Relax the validation of master ipv4 cidr for GKE with private endpoint subnetwork

[ncapps]

Master ipv4 cidr is not required when a private endpoint subnetwork is provided. This change relaxes an existing validation.

fixes hashicorp/terraform-provider-google#15064

I was unable to run the relevant acceptance tests because I do not have the permissions to create a network or subnetworks in the project owned by my employer. I built the provider locally and verified manually that I could create a GKE cluster with the expected configuration.

If this PR is for Terraform, I acknowledge that I have:

• Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
• Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
• Generated Terraform providers, and ran make test and make lint in the generated providers to ensure it passes unit and linter tests.
• Ran relevant acceptance tests using my own Google Cloud project and credentials (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
• Read Write release notes before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

container: 'master_ipv4_cidr_block' is not required when 'private_endpoint_subnetwork' is provided for 'google_container_cluster`

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[modular-magician]

Hello! I am a robot who works on Magic Modules PRs.

I've detected that you're a community contributor. @rileykarson, a repository maintainer, has been assigned to assist you and help review your changes.

❓ First time contributing? Click here for more details

---

Your assigned reviewer will help review your code by:

• Ensuring it's backwards compatible, covers common error cases, etc.
• Summarizing the change into a user-facing changelog note.
• Passes tests, either our "VCR" suite, a set of presubmit tests, or with manual test runs.

You can help make sure that review is quick by running local tests and ensuring they're passing in between each push you make to your PR's branch. Also, try to leave a comment with each push you make, as pushes generally don't generate emails.

If your reviewer doesn't get back to you within a week after your most recent change, please feel free to leave a comment on the issue asking them to take a look! In the absence of a dedicated review dashboard most maintainers manage their pending reviews through email, and those will sometimes get lost in their inbox.

---

[rileykarson]

Running tests. I can't determine whether this is an exhaustive change or not as the private cluster page doesn't mention private-endpoint-subnetwork, and the pages that do are about public clusters. The change seems reasonable, though.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 80 insertions(+))
Terraform Beta: Diff ( 2 files changed, 80 insertions(+))
TF Conversion: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2861
Passed tests 2559
Skipped tests: 299
Affected tests: 3

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork|TestAccContainerAwsNodePool_BetaBasicHandWritten|TestAccComputeFirewallPolicyRule_multipleRules

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork[Error message] [Debug log]
TestAccContainerAwsNodePool_BetaBasicHandWritten[Error message] [Debug log]
TestAccComputeFirewallPolicyRule_multipleRules[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[rileykarson]

Running generate + test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 74 insertions(+))
Terraform Beta: Diff ( 2 files changed, 74 insertions(+))
TF Conversion: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2864
Passed tests 2562
Skipped tests: 299
Affected tests: 3

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccContainerAwsNodePool_BetaBasicHandWritten|TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork|TestAccComputeFirewallPolicyRule_multipleRules

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccContainerAwsNodePool_BetaBasicHandWritten[Error message] [Debug log]
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork[Error message] [Debug log]
TestAccComputeFirewallPolicyRule_multipleRules[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[ncapps]

I sent the http log of a successful gcloud request to your Google email account. Please let me know if I can provide additional information.

For what it's worth, I was able to create a cluster using Terraform with this configuration by building the terraform provider locally. I have yet to identify what is different between this test and my local build.

[rileykarson]

Thanks! I've received it.

There may be something weird with our test environment- it's added to a bunch of feature flags and allowlists. I'll push on the product team to figure out what's up, given it's working for you.

[rileykarson]

/gcbrun

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 79 insertions(+))
Terraform Beta: Diff ( 2 files changed, 79 insertions(+))
TF Conversion: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2923
Passed tests 2620
Skipped tests: 302
Affected tests: 1

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[rileykarson]

@ncapps I made & applied a suggestion to save a round trip, since it was a trivial change. Just a note that if we need to iterate further, you'll need to pull the change in from the origin branch yourself!

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 79 insertions(+))
Terraform Beta: Diff ( 2 files changed, 79 insertions(+))
TF Conversion: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2927
Passed tests 2624
Skipped tests: 302
Affected tests: 1

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[rileykarson]

/gcbrun

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 2 files changed, 79 insertions(+))
Terraform Beta: Diff ( 2 files changed, 79 insertions(+))
TF Conversion: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2929
Passed tests 2625
Skipped tests: 302
Affected tests: 2

Action taken

Found 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork|TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork[Debug log]
TestAccBigtableAppProfile_bigtableAppProfileSingleclusterExample[Debug log]

Rerun these tests in REPLAYING mode to catch issues

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{green}{\textsf{All tests passed!}}
View the build log or the debug log for each test

[ncapps]

Hi @rileykarson, Looks like the latest test run passed. Thanks so much for following up. Is there anything else I should do to help get this change ready to merge?

[rileykarson]

Nope, LGTM