Merge pull request #1225 from jiaqiluo/machine-selector-files

Author: jiaqiluo

docs/resources/cluster_v2.md

@@ -580,6 +580,53 @@ EOF
 }
 ```
 
+### Creating Rancher V2 Cluster with Machine Selector Files. For Rancher v2.7.2 and above.
+
+Machine selector files provides a means to deliver files to nodes, so that the files can be in place before initiating K3s server or agent processes.
+For more information, please refer to Rancher documentation:
+[RKE2 Cluster Configuration Reference](https://ranchermanager.docs.rancher.com/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration#machineselectorconfig) or 
+[K3s Cluster Configuration Reference](https://ranchermanager.docs.rancher.com/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration#machineselectorfiles)
+
+```hcl
+resource "rancher2_cluster_v2" "foo" {
+  name = var.rke2_cluster_name
+  kubernetes_version = "v1.25.13+rke2r1" // or a K3s version 
+  enable_network_policy = false
+  rke_config {
+    machine_pools {
+      name = "pool1"
+      cloud_credential_secret_name = rancher2_cloud_credential.foo.id
+      control_plane_role = true
+      etcd_role = true
+      worker_role = true
+      quantity = 1
+      machine_config {
+        kind = rancher2_machine_config_v2.foo.kind
+        name = rancher2_machine_config_v2.foo.name
+      }
+    }
+    machine_selector_files {
+      machine_label_selector {
+        match_labels = {
+          "rke.cattle.io/control-plane-role" = "true"
+        }
+      }
+      file_sources {
+        secret {
+          name = "config-file-v1"
+          default_permissions = "644"
+          items {
+            key = "audit-policy"
+            path ="/etc/rancher/rke2/custom/policy-v1.yaml"
+            permissions = "666"
+          }
+        }
+      }
+    }
+  }
+}
+```
+
 ## Argument Reference
 
 The following arguments are supported:
@@ -659,6 +706,7 @@ The following attributes are exported:
 * `machine_global_config` - (Optional) Cluster V2 machine global config. Must be in YAML format (string)
 * `machine_pools` - (Optional/Computed) Cluster V2 machine pools (list)
 * `machine_selector_config` - (Optional/Computed) Cluster V2 machine selector config (list)
+* `machine_selector_files` - (Optional/Computed) Cluster V2 machine selector files (list)
 * `registries` - (Optional) Cluster V2 docker registries (list maxitems:1)
 * `etcd` - (Optional) Cluster V2 etcd (list maxitems:1)
 * `rotate_certificates` (Optional) Cluster V2 certificate rotation (list maxitems:1)
@@ -764,6 +812,46 @@ The following attributes are exported:
 * `operator` - (Optional) Machine selector label match expressions operator (string)
 * `values` - (Optional) Machine selector label match expressions values (List string)
 
+#### `machine_selector_files`
+
+##### Arguments
+
+* `machine_label_selector` - (Optional) Machine selector label (list maxitems:1)
+* `files` - (Optional) Machine selector files (list)
+
+#### `files`
+
+##### Arguments
+
+* `secret` - (Optional) The secret which is the source of files (list maxitems:1)
+* `configmap` - (Optional) The configmap which is the source of files (list maxitems:1)
+
+#### `secret`
+
+##### Arguments
+
+* `name` - (Required) The name of the secret (string)
+* `default_permissions` - (Optional) The numeric representation of the file default permissions (string)
+* `items` - (Optional) Items to retrieve from the secret (list)
+
+#### `configmap`
+
+##### Arguments
+
+* `name` - (Required) The name of the configmap (string)
+* `default_permissions` - (Optional) The numeric representation of the file default permissions (string)
+* `items` - (Optional) Items to retrieve from the configmap (list)
+
+#### `items`
+
+##### Arguments
+
+* `key` - (Required) The key of the item to retrieve (string)
+* `path` - (Required) The path to put the file in the target node (string)
+* `dynamic` - (Optional) If true, the file is ignored when determining whether the node should be drained before updating the node plan (Boolean, default: true)
+* `permissions` - (Optional) The numeric representation of the file permission (string)
+* `hash` - (Optional) The base64 encoded value of the SHA256 checksum of the file's content (string)
+
 #### `registries`
 
 ##### Arguments

go.mod

@@ -112,7 +112,6 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/oklog/run v1.0.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/pkg/sftp v1.13.5 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/posener/complete v1.2.3 // indirect

rancher2/schema_cluster_v2_rke_config.go

@@ -7,7 +7,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 )
 
-//Types
+// Types
 
 func clusterV2RKEConfigFieldsV0() map[string]*schema.Schema {
 	s := map[string]*schema.Schema{
@@ -112,6 +112,15 @@ func clusterV2RKEConfigFieldsV0() map[string]*schema.Schema {
 				Schema: clusterV2RKEConfigSystemConfigFieldsV0(),
 			},
 		},
+		"machine_selector_files": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Computed:    true,
+			Description: "Cluster V2 machine selector files",
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigMachineSelectorFilesFields(),
+			},
+		},
 		"registries": {
 			Type:        schema.TypeList,
 			MaxItems:    1,
@@ -266,6 +275,15 @@ func clusterV2RKEConfigFields() map[string]*schema.Schema {
 				Schema: clusterV2RKEConfigSystemConfigFields(),
 			},
 		},
+		"machine_selector_files": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Computed:    true,
+			Description: "Cluster V2 machine selector files",
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigMachineSelectorFilesFields(),
+			},
+		},
 		"registries": {
 			Type:        schema.TypeList,
 			MaxItems:    1,

rancher2/schema_cluster_v2_rke_config_files.go

@@ -0,0 +1,113 @@
+package rancher2
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+// Types
+
+func clusterV2RKEConfigKeyToPathFields() map[string]*schema.Schema {
+	s := map[string]*schema.Schema{
+		"key": {
+			Type:        schema.TypeString,
+			Required:    true,
+			Description: "The key of the item(file) to retrieve",
+		},
+		"path": {
+			Type:        schema.TypeString,
+			Required:    true,
+			Description: "The path to put the file in the target node",
+		},
+		"dynamic": {
+			Type:        schema.TypeBool,
+			Optional:    true,
+			Default:     true,
+			Description: "If ture, the file is ignored when determining whether the node should be drained before updating the node plan (default: true).",
+		},
+		"permissions": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "The numeric representation of the file permissions",
+		},
+		"hash": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "The base64 encoded value of the SHA256 checksum of the file's content",
+		},
+	}
+
+	return s
+}
+
+func clusterV2RKEConfigK8sObjectFileSourceFields() map[string]*schema.Schema {
+	s := map[string]*schema.Schema{
+		"name": {
+			Type:        schema.TypeString,
+			Required:    true,
+			Description: "The name of the K8s object",
+		},
+		"items": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Description: "Items(files) to retrieve from the K8s object",
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigKeyToPathFields(),
+			},
+		},
+		"default_permissions": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "The default permissions to be applied when they are not set at the item level",
+		},
+	}
+
+	return s
+}
+func clusterV2RKEConfigFileSourceFields() map[string]*schema.Schema {
+	s := map[string]*schema.Schema{
+		"secret": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Description: "The secret which is the source of files",
+			MaxItems:    1,
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigK8sObjectFileSourceFields(),
+			},
+		},
+		"configmap": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Description: "The configmap which is the source of files",
+			MaxItems:    1,
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigK8sObjectFileSourceFields(),
+			},
+		},
+	}
+
+	return s
+}
+
+func clusterV2RKEConfigMachineSelectorFilesFields() map[string]*schema.Schema {
+	s := map[string]*schema.Schema{
+		"machine_label_selector": {
+			Type:        schema.TypeList,
+			MaxItems:    1,
+			Optional:    true,
+			Description: "Machine label selector",
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigSystemConfigLabelSelectorFields(),
+			},
+		},
+		"file_sources": {
+			Type:        schema.TypeList,
+			Optional:    true,
+			Description: "File sources",
+			Elem: &schema.Resource{
+				Schema: clusterV2RKEConfigFileSourceFields(),
+			},
+		},
+	}
+
+	return s
+}

rancher2/structure_cluster_v2_rke_config.go

@@ -36,6 +36,9 @@ func flattenClusterV2RKEConfig(in *provisionv1.RKEConfig) []interface{} {
 	if in.MachineSelectorConfig != nil && len(in.MachineSelectorConfig) > 0 {
 		obj["machine_selector_config"] = flattenClusterV2RKEConfigSystemConfig(in.MachineSelectorConfig)
 	}
+	if in.MachineSelectorFiles != nil && len(in.MachineSelectorFiles) > 0 {
+		obj["machine_selector_files"] = flattenClusterV2RKEConfigMachineSelectorFiles(in.MachineSelectorFiles)
+	}
 	if in.Registries != nil {
 		obj["registries"] = flattenClusterV2RKEConfigRegistry(in.Registries)
 	}
@@ -91,6 +94,9 @@ func expandClusterV2RKEConfig(p []interface{}) *provisionv1.RKEConfig {
 	if v, ok := in["machine_selector_config"].([]interface{}); ok && len(v) > 0 {
 		obj.MachineSelectorConfig = expandClusterV2RKEConfigSystemConfig(v)
 	}
+	if v, ok := in["machine_selector_files"].([]interface{}); ok && len(v) > 0 {
+		obj.MachineSelectorFiles = expandClusterV2RKEConfigProvisioningFiles(v)
+	}
 	if v, ok := in["registries"].([]interface{}); ok && len(v) > 0 {
 		obj.Registries = expandClusterV2RKEConfigRegistry(v)
 	}