Add satellite features and add support to the user can direct which security groups are added to their workers

[Blintmester]

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000

Output from acceptance testing:

$ make testacc TEST=./ibm/service/satellite TESTARGS='-run=TestAccSatelliteLocation_PodAndServiceSubnet'

--- PASS: TestAccSatelliteLocation_PodAndServiceSubnet (1187.34s)
PASS
ok      command-line-arguments  1187.409s

[z0za]

I believe these can go, right?

[Blintmester]

sure, my mistake, fixed it

[dawall1mn]

I see the update to allow security groups on vpc create cluster. It was not obvious this PR also includes support to specify security groups on vpc worker pool create. Is that included?

[hkantare]

can we rename this argument security_groups because the resource already indicates its a cluster

[Blintmester]

sure, I renamed it

[hkantare]

In datasource these should be computed only remove optional and forceNew.
Same for pod_subnet also

[Blintmester]

fixed it

[hkantare]

Fix conflicts in go.mod and go.sum files
Update the respective docs files for new argumets added
security_groups were added only for vpc_cluster should we added for worker_pool resource also

[Blintmester]

Fix conflicts in go.mod and go.sum files Update the respective docs files for new argumets added security_groups were added only for vpc_cluster should we added for worker_pool resource also

If I can fix everything, go.mod and go.sum files will be fixed.

Currently I try to add security_groups to worker_pool resource, will check in if its done!

[Blintmester]

If everything is fine, I'll fix the go.mod conflicts too.

[Blintmester]

@hkantare I pushed the docs files too, please can you review it?

[z0za]

this can be optimised a bit. if you set the capacity of the slice in the make, you can minimise the memory allocations during the appends ( https://stackoverflow.com/questions/57100525/how-does-go-slice-capacity-change-on-append )

ps: you can achieve similar results by setting the length as in FlattenZonesv2

Suggested change

	elems := make([]string, 0)
	for _, elem := range set.List() {
	elems = append(elems, elem.(string))
	}
	return elems
	setList := set.List()
	elems := make([]string, 0, len(setList))
	for _, elem := range setList {
	elems = append(elems, elem.(string))
	}
	return elems

[z0za]

it looks like this parameter can only be set at create
you can use DiffSuppressFunc: flex.ApplyOnce to ignore any changes to the parameter

or

it can be marked with forcenew to recreate the cluster if this param is changed. this means the original cluster will be deleted, so this should be handled with extra care

[lewiseevans]

I think we should go with ApplyOnce rather than ForceNew.

At the moment, these values can not be changed in the API. If the ability to change the security groups was added in the future and customers update the security groups outside of TF, TF would replace the cluster.

If we go with ApplyOnce, the changes would be ignored until the TF provider supported that functionality at which point we could provide guidance to customers on importing the updated changes and avoid cluster deletion.

[z0za]

please don't convert this resource to vpc, there is already a vpc_worker_pool one

[z0za]

it looks like it is missing from the API, but...
should we be able to set SecurityGroupIDs to the default workerpool too?

[z0za]

please remove the real ids from the example. you can add variables instead

[z0za]

if it is not needed, please remove it

[z0za]

why did you rename this function?

[Blintmester]

previously it was used only for flatten Host Labels, but I renamed it and we can use it for everything when we should flatten key-values (map[string]string), and I used it too (and it was not host labels)

[z0za]

is it only for create too? maybe ApplyOnce or forcenew?

[Blintmester]

yes, it is only for create, so I'll add ApplyOnce

[z0za]

can you please add the ApplyOnce diff suppress here too?

[Blintmester]

sure, will do

[z0za]

why is it commented out?

[Blintmester]

the CheckDestroy function fails on every run, because it doesn't wait enough, or something else, I don't really know, but the resource (after a failed run) was destroyed successfully

[z0za]

can you please add a test for this too?

[z0za]

can you please fix the formatting in the example?