Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add optional EnablePrivateLinkFastPath to Virtual Network Gateway Connection resource #25650

Merged
merged 9 commits into from Apr 18, 2024
Merged

Add optional EnablePrivateLinkFastPath to Virtual Network Gateway Connection resource #25650

merged 9 commits into from Apr 18, 2024

Conversation

fjaeckel
Copy link
Contributor

@fjaeckel fjaeckel commented Apr 17, 2024
edited

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave "+1" or "me too" comments, they generate extra noise for PR followers and do not help prioritize for review

Description

In line with #25596, this PR adds support for EnablePrivateLinkFastPath on Virtual Network Gateway Connections.

The prior implementation was just for Express Route Circuit Connections, but this one specifically is needed as well.

I've also added tests for expressroute scenarios and another one with FastPath enabled.

This feature is optional, but ExpressRouteGatewayBypass is required to be enabled and the VirtualNetworkGateway type must be a ExpressRoute gateway.

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Changes to existing Resource / Data Source

  • I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
  • I have written new tests for my resource or datasource changes & updated any relevent documentation.
  • I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
  • (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

  • My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Relates to #25596
cc/ @stephybun

@fjaeckel
Add EnablePrivateLinkFastPath as private_link_fast_path_enabled` to…
ad7774e 
… Virtual Network Gateway Connection

In relation to hashicorp#25596 this
is needed also on the Virtual Network Gateway Connection, for users who
connect their Express Routes via VNGs.

This option is only available, when the
`VirtualNetworkGatewayConnectionType` is `ExpressRoute` and when
`expressRouteGatewayBypass` is set, thus guarding for that.
@fjaeckel
Add documentation
9616714
@fjaeckel
Add tests for expressroute with auth_key
2914001
@fjaeckel
Add Expressroute VNG connection with FastPath enabled
253654a
@fjaeckel
All hail the linter
176e0de 
ran terrafmt
stephybun
stephybun requested changes Apr 18, 2024
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have some test failures

------- Stdout: -------
=== RUN   TestAccVirtualNetworkGatewayConnection_expressroute
=== PAUSE TestAccVirtualNetworkGatewayConnection_expressroute
=== CONT  TestAccVirtualNetworkGatewayConnection_expressroute
    testcase.go:113: Step 1/2 error: Error running apply: exit status 1
        Error: Creating/Updating Virtual Network Gateway: (Name "acctest-240417152850514852" / Resource Group "acctestRG-240417152850514852"): network.VirtualNetworkGatewaysClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="PublicIpWithBasicSkuNotAllowedOnExpressRouteGateways" Message="Basic IP configuration for ExpressRoute Virtual Network Gateways is not supported. Please create and associate a Standard IP. /subscriptions/*******/resourceGroups/acctestRG-240417152850514852/providers/Microsoft.Network/virtualNetworkGateways/acctest-240417152850514852" Details=[]
          with azurerm_virtual_network_gateway.test,
          on terraform_plugin_test.tf line 81, in resource "azurerm_virtual_network_gateway" "test":
          81: resource "azurerm_virtual_network_gateway" "test" {
--- FAIL: TestAccVirtualNetworkGatewayConnection_expressroute (410.10s)
FAIL

@fjaeckel
Use Standard SKU public IP address
c63066b 
Verified with our internal configuration, that is indeed correct.
@fjaeckel
Copy link
Contributor Author

@stephybun good catch, updated to use Standard SKU.

stephybun
stephybun reviewed Apr 18, 2024
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we have a different test failure now:

------- Stdout: -------
=== RUN   TestAccVirtualNetworkGatewayConnection_expressroute
=== PAUSE TestAccVirtualNetworkGatewayConnection_expressroute
=== CONT  TestAccVirtualNetworkGatewayConnection_expressroute
    testcase.go:113: Step 1/2 error: Error running apply: exit status 1
        Error: Static IP allocation must be used when creating Standard SKU public IP addresses.
          with azurerm_public_ip.test,
          on terraform_plugin_test.tf line 74, in resource "azurerm_public_ip" "test":
          74: resource "azurerm_public_ip" "test" {
--- FAIL: TestAccVirtualNetworkGatewayConnection_expressroute (512.97s)
FAIL

@fjaeckel
Copy link
Contributor Author

@stephybun apologies, I'm really just winging it. :) That error should be fixed now.

stephybun
stephybun reviewed Apr 18, 2024
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All good, I was hoping I'd be able to say third time's a charm and approve then merge this but now we have another new failure, looks like the property name for express_route_gateway_bypass_enabled is different in this resource?

------- Stdout: -------
=== RUN   TestAccVirtualNetworkGatewayConnection_expressrouteWithFastPath
=== PAUSE TestAccVirtualNetworkGatewayConnection_expressrouteWithFastPath
=== CONT  TestAccVirtualNetworkGatewayConnection_expressrouteWithFastPath
------- Stderr: -------
panic: interface conversion: interface {} is nil, not bool
goroutine 867 [running]:
github.com/hashicorp/terraform-provider-azurerm/internal/services/network.getVirtualNetworkGatewayConnectionProperties(0x6fc23ac00?, {{0xc00088f9e0}, 0xc0025a0460, 0x0, 0xc001b689b0, 0xc001b689a0, 0xc001b68ab0, 0xc001b689c0, 0xc001b689d0, 0xc00557b830})
  /opt/teamcity-agent/work/3337027aeff310bf/internal/services/network/virtual_network_gateway_connection_resource.go:713 +0x122d
github.com/hashicorp/terraform-provider-azurerm/internal/services/network.resourceVirtualNetworkGatewayConnectionCreateUpdate(0xc0053d8c80, {0x7ac8e60?, 0xc003725200})
  /opt/teamcity-agent/work/3337027aeff310bf/internal/services/network/virtual_network_gateway_connection_resource.go:393 +0x80c
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0x94a2cb8?, {0x94a2cb8?, 0xc0057a70b0?}, 0xd?, {0x7ac8e60?, 0xc003725200?})
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema/resource.go:766 +0x163
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc001248540, {0x94a2cb8, 0xc0057a70b0}, 0xc002b06000, 0xc0053d8b00, {0x7ac8e60, 0xc003725200})
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema/resource.go:909 +0xa89
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc004219f50, {0x94a2cb8?, 0xc0057a7020?}, 0xc005631c70)
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema/grpc_provider.go:1060 +0xdbc
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0xc0042237c0, {0x94a2cb8?, 0xc0057a6810?}, 0xc005324460)
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server/server.go:859 +0x56b
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x874a9a0?, 0xc0042237c0}, {0x94a2cb8, 0xc0057a6810}, 0xc0053243f0, 0x0)
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:467 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0050565a0, {0x94cbd40, 0xc001b56b60}, 0xc005328000, 0xc0012bf320, 0xf0a9ab8, 0x0)
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/google.golang.org/grpc/server.go:1374 +0xde7
google.golang.org/grpc.(*Server).handleStream(0xc0050565a0, {0x94cbd40, 0xc001b56b60}, 0xc005328000, 0x0)
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/google.golang.org/grpc/server.go:1751 +0x9e7
google.golang.org/grpc.(*Server).serveStreams.func1.1()
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/google.golang.org/grpc/server.go:986 +0xbb
created by google.golang.org/grpc.(*Server).serveStreams.func1 in goroutine 410
  /opt/teamcity-agent/work/3337027aeff310bf/vendor/google.golang.org/grpc/server.go:997 +0x145

@fjaeckel
Fix incorrect use of express_route_gateway_bypass_enabled
1ca49c4 
In this resource its called `express_route_gateway_bypass`, without the
`_enabled`, documentation is already correct.

This was a copy&paste error from: hashicorp#25596
@fjaeckel
Copy link
Contributor Author

fjaeckel commented Apr 18, 2024
edited

@stephybun indeed, this resource uses express_route_gateway_bypass without _enabled, I fixed the copy&paste mistake, should do the right things now. 🤞

At least the expressroute test is passing. 😄

stephybun
stephybun requested changes Apr 18, 2024
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We got there in the end.. nearly. Just the data source docs need updating then this is good to go!

internal/services/network/virtual_network_gateway_connection_data_source.go Show resolved Hide resolved
stephybun
stephybun approved these changes Apr 18, 2024
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @fjaeckel LGTM 🌸

@stephybun stephybun merged commit 53f68f1 into hashicorp:main Apr 18, 2024
34 checks passed
@github-actions github-actions bot added this to the v3.100.0 milestone Apr 18, 2024
stephybun added a commit that referenced this pull request Apr 18, 2024
@stephybun
Update for #25664 #25631 #25650
4ada1a4
dduportal pushed a commit to jenkins-infra/azure that referenced this pull request Apr 19, 2024
@jenkins-infra-updatecli @jenkins-infra-bot
Bump Terraform azurerm provider version to 3.100.0 (#671)
09a991d 
<Actions>
<action
id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8">
        <h3>Bump Terraform `azurerm` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
            <summary>Update Terraform lock file</summary>
<p>changes detected:&#xA;&#x9;&#34;hashicorp/azurerm&#34; updated from
&#34;3.99.0&#34; to &#34;3.100.0&#34; in file
&#34;.terraform.lock.hcl&#34;</p>
            <details>
                <summary>3.100.0</summary>
<pre>Changelog retrieved
from:&#xA;&#x9;https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.100.0&#xA;ENHANCEMENTS:&#xA;&#xA;*
dependencies: updating `hashicorp/go-azure-sdk` to `v0.20240417.1084633`
([#25659](https://github.com/hashicorp/terraform-provider-azurerm/issues/25659))&#xA;*
`compute` - update Virtual Machine and Virtual Machine Scale Set
resources and data sources to use `hashicorp/go-azure-sdk`
([#25533](https://github.com/hashicorp/terraform-provider-azurerm/issues/25533))&#xA;*
`machine_learning` - Add new `machine_learning` block that supports
`purge_soft_deleted_workspace_on_destroy`
([#25624](https://github.com/hashicorp/terraform-provider-azurerm/issues/25624))&#xA;*
`loganalytics` - update cluster resource to use `hashicorp/go-azure-sdk`
([#23373](https://github.com/hashicorp/terraform-provider-azurerm/issues/23373))&#xA;*
Data Source: `azurerm_management_group` - now exports the
`tenant_scoped_id` attribute
([#25555](https://github.com/hashicorp/terraform-provider-azurerm/issues/25555))&#xA;*
`azurerm_container_app` - the
`ingress.ip_security_restriction.ip_address_range` property will now
accept an IP address as valid input
([#25609](https://github.com/hashicorp/terraform-provider-azurerm/issues/25609))&#xA;*
`azurerm_container_group` - the `identity` block can now be updated
([#25543](https://github.com/hashicorp/terraform-provider-azurerm/issues/25543))&#xA;*
`azurerm_express_route_connection` - support for the
`private_link_fast_path_enabled` property
([#25596](https://github.com/hashicorp/terraform-provider-azurerm/issues/25596))&#xA;*
`azurerm_hdinsight_hadoop_cluster` - support for the
`private_link_configuration` block
([#25629](https://github.com/hashicorp/terraform-provider-azurerm/issues/25629))&#xA;*
`azurerm_hdinsight_hbase_cluster` - support for the
`private_link_configuration` block
([#25629](https://github.com/hashicorp/terraform-provider-azurerm/issues/25629))&#xA;*
`azurerm_hdinsight_interactive_query_cluster` - support for the
`private_link_configuration` block
([#25629](https://github.com/hashicorp/terraform-provider-azurerm/issues/25629))&#xA;*
`azurerm_hdinsight_kafka_cluster` - support for the
`private_link_configuration` block
([#25629](https://github.com/hashicorp/terraform-provider-azurerm/issues/25629))&#xA;*
`azurerm_hdinsight_spark_cluster` - support for the
`private_link_configuration` block
([#25629](https://github.com/hashicorp/terraform-provider-azurerm/issues/25629))&#xA;*
`azurerm_management_group` - now exports the `tenant_scoped_id`
attribute
([#25555](https://github.com/hashicorp/terraform-provider-azurerm/issues/25555))&#xA;*
`azurerm_monitor_activity_log_alert` - support for the `location`
property
([#25389](https://github.com/hashicorp/terraform-provider-azurerm/issues/25389))&#xA;*
`azurerm_mysql_flexible_server` - update validating regex for `sku_name`
([#25642](https://github.com/hashicorp/terraform-provider-azurerm/issues/25642))&#xA;*
`azurerm_postgresql_flexible_server` - support for the `GeoRestore`
`create_mode`
([#25664](https://github.com/hashicorp/terraform-provider-azurerm/issues/25664))&#xA;*
`azurerm_virtual_network_gateway_connection` - support for the
`private_link_fast_path_enabled` property
([#25650](https://github.com/hashicorp/terraform-provider-azurerm/issues/25650))&#xA;*
`azurerm_windows_web_app` - support for the `handler_mapping` block
([#25631](https://github.com/hashicorp/terraform-provider-azurerm/issues/25631))&#xA;*
`azurerm_windows_web_app_slot` - support for the `handler_mapping` block
([#25631](https://github.com/hashicorp/terraform-provider-azurerm/issues/25631))&#xA;&#xA;BUG
FIXES:&#xA;&#xA;* storage: prevent a bug causing the second storage
account key to be used for authentication instead of the first
([#25652](https://github.com/hashicorp/terraform-provider-azurerm/issues/25652))&#xA;*
`azurerm_active_directory_domain_service` - prevent an issue where
`filtered_sync_enabled` was not being updated
([#25594](https://github.com/hashicorp/terraform-provider-azurerm/issues/25594))&#xA;*
`azurerm_application_insights` - add a state migration to fix the
resource ID casing of Application Insights resources
([#25628](https://github.com/hashicorp/terraform-provider-azurerm/issues/25628))&#xA;*
`azurerm_function_app_hybrid_connection` - can now use relay resources
created in a different resource group
([#25541](https://github.com/hashicorp/terraform-provider-azurerm/issues/25541))&#xA;*
`azurerm_kubernetes_cluster_node_pool` - prevent plan diff when the
`windows_profile.outbound_nat_enabled` property is unset
([#25644](https://github.com/hashicorp/terraform-provider-azurerm/issues/25644))&#xA;*
`azurerm_machine_learning_compute_cluster` - fix location to point to
parent resource for computes
([#25643](https://github.com/hashicorp/terraform-provider-azurerm/issues/25643))&#xA;*
`azurerm_machine_learning_compute_instance` - fix location to point to
parent resource for computes
([#25643](https://github.com/hashicorp/terraform-provider-azurerm/issues/25643))&#xA;*
`azurerm_storage_account` - check replication type when evaluating
support level for shares and queues for V1 storage accounts
([#25581](https://github.com/hashicorp/terraform-provider-azurerm/issues/25581))&#xA;*
`azurerm_storage_account` - added a sanity check for `dns_endpoint_type`
and `blob_properties.restore_policy`
([#25450](https://github.com/hashicorp/terraform-provider-azurerm/issues/25450))&#xA;*
`azurerm_web_app_hybrid_connection` - can now use relay resources
created in a different resource group
([#25541](https://github.com/hashicorp/terraform-provider-azurerm/issues/25541))&#xA;*
`azurerm_windows_web_app` - prevent removal of
`site_config.application_stack.node_version` when `app_settings` are
updated
([#25488](https://github.com/hashicorp/terraform-provider-azurerm/issues/25488))&#xA;*
`azurerm_windows_web_app_slot` - prevent removal of
`site_config.application_stack.node_version` when `app_settings` are
updated
([#25489](https://github.com/hashicorp/terraform-provider-azurerm/issues/25489))&#xA;&#xA;DEPRECATIONS:&#xA;&#xA;*
`logz` - the Logz resources are deprecated and will be removed in v4.0
of the AzureRM Provider since the API no longer allows new instances to
be created
([#25405](https://github.com/hashicorp/terraform-provider-azurerm/issues/25405))&#xA;*
`azurerm_machine_learning_compute_instance` - marked the `location`
field as deprecated in v4.0 of the provider
([#25643](https://github.com/hashicorp/terraform-provider-azurerm/issues/25643))&#xA;*
`azurerm_kubernetes_cluster` - the following properties have been
deprecated since the API no longer supports cluster creation with legacy
Azure Entra integration: `client_app_id`, `server_app_id`,
`server_app_secret` and `managed`
([#25200](https://github.com/hashicorp/terraform-provider-azurerm/issues/25200))&#xA;&#xA;&#xA;</pre>
            </details>
        </details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/117/">Jenkins
pipeline link</a>
    </action>
</Actions>

---

<table>
  <tr>
    <td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
    </td>
    <td>
      <p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
      </p>
      <details><summary>Options:</summary>
        <br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
        <ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
        </ul>
        <p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
        </p>
      </details>
    </td>
  </tr>
</table>

Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stephybun stephybun stephybun approved these changes

Assignees
No one assigned
Labels
documentation enhancement service/network size/L
Projects
None yet
Milestone
v3.100.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@fjaeckel @stephybun