Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for ASM revisions in azurerm_kubernetes_cluster #25724

Open
1 task done
jeffhuenemann opened this issue Apr 23, 2024 · 1 comment 路 May be fixed by #26546
Open
1 task done

Support for ASM revisions in azurerm_kubernetes_cluster #25724

jeffhuenemann opened this issue Apr 23, 2024 · 1 comment 路 May be fixed by #26546
Labels
enhancement service/kubernetes-cluster

Comments

@jeffhuenemann
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

I have a use case where I need to retrieve the currently-installed versions of the AKS-managed Istio service mesh.

The data is present in the API (version 2023-10-01):

{
    // <snip>
    "type": "Microsoft.ContainerService/ManagedClusters",
    "properties": {
        // <snip>
        "serviceMeshProfile": {
            "mode": "Istio",
            "istio": {
                "components": {
                    "ingressGateways": [
                        {
                            "mode": "Internal",
                            "enabled": true
                        }
                    ]
                },
                "revisions": [  // ######## this is what I need
                    "asm-1-19"
                ]
            }
        }
    },
}

However, that data does not appear in the data source for azurerm_kubernetes_cluster in state file:

  "resources": [
    {
      "mode": "data",
      "type": "azurerm_kubernetes_cluster",
      "name": "aks",
      "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]",
      "instances": [
        {
            # <snip>
            "service_mesh_profile": [
              {
                "external_ingress_gateway_enabled": false,
                "internal_ingress_gateway_enabled": true,
                "mode": "Istio"
                # This is where I wish the "revisions" block was present
              }
            ],
            # <snip>
          },
          "sensitive_attributes": []
        }
      ]
    }
  ],

In goal state, I'd like to be able to calculate the newest revision installed (might need to be its own property, unless anyone knows the way to get the max() function to accept strings), so I can use that to label kubernetes_namespace_v1 objects based on the latest revision.

New or Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Potential Terraform Configuration

data "azurerm_kubernetes_cluster" "aks" {
  resource_group_name = var.kubernetes_cluster_resource_group_name
  name                = var.kubernetes_cluster_name
}

resource "kubernetes_namespace_v1" "ns" {
  metadata {
    name = local.kubernetes_namespace_name
    labels = {
      "istio.io.rev" = data.azurerm_kubernetes_cluster.aks.service_mesh_profile.istio.latest_revision # "asm-1-19"
    }
  }
}

References

relates to #24386?
@jonas-budde
Copy link
Contributor

jonas-budde commented Apr 30, 2024
edited
Loading

You could use this as a workaround to get the revision:

In your AKS module directory

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
  }
}

provider "azapi" {
  enable_hcl_output_for_data_source = true
}

data "azapi_resource" "aks" {
  resource_id = module.aks.id
  type = "Microsoft.ContainerService/managedClusters@2024-02-01"
  depends_on = [
    module.aks
  ]
  response_export_values = ["properties.serviceMeshProfile.istio.revisions"]
}

output "istio_revision" {
  value = (data.azapi_resource.aks.output).properties.serviceMeshProfile.istio.revisions
}

In your root directory

resource "kubernetes_namespace_v1" "ns" {
  metadata {
    name = local.kubernetes_namespace_name
    labels = {
      "istio.io/rev" = module.aks.istio_revision[0]
    }
  }
}

@stephybun stephybun linked a pull request Jul 5, 2024 that will close this issue
Open
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/kubernetes-cluster
Projects
None yet
Milestone
No milestone
3 participants
@jonas-budde @jeffhuenemann @rcskosir