bumping enforce on key configs for google_compute_security_policy to GA

[maxi-cit]

Fixes : hashicorp/terraform-provider-google#14738

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

compute: added `rule.rate_limit_options.enforce_on_key_configs` field to `google_compute_security_policy` resource (GA)

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

@shuyama1, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 366 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-))

[modular-magician]

Tests analytics

Total tests: 1060
Passed tests: 986
Skipped tests: 73
Affected tests: 1

Click here to see the affected service packages

• compute

#### Non-exercised tests

🔴 Tests were added that are GA-only additions and require manual runs:

• TestAccComputeSecurityPolicy_EnforceOnKeyUpdates
• TestAccComputeSecurityPolicy_withRateLimitOption_withMultipleEnforceOnKeyConfigs
• TestAccComputeSecurityPolicy_withRateLimit_withEnforceOnKeyConfigs

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeRegionPerInstanceConfig_removeInstanceOnDestroy

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeRegionPerInstanceConfig_removeInstanceOnDestroy [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test

[maxi-cit]

Hello @shuyama1, could you run test on GA please?

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 410 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-))

[modular-magician]

Tests analytics

Total tests: 1064
Passed tests: 990
Skipped tests: 73
Affected tests: 1

Click here to see the affected service packages

• compute

#### Non-exercised tests

🔴 Tests were added that are GA-only additions and require manual runs:

• TestAccComputeSecurityPolicy_EnforceOnKeyUpdates
• TestAccComputeSecurityPolicy_withRateLimitOption_withMultipleEnforceOnKeyConfigs
• TestAccComputeSecurityPolicy_withRateLimit_withEnforceOnKeyConfigs

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeInstanceNetworkIntefaceWithSecurityPolicy

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccComputeInstanceNetworkIntefaceWithSecurityPolicy [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[shuyama1]

Triggered GA tests on TC

[shuyama1]

One of the GA test TestAccComputeSecurityPolicy_EnforceOnKeyUpdates failed due to

=== CONT  TestAccComputeSecurityPolicy_EnforceOnKeyUpdates
    resource_compute_security_policy_test.go:474: Step 7/12 error: Error running apply: exit status 1
        Error: Error updating SecurityPolicy "tf-test-geowgj4z7j": googleapi: Error 400: Invalid value for field 'resource.rateLimitOptions.enforceOnKeyConfigs': ''. Only one of enforceOnKey and enforceOnKeyConfigs can be specified., invalid
          with google_compute_security_policy.policy,
          on terraform_plugin_test.tf line 2, in resource "google_compute_security_policy" "policy":
           2: resource "google_compute_security_policy" "policy" {
--- FAIL: TestAccComputeSecurityPolicy_EnforceOnKeyUpdates (71.93s)

I just checked our nightly integration test and it seems the test passes consistently in beta for the past three months. So I'm not sure why it's failing in GA. Triggering another run on TC to see if it fails again.

Also, you'll want to remove the beta flag in the documentation at https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown?plain=1#L361

[shuyama1]

Test status update: TestAccComputeSecurityPolicy_EnforceOnKeyUpdates still failed with same error.

[maxi-cit]

Hello @shuyama1, sry for the late reply. I found there was an additional conditional at the update func who was changing the behaviour between GA and Beta.

All tests should be fine now. Could you give it a check and rerun tests once more please?

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 448 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 1 file changed, 1 insertion(+), 1 deletion(-))

[modular-magician]

Tests analytics

Total tests: 1071
Passed tests: 998
Skipped tests: 73
Affected tests: 0

Click here to see the affected service packages

• compute

#### Non-exercised tests

🔴 Tests were added that are GA-only additions and require manual runs:

• TestAccComputeSecurityPolicy_EnforceOnKeyUpdates
• TestAccComputeSecurityPolicy_withRateLimitOption_withMultipleEnforceOnKeyConfigs
• TestAccComputeSecurityPolicy_withRateLimit_withEnforceOnKeyConfigs
  🟢 All tests passed!

View the build log

[shuyama1]

Running GA tests on TC

[shuyama1]

GA tests passed. LGTM. Thank you!