Implement polaris_aws_exocompute_cluster_attachment read operation (#196

)

docs/resources/aws_exocompute_cluster_attachment.md

@@ -33,10 +33,12 @@ resource "polaris_aws_exocompute_cluster_attachment" "attachment" {
 
 ### Optional
 
-- `token_refresh` (Number) To force a refresh of the token, part of the connection command, increase the value of this field. The token is valid for 24 hours.
+- `token_refresh` (Number) To force a refresh of the authentication token, part of the connection command and manifest, increase the value of this field. The token is valid for 24 hours.
 
 ### Read-Only
 
-- `connection_command` (String) `kubectl` command which can be executed inside the EKS cluster to create a connection between the cluster and RSC. See setup_yaml for an alternative connection method.
+- `connection_command` (String) Kubernetes `kubectl` command used to create a connection between the cluster and RSC. See `manifest` for an alternative connection method.
+- `connection_command_executed` (Boolean) Whether the connection command has been executed or the manifest has been applied.
 - `id` (String) RSC cluster ID (UUID).
-- `setup_yaml` (String) K8s spec which can be passed to `kubectl apply` inside the EKS cluster to create a connection between the cluster and RSC. See connection_command for an alternative connection method.
+- `manifest` (String) Kubernetes manifest which can be passed to `kubectl apply` to create a connection between the cluster and RSC. See `connection_command` for an alternative connection method.
+- `setup_yaml` (String, Deprecated) Kubernetes manifest which can be passed to `kubectl apply` to create a connection between the cluster and RSC. See `connection_command` for an alternative connection method. **Deprecated:** use `manifest` instead.

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/terraform-plugin-docs v0.16.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.10.0
-	github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2
+	github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.3
 )
 
 require (

go.sum

@@ -412,8 +412,8 @@ github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2 h1:JQlwbV6KsgEJ9CczJAWYvKS5cCc9ozuB0wV7lKQBrDI=
-github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
+github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.3 h1:+MG7xsQXCJOPVkhslAy2kkofkqZAqNME1r/bBaQrHbY=
+github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.3/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
 github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww=
 github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY=
 github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4=

internal/provider/names.go

@@ -20,6 +20,7 @@ const (
 	keyClusterName                                  = "cluster_name"
 	keyClusterSecurityGroupID                       = "cluster_security_group_id"
 	keyConnectionCommand                            = "connection_command"
+	keyConnectionCommandExecuted                    = "connection_command_executed"
 	keyConnectionStatus                             = "connection_status"
 	keyContainerName                                = "container_name"
 	keyCustomerManagedKey                           = "customer_managed_key"
@@ -49,6 +50,7 @@ const (
 	keyKMSMasterKey                                 = "kms_master_key"
 	keyLocationTemplate                             = "location_template"
 	keyManagedPolicies                              = "managed_policies"
+	keyManifest                                     = "manifest"
 	keyName                                         = "name"
 	keyNativeID                                     = "native_id"
 	keyNodeSecurityGroupID                          = "node_security_group_id"

internal/provider/resource_aws_exocompute_cluster_attachment.go

@@ -61,8 +61,13 @@ func resourceAwsExocomputeClusterAttachment() *schema.Resource {
 			keyConnectionCommand: {
 				Type:     schema.TypeString,
 				Computed: true,
-				Description: "`kubectl` command which can be executed inside the EKS cluster to create a connection " +
-					"between the cluster and RSC. See " + keySetupYAML + " for an alternative connection method.",
+				Description: "Kubernetes `kubectl` command used to create a connection between the cluster and RSC. " +
+					"See `" + keyManifest + "` for an alternative connection method.",
+			},
+			keyConnectionCommandExecuted: {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Whether the connection command has been executed or the manifest has been applied.",
 			},
 			keyExocomputeID: {
 				Type:     schema.TypeString,
@@ -72,18 +77,26 @@ func resourceAwsExocomputeClusterAttachment() *schema.Resource {
 					"created.",
 				ValidateFunc: validation.IsUUID,
 			},
+			keyManifest: {
+				Type:     schema.TypeString,
+				Computed: true,
+				Description: "Kubernetes manifest which can be passed to `kubectl apply` to create a connection " +
+					"between the cluster and RSC. See `" + keyConnectionCommand + "` for an alternative connection " +
+					"method.",
+			},
 			keySetupYAML: {
 				Type:     schema.TypeString,
 				Computed: true,
-				Description: "K8s spec which can be passed to `kubectl apply` inside the EKS cluster to create a " +
-					"connection between the cluster and RSC. See " + keyConnectionCommand + " for an alternative " +
-					"connection method.",
+				Description: "Kubernetes manifest which can be passed to `kubectl apply` to create a connection " +
+					"between the cluster and RSC. See `" + keyConnectionCommand + "` for an alternative connection " +
+					"method. **Deprecated:** use `manifest` instead.",
+				Deprecated: "Use `manifest` instead.",
 			},
 			keyTokenRefresh: {
 				Type:     schema.TypeInt,
 				Optional: true,
-				Description: "To force a refresh of the token, part of the connection command, increase the value " +
-					"of this field. The token is valid for 24 hours.",
+				Description: "To force a refresh of the authentication token, part of the connection command and " +
+					"manifest, increase the value of this field. The token is valid for 24 hours.",
 			},
 		},
 	}
@@ -103,13 +116,23 @@ func awsCreateAwsExocomputeClusterAttachment(ctx context.Context, d *schema.Reso
 	}
 	clusterName := d.Get(keyClusterName).(string)
 
-	clusterID, kubectlCmd, setupYAML, err := aws.Wrap(client).AddClusterToExocomputeConfig(ctx, configID, clusterName)
+	clusterID, kubectlCmd, setupYAML, err := aws.Wrap(client).AddExocomputeCluster(ctx, configID, clusterName)
 	if err != nil {
 		return diag.FromErr(err)
 	}
+
+	// We initialize the resource fields in create instead of calling read,
+	// this is because the read operation will fail until the customer runs the
+	// connection command or applies the manifest.
 	if err := d.Set(keyConnectionCommand, kubectlCmd); err != nil {
 		return diag.FromErr(err)
 	}
+	if err := d.Set(keyConnectionCommandExecuted, false); err != nil {
+		return diag.FromErr(err)
+	}
+	if err := d.Set(keyManifest, setupYAML); err != nil {
+		return diag.FromErr(err)
+	}
 	if err := d.Set(keySetupYAML, setupYAML); err != nil {
 		return diag.FromErr(err)
 	}
@@ -121,8 +144,35 @@ func awsCreateAwsExocomputeClusterAttachment(ctx context.Context, d *schema.Reso
 func awsReadAwsExocomputeClusterAttachment(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	log.Print("[TRACE] awsReadAwsExocomputeClusterAttachment")
 
-	// There is no way to read the state of the cluster attachment without
-	// updating the token.
+	client, err := m.(*client).polaris()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	configID, err := uuid.Parse(d.Get(keyExocomputeID).(string))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	clusterName := d.Get(keyClusterName).(string)
+
+	kubectlCmd, setupYAML, err := aws.Wrap(client).ExocomputeCluster(ctx, configID, clusterName)
+	if err != nil {
+		log.Printf("[INFO] failed to read cluster attachment: %s", err)
+		return nil
+	}
+	if err := d.Set(keyConnectionCommand, kubectlCmd); err != nil {
+		return diag.FromErr(err)
+	}
+	if err := d.Set(keyConnectionCommandExecuted, true); err != nil {
+		return diag.FromErr(err)
+	}
+	if err := d.Set(keyManifest, setupYAML); err != nil {
+		return diag.FromErr(err)
+	}
+	if err := d.Set(keySetupYAML, setupYAML); err != nil {
+		return diag.FromErr(err)
+	}
+
 	return nil
 }
 

internal/provider/resource_aws_exocompute_test.go

@@ -36,12 +36,20 @@ resource "polaris_aws_account" "default" {
 	profile = "{{ .Resource.Profile }}"
 
 	cloud_native_protection {
+		permission_groups = [
+			"BASIC",
+		]
 		regions = [
 			"us-east-2",
 		]
 	}
   
 	exocompute {
+		permission_groups = [
+			"BASIC",
+			"RSC_MANAGED_CLUSTER",
+		]
+
 		regions = [
 			"us-east-2",
 		]
@@ -54,7 +62,7 @@ resource "polaris_aws_exocompute" "default" {
 	vpc_id     = "{{ .Resource.Exocompute.VPCID }}"
 
 	subnets = [
-		{{ range .Resource.Exocompute.Subnets }}
+		{{ range slice .Resource.Exocompute.Subnets 0 2 }}
 		"{{ .ID }}",
 		{{ end }}
 	]
@@ -98,7 +106,7 @@ func TestAccPolarisAWSExocompute_basic(t *testing.T) {
 				resource.TestCheckResourceAttr("polaris_aws_exocompute.default", "vpc_id", account.Exocompute.VPCID),
 				resource.TestCheckResourceAttr("polaris_aws_exocompute.default", "polaris_managed", "true"),
 				resource.TestCheckTypeSetElemAttr("polaris_aws_exocompute.default", "subnets.*", account.Exocompute.Subnets[0].ID),
-				resource.TestCheckTypeSetElemAttr("polaris_aws_exocompute.default", "subnets.*", account.Exocompute.Subnets[0].ID),
+				resource.TestCheckTypeSetElemAttr("polaris_aws_exocompute.default", "subnets.*", account.Exocompute.Subnets[1].ID),
 			),
 		}},
 	})