mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-25 07:29:38 -05:00
terraform-provider: fix parsing api_server_cert_sans
(#2758)
* tf: don't double quote cert sans * tf: improve provider examples
This commit is contained in:
parent
2ce73c19dc
commit
2f10223682
@ -53,7 +53,7 @@ module "aws_infrastructure" {
|
||||
instance_type = "m6a.xlarge"
|
||||
disk_size = 30
|
||||
disk_type = "gp3"
|
||||
initial_count = 2
|
||||
initial_count = 3
|
||||
zone = local.zone
|
||||
},
|
||||
worker_default = {
|
||||
@ -70,6 +70,7 @@ module "aws_infrastructure" {
|
||||
image_id = data.constellation_image.bar.image.reference
|
||||
region = local.region
|
||||
zone = local.zone
|
||||
internal_load_balancer = false
|
||||
debug = false
|
||||
enable_snp = true
|
||||
custom_endpoint = ""
|
||||
@ -100,6 +101,7 @@ resource "constellation_cluster" "aws_example" {
|
||||
measurement_salt = local.measurement_salt
|
||||
out_of_cluster_endpoint = module.aws_infrastructure.out_of_cluster_endpoint
|
||||
in_cluster_endpoint = module.aws_infrastructure.in_cluster_endpoint
|
||||
api_server_cert_sans = module.aws_infrastructure.api_server_cert_sans
|
||||
network_config = {
|
||||
ip_cidr_node = module.aws_infrastructure.ip_cidr_node
|
||||
ip_cidr_service = "10.96.0.0/12"
|
||||
|
@ -64,10 +64,11 @@ module "azure_infrastructure" {
|
||||
initial_count = 2
|
||||
}
|
||||
}
|
||||
location = local.location
|
||||
image_id = data.constellation_image.bar.image.reference
|
||||
resource_group = module.azure_iam.base_resource_group
|
||||
create_maa = true
|
||||
location = local.location
|
||||
image_id = data.constellation_image.bar.image.reference
|
||||
resource_group = module.azure_iam.base_resource_group
|
||||
internal_load_balancer = false
|
||||
create_maa = true
|
||||
}
|
||||
|
||||
data "constellation_attestation" "foo" {
|
||||
@ -95,6 +96,7 @@ resource "constellation_cluster" "azure_example" {
|
||||
measurement_salt = local.measurement_salt
|
||||
out_of_cluster_endpoint = module.azure_infrastructure.out_of_cluster_endpoint
|
||||
in_cluster_endpoint = module.azure_infrastructure.in_cluster_endpoint
|
||||
api_server_cert_sans = module.azure_infrastructure.api_server_cert_sans
|
||||
azure = {
|
||||
tenant_id = module.azure_iam.tenant_id
|
||||
subscription_id = module.azure_iam.subscription_id
|
||||
|
@ -56,7 +56,7 @@ module "gcp_infrastructure" {
|
||||
instance_type = "n2d-standard-4"
|
||||
disk_size = 30
|
||||
disk_type = "pd-ssd"
|
||||
initial_count = 2
|
||||
initial_count = 3
|
||||
zone = local.zone
|
||||
},
|
||||
worker_default = {
|
||||
@ -68,11 +68,12 @@ module "gcp_infrastructure" {
|
||||
zone = local.zone
|
||||
}
|
||||
}
|
||||
image_id = data.constellation_image.bar.image.reference
|
||||
debug = false
|
||||
zone = local.zone
|
||||
region = local.region
|
||||
project = local.project_id
|
||||
image_id = data.constellation_image.bar.image.reference
|
||||
debug = false
|
||||
zone = local.zone
|
||||
region = local.region
|
||||
project = local.project_id
|
||||
internal_load_balancer = false
|
||||
}
|
||||
|
||||
data "constellation_attestation" "foo" {
|
||||
@ -99,6 +100,7 @@ resource "constellation_cluster" "gcp_example" {
|
||||
measurement_salt = local.measurement_salt
|
||||
out_of_cluster_endpoint = module.gcp_infrastructure.out_of_cluster_endpoint
|
||||
in_cluster_endpoint = module.gcp_infrastructure.in_cluster_endpoint
|
||||
api_server_cert_sans = module.gcp_infrastructure.api_server_cert_sans
|
||||
gcp = {
|
||||
project_id = module.gcp_infrastructure.project
|
||||
service_account_key = module.gcp_iam.service_account_key
|
||||
|
@ -685,9 +685,10 @@ func (r *ClusterResource) apply(ctx context.Context, data *ClusterResourceModel,
|
||||
}
|
||||
|
||||
// parse API server certificate SANs
|
||||
apiServerCertSANs := make([]string, 0, len(data.APIServerCertSANs.Elements()))
|
||||
for _, san := range data.APIServerCertSANs.Elements() {
|
||||
apiServerCertSANs = append(apiServerCertSANs, san.String())
|
||||
apiServerCertSANs, convertDiags := r.getAPIServerCertSANs(ctx, data)
|
||||
diags.Append(convertDiags...)
|
||||
if diags.HasError() {
|
||||
return diags
|
||||
}
|
||||
|
||||
// parse network config
|
||||
@ -1210,6 +1211,15 @@ func (r *ClusterResource) getNetworkConfig(ctx context.Context, data *ClusterRes
|
||||
return networkCfg, diags
|
||||
}
|
||||
|
||||
func (r *ClusterResource) getAPIServerCertSANs(ctx context.Context, data *ClusterResourceModel) ([]string, diag.Diagnostics) {
|
||||
if data.APIServerCertSANs.IsNull() {
|
||||
return nil, nil
|
||||
}
|
||||
apiServerCertSANs := make([]string, 0, len(data.APIServerCertSANs.Elements()))
|
||||
diags := data.APIServerCertSANs.ElementsAs(ctx, &apiServerCertSANs, false)
|
||||
return apiServerCertSANs, diags
|
||||
}
|
||||
|
||||
// tfContextLogger is a logging adapter between the tflog package and
|
||||
// Constellation's logger.
|
||||
type tfContextLogger struct {
|
||||
|
Loading…
Reference in New Issue
Block a user