From 1d6d87cddc95220a394235e6e6008335ef3adc67 Mon Sep 17 00:00:00 2001 From: Emile Hofsink <72841492+EmileHofsink@users.noreply.github.com> Date: Wed, 18 Sep 2024 20:32:01 +1000 Subject: [PATCH 1/2] Update resource_container_cluster.go.erb --- .../resource_container_cluster.go.erb | 36 ++++++++++--------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb b/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb index 4cdf23a8d97f..838a636f6e63 100644 --- a/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb +++ b/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb @@ -2129,33 +2129,35 @@ func ResourceContainerCluster() *schema.Resource { Type: schema.TypeList, Optional: true, MaxItems: 1, - DiffSuppressFunc: suppressDiffForAutopilot, Description: `Configuration for Cloud DNS for Kubernetes Engine.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "additive_vpc_scope_dns_domain": { - Type: schema.TypeString, - Description: `Enable additive VPC scope DNS in a GKE cluster.`, - Optional: true, + Type: schema.TypeString, + Description: `Enable additive VPC scope DNS in a GKE cluster.`, + Optional: true, }, "cluster_dns": { - Type: schema.TypeString, - Default: "PROVIDER_UNSPECIFIED", - ValidateFunc: validation.StringInSlice([]string{"PROVIDER_UNSPECIFIED", "PLATFORM_DEFAULT", "CLOUD_DNS"}, false), - Description: `Which in-cluster DNS provider should be used.`, - Optional: true, + Type: schema.TypeString, + Default: "PROVIDER_UNSPECIFIED", + ValidateFunc: validation.StringInSlice([]string{"PROVIDER_UNSPECIFIED", "PLATFORM_DEFAULT", "CLOUD_DNS"}, false), + DiffSuppressFunc: suppressDiffForAutopilot, + Description: `Which in-cluster DNS provider should be used.`, + Optional: true, }, "cluster_dns_scope": { - Type: schema.TypeString, - Default: "DNS_SCOPE_UNSPECIFIED", - ValidateFunc: validation.StringInSlice([]string{"DNS_SCOPE_UNSPECIFIED", "CLUSTER_SCOPE", "VPC_SCOPE"}, false), - Description: `The scope of access to cluster DNS records.`, - Optional: true, + Type: schema.TypeString, + Default: "DNS_SCOPE_UNSPECIFIED", + ValidateFunc: validation.StringInSlice([]string{"DNS_SCOPE_UNSPECIFIED", "CLUSTER_SCOPE", "VPC_SCOPE"}, false), + DiffSuppressFunc: suppressDiffForAutopilot, + Description: `The scope of access to cluster DNS records.`, + Optional: true, }, "cluster_dns_domain": { - Type: schema.TypeString, - Description: `The suffix used for all cluster service records.`, - Optional: true, + Type: schema.TypeString, + Description: `The suffix used for all cluster service records.`, + DiffSuppressFunc: suppressDiffForAutopilot, + Optional: true, }, }, }, From 320e28c6e3fc85d9b8c420c9326e29e1dc8c97cd Mon Sep 17 00:00:00 2001 From: Emile Hofsink Date: Sun, 22 Sep 2024 19:56:57 +1000 Subject: [PATCH 2/2] Force recreate of cluster if cluster is Autopilot and additive_vpc_scope_dns_domain has changed --- .../services/container/resource_container_cluster.go.erb | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb b/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb index 4cdf23a8d97f..38c7a95651ca 100644 --- a/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb +++ b/mmv1/third_party/terraform/services/container/resource_container_cluster.go.erb @@ -6849,8 +6849,13 @@ func containerClusterAutopilotCustomizeDiff(_ context.Context, d *schema.Resourc if err := d.SetNew("networking_mode", "VPC_NATIVE"); err != nil { return err } - } - return nil + } + // Additive VPC Scope DNS domain is supported in Autopilot but only on creation. + // If additive_vpc_scope_dns_domain is changed and enable_autopilot is true, force recreation. + if d.HasChange("dns_config.0.additive_vpc_scope_dns_domain") && d.Get("enable_autopilot").(bool) { + return d.ForceNew("dns_config.0.additive_vpc_scope_dns_domain") + } + return nil } // node_version only applies to the default node pool, so it should conflict with remove_default_node_pool = true