feat(tke): [116205708]optimize the change problem of cluster_internet_security_group and cl… (#2533)

* optimize the change problem of cluster_internet_security_group and cluster_intranet_subnet_id fields

* add changelog 2533.txt

* add network enablement check when exporting kubeConfig

* update getClusterNetworkStatus

* update test TestAccTencentCloudKubernetesClusterResourceLogsAddons

* update kubernetes cluster test

Author: bruceybian

.changelog/2533.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_kubernetes_cluster: Optimize the change problem of `cluster_internet_security_group` and `cluster_intranet_subnet_id` fields
+```

tencentcloud/common/common.go

@@ -9,6 +9,7 @@ import (
 	"log"
 	"os"
 	"os/user"
+	"path/filepath"
 	"reflect"
 	"strconv"
 	"strings"
@@ -333,6 +334,11 @@ func WriteToFile(filePath string, data interface{}) error {
 		}
 	}
 
+	dir := filepath.Dir(filePath)
+	if err := os.MkdirAll(dir, 0755); err != nil {
+		return fmt.Errorf("create directory error, reason: %s", err.Error())
+	}
+
 	if IsString(data) {
 		return ioutil.WriteFile(filePath, []byte(data.(string)), 0422)
 	}

tencentcloud/services/tke/data_source_tc_kubernetes_clusters.go

@@ -422,14 +422,29 @@ LOOP:
 		infoMap["kube_config"] = config
 		infoMap["kube_config_intranet"] = intranetConfig
 
+		clusterInternet, err := getClusterNetworkStatus(ctx, &service, info.ClusterId, true)
+		if err != nil {
+			log.Printf("[CRITAL]%s tencentcloud_kubernetes_clusters get cluster internet status fail, reason:%s\n ", logId, err.Error())
+			return err
+		}
+		clusterIntranet, err := getClusterNetworkStatus(ctx, &service, info.ClusterId, false)
+		if err != nil {
+			log.Printf("[CRITAL]%s tencentcloud_kubernetes_clusters get cluster intranet status fail, reason:%s\n ", logId, err.Error())
+			return err
+		}
+
 		if kubeConfigFilePrefix != "" {
-			kubeConfigFile := kubeConfigFilePrefix + fmt.Sprintf("-%s-kubeconfig", info.ClusterId)
-			if err = tccommon.WriteToFile(kubeConfigFile, config); err != nil {
-				return err
+			if clusterInternet {
+				kubeConfigFile := kubeConfigFilePrefix + fmt.Sprintf("-%s-kubeconfig", info.ClusterId)
+				if err = tccommon.WriteToFile(kubeConfigFile, config); err != nil {
+					return err
+				}
 			}
-			kubeConfigIntranetFile := kubeConfigFilePrefix + fmt.Sprintf("-%s-kubeconfig-intranet", info.ClusterId)
-			if err = tccommon.WriteToFile(kubeConfigIntranetFile, intranetConfig); err != nil {
-				return err
+			if clusterIntranet {
+				kubeConfigIntranetFile := kubeConfigFilePrefix + fmt.Sprintf("-%s-kubeconfig-intranet", info.ClusterId)
+				if err = tccommon.WriteToFile(kubeConfigIntranetFile, intranetConfig); err != nil {
+					return err
+				}
 			}
 		}
 
@@ -451,3 +466,32 @@ LOOP:
 	}
 	return nil
 }
+
+func getClusterNetworkStatus(ctx context.Context, service *TkeService, clusterId string, isInternet bool) (networkStatus bool, err error) {
+	var status string
+	var isOpened bool
+	var errRet error
+	err = resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+		status, _, errRet = service.DescribeClusterEndpointStatus(ctx, clusterId, isInternet)
+		if errRet != nil {
+			return tccommon.RetryError(errRet, tccommon.InternalError)
+		}
+		if status == TkeInternetStatusCreating || status == TkeInternetStatusDeleting {
+			return resource.RetryableError(
+				fmt.Errorf("%s create cluster internet endpoint status still is %s", clusterId, status))
+		}
+		return nil
+	})
+	if err != nil {
+		return false, err
+	}
+	if status == TkeInternetStatusNotfound || status == TkeInternetStatusDeleted {
+		isOpened = false
+	}
+	if status == TkeInternetStatusCreated {
+		isOpened = true
+	}
+	networkStatus = isOpened
+
+	return networkStatus, nil
+}

tencentcloud/services/tke/resource_tc_kubernetes_cluster.go

@@ -682,6 +682,7 @@ func ResourceTencentCloudTkeCluster() *schema.Resource {
 		"cluster_internet_security_group": {
 			Type:        schema.TypeString,
 			Optional:    true,
+			Computed:    true,
 			Description: "Specify security group, NOTE: This argument must not be empty if cluster internet enabled.",
 		},
 		"managed_cluster_internet_security_policies": {
@@ -696,6 +697,7 @@ func ResourceTencentCloudTkeCluster() *schema.Resource {
 		"cluster_intranet_subnet_id": {
 			Type:     schema.TypeString,
 			Optional: true,
+			Computed: true,
 			Description: "Subnet id who can access this independent cluster, this field must and can only set  when `cluster_intranet` is true." +
 				" `cluster_intranet_subnet_id` can not modify once be set.",
 		},
@@ -2614,7 +2616,7 @@ func resourceTencentCloudTkeClusterUpdate(d *schema.ResourceData, meta interface
 				return err
 			}
 			time.Sleep(3 * time.Second)
-			err = resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+			err = resource.Retry(3*tccommon.ReadRetryTimeout, func() *resource.RetryError {
 				ipamdResp, inErr := tkeService.DescribeIPAMD(ctx, id)
 				enableIPAMD := *ipamdResp.EnableIPAMD
 				disableVpcCniMode := *ipamdResp.DisableVpcCniMode

tencentcloud/services/tke/resource_tc_kubernetes_cluster_test.go

@@ -194,7 +194,7 @@ func TestAccTencentCloudKubernetesClusterResourceLogsAddons(t *testing.T) {
 			{
 				PreConfig: func() {
 					// do not update so fast
-					time.Sleep(10 * time.Second)
+					time.Sleep(10 * time.Minute)
 				},
 				Config: testAccTkeClusterLogsAddonsUpdate,
 				Check: resource.ComposeTestCheckFunc(
@@ -512,17 +512,9 @@ resource "tencentcloud_security_group" "example" {
   description = "sg test"
 }
 
-data "tencentcloud_security_groups" "internal" {
-  name = tencentcloud_security_group.example.name
-}
-
-data "tencentcloud_security_groups" "exclusive" {
-  name = tencentcloud_security_group.example.name
-}
-
 locals {
-  sg_id  = data.tencentcloud_security_groups.internal.security_groups.0.security_group_id
-  sg_id2 = data.tencentcloud_security_groups.exclusive.security_groups.0.security_group_id
+  sg_id  = tencentcloud_security_group.example.id
+  sg_id2 = tencentcloud_security_group.example.id
 }
 `