Skip to content

Commit

Permalink
api: Make PlatformProfile.networkSecurityGroupId optional
Browse files Browse the repository at this point in the history
  • Loading branch information
Matthew Barnes committed Dec 5, 2024
1 parent c8b2083 commit 4d9d0c5
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 26 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -316,7 +316,7 @@ model PlatformProfile {
outboundType?: OutboundType = OutboundType.loadBalancer;

/** ResourceId for the network security group attached to the cluster subnet */
networkSecurityGroupId: NetworkSecurityGroupResourceId;
networkSecurityGroupId?: NetworkSecurityGroupResourceId;

/** The id of the disk encryption set to be used for etcd.
* Configure this when `etcdEncryption` is set to true
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1952,8 +1952,7 @@
}
},
"required": [
"subnetId",
"networkSecurityGroupId"
"subnetId"
]
},
"ProvisioningState": {
Expand Down
25 changes: 17 additions & 8 deletions frontend/pkg/frontend/ocm.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,14 +149,6 @@ func (f *Frontend) BuildCSCluster(resourceID *arm.ResourceID, tenantID string, h
ID(f.location)).
CloudProvider(cmv1.NewCloudProvider().
ID(csCloudProvider)).
Azure(cmv1.NewAzure().
TenantID(tenantID).
SubscriptionID(resourceID.SubscriptionID).
ResourceGroupName(resourceID.ResourceGroupName).
ResourceName(hcpCluster.Name).
ManagedResourceGroupName(ensureManagedResourceGroupName(hcpCluster)).
SubnetResourceID(hcpCluster.Properties.Spec.Platform.SubnetID).
NetworkSecurityGroupResourceID(hcpCluster.Properties.Spec.Platform.NetworkSecurityGroupID)).
Product(cmv1.NewProduct().
ID(csProductId)).
Hypershift(cmv1.NewHypershift().
Expand All @@ -177,6 +169,23 @@ func (f *Frontend) BuildCSCluster(resourceID *arm.ResourceID, tenantID string, h
FIPS(hcpCluster.Properties.Spec.FIPS).
EtcdEncryption(hcpCluster.Properties.Spec.EtcdEncryption)

azureBuilder := cmv1.NewAzure().
TenantID(tenantID).
SubscriptionID(resourceID.SubscriptionID).
ResourceGroupName(resourceID.ResourceGroupName).
ResourceName(hcpCluster.Name).
ManagedResourceGroupName(ensureManagedResourceGroupName(hcpCluster)).
SubnetResourceID(hcpCluster.Properties.Spec.Platform.SubnetID).
NetworkSecurityGroupResourceID(hcpCluster.Properties.Spec.Platform.NetworkSecurityGroupID)

// Cluster Service rejects an empty NetworkSecurityGroupResourceID string.
if hcpCluster.Properties.Spec.Platform.NetworkSecurityGroupID != "" {
azureBuilder = azureBuilder.
NetworkSecurityGroupResourceID(hcpCluster.Properties.Spec.Platform.NetworkSecurityGroupID)
}

clusterBuilder = clusterBuilder.Azure(azureBuilder)

// Cluster Service rejects an empty DomainPrefix string.
if hcpCluster.Properties.Spec.DNS.BaseDomainPrefix != "" {
clusterBuilder = clusterBuilder.
Expand Down
11 changes: 5 additions & 6 deletions internal/api/hcpopenshiftcluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,12 +84,11 @@ type ProxyProfile struct {
// PlatformProfile represents the Azure platform configuration.
// Visibility for the entire struct is "read create".
type PlatformProfile struct {
ManagedResourceGroup string `json:"managedResourceGroup,omitempty"`
SubnetID string `json:"subnetId,omitempty" validate:"required_for_put"`
OutboundType OutboundType `json:"outboundType,omitempty" validate:"omitempty,enum_outboundtype"`
//TODO: Is nsg required for PUT, or will we create if not specified?
NetworkSecurityGroupID string `json:"networkSecurityGroupId,omitempty" validate:"required_for_put"`
EtcdEncryptionSetID string `json:"etcdEncryptionSetId,omitempty"`
ManagedResourceGroup string `json:"managedResourceGroup,omitempty"`
SubnetID string `json:"subnetId,omitempty" validate:"required_for_put"`
OutboundType OutboundType `json:"outboundType,omitempty" validate:"omitempty,enum_outboundtype"`
NetworkSecurityGroupID string `json:"networkSecurityGroupId,omitempty"`
EtcdEncryptionSetID string `json:"etcdEncryptionSetId,omitempty"`
}

// ExternalAuthConfigProfile represents the external authentication configuration.
Expand Down
7 changes: 1 addition & 6 deletions internal/api/hcpopenshiftcluster_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,7 @@ func minimumValidCluster() *HCPOpenShiftCluster {
Visibility: "public",
},
Platform: PlatformProfile{
SubnetID: "/something/something/virtualNetworks/subnets",
NetworkSecurityGroupID: "/something/something/networkSecurityGroups",
SubnetID: "/something/something/virtualNetworks/subnets",
},
},
},
Expand Down Expand Up @@ -104,10 +103,6 @@ func TestClusterRequiredForPut(t *testing.T) {
Message: "Missing required field 'subnetId'",
Target: "properties.spec.platform.subnetId",
},
{
Message: "Missing required field 'networkSecurityGroupId'",
Target: "properties.spec.platform.networkSecurityGroupId",
},
},
},
{
Expand Down
6 changes: 3 additions & 3 deletions internal/api/v20240610preview/generated/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 4d9d0c5

Please sign in to comment.