Skip to content

Commit

Permalink
change GetAccessProfile to List Credentials API for kubernetes cluste…
Browse files Browse the repository at this point in the history 
…r resource
  • Loading branch information
@lonegunmanb
lonegunmanb committed Mar 20, 2023
1 parent 907152d commit b77e808
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 45 deletions.
6 changes: 3 additions & 3 deletions internal/services/containers/kubernetes_cluster_data_source.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -827,7 +827,7 @@ func dataSourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{}
}

if adminCredentialModel := adminCredentials.Model; adminCredentialModel != nil {
adminKubeConfigRaw, adminKubeConfig := flattenKubernetesClusterDataSourceCredentials(*adminCredentialModel, "clusterAdmin")
adminKubeConfigRaw, adminKubeConfig := flattenKubernetesClusterCredentials(*adminCredentialModel, "clusterAdmin")
d.Set("kube_admin_config_raw", adminKubeConfigRaw)
if err := d.Set("kube_admin_config", adminKubeConfig); err != nil {
return fmt.Errorf("setting `kube_admin_config`: %+v", err)
Expand All @@ -848,7 +848,7 @@ func dataSourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{}
return fmt.Errorf("setting `identity`: %+v", err)
}

kubeConfigRaw, kubeConfig := flattenKubernetesClusterDataSourceCredentials(*credentialsModel, "clusterUser")
kubeConfigRaw, kubeConfig := flattenKubernetesClusterCredentials(*credentialsModel, "clusterUser")
d.Set("kube_config_raw", kubeConfigRaw)
if err := d.Set("kube_config", kubeConfig); err != nil {
return fmt.Errorf("setting `kube_config`: %+v", err)
Expand Down Expand Up @@ -924,7 +924,7 @@ func flattenKubernetesClusterDataSourceStorageProfile(input *managedclusters.Man
return storageProfile
}

func flattenKubernetesClusterDataSourceCredentials(model managedclusters.CredentialResults, configName string) (*string, []interface{}) {
func flattenKubernetesClusterCredentials(model managedclusters.CredentialResults, configName string) (*string, []interface{}) {
if model.Kubeconfigs == nil || len(*model.Kubeconfigs) < 1 {
return nil, []interface{}{}
}
Expand Down
53 changes: 11 additions & 42 deletions internal/services/containers/kubernetes_cluster_resource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2145,10 +2145,12 @@ func resourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{})
return fmt.Errorf("retrieving %s: no payload delivered", *id)
}

accessProfileId := managedclusters.NewAccessProfileID(id.SubscriptionId, id.ResourceGroupName, id.ManagedClusterName, "clusterUser")
profile, err := client.GetAccessProfile(ctx, accessProfileId)
credentials, err := client.ListClusterUserCredentials(ctx, *id, managedclusters.ListClusterUserCredentialsOperationOptions{})
if err != nil {
return fmt.Errorf("retrieving Access Profile for %s: %+v", *id, err)
return fmt.Errorf("retrieving User Credentials for %s: %+v", id, err)
}
if credentials.Model == nil {
return fmt.Errorf("retrieving User Credentials for %s: payload is empty", id)
}

d.Set("name", id.ManagedClusterName)
Expand Down Expand Up @@ -2365,16 +2367,14 @@ func resourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{})

// adminProfile is only available for RBAC enabled clusters with AAD and local account is not disabled
if props.AadProfile != nil && (props.DisableLocalAccounts == nil || !*props.DisableLocalAccounts) {
accessProfileId := managedclusters.NewAccessProfileID(id.SubscriptionId, id.ResourceGroupName, id.ManagedClusterName, "clusterAdmin")
adminProfile, err := client.GetAccessProfile(ctx, accessProfileId)
adminCredentials, err := client.ListClusterAdminCredentials(ctx, *id, managedclusters.ListClusterAdminCredentialsOperationOptions{})
if err != nil {
return fmt.Errorf("retrieving Admin Access Profile for Managed Kubernetes Cluster %q (Resource Group %q): %+v", id.ManagedClusterName, id.ResourceGroupName, err)
return fmt.Errorf("retrieving Admin Credentials for %s: %+v", id, err)
}

if adminProfile.Model == nil {
return fmt.Errorf("retrieving Admin Access Profile for Managed Kubernetes Cluster %q (Resource Group %q): no payload found", id.ManagedClusterName, id.ResourceGroupName)
if adminCredentials.Model == nil {
return fmt.Errorf("retrieving Admin Credentials for Managed Kubernetes Cluster %q (Resource Group %q): no payload found", id.ManagedClusterName, id.ResourceGroupName)
}
adminKubeConfigRaw, adminKubeConfig := flattenKubernetesClusterAccessProfile(*adminProfile.Model)
adminKubeConfigRaw, adminKubeConfig := flattenKubernetesClusterCredentials(*adminCredentials.Model, "clusterAdmin")
d.Set("kube_admin_config_raw", adminKubeConfigRaw)
if err := d.Set("kube_admin_config", adminKubeConfig); err != nil {
return fmt.Errorf("setting `kube_admin_config`: %+v", err)
Expand All @@ -2394,7 +2394,7 @@ func resourceKubernetesClusterRead(d *pluginsdk.ResourceData, meta interface{})
return fmt.Errorf("setting `identity`: %+v", err)
}

kubeConfigRaw, kubeConfig := flattenKubernetesClusterAccessProfile(*profile.Model)
kubeConfigRaw, kubeConfig := flattenKubernetesClusterCredentials(*credentials.Model, "clusterUser")
d.Set("kube_config_raw", kubeConfigRaw)
if err := d.Set("kube_config", kubeConfig); err != nil {
return fmt.Errorf("setting `kube_config`: %+v", err)
Expand Down Expand Up @@ -2443,37 +2443,6 @@ func resourceKubernetesClusterDelete(d *pluginsdk.ResourceData, meta interface{}
return nil
}

func flattenKubernetesClusterAccessProfile(profile managedclusters.ManagedClusterAccessProfile) (*string, []interface{}) {
if accessProfile := profile.Properties; accessProfile != nil {
if kubeConfigRaw := accessProfile.KubeConfig; kubeConfigRaw != nil {
rawConfig := *kubeConfigRaw
if base64IsEncoded(*kubeConfigRaw) {
rawConfig = base64Decode(*kubeConfigRaw)
}
var flattenedKubeConfig []interface{}

if strings.Contains(rawConfig, "apiserver-id:") || strings.Contains(rawConfig, "exec") {
kubeConfigAAD, err := kubernetes.ParseKubeConfigAAD(rawConfig)
if err != nil {
return utils.String(rawConfig), []interface{}{}
}

flattenedKubeConfig = flattenKubernetesClusterKubeConfigAAD(*kubeConfigAAD)
} else {
kubeConfig, err := kubernetes.ParseKubeConfig(rawConfig)
if err != nil {
return utils.String(rawConfig), []interface{}{}
}

flattenedKubeConfig = flattenKubernetesClusterKubeConfig(*kubeConfig)
}

return utils.String(rawConfig), flattenedKubeConfig
}
}
return nil, []interface{}{}
}

func expandKubernetesClusterLinuxProfile(input []interface{}) *managedclusters.ContainerServiceLinuxProfile {
if len(input) == 0 {
return nil
Expand Down

0 comments on commit b77e808

Please sign in to comment.