Skip to content

Commit

Permalink
Support full resource names in autokey_config.folder (#11413) (#19364)
Browse files Browse the repository at this point in the history 
[upstream:ba356a39c6c948916aab77da2dc0cab22b95d70a]

Signed-off-by: Modular Magician <magic-modules@google.com>
  • Loading branch information
@modular-magician
modular-magician authored Sep 4, 2024
1 parent 39ba519 commit b42543e
Show file tree
Hide file tree
Showing 3 changed files with 137 additions and 1 deletion.
3 changes: 3 additions & 0 deletions .changelog/11413.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
kms: updated the `google_kms_autokey_config` resource's `folder` field to accept values that are either full resource names (`folders/{folder_id}`) or just the folder id (`{folder_id}` only)
```
126 changes: 126 additions & 0 deletions google/services/kms/resource_kms_autokey_config_sweeper.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package kms

import (
"context"
"log"
"strings"
"testing"

"github.com/hashicorp/terraform-provider-google/google/envvar"
"github.com/hashicorp/terraform-provider-google/google/sweeper"
"github.com/hashicorp/terraform-provider-google/google/tpgresource"
transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
)

func init() {
sweeper.AddTestSweepers("KMSAutokeyConfig", testSweepKMSAutokeyConfig)
}

// At the time of writing, the CI only passes us-central1 as the region
func testSweepKMSAutokeyConfig(region string) error {
resourceName := "KMSAutokeyConfig"
log.Printf("[INFO][SWEEPER_LOG] Starting sweeper for %s", resourceName)

config, err := sweeper.SharedConfigForRegion(region)
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] error getting shared config for region: %s", err)
return err
}

err = config.LoadAndValidate(context.Background())
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] error loading: %s", err)
return err
}

t := &testing.T{}
billingId := envvar.GetTestBillingAccountFromEnv(t)

// Setup variables to replace in list template
d := &tpgresource.ResourceDataMock{
FieldsInSchema: map[string]interface{}{
"project": config.Project,
"region": region,
"location": region,
"zone": "-",
"billing_account": billingId,
},
}

listTemplate := strings.Split("https://cloudkms.googleapis.com/v1/folders/{{folder}}/autokeyConfig", "?")[0]
listUrl, err := tpgresource.ReplaceVars(d, config, listTemplate)
listUrl = strings.Replace(listUrl, "folders/folders/", "folders/", 1)
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] error preparing sweeper list url: %s", err)
return nil
}

res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "GET",
Project: config.Project,
RawURL: listUrl,
UserAgent: config.UserAgent,
})
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] Error in response from request %s: %s", listUrl, err)
return nil
}

resourceList, ok := res["autokeyConfigs"]
if !ok {
log.Printf("[INFO][SWEEPER_LOG] Nothing found in response.")
return nil
}

rl := resourceList.([]interface{})

log.Printf("[INFO][SWEEPER_LOG] Found %d items in %s list response.", len(rl), resourceName)
// Keep count of items that aren't sweepable for logging.
nonPrefixCount := 0
for _, ri := range rl {
obj := ri.(map[string]interface{})
if obj["name"] == nil {
log.Printf("[INFO][SWEEPER_LOG] %s resource name was nil", resourceName)
return nil
}

name := tpgresource.GetResourceNameFromSelfLink(obj["name"].(string))
// Skip resources that shouldn't be sweeped
if !sweeper.IsSweepableTestResource(name) {
nonPrefixCount++
continue
}

deleteTemplate := "https://cloudkms.googleapis.com/v1/folders/{{folder}}/autokeyConfig?updateMask=keyProject"
deleteUrl, err := tpgresource.ReplaceVars(d, config, deleteTemplate)
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] error preparing delete url: %s", err)
return nil
}
deleteUrl = deleteUrl + name
deleteUrl = strings.Replace(deleteUrl, "folders/folders/", "folders/", 1)

// Don't wait on operations as we may have a lot to delete
_, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "DELETE",
Project: config.Project,
RawURL: deleteUrl,
UserAgent: config.UserAgent,
})
if err != nil {
log.Printf("[INFO][SWEEPER_LOG] Error deleting for url %s : %s", deleteUrl, err)
} else {
log.Printf("[INFO][SWEEPER_LOG] Sent delete request for %s resource: %s", resourceName, name)
}
}

if nonPrefixCount > 0 {
log.Printf("[INFO][SWEEPER_LOG] %d items were non-sweepable and skipped.", nonPrefixCount)
}

return nil
}
9 changes: 8 additions & 1 deletion website/docs/r/kms_autokey_config.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,10 +107,17 @@ resource "time_sleep" "wait_srv_acc_permissions" {
resource "google_kms_autokey_config" "example-autokeyconfig" {
provider = google-beta
folder = google_folder.autokms_folder.folder_id
folder = google_folder.autokms_folder.id
key_project = "projects/${google_project.key_project.project_id}"
depends_on = [time_sleep.wait_srv_acc_permissions]
}
# Wait delay after setting AutokeyConfig, to prevent diffs on reapply,
# because setting the config takes a little to fully propagate.
resource "time_sleep" "wait_autokey_propagation" {
create_duration = "30s"
depends_on = [google_kms_autokey_config.example-autokeyconfig]
}
```

## Argument Reference
Expand Down

0 comments on commit b42543e

Please sign in to comment.