azurerm_redhat_openshift_cluster - Allow multiple ingress_profile b…

…locks, with a name (hashicorp#25028) * Fixes hashicorp#25048 * Provide multiIngress acceptance test. * Preserve using "default" as the default ingress name, if not specified. * Provide unique name using an index suffix if no name is defined for further ingresses.
martin-aders · Apr 9, 2024 · a2b9d24 · a2b9d24
1 parent 2d0f25d
commit a2b9d24
Show file tree

Hide file tree

Showing 3 changed files with 118 additions and 13 deletions.
diff --git a/internal/services/redhatopenshift/redhat_openshift_cluster_resource.go b/internal/services/redhatopenshift/redhat_openshift_cluster_resource.go
@@ -310,7 +310,7 @@ func (r RedHatOpenShiftCluster) Arguments() map[string]*pluginsdk.Schema {
 			Type:     pluginsdk.TypeList,
 			Required: true,
 			ForceNew: true,
-			MaxItems: 1,
+			MinItems: 1,
 			Elem: &pluginsdk.Resource{
 				Schema: map[string]*pluginsdk.Schema{
 					"visibility": {
@@ -319,11 +319,13 @@ func (r RedHatOpenShiftCluster) Arguments() map[string]*pluginsdk.Schema {
 						ForceNew:     true,
 						ValidateFunc: validation.StringInSlice(openshiftclusters.PossibleValuesForVisibility(), false),
 					},
-					"ip_address": {
-						Type:     schema.TypeString,
-						Computed: true,
-					},
 					"name": {
+						Type:         schema.TypeString,
+						Optional:     true,
+						ForceNew:     true,
+						ValidateFunc: validation.StringIsNotEmpty,
+					},
+					"ip_address": {
 						Type:     schema.TypeString,
 						Computed: true,
 					},
@@ -757,15 +759,26 @@ func expandOpenshiftIngressProfiles(input []IngressProfile) *[]openshiftclusters
 		return nil
 	}
 
-	profiles := make([]openshiftclusters.IngressProfile, 0)
+	profiles := make([]openshiftclusters.IngressProfile, 0, len(input))
+	index := -1
 
-	profile := openshiftclusters.IngressProfile{
-		Name:       pointer.To("default"),
-		Visibility: pointer.To(openshiftclusters.Visibility(input[0].Visibility)),
+	for _, profile := range input {
+		openshiftProfile := openshiftclusters.IngressProfile{
+			Name: func() *string {
+				if profile.Name != "" {
+					return pointer.To(profile.Name)
+				}
+				index++
+				if index > 0 {
+					return pointer.To(fmt.Sprintf("default%d", index))
+				}
+				return pointer.To("default")
+			}(),
+			Visibility: pointer.To(openshiftclusters.Visibility(profile.Visibility)),
+		}
+		profiles = append(profiles, openshiftProfile)
 	}
 
-	profiles = append(profiles, profile)
-
 	return &profiles
 }
 

diff --git a/internal/services/redhatopenshift/redhat_openshift_cluster_resource_test.go b/internal/services/redhatopenshift/redhat_openshift_cluster_resource_test.go
@@ -7,6 +7,7 @@ import (
 	"context"
 	"fmt"
 	"os"
+	"regexp"
 	"testing"
 
 	"github.com/hashicorp/go-azure-sdk/resource-manager/redhatopenshift/2023-09-04/openshiftclusters"
@@ -159,6 +160,34 @@ func TestAccOpenShiftCluster_requiresImport(t *testing.T) {
 	})
 }
 
+func TestAccOpenShiftCluster_multiIngress(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_redhat_openshift_cluster", "test")
+	r := OpenShiftClusterResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.multiIngress(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("ingress_profile.0").Exists(),
+				check.That(data.ResourceName).Key("ingress_profile.0.name").HasValue("restricted"),
+				check.That(data.ResourceName).Key("ingress_profile.0.visibility").HasValue("Public"),
+
+				check.That(data.ResourceName).Key("ingress_profile.1").Exists(),
+				check.That(data.ResourceName).Key("ingress_profile.1.name").HasValue("default"),
+				check.That(data.ResourceName).Key("ingress_profile.1.visibility").HasValue("Public"),
+
+				check.That(data.ResourceName).Key("ingress_profile.2").Exists(),
+				check.That(data.ResourceName).Key("ingress_profile.2.name").HasValue("default1"),
+				check.That(data.ResourceName).Key("ingress_profile.2.visibility").HasValue("Private"),
+				// Expect an internal IP from worker_subnet for the private ingress load balancer (10.0.2.0/23)
+				check.That(data.ResourceName).Key("ingress_profile.2.ip_address").MatchesRegex(regexp.MustCompile(`^10\.0\.[23]\.[0-9]+$`)),
+			),
+		},
+		data.ImportStep("service_principal.0.client_secret"),
+	})
+}
+
 func (t OpenShiftClusterResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
 	id, err := openshiftclusters.ParseProviderOpenShiftClusterID(state.ID)
 	if err != nil {
@@ -704,6 +733,67 @@ resource "azurerm_redhat_openshift_cluster" "test" {
   `, r.template(data), data.RandomInteger, data.RandomString)
 }
 
+func (r OpenShiftClusterResource) multiIngress(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "azurerm_redhat_openshift_cluster" "test" {
+  name                = "acctestaro%[2]d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+
+  cluster_profile {
+    domain  = "aro-%[3]s.com"
+    version = "4.13.23"
+  }
+
+  network_profile {
+    pod_cidr     = "10.128.0.0/14"
+    service_cidr = "172.30.0.0/16"
+  }
+
+  main_profile {
+    vm_size   = "Standard_D8s_v3"
+    subnet_id = azurerm_subnet.main_subnet.id
+  }
+
+  api_server_profile {
+    visibility = "Public"
+  }
+
+  ingress_profile {
+    name = "restricted"
+    visibility = "Public"
+  }
+
+  ingress_profile {
+    visibility = "Public"
+  }
+
+  ingress_profile {
+    visibility = "Private"
+  }
+
+  worker_profile {
+    vm_size      = "Standard_D4s_v3"
+    disk_size_gb = 128
+    node_count   = 3
+    subnet_id    = azurerm_subnet.worker_subnet.id
+  }
+
+  service_principal {
+    client_id     = azuread_application.test.application_id
+    client_secret = azuread_service_principal_password.test.value
+  }
+
+  depends_on = [
+    "azurerm_role_assignment.role_network1",
+    "azurerm_role_assignment.role_network2",
+  ]
+}
+  `, r.template(data), data.RandomInteger, data.RandomString)
+}
+
 func (OpenShiftClusterResource) template(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {

diff --git a/website/docs/r/redhat_openshift_cluster.html.markdown b/website/docs/r/redhat_openshift_cluster.html.markdown
@@ -147,7 +147,7 @@ The following arguments are supported:
 
 * `api_server_profile` - (Required) An `api_server_profile` block as defined below. Changing this forces a new resource to be created.
 
-* `ingress_profile` - (Required) An `ingress_profile` block as defined below. Changing this forces a new resource to be created.
+* `ingress_profile` - (Required) One or more `ingress_profile` blocks as defined below. Changing this forces a new resource to be created.
 
 * `network_profile` - (Required) A `network_profile` block as defined below. Changing this forces a new resource to be created.
 
@@ -229,6 +229,8 @@ A `ingress_profile` block supports the following:
 
 * `visibility` - (Required) Cluster Ingress visibility. Supported values are `Public` and `Private`. Changing this forces a new resource to be created.
 
+* `name` - (Optional) The name of the IngressController resource on the openshift-ingress-operator namespace. Defaults to `default` but must be unique.
+
 ---
 
 ## Attributes Reference
@@ -259,7 +261,7 @@ A `api_server_profile` block exports the following:
 
 ---
 
-A `ingress_profile` block exports the following:
+A `ingress_profile` block exports a list with the following:
 
 * `name` - The name of the Ingress Profile.