search

Azure / azure-service-operator

Azure Service Operator allows you to create Azure resources using kubectl
https://azure.github.io/azure-service-operator/
MIT License
722 stars 194 forks source link

Bug: Creation of Spec initialization functions fails #3395

Closed theunrepentantgeek closed 11 months ago

theunrepentantgeek commented 11 months ago

Version of Azure Service Operator

All versions up to 2.3.0

Describe the bug

When injecting the functions used to initialize the resource spec from its status (as used by asoctl import azure-resource), an assumption is made that there is a one-to-one mapping between spec and status types. This assumption does not hold.

To Reproduce

Add (or merge) the following configuration into azure-arm.yaml:

  cdn:
    2023-05-01:
      Profiles_SecurityPolicy:
        $exportAs: ProfilesSecurityPolicy
        $supportedFrom: v2.4.0

When the generator is run, the following error is emitted:

error generating code: failed to execute stage 57: Inject spec initialization functions Initialize_From_*() into resources and objects: 
scanning for spec/status mappings: 
visiting definitions of spec type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/Profiles_SecurityPolicy_Spec and status type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/Profiles_SecurityPolicy_STATUS: 
visiting properties "Parameters" and "Parameters": 
failed to visit optional element type "github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyPropertiesParameters": 
visiting definitions of spec type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyPropertiesParameters and status type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyPropertiesParameters_STATUS: 
failed to visit flagged type "(object)": 
visiting properties "WebApplicationFirewall" and "WebApplicationFirewall": 
failed to visit optional element type "github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyWebApplicationFirewallParameters": 
visiting definitions of spec type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyWebApplicationFirewallParameters and status type github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyWebApplicationFirewallParameters_STATUS:
visiting properties "Associations" and "Associations": visiting array element types: 
visiting definitions of spec type 
github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyWebApplicationFirewallAssociation
and status type
github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/SecurityPolicyWebApplicationFirewallAssociation_STATUS: 
visiting properties "Domains" and "Domains": visiting array element types: 
found multiple status types "github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/ActivatedResourceReference_STATUS_Profiles_AfdEndpoints_Route_SubResourceEmbedded" 
and "github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/ActivatedResourceReference_STATUS_Profiles_SecurityPolicy_SubResourceEmbedded" 
for spec type \"github.com/Azure/azure-service-operator/v2/api/cdn/v1api20230501/ActivatedResourceReference"

Pulling the key information out of this, we get the following details:

The spec type ActivatedResourceReference has an existing mapping to the status type ActivatedResourceReference_STATUS_Profiles_AfdEndpoints_Route_SubResourceEmbedded which conflicts with creating a mapping to ActivatedResourceReference_STATUS_Profiles_SecurityPolicy_SubResourceEmbedded.

Expected behavior

Valid OpenAPI specifications should not cause issues for the generator.

Additional context

In addition to fixing the underlying bug, we should also improve the error message to make it less impenetrable.

theunrepentantgeek commented 11 months ago

A temporary workaround is to elide the Domains property for now. This will allow everything else about the resource to work in the meantime, and we can restore the property once the underlying bug is fixed.

To do this, add the following to the typeTransformers section of azure-arm.yaml:

 - group: cdn
    name: SecurityPolicyWebApplicationFirewallAssociation
    property: Domains
    remove: true
    because: Spec type ActivatedResourceReference maps to multiple status types, and this is currently not supported. See #3395 for details
ppotturi commented 11 months ago

Please include the AFD endpoint route resource to reproduce the error. 

  cdn:
    2023-05-01:
      Profiles_AFDEndpoints_Route:
        $exportAs: ProfilesAFDEndpointRoute
        $supportedFrom: v2.4.0
      Profiles_SecurityPolicy:
        $exportAs: ProfilesSecurityPolicy
        $supportedFrom: v2.4.0