ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #10117 from cblecker/f-gke-node-scopes 

provider/google: Add support for scope aliases to google_container_cluster
This commit is contained in:
Evan Brown 2016-11-18 20:19:26 -08:00 committed by GitHub
parent ec4c00ff92 190f167bb2
commit d357e75201
3 changed files with 63 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
builtin/providers/google/resource_container_cluster.go
View File

@ -223,10 +223,15 @@ func resourceContainerCluster() *schema.Resource {
"oauth_scopes": &schema.Schema{ "oauth_scopes": &schema.Schema{
Type: schema.TypeList, Type: schema.TypeList,
Elem: &schema.Schema{Type: schema.TypeString},
Optional: true, Optional: true,
Computed: true, Computed: true,
ForceNew: true, ForceNew: true,
Elem: &schema.Schema{
Type: schema.TypeString,
StateFunc: func(v interface{}) string {
return canonicalizeServiceScope(v.(string))
},
},
}, },
}, },
}, },
@ -340,7 +345,7 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
scopesList := v.([]interface{}) scopesList := v.([]interface{})
scopes := []string{} scopes := []string{}
for _, v := range scopesList { for _, v := range scopesList {
scopes = append(scopes, v.(string)) scopes = append(scopes, canonicalizeServiceScope(v.(string)))
} }
cluster.NodeConfig.OauthScopes = scopes cluster.NodeConfig.OauthScopes = scopes

35
builtin/providers/google/resource_container_cluster_test.go
View File

@ -43,6 +43,23 @@ func TestAccContainerCluster_withNodeConfig(t *testing.T) {
}) })
} }
func TestAccContainerCluster_withNodeConfigScopeAlias(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckContainerClusterDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccContainerCluster_withNodeConfigScopeAlias,
Check: resource.ComposeTestCheckFunc(
testAccCheckContainerClusterExists(
"google_container_cluster.with_node_config_scope_alias"),
),
},
},
})
}
func TestAccContainerCluster_network(t *testing.T) { func TestAccContainerCluster_network(t *testing.T) {
resource.Test(t, resource.TestCase{ resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) }, PreCheck: func() { testAccPreCheck(t) },
@ -144,6 +161,24 @@ resource "google_container_cluster" "with_node_config" {
} }
}`, acctest.RandString(10)) }`, acctest.RandString(10))
var testAccContainerCluster_withNodeConfigScopeAlias = fmt.Sprintf(`
resource "google_container_cluster" "with_node_config_scope_alias" {
name = "cluster-test-%s"
zone = "us-central1-f"
initial_node_count = 1
master_auth {
username = "mr.yoda"
password = "adoy.rm"
}
node_config {
machine_type = "g1-small"
disk_size_gb = 15
oauth_scopes = [ "compute-rw", "storage-ro", "logging-write", "monitoring" ]
}
}`, acctest.RandString(10))
var testAccContainerCluster_networkRef = fmt.Sprintf(` var testAccContainerCluster_networkRef = fmt.Sprintf(`
resource "google_compute_network" "container_network" { resource "google_compute_network" "container_network" {
name = "container-net-%s" name = "container-net-%s"

34
website/source/docs/providers/google/r/container_cluster.html.markdown
View File

@ -50,7 +50,8 @@ resource "google_container_cluster" "primary" {
* `zone` - (Required) The zone that all resources should be created in. * `zone` - (Required) The zone that all resources should be created in.
- - - - - -
* `addons_config` - (Optional) The configuration for addons supported by Google Container Engine * `addons_config` - (Optional) The configuration for addons supported by Google
Container Engine
* `cluster_ipv4_cidr` - (Optional) The IP address range of the container pods in * `cluster_ipv4_cidr` - (Optional) The IP address range of the container pods in
this cluster. Default is an automatically assigned CIDR. this cluster. Default is an automatically assigned CIDR.
@ -66,8 +67,8 @@ resource "google_container_cluster" "primary" {
`monitoring.googleapis.com` and `none`. Defaults to `monitoring.googleapis.com` and `none`. Defaults to
`monitoring.googleapis.com` `monitoring.googleapis.com`
* `network` - (Optional) The name or self_link of the Google Compute Engine network to which * `network` - (Optional) The name or self_link of the Google Compute Engine
the cluster is connected network to which the cluster is connected
* `node_config` - (Optional) The machine type and image to use for all nodes in * `node_config` - (Optional) The machine type and image to use for all nodes in
this cluster this cluster
@ -79,7 +80,8 @@ resource "google_container_cluster" "primary" {
* `project` - (Optional) The project in which the resource belongs. If it * `project` - (Optional) The project in which the resource belongs. If it
is not provided, the provider project is used. is not provided, the provider project is used.
* `subnetwork` - (Optional) The name of the Google Compute Engine subnetwork in which the cluster's instances are launched * `subnetwork` - (Optional) The name of the Google Compute Engine subnetwork in
which the cluster's instances are launched
**Master Auth** supports the following arguments: **Master Auth** supports the following arguments:
@ -98,24 +100,30 @@ resource "google_container_cluster" "primary" {
in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. in GB. The smallest allowed disk size is 10GB. Defaults to 100GB.
* `oauth_scopes` - (Optional) The set of Google API scopes to be made available * `oauth_scopes` - (Optional) The set of Google API scopes to be made available
on all of the node VMs under the "default" service account. The following on all of the node VMs under the "default" service account. These can be
scopes are necessary to ensure the correct functioning of the cluster: either FQDNs, or scope aliases. The following scopes are necessary to ensure
the correct functioning of the cluster:
* `https://www.googleapis.com/auth/compute` * `compute-rw` (`https://www.googleapis.com/auth/compute`)
* `https://www.googleapis.com/auth/devstorage.read_only` * `storage-ro` (`https://www.googleapis.com/auth/devstorage.read_only`)
* `https://www.googleapis.com/auth/logging.write` (if `logging_service` points to Google) * `logging-write` (`https://www.googleapis.com/auth/logging.write`),
* `https://www.googleapis.com/auth/monitoring` (if `monitoring_service` points to Google) if `logging_service` points to Google
* `monitoring` (`https://www.googleapis.com/auth/monitoring`),
if `monitoring_service` points to Google
**Addons Config** supports the following addons: **Addons Config** supports the following addons:
* `http_load_balancing` - (Optional) The status of the HTTP Load Balancing addon. It is enabled by default; set `disabled = true` to disable. * `http_load_balancing` - (Optional) The status of the HTTP Load Balancing
* `horizontal_pod_autoscaling` - (Optional) The status of the Horizontal Pod Autoscaling addon. It is enabled by default; set `disabled = true` to disable. add-on. It is enabled by default; set `disabled = true` to disable.
* `horizontal_pod_autoscaling` - (Optional) The status of the Horizontal Pod
Autoscaling addon. It is enabled by default; set `disabled = true` to
disable.
This example `addons_config` disables both addons: This example `addons_config` disables both addons:
``` ```
addons_config { addons_config {
http_load_balancing { http_load_balancing {
disabled = true disabled = true
} }
horizontal_pod_autoscaling { horizontal_pod_autoscaling {