Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(container_node_pool): panic interface conversion on linux_node_config.sysctls #8981

Merged
merged 1 commit into from
Sep 22, 2023
Merged

fix(container_node_pool): panic interface conversion on linux_node_config.sysctls #8981

merged 1 commit into from
Sep 22, 2023

Conversation

toVersus
Copy link
Contributor

@toVersus toVersus commented Sep 17, 2023
edited by shuyama1
Loading

Fixes: hashicorp/terraform-provider-google#15847

  • Add type assertion to extract empty values from linux_node_config.sysctls field
  • Clean up existing test case to only pass single sysctls parameter to be changed
  • Add test case to create a nodepool with empty linux_node_config.sysctls

Without the fix, the test case to create a nodepool with empty linux_node_config.sysctls will fail.

make testacc TEST=./google/services/container TESTARGS='-run=TestAccContainerNodePool_withLinuxNodeConfig'
TF_ACC=1 TF_SCHEMA_PANIC_ON_ERROR=1 go test ./google/services/container -v -run=TestAccContainerNodePool_withLinuxNodeConfig -timeout 240m -ldflags="-X=github.com/hashicorp/terraform-provider-google/version.ProviderVersion=acc"
=== RUN   TestAccContainerNodePool_withLinuxNodeConfig
=== PAUSE TestAccContainerNodePool_withLinuxNodeConfig
=== CONT  TestAccContainerNodePool_withLinuxNodeConfig
panic: interface conversion: interface {} is nil, not map[string]interface {}

goroutine 1276 [running]:
github.com/hashicorp/terraform-provider-google/google/services/container.expandLinuxNodeConfig(...)
	/Users/tsubasanagasawa/go/src/github.com/hashicorp/terraform-provider-google/google/services/container/node_config.go:927
github.com/hashicorp/terraform-provider-google/google/services/container.expandNodeConfig({0x1071ec840?, 0x14001a923d8?})
	/Users/tsubasanagasawa/go/src/github.com/hashicorp/terraform-provider-google/google/services/container/node_config.go:849 +0x1808
github.com/hashicorp/terraform-provider-google/google/services/container.expandNodePool(0x1079eb778?, {0x0, 0x0})
	/Users/tsubasanagasawa/go/src/github.com/hashicorp/terraform-provider-google/google/services/container/resource_container_node_pool.go:867 +0x2f8
github.com/hashicorp/terraform-provider-google/google/services/container.resourceContainerNodePoolCreate(0x140029c3380, {0x107989740?, 0x14000f32400?})
	/Users/tsubasanagasawa/go/src/github.com/hashicorp/terraform-provider-google/google/services/container/resource_container_node_pool.go:477 +0x120
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0x1079e2678?, {0x1079e2678?, 0x1400140e630?}, 0xd?, {0x107989740?, 0x14000f32400?})
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.24.0/helper/schema/resource.go:695 +0x134
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0x140007ad500, {0x1079e2678, 0x1400140e630}, 0x140019cbc70, 0x140029c3200, {0x107989740, 0x14000f32400})
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.24.0/helper/schema/resource.go:837 +0x888
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0x14000eab110, {0x1079e2678?, 0x1400140e570?}, 0x140024650e0)
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.24.0/helper/schema/grpc_provider.go:1021 +0xb78
github.com/hashicorp/terraform-plugin-mux/tf5muxserver.muxServer.ApplyResourceChange({0x140010720c0, 0x14001072120, {0x1400230eee0, 0x2, 0x2}, {0x0, 0x0, 0x0}, {0x0, 0x0, ...}, ...}, ...)
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-mux@v0.8.0/tf5muxserver/mux_server_ApplyResourceChange.go:27 +0xdc
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0x140024483c0, {0x1079e2678?, 0x140013d1d40?}, 0x1400196c770)
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-go@v0.14.3/tfprotov5/tf5server/server.go:818 +0x3bc
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x107904520?, 0x140024483c0}, {0x1079e2678, 0x140013d1d40}, 0x1400196c700, 0x0)
	/Users/tsubasanagasawa/go/pkg/mod/github.com/hashicorp/terraform-plugin-go@v0.14.3/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:385 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0x14000c22000, {0x1079eb898, 0x140027c7380}, 0x140019bdb00, 0x14001b552c0, 0x108f5a8e0, 0x0)
	/Users/tsubasanagasawa/go/pkg/mod/google.golang.org/grpc@v1.57.0/server.go:1360 +0xcb4
google.golang.org/grpc.(*Server).handleStream(0x14000c22000, {0x1079eb898, 0x140027c7380}, 0x140019bdb00, 0x0)
	/Users/tsubasanagasawa/go/pkg/mod/google.golang.org/grpc@v1.57.0/server.go:1737 +0x82c
google.golang.org/grpc.(*Server).serveStreams.func1.1()
	/Users/tsubasanagasawa/go/pkg/mod/google.golang.org/grpc@v1.57.0/server.go:982 +0x84
created by google.golang.org/grpc.(*Server).serveStreams.func1
	/Users/tsubasanagasawa/go/pkg/mod/google.golang.org/grpc@v1.57.0/server.go:980 +0x16c
FAIL	github.com/hashicorp/terraform-provider-google/google/services/container	331.318s
FAIL

Release Note Template for Downstream PRs (will be copied)

container: fixed an issue in `google_container_node_pool` where empty `linux_node_config.sysctls` would crash the provider

@modular-magician
Copy link
Collaborator

Hello! I am a robot. It looks like you are a: Community Contributor Googler Core Contributor. Tests will require approval to run.

@shuyama1, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

@modular-magician modular-magician added the awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests label Sep 17, 2023
@toVersus toVersus force-pushed the fix/linux-node-config branch 2 times, most recently from ceb20d9 to bbfa215 Compare September 17, 2023 04:29
@modular-magician modular-magician removed the awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests label Sep 18, 2023
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 45 insertions(+), 18 deletions(-))
Terraform Beta: Diff ( 2 files changed, 45 insertions(+), 18 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 3065
Passed tests 2721
Skipped tests: 299
Affected tests: 45

Action taken

Found 45 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccContainerCluster_withSoleTenantGroup|TestAccContainerCluster_withWorkloadMetadataConfig|TestAccContainerCluster_withNodePoolNodeConfig|TestAccContainerCluster_backend|TestAccContainerCluster_withBootDiskKmsKey|TestAccContainerCluster_withNodeConfigReservationAffinity|TestAccContainerCluster_withNodeConfigReservationAffinitySpecific|TestAccContainerCluster_withNodeConfigShieldedInstanceConfig|TestAccContainerCluster_withNodeConfigScopeAlias|TestAccContainerCluster_withSandboxConfig|TestAccContainerCluster_withLoggingVariantInNodePool|TestAccContainerCluster_withNodeConfig|TestAccContainerCluster_withLoggingVariantInNodeConfig|TestAccContainerCluster_customPlacementPolicy|TestAccContainerNodePool_withHostMaintenancePolicy|TestAccContainerNodePool_withConfidentialNodes|TestAccContainerNodePool_customPlacementPolicy|TestAccContainerNodePool_threadsPerCore|TestAccContainerNodePool_compactPlacement|TestAccContainerNodePool_fastSocket|TestAccContainerNodePool_gvnic|TestAccContainerNodePool_gcfsConfig|TestAccContainerNodePool_ephemeralStorageConfig|TestAccContainerNodePool_localNvmeSsdBlockConfig|TestAccContainerNodePool_ephemeralStorageLocalSsdConfig|TestAccContainerNodePool_shieldedInstanceConfig|TestAccContainerNodePool_EmptyGuestAccelerator|TestAccContainerNodePool_withSoleTenantConfig|TestAccContainerNodePool_012_ConfigModeAttr|TestAccContainerNodePool_withManagement|TestAccContainerNodePool_withNodeConfigScopeAlias|TestAccContainerNodePool_withEnablePrivateNodesToggle|TestAccContainerNodePool_withMultiNicNetworkConfig|TestAccContainerNodePool_withGPU|TestAccContainerCluster_withILBSubsetting|TestAccContainerNodePool_withLinuxNodeConfig|TestAccContainerNodePool_withWorkloadIdentityConfig|TestAccContainerNodePool_withKubeletConfig|TestAccContainerNodePool_withSandboxConfig|TestAccContainerNodePool_withReservationAffinity|TestAccContainerCluster_withConfidentialNodes|TestAccContainerNodePool_withNodeConfig|TestAccContainerNodePool_withReservationAffinitySpecific|TestAccContainerNodePool_withLoggingVariantUpdates|TestAccContainerNodePool_withNetworkConfig

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccContainerNodePool_withLinuxNodeConfig[Debug log]

Rerun these tests in REPLAYING mode to catch issues

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccContainerCluster_withSoleTenantGroup[Error message] [Debug log]
TestAccContainerCluster_withWorkloadMetadataConfig[Error message] [Debug log]
TestAccContainerCluster_withNodePoolNodeConfig[Error message] [Debug log]
TestAccContainerCluster_backend[Error message] [Debug log]
TestAccContainerCluster_withBootDiskKmsKey[Error message] [Debug log]
TestAccContainerCluster_withNodeConfigReservationAffinity[Error message] [Debug log]
TestAccContainerCluster_withNodeConfigReservationAffinitySpecific[Error message] [Debug log]
TestAccContainerCluster_withNodeConfigShieldedInstanceConfig[Error message] [Debug log]
TestAccContainerCluster_withNodeConfigScopeAlias[Error message] [Debug log]
TestAccContainerCluster_withSandboxConfig[Error message] [Debug log]
TestAccContainerCluster_withLoggingVariantInNodePool[Error message] [Debug log]
TestAccContainerCluster_withNodeConfig[Error message] [Debug log]
TestAccContainerCluster_withLoggingVariantInNodeConfig[Error message] [Debug log]
TestAccContainerCluster_customPlacementPolicy[Error message] [Debug log]
TestAccContainerNodePool_withHostMaintenancePolicy[Error message] [Debug log]
TestAccContainerNodePool_withConfidentialNodes[Error message] [Debug log]
TestAccContainerNodePool_customPlacementPolicy[Error message] [Debug log]
TestAccContainerNodePool_threadsPerCore[Error message] [Debug log]
TestAccContainerNodePool_compactPlacement[Error message] [Debug log]
TestAccContainerNodePool_fastSocket[Error message] [Debug log]
TestAccContainerNodePool_gvnic[Error message] [Debug log]
TestAccContainerNodePool_gcfsConfig[Error message] [Debug log]
TestAccContainerNodePool_ephemeralStorageConfig[Error message] [Debug log]
TestAccContainerNodePool_localNvmeSsdBlockConfig[Error message] [Debug log]
TestAccContainerNodePool_ephemeralStorageLocalSsdConfig[Error message] [Debug log]
TestAccContainerNodePool_shieldedInstanceConfig[Error message] [Debug log]
TestAccContainerNodePool_EmptyGuestAccelerator[Error message] [Debug log]
TestAccContainerNodePool_withSoleTenantConfig[Error message] [Debug log]
TestAccContainerNodePool_012_ConfigModeAttr[Error message] [Debug log]
TestAccContainerNodePool_withManagement[Error message] [Debug log]
TestAccContainerNodePool_withNodeConfigScopeAlias[Error message] [Debug log]
TestAccContainerNodePool_withEnablePrivateNodesToggle[Error message] [Debug log]
TestAccContainerNodePool_withMultiNicNetworkConfig[Error message] [Debug log]
TestAccContainerNodePool_withGPU[Error message] [Debug log]
TestAccContainerCluster_withILBSubsetting[Error message] [Debug log]
TestAccContainerNodePool_withWorkloadIdentityConfig[Error message] [Debug log]
TestAccContainerNodePool_withKubeletConfig[Error message] [Debug log]
TestAccContainerNodePool_withSandboxConfig[Error message] [Debug log]
TestAccContainerNodePool_withReservationAffinity[Error message] [Debug log]
TestAccContainerCluster_withConfidentialNodes[Error message] [Debug log]
TestAccContainerNodePool_withNodeConfig[Error message] [Debug log]
TestAccContainerNodePool_withReservationAffinitySpecific[Error message] [Debug log]
TestAccContainerNodePool_withLoggingVariantUpdates[Error message] [Debug log]
TestAccContainerNodePool_withNetworkConfig[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

@modular-magician modular-magician added the awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests label Sep 19, 2023
@toVersus
Copy link
Contributor Author

toVersus commented Sep 19, 2023
edited
Loading

I removed the suspicious code that was affecting the VCR test for the existing nodepool test cases. However, I'm not sure how to handle the fact that the following change is always planned when reapplying after creating a nodepool.

Terraform code:

resource "google_container_cluster" "cluster" {
  name               = "test-cluster"
  location           = "us-central1-f"
  initial_node_count = 1
}

resource "google_container_node_pool" "np" {
  name               = "test-nodepool"
  location           = "us-central1-f"
  cluster            = google_container_cluster.cluster.name
  initial_node_count = 1
  node_config {
    image_type = "COS_CONTAINERD"
    linux_node_config {
      sysctls = {}
    }
    oauth_scopes = [
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring",
    ]
  }
}

Output:

TF_LOG=DEBUG TF_LOG_PATH=plan.log TF_CLI_CONFIG_FILE="$HOME/tf-dev-override.tfrc" terraform apply

(...)

Terraform will perform the following actions:

  # google_container_node_pool.np will be updated in-place
  ~ resource "google_container_node_pool" "np" {
        id                          = "projects/nagasawa-test/locations/us-central1-f/clusters/test-cluster/nodePools/test-nodepool"
        name                        = "test-nodepool"
        # (9 unchanged attributes hidden)

      ~ node_config {
            tags              = []
            # (15 unchanged attributes hidden)

          + linux_node_config {}

            # (1 unchanged block hidden)
        }

        # (3 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

I think this warning is the route cause of this issue but how can I avoid that?

2023-09-19T11:34:07.352+0900 [WARN]  Provider "registry.terraform.io/hashicorp/google" produced an invalid plan for google_container_node_pool.np, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      (...)
      - .node_config[0].linux_node_config[0].sysctls: planned value cty.NullVal(cty.Map(cty.String)) does not match config value cty.MapValEmpty(cty.String)
      (...)

shuyama1
shuyama1 reviewed Sep 19, 2023
View reviewed changes
Copy link
Member

@shuyama1 shuyama1 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making a fix for this issue. Yeah, explicitly added it in the flattener to write back linux_node_config {} that will potentially break all current configurations and we should avoid doing so. I wonder if we explicitly send the empty fields would the API return it back as the current issues is that the API does not return linux_node_config {} and Terraform will try to update it since it's in the config.

mmv1/third_party/terraform/services/container/node_config.go.erb Outdated
Comment on lines 1011 to 1013
cfg, ok := ls[0].(map[string]interface{})
if !ok {
return nil
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
cfg, ok := ls[0].(map[string]interface{})
if !ok {
return nil
}
if ls[0] == nil {
return &container.LinuxNodeConfig{}
}
cfg := ls[0].(map[string]interface{})

Can we try something like this and see if the API will return back the value?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your assistance! You are right; this change worked perfectly.

@toVersus @shuyama1
fix(google_container_node_pool): panic interface conversion on `linux…
6908782 
…_node_config`

Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>

Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
@modular-magician modular-magician removed the awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests label Sep 20, 2023
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 40 insertions(+), 17 deletions(-))
Terraform Beta: Diff ( 2 files changed, 40 insertions(+), 17 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 3075
Passed tests 2772
Skipped tests: 299
Affected tests: 4

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccBigtableAppProfile_bigtableAppProfileAnyclusterExample|TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample|TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample|TestAccContainerNodePool_withLinuxNodeConfig

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccBigtableAppProfile_bigtableAppProfileAnyclusterExample[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample[Debug log]
TestAccContainerNodePool_withLinuxNodeConfig[Debug log]

Rerun these tests in REPLAYING mode to catch issues

$\textcolor{red}{\textsf{Tests failed when rerunning REPLAYING mode:}}$
TestAccBigtableAppProfile_bigtableAppProfileAnyclusterExample[Error message] [Debug log]
TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample[Error message] [Debug log]
TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample[Error message] [Debug log]

Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.

Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.

$\textcolor{red}{\textsf{Errors occurred during RECORDING mode. Please fix them to complete your PR.}}$
View the build log or the debug log for each test

@shuyama1
Copy link
Member

don't think the failing tests are related
/gcbrun

@modular-magician modular-magician added awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests and removed awaiting-approval Pull requests that needs reviewer's approval to run presubmit tests labels Sep 21, 2023
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 40 insertions(+), 17 deletions(-))
Terraform Beta: Diff ( 2 files changed, 40 insertions(+), 17 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 3077
Passed tests 2778
Skipped tests: 299
Affected tests: 0

$\textcolor{green}{\textsf{All tests passed in REPLAYING mode.}}$
View the build log

@shuyama1 shuyama1 merged commit 91afc18 into GoogleCloudPlatform:main Sep 22, 2023
16 checks passed
This was referenced Sep 22, 2023
Merged
Merged
@toVersus toVersus deleted the fix/linux-node-config branch September 22, 2023 01:56
nevzheng pushed a commit to nevzheng/magic-modules that referenced this pull request Sep 22, 2023
@toVersus @shuyama1 @nevzheng
fix(container_node_pool): panic interface conversion on `linux_node_c…
6d2181e 
…onfig.sysctls` (GoogleCloudPlatform#8981)

Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shuyama1 shuyama1 shuyama1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

panic: interface conversion: interface {} is nil, not map[string]interface {}
3 participants
@toVersus @modular-magician @shuyama1