Added org policy policy resource.

GNUmakefile

@@ -49,7 +49,7 @@ validator:
 
 serialize:
 	cd tpgtools;\
-		go run . --path "api" --overrides "overrides" --mode "serialization" > temp.serial;\
+		go run . --path "api" --overrides "overrides" --mode "serialization" > temp.serial &&\
 		mv -f temp.serial serialization.go;\
 
 upgrade-dcl:

mmv1/third_party/terraform/go.mod.erb

@@ -3,7 +3,7 @@ module github.com/hashicorp/terraform-provider-google<%= "-" + version unless ve
 
 require (
 	cloud.google.com/go/bigtable v1.10.1
-	github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210914194833-2626db3d194d
+	github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210918014849-ef8e2b337288
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/client9/misspell v0.3.4
 	github.com/davecgh/go-spew v1.1.1

mmv1/third_party/terraform/go.sum

@@ -1405,3 +1405,7 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210918014849-ef8e2b337288 h1:mMwzB+vf5cvKCKAl1RocM5CqHhr8NtEKpP8ioSDVhO4=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210918014849-ef8e2b337288/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210918014849-ef8e2b337288 h1:mMwzB+vf5cvKCKAl1RocM5CqHhr8NtEKpP8ioSDVhO4=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20210918014849-ef8e2b337288/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU=

mmv1/third_party/terraform/utils/config.go.erb

@@ -128,8 +128,10 @@ type Config struct {
 	// start DCLBasePaths
 	// dataprocBasePath is implemented in mm
 	AssuredWorkloadsBasePath string
+	CloudResourceManagerBasePath string
 	EventarcBasePath string
 	GkeHubBasePath string
+	OrgPolicyBasePath string
 	<% unless version == 'ga' -%>
 	// CloudBuild WorkerPool uses a different endpoint (v1beta1) than any other CloudBuild resources
 	CloudBuildWorkerPoolBasePath string

mmv1/third_party/terraform/utils/provider.go.erb

@@ -177,8 +177,10 @@ func Provider() *schema.Provider {
 
 			// dcl
 			AssuredWorkloadsEndpointEntryKey:               AssuredWorkloadsEndpointEntry,
+			CloudResourceManagerEndpointEntryKey:           CloudResourceManagerEndpointEntry,
 			EventarcEndpointEntryKey:               EventarcEndpointEntry,
 			GkeHubFeatureCustomEndpointEntryKey:               GkeHubFeatureCustomEndpointEntry,
+			OrgPolicyEndpointEntryKey:               OrgPolicyEndpointEntry,
 			PrivatecaCertificateTemplateEndpointEntryKey:               PrivatecaCertificateTemplateCustomEndpointEntry,
 
 			<% unless version == "ga" -%>
@@ -454,6 +456,7 @@ end     # products.each do
 				"google_gke_hub_feature":                       resourceGkeHubFeature(),
 				"google_gke_hub_feature_membership":            resourceGkeHubFeatureMembership(),
 				<% end -%>
+                                "google_org_policy_policy":                      resourceOrgPolicyPolicy(),
 				"google_privateca_certificate_template":        resourcePrivatecaCertificateTemplate(),
 			},
 			// ------------------------------------
@@ -622,8 +625,10 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr
 
 	// dcl
 	config.AssuredWorkloadsBasePath = d.Get(AssuredWorkloadsEndpointEntryKey).(string)
+	config.CloudResourceManagerBasePath = d.Get(CloudResourceManagerEndpointEntryKey).(string)
 	config.EventarcBasePath = d.Get(EventarcEndpointEntryKey).(string)
 	config.GkeHubBasePath = d.Get(GkeHubFeatureCustomEndpointEntryKey).(string)
+	config.OrgPolicyBasePath = d.Get(OrgPolicyEndpointEntryKey).(string)
 	config.PrivatecaBasePath = d.Get(PrivatecaCertificateTemplateEndpointEntryKey).(string)
 	<% unless version == "ga" -%>
 	config.CloudBuildWorkerPoolBasePath = d.Get(CloudBuildWorkerPoolEndpointEntryKey).(string)

tpgtools/api/cloudresourcemanager/beta/folder.yaml

@@ -0,0 +1,111 @@
+info:
+  title: CloudResourceManager/Folder
+  description: DCL Specification for the CloudResourceManager Folder resource
+  x-dcl-has-iam: true
+paths:
+  get:
+    description: The function used to get information about a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  apply:
+    description: The function used to apply information about a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  delete:
+    description: The function used to delete a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  deleteAll:
+    description: The function used to delete all Folder
+    parameters:
+    - name: parent
+      required: true
+      schema:
+        type: string
+  list:
+    description: The function used to list information about many Folder
+    parameters:
+    - name: parent
+      required: true
+      schema:
+        type: string
+components:
+  schemas:
+    Folder:
+      title: Folder
+      x-dcl-id: folders/{{name}}
+      type: object
+      required:
+      - parent
+      properties:
+        createTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: CreateTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was created. Assigned
+            by the server.
+          x-kubernetes-immutable: true
+        deleteTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: DeleteTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was requested to be
+            deleted.
+          x-kubernetes-immutable: true
+        displayName:
+          type: string
+          x-dcl-go-name: DisplayName
+          description: 'The folder''s display name. A folder''s display name must
+            be unique amongst its siblings, e.g. no two folders with the same parent
+            can share the same display name. The display name must start and end with
+            a letter or digit, may contain letters, digits, spaces, hyphens and underscores
+            and can be no longer than 30 characters. This is captured by the regular
+            expression: `[p{L}p{N}]([p{L}p{N}_- ]{0,28}[p{L}p{N}])?`.'
+        etag:
+          type: string
+          x-dcl-go-name: Etag
+          readOnly: true
+          description: Output only. A checksum computed by the server based on the
+            current value of the Folder resource. This may be sent on update and delete
+            requests to ensure the client has an up-to-date value before proceeding.
+          x-kubernetes-immutable: true
+        name:
+          type: string
+          x-dcl-go-name: Name
+          readOnly: true
+          description: Output only. The resource name of the Folder.
+          x-kubernetes-immutable: true
+          x-dcl-server-generated-parameter: true
+        parent:
+          type: string
+          x-dcl-go-name: Parent
+          description: Required. The Folder's parent's resource name. Updates to the
+            folder's parent must be performed via MoveFolder.
+          x-dcl-forward-slash-allowed: true
+        state:
+          type: string
+          x-dcl-go-name: State
+          x-dcl-go-type: FolderStateEnum
+          readOnly: true
+          description: 'Output only. The lifecycle state of the folder. Possible values:
+            LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED'
+          x-kubernetes-immutable: true
+          enum:
+          - LIFECYCLE_STATE_UNSPECIFIED
+          - ACTIVE
+          - DELETE_REQUESTED
+        updateTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: UpdateTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was last modified.
+          x-kubernetes-immutable: true

tpgtools/api/cloudresourcemanager/beta/project.yaml

@@ -0,0 +1,89 @@
+info:
+  title: CloudResourceManager/Project
+  description: DCL Specification for the CloudResourceManager Project resource
+  x-dcl-has-iam: true
+paths:
+  get:
+    description: The function used to get information about a Project
+    parameters:
+    - name: Project
+      required: true
+      description: A full instance of a Project
+  apply:
+    description: The function used to apply information about a Project
+    parameters:
+    - name: Project
+      required: true
+      description: A full instance of a Project
+  delete:
+    description: The function used to delete a Project
+    parameters:
+    - name: Project
+      required: true
+      description: A full instance of a Project
+  deleteAll:
+    description: The function used to delete all Project
+    parameters: []
+  list:
+    description: The function used to list information about many Project
+    parameters: []
+components:
+  schemas:
+    Project:
+      title: Project
+      x-dcl-id: v1/projects/{{name}}
+      x-dcl-labels: labels
+      type: object
+      properties:
+        displayname:
+          type: string
+          x-dcl-go-name: DisplayName
+          description: 'The optional user-assigned display name of the Project. When
+            present it must be between 4 to 30 characters. Allowed characters are:
+            lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote,
+            space, and exclamation point. Example: `My Project` Read-write.'
+          x-kubernetes-immutable: true
+        labels:
+          type: object
+          additionalProperties:
+            type: string
+          x-dcl-go-name: Labels
+          description: User-specified labels.
+        lifecycleState:
+          type: string
+          x-dcl-go-name: LifecycleState
+          x-dcl-go-type: ProjectLifecycleStateEnum
+          readOnly: true
+          description: 'The Project lifecycle state. Read-only. Possible values: LIFECYCLE_STATE_UNSPECIFIED,
+            ACTIVE, DELETE_REQUESTED, DELETE_IN_PROGRESS'
+          x-kubernetes-immutable: true
+          enum:
+          - LIFECYCLE_STATE_UNSPECIFIED
+          - ACTIVE
+          - DELETE_REQUESTED
+          - DELETE_IN_PROGRESS
+        name:
+          type: string
+          x-dcl-go-name: Name
+          description: 'The unique, user-assigned ID of the Project. It must be 6
+            to 30 lowercase letters, digits, or hyphens. It must start with a letter.
+            Trailing hyphens are prohibited. Example: `tokyo-rain-123` Read-only after
+            creation.'
+          x-kubernetes-immutable: true
+        parent:
+          type: string
+          x-dcl-go-name: Parent
+          description: 'An optional reference to a parent Resource. Supported values
+            include organizations/<org_id> and folders/<folder_id>. Once set, the
+            parent cannot be cleared. The `parent` can be set on creation or using
+            the `UpdateProject` method; the end user must have the `resourcemanager.projects.create`
+            permission on the parent. Read-write. '
+          x-kubernetes-immutable: true
+        projectNumber:
+          type: integer
+          format: int64
+          x-dcl-go-name: ProjectNumber
+          readOnly: true
+          description: 'The number uniquely identifying the project. Example: `415104041262`
+            Read-only. '
+          x-kubernetes-immutable: true

tpgtools/api/cloudresourcemanager/folder.yaml

@@ -0,0 +1,111 @@
+info:
+  title: CloudResourceManager/Folder
+  description: DCL Specification for the CloudResourceManager Folder resource
+  x-dcl-has-iam: true
+paths:
+  get:
+    description: The function used to get information about a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  apply:
+    description: The function used to apply information about a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  delete:
+    description: The function used to delete a Folder
+    parameters:
+    - name: Folder
+      required: true
+      description: A full instance of a Folder
+  deleteAll:
+    description: The function used to delete all Folder
+    parameters:
+    - name: parent
+      required: true
+      schema:
+        type: string
+  list:
+    description: The function used to list information about many Folder
+    parameters:
+    - name: parent
+      required: true
+      schema:
+        type: string
+components:
+  schemas:
+    Folder:
+      title: Folder
+      x-dcl-id: folders/{{name}}
+      type: object
+      required:
+      - parent
+      properties:
+        createTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: CreateTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was created. Assigned
+            by the server.
+          x-kubernetes-immutable: true
+        deleteTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: DeleteTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was requested to be
+            deleted.
+          x-kubernetes-immutable: true
+        displayName:
+          type: string
+          x-dcl-go-name: DisplayName
+          description: 'The folder''s display name. A folder''s display name must
+            be unique amongst its siblings, e.g. no two folders with the same parent
+            can share the same display name. The display name must start and end with
+            a letter or digit, may contain letters, digits, spaces, hyphens and underscores
+            and can be no longer than 30 characters. This is captured by the regular
+            expression: `[p{L}p{N}]([p{L}p{N}_- ]{0,28}[p{L}p{N}])?`.'
+        etag:
+          type: string
+          x-dcl-go-name: Etag
+          readOnly: true
+          description: Output only. A checksum computed by the server based on the
+            current value of the Folder resource. This may be sent on update and delete
+            requests to ensure the client has an up-to-date value before proceeding.
+          x-kubernetes-immutable: true
+        name:
+          type: string
+          x-dcl-go-name: Name
+          readOnly: true
+          description: Output only. The resource name of the Folder.
+          x-kubernetes-immutable: true
+          x-dcl-server-generated-parameter: true
+        parent:
+          type: string
+          x-dcl-go-name: Parent
+          description: Required. The Folder's parent's resource name. Updates to the
+            folder's parent must be performed via MoveFolder.
+          x-dcl-forward-slash-allowed: true
+        state:
+          type: string
+          x-dcl-go-name: State
+          x-dcl-go-type: FolderStateEnum
+          readOnly: true
+          description: 'Output only. The lifecycle state of the folder. Possible values:
+            LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED'
+          x-kubernetes-immutable: true
+          enum:
+          - LIFECYCLE_STATE_UNSPECIFIED
+          - ACTIVE
+          - DELETE_REQUESTED
+        updateTime:
+          type: string
+          format: date-time
+          x-dcl-go-name: UpdateTime
+          readOnly: true
+          description: Output only. Timestamp when the Folder was last modified.
+          x-kubernetes-immutable: true