Add cluster version validation in the creation method

go.mod

@@ -3,6 +3,7 @@ module github.com/openshift-online/terraform-provider-ocm
 go 1.17
 
 require (
+	github.com/hashicorp/go-version v1.3.0
 	github.com/hashicorp/terraform-plugin-framework v0.5.0
 	github.com/hashicorp/terraform-plugin-go v0.5.0
 	github.com/onsi/ginkgo/v2 v2.1.4

go.sum

@@ -168,6 +168,8 @@ github.com/hashicorp/go-plugin v1.4.1/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ3
 github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
 github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
 github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
+github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw=
+github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/terraform-plugin-framework v0.5.0 h1:QUBNSZHiRJrQpbjqCdPcw5MRLU1TyzpQCrA4eRId364=

provider/cluster_rosa_classic_resource.go

@@ -22,20 +22,23 @@ import (
 	"encoding/hex"
 	"fmt"
 	"github.com/hashicorp/terraform-plugin-framework/attr"
+	"net/http"
+	"net/url"
+	"strings"
+
+	semver "github.com/hashicorp/go-version"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
 	"github.com/openshift-online/ocm-sdk-go/logging"
-	"net/http"
-	"net/url"
-	"strings"
 )
 
 const (
 	awsCloudProvider  = "aws"
 	rosaProduct       = "rosa"
 	serviceAccountFmt = "system:serviceaccount:%s:%s"
+	MinVersion        = "4.10"
 )
 
 type ClusterRosaClassicResourceType struct {
@@ -378,7 +381,32 @@ func (r *ClusterRosaClassicResource) Create(ctx context.Context,
 		builder.Network(network)
 	}
 	if !state.Version.Unknown && !state.Version.Null {
-		builder.Version(cmv1.NewVersion().ID(state.Version.Value))
+		// TODO: update it to support all cluster versions
+		isSupported, err := checkSupportedVersion(state.Version.Value)
+		if err != nil {
+			r.logger.Error(ctx, "Error validating required cluster version %s\", err)")
+			response.Diagnostics.AddError(
+				"Can't build cluster",
+				fmt.Sprintf(
+					"Can't check if cluster version is supported '%s': %v",
+					state.Version.Value, err,
+				),
+			)
+			return
+		}
+		if isSupported {
+			builder.Version(cmv1.NewVersion().ID(state.Version.Value))
+		} else {
+			r.logger.Error(ctx, "Cluster version %s is not supported", state.Version.Value)
+			response.Diagnostics.AddError(
+				"Can't build cluster",
+				fmt.Sprintf(
+					"Cluster version '%s' is not supported, the minimun supported version is %s",
+					state.Version.Value, MinVersion,
+				),
+			)
+			return
+		}
 	}
 
 	proxy := cmv1.NewProxy()
@@ -805,3 +833,16 @@ func sha1Hash(data []byte) string {
 	hashed := hasher.Sum(nil)
 	return hex.EncodeToString(hashed)
 }
+
+func checkSupportedVersion(clusterVersion string) (bool, error) {
+	v1, err := semver.NewVersion(clusterVersion)
+	if err != nil {
+		return false, err
+	}
+	v2, err := semver.NewVersion(MinVersion)
+	if err != nil {
+		return false, err
+	}
+	//Cluster version is greater than or equal to MinVersion
+	return v1.GreaterThanOrEqual(v2), nil
+}

provider/rosa_operator_roles_data_source.go

@@ -145,6 +145,7 @@ func (t *RosaOperatorRolesDataSource) Read(ctx context.Context, request tfsdk.Re
 
 	stsOperatorMap := make(map[string]*cmv1.STSOperator)
 	stsOperatorRolesList.Items().Each(func(stsCredentialRequest *cmv1.STSCredentialRequest) bool {
+		// TODO: check the MinVersion of the operator role
 		t.logger.Debug(ctx, "Operator name: %s, namespace %s, service account %s",
 			stsCredentialRequest.Operator().Name(),
 			stsCredentialRequest.Operator().Namespace(),