Skip to content

Commit bbedb78

Browse files
ocofaighocofaigh
authored
fix: fix bug around disable_outbound_traffic_protection value (#452)
1 parent 728b96e commit bbedb78

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

main.tf

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,9 @@ locals {
4848
# attach_ibm_managed_security_group is false and custom_security_group_ids is not set => default behavior, so set to null
4949
# attach_ibm_managed_security_group is false and custom_security_group_ids is set => only use the custom security group ids
5050
cluster_security_groups = var.attach_ibm_managed_security_group == true ? (var.custom_security_group_ids == null ? null : concat(["cluster"], var.custom_security_group_ids)) : (var.custom_security_group_ids == null ? null : var.custom_security_group_ids)
51+
52+
# for versions older than 4.15, this value must be null, or provider gives error
53+
disable_outbound_traffic_protection = local.ocp_version == "4.12_openshift" || local.ocp_version == "4.13_openshift" || local.ocp_version == "4.14_openshift" ? null : var.disable_outbound_traffic_protection
5154
}
5255

5356
# Lookup the current default kube version
@@ -101,7 +104,7 @@ resource "ibm_container_vpc_cluster" "cluster" {
101104
operating_system = var.operating_system
102105
disable_public_service_endpoint = var.disable_public_endpoint
103106
worker_labels = local.default_pool.labels
104-
disable_outbound_traffic_protection = var.disable_outbound_traffic_protection
107+
disable_outbound_traffic_protection = local.disable_outbound_traffic_protection
105108
crk = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.crk
106109
kms_instance_id = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.kms_instance_id
107110
kms_account_id = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.kms_account_id
@@ -168,7 +171,7 @@ resource "ibm_container_vpc_cluster" "autoscaling_cluster" {
168171
operating_system = var.operating_system
169172
disable_public_service_endpoint = var.disable_public_endpoint
170173
worker_labels = local.default_pool.labels
171-
disable_outbound_traffic_protection = var.disable_outbound_traffic_protection
174+
disable_outbound_traffic_protection = local.disable_outbound_traffic_protection
172175
crk = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.crk
173176
kms_instance_id = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.kms_instance_id
174177
kms_account_id = local.default_pool.boot_volume_encryption_kms_config == null ? null : local.default_pool.boot_volume_encryption_kms_config.kms_account_id

0 commit comments

Comments
 (0)