Skip to content

Commit

Permalink
fix: update terraform provider with latest vpc api schema changes (#58)
Browse files Browse the repository at this point in the history 
* fix: update terraform provider with latest vpc api schema changes

* chore: regenerate docs & examples

* fix: handle gRPC errors without details

* chore: fix golangci-lint job

* chore: fix golangci-lint job

* chore: switch tagging job to use PAT

* chore: update documentation

* fix: update security vulnerabilities

* chore: tidy docs
  • Loading branch information
@soggycactus
soggycactus authored Feb 20, 2025
1 parent 7093093 commit 2e4a8b2
Show file tree
Hide file tree
Showing 14 changed files with 617 additions and 367 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/tag.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 0 # ✅ Fetch all commits and tags
token: ${{ secrets.GHA_PAT_TAGS }}

- name: Push Tag for Release
id: push_tag
Expand All @@ -35,9 +36,6 @@ jobs:
exit 0
else
echo "Pushing tag $VERSION"
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
# Create and push the tag (auth is already configured)
git tag "$VERSION"
git push origin "$VERSION"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
- name: Run linters
uses: golangci/golangci-lint-action@v6
with:
version: latest
version: v1.64.5

generate:
runs-on: ubuntu-latest
Expand Down
2 changes: 0 additions & 2 deletions .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
# Visit https://golangci-lint.run/ for usage documentation
# and information on other useful linters
issues:
max-per-linter: 0
max-same-issues: 0

linters:
Expand All @@ -22,7 +21,6 @@ linters:
- nilerr
- predeclared
- staticcheck
- tenv
- unconvert
- unparam
- unused
Expand Down
90 changes: 57 additions & 33 deletions coreweave/cks/resource_cluster.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -309,47 +309,55 @@ func (r *ClusterResource) Schema(ctx context.Context, req resource.SchemaRequest
stringplanmodifier.UseStateForUnknown(),
},
},
"vpc_id": schema.StringAttribute{
Required: true,
"name": schema.StringAttribute{
Required: true,
MarkdownDescription: "The name of the cluster. Must not be longer than 30 characters.",
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"zone": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The Availability Zone in which the cluster is located.",
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"name": schema.StringAttribute{
Required: true,
"vpc_id": schema.StringAttribute{
Required: true,
MarkdownDescription: "The ID of the VPC in which the cluster is located. Must be a VPC in the same Availability Zone as the cluster.",
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"version": schema.StringAttribute{
Required: true,
},
"public": schema.BoolAttribute{
Optional: true,
Computed: true,
Default: booldefault.StaticBool(false),
Optional: true,
Computed: true,
MarkdownDescription: "Whether the cluster's api-server is publicly accessible from the internet.",
Default: booldefault.StaticBool(false),
},
"version": schema.StringAttribute{
Required: true,
MarkdownDescription: "The version of Kubernetes to run on the cluster, in minor version format (e.g. 'v1.32'). Patch versions are automatically applied by CKS as they are released.",
},
"pod_cidr_name": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The name of the vpc prefix to use as the pod CIDR range. The prefix must exist in the cluster's VPC.",
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"service_cidr_name": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The name of the vpc prefix to use as the service CIDR range. The prefix must exist in the cluster's VPC.",
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"internal_lb_cidr_names": schema.SetAttribute{
ElementType: types.StringType,
Required: true,
ElementType: types.StringType,
Required: true,
MarkdownDescription: "The names of the vpc prefixes to use as internal load balancer CIDR ranges. Internal load balancers are reachable within the VPC but not accessible from the internet.\nThe prefixes must exist in the cluster's VPC. This field is append-only.",
PlanModifiers: []planmodifier.Set{
setplanmodifier.RequiresReplaceIf(func(ctx context.Context, req planmodifier.SetRequest, resp *setplanmodifier.RequiresReplaceIfFuncResponse) {
// Skip if there's no prior state or if the config is unknown
Expand Down Expand Up @@ -393,61 +401,77 @@ func (r *ClusterResource) Schema(ctx context.Context, req resource.SchemaRequest
},
},
"audit_policy": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "Audit policy for the cluster. Must be provided as a base64-encoded JSON/YAML string.",
},
"authn_webhook": schema.SingleNestedAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "Authentication webhook configuration for the cluster.",
Attributes: map[string]schema.Attribute{
"server": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The URL of the webhook server.",
},
"ca": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The CA certificate for the webhook server. Must be a base64-encoded PEM-encoded certificate.",
},
},
},
"authz_webhook": schema.SingleNestedAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "Authorization webhook configuration for the cluster.",
Attributes: map[string]schema.Attribute{
"server": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The URL of the webhook server.",
},
"ca": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The CA certificate for the webhook server. Must be a base64-encoded PEM-encoded certificate.",
},
},
},
"oidc": schema.SingleNestedAttribute{
MarkdownDescription: "Kubernetes OIDC Configuration",
MarkdownDescription: "OpenID Connect (OIDC) configuration for authentication to the api-server.",
Optional: true,
Attributes: map[string]schema.Attribute{
"issuer_url": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The URL of the OIDC issuer.",
},
"client_id": schema.StringAttribute{
Required: true,
Required: true,
MarkdownDescription: "The client ID for the OIDC client.",
},
"username_claim": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The claim to use as the username.",
},
"username_prefix": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The prefix to use for the username.",
},
"groups_claim": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The claim to use as the groups.",
},
"groups_prefix": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The prefix to use for the groups.",
},
"ca": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The CA certificate for the OIDC issuer. Must be a base64-encoded PEM-encoded certificate.",
},
"required_claim": schema.StringAttribute{
Optional: true,
Optional: true,
MarkdownDescription: "The claim to require for authentication.",
},
"signing_algs": schema.SetAttribute{
ElementType: types.StringType,
Optional: true,
ElementType: types.StringType,
Optional: true,
MarkdownDescription: "A list of signing algorithms that the OpenID Connect discovery endpoint uses.",
},
},
},
Expand Down
7 changes: 4 additions & 3 deletions coreweave/cks/resource_cluster_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,14 +45,15 @@ func TestClusterSchema(t *testing.T) {
}

func TestClusterResource(t *testing.T) {
t.Parallel()
randomInt := rand.IntN(100)
clusterName := fmt.Sprintf("test-acc-cks-cluster-%x", randomInt)
resourceName := fmt.Sprintf("test_acc_cks_cluster_%x", randomInt)
fullResourceName := fmt.Sprintf("coreweave_cks_cluster.%s", resourceName)
vpc := &networking.VpcResourceModel{
Name: types.StringValue(clusterName),
Zone: types.StringValue("US-EAST-04A"),
HostPrefixes: types.SetValueMust(types.StringType, []attr.Value{types.StringValue("10.16.192.0/18")}),
Name: types.StringValue(clusterName),
Zone: types.StringValue("US-EAST-04A"),
HostPrefix: types.StringValue("10.16.192.0/18"),
VpcPrefixes: []networking.VpcPrefixResourceModel{
{
Name: types.StringValue("pod cidr"),
Expand Down
14 changes: 14 additions & 0 deletions coreweave/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,10 @@ func HandleAPIError(ctx context.Context, err error, diagnostics *diag.Diagnostic
violation.Type+": "+violation.Description,
)
}
break
}

diagnostics.AddError(connectErr.Error(), connectErr.Message())
}

case connect.CodeInvalidArgument:
Expand All @@ -83,7 +86,10 @@ func HandleAPIError(ctx context.Context, err error, diagnostics *diag.Diagnostic
field.Field+": "+field.Description,
)
}
break
}

diagnostics.AddError(connectErr.Error(), connectErr.Message())
}

case connect.CodeUnauthenticated:
Expand Down Expand Up @@ -112,7 +118,10 @@ func HandleAPIError(ctx context.Context, err error, diagnostics *diag.Diagnostic
violation.Subject+": "+violation.Description,
)
}
break
}

diagnostics.AddError(connectErr.Error(), connectErr.Message())
}

default:
Expand All @@ -126,4 +135,9 @@ func HandleAPIError(ctx context.Context, err error, diagnostics *diag.Diagnostic
"An unexpected error occurred. Please check the provider logs for more details.",
)
}

// safeguard for any buggy case statements
if !diagnostics.HasError() {
diagnostics.AddError(connectErr.Error(), connectErr.Message())
}
}
Loading

0 comments on commit 2e4a8b2

Please sign in to comment.