Enables Running BYOC in Containerized Environments/TFC #183
Conversation
gene-redpanda
force-pushed
the
byoc-ci
branch
3 times, most recently
from
cbd4aa7 to
c2db864
Compare
gene-redpanda
force-pushed
the
byoc-ci
branch
3 times, most recently
from
cf110ce to
279b40d
Compare
gene-redpanda
force-pushed
the
byoc-ci
branch
from
327a8ea to
11edc16
Compare
gene-redpanda
force-pushed
the
byoc-ci
branch
3 times, most recently
from
2b4bd89 to
e1c9b23
Compare
Adds support for testing byoc Adds initial error handling improvements
Adds support for useragent reporting Also includes more error handling improvement
gene-redpanda
force-pushed
the
byoc-ci
branch
from
e1c9b23 to
0fa6c4b
Compare
gene-redpanda
changed the title
gene-redpanda
requested review from
r-vasquez and
andrewstucki
as code owners
| # aws_private_link = { | ||
| # enabled = true | ||
| # connect_console = true | ||
| # allowed_principals = ["arn:aws:iam::123456789024:root"] | ||
| # } |
There was a problem hiding this comment.
It's solely there for an example to end users. We can't have it actually run because it will cause the whole thing to explode
| # azure_private_link = { | ||
| # enabled = true | ||
| # connect_console = true | ||
| # allowed_subscriptions = ["12345678-1234-1234-1234-123456789012"] | ||
| # } |
| @@ -171,7 +175,7 @@ func SpawnConn(url, authToken string) (*grpc.ClientConn, error) { | |||
| rl.Limiter, | |||
| // Retry interceptor | |||
| grpcretry.UnaryClientInterceptor( | |||
| grpcretry.WithCodes(codes.Unavailable, codes.Unknown, codes.Internal), | |||
| grpcretry.WithCodes(codes.Unavailable, codes.Unknown, codes.Internal, codes.Unauthenticated), | |||
There was a problem hiding this comment.
Not a blocker: Could the CI uses the credentials from the secret manager that would authenticate against our cloud?
I think it should be under sdlc/prod/buildkite/rpk_test_client
There was a problem hiding this comment.
I've got creds and vaults set up for secret manager that are per repo across several repos. I'd prefer to not collide with other testing/deal with potential quotas 😅
| googleCredentials := os.Getenv("GOOGLE_CREDENTIALS") | ||
| googleCredentialsBase64 := os.Getenv("GOOGLE_CREDENTIALS_BASE64") |
There was a problem hiding this comment.
Not a blocker: I always wonder if there is base64 why should we use the other one? Maybe you know.
There was a problem hiding this comment.
IMO we shouldn't. I support the standard because I want to avoid issues for end users but IMO the base64 should absolutely be the default.
| "github.com/redpanda-data/terraform-provider-redpanda/redpanda/validators" | ||
| ) | ||
|
|
||
| func resourceClusterSchema() schema.Schema { |
There was a problem hiding this comment.
Is this generated or hand crafted?
There was a problem hiding this comment.
Hand crafted. There's unfortunately no up to date generator for TPF (sdkv2 has a couple).
Fixes various issues that prevented running the provider in a containerized environment including various cred passthrus and getting the Azure CLI removed as a dependency for the Azure flow.
Also correctly deserializes GRPC errors and reports the user-agent back home.