Skip to content

Commit 693598f

Browse files
KagashinoKagashino
authored
feat: eks - credential info (#917)
* feat: eks - credential info * fix: ignore eks tag for now
1 parent 1e2bcfc commit 693598f

18 files changed

+4375
-44
lines changed

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ require (
3030
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.283
3131
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.199
3232
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.291
33-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.363
33+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.369
3434
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.351
3535
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.359
3636
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dayu v1.0.335
@@ -54,7 +54,7 @@ require (
5454
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcaplusdb v1.0.199
5555
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.267
5656
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.268
57-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.302
57+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.369
5858
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.199
5959
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.357
6060
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wss v1.0.199

go.sum

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -501,6 +501,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.359 h1:m7Ga
501501
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.359/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
502502
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.363 h1:UkjSM8MEV5ZxucxRA01XCTL9qxWMD3lO4Nj20DdMbJs=
503503
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.363/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
504+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.368 h1:FS5rXPeSpDf+b+w9Ldjre6gLrtoaT36drvvWQ/3Seds=
505+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.368/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
506+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.369 h1:Ipg0vbH3s/9QnImiQYp7GSW4dg9OZv7TUzFKtABKPko=
507+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.369/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
504508
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.199 h1:ajgJogYSIQ5u1PIbiV5nsvr5K0fYpm1/T7Dy+mxEM6U=
505509
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.199/go.mod h1:AqyM/ZZMD7q5mHBqNY9YImbSpEpoEe7E/vrTbUWX+po=
506510
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.351 h1:zqJsH5pxGT57La7NAOOyMQxsuM11pupNBwV1dzXcT24=
@@ -562,6 +566,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.268 h1:ez5lvK
562566
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.268/go.mod h1:fchXZhmqaYaG2c4wTCBTdnW6TFAtxl3D/P/yuuuLMfA=
563567
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.302 h1:Ks3fi0Vs+I+p6Ue3ssL33Ai8y8Gi4iTc16y1Z4ZCQXk=
564568
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.302/go.mod h1:ij3CHdPvqI2aSMcl7+jdI0yCO7oOiywKTAa55qmO2iI=
569+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.368 h1:QvbcfEhc9yh9IyWLUJJtCSaPvh66ELXWPPUCpV0AN5M=
570+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.368/go.mod h1:uucDJ3gbMlKE4jsie2cTwf/BcoASjATuIWmuKxvTvss=
571+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.369 h1:bp9vCewHqy2rZMdl191LohVjIeb8udntY+AoSNO5eNA=
572+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.369/go.mod h1:HlPCDRZ3zUnEXifuTNbCiEOwKn/2LmA6ziPkCr3VHsk=
565573
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.199 h1:6Yt74l4pA5QtzhwMNIEUt0spXdSBKH744DDqTHJOCP0=
566574
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.199/go.mod h1:Yw6OQ33z3s4k0HVYTNSffB12qOzEJ2Zf1Vj4+5S3sRs=
567575
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.199 h1:UDZ59pvaqjDy2QIsMsv9hxm0BEJLmPIbHF1ms0MqaRk=

tencentcloud/data_source_tc_eks_cluster_credential.go

Lines changed: 252 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,252 @@
1+
/*
2+
Provide a datasource to query EKS cluster credential info.
3+
4+
Example Usage
5+
6+
```hcl
7+
data "tencentcloud_eks_cluster_credential" "foo" {
8+
cluster_id = "cls-xxxxxxxx"
9+
}
10+
11+
# example outputs
12+
output "addresses" {
13+
value = data.tencentcloud_eks_cluster_credential.cred.addresses
14+
}
15+
16+
output "ca_cert" {
17+
value = data.tencentcloud_eks_cluster_credential.cred.credential.ca_cert
18+
}
19+
20+
output "token" {
21+
value = data.tencentcloud_eks_cluster_credential.cred.credential.token
22+
}
23+
24+
output "public_lb_param" {
25+
value = data.tencentcloud_eks_cluster_credential.cred.public_lb.0.extra_param
26+
}
27+
28+
output "internal_lb_subnet" {
29+
value = data.tencentcloud_eks_cluster_credential.cred.internal_lb.0.subnet_id
30+
}
31+
32+
```
33+
*/
34+
package tencentcloud
35+
36+
import (
37+
"context"
38+
39+
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
40+
tke "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke/v20180525"
41+
)
42+
43+
func datasourceTencentCloudEksClusterCredential() *schema.Resource {
44+
return &schema.Resource{
45+
Read: datasourceTencentCloudEksClusterCredentialRead,
46+
47+
Importer: &schema.ResourceImporter{
48+
State: schema.ImportStatePassthrough,
49+
},
50+
Schema: map[string]*schema.Schema{
51+
"cluster_id": {
52+
Type: schema.TypeString,
53+
Required: true,
54+
Description: "EKS Cluster ID.",
55+
},
56+
"result_output_file": {
57+
Type: schema.TypeString,
58+
Optional: true,
59+
Description: "Used for save result.",
60+
},
61+
"addresses": {
62+
Type: schema.TypeList,
63+
Computed: true,
64+
Description: "List of IP Address information.",
65+
Elem: &schema.Resource{
66+
Schema: map[string]*schema.Schema{
67+
"type": {
68+
Type: schema.TypeString,
69+
Computed: true,
70+
Description: "Type of IP, can be `advertise`, `public`, etc.",
71+
},
72+
"ip": {
73+
Type: schema.TypeString,
74+
Computed: true,
75+
Description: "IP Address.",
76+
},
77+
"port": {
78+
Type: schema.TypeString,
79+
Computed: true,
80+
Description: "Port.",
81+
},
82+
},
83+
},
84+
},
85+
"credential": {
86+
Type: schema.TypeMap,
87+
Computed: true,
88+
Description: "Credential info.",
89+
Elem: &schema.Resource{
90+
Schema: map[string]*schema.Schema{
91+
"ca_cert": {
92+
Type: schema.TypeString,
93+
Computed: true,
94+
Description: "CA root certification.",
95+
},
96+
"token": {
97+
Type: schema.TypeString,
98+
Computed: true,
99+
Description: "Certification token.",
100+
},
101+
},
102+
},
103+
},
104+
"public_lb": {
105+
Type: schema.TypeList,
106+
Computed: true,
107+
Description: "Cluster public access LoadBalancer info.",
108+
Elem: &schema.Resource{
109+
Schema: map[string]*schema.Schema{
110+
"enabled": {
111+
Type: schema.TypeBool,
112+
Computed: true,
113+
114+
Description: "Indicates weather the public access LB enabled.",
115+
},
116+
"allow_from_cidrs": {
117+
Type: schema.TypeList,
118+
Computed: true,
119+
Description: "List of CIDRs which allowed to access.",
120+
Elem: &schema.Schema{Type: schema.TypeString},
121+
},
122+
"security_policies": {
123+
Type: schema.TypeList,
124+
Computed: true,
125+
Description: "List of security allow IP or CIDRs, default deny all.",
126+
Elem: &schema.Schema{Type: schema.TypeString},
127+
},
128+
"extra_param": {
129+
Type: schema.TypeString,
130+
Computed: true,
131+
Description: "Extra param text json.",
132+
},
133+
"security_group": {
134+
Type: schema.TypeString,
135+
Computed: true,
136+
Description: "Security group.",
137+
},
138+
},
139+
},
140+
},
141+
"internal_lb": {
142+
Type: schema.TypeList,
143+
Computed: true,
144+
Description: "Cluster internal access LoadBalancer info.",
145+
Elem: &schema.Resource{
146+
Schema: map[string]*schema.Schema{
147+
"enabled": {
148+
Type: schema.TypeBool,
149+
Computed: true,
150+
Description: "Indicates weather the internal access LB enabled.",
151+
},
152+
"subnet_id": {
153+
Type: schema.TypeString,
154+
Computed: true,
155+
Description: "ID of subnet which related to Internal LB.",
156+
},
157+
},
158+
},
159+
},
160+
"proxy_lb": {
161+
Type: schema.TypeBool,
162+
Computed: true,
163+
Description: "Indicates whether the new internal/public network function.",
164+
},
165+
},
166+
}
167+
}
168+
169+
func datasourceTencentCloudEksClusterCredentialRead(d *schema.ResourceData, meta interface{}) error {
170+
defer logElapsed("datasource.tencentcloud_eks_cluster_credential.read")()
171+
defer inconsistentCheck(d, meta)()
172+
173+
logId := getLogId(contextNil)
174+
ctx := context.WithValue(context.TODO(), logIdKey, logId)
175+
client := meta.(*TencentCloudClient).apiV3Conn
176+
service := EksService{client: client}
177+
178+
clusterId := d.Get("cluster_id").(string)
179+
180+
request := tke.NewDescribeEKSClusterCredentialRequest()
181+
request.ClusterId = &clusterId
182+
183+
info, err := service.DescribeEKSClusterCredential(ctx, request)
184+
185+
if err != nil {
186+
d.SetId("")
187+
return err
188+
}
189+
190+
d.SetId("eks-cluster-credential-" + clusterId)
191+
192+
_ = d.Set("proxy_lb", info.ProxyLB)
193+
194+
addresses := make([]map[string]interface{}, 0)
195+
196+
for i := range info.Addresses {
197+
item := info.Addresses[i]
198+
addr := map[string]interface{}{
199+
"type": item.Type,
200+
"ip": item.Ip,
201+
"port": item.Port,
202+
}
203+
addresses = append(addresses, addr)
204+
}
205+
_ = d.Set("addresses", addresses)
206+
207+
credential := make(map[string]interface{})
208+
if info.Credential != nil {
209+
credential = map[string]interface{}{
210+
"token": info.Credential.Token,
211+
"ca_cert": info.Credential.CACert,
212+
}
213+
_ = d.Set("credential", credential)
214+
}
215+
216+
internalLB := make([]map[string]interface{}, 0)
217+
if info.InternalLB != nil {
218+
lb := map[string]interface{}{
219+
"enabled": info.InternalLB.Enabled,
220+
"subnet_id": info.InternalLB.SubnetId,
221+
}
222+
internalLB = append(internalLB, lb)
223+
_ = d.Set("internal_lb", internalLB)
224+
}
225+
226+
publicLB := make([]map[string]interface{}, 0)
227+
if info.PublicLB != nil {
228+
lb := map[string]interface{}{
229+
"enabled": info.PublicLB.Enabled,
230+
"extra_param": info.PublicLB.ExtraParam,
231+
"allow_from_cidrs": info.PublicLB.AllowFromCidrs,
232+
"security_group": info.PublicLB.SecurityGroup,
233+
"security_policies": info.PublicLB.SecurityPolicies,
234+
}
235+
publicLB = append(publicLB, lb)
236+
_ = d.Set("public_lb", publicLB)
237+
}
238+
239+
result := map[string]interface{}{
240+
"credential": credential,
241+
"addresses": addresses,
242+
"public_lb": publicLB,
243+
"internal_lb": internalLB,
244+
"proxy_lb": info.ProxyLB,
245+
}
246+
247+
if output, ok := d.GetOk("result_output_file"); ok {
248+
return writeToFile(output.(string), result)
249+
}
250+
251+
return nil
252+
}

tencentcloud/data_source_tc_eks_cluster_credential_test.go

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
package tencentcloud
2+
3+
import (
4+
"testing"
5+
6+
"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
7+
)
8+
9+
func TestAccTencentCloudEksClusterCredentialDataSource(t *testing.T) {
10+
t.Parallel()
11+
resource.Test(t, resource.TestCase{
12+
PreCheck: func() { testAccPreCheck(t) },
13+
Providers: testAccProviders,
14+
Steps: []resource.TestStep{
15+
{
16+
Config: testAccTencentCloudEksClusterCredentialBasic,
17+
Check: resource.ComposeAggregateTestCheckFunc(
18+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "addresses.#"),
19+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "credential.ca_cert"),
20+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "credential.token"),
21+
resource.TestCheckResourceAttr("data.tencentcloud_eks_cluster_credential.cred", "public_lb.0.enabled", "true"),
22+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "public_lb.0.allow_from_cidrs.#"),
23+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "public_lb.0.security_policies.#"),
24+
resource.TestCheckResourceAttr("data.tencentcloud_eks_cluster_credential.cred", "internal_lb.0.enabled", "true"),
25+
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_cluster_credential.cred", "proxy_lb"),
26+
),
27+
},
28+
},
29+
})
30+
}
31+
32+
const testAccTencentCloudEksClusterForCred = defaultVpcVariable + `
33+
resource "tencentcloud_eks_cluster" "foo" {
34+
cluster_name = "tf-eks-test"
35+
k8s_version = "1.18.4"
36+
vpc_id = var.vpc_id
37+
subnet_ids = [
38+
var.subnet_id,
39+
]
40+
cluster_desc = "test eks cluster created by terraform"
41+
service_subnet_id = var.subnet_id
42+
enable_vpc_core_dns = true
43+
internal_lb {
44+
enabled = true
45+
subnet_id = var.subnet_id
46+
}
47+
public_lb {
48+
enabled = true
49+
security_policies = ["192.168.1.1"]
50+
}
51+
tags = {
52+
test = "tf"
53+
}
54+
}`
55+
56+
const testAccTencentCloudEksClusterCredentialBasic = testAccTencentCloudEksClusterForCred + `
57+
data "tencentcloud_eks_cluster_credential" "cred" {
58+
cluster_id = tencentcloud_eks_cluster.foo.id
59+
}
60+
`

tencentcloud/data_source_tc_eks_clusters_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,6 @@ func TestAccTencentCloudEksClustersDataSource(t *testing.T) {
3434
resource.TestCheckResourceAttrSet("data.tencentcloud_eks_clusters.foo", "list.0.service_subnet_id"),
3535
resource.TestCheckResourceAttr("data.tencentcloud_eks_clusters.foo", "list.0.enable_vpc_core_dns", "true"),
3636
resource.TestCheckResourceAttr("data.tencentcloud_eks_clusters.foo", "list.0.need_delete_cbs", "true"),
37-
resource.TestCheckResourceAttr("data.tencentcloud_eks_clusters.foo", "list.0.tags.test", "tf"),
3837
),
3938
},
4039
},

tencentcloud/internal/helper/helper.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,3 +112,19 @@ func SliceFieldSerialize(slice []string) string {
112112
sort.Strings(types)
113113
return strings.Trim(strings.Join(types, ","), ",")
114114
}
115+
116+
// InterfacesHeadMap returns string key map if argument is MaxItem: 1 List Type
117+
func InterfacesHeadMap(d *schema.ResourceData, key string) (result map[string]interface{}, ok bool) {
118+
v, ok := d.GetOk(key)
119+
if !ok {
120+
return
121+
}
122+
interfaces, ok := v.([]interface{})
123+
if !ok || len(interfaces) == 0 {
124+
ok = false
125+
return
126+
}
127+
head := interfaces[0]
128+
result, ok = head.(map[string]interface{})
129+
return
130+
}

tencentcloud/provider.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -343,6 +343,7 @@ Tencent Kubernetes Engine(TKE)
343343
Data Source
344344
tencentcloud_kubernetes_clusters
345345
tencentcloud_eks_clusters
346+
tencentcloud_eks_cluster_credential
346347
tencentcloud_kubernetes_charts
347348
348349
Resource
@@ -762,6 +763,7 @@ func Provider() terraform.ResourceProvider {
762763
"tencentcloud_kubernetes_clusters": dataSourceTencentCloudKubernetesClusters(),
763764
"tencentcloud_kubernetes_charts": dataSourceTencentCloudKubernetesCharts(),
764765
"tencentcloud_eks_clusters": dataSourceTencentCloudEKSClusters(),
766+
"tencentcloud_eks_cluster_credential": datasourceTencentCloudEksClusterCredential(),
765767
"tencentcloud_container_clusters": dataSourceTencentCloudContainerClusters(),
766768
"tencentcloud_container_cluster_instances": dataSourceTencentCloudContainerClusterInstances(),
767769
"tencentcloud_mysql_backup_list": dataSourceTencentMysqlBackupList(),

0 commit comments

Comments
 (0)