Merge eb26f13 into 9d38b57

products/dns/api.yaml

@@ -15,9 +15,13 @@
 name: Dns
 display_name: Google Cloud DNS
 versions:
+  - !ruby/object:Api::Product::Version
+    name: beta
+    base_url: https://www.googleapis.com/dns/v1beta2/
   - !ruby/object:Api::Product::Version
     name: ga
     base_url: https://www.googleapis.com/dns/v1/
+    default: true
 scopes:
   - https://www.googleapis.com/auth/ndev.clouddns.readwrite
 objects:
@@ -83,6 +87,60 @@ objects:
           A set of key/value label pairs to assign to this ManagedZone.
         update_verb: :PATCH
         update_url: 'projects/{{project}}/managedZones/{{name}}'
+      - !ruby/object:Api::Type::Enum
+        name: 'visibility'
+        description: |
+          The zone's visibility: public zones are exposed to the Internet,
+          while private zones are visible only to Virtual Private Cloud resources.
+          Must be one of: `public`, `private`.
+        values:
+        - :private
+        - :public
+        default_value: :public
+        min_version: beta
+      - !ruby/object:Api::Type::NestedObject
+        name: 'privateVisibilityConfig'
+        description: |
+          For privately visible zones, the set of Virtual Private Cloud
+          resources that the zone is visible from.
+        update_verb: :PATCH
+        update_url: 'projects/{{project}}/managedZones/{{name}}'
+        properties:
+          - !ruby/object:Api::Type::Array
+            name: 'networks'
+            description: 'The list of VPC networks that can see this zone.'
+            item_type: !ruby/object:Api::Type::NestedObject
+              properties:
+                # TODO(drebes): Make 'networkUrl' a ResourceRef once cross-module references
+                # are possible.
+                - !ruby/object:Api::Type::String
+                  name: 'networkUrl'
+                  description: |
+                    The fully qualified URL of the VPC network to bind to.
+                    This should be formatted like
+                    `https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`
+        min_version: beta
+      - !ruby/object:Api::Type::NestedObject
+        name: 'forwardingConfig'
+        description: |
+          The presence for this field indicates that outbound forwarding is enabled
+          for this zone. The value of this field contains the set of destinations
+          to forward to.
+        update_verb: :PATCH
+        update_url: 'projects/{{project}}/managedZones/{{name}}'
+        properties:
+          - !ruby/object:Api::Type::Array
+            name: 'targetNameServers'
+            description: |
+              List of target name servers to forward to. Cloud DNS will
+              select the best available name server if more than
+              one target is given.
+            item_type: !ruby/object:Api::Type::NestedObject
+              properties:
+                - !ruby/object:Api::Type::String
+                  name: 'ipv4Address'
+                  description: 'IPv4 address of a target name server.'
+        min_version: beta
     references: !ruby/object:Api::Resource::ReferenceLinks
       guides:
         'Managing Zones':

products/dns/terraform.yaml

@@ -19,6 +19,15 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         name: "dns_managed_zone_basic"
         primary_resource_id: "example-zone"
         version: <%= version_name %>
+      - !ruby/object:Provider::Terraform::Examples
+        name: "dns_managed_zone_private"
+        primary_resource_id: "private-zone"
+        version: <%= version_name %>
+        skip_test: true
+        vars:
+          zone_name: "private-zone"
+          network_1_name: "network-1"
+          network_2_name: "network-2"
     properties:
       creationTime: !ruby/object:Overrides::Terraform::PropertyOverride
         exclude: true
@@ -31,6 +40,32 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         exclude: true
       nameServerSet: !ruby/object:Overrides::Terraform::PropertyOverride
         exclude: true
+      privateVisibilityConfig.networks: !ruby/object:Overrides::Terraform::PropertyOverride
+        is_set: true
+        set_hash_func: |-
+          func(v interface{}) int {
+            raw := v.(map[string]interface{})
+            if url, ok := raw["network_url"]; ok {
+              return selfLinkNameHash(url)
+            }
+            var buf bytes.Buffer
+            schema.SerializeResourceForHash(&buf, raw, dnsManagedZonePrivateVisibilityConfigNetworksSchema())
+            return hashcode.String(buf.String())
+          }
+      privateVisibilityConfig.networks.networkUrl: !ruby/object:Overrides::Terraform::PropertyOverride
+        diff_suppress_func: 'compareSelfLinkOrResourceName'
+      forwardingConfig.targetNameServers: !ruby/object:Overrides::Terraform::PropertyOverride
+        is_set: true
+        set_hash_func: |-
+          func(v interface{}) int {
+            raw := v.(map[string]interface{})
+            if address, ok := raw["ipv4_address"]; ok {
+              hashcode.String(address.(string))
+            }
+            var buf bytes.Buffer
+            schema.SerializeResourceForHash(&buf, raw, dnsManagedZoneForwardingConfigTargetNameServersSchema())
+            return hashcode.String(buf.String())
+          }
   ResourceRecordSet: !ruby/object:Overrides::Terraform::ResourceOverride
     exclude: true
   Project: !ruby/object:Overrides::Terraform::ResourceOverride

templates/terraform/examples/dns_managed_zone_private.tf.erb

@@ -0,0 +1,39 @@
+resource "google_dns_managed_zone" "<%= ctx[:primary_resource_id] %>" {
+  name = "<%= ctx[:vars]['zone_name'] %>"
+  dns_name = "private.example.com."
+  description = "Example private DNS zone"
+  labels = {
+    foo = "bar"
+  }
+
+  visibility = "private"
+
+  private_visibility_config {
+    networks {
+      network_url =  "${google_compute_network.network-1.self_link}"
+    }
+    networks {
+      network_url =  "${google_compute_network.network-2.self_link}"
+    }
+  }
+
+  forwarding_config {
+    target_name_servers {
+      ipv4_address = "172.16.1.10"
+    }
+    target_name_servers {
+      ipv4_address = "172.16.1.20"
+    }
+  }
+
+}
+
+resource "google_compute_network" "network-1" {
+  name = "<%= ctx[:vars]['network_1_name'] %>"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_network" "network-2" {
+  name = "<%= ctx[:vars]['network_2_name'] %>"
+  auto_create_subnetworks = false
+}

third_party/terraform/tests/resource_dns_managed_zone_test.go → third_party/terraform/tests/resource_dns_managed_zone_test.go.erb

@@ -1,3 +1,4 @@
+<% autogen_exception -%>
 package google
 
 import (
@@ -38,6 +39,38 @@ func TestAccDnsManagedZone_update(t *testing.T) {
 	})
 }
 
+<% unless version.nil? || version == 'ga' -%>
+func TestAccDnsManagedZone_privateUpdate(t *testing.T) {
+	t.Parallel()
+
+	zoneSuffix := acctest.RandString(10)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckDnsManagedZoneDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccDnsManagedZone_privateUpdate(zoneSuffix, "network-1", "network-2", "172.16.1.10", "172.16.1.20"),
+			},
+			resource.TestStep{
+				ResourceName:      "google_dns_managed_zone.private",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			resource.TestStep{
+				Config: testAccDnsManagedZone_privateUpdate(zoneSuffix, "network-2", "network-3", "172.16.1.10", "192.168.1.1"),
+			},
+			resource.TestStep{
+				ResourceName:      "google_dns_managed_zone.private",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+<% end -%>
+
 func testAccDnsManagedZone_basic(suffix, description string) string {
 	return fmt.Sprintf(`
 resource "google_dns_managed_zone" "foobar" {
@@ -50,6 +83,50 @@ resource "google_dns_managed_zone" "foobar" {
 }`, suffix, suffix, description)
 }
 
+<% unless version.nil? || version == 'ga' -%>
+func testAccDnsManagedZone_privateUpdate(suffix, first_network, second_network, first_nameserver, second_nameserver string) string {
+	return fmt.Sprintf(`
+resource "google_dns_managed_zone" "private" {
+  name = "private-zone-%s"
+  dns_name = "private.example.com."
+  description = "Example private DNS zone"
+  visibility = "private"
+  private_visibility_config {
+    networks {
+      network_url = "${google_compute_network.%s.self_link}"
+    }
+    networks {
+      network_url = "${google_compute_network.%s.self_link}"
+    }
+  }
+
+  forwarding_config {
+    target_name_servers {
+      ipv4_address = "%s"
+    }
+    target_name_servers {
+      ipv4_address = "%s"
+    }
+  }
+}
+
+resource "google_compute_network" "network-1" {
+  name = "network-1-%s"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_network" "network-2" {
+  name = "network-2-%s"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_network" "network-3" {
+  name = "network-3-%s"
+  auto_create_subnetworks = false
+}`, suffix, first_network, second_network, first_nameserver, second_nameserver, suffix, suffix, suffix)
+}
+<% end -%>
+
 func TestDnsManagedZoneImport_parseImportId(t *testing.T) {
 	zoneRegexes := []string{
 		"projects/(?P<project>[^/]+)/managedZones/(?P<name>[^/]+)",