Adding ipv6 support for bgp router peer, router interface and router (G…

…oogleCloudPlatform#10375)

Co-authored-by: Shivang Dixit <shivangd@google.com>
Co-authored-by: Zhenhua Li <zhenhuali@google.com>

mmv1/products/compute/Router.yaml

@@ -187,6 +187,16 @@ properties:
           between the two peers. If set, this value must be between 20 and 60.
           The default is 20.
         default_value: 20
+      - !ruby/object:Api::Type::String
+        name: identifierRange
+        default_from_api: true
+        min_version: beta
+        description: |
+          Explicitly specifies a range of valid BGP Identifiers for this Router.
+          It is provided as a link-local IPv4 range (from 169.254.0.0/16), of
+          size at least /30, even if the BGP sessions are over IPv6. It must
+          not overlap with any IPv4 BGP session ranges. Other vendors commonly
+          call this router ID.
   - !ruby/object:Api::Type::Boolean
     name: encryptedInterconnectRouter
     immutable: true

mmv1/third_party/terraform/services/compute/resource_compute_router_bgp_peer_test.go → mmv1/third_party/terraform/services/compute/resource_compute_router_bgp_peer_test.go.erb

@@ -1,3 +1,4 @@
+<% autogen_exception -%>
 package compute_test
 
 import (
@@ -206,6 +207,50 @@ func TestAccComputeRouterPeer_Ipv6Basic(t *testing.T) {
 	})
 }
 
+<% unless version == 'ga' -%>
+func TestAccComputeRouterPeer_Ipv4BasicCreateUpdate(t *testing.T) {
+  t.Parallel()
+
+  routerName := fmt.Sprintf("tf-test-router-%s", acctest.RandString(t, 10))
+	resourceName := "google_compute_router_peer.foobar"
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		CheckDestroy:             testAccCheckComputeRouterPeerDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeRouterPeerIpv4(routerName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeRouterPeerExists(
+						t, resourceName),
+					resource.TestCheckResourceAttr(resourceName, "enable_ipv4", "true"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccComputeRouterPeerUpdateIpv4Address(routerName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeRouterPeerExists(
+						t, resourceName),
+					resource.TestCheckResourceAttr(resourceName, "enable_ipv4", "true"),
+          resource.TestCheckResourceAttr(resourceName, "ipv4_nexthop_address", "169.254.1.2"),
+          resource.TestCheckResourceAttr(resourceName, "peer_ipv4_nexthop_address", "169.254.1.1"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+<% end -%>
+
 func TestAccComputeRouterPeer_UpdateIpv6Address(t *testing.T) {
 	t.Parallel()
 
@@ -1419,8 +1464,8 @@ resource "google_compute_router_peer" "foobar" {
   peer_asn                  = 65515
   advertised_route_priority = 100
   interface                 = google_compute_router_interface.foobar.name
-
   enable_ipv6               = %v
+
 }
 `, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, enableIpv6)
 }
@@ -1495,10 +1540,183 @@ resource "google_compute_router_peer" "foobar" {
   peer_asn                  = 65515
   advertised_route_priority = 100
   interface                 = google_compute_router_interface.foobar.name
-
   enable_ipv6               = %v
   ipv6_nexthop_address      = "2600:2d00:0000:0002:0000:0000:0000:0001"
   peer_ipv6_nexthop_address = "2600:2d00:0:2::2"
 }
 `, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, enableIpv6)
 }
+
+<% unless version == 'ga' -%>
+func testAccComputeRouterPeerIpv4(routerName string) string {
+	return fmt.Sprintf(`resource "google_compute_network" "foobar" {
+    provider = google-beta
+    name = "%s-net"
+    auto_create_subnetworks = false
+  }
+
+  resource "google_compute_subnetwork" "foobar" {
+    provider = google-beta
+    name          = "%s-subnet"
+    network       = google_compute_network.foobar.self_link
+    ip_cidr_range = "10.0.0.0/16"
+    region        = "us-central1"
+    stack_type = "IPV4_IPV6"
+    ipv6_access_type = "EXTERNAL" 
+  }
+
+  resource "google_compute_ha_vpn_gateway" "foobar" {
+    provider = google-beta
+    name    = "%s-gateway"
+    network = google_compute_network.foobar.self_link
+    region  = google_compute_subnetwork.foobar.region
+    stack_type = "IPV4_IPV6"
+  }
+
+  resource "google_compute_external_vpn_gateway" "external_gateway" {
+    provider = google-beta
+    name            = "%s-external-gateway"
+    redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
+    description     = "An externally managed VPN gateway"
+    interface {
+      id         = 0
+      ip_address = "8.8.8.8"
+    }
+  }
+
+  resource "google_compute_router" "foobar" {
+    provider = google-beta
+    name    = "%s"
+    region  = google_compute_subnetwork.foobar.region
+    network = google_compute_network.foobar.self_link
+    bgp {
+      asn = 64514
+    }
+  }
+
+  resource "google_compute_vpn_tunnel" "foobar" {
+    provider = google-beta
+    name               = "%s-tunnel"
+    region             = google_compute_subnetwork.foobar.region
+    vpn_gateway = google_compute_ha_vpn_gateway.foobar.id
+    peer_external_gateway           = google_compute_external_vpn_gateway.external_gateway.id
+    peer_external_gateway_interface = 0  
+    shared_secret      = "unguessable"
+    router             = google_compute_router.foobar.name
+    vpn_gateway_interface           = 0
+  }
+
+  resource "google_compute_router_interface" "foobar" {
+    provider = google-beta
+    name       = "%s-interface"
+    router     = google_compute_router.foobar.name
+    region     = google_compute_router.foobar.region
+    vpn_tunnel = google_compute_vpn_tunnel.foobar.name
+    ip_range   = "fdff:1::1:1/126"
+  }
+
+  resource "google_compute_router_peer" "foobar" {
+    provider = google-beta
+    name                      = "%s-peer"
+    router                    = google_compute_router.foobar.name
+    region                    = google_compute_router.foobar.region
+    peer_asn                  = 65515
+    advertised_route_priority = 100
+    interface                 = google_compute_router_interface.foobar.name
+    ip_address                = "fdff:1::1:1"
+    peer_ip_address           = "fdff:1::1:2"
+
+    enable_ipv4               = true
+    enable_ipv6               = true
+    ipv4_nexthop_address      = "169.254.1.1"
+    peer_ipv4_nexthop_address = "169.254.1.2"
+  }
+  `, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName)
+}
+
+func testAccComputeRouterPeerUpdateIpv4Address(routerName string) string {
+	return fmt.Sprintf(`resource "google_compute_network" "foobar" {
+    provider = google-beta
+    name = "%s-net"
+    auto_create_subnetworks = false
+  }
+
+  resource "google_compute_subnetwork" "foobar" {
+    provider = google-beta
+    name          = "%s-subnet"
+    network       = google_compute_network.foobar.self_link
+    ip_cidr_range = "10.0.0.0/16"
+    region        = "us-central1"
+    stack_type = "IPV4_IPV6"
+    ipv6_access_type = "EXTERNAL" 
+  }
+
+  resource "google_compute_ha_vpn_gateway" "foobar" {
+    provider = google-beta
+    name    = "%s-gateway"
+    network = google_compute_network.foobar.self_link
+    region  = google_compute_subnetwork.foobar.region
+    stack_type = "IPV4_IPV6"
+  }
+
+  resource "google_compute_external_vpn_gateway" "external_gateway" {
+    provider = google-beta
+    name            = "%s-external-gateway"
+    redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
+    description     = "An externally managed VPN gateway"
+    interface {
+      id         = 0
+      ip_address = "8.8.8.8"
+    }
+  }
+
+  resource "google_compute_router" "foobar" {
+    provider = google-beta
+    name    = "%s"
+    region  = google_compute_subnetwork.foobar.region
+    network = google_compute_network.foobar.self_link
+    bgp {
+      asn = 64514
+    }
+  }
+
+  resource "google_compute_vpn_tunnel" "foobar" {
+    provider = google-beta
+    name               = "%s-tunnel"
+    region             = google_compute_subnetwork.foobar.region
+    vpn_gateway = google_compute_ha_vpn_gateway.foobar.id
+    peer_external_gateway           = google_compute_external_vpn_gateway.external_gateway.id
+    peer_external_gateway_interface = 0  
+    shared_secret      = "unguessable"
+    router             = google_compute_router.foobar.name
+    vpn_gateway_interface           = 0
+  }
+
+  resource "google_compute_router_interface" "foobar" {
+    provider = google-beta
+    name       = "%s-interface"
+    router     = google_compute_router.foobar.name
+    region     = google_compute_router.foobar.region
+    vpn_tunnel = google_compute_vpn_tunnel.foobar.name
+    ip_range   = "fdff:1::1:1/126"
+  }
+
+  resource "google_compute_router_peer" "foobar" {
+    provider = google-beta
+    name                      = "%s-peer"
+    router                    = google_compute_router.foobar.name
+    region                    = google_compute_router.foobar.region
+    peer_asn                  = 65515
+    advertised_route_priority = 100
+    interface                 = google_compute_router_interface.foobar.name
+    ip_address                = "fdff:1::1:1"
+    peer_ip_address           = "fdff:1::1:2"
+
+    enable_ipv4               = true
+    enable_ipv6               = true
+    ipv4_nexthop_address      = "169.254.1.2"
+    peer_ipv4_nexthop_address = "169.254.1.1"
+  }
+  `, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName)
+}
+<% end -%>

mmv1/third_party/terraform/services/compute/resource_compute_router_interface.go.erb

@@ -13,6 +13,9 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	<% unless version == "ga" -%>
+	"github.com/hashicorp/terraform-provider-google/google/verify"
+	<% end -%>
 	"google.golang.org/api/googleapi"
 
 <% if version == "ga" -%>
@@ -80,6 +83,16 @@ func ResourceComputeRouterInterface() *schema.Resource {
 				AtLeastOneOf:   []string{"ip_range", "interconnect_attachment", "subnetwork", "vpn_tunnel"},
 				Description:    `The IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. Changing this forces a new interface to be created.`,
 			},
+			<% unless version == 'ga' -%>
+			"ip_version": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				Computed:     true,
+				ValidateFunc: verify.ValidateEnum([]string{"IPV4", "IPV6"}),
+				Description:  `IP version of this interface.`,
+			},
+			<% end -%>
 			"private_ip_address": {
 				Type:         schema.TypeString,
 				Optional:     true,
@@ -178,6 +191,12 @@ func resourceComputeRouterInterfaceCreate(d *schema.ResourceData, meta interface
 		iface.IpRange = ipRangeVal.(string)
 	}
 
+	<% unless version == 'ga' -%>
+	if ipVersionVal, ok := d.GetOk("ip_version"); ok {
+		iface.IpVersion = ipVersionVal.(string)
+	}
+	<% end -%>
+
 	if privateIpVal, ok := d.GetOk("private_ip_address"); ok {
 		iface.PrivateIpAddress = privateIpVal.(string)
 	}
@@ -269,6 +288,11 @@ func resourceComputeRouterInterfaceRead(d *schema.ResourceData, meta interface{}
 			if err := d.Set("ip_range", iface.IpRange); err != nil {
 				return fmt.Errorf("Error setting ip_range: %s", err)
 			}
+			<% unless version == 'ga' -%>
+			if err := d.Set("ip_version", iface.IpVersion); err != nil {
+				return fmt.Errorf("Error setting ip_version: %s", err)
+			}
+			<% end -%>
 			if err := d.Set("private_ip_address", iface.PrivateIpAddress); err != nil {
 				return fmt.Errorf("Error setting private_ip_address: %s", err)
 			}