mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-13 16:39:29 -05:00
terraform-provider: fix parsing api_server_cert_sans
(#2758)
* tf: don't double quote cert sans * tf: improve provider examples
This commit is contained in:
parent
2ce73c19dc
commit
2f10223682
@ -53,7 +53,7 @@ module "aws_infrastructure" {
|
|||||||
instance_type = "m6a.xlarge"
|
instance_type = "m6a.xlarge"
|
||||||
disk_size = 30
|
disk_size = 30
|
||||||
disk_type = "gp3"
|
disk_type = "gp3"
|
||||||
initial_count = 2
|
initial_count = 3
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
},
|
},
|
||||||
worker_default = {
|
worker_default = {
|
||||||
@ -70,6 +70,7 @@ module "aws_infrastructure" {
|
|||||||
image_id = data.constellation_image.bar.image.reference
|
image_id = data.constellation_image.bar.image.reference
|
||||||
region = local.region
|
region = local.region
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
|
internal_load_balancer = false
|
||||||
debug = false
|
debug = false
|
||||||
enable_snp = true
|
enable_snp = true
|
||||||
custom_endpoint = ""
|
custom_endpoint = ""
|
||||||
@ -100,6 +101,7 @@ resource "constellation_cluster" "aws_example" {
|
|||||||
measurement_salt = local.measurement_salt
|
measurement_salt = local.measurement_salt
|
||||||
out_of_cluster_endpoint = module.aws_infrastructure.out_of_cluster_endpoint
|
out_of_cluster_endpoint = module.aws_infrastructure.out_of_cluster_endpoint
|
||||||
in_cluster_endpoint = module.aws_infrastructure.in_cluster_endpoint
|
in_cluster_endpoint = module.aws_infrastructure.in_cluster_endpoint
|
||||||
|
api_server_cert_sans = module.aws_infrastructure.api_server_cert_sans
|
||||||
network_config = {
|
network_config = {
|
||||||
ip_cidr_node = module.aws_infrastructure.ip_cidr_node
|
ip_cidr_node = module.aws_infrastructure.ip_cidr_node
|
||||||
ip_cidr_service = "10.96.0.0/12"
|
ip_cidr_service = "10.96.0.0/12"
|
||||||
|
@ -64,10 +64,11 @@ module "azure_infrastructure" {
|
|||||||
initial_count = 2
|
initial_count = 2
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
location = local.location
|
location = local.location
|
||||||
image_id = data.constellation_image.bar.image.reference
|
image_id = data.constellation_image.bar.image.reference
|
||||||
resource_group = module.azure_iam.base_resource_group
|
resource_group = module.azure_iam.base_resource_group
|
||||||
create_maa = true
|
internal_load_balancer = false
|
||||||
|
create_maa = true
|
||||||
}
|
}
|
||||||
|
|
||||||
data "constellation_attestation" "foo" {
|
data "constellation_attestation" "foo" {
|
||||||
@ -95,6 +96,7 @@ resource "constellation_cluster" "azure_example" {
|
|||||||
measurement_salt = local.measurement_salt
|
measurement_salt = local.measurement_salt
|
||||||
out_of_cluster_endpoint = module.azure_infrastructure.out_of_cluster_endpoint
|
out_of_cluster_endpoint = module.azure_infrastructure.out_of_cluster_endpoint
|
||||||
in_cluster_endpoint = module.azure_infrastructure.in_cluster_endpoint
|
in_cluster_endpoint = module.azure_infrastructure.in_cluster_endpoint
|
||||||
|
api_server_cert_sans = module.azure_infrastructure.api_server_cert_sans
|
||||||
azure = {
|
azure = {
|
||||||
tenant_id = module.azure_iam.tenant_id
|
tenant_id = module.azure_iam.tenant_id
|
||||||
subscription_id = module.azure_iam.subscription_id
|
subscription_id = module.azure_iam.subscription_id
|
||||||
|
@ -56,7 +56,7 @@ module "gcp_infrastructure" {
|
|||||||
instance_type = "n2d-standard-4"
|
instance_type = "n2d-standard-4"
|
||||||
disk_size = 30
|
disk_size = 30
|
||||||
disk_type = "pd-ssd"
|
disk_type = "pd-ssd"
|
||||||
initial_count = 2
|
initial_count = 3
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
},
|
},
|
||||||
worker_default = {
|
worker_default = {
|
||||||
@ -68,11 +68,12 @@ module "gcp_infrastructure" {
|
|||||||
zone = local.zone
|
zone = local.zone
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
image_id = data.constellation_image.bar.image.reference
|
image_id = data.constellation_image.bar.image.reference
|
||||||
debug = false
|
debug = false
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
region = local.region
|
region = local.region
|
||||||
project = local.project_id
|
project = local.project_id
|
||||||
|
internal_load_balancer = false
|
||||||
}
|
}
|
||||||
|
|
||||||
data "constellation_attestation" "foo" {
|
data "constellation_attestation" "foo" {
|
||||||
@ -99,6 +100,7 @@ resource "constellation_cluster" "gcp_example" {
|
|||||||
measurement_salt = local.measurement_salt
|
measurement_salt = local.measurement_salt
|
||||||
out_of_cluster_endpoint = module.gcp_infrastructure.out_of_cluster_endpoint
|
out_of_cluster_endpoint = module.gcp_infrastructure.out_of_cluster_endpoint
|
||||||
in_cluster_endpoint = module.gcp_infrastructure.in_cluster_endpoint
|
in_cluster_endpoint = module.gcp_infrastructure.in_cluster_endpoint
|
||||||
|
api_server_cert_sans = module.gcp_infrastructure.api_server_cert_sans
|
||||||
gcp = {
|
gcp = {
|
||||||
project_id = module.gcp_infrastructure.project
|
project_id = module.gcp_infrastructure.project
|
||||||
service_account_key = module.gcp_iam.service_account_key
|
service_account_key = module.gcp_iam.service_account_key
|
||||||
|
@ -685,9 +685,10 @@ func (r *ClusterResource) apply(ctx context.Context, data *ClusterResourceModel,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// parse API server certificate SANs
|
// parse API server certificate SANs
|
||||||
apiServerCertSANs := make([]string, 0, len(data.APIServerCertSANs.Elements()))
|
apiServerCertSANs, convertDiags := r.getAPIServerCertSANs(ctx, data)
|
||||||
for _, san := range data.APIServerCertSANs.Elements() {
|
diags.Append(convertDiags...)
|
||||||
apiServerCertSANs = append(apiServerCertSANs, san.String())
|
if diags.HasError() {
|
||||||
|
return diags
|
||||||
}
|
}
|
||||||
|
|
||||||
// parse network config
|
// parse network config
|
||||||
@ -1210,6 +1211,15 @@ func (r *ClusterResource) getNetworkConfig(ctx context.Context, data *ClusterRes
|
|||||||
return networkCfg, diags
|
return networkCfg, diags
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (r *ClusterResource) getAPIServerCertSANs(ctx context.Context, data *ClusterResourceModel) ([]string, diag.Diagnostics) {
|
||||||
|
if data.APIServerCertSANs.IsNull() {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
apiServerCertSANs := make([]string, 0, len(data.APIServerCertSANs.Elements()))
|
||||||
|
diags := data.APIServerCertSANs.ElementsAs(ctx, &apiServerCertSANs, false)
|
||||||
|
return apiServerCertSANs, diags
|
||||||
|
}
|
||||||
|
|
||||||
// tfContextLogger is a logging adapter between the tflog package and
|
// tfContextLogger is a logging adapter between the tflog package and
|
||||||
// Constellation's logger.
|
// Constellation's logger.
|
||||||
type tfContextLogger struct {
|
type tfContextLogger struct {
|
||||||
|
Loading…
Reference in New Issue
Block a user