provider-gcp
provider-gcp copied to clipboard
Published
20 hours ago •
crossplane-contrib
crossplane-contrib
Unable to remove last `authorizedNetworks` for `CloudSQLInstance`
What happened?
When managing CloudSQL instances with Crossplane, we can set multiple different authorizedNetworks to allow for public access to the instance.
Adding new CIDR ranges and removing old ranges seems to work as expected. This bug surfaces when removing the last authorizedNetwork from the list. When we do this, Crossplane chooses to import the existing authorizedNetwork from GCP instead of deleting it.
How can we reproduce it?
- Create
CloudSQLInstance
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks:
- name: authorized network 1
value: 1.0.0.0/30
- Remove last
authorizedNetworkfrom list
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks: []
- Observe that Crossplane has reimported the
authorizedNetworkfrom GCP
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks:
- expirationTime: ""
name: authorized network 1
value: 1.0.0.0/30
What environment did it happen in?
- Crossplane version:
crossplane/crossplane:v1.5.0 - GCP provider:
crossplane/provider-gcp-controller:v0.19.0 - Kubernetes distribution: GKE /
v1.20.10-gke.1600
