From 91e80929f23639db2e9ca3f3ce082d55bdb6cb9a Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:24:46 -0500 Subject: [PATCH 01/15] Bump eks go module to 1.45.0 to support the new bootstrapSelfManagedAddons parameter Signed-off-by: Brendan Dalpe --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 1427ce1c16e..d7fd4bf01b3 100644 --- a/go.mod +++ b/go.mod @@ -89,7 +89,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ecr v1.29.1 github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.24.1 github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1 - github.com/aws/aws-sdk-go-v2/service/eks v1.44.1 + github.com/aws/aws-sdk-go-v2/service/eks v1.45.0 github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1 github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.24.1 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.32.1 diff --git a/go.sum b/go.sum index 914924dfa34..3045a7d1cf9 100644 --- a/go.sum +++ b/go.sum @@ -200,6 +200,8 @@ github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1 h1:Js5l/9hBLI4/enHaCezHxxoC0AQ1 github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1/go.mod h1:a0NMSy8O5qyPn5Z8Lf0z/vyXry5Z60Vw23fYD1oRu/Y= github.com/aws/aws-sdk-go-v2/service/eks v1.44.1 h1:onUAzZXDsyXzyrmOGw/9p8Csl1NZkTDEs4URZ8covUY= github.com/aws/aws-sdk-go-v2/service/eks v1.44.1/go.mod h1:dg9l/W4hXygeRNydRB4LWKY/MwHJhfUomGJUBwI29Dw= +github.com/aws/aws-sdk-go-v2/service/eks v1.45.0 h1:PRDbU5dV3wheU9x3GdrnygeX8AOV32nO0Kdre/i59GE= +github.com/aws/aws-sdk-go-v2/service/eks v1.45.0/go.mod h1:dg9l/W4hXygeRNydRB4LWKY/MwHJhfUomGJUBwI29Dw= github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1 h1:XUOyv5Q0uypaCKkv1svwnhB9X76sRDoLUelBjzlFrL4= github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1/go.mod h1:RHxzPy8YHOOIEFxK5WYIsDA8TEDIBd8A0BenmqV9PKw= github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.24.1 h1:JQpNrllBoHIKSzwLVFK/XYsUJBhDNvIaYVBQNf/9vk0= From dffbc421efe1346503adfac75af4de0c8c619130 Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:24:58 -0500 Subject: [PATCH 02/15] Add bootstrap_self_managed_addons flag to schema This flag is only passed on resource creation and cannot be read from the AWS API Signed-off-by: Brendan Dalpe --- internal/service/eks/cluster.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index e9ab6aa1e20..43ea16f83ca 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -83,6 +83,11 @@ func resourceCluster() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "bootstrap_self_managed_addons": { + Type: schema.TypeBool, + ForceNew: true, + Optional: true, + }, "certificate_authority": { Type: schema.TypeList, Computed: true, From ca4a7577f1eae3e69b89ebab13a5e73594abd2a4 Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:25:20 -0500 Subject: [PATCH 03/15] Add acceptance test for bootstrap_self_managed_addons parameter Signed-off-by: Brendan Dalpe --- internal/service/eks/cluster_test.go | 58 ++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/internal/service/eks/cluster_test.go b/internal/service/eks/cluster_test.go index 0c047909aee..0a87c9e5c5e 100644 --- a/internal/service/eks/cluster_test.go +++ b/internal/service/eks/cluster_test.go @@ -186,6 +186,48 @@ func TestAccEKSCluster_AccessConfig_update(t *testing.T) { }) } +func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { + ctx := acctest.Context(t) + var cluster1, cluster2 types.Cluster + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + resourceName := "aws_eks_cluster.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) }, + ErrorCheck: acctest.ErrorCheck(t, names.EKSServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckClusterDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, true), + Check: resource.ComposeTestCheckFunc( + testAccCheckClusterExists(ctx, resourceName, &cluster1), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bootstrap_self_managed_addons", + }, + }, + { + Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, false), + PlanOnly: true, + ExpectNonEmptyPlan: true, + }, + { + Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, false), + Check: resource.ComposeTestCheckFunc( + testAccCheckClusterExists(ctx, resourceName, &cluster2), + testAccCheckClusterRecreated(&cluster1, &cluster2), + ), + }, + }, + }) +} + func TestAccEKSCluster_Encryption_create(t *testing.T) { ctx := acctest.Context(t) var cluster types.Cluster @@ -980,6 +1022,22 @@ resource "aws_eks_cluster" "test" { `, rName, authenticationMode)) } +func testAccClusterConfig_bootstrapSelfManagedAddons(rName string, bootstrapSelfManagedAddons bool) string { + return acctest.ConfigCompose(testAccClusterConfig_base(rName), fmt.Sprintf(` +resource "aws_eks_cluster" "test" { + name = %[1]q + role_arn = aws_iam_role.test.arn + bootstrap_self_managed_addons = %[2]t + + vpc_config { + subnet_ids = aws_subnet.test[*].id + } + + depends_on = [aws_iam_role_policy_attachment.test-AmazonEKSClusterPolicy] +} +`, rName, bootstrapSelfManagedAddons)) +} + func testAccClusterConfig_version(rName, version string) string { return acctest.ConfigCompose(testAccClusterConfig_base(rName), fmt.Sprintf(` resource "aws_eks_cluster" "test" { From fa9a31154b1e32ba551a84574803fbe2a80d1c45 Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:25:48 -0500 Subject: [PATCH 04/15] Add bootstrap_self_managed_addons argument information Signed-off-by: Brendan Dalpe --- website/docs/r/eks_cluster.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/eks_cluster.html.markdown b/website/docs/r/eks_cluster.html.markdown index bc9519a8538..6031384062b 100644 --- a/website/docs/r/eks_cluster.html.markdown +++ b/website/docs/r/eks_cluster.html.markdown @@ -215,6 +215,7 @@ The following arguments are required: The following arguments are optional: * `access_config` - (Optional) Configuration block for the access config associated with your cluster, see [Amazon EKS Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html). +* `bootstrap_self_managed_addons` - (Optional) Install default unmanaged add-ons, such as `aws-cni`, `kube-proxy`, and CoreDNS during cluster creation. If `false`, you must manually install desired add-ons. Changing this value will force a new cluster to be created. Defaults to `true`. * `enabled_cluster_log_types` - (Optional) List of the desired control plane logging to enable. For more information, see [Amazon EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html). * `encryption_config` - (Optional) Configuration block with encryption configuration for the cluster. Only available on Kubernetes 1.13 and above clusters created after March 6, 2020. Detailed below. * `kubernetes_network_config` - (Optional) Configuration block with kubernetes network configuration for the cluster. Detailed below. If removed, Terraform will only perform drift detection if a configuration value is provided. From 14fa3508fd857286ffa341e44b75708892ebe9cc Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:36:55 -0500 Subject: [PATCH 05/15] Add changelog entry Signed-off-by: Brendan Dalpe --- .changelog/38162.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/38162.txt diff --git a/.changelog/38162.txt b/.changelog/38162.txt new file mode 100644 index 00000000000..ab7539f6526 --- /dev/null +++ b/.changelog/38162.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_eks_cluster: Add optional `bootstrap_self_managed_addons` attribute +``` \ No newline at end of file From 6600dc41565a8e62da5d3f60818ae7b2755ba8ce Mon Sep 17 00:00:00 2001 From: Brendan Dalpe Date: Thu, 27 Jun 2024 15:38:37 -0500 Subject: [PATCH 06/15] Fix formatting Signed-off-by: Brendan Dalpe --- internal/service/eks/cluster_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/service/eks/cluster_test.go b/internal/service/eks/cluster_test.go index 0a87c9e5c5e..b13e680d2da 100644 --- a/internal/service/eks/cluster_test.go +++ b/internal/service/eks/cluster_test.go @@ -1025,8 +1025,8 @@ resource "aws_eks_cluster" "test" { func testAccClusterConfig_bootstrapSelfManagedAddons(rName string, bootstrapSelfManagedAddons bool) string { return acctest.ConfigCompose(testAccClusterConfig_base(rName), fmt.Sprintf(` resource "aws_eks_cluster" "test" { - name = %[1]q - role_arn = aws_iam_role.test.arn + name = %[1]q + role_arn = aws_iam_role.test.arn bootstrap_self_managed_addons = %[2]t vpc_config { From 23135b30500a6d32ccc6421497cba469713e1fad Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 10:04:28 -0400 Subject: [PATCH 07/15] Revert "Bump eks go module to 1.45.0 to support the new bootstrapSelfManagedAddons parameter" This reverts commit 91e80929f23639db2e9ca3f3ce082d55bdb6cb9a. --- go.mod | 2 +- go.sum | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d7fd4bf01b3..1427ce1c16e 100644 --- a/go.mod +++ b/go.mod @@ -89,7 +89,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ecr v1.29.1 github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.24.1 github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1 - github.com/aws/aws-sdk-go-v2/service/eks v1.45.0 + github.com/aws/aws-sdk-go-v2/service/eks v1.44.1 github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1 github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.24.1 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.32.1 diff --git a/go.sum b/go.sum index 3045a7d1cf9..914924dfa34 100644 --- a/go.sum +++ b/go.sum @@ -200,8 +200,6 @@ github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1 h1:Js5l/9hBLI4/enHaCezHxxoC0AQ1 github.com/aws/aws-sdk-go-v2/service/ecs v1.43.1/go.mod h1:a0NMSy8O5qyPn5Z8Lf0z/vyXry5Z60Vw23fYD1oRu/Y= github.com/aws/aws-sdk-go-v2/service/eks v1.44.1 h1:onUAzZXDsyXzyrmOGw/9p8Csl1NZkTDEs4URZ8covUY= github.com/aws/aws-sdk-go-v2/service/eks v1.44.1/go.mod h1:dg9l/W4hXygeRNydRB4LWKY/MwHJhfUomGJUBwI29Dw= -github.com/aws/aws-sdk-go-v2/service/eks v1.45.0 h1:PRDbU5dV3wheU9x3GdrnygeX8AOV32nO0Kdre/i59GE= -github.com/aws/aws-sdk-go-v2/service/eks v1.45.0/go.mod h1:dg9l/W4hXygeRNydRB4LWKY/MwHJhfUomGJUBwI29Dw= github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1 h1:XUOyv5Q0uypaCKkv1svwnhB9X76sRDoLUelBjzlFrL4= github.com/aws/aws-sdk-go-v2/service/elasticache v1.39.1/go.mod h1:RHxzPy8YHOOIEFxK5WYIsDA8TEDIBd8A0BenmqV9PKw= github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.24.1 h1:JQpNrllBoHIKSzwLVFK/XYsUJBhDNvIaYVBQNf/9vk0= From 88cd10ec945fe15a8a085771dc83f2e3714c6438 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 10:17:07 -0400 Subject: [PATCH 08/15] Tweak CHANGELOG entry. --- .changelog/38162.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changelog/38162.txt b/.changelog/38162.txt index ab7539f6526..4819d5a0db0 100644 --- a/.changelog/38162.txt +++ b/.changelog/38162.txt @@ -1,3 +1,3 @@ ```release-note:enhancement -resource/aws_eks_cluster: Add optional `bootstrap_self_managed_addons` attribute +resource/aws_eks_cluster: Add `bootstrap_self_managed_addons` argument ``` \ No newline at end of file From 6d78e58d715ead2aae00d50fe17e6da0b923d625 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 10:20:35 -0400 Subject: [PATCH 09/15] r/aws_eks_cluster: Use 'bootstrap_self_managed_addons' on Create. --- internal/service/eks/cluster.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index 43ea16f83ca..73ae82b2f07 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -326,12 +326,13 @@ func resourceClusterCreate(ctx context.Context, d *schema.ResourceData, meta int name := d.Get(names.AttrName).(string) input := &eks.CreateClusterInput{ - EncryptionConfig: expandEncryptionConfig(d.Get("encryption_config").([]interface{})), - Logging: expandLogging(d.Get("enabled_cluster_log_types").(*schema.Set)), - Name: aws.String(name), - ResourcesVpcConfig: expandVpcConfigRequest(d.Get(names.AttrVPCConfig).([]interface{})), - RoleArn: aws.String(d.Get(names.AttrRoleARN).(string)), - Tags: getTagsIn(ctx), + BootstrapSelfManagedAddons: aws.Bool(d.Get("bootstrap_self_managed_addons").(bool)), + EncryptionConfig: expandEncryptionConfig(d.Get("encryption_config").([]interface{})), + Logging: expandLogging(d.Get("enabled_cluster_log_types").(*schema.Set)), + Name: aws.String(name), + ResourcesVpcConfig: expandVpcConfigRequest(d.Get(names.AttrVPCConfig).([]interface{})), + RoleArn: aws.String(d.Get(names.AttrRoleARN).(string)), + Tags: getTagsIn(ctx), } if v, ok := d.GetOk("access_config"); ok { @@ -423,6 +424,7 @@ func resourceClusterRead(ctx context.Context, d *schema.ResourceData, meta inter return sdkdiag.AppendErrorf(diags, "setting access_config: %s", err) } d.Set(names.AttrARN, cluster.Arn) + d.Set("bootstrap_self_managed_addons", d.Get("bootstrap_self_managed_addons")) if err := d.Set("certificate_authority", flattenCertificate(cluster.CertificateAuthority)); err != nil { return sdkdiag.AppendErrorf(diags, "setting certificate_authority: %s", err) } From 70abac477ab0ee5d9398151608db6cbbc51bb248 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 10:41:50 -0400 Subject: [PATCH 10/15] r/aws_eks_cluster: Add state migrater. --- internal/service/eks/cluster.go | 12 +- internal/service/eks/cluster_migrate.go | 270 +++++++++++++++++++ internal/service/eks/cluster_migrate_test.go | 73 +++++ internal/service/eks/exports_test.go | 1 + 4 files changed, 355 insertions(+), 1 deletion(-) create mode 100644 internal/service/eks/cluster_migrate.go create mode 100644 internal/service/eks/cluster_migrate_test.go diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index 73ae82b2f07..0f738780f07 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -43,6 +43,15 @@ func resourceCluster() *schema.Resource { StateContext: schema.ImportStatePassthroughContext, }, + SchemaVersion: 1, + StateUpgraders: []schema.StateUpgrader{ + { + Type: resourceClusterV0().CoreConfigSchema().ImpliedType(), + Upgrade: clusterStateUpgradeV0, + Version: 0, + }, + }, + CustomizeDiff: customdiff.Sequence( verify.SetTagsDiff, customdiff.ForceNewIfChange("encryption_config", func(_ context.Context, old, new, meta interface{}) bool { @@ -85,8 +94,9 @@ func resourceCluster() *schema.Resource { }, "bootstrap_self_managed_addons": { Type: schema.TypeBool, - ForceNew: true, Optional: true, + ForceNew: true, + Default: true, }, "certificate_authority": { Type: schema.TypeList, diff --git a/internal/service/eks/cluster_migrate.go b/internal/service/eks/cluster_migrate.go new file mode 100644 index 00000000000..70e1592200d --- /dev/null +++ b/internal/service/eks/cluster_migrate.go @@ -0,0 +1,270 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package eks + +import ( + "context" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + "github.com/hashicorp/terraform-provider-aws/names" +) + +// aws_eks_cluster resource's Schema @v5.56.1 minus validators. +func resourceClusterV0() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "access_config": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "authentication_mode": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "bootstrap_cluster_creator_admin_permissions": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + }, + }, + }, + }, + names.AttrARN: { + Type: schema.TypeString, + Computed: true, + }, + "certificate_authority": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "data": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "cluster_id": { + Type: schema.TypeString, + Computed: true, + }, + names.AttrCreatedAt: { + Type: schema.TypeString, + Computed: true, + }, + "enabled_cluster_log_types": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "encryption_config": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "provider": { + Type: schema.TypeList, + MaxItems: 1, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key_arn": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, + names.AttrResources: { + Type: schema.TypeSet, + Required: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + names.AttrEndpoint: { + Type: schema.TypeString, + Computed: true, + }, + "identity": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "oidc": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + names.AttrIssuer: { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "kubernetes_network_config": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "ip_family": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + "service_ipv4_cidr": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + "service_ipv6_cidr": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + names.AttrName: { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "outpost_config": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "control_plane_instance_type": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "control_plane_placement": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + names.AttrGroupName: { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + }, + }, + }, + "outpost_arns": { + Type: schema.TypeSet, + Required: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + "platform_version": { + Type: schema.TypeString, + Computed: true, + }, + names.AttrRoleARN: { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + names.AttrStatus: { + Type: schema.TypeString, + Computed: true, + }, + names.AttrTags: tftags.TagsSchema(), + names.AttrTagsAll: tftags.TagsSchemaComputed(), + names.AttrVersion: { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + names.AttrVPCConfig: { + Type: schema.TypeList, + MinItems: 1, + MaxItems: 1, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "cluster_security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "endpoint_private_access": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + "endpoint_public_access": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, + "public_access_cidrs": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + names.AttrSecurityGroupIDs: { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + names.AttrSubnetIDs: { + Type: schema.TypeSet, + Required: true, + MinItems: 1, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + names.AttrVPCID: { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + } +} + +func clusterStateUpgradeV0(_ context.Context, rawState map[string]interface{}, meta interface{}) (map[string]interface{}, error) { + if rawState == nil { + rawState = map[string]interface{}{} + } + + if _, ok := rawState["bootstrap_self_managed_addons"]; !ok { + rawState["bootstrap_self_managed_addons"] = "true" + } + + return rawState, nil +} diff --git a/internal/service/eks/cluster_migrate_test.go b/internal/service/eks/cluster_migrate_test.go new file mode 100644 index 00000000000..8e4c1ec4e9e --- /dev/null +++ b/internal/service/eks/cluster_migrate_test.go @@ -0,0 +1,73 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package eks_test + +import ( + "context" + "testing" + + "github.com/google/go-cmp/cmp" + "github.com/hashicorp/terraform-provider-aws/internal/acctest" + tfeks "github.com/hashicorp/terraform-provider-aws/internal/service/eks" + "github.com/hashicorp/terraform-provider-aws/names" +) + +func TestClusterStateUpgradeV0(t *testing.T) { + ctx := context.Background() + t.Parallel() + + testCases := []struct { + testName string + rawState map[string]interface{} + want map[string]interface{} + }{ + { + testName: "empty state", + rawState: map[string]interface{}{}, + want: map[string]interface{}{ + "bootstrap_self_managed_addons": acctest.CtTrue, + }, + }, + { + testName: "non-empty state", + rawState: map[string]interface{}{ + names.AttrName: "testing", + names.AttrVersion: "1.1.0", + }, + want: map[string]interface{}{ + "bootstrap_self_managed_addons": acctest.CtTrue, + names.AttrName: "testing", + names.AttrVersion: "1.1.0", + }, + }, + { + testName: "bootstrap_self_managed_addons set", + rawState: map[string]interface{}{ + "bootstrap_self_managed_addons": acctest.CtFalse, + names.AttrName: "testing", + names.AttrVersion: "1.1.0", + }, + want: map[string]interface{}{ + "bootstrap_self_managed_addons": acctest.CtFalse, + names.AttrName: "testing", + names.AttrVersion: "1.1.0", + }, + }, + } + + for _, testCase := range testCases { + testCase := testCase + t.Run(testCase.testName, func(t *testing.T) { + t.Parallel() + + got, err := tfeks.ClusterStateUpgradeV0(ctx, testCase.rawState, nil) + + if err != nil { + t.Errorf("err = %q", err) + } else if diff := cmp.Diff(got, testCase.want); diff != "" { + t.Errorf("unexpected diff (+wanted, -got): %s", diff) + } + }) + } +} diff --git a/internal/service/eks/exports_test.go b/internal/service/eks/exports_test.go index b5cdf7e2aea..81bdfea5dc9 100644 --- a/internal/service/eks/exports_test.go +++ b/internal/service/eks/exports_test.go @@ -14,6 +14,7 @@ var ( ResourceNodeGroup = resourceNodeGroup ResourcePodIdentityAssociation = newPodIdentityAssociationResource + ClusterStateUpgradeV0 = clusterStateUpgradeV0 FindAccessEntryByTwoPartKey = findAccessEntryByTwoPartKey FindAccessPolicyAssociationByThreePartKey = findAccessPolicyAssociationByThreePartKey FindAddonByTwoPartKey = findAddonByTwoPartKey From f506b67d258a2e57f8ca55aa75aa69eebed80c0e Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 11:07:11 -0400 Subject: [PATCH 11/15] Add 'TestAccEKSCluster_BootstrapSelfManagedAddons_migrate'. --- internal/service/eks/cluster_test.go | 57 ++++++++++++++++++++++------ 1 file changed, 45 insertions(+), 12 deletions(-) diff --git a/internal/service/eks/cluster_test.go b/internal/service/eks/cluster_test.go index b13e680d2da..3c2ce52f37d 100644 --- a/internal/service/eks/cluster_test.go +++ b/internal/service/eks/cluster_test.go @@ -16,6 +16,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/eks/types" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/plancheck" "github.com/hashicorp/terraform-plugin-testing/terraform" "github.com/hashicorp/terraform-provider-aws/internal/acctest" "github.com/hashicorp/terraform-provider-aws/internal/conns" @@ -47,6 +48,7 @@ func TestAccEKSCluster_basic(t *testing.T) { testAccCheckClusterExists(ctx, resourceName, &cluster), resource.TestCheckResourceAttr(resourceName, "access_config.#", acctest.Ct1), acctest.MatchResourceAttrRegionalARN(resourceName, names.AttrARN, "eks", regexache.MustCompile(fmt.Sprintf("cluster/%s$", rName))), + resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "certificate_authority.#", acctest.Ct1), resource.TestCheckResourceAttrSet(resourceName, "certificate_authority.0.data"), resource.TestCheckNoResourceAttr(resourceName, "cluster_id"), @@ -188,7 +190,7 @@ func TestAccEKSCluster_AccessConfig_update(t *testing.T) { func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { ctx := acctest.Context(t) - var cluster1, cluster2 types.Cluster + var cluster types.Cluster rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_eks_cluster.test" @@ -199,31 +201,62 @@ func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { CheckDestroy: testAccCheckClusterDestroy(ctx), Steps: []resource.TestStep{ { - Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, true), + Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, false), Check: resource.ComposeTestCheckFunc( - testAccCheckClusterExists(ctx, resourceName, &cluster1), + testAccCheckClusterExists(ctx, resourceName, &cluster), + resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtFalse), ), }, { ResourceName: resourceName, ImportState: true, ImportStateVerify: true, - ImportStateVerifyIgnore: []string{ - "bootstrap_self_managed_addons", - }, }, { - Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, false), - PlanOnly: true, - ExpectNonEmptyPlan: true, + Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, true), + ConfigPlanChecks: resource.ConfigPlanChecks{ + PreApply: []plancheck.PlanCheck{ + plancheck.ExpectResourceAction(resourceName, plancheck.ResourceActionReplace), + }, + }, + Check: resource.ComposeTestCheckFunc( + testAccCheckClusterExists(ctx, resourceName, &cluster), + resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtFalse), + ), }, + }, + }) +} + +func TestAccEKSCluster_BootstrapSelfManagedAddons_migrate(t *testing.T) { + ctx := acctest.Context(t) + var cluster types.Cluster + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + resourceName := "aws_eks_cluster.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) }, + ErrorCheck: acctest.ErrorCheck(t, names.EKSServiceID), + CheckDestroy: testAccCheckClusterDestroy(ctx), + Steps: []resource.TestStep{ { - Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, false), + ExternalProviders: map[string]resource.ExternalProvider{ + "aws": { + Source: "hashicorp/aws", + VersionConstraint: "5.56.1", + }, + }, + Config: testAccClusterConfig_basic(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckClusterExists(ctx, resourceName, &cluster2), - testAccCheckClusterRecreated(&cluster1, &cluster2), + testAccCheckClusterExists(ctx, resourceName, &cluster), + resource.TestCheckNoResourceAttr(resourceName, "bootstrap_self_managed_addons"), ), }, + { + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + Config: testAccClusterConfig_basic(rName), + PlanOnly: true, + }, }, }) } From 439edd2b2849c13e53c36cef2bb68e24e1a8c289 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 11:46:56 -0400 Subject: [PATCH 12/15] r/aws_eks_cluster: Set 'bootstrap_self_managed_addons' to true during import. --- internal/service/eks/cluster.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index 0f738780f07..65ccdc8bf4c 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -40,7 +40,10 @@ func resourceCluster() *schema.Resource { DeleteWithoutTimeout: resourceClusterDelete, Importer: &schema.ResourceImporter{ - StateContext: schema.ImportStatePassthroughContext, + StateContext: func(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + d.Set("bootstrap_self_managed_addons", true) + return []*schema.ResourceData{d}, nil + }, }, SchemaVersion: 1, From c8818ba233dee3e66682e237792c170f0ebc11f3 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jul 2024 13:50:20 -0400 Subject: [PATCH 13/15] Revert "r/aws_eks_cluster: Set 'bootstrap_self_managed_addons' to true during import." This reverts commit 439edd2b2849c13e53c36cef2bb68e24e1a8c289. --- internal/service/eks/cluster.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index 65ccdc8bf4c..0f738780f07 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -40,10 +40,7 @@ func resourceCluster() *schema.Resource { DeleteWithoutTimeout: resourceClusterDelete, Importer: &schema.ResourceImporter{ - StateContext: func(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { - d.Set("bootstrap_self_managed_addons", true) - return []*schema.ResourceData{d}, nil - }, + StateContext: schema.ImportStatePassthroughContext, }, SchemaVersion: 1, From 2da24409bd6b830b11721d56b7fd6a7b579a1221 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Fri, 5 Jul 2024 11:56:06 -0400 Subject: [PATCH 14/15] r/aws_eks_cluster: Add 'ImportStateVerifyIgnore' to acceptance test steps. --- internal/service/eks/cluster_test.go | 138 ++++++++++++++++----------- 1 file changed, 80 insertions(+), 58 deletions(-) diff --git a/internal/service/eks/cluster_test.go b/internal/service/eks/cluster_test.go index 3c2ce52f37d..bc38c08af8d 100644 --- a/internal/service/eks/cluster_test.go +++ b/internal/service/eks/cluster_test.go @@ -78,9 +78,10 @@ func TestAccEKSCluster_basic(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -132,9 +133,10 @@ func TestAccEKSCluster_AccessConfig_create(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: false, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: false, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -208,9 +210,10 @@ func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_bootstrapSelfManagedAddons(rName, true), @@ -221,7 +224,7 @@ func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { }, Check: resource.ComposeTestCheckFunc( testAccCheckClusterExists(ctx, resourceName, &cluster), - resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtTrue), ), }, }, @@ -230,7 +233,7 @@ func TestAccEKSCluster_BootstrapSelfManagedAddons_update(t *testing.T) { func TestAccEKSCluster_BootstrapSelfManagedAddons_migrate(t *testing.T) { ctx := acctest.Context(t) - var cluster types.Cluster + var cluster1, cluster2 types.Cluster rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_eks_cluster.test" @@ -248,14 +251,18 @@ func TestAccEKSCluster_BootstrapSelfManagedAddons_migrate(t *testing.T) { }, Config: testAccClusterConfig_basic(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckClusterExists(ctx, resourceName, &cluster), + testAccCheckClusterExists(ctx, resourceName, &cluster1), resource.TestCheckNoResourceAttr(resourceName, "bootstrap_self_managed_addons"), ), }, { ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, Config: testAccClusterConfig_basic(rName), - PlanOnly: true, + Check: resource.ComposeTestCheckFunc( + testAccCheckClusterExists(ctx, resourceName, &cluster2), + testAccCheckClusterNotRecreated(&cluster1, &cluster2), + resource.TestCheckResourceAttr(resourceName, "bootstrap_self_managed_addons", acctest.CtTrue), + ), }, }, }) @@ -285,9 +292,10 @@ func TestAccEKSCluster_Encryption_create(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -325,9 +333,10 @@ func TestAccEKSCluster_Encryption_update(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -359,9 +368,10 @@ func TestAccEKSCluster_Encryption_versionUpdate(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_encryptionVersion(rName, clusterVersionUpgradeUpdated), @@ -399,9 +409,10 @@ func TestAccEKSCluster_version(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_version(rName, clusterVersionUpgradeUpdated), @@ -436,9 +447,10 @@ func TestAccEKSCluster_logging(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_logging(rName, []string{"api", "audit"}), @@ -484,9 +496,10 @@ func TestAccEKSCluster_tags(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_tags2(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, acctest.CtValue2), @@ -530,9 +543,10 @@ func TestAccEKSCluster_VPC_securityGroupIDs(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -570,9 +584,10 @@ func TestAccEKSCluster_VPC_securityGroupIDsAndSubnetIDs_update(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -599,9 +614,10 @@ func TestAccEKSCluster_VPC_endpointPrivateAccess(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_vpcEndpointPrivateAccess(rName, false), @@ -646,9 +662,10 @@ func TestAccEKSCluster_VPC_endpointPublicAccess(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_vpcEndpointPublicAccess(rName, true), @@ -693,9 +710,10 @@ func TestAccEKSCluster_VPC_publicAccessCIDRs(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_vpcPublicAccessCIDRs(rName, `["4.3.2.1/32", "8.7.6.5/32"]`), @@ -750,9 +768,10 @@ func TestAccEKSCluster_Network_serviceIPv4CIDR(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_networkServiceIPv4CIDR(rName, `"192.168.0.0/24"`), @@ -793,9 +812,10 @@ func TestAccEKSCluster_Network_ipFamily(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, { Config: testAccClusterConfig_networkIPFamily(rName, `"ipv6"`), @@ -839,9 +859,10 @@ func TestAccEKSCluster_Outpost_create(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) @@ -872,9 +893,10 @@ func TestAccEKSCluster_Outpost_placement(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"bootstrap_self_managed_addons"}, }, }, }) From 500fcd002468a96b9d0b3c0b3f4c8d8c793394a2 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Fri, 5 Jul 2024 13:03:00 -0400 Subject: [PATCH 15/15] r/aws_eks_cluster: Tweak 'waitClusterDeleted' in an attempt to avoid "ResourceInUseException: Cluster already exists with name: ..." errors. --- internal/service/eks/cluster.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go index 0f738780f07..343c607a73c 100644 --- a/internal/service/eks/cluster.go +++ b/internal/service/eks/cluster.go @@ -787,6 +787,9 @@ func waitClusterDeleted(ctx context.Context, conn *eks.Client, name string, time Target: []string{}, Refresh: statusCluster(ctx, conn, name), Timeout: timeout, + // An attempt to avoid "ResourceInUseException: Cluster already exists with name: ..." errors + // in acceptance tests when recreating a cluster with the same randomly generated name. + ContinuousTargetOccurence: 3, } outputRaw, err := stateConf.WaitForStateContext(ctx)