" {
+		return suppressEndpoint
+	} else if k == "private_cluster_config.0.enable_private_nodes" {
+		return suppressNodes
+	} else if k == "private_cluster_config.#" {
+		return suppressEndpoint && suppressNodes
+	}
+	return false
+}