use retryable http client to test ingress

README.md

@@ -238,14 +238,20 @@ No modules.
 | [azurerm_log_analytics_solution.main](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution) | resource |
 | [azurerm_log_analytics_workspace.main](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
 | [azurerm_role_assignment.acr](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.application_gateway_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.application_gateway_resource_group_reader](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.application_gateway_vnet_network_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [azurerm_role_assignment.network_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [azurerm_role_assignment.network_contributor_on_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
 | [null_resource.kubernetes_version_keeper](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.pool_name_keeper](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [tls_private_key.ssh](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource |
+| [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
 | [azurerm_log_analytics_workspace.main](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/log_analytics_workspace) | data source |
+| [azurerm_resource_group.ingress_appgw](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_resource_group.main](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_user_assigned_identity.cluster_identity](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/user_assigned_identity) | data source |
+| [azurerm_virtual_network.application_gateway_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
 
 ## Inputs
 
@@ -271,6 +277,7 @@ No modules.
 | <a name="input_agents_type"></a> [agents\_type](#input\_agents\_type) | (Optional) The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. | `string` | `"VirtualMachineScaleSets"` | no |
 | <a name="input_api_server_authorized_ip_ranges"></a> [api\_server\_authorized\_ip\_ranges](#input\_api\_server\_authorized\_ip\_ranges) | (Optional) The IP ranges to allow for incoming traffic to the server nodes. | `set(string)` | `null` | no |
 | <a name="input_api_server_subnet_id"></a> [api\_server\_subnet\_id](#input\_api\_server\_subnet\_id) | (Optional) The ID of the Subnet where the API server endpoint is delegated to. | `string` | `null` | no |
+| <a name="input_application_gateway_for_ingress"></a> [application\_gateway\_for\_ingress](#input\_application\_gateway\_for\_ingress) | * `id` - (Required) The ID of the Application Gateway that be used as cluster ingress.<br>* `subnet_id` - (Optional) The ID of the Subnet which the Application Gateway is connected to. Must be set when `create_role_assignments` is `true`.<br>* `create_role_assignments` - (Optional) Whether to create the corresponding role assignments or not. Defaults to `true`. | <pre>object({<br>    id                      = string<br>    subnet_id               = optional(string)<br>    create_role_assignments = optional(bool, true)<br>  })</pre> | `null` | no |
 | <a name="input_attached_acr_id_map"></a> [attached\_acr\_id\_map](#input\_attached\_acr\_id\_map) | Azure Container Registry ids that need an authentication mechanism with Azure Kubernetes Service (AKS). Map key must be static string as acr's name, the value is acr's resource id. Changing this forces some new resources to be created. | `map(string)` | `{}` | no |
 | <a name="input_auto_scaler_profile_balance_similar_node_groups"></a> [auto\_scaler\_profile\_balance\_similar\_node\_groups](#input\_auto\_scaler\_profile\_balance\_similar\_node\_groups) | Detect similar node groups and balance the number of nodes between them. Defaults to `false`. | `bool` | `false` | no |
 | <a name="input_auto_scaler_profile_empty_bulk_delete_max"></a> [auto\_scaler\_profile\_empty\_bulk\_delete\_max](#input\_auto\_scaler\_profile\_empty\_bulk\_delete\_max) | Maximum number of empty nodes that can be deleted at the same time. Defaults to `10`. | `number` | `10` | no |
@@ -310,7 +317,6 @@ No modules.
 | <a name="input_image_cleaner_enabled"></a> [image\_cleaner\_enabled](#input\_image\_cleaner\_enabled) | (Optional) Specifies whether Image Cleaner is enabled. | `bool` | `false` | no |
 | <a name="input_image_cleaner_interval_hours"></a> [image\_cleaner\_interval\_hours](#input\_image\_cleaner\_interval\_hours) | (Optional) Specifies the interval in hours when images should be cleaned up. Defaults to `48`. | `number` | `48` | no |
 | <a name="input_ingress_application_gateway_enabled"></a> [ingress\_application\_gateway\_enabled](#input\_ingress\_application\_gateway\_enabled) | Whether to deploy the Application Gateway ingress controller to this Kubernetes Cluster? | `bool` | `false` | no |
-| <a name="input_ingress_application_gateway_id"></a> [ingress\_application\_gateway\_id](#input\_ingress\_application\_gateway\_id) | The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. | `string` | `null` | no |
 | <a name="input_ingress_application_gateway_name"></a> [ingress\_application\_gateway\_name](#input\_ingress\_application\_gateway\_name) | The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. | `string` | `null` | no |
 | <a name="input_ingress_application_gateway_subnet_cidr"></a> [ingress\_application\_gateway\_subnet\_cidr](#input\_ingress\_application\_gateway\_subnet\_cidr) | The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. | `string` | `null` | no |
 | <a name="input_ingress_application_gateway_subnet_id"></a> [ingress\_application\_gateway\_subnet\_id](#input\_ingress\_application\_gateway\_subnet\_id) | The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. | `string` | `null` | no |

locals.tf

@@ -1,6 +1,6 @@
 locals {
   # Application Gateway ID: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1
-  application_gateway_for_ingress_id             = var.application_gateway_for_ingress == null ? null : var.application_gateway_for_ingress.id
+  application_gateway_for_ingress_id             = try(var.application_gateway_for_ingress.id, null)
   application_gateway_resource_group_for_ingress = var.application_gateway_for_ingress == null ? null : local.application_gateway_segments_for_ingress[4]
   application_gateway_segments_for_ingress       = var.application_gateway_for_ingress == null ? null : split("/", local.application_gateway_for_ingress_id)
   application_gateway_subnet_resource_group_name = try(local.application_gateway_subnet_segments[4], null)

test/e2e/terraform_aks_test.go

@@ -2,13 +2,12 @@ package e2e
 
 import (
 	"io"
-	"net/http"
 	"os"
 	"regexp"
 	"strings"
 	"testing"
-	"time"
 
+	"github.com/hashicorp/go-retryablehttp"
 	"github.com/stretchr/testify/require"
 
 	test_helper "github.com/Azure/terraform-module-test-helper"
@@ -131,22 +130,18 @@ func TestExamples_applicationGatewayIngress(t *testing.T) {
 	}, func(t *testing.T, output test_helper.TerraformOutput) {
 		url, ok := output["ingress_endpoint"].(string)
 		require.True(t, ok)
-		var html string
-		var err error
-		for i := 0; i < 10; i++ {
-			html, err = getHTML(url)
-			require.NoError(t, err)
-			if strings.Contains(html, "Welcome to .NET") {
-				return
-			}
-			time.Sleep(5 * time.Second)
+		html, err := getHTML(url)
+		require.NoError(t, err)
+		if strings.Contains(html, "Welcome to .NET") {
+			return
 		}
-		assert.Failf(t, "incorrect response from ingress: %s", html)
 	})
 }
 
 func getHTML(url string) (string, error) {
-	resp, err := http.Get(url) // #nosec G107
+	client := retryablehttp.NewClient()
+	client.RetryMax = 10
+	resp, err := client.Get(url)
 	if err != nil {
 		return "", err
 	}

test/go.mod

@@ -7,6 +7,7 @@ toolchain go1.21.2
 require (
 	github.com/Azure/terraform-module-test-helper v0.17.0
 	github.com/gruntwork-io/terratest v0.46.1
+	github.com/hashicorp/go-retryablehttp v0.7.5
 	github.com/stretchr/testify v1.8.4
 )