provider-gcp
provider-gcp copied to clipboard
Unable to remove last `authorizedNetworks` for `CloudSQLInstance`
What happened?
When managing CloudSQL instances with Crossplane, we can set multiple different authorizedNetworks
to allow for public access to the instance.
Adding new CIDR ranges and removing old ranges seems to work as expected. This bug surfaces when removing the last authorizedNetwork
from the list. When we do this, Crossplane chooses to import the existing authorizedNetwork
from GCP instead of deleting it.
How can we reproduce it?
- Create
CloudSQLInstance
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks:
- name: authorized network 1
value: 1.0.0.0/30
- Remove last
authorizedNetwork
from list
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks: []
- Observe that Crossplane has reimported the
authorizedNetwork
from GCP
apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: public-access-postgresql
spec:
forProvider:
settings:
ipConfiguration:
authorizedNetworks:
- expirationTime: ""
name: authorized network 1
value: 1.0.0.0/30
What environment did it happen in?
- Crossplane version:
crossplane/crossplane:v1.5.0
- GCP provider:
crossplane/provider-gcp-controller:v0.19.0
- Kubernetes distribution: GKE /
v1.20.10-gke.1600