chore: Updates cluster resource to use cluster APIs to support certain advanced configuration attributes #1344
Conversation
There was a problem hiding this comment.
@AgustinBettati to have a look whenever possible, but this change LGTM - I think we're still pre-ISS with the schema so there is no risk since Aastha is linking to the custom build
| if advConfig := cluster.AdvancedConfiguration; advConfig != nil { | ||
| res.MinimumEnabledTLSProtocol = advConfig.MinimumEnabledTlsProtocol | ||
| res.TlsCipherConfigMode = advConfig.TlsCipherConfigMode | ||
| res.CustomOpensslCipherConfigTls12 = *advConfig.CustomOpensslCipherConfigTls12 |
There was a problem hiding this comment.
is advConfig.CustomOpensslCipherConfigTls12 never nil? it could panic if not
There was a problem hiding this comment.
CustomOpensslCipherConfigTls12 is never nil. I have updated it to use the Get method though to be safe. Also, one of the tests does cover not using this field so we should be good
| DefaultReadConcern: p.DefaultReadConcern, | ||
| DefaultWriteConcern: p.DefaultWriteConcern, | ||
| FailIndexKeyTooLong: p.FailIndexKeyTooLong, | ||
| JavascriptEnabled: p.JavascriptEnabled, | ||
| MinimumEnabledTLSProtocol: p.MinimumEnabledTlsProtocol, |
There was a problem hiding this comment.
shoudn't we keep reading MinimumEnabledTLSProtocol from here in case advConfig is nil?
There was a problem hiding this comment.
I see flattenProcessArgs is called in read only if advancedConfig is defined by the user
There was a problem hiding this comment.
I see flattenProcessArgs is called in read only if advancedConfig is defined by the user
right
shoudn't we keep reading MinimumEnabledTLSProtocol from here in case advConfig is nil?
no I think for consistency we should stick to one API
| if processArgs.TlsCipherConfigMode != nil { | ||
| args.TlsCipherConfigMode = processArgs.TlsCipherConfigMode | ||
| } | ||
| args.CustomOpensslCipherConfigTls12 = &processArgs.CustomOpensslCipherConfigTls12 |
There was a problem hiding this comment.
similar to before, do we want to check if processArgs.CustomOpensslCipherConfigTls12 is nil? or maybe we can have if len(processArgs.CustomOpensslCipherConfigTls12) > 0 ...
cfn-resources/go.mod
Outdated
| @@ -19,7 +19,7 @@ require ( | |||
| github.com/stretchr/testify v1.10.0 | |||
| github.com/tidwall/pretty v1.2.1 | |||
| go.mongodb.org/atlas-sdk/v20231115002 v20231115002.1.0 | |||
| go.mongodb.org/atlas-sdk/v20231115014 v20231115014.0.0 | |||
| go.mongodb.org/atlas-sdk/v20231115014 v20231115014.0.1 // This is a tag on Atlas SDK v20231115014 used for internal purposes only & not officially supported | |||
There was a problem hiding this comment.
can we also say WHY we need this in the comment?
There was a problem hiding this comment.
have added above replace
cfn-resources/go.mod
Outdated
| @@ -2,6 +2,9 @@ module github.com/mongodb/mongodbatlas-cloudformation-resources | |||
|
|
|||
| go 1.23.1 | |||
|
|
|||
| // Replacing with local copy of Atlas SDK v20231115014 to support new AdvancedConfiguration in *admin.AdvancedClusterDescription | |||
| replace go.mongodb.org/atlas-sdk/v20231115014 => ../atlas-sdk-local-v20231115014/go.mongodb.org/atlas-sdk/v20231115014 | |||
cfn-resources/go.mod
Outdated
| // Replacing with local copy of Atlas SDK v20231115014 to support new AdvancedConfiguration in *admin.AdvancedClusterDescription | ||
| replace go.mongodb.org/atlas-sdk/v20231115014 => ../atlas-sdk-local-v20231115014/go.mongodb.org/atlas-sdk/v20231115014 |
There was a problem hiding this comment.
Is there a significant drawback to the branch approach? Asking in case we need a followup for adjusting our terraform repo: https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/go.mod#L36
There was a problem hiding this comment.
One drawback I came across is dependabot updates, if a new version/tag is created for that major version, that will be automatically updated.
The other is of course if the branch/tag is unintentionally modified somehow, this is more like a static copy in that case.
Asking in case we need a followup for adjusting our terraform repo: https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/go.mod#L36
For TF, can you confirm if v20240805005 will be removed in 2.0 release? If yes, then I'd leave it as is but if not then yes, I'd change that as well. Tagging @lantoli since Agustin is out.
| @@ -0,0 +1,5 @@ | |||
| module go.mongodb.org/atlas-sdk/v20231115014 | |||
|
|
|||
There was a problem hiding this comment.
Is there any directory convention when making use of vendoring? Looking into some examples I do see a root ./vendor directory (example). Not sure if go mod vendor helps with this directly.
There was a problem hiding this comment.
yes I think that makes sense, renamed to vendor
Proposed changes
Jira ticket: CLOUDP-296223
Updates cluster resource to consume some of the processArgs fields from the createCluster/updateCluster instead of /processArgs API
This PR needed some changes (new AdvancedConfiguration attribute in ClusterDescription) backported to the SDK v20231115014. This is done by vendoring a local version of the SDK. This involves adding all files of this SDK version in the repo & using those. This would also avoid automatic dependabot updates if a new tag is created for that version.
Type of change:
expected)
Manual QA performed:
Required Checklist:
make fmtand formatted my codeworks in Atlas
Further comments