Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New service: DeviceRegistry + new resources: azurerm_device_registry_asset and azurerm_device_registry_asset_endpoint_profile #28399

Open
wants to merge 35 commits into
base: main
Choose a base branch
from
Open

New service: DeviceRegistry + new resources: azurerm_device_registry_asset and azurerm_device_registry_asset_endpoint_profile #28399

wants to merge 35 commits into from
+4,523 −0

Conversation

mryanlo
Copy link

@mryanlo mryanlo commented Dec 30, 2024
edited
Loading

This PR introduces support for the Device Registry service, comprising of:

Resources

- azurerm_device_registry_asset
- azurerm_device_registry_asset_endpoint_profile

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

Swagger: https://github.com/Azure/azure-rest-api-specs/tree/main/specification/deviceregistry/resource-manager/Microsoft.DeviceRegistry/stable/2024-11-01

Azure Doc: https://learn.microsoft.com/en-us/azure/iot-operations/discover-manage-assets/howto-manage-assets-remotely?tabs=cli

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Changes to existing Resource / Data Source

  • I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
  • I have written new tests for my resource or datasource changes & updated any relevent documentation.
  • I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
  • (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

  • My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

The acceptance tests for azurerm_device_registry_asset and azurerm_device_registry_asset_endpoint_profile require an arc-enabled kubernetes cluster with Azure IoT Operations' service extension installed on the cluster in order to pass. Creating this cluster in the terraform acceptance tests has been unsuccessful, takes over 45 minutes to complete, and the installation of AIO script has proven to be flakey. Once the cluster is setup, you need to add these environment variables to pass:

ARM_DEVICE_REGISTRY_RESOURCE_GROUP=<myResourceGroup> // resource group where the AIO-enabled cluster is
ARM_DEVICE_REGISTRY_CUSTOM_LOCATION=/subscriptions/xxxx/resourceGroups/<myResourceGroup>/providers/Microsoft.ExtendedLocation/customLocations/<myCustomLocation> // full custom location path that is in <myResourceGroup> and connected to the AIO extension

Local tests against a pre-existing AIO cluster:

  • Asset:
$ make acctests SERVICE='deviceregistry' TESTARGS='-run=TestAccAsset_'
TF_ACC=1 go test -v ./internal/services/deviceregistry -run=TestAccAsset_ -timeout 180m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccAsset_basic
=== PAUSE TestAccAsset_basic
=== RUN   TestAccAsset_complete
=== PAUSE TestAccAsset_complete
=== RUN   TestAccAsset_requiresImport
=== PAUSE TestAccAsset_requiresImport
=== RUN   TestAccAsset_update
=== PAUSE TestAccAsset_update
=== CONT  TestAccAsset_basic
=== CONT  TestAccAsset_requiresImport
--- PASS: TestAccAsset_requiresImport (148.12s)
=== CONT  TestAccAsset_update
--- PASS: TestAccAsset_basic (168.96s)
=== CONT  TestAccAsset_complete
--- PASS: TestAccAsset_complete (125.88s)
--- PASS: TestAccAsset_update (181.90s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/deviceregistry        340.311s
  • Asset endpoint profile:
$ make acctests SERVICE='deviceregistry' TESTARGS='-run=TestAccAssetEndpointProfile_'
TF_ACC=1 go test -v ./internal/services/deviceregistry -run=TestAccAssetEndpointProfile_ -timeout 180m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccAssetEndpointProfile_basic
=== PAUSE TestAccAssetEndpointProfile_basic
=== RUN   TestAccAssetEndpointProfile_complete_certificate
=== PAUSE TestAccAssetEndpointProfile_complete_certificate
=== RUN   TestAccAssetEndpointProfile_complete_usernamePassword
=== PAUSE TestAccAssetEndpointProfile_complete_usernamePassword
=== RUN   TestAccAssetEndpointProfile_complete_anonymous
=== PAUSE TestAccAssetEndpointProfile_complete_anonymous
=== RUN   TestAccAssetEndpointProfile_requiresImport
=== PAUSE TestAccAssetEndpointProfile_requiresImport
=== RUN   TestAccAssetEndpointProfile_update
=== PAUSE TestAccAssetEndpointProfile_update
=== CONT  TestAccAssetEndpointProfile_basic
=== CONT  TestAccAssetEndpointProfile_complete_anonymous
--- PASS: TestAccAssetEndpointProfile_basic (141.14s)
=== CONT  TestAccAssetEndpointProfile_update
--- PASS: TestAccAssetEndpointProfile_complete_anonymous (146.94s)
=== CONT  TestAccAssetEndpointProfile_requiresImport
--- PASS: TestAccAssetEndpointProfile_requiresImport (113.54s)
=== CONT  TestAccAssetEndpointProfile_complete_usernamePassword
--- PASS: TestAccAssetEndpointProfile_complete_usernamePassword (118.11s)
=== CONT  TestAccAssetEndpointProfile_complete_certificate
--- PASS: TestAccAssetEndpointProfile_complete_certificate (118.48s)
--- PASS: TestAccAssetEndpointProfile_update (379.77s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/deviceregistry        531.097s
  • Both resources' tests skipped if env variables not set:
 make acctests SERVICE='deviceregistry'
TF_ACC=1 go test -v ./internal/services/deviceregistry  -timeout 180m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccAsset_basic
    device_registry_asset_resource_test.go:30: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAsset_basic (0.00s)
=== RUN   TestAccAsset_complete
    device_registry_asset_resource_test.go:57: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAsset_complete (0.00s)
=== RUN   TestAccAsset_requiresImport
    device_registry_asset_resource_test.go:127: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAsset_requiresImport (0.00s)
=== RUN   TestAccAsset_update
    device_registry_asset_resource_test.go:148: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAsset_update (0.00s)
=== RUN   TestAccAssetEndpointProfile_basic
    device_registry_assetendpointprofile_resource_test.go:30: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_basic (0.00s)
=== RUN   TestAccAssetEndpointProfile_complete_certificate
    device_registry_assetendpointprofile_resource_test.go:57: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_complete_certificate (0.00s)
=== RUN   TestAccAssetEndpointProfile_complete_usernamePassword
    device_registry_assetendpointprofile_resource_test.go:85: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_complete_usernamePassword (0.00s)
=== RUN   TestAccAssetEndpointProfile_complete_anonymous
    device_registry_assetendpointprofile_resource_test.go:113: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_complete_anonymous (0.00s)
=== RUN   TestAccAssetEndpointProfile_requiresImport
    device_registry_assetendpointprofile_resource_test.go:141: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_requiresImport (0.00s)
=== RUN   TestAccAssetEndpointProfile_update
    device_registry_assetendpointprofile_resource_test.go:162: Skipping test due to missing environment variables ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and/or ARM_DEVICE_REGISTRY_RESOURCE_GROUP
--- SKIP: TestAccAssetEndpointProfile_update (0.00s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/deviceregistry        13.818s

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

  • new service DeviceRegistry - support for the device_registry service [GH-00000]
  • new resource azurerm_device_registry_asset [GH-00000]
  • new resource azurerm_device_registry_asset_endpoint_profile [GH-00000]

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Fixes #0000

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

@mryanlo mryanlo changed the title New service: DeviceRegistry DO NOT REVIEW!!! New service: DeviceRegistry Dec 30, 2024
@mryanlo mryanlo marked this pull request as ready for review December 30, 2024 23:55
@mryanlo mryanlo requested a review from a team as a code owner December 30, 2024 23:55
@mryanlo mryanlo marked this pull request as draft January 24, 2025 01:32
@mryanlo mryanlo changed the title DO NOT REVIEW!!! New service: DeviceRegistry New service: DeviceRegistry Feb 19, 2025
@mryanlo mryanlo changed the title New service: DeviceRegistry New service: DeviceRegistry + new resources: azurerm_device_registry_asset and azurerm_device_registry_asset_endpoint_profile Feb 19, 2025
@mryanlo mryanlo marked this pull request as ready for review February 19, 2025 08:25
mryanlo
mryanlo commented Feb 21, 2025
View reviewed changes
internal/services/deviceregistry/device_registry_asset_resource_test.go
r := AssetTestResource{}

if os.Getenv(ASSET_CUSTOM_LOCATION_NAME) == "" || os.Getenv(ASSET_RESOURCE_GROUP_NAME) == "" {
t.Skipf("Skipping test due to missing environment variables %s and/or %s", ASSET_CUSTOM_LOCATION_NAME, ASSET_RESOURCE_GROUP_NAME)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For both asset and asset endpoint profile resource tests, we require env vars ARM_DEVICE_REGISTRY_CUSTOM_LOCATION and ARM_DEVICE_REGISTRY_RESOURCE_GROUP to be set or else the tests will fail (to prevent this we skip the tests).

however, the resource group, custom location, and the AIO cluster must be pre-existing this test run. Investigation and efforts to get the acceptance tests to create and provision an AIO cluster are flakey, take a long time to run (45+ minutes), and we found that the test steps delete the cluster resources before the asset/asset endpoint profile resource tests run (causing the latter ones to fail). awaiting response from Hashicorp and Terraform PMs what the best course of action is here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @mryanlo,

In short it would be acceptable for the tests to run against existing infrastructure for the time being to help move this PR forwards, but the maintainers do need to be able to independently run the acceptance tests for new RPs and resources that are in the provider. I'd like to better understand the procedure required to test these resources so that we can setup the tests to run without a dependence on pre-existing resources.

We have acceptance tests in the provider for arc enabled clusters where we need to provision the prerequisite network resources and a VM that runs the necessary setup scripts for the cluster.

Would you be able to take a look and let me know if there are parts of this setup that you would be able to re-use and what modifications you would need to make for setting up AIO on the cluster specifically? e.g. perhaps the setup script etc.

Once we have a better understanding of what's required we can begin looking at ways to cut down the provisioning time and improving the stability of the test.

Copy link
Author

@mryanlo mryanlo Mar 4, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @stephybun thanks for reaching out! the exact steps to install AIO onto a cluster are found here: https://review.learn.microsoft.com/en-us/azure/iot-operations/get-started-end-to-end-sample/quickstart-deploy?branch=main

I've seen that link you sent me in the past and have been unable to successfully modify it for AIO's purposes. This is due to the complexity and flakiness of the bash/python script that the VM must run, and our restrictions with the linux distro for installing AIO (you need linux Ubuntu 24.04 with a k3s cluster, not kind cluster to succeed). Additionally there are a bunch of az cli commands that must run and this process is the only available way to install AIO on a cluster, so we need to install az cli and k3s.

If you'd like to see my latest attempt at modifying the scripts to get these to work (the tests will try to sequentially first create a single cluster with AIO installed and then run the acc tests to create resources on only that cluster), here are links:

https://github.com/mryanlo/terraform-provider-azurerm/blob/rylo/adr-tf-tests/internal/services/deviceregistry/device_registry_assetendpointprofile_resource_test.go
https://github.com/mryanlo/terraform-provider-azurerm/tree/rylo/adr-tf-tests/internal/services/deviceregistry/testdata
Thanks, and let me know if you have any more questions about this process.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: my code modifies the acceptance tests to run via a managed identity since due to security reasons we are not allowed to make service principals to run terraform anymore.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stephybun is there a way to ignore the terraform plan check in acceptance tests from running on the VM portions? we don't care about the VM changing since it's not the resource that we want to test. however, one of the issues with my script above is that even if the AIO installation succeeds, the test flags the terraform plan step of the VM as modified after creating.

image

mryanlo
mryanlo commented Mar 3, 2025
View reviewed changes
internal/services/deviceregistry/device_registry_asset_resource.go
param.Properties.DefaultTopic.Path = pointer.To(config.DefaultTopicPath)
}
if defaultTopicRetainChanged {
// Bug with `go-azure-sdk` library: you can't set retain to null because empty string will cause
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Linking issue hashicorp/go-azure-sdk#1143 and PR hashicorp/pandora#4633

The go sdk does not support sending null properties. After the PR goes in, this issue can be fixed but might require a code change here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stephybun stephybun stephybun left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies documentation size/XL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mryanlo @stephybun