fix: conditionally set source_addresses for do provider inbound_rule
Description
Thesource_addresses
attribute of the inbound_rule
of digitalocean_firewall
references the variable vpc_ip_range
which has a default value of an empty string ""
. This causes the terraform plan command to fail in the pipeline, as the value then becomes source_addresses = [""]
.
Supporting information
Error from the logs (as the cluster is private, I am just sharing the relevant error from the logs)
╷
│ Error: inbound_rule.0.source_addresses.0 must not be empty, got
│
│ with module.k8s_cluster.digitalocean_firewall.k8s_worker_node_ssh_access,
│ on k8s-cluster/main.tf line 44, in resource "digitalocean_firewall" "k8s_worker_node_ssh_access":
│ 44: resource "digitalocean_firewall" "k8s_worker_node_ssh_access" {
│
╵
Testing instructions
Steps to test the changes:
- Setup all the necessary variables for a Digital Ocean cluster based on the Grove docs and trigger the pipeline
- The pipeline should fail in the
cluster infra plan
step with the error as the one above
Dependencies
List the dependencies required for this change, if any. Do not forget to link grove-template merge request here if that's affected by this change.
Screenshots
If applicable, add screenshots to help explain your feature.
Checklist
If any of the items below is not applicable, do not remove them, but put a check in it.
-
All providers include the new feature/change -
All affected providers can provision new clusters -
Unit tests are added/updated -
Documentation is added/updated -
The TOOLS_CONTAINER_IMAGE_VERSION
in ci_vars.yml is updated -
The grove-template repository is updated
Additional context
Add any other context about the merge request here.