Skip to content

Commit

Permalink
Merge remote-tracking branch 'timcurless/timcurless'
Browse files Browse the repository at this point in the history
* timcurless/timcurless:
  Fixing issues with aadProfile server_app_secret always causing a new cluster
  Adding documentation updates
  Updating to include hashicorp#1845
  Authentication: registering all clients consistently (hashicorp#1845)
  Updating to include hashicorp#1843
  r/Logic App: ensuring parameters are strings prior to setting (hashicorp#1843)
  Updating to include hashicorp#1821
  linux_profile should be optional to align with API spec (hashicorp#1821)
  Updating to include hashicorp#1816
  Storage: Import Support (hashicorp#1816)
  Updating to include hashicorp#1835
  Allow azurerm_function_app to use upper case names in consumption plan (hashicorp#1835)
  formatting
  • Loading branch information
symbiont-jon-bogaty committed Sep 27, 2018
2 parents f98d40b + ef80ef0 commit 4e85b4c
Show file tree
Hide file tree
Showing 33 changed files with 1,343 additions and 446 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,24 @@

IMPROVEMENTS:

* authentication: making the client registration consistent [GH-1845]
* `azurerm_iothub` - exporting the `event_hub_events_endpoint`, `event_hub_events_path`, `event_hub_operations_endpoint` and `event_hub_operations_path` fields [GH-1789]
* `azurerm_iothub` - support for `endpoint` and `route` blocks [GH-1693]
* `azurerm_kubernetes_cluster` - making `linux_profile` optional [GH-1821]
* `azurerm_storage_blob` - support for import [GH-1816]
* `azurerm_storage_container` - support for import [GH-1816]
* `azurerm_storage_queue` - support for import [GH-1816]
* `azurerm_storage_table` - support for import [GH-1816]

BUG FIXES:

* `azurerm_eventhub` - updating the validation to support periods, hyphens and underscores [GH-1795]
* `azurerm_eventhub_authorization_rule` - updating the validation error [GH-1795]
* `azurerm_eventhub_consumer_group` - updating the validation to support periods, hyphens and underscores [GH-1795]
* `azurerm_eventhub_namespace` - updating the validation error [GH-1795]
* `azurerm_function_app` - support for names in upper-case [GH-1835]
* `azurerm_kubernetes_cluster` - removing validation for the `pod_cidr` field when `network_plugin` is set to `azure` [GH-1798]
* `azurerm_logic_app_workflow` - ensuring parameters are strings [GH-1843]
* `azurerm_virtual_machine` - setting the `image_uri` property within the `storage_os_disk` block [GH-1799]

## 1.13.0 (August 15, 2018)
Expand Down
124 changes: 25 additions & 99 deletions azurerm/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -444,70 +444,43 @@ func getArmClient(c *authentication.Config) (*ArmClient, error) {

func (c *ArmClient) registerAppInsightsClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
ai := appinsights.NewComponentsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&ai.Client)
ai.Authorizer = auth
ai.Sender = sender
ai.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&ai.Client, auth)
c.appInsightsClient = ai
}

func (c *ArmClient) registerAutomationClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
accountClient := automation.NewAccountClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&accountClient.Client)
accountClient.Authorizer = auth
accountClient.Sender = sender
accountClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&accountClient.Client, auth)
c.automationAccountClient = accountClient

credentialClient := automation.NewCredentialClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&credentialClient.Client)
credentialClient.Authorizer = auth
credentialClient.Sender = sender
credentialClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&credentialClient.Client, auth)
c.automationCredentialClient = credentialClient

runbookClient := automation.NewRunbookClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&runbookClient.Client)
runbookClient.Authorizer = auth
runbookClient.Sender = sender
runbookClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&runbookClient.Client, auth)
c.automationRunbookClient = runbookClient

scheduleClient := automation.NewScheduleClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&scheduleClient.Client)
scheduleClient.Authorizer = auth
scheduleClient.Sender = sender
scheduleClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&scheduleClient.Client, auth)
c.automationScheduleClient = scheduleClient
}

func (c *ArmClient) registerAuthentication(endpoint, graphEndpoint, subscriptionId, tenantId string, auth, graphAuth autorest.Authorizer, sender autorest.Sender) {
assignmentsClient := authorization.NewRoleAssignmentsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&assignmentsClient.Client)
assignmentsClient.Authorizer = auth
assignmentsClient.Sender = sender
assignmentsClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&assignmentsClient.Client, auth)
c.roleAssignmentsClient = assignmentsClient

definitionsClient := authorization.NewRoleDefinitionsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&definitionsClient.Client)
definitionsClient.Authorizer = auth
definitionsClient.Sender = sender
definitionsClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&definitionsClient.Client, auth)
c.roleDefinitionsClient = definitionsClient

applicationsClient := graphrbac.NewApplicationsClientWithBaseURI(graphEndpoint, tenantId)
setUserAgent(&applicationsClient.Client)
applicationsClient.Authorizer = graphAuth
applicationsClient.Sender = sender
applicationsClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&applicationsClient.Client, graphAuth)
c.applicationsClient = applicationsClient

servicePrincipalsClient := graphrbac.NewServicePrincipalsClientWithBaseURI(graphEndpoint, tenantId)
setUserAgent(&servicePrincipalsClient.Client)
servicePrincipalsClient.Authorizer = graphAuth
servicePrincipalsClient.Sender = sender
servicePrincipalsClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&servicePrincipalsClient.Client, graphAuth)
c.servicePrincipalsClient = servicePrincipalsClient
}

Expand Down Expand Up @@ -600,31 +573,19 @@ func (c *ArmClient) registerContainerServicesClients(endpoint, subscriptionId st
func (c *ArmClient) registerDatabases(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
// MySQL
mysqlConfigClient := mysql.NewConfigurationsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&mysqlConfigClient.Client)
mysqlConfigClient.Authorizer = auth
mysqlConfigClient.Sender = sender
mysqlConfigClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&mysqlConfigClient.Client, auth)
c.mysqlConfigurationsClient = mysqlConfigClient

mysqlDBClient := mysql.NewDatabasesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&mysqlDBClient.Client)
mysqlDBClient.Authorizer = auth
mysqlDBClient.Sender = sender
mysqlDBClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&mysqlDBClient.Client, auth)
c.mysqlDatabasesClient = mysqlDBClient

mysqlFWClient := mysql.NewFirewallRulesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&mysqlFWClient.Client)
mysqlFWClient.Authorizer = auth
mysqlFWClient.Sender = sender
mysqlFWClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&mysqlFWClient.Client, auth)
c.mysqlFirewallRulesClient = mysqlFWClient

mysqlServersClient := mysql.NewServersClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&mysqlServersClient.Client)
mysqlServersClient.Authorizer = auth
mysqlServersClient.Sender = sender
mysqlServersClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&mysqlServersClient.Client, auth)
c.mysqlServersClient = mysqlServersClient

// PostgreSQL
Expand All @@ -646,38 +607,23 @@ func (c *ArmClient) registerDatabases(endpoint, subscriptionId string, auth auto

// SQL Azure
sqlDBClient := sql.NewDatabasesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&sqlDBClient.Client)
sqlDBClient.Authorizer = auth
sqlDBClient.Sender = sender
sqlDBClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&sqlDBClient.Client, auth)
c.sqlDatabasesClient = sqlDBClient

sqlFWClient := sql.NewFirewallRulesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&sqlFWClient.Client)
sqlFWClient.Authorizer = auth
sqlFWClient.Sender = sender
sqlFWClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&sqlFWClient.Client, auth)
c.sqlFirewallRulesClient = sqlFWClient

sqlEPClient := sql.NewElasticPoolsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&sqlEPClient.Client)
sqlEPClient.Authorizer = auth
sqlEPClient.Sender = sender
sqlEPClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&sqlEPClient.Client, auth)
c.sqlElasticPoolsClient = sqlEPClient

sqlSrvClient := sql.NewServersClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&sqlSrvClient.Client)
sqlSrvClient.Authorizer = auth
sqlSrvClient.Sender = sender
sqlSrvClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&sqlSrvClient.Client, auth)
c.sqlServersClient = sqlSrvClient

sqlADClient := sql.NewServerAzureADAdministratorsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&sqlADClient.Client)
sqlADClient.Authorizer = auth
sqlADClient.Sender = sender
sqlADClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&sqlADClient.Client, auth)
c.sqlServerAzureADAdministratorsClient = sqlADClient

sqlVNRClient := sql.NewVirtualNetworkRulesClientWithBaseURI(endpoint, subscriptionId)
Expand Down Expand Up @@ -725,49 +671,31 @@ func (c *ArmClient) registerDNSClients(endpoint, subscriptionId string, auth aut

func (c *ArmClient) registerEventGridClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
egtc := eventgrid.NewTopicsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&egtc.Client)
egtc.Authorizer = auth
egtc.Sender = sender
egtc.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&egtc.Client, auth)
c.eventGridTopicsClient = egtc
}

func (c *ArmClient) registerEventHubClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
ehc := eventhub.NewEventHubsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&ehc.Client)
ehc.Authorizer = auth
ehc.Sender = sender
ehc.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&ehc.Client, auth)
c.eventHubClient = ehc

chcgc := eventhub.NewConsumerGroupsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&chcgc.Client)
chcgc.Authorizer = auth
chcgc.Sender = sender
chcgc.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&chcgc.Client, auth)
c.eventHubConsumerGroupClient = chcgc

ehnc := eventhub.NewNamespacesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&ehnc.Client)
ehnc.Authorizer = auth
ehnc.Sender = sender
ehnc.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&ehnc.Client, auth)
c.eventHubNamespacesClient = ehnc
}

func (c *ArmClient) registerKeyVaultClients(endpoint, subscriptionId string, auth autorest.Authorizer, keyVaultAuth autorest.Authorizer, sender autorest.Sender) {
keyVaultClient := keyvault.NewVaultsClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&keyVaultClient.Client)
keyVaultClient.Authorizer = auth
keyVaultClient.Sender = sender
keyVaultClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&keyVaultClient.Client, auth)
c.keyVaultClient = keyVaultClient

keyVaultManagementClient := keyVault.New()
setUserAgent(&keyVaultManagementClient.Client)
keyVaultManagementClient.Authorizer = keyVaultAuth
keyVaultManagementClient.Sender = sender
keyVaultManagementClient.SkipResourceProviderRegistration = c.skipProviderRegistration
c.configureClient(&keyVaultManagementClient.Client, keyVaultAuth)
c.keyVaultManagementClient = keyVaultManagementClient
}

Expand All @@ -783,9 +711,7 @@ func (c *ArmClient) registerMonitorClients(endpoint, subscriptionId string, auth
c.actionGroupsClient = actionGroupsClient

arc := insights.NewAlertRulesClientWithBaseURI(endpoint, subscriptionId)
setUserAgent(&arc.Client)
arc.Authorizer = auth
arc.Sender = autorest.CreateSender(withRequestLogging())
c.configureClient(&arc.Client, auth)
c.monitorAlertRulesClient = arc

autoscaleSettingsClient := insights.NewAutoscaleSettingsClientWithBaseURI(endpoint, subscriptionId)
Expand Down
10 changes: 0 additions & 10 deletions azurerm/data_source_kubernetes_cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -186,12 +186,6 @@ func dataSourceArmKubernetesCluster() *schema.Resource {
Computed: true,
},

"server_app_secret": {
Type: schema.TypeString,
Computed: true,
Sensitive: true,
},

"client_app_id": {
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -485,10 +479,6 @@ func flattenKubernetesClusterDataSourceAadProfile(profile *containerservice.Mana
values["server_app_id"] = *serverAppId
}

if serverAppSecret := profile.ServerAppSecret; serverAppSecret != nil {
values["server_app_secret"] = *serverAppSecret
}

if clientAppId := profile.ClientAppID; clientAppId != nil {
values["client_app_id"] = *clientAppId
}
Expand Down
44 changes: 44 additions & 0 deletions azurerm/data_source_kubernetes_cluster_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,38 @@ func TestAccDataSourceAzureRMKubernetesCluster_basic(t *testing.T) {
})
}

func TestAccDataSourceAzureRMKubernetesCluster_aadProfile(t *testing.T) {
dataSourceName := "data.azurerm_kubernetes_cluster.test"
ri := acctest.RandInt()
clientId := os.Getenv("ARM_CLIENT_ID")
clientSecret := os.Getenv("ARM_CLIENT_SECRET")
serverAppId := os.Getenv("ARM_SERVER_APP_ID")
serverAppSecret := os.Getenv("ARM_SERVER_APP_SECRET")
clientAppId := os.Getenv("ARM_CLIENT_APP_ID")
tenantId := os.Getenv("ARM_TENANT_ID")
location := testLocation()
config := testAccDataSourceAzureRMKubernetesCluster_rbacAAD(ri, clientId, clientSecret, location, serverAppId, serverAppSecret, clientAppId, tenantId)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testCheckAzureRMKubernetesClusterDestroy,
Steps: []resource.TestStep{
{
Config: config,
Check: resource.ComposeTestCheckFunc(
testCheckAzureRMKubernetesClusterExists(dataSourceName),
resource.TestCheckResourceAttr(dataSourceName, "aad_profile.#", "1"),
resource.TestCheckResourceAttrSet(dataSourceName, "aad_profile.0.server_app_id"),
resource.TestCheckResourceAttrSet(dataSourceName, "aad_profile.0.server_app_secret"),
resource.TestCheckResourceAttrSet(dataSourceName, "aad_profile.0.client_app_id"),
resource.TestCheckResourceAttrSet(dataSourceName, "aad_profile.0.tenant_id"),
),
},
},
})
}

func TestAccDataSourceAzureRMKubernetesCluster_internalNetwork(t *testing.T) {
dataSourceName := "data.azurerm_kubernetes_cluster.test"
ri := acctest.RandInt()
Expand Down Expand Up @@ -244,6 +276,18 @@ data "azurerm_kubernetes_cluster" "test" {
`, resource)
}

func testAccDataSourceAzureRMKubernetesCluster_rbacAAD(rInt int, clientId string, clientSecret string, location string, serverAppId string, serverAppSecret string, clientAppId string, tenantId string) string {
resource := testAccAzureRMKubernetesCluster_rbacAAD(rInt, clientId, clientSecret, location, serverAppId, serverAppSecret, clientAppId, tenantId)
return fmt.Sprintf(`
%s
data "azurerm_kubernetes_cluster" "test" {
name = "${azurerm_kubernetes_cluster.test.name}"
resource_group_name = "${azurerm_kubernetes_cluster.test.resource_group_name}"
}
`, resource)
}

func testAccDataSourceAzureRMKubernetesCluster_internalNetwork(rInt int, clientId string, clientSecret string, location string) string {
resource := testAccAzureRMKubernetesCluster_internalNetwork(rInt, clientId, clientSecret, location)
return fmt.Sprintf(`
Expand Down
22 changes: 11 additions & 11 deletions azurerm/helpers/kubernetes/kube_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,21 +27,21 @@ type user struct {
ClientKeyData string `yaml:"client-key-data"`
}

type userItemRBAC struct {
Name string `yaml:"name"`
User userRBAC `yaml:"user"`
type userItemAAD struct {
Name string `yaml:"name"`
User userAAD `yaml:"user"`
}

type userRBAC struct {
type userAAD struct {
AuthProvider authProvider `yaml:"auth-provider"`
}

type authProvider struct {
Name string `yaml:"name"`
Config configRBACAzureAD `yaml:"config"`
Name string `yaml:"name"`
Config configAzureAD `yaml:"config"`
}

type configRBACAzureAD struct {
type configAzureAD struct {
APIServerID string `yaml:"apiserver-id,omitempty"`
ClientID string `yaml:"client-id,omitempty"`
TenantID string `yaml:"tenant-id,omitempty"`
Expand All @@ -68,10 +68,10 @@ type KubeConfig struct {
Preferences map[string]interface{} `yaml:"preferences,omitempty"`
}

type KubeConfigRBAC struct {
type KubeConfigAAD struct {
APIVersion string `yaml:"apiVersion"`
Clusters []clusterItem `yaml:"clusters"`
Users []userItemRBAC `yaml:"users"`
Users []userItemAAD `yaml:"users"`
Contexts []contextItem `yaml:"contexts,omitempty"`
CurrentContext string `yaml:"current-context,omitempty"`
Kind string `yaml:"kind,omitempty"`
Expand Down Expand Up @@ -103,12 +103,12 @@ func ParseKubeConfig(config string) (*KubeConfig, error) {
return &kubeConfig, nil
}

func ParseKubeConfigRBAC(config string) (*KubeConfigRBAC, error) {
func ParseKubeConfigAAD(config string) (*KubeConfigAAD, error) {
if config == "" {
return nil, fmt.Errorf("Cannot parse empty config")
}

var kubeConfig KubeConfigRBAC
var kubeConfig KubeConfigAAD
err := yaml.Unmarshal([]byte(config), &kubeConfig)
if err != nil {
return nil, fmt.Errorf("Failed to unmarshal YAML config with error %+v", err)
Expand Down
Loading

0 comments on commit 4e85b4c

Please sign in to comment.