joesims22
commented
1 month ago Validated on v2.10-head id 8b50f83
| # | Priority | Description & Link | PASS/FAIL |
|---|---|---|---|
| 1 | P0 | Verify updating RT via TFP is successful | ✅ PASS |
| 2 | P0 | Verify TFP sets external attribute to false by default | ✅ PASS |
| 3 | P0 | Verify external rules value is set to nil if external attribute is not set | ✅ PASS |
| 4 | P0 | Verify external rules cannot be set when updating RT via TFP while external is set to false | ✅ PASS |
| 5 | P0 | Verify external rules can be set when updating RT via TFP after setting external to true | ✅ PASS |
| 6 | P1 | Verify external rules cannot be set via kubectl when external is set to false | ✅ PASS |
| 7 | P1 | Verify external rules can be set when updating RT via kubectl after setting external to true | ✅ PASS |
| 8 | P0 | Verify external rules are removed when external set to false via TFP | ✅ PASS |
| 9 | P0 | Upgrade: Verify updating RT via TFP is successful upon upgrading Rancher | ✅ PASS |
Rancher Server Setup
v2.8.5RKE1Information about the Cluster
v1.28.7LocalUser Information
AdminProvider Information
v4.2.0v1.5.7Describe the bug
We have custom roles _without external_rules defined_. When
terraform-provider-rancher2to v4.2.0 any update to the arancher2_role_templateresource is blocked by the Rancher Webhook with the following error message:The provider might be sending and empty array value for the
externalRulesattribute to the rancher API but the Rancher Webhook checks for a nil value. See: https://github.com/rancher/webhook/blob/main/pkg/resources/management.cattle.io/v3/roletemplate/validator.go#L130To Reproduce
With kubectl, edit a roletemplates by adding
externalRules: []to the manifest.Actual Result
See error above
Expected Result
Role template should be updated
Screenshots
Additional context