diff --git a/api/v1alpha1/azuresqlvnetrule_types.go b/api/v1alpha1/azuresqlvnetrule_types.go index f3fa4f098f6..24dc6b7bbe5 100644 --- a/api/v1alpha1/azuresqlvnetrule_types.go +++ b/api/v1alpha1/azuresqlvnetrule_types.go @@ -20,6 +20,7 @@ type AzureSQLVNetRuleSpec struct { VNetResourceGroup string `json:"vNetResourceGroup"` VNetName string `json:"vNetName"` SubnetName string `json:"subnetName"` + VNetSubscriptionID string `json:"vNetSubscriptionID,omitempty"` IgnoreMissingServiceEndpoint bool `json:"ignoreMissingServiceEndpoint,omitempty"` } diff --git a/api/v1alpha1/mysqlvnetrule_types.go b/api/v1alpha1/mysqlvnetrule_types.go index 765feef8c3e..abef812353b 100644 --- a/api/v1alpha1/mysqlvnetrule_types.go +++ b/api/v1alpha1/mysqlvnetrule_types.go @@ -22,6 +22,7 @@ type MySQLVNetRuleSpec struct { VNetResourceGroup string `json:"vNetResourceGroup"` VNetName string `json:"vNetName"` SubnetName string `json:"subnetName"` + VNetSubscriptionID string `json:"vNetSubscriptionID,omitempty"` IgnoreMissingServiceEndpoint bool `json:"ignoreMissingServiceEndpoint,omitempty"` } diff --git a/api/v1alpha1/postgresqlvnetrule_types.go b/api/v1alpha1/postgresqlvnetrule_types.go index 743318fc3c1..f246cd7a55d 100644 --- a/api/v1alpha1/postgresqlvnetrule_types.go +++ b/api/v1alpha1/postgresqlvnetrule_types.go @@ -22,6 +22,7 @@ type PostgreSQLVNetRuleSpec struct { VNetResourceGroup string `json:"vNetResourceGroup"` VNetName string `json:"vNetName"` SubnetName string `json:"subnetName"` + VNetSubscriptionID string `json:"vNetSubscriptionID,omitempty"` IgnoreMissingServiceEndpoint bool `json:"ignoreMissingServiceEndpoint,omitempty"` } diff --git a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_azuresqlvnetrules.azure.microsoft.com.yaml b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_azuresqlvnetrules.azure.microsoft.com.yaml index 168953ad6a6..f852355e71d 100644 --- a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_azuresqlvnetrules.azure.microsoft.com.yaml +++ b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_azuresqlvnetrules.azure.microsoft.com.yaml @@ -53,6 +53,8 @@ spec: type: string vNetResourceGroup: type: string + vNetSubscriptionID: + type: string required: - resourceGroup - server diff --git a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_mysqlvnetrules.azure.microsoft.com.yaml b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_mysqlvnetrules.azure.microsoft.com.yaml index c3f7ae16b5d..54e448e0a8a 100644 --- a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_mysqlvnetrules.azure.microsoft.com.yaml +++ b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_mysqlvnetrules.azure.microsoft.com.yaml @@ -53,6 +53,8 @@ spec: type: string vNetResourceGroup: type: string + vNetSubscriptionID: + type: string required: - resourceGroup - server diff --git a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_postgresqlvnetrules.azure.microsoft.com.yaml b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_postgresqlvnetrules.azure.microsoft.com.yaml index bd9f744cbd3..3795b7f80fa 100644 --- a/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_postgresqlvnetrules.azure.microsoft.com.yaml +++ b/charts/azure-service-operator/crds/apiextensions.k8s.io_v1beta1_customresourcedefinition_postgresqlvnetrules.azure.microsoft.com.yaml @@ -53,6 +53,8 @@ spec: type: string vNetResourceGroup: type: string + vNetSubscriptionID: + type: string required: - resourceGroup - server diff --git a/config/samples/azure_v1alpha1_azuresqlvnetrule.yaml b/config/samples/azure_v1alpha1_azuresqlvnetrule.yaml index 00be25de062..e0f783cc0d7 100644 --- a/config/samples/azure_v1alpha1_azuresqlvnetrule.yaml +++ b/config/samples/azure_v1alpha1_azuresqlvnetrule.yaml @@ -8,4 +8,6 @@ spec: vNetResourceGroup: resourcegroup-vnet vNetName: virtualnetwork-sample subnetName: test1 + ## Optional ignoreMissingServiceEndpoint: true + vNetSubscriptionID: {vnet_subscription_id} # Specify if the VNET is in another subscription. diff --git a/config/samples/azure_v1alpha1_mysqlvnetrule.yaml b/config/samples/azure_v1alpha1_mysqlvnetrule.yaml index e27496c3843..0f02a6e396a 100644 --- a/config/samples/azure_v1alpha1_mysqlvnetrule.yaml +++ b/config/samples/azure_v1alpha1_mysqlvnetrule.yaml @@ -8,4 +8,6 @@ spec: vNetResourceGroup: resourcegroup-vnet vNetName: virtualnetwork-sample subnetName: test1 + ## Optional ignoreMissingServiceEndpoint: true + vNetSubscriptionID: {vnet_subscription_id} # Specify if the VNET is in another subscription. diff --git a/config/samples/azure_v1alpha1_postgresqlvnetrule.yaml b/config/samples/azure_v1alpha1_postgresqlvnetrule.yaml index 2195e8f978f..78e6c9132dc 100644 --- a/config/samples/azure_v1alpha1_postgresqlvnetrule.yaml +++ b/config/samples/azure_v1alpha1_postgresqlvnetrule.yaml @@ -8,4 +8,6 @@ spec: vNetResourceGroup: resourcegroup-azure-operators vNetName: virtualnetwork-sample subnetName: test1 + ## Optional ignoreMissingServiceEndpoint: true + vNetSubscriptionID: {vnet_subscription_id} # Specify if the VNET is in another subscription. diff --git a/pkg/resourcemanager/azuresql/azuresqlshared/getgoclients.go b/pkg/resourcemanager/azuresql/azuresqlshared/getgoclients.go index a1e767d4f0f..ec6db332bf0 100644 --- a/pkg/resourcemanager/azuresql/azuresqlshared/getgoclients.go +++ b/pkg/resourcemanager/azuresql/azuresqlshared/getgoclients.go @@ -72,8 +72,8 @@ func GetGoVNetRulesClient(creds config.Credentials) (sql.VirtualNetworkRulesClie } // GetNetworkSubnetClient retrieves a Subnetclient -func GetGoNetworkSubnetClient(creds config.Credentials) (network.SubnetsClient, error) { - SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), creds.SubscriptionID()) +func GetGoNetworkSubnetClient(creds config.Credentials, subscription string) (network.SubnetsClient, error) { + SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), subscription) a, err := iam.GetResourceManagementAuthorizer(creds) if err != nil { return network.SubnetsClient{}, err diff --git a/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule.go b/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule.go index 182a0cfa9d6..a2f3193a016 100644 --- a/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule.go +++ b/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule.go @@ -60,14 +60,18 @@ func (m *AzureSqlVNetRuleManager) DeleteSQLVNetRule(ctx context.Context, resourc // CreateOrUpdateSQLVNetRule creates or updates a VNet rule // based on code from: https://godoc.org/github.com/Azure/azure-sdk-for-go/services/preview/sql/mgmt/v3.0/sql#VirtualNetworkRulesClient.CreateOrUpdate -func (m *AzureSqlVNetRuleManager) CreateOrUpdateSQLVNetRule(ctx context.Context, resourceGroupName string, serverName string, ruleName string, VNetRG string, VNetName string, SubnetName string, IgnoreServiceEndpoint bool) (vnr sql.VirtualNetworkRule, err error) { +func (m *AzureSqlVNetRuleManager) CreateOrUpdateSQLVNetRule(ctx context.Context, resourceGroupName string, serverName string, ruleName string, VNetRG string, VNetName string, SubnetName string, subscription string, IgnoreServiceEndpoint bool) (vnr sql.VirtualNetworkRule, err error) { VNetRulesClient, err := azuresqlshared.GetGoVNetRulesClient(m.creds) if err != nil { return sql.VirtualNetworkRule{}, err } - SubnetClient, err := azuresqlshared.GetGoNetworkSubnetClient(m.creds) + // Subnet may be in another subscription + if subscription == "" { + subscription = m.creds.SubscriptionID() + } + SubnetClient, err := azuresqlshared.GetGoNetworkSubnetClient(m.creds, subscription) if err != nil { return sql.VirtualNetworkRule{}, err } diff --git a/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule_reconcile.go b/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule_reconcile.go index 4108dd99dbc..6ff362d9d6f 100644 --- a/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule_reconcile.go +++ b/pkg/resourcemanager/azuresql/azuresqlvnetrule/azuresqlvnetrule_reconcile.go @@ -30,6 +30,7 @@ func (vr *AzureSqlVNetRuleManager) Ensure(ctx context.Context, obj runtime.Objec virtualNetworkRG := instance.Spec.VNetResourceGroup virtualnetworkname := instance.Spec.VNetName subnetName := instance.Spec.SubnetName + virtualNetworkSubscription := instance.Spec.VNetSubscriptionID ignoreendpoint := instance.Spec.IgnoreMissingServiceEndpoint vnetrule, err := vr.GetSQLVNetRule(ctx, groupName, server, ruleName) @@ -55,7 +56,7 @@ func (vr *AzureSqlVNetRuleManager) Ensure(ctx context.Context, obj runtime.Objec } instance.Status.Provisioning = true - _, err = vr.CreateOrUpdateSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, ignoreendpoint) + _, err = vr.CreateOrUpdateSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, virtualNetworkSubscription, ignoreendpoint) if err != nil { instance.Status.Message = err.Error() azerr := errhelp.NewAzureError(err) diff --git a/pkg/resourcemanager/mysql/vnetrule/client.go b/pkg/resourcemanager/mysql/vnetrule/client.go index e5ab87f88b8..e0c46179e70 100644 --- a/pkg/resourcemanager/mysql/vnetrule/client.go +++ b/pkg/resourcemanager/mysql/vnetrule/client.go @@ -29,8 +29,8 @@ func getMySQLVNetRulesClient(creds config.Credentials) mysql.VirtualNetworkRules } // GetNetworkSubnetClient retrieves a Subnetclient -func GetGoNetworkSubnetClient(creds config.Credentials) network.SubnetsClient { - SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), creds.SubscriptionID()) +func GetGoNetworkSubnetClient(creds config.Credentials, subscription string) network.SubnetsClient { + SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), subscription) a, _ := iam.GetResourceManagementAuthorizer(creds) SubnetsClient.Authorizer = a SubnetsClient.AddToUserAgent(config.UserAgent()) @@ -71,10 +71,14 @@ func (c *MySQLVNetRuleClient) DeleteSQLVNetRule(ctx context.Context, resourceGro // CreateOrUpdateSQLVNetRule creates or updates a VNet rule // based on code from: https://godoc.org/github.com/Azure/azure-sdk-for-go/services/preview/sql/mgmt/v3.0/sql#VirtualNetworkRulesClient.CreateOrUpdate -func (c *MySQLVNetRuleClient) CreateOrUpdateSQLVNetRule(ctx context.Context, resourceGroupName string, serverName string, ruleName string, VNetRG string, VNetName string, SubnetName string, IgnoreServiceEndpoint bool) (vnr mysql.VirtualNetworkRule, err error) { +func (c *MySQLVNetRuleClient) CreateOrUpdateSQLVNetRule(ctx context.Context, resourceGroupName string, serverName string, ruleName string, VNetRG string, VNetName string, SubnetName string, subscription string, IgnoreServiceEndpoint bool) (vnr mysql.VirtualNetworkRule, err error) { VNetRulesClient := getMySQLVNetRulesClient(c.creds) - SubnetClient := GetGoNetworkSubnetClient(c.creds) + // Subnet may be in another subscription + if subscription == "" { + subscription = c.creds.SubscriptionID() + } + SubnetClient := GetGoNetworkSubnetClient(c.creds, subscription) // Get ARM Resource ID of Subnet based on the VNET name, Subnet name and Subnet Address Prefix subnet, err := SubnetClient.Get(ctx, VNetRG, VNetName, SubnetName, "") diff --git a/pkg/resourcemanager/mysql/vnetrule/reconcile.go b/pkg/resourcemanager/mysql/vnetrule/reconcile.go index 9c43e780f78..30dfe86d7fd 100644 --- a/pkg/resourcemanager/mysql/vnetrule/reconcile.go +++ b/pkg/resourcemanager/mysql/vnetrule/reconcile.go @@ -30,6 +30,7 @@ func (vr *MySQLVNetRuleClient) Ensure(ctx context.Context, obj runtime.Object, o virtualNetworkRG := instance.Spec.VNetResourceGroup virtualnetworkname := instance.Spec.VNetName subnetName := instance.Spec.SubnetName + virtualNetworkSubscription := instance.Spec.VNetSubscriptionID ignoreendpoint := instance.Spec.IgnoreMissingServiceEndpoint vnetrule, err := vr.GetSQLVNetRule(ctx, groupName, server, ruleName) @@ -55,7 +56,7 @@ func (vr *MySQLVNetRuleClient) Ensure(ctx context.Context, obj runtime.Object, o } instance.Status.Provisioning = true - _, err = vr.CreateOrUpdateSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, ignoreendpoint) + _, err = vr.CreateOrUpdateSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, virtualNetworkSubscription, ignoreendpoint) if err != nil { instance.Status.Message = err.Error() azerr := errhelp.NewAzureError(err) diff --git a/pkg/resourcemanager/psql/vnetrule/client.go b/pkg/resourcemanager/psql/vnetrule/client.go index 3553f526ef2..65437c1b0de 100644 --- a/pkg/resourcemanager/psql/vnetrule/client.go +++ b/pkg/resourcemanager/psql/vnetrule/client.go @@ -29,8 +29,8 @@ func GetPostgreSQLVNetRulesClient(creds config.Credentials) psql.VirtualNetworkR } // retrieves the Subnetclient -func GetGoNetworkSubnetClient(creds config.Credentials) network.SubnetsClient { - SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), creds.SubscriptionID()) +func GetGoNetworkSubnetClient(creds config.Credentials, subscription string) network.SubnetsClient { + SubnetsClient := network.NewSubnetsClientWithBaseURI(config.BaseURI(), subscription) a, _ := iam.GetResourceManagementAuthorizer(creds) SubnetsClient.Authorizer = a SubnetsClient.AddToUserAgent(config.UserAgent()) @@ -83,10 +83,15 @@ func (c *PostgreSQLVNetRuleClient) CreateOrUpdatePostgreSQLVNetRule( VNetRG string, VNetName string, SubnetName string, + subscription string, IgnoreServiceEndpoint bool) (vnr psql.VirtualNetworkRule, err error) { VNetRulesClient := GetPostgreSQLVNetRulesClient(c.creds) - SubnetClient := GetGoNetworkSubnetClient(c.creds) + // Subnet may be in another subscription + if subscription == "" { + subscription = c.creds.SubscriptionID() + } + SubnetClient := GetGoNetworkSubnetClient(c.creds, subscription) // Get ARM Resource ID of Subnet based on the VNET name, Subnet name and Subnet Address Prefix subnet, err := SubnetClient.Get(ctx, VNetRG, VNetName, SubnetName, "") diff --git a/pkg/resourcemanager/psql/vnetrule/reconcile.go b/pkg/resourcemanager/psql/vnetrule/reconcile.go index 6ae83783f2a..cb22fd91785 100644 --- a/pkg/resourcemanager/psql/vnetrule/reconcile.go +++ b/pkg/resourcemanager/psql/vnetrule/reconcile.go @@ -31,6 +31,7 @@ func (vr *PostgreSQLVNetRuleClient) Ensure(ctx context.Context, obj runtime.Obje virtualNetworkRG := instance.Spec.VNetResourceGroup virtualnetworkname := instance.Spec.VNetName subnetName := instance.Spec.SubnetName + virtualNetworkSubscription := instance.Spec.VNetSubscriptionID ignoreendpoint := instance.Spec.IgnoreMissingServiceEndpoint vnetrule, err := vr.GetPostgreSQLVNetRule(ctx, groupName, server, ruleName) @@ -56,7 +57,7 @@ func (vr *PostgreSQLVNetRuleClient) Ensure(ctx context.Context, obj runtime.Obje } instance.Status.Provisioning = true - _, err = vr.CreateOrUpdatePostgreSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, ignoreendpoint) + _, err = vr.CreateOrUpdatePostgreSQLVNetRule(ctx, groupName, server, ruleName, virtualNetworkRG, virtualnetworkname, subnetName, virtualNetworkSubscription, ignoreendpoint) if err != nil { instance.Status.Message = err.Error() azerr := errhelp.NewAzureError(err)