Merge pull request #276 from kbst/azurerm-v3

pst · web-flow · commit 82736bf62383 · 2022-11-20T13:51:00.000+01:00
Handle azurerm provider AKS attribute depreciations
diff --git a/azurerm/_modules/aks/ingress.tf b/azurerm/_modules/aks/ingress.tf
@@ -7,6 +7,8 @@ resource "azurerm_public_ip" "current" {
   allocation_method   = "Static"
   sku                 = "Standard"
 
+  zones = var.default_ingress_ip_zones
+
   tags = var.metadata_labels
 
   depends_on = [azurerm_kubernetes_cluster.current]
diff --git a/azurerm/_modules/aks/main.tf b/azurerm/_modules/aks/main.tf
@@ -11,9 +11,7 @@ resource "azurerm_kubernetes_cluster" "current" {
   kubernetes_version        = var.kubernetes_version
   automatic_channel_upgrade = var.automatic_channel_upgrade
 
-  role_based_access_control {
-    enabled = true
-  }
+  role_based_access_control_enabled = true
 
   default_node_pool {
     name = var.default_node_pool_name
@@ -36,7 +34,7 @@ resource "azurerm_kubernetes_cluster" "current" {
 
     only_critical_addons_enabled = var.default_node_pool_only_critical_addons
 
-    availability_zones = var.availability_zones
+    zones = var.availability_zones
   }
 
   network_profile {
@@ -55,7 +53,7 @@ resource "azurerm_kubernetes_cluster" "current" {
     content {
       type = var.user_assigned_identity_id == null ? "SystemAssigned" : "UserAssigned"
 
-      user_assigned_identity_id = var.user_assigned_identity_id
+      identity_ids = var.user_assigned_identity_id == null ? null : [var.user_assigned_identity_id]
     }
   }
 
@@ -68,17 +66,12 @@ resource "azurerm_kubernetes_cluster" "current" {
     }
   }
 
-  addon_profile {
-    azure_policy {
-      enabled = var.enable_azure_policy_agent
-    }
+  azure_policy_enabled = var.enable_azure_policy_agent
 
-    kube_dashboard {
-      enabled = false
-    }
+  dynamic "oms_agent" {
+    for_each = var.enable_log_analytics ? toset([1]) : toset([])
 
-    oms_agent {
-      enabled                    = var.enable_log_analytics
+    content {
       log_analytics_workspace_id = var.enable_log_analytics ? azurerm_log_analytics_workspace.current[0].id : null
     }
   }
diff --git a/azurerm/_modules/aks/node_pool/main.tf b/azurerm/_modules/aks/node_pool/main.tf
@@ -17,7 +17,7 @@ resource "azurerm_kubernetes_cluster_node_pool" "current" {
   vm_size               = var.vm_size
   node_labels           = var.node_labels
   node_taints           = var.node_taints
-  availability_zones    = var.availability_zones
+  zones                 = var.availability_zones
   max_pods              = var.max_pods
   os_disk_type          = var.os_disk_type
   os_disk_size_gb       = var.os_disk_size_gb
diff --git a/azurerm/_modules/aks/variables.tf b/azurerm/_modules/aks/variables.tf
@@ -139,6 +139,11 @@ variable "disable_default_ingress" {
   description = "Whether to disable the default ingress."
 }
 
+variable "default_ingress_ip_zones" {
+  type        = list(string)
+  description = "Explicit list of zones for the ingress public IP."
+}
+
 variable "enable_azure_policy_agent" {
   type        = bool
   description = "whether to deploy the Azure policy agent to the cluster"
diff --git a/azurerm/_modules/aks/versions.tf b/azurerm/_modules/aks/versions.tf
@@ -4,7 +4,7 @@ terraform {
     azurerm = {
       # https://registry.terraform.io/providers/hashicorp/azurerm/latest
       source  = "hashicorp/azurerm"
-      version = "< 3.0.0"
+      version = ">= 3.4.0"
     }
 
     azuread = {
diff --git a/azurerm/cluster/configuration.tf b/azurerm/cluster/configuration.tf
@@ -47,6 +47,9 @@ locals {
 
   disable_default_ingress = lookup(local.cfg, "disable_default_ingress", false)
 
+  default_ingress_ip_zones_lookup = lookup(local.cfg, "default_ingress_ip_zones", "")
+  default_ingress_ip_zones        = local.default_ingress_ip_zones_lookup != "" ? split(",", local.default_ingress_ip_zones_lookup) : []
+
   enable_azure_policy_agent = lookup(local.cfg, "enable_azure_policy_agent", false)
 
   disable_managed_identities = lookup(local.cfg, "disable_managed_identities", false)
diff --git a/azurerm/cluster/main.tf b/azurerm/cluster/main.tf
@@ -53,7 +53,8 @@ module "cluster" {
   default_node_pool_vm_size              = local.default_node_pool_vm_size
   default_node_pool_os_disk_size_gb      = local.default_node_pool_os_disk_size_gb
 
-  disable_default_ingress = local.disable_default_ingress
+  disable_default_ingress  = local.disable_default_ingress
+  default_ingress_ip_zones = local.default_ingress_ip_zones
 
   enable_azure_policy_agent = local.enable_azure_policy_agent
 

Original file line number	Diff line number	Diff line change
`@@ -11,9 +11,7 @@ resource "azurerm_kubernetes_cluster" "current" {`
`11`	`11`	`kubernetes_version = var.kubernetes_version`
`12`	`12`	`automatic_channel_upgrade = var.automatic_channel_upgrade`
`13`	`13`
`14`		`- role_based_access_control {`
`15`		`- enabled = true`
`16`		`- }`
	`14`	`+ role_based_access_control_enabled = true`
`17`	`15`
`18`	`16`	`default_node_pool {`
`19`	`17`	`name = var.default_node_pool_name`
`@@ -36,7 +34,7 @@ resource "azurerm_kubernetes_cluster" "current" {`
`36`	`34`
`37`	`35`	`only_critical_addons_enabled = var.default_node_pool_only_critical_addons`
`38`	`36`
`39`		`- availability_zones = var.availability_zones`
	`37`	`+ zones = var.availability_zones`
`40`	`38`	`}`
`41`	`39`
`42`	`40`	`network_profile {`
`@@ -55,7 +53,7 @@ resource "azurerm_kubernetes_cluster" "current" {`
`55`	`53`	`content {`
`56`	`54`	`type = var.user_assigned_identity_id == null ? "SystemAssigned" : "UserAssigned"`
`57`	`55`
`58`		`- user_assigned_identity_id = var.user_assigned_identity_id`
	`56`	`+ identity_ids = var.user_assigned_identity_id == null ? null : [var.user_assigned_identity_id]`
`59`	`57`	`}`
`60`	`58`	`}`
`61`	`59`
`@@ -68,17 +66,12 @@ resource "azurerm_kubernetes_cluster" "current" {`
`68`	`66`	`}`
`69`	`67`	`}`
`70`	`68`
`71`		`- addon_profile {`
`72`		`- azure_policy {`
`73`		`- enabled = var.enable_azure_policy_agent`
`74`		`- }`
	`69`	`+ azure_policy_enabled = var.enable_azure_policy_agent`
`75`	`70`
`76`		`- kube_dashboard {`
`77`		`- enabled = false`
`78`		`- }`
	`71`	`+ dynamic "oms_agent" {`
	`72`	`+ for_each = var.enable_log_analytics ? toset([1]) : toset([])`
`79`	`73`
`80`		`- oms_agent {`
`81`		`- enabled = var.enable_log_analytics`
	`74`	`+ content {`
`82`	`75`	`log_analytics_workspace_id = var.enable_log_analytics ? azurerm_log_analytics_workspace.current[0].id : null`
`83`	`76`	`}`
`84`	`77`	`}`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ terraform {`
`4`	`4`	`azurerm = {`
`5`	`5`	`# https://registry.terraform.io/providers/hashicorp/azurerm/latest`
`6`	`6`	`source = "hashicorp/azurerm"`
`7`		`- version = "< 3.0.0"`
	`7`	`+ version = ">= 3.4.0"`
`8`	`8`	`}`
`9`	`9`
`10`	`10`	`azuread = {`