Merge pull request #767 from ulucinar/selective-sl-config

Only add singleton list API converters for the existing APIs

config/authorization/config.go

@@ -20,20 +20,4 @@ func Configure(p *config.Provider) {
 	p.AddResourceConfigurator("azurerm_resource_group_policy_assignment", func(r *config.Resource) {
 		r.ExternalName.IdentifierFields = common.RemoveIndex(r.ExternalName.IdentifierFields, "resource_group_id")
 	})
-	p.AddResourceConfigurator("azurerm_pim_active_role_assignment", func(r *config.Resource) {
-		r.PreviousVersions = nil
-		r.Version = "v1beta1"
-		r.Conversions = nil
-		r.TerraformConversions = []config.TerraformConversion{
-			config.NewTFSingletonConversion(),
-		}
-	})
-	p.AddResourceConfigurator("azurerm_pim_eligible_role_assignment", func(r *config.Resource) {
-		r.PreviousVersions = nil
-		r.Version = "v1beta1"
-		r.Conversions = nil
-		r.TerraformConversions = []config.TerraformConversion{
-			config.NewTFSingletonConversion(),
-		}
-	})
 }

config/old-singleton-list-apis.txt

@@ -0,0 +1,284 @@
+azurerm_api_management
+azurerm_api_management_api
+azurerm_api_management_api_diagnostic
+azurerm_api_management_api_operation
+azurerm_api_management_backend
+azurerm_api_management_diagnostic
+azurerm_api_management_gateway
+azurerm_api_management_logger
+azurerm_api_management_named_value
+azurerm_app_configuration
+azurerm_app_service_plan
+azurerm_application_gateway
+azurerm_application_insights_standard_web_test
+azurerm_application_insights_workbook
+azurerm_automation_account
+azurerm_automation_module
+azurerm_automation_runbook
+azurerm_automation_schedule
+azurerm_backup_policy_file_share
+azurerm_backup_policy_vm
+azurerm_backup_policy_vm_workload
+azurerm_capacity_reservation
+azurerm_cdn_endpoint
+azurerm_cdn_frontdoor_custom_domain
+azurerm_cdn_frontdoor_origin
+azurerm_cdn_frontdoor_origin_group
+azurerm_cdn_frontdoor_route
+azurerm_cdn_frontdoor_rule
+azurerm_cdn_frontdoor_security_policy
+azurerm_cognitive_account
+azurerm_cognitive_deployment
+azurerm_consumption_budget_management_group
+azurerm_consumption_budget_resource_group
+azurerm_consumption_budget_subscription
+azurerm_container_app
+azurerm_container_registry
+azurerm_container_registry_token_password
+azurerm_cosmosdb_account
+azurerm_cosmosdb_cassandra_cluster
+azurerm_cosmosdb_cassandra_keyspace
+azurerm_cosmosdb_cassandra_table
+azurerm_cosmosdb_gremlin_database
+azurerm_cosmosdb_gremlin_graph
+azurerm_cosmosdb_mongo_collection
+azurerm_cosmosdb_mongo_database
+azurerm_cosmosdb_sql_container
+azurerm_cosmosdb_sql_database
+azurerm_cosmosdb_table
+azurerm_data_factory
+azurerm_data_factory_custom_dataset
+azurerm_data_factory_data_flow
+azurerm_data_factory_dataset_binary
+azurerm_data_factory_dataset_delimited_text
+azurerm_data_factory_dataset_json
+azurerm_data_factory_dataset_parquet
+azurerm_data_factory_integration_runtime_azure_ssis
+azurerm_data_factory_integration_runtime_managed
+azurerm_data_factory_linked_custom_service
+azurerm_data_factory_linked_service_azure_blob_storage
+azurerm_data_factory_linked_service_azure_databricks
+azurerm_data_factory_linked_service_azure_file_storage
+azurerm_data_factory_linked_service_azure_function
+azurerm_data_factory_linked_service_azure_sql_database
+azurerm_data_factory_linked_service_odata
+azurerm_data_factory_linked_service_odbc
+azurerm_data_factory_linked_service_snowflake
+azurerm_data_factory_linked_service_sql_server
+azurerm_data_factory_linked_service_synapse
+azurerm_data_factory_trigger_schedule
+azurerm_data_protection_backup_policy_disk
+azurerm_data_protection_backup_policy_postgresql
+azurerm_data_protection_backup_vault
+azurerm_data_share
+azurerm_data_share_account
+azurerm_data_share_dataset_blob_storage
+azurerm_databricks_access_connector
+azurerm_databricks_workspace
+azurerm_dev_test_global_vm_shutdown_schedule
+azurerm_dev_test_linux_virtual_machine
+azurerm_dev_test_schedule
+azurerm_dev_test_virtual_network
+azurerm_dev_test_windows_virtual_machine
+azurerm_digital_twins_instance
+azurerm_disk_encryption_set
+azurerm_dns_zone
+azurerm_elastic_cloud_elasticsearch
+azurerm_eventgrid_domain
+azurerm_eventgrid_event_subscription
+azurerm_eventgrid_system_topic
+azurerm_eventgrid_topic
+azurerm_eventhub
+azurerm_eventhub_namespace
+azurerm_express_route_circuit
+azurerm_express_route_circuit_peering
+azurerm_express_route_connection
+azurerm_express_route_port
+azurerm_firewall
+azurerm_firewall_policy
+azurerm_fluid_relay_server
+azurerm_frontdoor
+azurerm_frontdoor_custom_https_configuration
+azurerm_frontdoor_rules_engine
+azurerm_function_app
+azurerm_function_app_slot
+azurerm_gallery_application_version
+azurerm_hdinsight_hadoop_cluster
+azurerm_hdinsight_hbase_cluster
+azurerm_hdinsight_interactive_query_cluster
+azurerm_hdinsight_kafka_cluster
+azurerm_hdinsight_spark_cluster
+azurerm_healthcare_dicom_service
+azurerm_healthcare_fhir_service
+azurerm_healthcare_medtech_service
+azurerm_healthcare_service
+azurerm_hpc_cache
+azurerm_image
+azurerm_iot_security_device_group
+azurerm_iot_security_solution
+azurerm_iot_time_series_insights_gen2_environment
+azurerm_iotcentral_application
+azurerm_iothub
+azurerm_iothub_device_update_account
+azurerm_iothub_device_update_instance
+azurerm_iothub_dps
+azurerm_key_vault
+azurerm_key_vault_certificate
+azurerm_key_vault_key
+azurerm_key_vault_managed_hardware_security_module
+azurerm_kubernetes_cluster
+azurerm_kubernetes_cluster_node_pool
+azurerm_kubernetes_fleet_manager
+azurerm_kusto_attached_database_configuration
+azurerm_kusto_cluster
+azurerm_lab_service_lab
+azurerm_lab_service_plan
+azurerm_linux_function_app
+azurerm_linux_function_app_slot
+azurerm_linux_virtual_machine
+azurerm_linux_virtual_machine_scale_set
+azurerm_linux_web_app
+azurerm_linux_web_app_slot
+azurerm_load_test
+azurerm_local_network_gateway
+azurerm_log_analytics_solution
+azurerm_log_analytics_workspace
+azurerm_logic_app_integration_account_batch_configuration
+azurerm_logic_app_trigger_recurrence
+azurerm_logic_app_workflow
+azurerm_logz_monitor
+azurerm_logz_sub_account
+azurerm_machine_learning_compute_cluster
+azurerm_machine_learning_compute_instance
+azurerm_machine_learning_synapse_spark
+azurerm_machine_learning_workspace
+azurerm_maintenance_configuration
+azurerm_managed_disk
+azurerm_media_asset_filter
+azurerm_media_content_key_policy
+azurerm_media_job
+azurerm_media_live_event
+azurerm_media_services_account
+azurerm_media_services_account_filter
+azurerm_media_streaming_endpoint
+azurerm_media_streaming_policy
+azurerm_media_transform
+azurerm_monitor_action_group
+azurerm_monitor_action_rule_action_group
+azurerm_monitor_action_rule_suppression
+azurerm_monitor_activity_log_alert
+azurerm_monitor_alert_processing_rule_action_group
+azurerm_monitor_alert_processing_rule_suppression
+azurerm_monitor_autoscale_setting
+azurerm_monitor_data_collection_rule
+azurerm_monitor_diagnostic_setting
+azurerm_monitor_metric_alert
+azurerm_monitor_scheduled_query_rules_alert
+azurerm_monitor_scheduled_query_rules_alert_v2
+azurerm_monitor_scheduled_query_rules_log
+azurerm_monitor_smart_detector_alert_rule
+azurerm_mssql_database
+azurerm_mssql_elasticpool
+azurerm_mssql_failover_group
+azurerm_mssql_managed_database
+azurerm_mssql_managed_instance
+azurerm_mssql_managed_instance_failover_group
+azurerm_mssql_managed_instance_vulnerability_assessment
+azurerm_mssql_server
+azurerm_mssql_server_vulnerability_assessment
+azurerm_mysql_flexible_server
+azurerm_mysql_server
+azurerm_netapp_account
+azurerm_netapp_snapshot_policy
+azurerm_netapp_volume
+azurerm_network_connection_monitor
+azurerm_network_manager
+azurerm_network_packet_capture
+azurerm_network_profile
+azurerm_network_watcher_flow_log
+azurerm_notification_hub
+azurerm_orchestrated_virtual_machine_scale_set
+azurerm_point_to_site_vpn_gateway
+azurerm_policy_virtual_machine_configuration_assignment
+azurerm_postgresql_flexible_server
+azurerm_postgresql_server
+azurerm_private_dns_zone
+azurerm_private_endpoint
+azurerm_purview_account
+azurerm_recovery_services_vault
+azurerm_redis_cache
+azurerm_resource_deployment_script_azure_cli
+azurerm_resource_deployment_script_azure_power_shell
+azurerm_resource_group_cost_management_export
+azurerm_resource_group_policy_assignment
+azurerm_resource_policy_assignment
+azurerm_route_filter
+azurerm_search_service
+azurerm_security_center_assessment
+azurerm_service_fabric_cluster
+azurerm_service_fabric_managed_cluster
+azurerm_servicebus_namespace
+azurerm_servicebus_subscription
+azurerm_servicebus_subscription_rule
+azurerm_shared_image
+azurerm_shared_image_gallery
+azurerm_signalr_service
+azurerm_signalr_service_network_acl
+azurerm_site_recovery_protection_container_mapping
+azurerm_snapshot
+azurerm_spring_cloud_api_portal
+azurerm_spring_cloud_app
+azurerm_spring_cloud_build_deployment
+azurerm_spring_cloud_build_pack_binding
+azurerm_spring_cloud_builder
+azurerm_spring_cloud_connection
+azurerm_spring_cloud_container_deployment
+azurerm_spring_cloud_customized_accelerator
+azurerm_spring_cloud_dev_tool_portal
+azurerm_spring_cloud_gateway
+azurerm_spring_cloud_java_deployment
+azurerm_spring_cloud_service
+azurerm_static_site
+azurerm_storage_account
+azurerm_storage_account_local_user
+azurerm_storage_blob_inventory_policy
+azurerm_storage_management_policy
+azurerm_stream_analytics_function_javascript_uda
+azurerm_stream_analytics_job
+azurerm_stream_analytics_output_blob
+azurerm_stream_analytics_output_eventhub
+azurerm_stream_analytics_output_servicebus_queue
+azurerm_stream_analytics_output_servicebus_topic
+azurerm_stream_analytics_reference_input_blob
+azurerm_stream_analytics_stream_input_blob
+azurerm_stream_analytics_stream_input_eventhub
+azurerm_stream_analytics_stream_input_iothub
+azurerm_subnet
+azurerm_subscription_cost_management_export
+azurerm_subscription_policy_assignment
+azurerm_synapse_linked_service
+azurerm_synapse_spark_pool
+azurerm_synapse_sql_pool
+azurerm_synapse_workspace
+azurerm_synapse_workspace_vulnerability_assessment
+azurerm_traffic_manager_profile
+azurerm_virtual_hub_connection
+azurerm_virtual_machine_extension
+azurerm_virtual_machine_run_command
+azurerm_virtual_network
+azurerm_virtual_network_gateway
+azurerm_virtual_network_gateway_connection
+azurerm_vpn_gateway
+azurerm_vpn_gateway_connection
+azurerm_vpn_server_configuration
+azurerm_vpn_site
+azurerm_web_application_firewall_policy
+azurerm_web_pubsub
+azurerm_web_pubsub_hub
+azurerm_web_pubsub_network_acl
+azurerm_windows_function_app
+azurerm_windows_function_app_slot
+azurerm_windows_virtual_machine
+azurerm_windows_virtual_machine_scale_set
+azurerm_windows_web_app
+azurerm_windows_web_app_slot

config/registry.go

@@ -7,6 +7,7 @@ package config
 import (
 	"context"
 	_ "embed"
+	"strings"
 
 	"github.com/crossplane/upjet/pkg/config"
 	ujconfig "github.com/crossplane/upjet/pkg/config"
@@ -34,6 +35,27 @@ var (
 
 	//go:embed provider-metadata.yaml
 	providerMetadata []byte
+
+	// oldSingletonListAPIs is a newline-delimited list of Terraform resource
+	// names with converted singleton list APIs with at least CRD API version
+	// containing the old singleton list API. This is to prevent the API
+	// conversion for the newly added resources whose CRD APIs will already
+	// use embedded objects instead of the singleton lists and thus, will
+	// not possess a CRD API version with the singleton list. Thus, for
+	// the newly added resources (resources added after the singleton lists
+	// have been converted), we do not need the CRD API conversion
+	// functions that convert between singleton lists and embedded objects,
+	// but we need only the Terraform conversion functions.
+	// This list is immutable and represents the set of resources with the
+	// already generated CRD API versions with now converted singleton lists.
+	// Because new resources should never have singleton lists in their
+	// generated APIs, there should be no need to add them to this list.
+	// However, bugs might result in exceptions in the future.
+	// Please see:
+	// https://github.com/crossplane-contrib/provider-upjet-azure/pull/733
+	// for more context on singleton list to embedded object conversions.
+	//go:embed old-singleton-list-apis.txt
+	oldSingletonListAPIs string
 )
 
 // These resources cannot be generated because of their suffixes colliding with
@@ -195,23 +217,42 @@ func GetProvider(ctx context.Context, generationProvider bool) (*ujconfig.Provid
 }
 
 func bumpVersionsWithEmbeddedLists(pc *ujconfig.Provider) {
+	l := strings.Split(strings.TrimSpace(oldSingletonListAPIs), "\n")
+	oldSLAPIs := make(map[string]struct{}, len(l))
+	for _, n := range l {
+		oldSLAPIs[n] = struct{}{}
+	}
+
 	for name, r := range pc.Resources {
 		r := r
 		// nothing to do if no singleton list has been converted to
 		// an embedded object
 		if len(r.CRDListConversionPaths()) == 0 {
 			continue
 		}
-		r.Version = "v1beta2"
-		r.PreviousVersions = []string{"v1beta1"}
-		// we would like to set the storage version to v1beta1 to facilitate
-		// downgrades.
-		r.SetCRDStorageVersion("v1beta1")
-		r.ControllerReconcileVersion = "v1beta1"
-		r.Conversions = []conversion.Conversion{
-			conversion.NewIdentityConversionExpandPaths(conversion.AllVersions, conversion.AllVersions, conversion.DefaultPathPrefixes(), r.CRDListConversionPaths()...),
-			conversion.NewSingletonListConversion("v1beta1", "v1beta2", conversion.DefaultPathPrefixes(), r.CRDListConversionPaths(), conversion.ToEmbeddedObject),
-			conversion.NewSingletonListConversion("v1beta2", "v1beta1", conversion.DefaultPathPrefixes(), r.CRDListConversionPaths(), conversion.ToSingletonList)}
+
+		if _, ok := oldSLAPIs[name]; ok {
+			r.Version = "v1beta2"
+			r.PreviousVersions = []string{"v1beta1"}
+			// we would like to set the storage version to v1beta1 to facilitate
+			// downgrades.
+			r.SetCRDStorageVersion("v1beta1")
+			// because the controller reconciles on the API version with the singleton list API,
+			// no need for a Terraform conversion.
+			r.ControllerReconcileVersion = "v1beta1"
+			r.Conversions = []conversion.Conversion{
+				conversion.NewIdentityConversionExpandPaths(conversion.AllVersions, conversion.AllVersions, conversion.DefaultPathPrefixes(), r.CRDListConversionPaths()...),
+				conversion.NewSingletonListConversion("v1beta1", "v1beta2", conversion.DefaultPathPrefixes(), r.CRDListConversionPaths(), conversion.ToEmbeddedObject),
+				conversion.NewSingletonListConversion("v1beta2", "v1beta1", conversion.DefaultPathPrefixes(), r.CRDListConversionPaths(), conversion.ToSingletonList)}
+		} else {
+			// the controller will be reconciling on the CRD API version
+			// with the converted API (with embedded objects in place of
+			// singleton lists), so we need the appropriate Terraform
+			// converter in this case.
+			r.TerraformConversions = []config.TerraformConversion{
+				config.NewTFSingletonConversion(),
+			}
+		}
 		pc.Resources[name] = r
 	}
 }