Add NON_GCP_PRIVATE_IP_PORT as networkEndpointType for NetworkEndpointGroup

[AlexanderEllis]

This change adds NON_GCP_PRIVATE_IP_PORT as a network_endpoint_type option for the google_compute_network_endpoint_group resource. This is in support for Hybrid Load Balancing.

I added two examples: one with a basic google_compute_network_endpoint_group with the new type, and one with a global external managed load balancer with hybrid connectivity (roughly following the configuration at https://cloud.google.com/load-balancing/docs/https/setting-up-ext-https-hybrid). I also added documentation about the valid combination of this new type and backend service load balancing scheme/balancing modes.

Part of hashicorp/terraform-provider-google#10040

For posterity, this change also sets the instance attribute on the google_compute_network_endpoint resource to be optional, as Hybrid connectivity NEGs use endpoints with just IP and PORT (without an instance). See https://cloud.google.com/load-balancing/docs/negs#hybrid-neg and https://cloud.google.com/load-balancing/docs/https/setting-up-ext-global-https-hybrid#set_up_the_hybrid_connectivity_neg for more details.

If this PR is for Terraform, I acknowledge that I have:

• Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
• Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
• Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
• Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
• Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

compute: add `NON_GCP_PRIVATE_IP_PORT` value for `network_endpoint_type` in the `google_compute_network_endpoint_group` resource

compute: Update `instance` attribute for `google_compute_network_endpoint` to be optional, as Hybrid connectivity NEGs use network endpoints with just IP and Port.

[modular-magician]

Hello! I am a robot who works on Magic Modules PRs.

I have detected that you are a community contributor, so your PR will be assigned to someone with a commit-bit on this repo for initial review.

Thanks for your contribution! A human will be with you soon.

@melinath, please review this PR or find an appropriate assignee.

[melinath]

b/202539913, b/202525233, b/181008964

[melinath]

This looks good overall - it looks like one of the new tests is failing. I've noted a potential fix below. If you can test it locally prior to pushing, that would be great!

[melinath]

LGTM - I'll merge in the morning assuming the gcbrun looks good.

[ct-dh]

I was working on my own version of this but hadn't got round to tidying it up to raise a PR. Does this PR support importing the hybrid NEGs as is? I found I had to make more changes than in this PR to get imports to work correctly (this is the diff I had, but as I say I haven't had a chance to tidy it up, please feel free to grab anything if needed): https://github.com/GoogleCloudPlatform/magic-modules/compare/master...ct-dh:feature/hybrid-neg-support?expand=1

[AlexanderEllis]

@ct-dh Thanks for flagging that, and thanks for sending over your changes! I'll double check that on my end with the instances built out as well.

[melinath]

Per discussion above, sounds like there are some changes to be made.

[AlexanderEllis]

Updated NetworkEndpoint instance param to be optional and added an example/tests exercising it. Followed the patterns in resource_compute_global_network_endpoint examples for the optional params (custom import and handling). Hat tip to @ct-dh again for the suggestion!

[melinath]

New test run for just the new tests: https://ci-oss.hashicorp.engineering/buildConfiguration/GoogleCloudBeta_ProviderGoogleCloudBetaMmUpstream/257226

[melinath]

Trying /gcbrun again

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 7 files changed, 364 insertions(+), 25 deletions(-))
Terraform Beta: Diff ( 7 files changed, 364 insertions(+), 25 deletions(-))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))
TF OiCS: Diff ( 8 files changed, 324 insertions(+))

[modular-magician]

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccApigeeEnvironmentIamBindingGenerated|TestAccApigeeEnvironmentIamMemberGenerated|TestAccApigeeEnvironmentIamPolicyGenerated|TestAccCloudbuildWorkerPool_basic|TestAccComputeGlobalForwardingRule_globalForwardingRuleHybridExample|TestAccComputeNetworkEndpointGroup_networkEndpointGroupNonGcpExample|TestAccContainerCluster_withAuthenticatorGroupsConfig|TestAccServiceNetworkingPeeredDNSDomain_basic You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=257868

[melinath]

@AlexanderEllis quick question - could you add a note explaining why the instance field is being changed to optional?

[AlexanderEllis]

@AlexanderEllis quick question - could you add a note explaining why the instance field is being changed to optional?

Done: added separate release note and additional links in description for posterity. Thanks!

[melinath]

LGTM - remaining test failures are unrelated.