-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resource: azurerm_kubernetes_flux_configuration
and azurerm_arc_kubernetes_flux_configuration
- fix kustomization update, missing credentials.
#24066
Resource: azurerm_kubernetes_flux_configuration
and azurerm_arc_kubernetes_flux_configuration
- fix kustomization update, missing credentials.
#24066
Conversation
…bernetes_flux_configuration` - fix kustomization update, missing credentials. Fix [hashicorp#23449](hashicorp#23449)
Apologize for messaging you directly @ms-henglu and @stephybun. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this PR @jakubramut. Overall this looks fine, I think we can go one step further, since I believe someone could still hit this bug when updating continuous_reconciliation_enabled
.
Could you please make the change suggested and redo your testing?
if _, exists := metadata.ResourceData.GetOk("git_repository"); exists { | ||
_, configurationProtectedSettings, err := expandGitRepositoryDefinitionModel(model.GitRepository) | ||
if err != nil { | ||
return err | ||
} | ||
properties.Properties.ConfigurationProtectedSettings = configurationProtectedSettings | ||
} else if _, exists = metadata.ResourceData.GetOk("bucket"); exists { | ||
_, properties.Properties.ConfigurationProtectedSettings = expandBucketDefinitionModel(model.Bucket) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This fixes the issue if kustomizations
is updated, however if continuous_reconciliation_enabled
were to be updated then users would hit the same bug since ConfigurationProtectedSettings
was set to nil on line 644 and hasn't been repopulated.
I think we should pull this logic out and execute it after checking all the properties for changes and if ConfigurationProtectedSettings
is still nil (so we don't unnecessarily process it again), so move this to line 695
if properties.Properties.ConfigurationProtectedSettings = nil {
// add logic here
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stephybun, thank you very much for your answer.
Just pushed changes according to what you proposed.
Everything has been tested - working as expected.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stephybun, could you check my answer?
Please, it's urgent for us.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @jakubramut LGTM 👍
<Actions> <action id="f410411e63aff4bb73a81c2aec1d373cf8a903e63b30dee2006b0030d8a94cc8"> <h3>Bump Terraform `azurerm` provider version</h3> <details id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24"> <summary>Update Terraform lock file</summary> <p>"hashicorp/azurerm" updated from "3.86.0" to "3.87.0" in file ".terraform.lock.hcl"</p> <details> <summary>3.87.0</summary> <pre>Changelog retrieved from:
	https://github.com/hashicorp/terraform-provider-azurerm/releases/tag/v3.87.0
ENHANCEMENTS:

* dependencies: updating to `v0.20240112.1095456` of `github.com/hashicorp/go-azure-sdk` [GH-24477]
* dependencies: updating to `v0.65.1` of `github.com/hashicorp/go-azure-helpers` [GH-24479]
* `kusto`: updating to use the base layer from `hashicorp/go-azure-sdk` rather than `Azure/go-autorest` [GH-24477]
* `azurerm_container_group` - support for the `priority` property [GH-24374]
* Data Source: `azurerm_application_gateway` - support for the `trusted_client_certificate.data` property [GH-24474]

## 3.87.0 (January 11, 2024)

FEATURES:

* New Data Source: `azurerm_network_manager` ([#24398](hashicorp/terraform-provider-azurerm#24398 New Resource: `azurerm_security_center_server_vulnerability_assessments_setting` ([#24299](https://github.com/hashicorp/terraform-provider-azurerm/issues/24299))

ENHANCEMENTS:

* dependencies: updating to `v0.20240111.1094251` of `github.com/hashicorp/go-azure-sdk` ([#24463](hashicorp/terraform-provider-azurerm#24463 Data Source: `azurerm_mssql_database` - support for `identity`, `transparent_data_encryption_enabled`, `transparent_data_encryption_key_vault_key_id` and `transparent_data_encryption_key_automatic_rotation_enabled` ([#24412](hashicorp/terraform-provider-azurerm#24412 Data Source: `azurerm_mssql_server` - support for `transparent_data_encryption_key_vault_key_id` ([#24412](hashicorp/terraform-provider-azurerm#24412 `machinelearning`: updating to API Version `2023-10-01` ([#24416](hashicorp/terraform-provider-azurerm#24416 `paloaltonetworks`: updating to API Version `2023-09-01` ([#24290](hashicorp/terraform-provider-azurerm#24290 `azurerm_container_app` - update create time validations for `ingress.0.traffic_weight` ([#24042](hashicorp/terraform-provider-azurerm#24042 `azurerm_container_app`- support for the `ip_security_restriction` block ([#23870](hashicorp/terraform-provider-azurerm#23870 `azurerm_kubernetes_cluster` - properties in `default_node_pool.linux_os_config.sysctl_config` are now updateable via node pool cycling ([#24397](hashicorp/terraform-provider-azurerm#24397 `azurerm_linux_web_app` - support the `VS2022` value for the `remote_debugging_version` property ([#24407](hashicorp/terraform-provider-azurerm#24407 `azurerm_mssql_database` - support for `identity`, `transparent_data_encryption_key_vault_key_id` and `transparent_data_encryption_key_automatic_rotation_enabled` ([#24412](hashicorp/terraform-provider-azurerm#24412 `azurerm_postgres_flexible_server` - the `sku_name` property now supports being set to `MO_Standard_E96ds_v5` ([#24367](hashicorp/terraform-provider-azurerm#24367 `azurerm_role_assignment` - support for the `principal_type` property ([#24271](hashicorp/terraform-provider-azurerm#24271 `azurerm_windows_web_app` - support the `VS2022` value for the `remote_debugging_version` property ([#24407](hashicorp/terraform-provider-azurerm#24407 `azurerm_cdn_frontdoor_firewall_policy` - support for `request_body_check_enabled` property ([#24406](https://github.com/hashicorp/terraform-provider-azurerm/issues/24406))

BUG FIXES:

* Data Source: `azurerm_role_definition` - fix `role_definition_id` ([#24418](hashicorp/terraform-provider-azurerm#24418 `azurerm_api_management` - the `sku_name` property can now be updated ([#24431](hashicorp/terraform-provider-azurerm#24431 `azurerm_arc_kubernetes_flux_configuration` - prevent a bug where certain sensitive properties for `bucket` and `git_repository` were being overwritten after an update to the resource is made ([#24066](hashicorp/terraform-provider-azurerm#24066 `azurerm_kubernetes_flux_configuration` - prevent a bug where certain sensitive properties for `bucket` and `git_repository` were being overwritten after an update to the resource is made ([#24066](hashicorp/terraform-provider-azurerm#24066 `azure_linux_web_app` - prevent a bug in App Service processing of `application_stack` in updates to `site_config` ([#24424](hashicorp/terraform-provider-azurerm#24424 `azure_linux_web_app_slot` - Fix bug in App Service processing of `application_stack` in updates to `site_config` ([#24424](hashicorp/terraform-provider-azurerm#24424 `azurerm_network_manager_deployment` - update creation wait logic to better tolerate the api returning not found ([#24330](hashicorp/terraform-provider-azurerm#24330 `azurerm_virtual_machine_data_disk_attachment` - do not update applications profile with disks ([#24145](hashicorp/terraform-provider-azurerm#24145 `azure_windows_web_app` - prevent a bug in App Service processing of `application_stack` in updates to `site_config` ([#24424](hashicorp/terraform-provider-azurerm#24424 `azure_windows_web_app_slot` - prevent a bug in App Service processing of `application_stack` in updates to `site_config` ([#24424](hashicorp/terraform-provider-azurerm#24424 `azurerm_maintenance_configuration` - set the `reboot` property in flatten from `AlwaysReboot` to `Always` ([#24376](hashicorp/terraform-provider-azurerm#24376 `azurerm_container_app_environment` - the `workload_profile` property can now be updated ([#24409](https://github.com/hashicorp/terraform-provider-azurerm/issues/24409))


</pre> </details> </details> <a href="https://infra.ci.jenkins.io/job/terraform-jobs/job/azure/job/main/1004/">Jenkins pipeline link</a> </action> </Actions> --- <table> <tr> <td width="77"> <img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli logo" width="50" height="50"> </td> <td> <p> Created automatically by <a href="https://www.updatecli.io/">Updatecli</a> </p> <details><summary>Options:</summary> <br /> <p>Most of Updatecli configuration is done via <a href="https://www.updatecli.io/docs/prologue/quick-start/">its manifest(s)</a>.</p> <ul> <li>If you close this pull request, Updatecli will automatically reopen it, the next time it runs.</li> <li>If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.</li> </ul> <p> Feel free to report any issues at <a href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br /> If you find this tool useful, do not hesitate to star <a href="https://github.com/updatecli/updatecli/stargazers">our GitHub repository</a> as a sign of appreciation, and/or to tell us directly on our <a href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>! </p> </details> </td> </tr> </table> Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Fix #23449