From 6675fb1161549c8be4f8df39b77f2078a6db77de Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Sun, 3 Oct 2021 07:17:55 +0000 Subject: [PATCH 01/14] Add support IAM policy for the Environment of Apigee X --- mmv1/products/apigee/api.yaml | 17 ++-- mmv1/products/apigee/terraform.yaml | 67 ++++++++-------- .../custom_import/apigee_environment.go.erb | 42 ---------- .../custom_import/apigee_organization.go.erb | 40 ---------- .../encoders/apigee_organization.go.erb | 2 - .../examples/apigee_environment_basic.tf.erb | 15 ++-- .../apigee_environment_basic_test.tf.erb | 60 --------------- .../apigee_organization_cloud_basic.tf.erb | 6 +- ...pigee_organization_cloud_basic_test.tf.erb | 53 ------------- .../apigee_organization_cloud_full.tf.erb | 17 ++-- ...apigee_organization_cloud_full_test.tf.erb | 77 +++++-------------- 11 files changed, 82 insertions(+), 314 deletions(-) delete mode 100644 mmv1/templates/terraform/custom_import/apigee_environment.go.erb delete mode 100644 mmv1/templates/terraform/custom_import/apigee_organization.go.erb delete mode 100644 mmv1/templates/terraform/encoders/apigee_organization.go.erb delete mode 100644 mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb delete mode 100644 mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index 7b47cb05780d..af4c8756f32c 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -209,9 +209,8 @@ objects: api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' - !ruby/object:Api::Resource name: 'Environment' - base_url: 'environments' - create_url: '{{org_id}}/environments' - self_link: '{{org_id}}/environments/{{name}}' + base_url: 'organizations/{{org_name}}/environments' + self_link: 'organizations/{{org_name}}/environments/{{name}}' async: !ruby/object:Api::OpAsync operation: !ruby/object:Api::OpAsync::Operation path: 'name' @@ -231,12 +230,18 @@ objects: message: 'message' description: | An `Environment` in Apigee. + iam_policy: !ruby/object:Api::Resource::IamPolicy + exclude: false + method_name_separator: ':' + parent_resource_attribute: 'env_name' + import_format: ["organizations/{{org_name}}/environments/{{name}}", "{{name}}"] + base_url: "organizations/{{org_name}}/environments/{{name}}" + self_link: "organizations/{{org_name}}/environments/{{name}}" parameters: - !ruby/object:Api::Type::String - name: 'orgId' + name: 'orgName' description: | - The Apigee Organization associated with the Apigee environment, - in the format `organizations/{{org_name}}`. + The Apigee Organization associated with the Apigee environment. required: true input: true url_param_only: true diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 038eecbc961e..7d03c394b829 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -18,41 +18,47 @@ overrides: !ruby/object:Overrides::ResourceOverrides examples: - !ruby/object:Provider::Terraform::Examples name: "apigee_organization_cloud_basic" - skip_test: true - - !ruby/object:Provider::Terraform::Examples - # This is a more verbose version of the above that creates all - # the resources needed for the acceptance test. - name: "apigee_organization_cloud_basic_test" - primary_resource_id: "org" - test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true + primary_resource_id: "apigee-org" + vars: + network_id: "apigee-network" + network_range_id: "apigee-range" # Resource creation race skip_vcr: true - !ruby/object:Provider::Terraform::Examples name: "apigee_organization_cloud_full" + primary_resource_id: "apigee-org" + vars: + network_id: "apigee-network" + network_range_id: "apigee-range" + keyring_id: "apigee-keyring" + key_id: "apigee-key" + # While all Apigee resources in this test are in the GA API, we depend + # on a service identity resource which is only available in the beta + # provider. + min_version: beta + # This example is for docs purpose only. + # For test to pass, google-beta-provider needs to be added to all + # resources, and KMS key lifecycle has to be removed. These are set + # in "apigee_organization_cloud_full_test" below. skip_test: true - !ruby/object:Provider::Terraform::Examples - # This is a more verbose version of the above that creates all - # the resources needed for the acceptance test. While all Apigee - # resources in this test are in the GA API, we depend on a service - # identity resource which is only available in the beta provider. name: "apigee_organization_cloud_full_test" - primary_resource_id: "org" - test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true + primary_resource_id: "apigee-org" + vars: + network_id: "apigee-network" + network_range_id: "apigee-range" + keyring_id: "apigee-keyring" + key_id: "apigee-key" + # While all Apigee resources in this test are in the GA API, we depend + # on a service identity resource which is only available in the beta + # provider. min_version: beta # Resource creation race skip_vcr: true + skip_docs: true timeouts: !ruby/object:Api::Timeouts insert_minutes: 10 delete_minutes: 10 - custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_organization.go.erb - encoder: templates/terraform/encoders/apigee_organization.go.erb Instance: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true import_format: ["{{org_id}}/instances/{{name}}", "{{org_id}}/{{name}}"] @@ -93,27 +99,20 @@ overrides: !ruby/object:Overrides::ResourceOverrides custom_import: templates/terraform/custom_import/apigee_instance.go.erb Environment: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true - import_format: ["{{org_id}}/environments/{{name}}", "{{org_id}}/{{name}}"] examples: - !ruby/object:Provider::Terraform::Examples name: "apigee_environment_basic" - skip_test: true - - !ruby/object:Provider::Terraform::Examples - # This is a more verbose version of the above that creates all - # the resources needed for the acceptance test. - name: "apigee_environment_basic_test" primary_resource_id: "apigee_environment" - test_env_vars: - org_id: :ORG_ID - billing_account: :BILLING_ACCT - skip_docs: true + primary_resource_name: "getTestProjectFromEnv(), fmt.Sprintf(\"tf-test-apigee-env%s\", context[\"random_suffix\"])" + vars: + network_id: "apigee-network" + network_range_id: "apigee-range" + apigee_env_id: "apigee-env" # Resource creation race skip_vcr: true timeouts: !ruby/object:Api::Timeouts insert_minutes: 30 delete_minutes: 30 - custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_import: templates/terraform/custom_import/apigee_environment.go.erb Envgroup: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true import_format: ["{{org_id}}/envgroups/{{name}}", "{{org_id}}/{{name}}"] diff --git a/mmv1/templates/terraform/custom_import/apigee_environment.go.erb b/mmv1/templates/terraform/custom_import/apigee_environment.go.erb deleted file mode 100644 index cace71906631..000000000000 --- a/mmv1/templates/terraform/custom_import/apigee_environment.go.erb +++ /dev/null @@ -1,42 +0,0 @@ -config := meta.(*Config) - -// current import_formats cannot import fields with forward slashes in their value -if err := parseImportId([]string{"(?P.+)"}, d, config); err != nil { - return nil, err -} - -nameParts := strings.Split(d.Get("name").(string), "/") -if len(nameParts) == 4 { - // `organizations/{{org_name}}/environments/{{name}}` - orgId := fmt.Sprintf("organizations/%s", nameParts[1]) - if err := d.Set("org_id", orgId); err != nil { - return nil, fmt.Errorf("Error setting org_id: %s", err) - } - if err := d.Set("name", nameParts[3]); err != nil { - return nil, fmt.Errorf("Error setting name: %s", err) - } -} else if len(nameParts) == 3 { - // `organizations/{{org_name}}/{{name}}` - orgId := fmt.Sprintf("organizations/%s", nameParts[1]) - if err := d.Set("org_id", orgId); err != nil { - return nil, fmt.Errorf("Error setting org_id: %s", err) - } - if err := d.Set("name", nameParts[2]); err != nil { - return nil, fmt.Errorf("Error setting name: %s", err) - } -} else { - return nil, fmt.Errorf( - "Saw %s when the name is expected to have shape %s or %s", - d.Get("name"), - "organizations/{{org_name}}/environments/{{name}}", - "organizations/{{org_name}}/{{name}}") -} - -// Replace import id for the resource id -id, err := replaceVars(d, config, "{{org_id}}/environments/{{name}}") -if err != nil { - return nil, fmt.Errorf("Error constructing id: %s", err) -} -d.SetId(id) - -return []*schema.ResourceData{d}, nil diff --git a/mmv1/templates/terraform/custom_import/apigee_organization.go.erb b/mmv1/templates/terraform/custom_import/apigee_organization.go.erb deleted file mode 100644 index 7107ac822b14..000000000000 --- a/mmv1/templates/terraform/custom_import/apigee_organization.go.erb +++ /dev/null @@ -1,40 +0,0 @@ -config := meta.(*Config) - -// current import_formats can't import fields with forward slashes in their value -if err := parseImportId([]string{"(?P.+)"}, d, config); err != nil { - return nil, err -} - -parts := strings.Split(d.Get("name").(string), "/") - -var projectId string -switch len(parts) { - case 1: - projectId = parts[0] - case 2: - projectId = parts[1] - default: - return nil, fmt.Errorf( - "Saw %s when the name is expected to have shape %s or %s", - d.Get("name"), - "{{name}}", - "organizations/{{name}}", - ) -} - -if err := d.Set("name", projectId); err != nil { - return nil, fmt.Errorf("Error setting organization: %s", err) -} - -if err := d.Set("project_id", projectId); err != nil { - return nil, fmt.Errorf("Error setting organization: %s", err) -} - -// Replace import id for the resource id -id, err := replaceVars(d, config, "organizations/{{name}}") -if err != nil { - return nil, fmt.Errorf("Error constructing id: %s", err) -} -d.SetId(id) - -return []*schema.ResourceData{d}, nil diff --git a/mmv1/templates/terraform/encoders/apigee_organization.go.erb b/mmv1/templates/terraform/encoders/apigee_organization.go.erb deleted file mode 100644 index 0db9f52cccae..000000000000 --- a/mmv1/templates/terraform/encoders/apigee_organization.go.erb +++ /dev/null @@ -1,2 +0,0 @@ -obj["name"] = d.Get("project_id").(string) -return obj, nil \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb index 7d3eadbb8a66..ab7021b755ae 100644 --- a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb @@ -1,11 +1,11 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "apigee-network" + name = "<%= ctx[:vars]['network_id'] %>" } resource "google_compute_global_address" "apigee_range" { - name = "apigee-range" + name = "<%= ctx[:vars]['network_range_id'] %>" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 @@ -25,10 +25,9 @@ resource "google_apigee_organization" "apigee_org" { depends_on = [google_service_networking_connection.apigee_vpc_connection] } -resource "google_apigee_environment" "env" { - name = "tf-test%{random_suffix}" - description = "Apigee Environment" - displayName = "environment-1" - org_id = google_apigee_organization.apigee_org.id +resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { + name = "<%= ctx[:vars]['apigee_env_id'] %>" + description = "Apigee Environment" + display_name = "environment-1" + org_name = google_apigee_organization.apigee_org.name } - diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb deleted file mode 100644 index b0fa1eb164ca..000000000000 --- a/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb +++ /dev/null @@ -1,60 +0,0 @@ -resource "google_project" "project" { - project_id = "tf-test%{random_suffix}" - name = "tf-test%{random_suffix}" - org_id = "<%= ctx[:test_env_vars]['org_id'] %>" - billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" -} - -resource "google_project_service" "apigee" { - project = google_project.project.project_id - service = "apigee.googleapis.com" -} - -resource "google_project_service" "compute" { - project = google_project.project.project_id - service = "compute.googleapis.com" -} - -resource "google_project_service" "servicenetworking" { - project = google_project.project.project_id - service = "servicenetworking.googleapis.com" -} - -resource "google_compute_network" "apigee_network" { - name = "apigee-network" - project = google_project.project.project_id - depends_on = [google_project_service.compute] -} - -resource "google_compute_global_address" "apigee_range" { - name = "apigee-range" - purpose = "VPC_PEERING" - address_type = "INTERNAL" - prefix_length = 16 - network = google_compute_network.apigee_network.id - project = google_project.project.project_id -} - -resource "google_service_networking_connection" "apigee_vpc_connection" { - network = google_compute_network.apigee_network.id - service = "servicenetworking.googleapis.com" - reserved_peering_ranges = [google_compute_global_address.apigee_range.name] - depends_on = [google_project_service.servicenetworking] -} - -resource "google_apigee_organization" "apigee_org" { - analytics_region = "us-central1" - project_id = google_project.project.project_id - authorized_network = google_compute_network.apigee_network.id - depends_on = [ - google_service_networking_connection.apigee_vpc_connection, - google_project_service.apigee, - ] -} - -resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { - org_id = google_apigee_organization.apigee_org.id - name = "tf-test%{random_suffix}" - description = "Apigee Environment" - display_name = "environment-1" -} diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb index d2e0ff043303..9079ea68f83f 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb @@ -1,11 +1,11 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "apigee-network" + name = "<%= ctx[:vars]['network_id'] %>" } resource "google_compute_global_address" "apigee_range" { - name = "apigee-range" + name = "<%= ctx[:vars]['network_range_id'] %>" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 @@ -18,7 +18,7 @@ resource "google_service_networking_connection" "apigee_vpc_connection" { reserved_peering_ranges = [google_compute_global_address.apigee_range.name] } -resource "google_apigee_organization" "org" { +resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { analytics_region = "us-central1" project_id = data.google_client_config.current.project authorized_network = google_compute_network.apigee_network.id diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb deleted file mode 100644 index 87fab9350fc3..000000000000 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb +++ /dev/null @@ -1,53 +0,0 @@ -resource "google_project" "project" { - project_id = "tf-test%{random_suffix}" - name = "tf-test%{random_suffix}" - org_id = "<%= ctx[:test_env_vars]['org_id'] %>" - billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" -} - -resource "google_project_service" "apigee" { - project = google_project.project.project_id - service = "apigee.googleapis.com" -} - -resource "google_project_service" "compute" { - project = google_project.project.project_id - service = "compute.googleapis.com" -} - -resource "google_project_service" "servicenetworking" { - project = google_project.project.project_id - service = "servicenetworking.googleapis.com" -} - -resource "google_compute_network" "apigee_network" { - name = "apigee-network" - project = google_project.project.project_id - depends_on = [google_project_service.compute] -} - -resource "google_compute_global_address" "apigee_range" { - name = "apigee-range" - purpose = "VPC_PEERING" - address_type = "INTERNAL" - prefix_length = 16 - network = google_compute_network.apigee_network.id - project = google_project.project.project_id -} - -resource "google_service_networking_connection" "apigee_vpc_connection" { - network = google_compute_network.apigee_network.id - service = "servicenetworking.googleapis.com" - reserved_peering_ranges = [google_compute_global_address.apigee_range.name] - depends_on = [google_project_service.servicenetworking] -} - -resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { - analytics_region = "us-central1" - project_id = google_project.project.project_id - authorized_network = google_compute_network.apigee_network.id - depends_on = [ - google_service_networking_connection.apigee_vpc_connection, - google_project_service.apigee, - ] -} diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb index a8435eba3343..1bde84ac0229 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb @@ -1,11 +1,11 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "apigee-network" + name = "<%= ctx[:vars]['network_id'] %>" } resource "google_compute_global_address" "apigee_range" { - name = "apigee-range" + name = "<%= ctx[:vars]['network_range_id'] %>" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 @@ -19,12 +19,12 @@ resource "google_service_networking_connection" "apigee_vpc_connection" { } resource "google_kms_key_ring" "apigee_keyring" { - name = "apigee-keyring" + name = "<%= ctx[:vars]['keyring_id'] %>" location = "us-central1" } resource "google_kms_crypto_key" "apigee_key" { - name = "apigee-key" + name = "<%= ctx[:vars]['key_id'] %>" key_ring = google_kms_key_ring.apigee_keyring.id lifecycle { @@ -34,8 +34,9 @@ resource "google_kms_crypto_key" "apigee_key" { resource "google_project_service_identity" "apigee_sa" { provider = google-beta - project = google_project.project.project_id - service = google_project_service.apigee.service + + project = data.google_client_config.current.project + service = "apigee.googleapis.com" } resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { @@ -47,7 +48,7 @@ resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { ] } -resource "google_apigee_organization" "org" { +resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { analytics_region = "us-central1" display_name = "apigee-org" description = "Terraform-provisioned Apigee Org." @@ -59,4 +60,4 @@ resource "google_apigee_organization" "org" { google_service_networking_connection.apigee_vpc_connection, google_kms_crypto_key_iam_binding.apigee_sa_keyuser, ] -} \ No newline at end of file +} diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb index bb059d56a92b..7a162f9631ed 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb @@ -1,93 +1,54 @@ -resource "google_project" "project" { - provider = google-beta - - project_id = "tf-test%{random_suffix}" - name = "tf-test%{random_suffix}" - org_id = "<%= ctx[:test_env_vars]['org_id'] %>" - billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" -} - -resource "google_project_service" "apigee" { - provider = google-beta - - project = google_project.project.project_id - service = "apigee.googleapis.com" -} - -resource "google_project_service" "compute" { - provider = google-beta - - project = google_project.project.project_id - service = "compute.googleapis.com" -} - -resource "google_project_service" "servicenetworking" { - provider = google-beta - - project = google_project.project.project_id - service = "servicenetworking.googleapis.com" -} - -resource "google_project_service" "kms" { - provider = google-beta - - project = google_project.project.project_id - service = "cloudkms.googleapis.com" +data "google_client_config" "current" { + provider = google-beta } resource "google_compute_network" "apigee_network" { - provider = google-beta + provider = google-beta - name = "apigee-network" - project = google_project.project.project_id - depends_on = [google_project_service.compute] + name = "<%= ctx[:vars]['network_id'] %>" } resource "google_compute_global_address" "apigee_range" { - provider = google-beta + provider = google-beta - name = "apigee-range" + name = "<%= ctx[:vars]['network_range_id'] %>" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 network = google_compute_network.apigee_network.id - project = google_project.project.project_id } resource "google_service_networking_connection" "apigee_vpc_connection" { - provider = google-beta + provider = google-beta network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.apigee_range.name] - depends_on = [google_project_service.servicenetworking] } resource "google_kms_key_ring" "apigee_keyring" { provider = google-beta - name = "apigee-keyring" - location = "us-central1" - project = google_project.project.project_id - depends_on = [google_project_service.kms] + name = "<%= ctx[:vars]['keyring_id'] %>" + location = "us-central1" } resource "google_kms_crypto_key" "apigee_key" { - provider = google-beta + provider = google-beta - name = "apigee-key" + name = "<%= ctx[:vars]['key_id'] %>" key_ring = google_kms_key_ring.apigee_keyring.id } resource "google_project_service_identity" "apigee_sa" { provider = google-beta - project = google_project.project.project_id - service = google_project_service.apigee.service + project = data.google_client_config.current.project + service = "apigee.googleapis.com" } resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { - provider = google-beta + provider = google-beta crypto_key_id = google_kms_crypto_key.apigee_key.id role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" @@ -98,12 +59,12 @@ resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { } resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { - provider = google-beta + provider = google-beta - display_name = "apigee-org" - description = "Terraform-managed Apigee Org" analytics_region = "us-central1" - project_id = google_project.project.project_id + display_name = "apigee-org" + description = "Terraform-provisioned Apigee Org." + project_id = data.google_client_config.current.project authorized_network = google_compute_network.apigee_network.id runtime_database_encryption_key_name = google_kms_crypto_key.apigee_key.id @@ -111,4 +72,4 @@ resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { google_service_networking_connection.apigee_vpc_connection, google_kms_crypto_key_iam_binding.apigee_sa_keyuser, ] -} \ No newline at end of file +} From 13f920695cd958ef51034658480694301222b28f Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Sun, 3 Oct 2021 07:17:55 +0000 Subject: [PATCH 02/14] Add support IAM policy for the Environment of Apigee X --- mmv1/products/apigee/api.yaml | 12 ++++++------ .../terraform/encoders/apigee_organization.go.erb | 2 ++ .../examples/apigee_environment_basic.tf.erb | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) create mode 100644 mmv1/templates/terraform/encoders/apigee_organization.go.erb diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index af4c8756f32c..3c540fe1e39a 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -209,8 +209,8 @@ objects: api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' - !ruby/object:Api::Resource name: 'Environment' - base_url: 'organizations/{{org_name}}/environments' - self_link: 'organizations/{{org_name}}/environments/{{name}}' + base_url: '{{org_id}}/environments' + self_link: '{{org_id}}/environments/{{name}}' async: !ruby/object:Api::OpAsync operation: !ruby/object:Api::OpAsync::Operation path: 'name' @@ -233,10 +233,10 @@ objects: iam_policy: !ruby/object:Api::Resource::IamPolicy exclude: false method_name_separator: ':' - parent_resource_attribute: 'env_name' - import_format: ["organizations/{{org_name}}/environments/{{name}}", "{{name}}"] - base_url: "organizations/{{org_name}}/environments/{{name}}" - self_link: "organizations/{{org_name}}/environments/{{name}}" + parent_resource_attribute: 'env_id' + import_format: ["{{org_id}}/environments/{{name}}", "{{name}}"] + base_url: "{{org_id}}/environments/{{name}}" + self_link: "{{org_id}}/environments/{{name}}" parameters: - !ruby/object:Api::Type::String name: 'orgName' diff --git a/mmv1/templates/terraform/encoders/apigee_organization.go.erb b/mmv1/templates/terraform/encoders/apigee_organization.go.erb new file mode 100644 index 000000000000..03c99cada236 --- /dev/null +++ b/mmv1/templates/terraform/encoders/apigee_organization.go.erb @@ -0,0 +1,2 @@ +obj["name"] = d.Get("project_id").(string) +return obj, nil diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb index ab7021b755ae..198eaad22a68 100644 --- a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb @@ -29,5 +29,5 @@ resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { name = "<%= ctx[:vars]['apigee_env_id'] %>" description = "Apigee Environment" display_name = "environment-1" - org_name = google_apigee_organization.apigee_org.name + org_id = google_apigee_organization.apigee_org.id } From 88604e6cd295db7b8de67b81cefaac5dbfab995d Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Sun, 3 Oct 2021 07:17:55 +0000 Subject: [PATCH 03/14] Add support IAM policy for the Environment of Apigee X --- mmv1/products/apigee/api.yaml | 5 ++- mmv1/products/apigee/terraform.yaml | 6 +++ .../custom_import/apigee_environment.go.erb | 42 +++++++++++++++++++ .../custom_import/apigee_organization.go.erb | 40 ++++++++++++++++++ 4 files changed, 91 insertions(+), 2 deletions(-) create mode 100644 mmv1/templates/terraform/custom_import/apigee_environment.go.erb create mode 100644 mmv1/templates/terraform/custom_import/apigee_organization.go.erb diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index 3c540fe1e39a..f43020f789f9 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -239,9 +239,10 @@ objects: self_link: "{{org_id}}/environments/{{name}}" parameters: - !ruby/object:Api::Type::String - name: 'orgName' + name: 'orgId' description: | - The Apigee Organization associated with the Apigee environment. + The Apigee Organization associated with the Apigee environment, + in the format `organizations/{{org_name}}`. required: true input: true url_param_only: true diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 7d03c394b829..a8a8fb480a41 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -59,6 +59,9 @@ overrides: !ruby/object:Overrides::ResourceOverrides timeouts: !ruby/object:Api::Timeouts insert_minutes: 10 delete_minutes: 10 + custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_organization.go.erb + encoder: templates/terraform/encoders/apigee_organization.go.erb Instance: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true import_format: ["{{org_id}}/instances/{{name}}", "{{org_id}}/{{name}}"] @@ -99,6 +102,7 @@ overrides: !ruby/object:Overrides::ResourceOverrides custom_import: templates/terraform/custom_import/apigee_instance.go.erb Environment: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true + import_format: ["{{org_id}}/environments/{{name}}", "{{org_id}}/{{name}}"] examples: - !ruby/object:Provider::Terraform::Examples name: "apigee_environment_basic" @@ -113,6 +117,8 @@ overrides: !ruby/object:Overrides::ResourceOverrides timeouts: !ruby/object:Api::Timeouts insert_minutes: 30 delete_minutes: 30 + custom_code: !ruby/object:Provider::Terraform::CustomCode + custom_import: templates/terraform/custom_import/apigee_environment.go.erb Envgroup: !ruby/object:Overrides::Terraform::ResourceOverride autogen_async: true import_format: ["{{org_id}}/envgroups/{{name}}", "{{org_id}}/{{name}}"] diff --git a/mmv1/templates/terraform/custom_import/apigee_environment.go.erb b/mmv1/templates/terraform/custom_import/apigee_environment.go.erb new file mode 100644 index 000000000000..cace71906631 --- /dev/null +++ b/mmv1/templates/terraform/custom_import/apigee_environment.go.erb @@ -0,0 +1,42 @@ +config := meta.(*Config) + +// current import_formats cannot import fields with forward slashes in their value +if err := parseImportId([]string{"(?P.+)"}, d, config); err != nil { + return nil, err +} + +nameParts := strings.Split(d.Get("name").(string), "/") +if len(nameParts) == 4 { + // `organizations/{{org_name}}/environments/{{name}}` + orgId := fmt.Sprintf("organizations/%s", nameParts[1]) + if err := d.Set("org_id", orgId); err != nil { + return nil, fmt.Errorf("Error setting org_id: %s", err) + } + if err := d.Set("name", nameParts[3]); err != nil { + return nil, fmt.Errorf("Error setting name: %s", err) + } +} else if len(nameParts) == 3 { + // `organizations/{{org_name}}/{{name}}` + orgId := fmt.Sprintf("organizations/%s", nameParts[1]) + if err := d.Set("org_id", orgId); err != nil { + return nil, fmt.Errorf("Error setting org_id: %s", err) + } + if err := d.Set("name", nameParts[2]); err != nil { + return nil, fmt.Errorf("Error setting name: %s", err) + } +} else { + return nil, fmt.Errorf( + "Saw %s when the name is expected to have shape %s or %s", + d.Get("name"), + "organizations/{{org_name}}/environments/{{name}}", + "organizations/{{org_name}}/{{name}}") +} + +// Replace import id for the resource id +id, err := replaceVars(d, config, "{{org_id}}/environments/{{name}}") +if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) +} +d.SetId(id) + +return []*schema.ResourceData{d}, nil diff --git a/mmv1/templates/terraform/custom_import/apigee_organization.go.erb b/mmv1/templates/terraform/custom_import/apigee_organization.go.erb new file mode 100644 index 000000000000..7107ac822b14 --- /dev/null +++ b/mmv1/templates/terraform/custom_import/apigee_organization.go.erb @@ -0,0 +1,40 @@ +config := meta.(*Config) + +// current import_formats can't import fields with forward slashes in their value +if err := parseImportId([]string{"(?P.+)"}, d, config); err != nil { + return nil, err +} + +parts := strings.Split(d.Get("name").(string), "/") + +var projectId string +switch len(parts) { + case 1: + projectId = parts[0] + case 2: + projectId = parts[1] + default: + return nil, fmt.Errorf( + "Saw %s when the name is expected to have shape %s or %s", + d.Get("name"), + "{{name}}", + "organizations/{{name}}", + ) +} + +if err := d.Set("name", projectId); err != nil { + return nil, fmt.Errorf("Error setting organization: %s", err) +} + +if err := d.Set("project_id", projectId); err != nil { + return nil, fmt.Errorf("Error setting organization: %s", err) +} + +// Replace import id for the resource id +id, err := replaceVars(d, config, "organizations/{{name}}") +if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) +} +d.SetId(id) + +return []*schema.ResourceData{d}, nil From 974e3d0c1bf6e47347e0696ec6aa06db66e006f3 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Sun, 3 Oct 2021 07:17:55 +0000 Subject: [PATCH 04/14] Add support IAM policy for the Environment of Apigee X --- mmv1/products/apigee/api.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index f43020f789f9..0323e8314cb4 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -209,7 +209,8 @@ objects: api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create' - !ruby/object:Api::Resource name: 'Environment' - base_url: '{{org_id}}/environments' + base_url: 'environments' + create_url: '{{org_id}}/environments' self_link: '{{org_id}}/environments/{{name}}' async: !ruby/object:Api::OpAsync operation: !ruby/object:Api::OpAsync::Operation From 702d8be1bf5219e62e2ad6206669da1b08da69dc Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Tue, 19 Oct 2021 18:05:57 +0000 Subject: [PATCH 05/14] Revert all changes to test files. --- mmv1/products/apigee/terraform.yaml | 62 +++++++-------- .../examples/apigee_environment_basic.tf.erb | 17 ++--- .../apigee_environment_basic_test.tf.erb | 60 +++++++++++++++ .../apigee_organization_cloud_basic.tf.erb | 7 +- ...pigee_organization_cloud_basic_test.tf.erb | 54 +++++++++++++ .../apigee_organization_cloud_full.tf.erb | 18 ++--- ...apigee_organization_cloud_full_test.tf.erb | 76 ++++++++++++++----- 7 files changed, 217 insertions(+), 77 deletions(-) create mode 100644 mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb create mode 100644 mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index a8a8fb480a41..fea76b759322 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -10,7 +10,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - --- !ruby/object:Provider::Terraform::Config overrides: !ruby/object:Overrides::ResourceOverrides Organization: !ruby/object:Overrides::Terraform::ResourceOverride @@ -18,44 +17,35 @@ overrides: !ruby/object:Overrides::ResourceOverrides examples: - !ruby/object:Provider::Terraform::Examples name: "apigee_organization_cloud_basic" - primary_resource_id: "apigee-org" - vars: - network_id: "apigee-network" - network_range_id: "apigee-range" + skip_test: true + - !ruby/object:Provider::Terraform::Examples + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + name: "apigee_organization_cloud_basic_test" + primary_resource_id: "org" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true # Resource creation race skip_vcr: true - !ruby/object:Provider::Terraform::Examples name: "apigee_organization_cloud_full" - primary_resource_id: "apigee-org" - vars: - network_id: "apigee-network" - network_range_id: "apigee-range" - keyring_id: "apigee-keyring" - key_id: "apigee-key" - # While all Apigee resources in this test are in the GA API, we depend - # on a service identity resource which is only available in the beta - # provider. - min_version: beta - # This example is for docs purpose only. - # For test to pass, google-beta-provider needs to be added to all - # resources, and KMS key lifecycle has to be removed. These are set - # in "apigee_organization_cloud_full_test" below. skip_test: true - !ruby/object:Provider::Terraform::Examples + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. While all Apigee + # resources in this test are in the GA API, we depend on a service + # identity resource which is only available in the beta provider. name: "apigee_organization_cloud_full_test" - primary_resource_id: "apigee-org" - vars: - network_id: "apigee-network" - network_range_id: "apigee-range" - keyring_id: "apigee-keyring" - key_id: "apigee-key" - # While all Apigee resources in this test are in the GA API, we depend - # on a service identity resource which is only available in the beta - # provider. + primary_resource_id: "org" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true min_version: beta # Resource creation race skip_vcr: true - skip_docs: true timeouts: !ruby/object:Api::Timeouts insert_minutes: 10 delete_minutes: 10 @@ -106,12 +96,16 @@ overrides: !ruby/object:Overrides::ResourceOverrides examples: - !ruby/object:Provider::Terraform::Examples name: "apigee_environment_basic" + skip_test: true + - !ruby/object:Provider::Terraform::Examples + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + name: "apigee_environment_basic_test" primary_resource_id: "apigee_environment" - primary_resource_name: "getTestProjectFromEnv(), fmt.Sprintf(\"tf-test-apigee-env%s\", context[\"random_suffix\"])" - vars: - network_id: "apigee-network" - network_range_id: "apigee-range" - apigee_env_id: "apigee-env" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true # Resource creation race skip_vcr: true timeouts: !ruby/object:Api::Timeouts diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb index 198eaad22a68..04da4189e0c8 100644 --- a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb @@ -1,23 +1,21 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "<%= ctx[:vars]['network_id'] %>" + name = "apigee-network" } resource "google_compute_global_address" "apigee_range" { - name = "<%= ctx[:vars]['network_range_id'] %>" + name = "apigee-range" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 network = google_compute_network.apigee_network.id } - resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.apigee_range.name] } - resource "google_apigee_organization" "apigee_org" { analytics_region = "us-central1" project_id = data.google_client_config.current.project @@ -25,9 +23,10 @@ resource "google_apigee_organization" "apigee_org" { depends_on = [google_service_networking_connection.apigee_vpc_connection] } -resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { - name = "<%= ctx[:vars]['apigee_env_id'] %>" - description = "Apigee Environment" - display_name = "environment-1" - org_id = google_apigee_organization.apigee_org.id +resource "google_apigee_environment" "env" { + name = "tf-test%{random_suffix}" + description = "Apigee Environment" + displayName = "environment-1" + org_id = google_apigee_organization.apigee_org.id } + diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb new file mode 100644 index 000000000000..b0fa1eb164ca --- /dev/null +++ b/mmv1/templates/terraform/examples/apigee_environment_basic_test.tf.erb @@ -0,0 +1,60 @@ +resource "google_project" "project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "<%= ctx[:test_env_vars]['org_id'] %>" + billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" +} + +resource "google_project_service" "apigee" { + project = google_project.project.project_id + service = "apigee.googleapis.com" +} + +resource "google_project_service" "compute" { + project = google_project.project.project_id + service = "compute.googleapis.com" +} + +resource "google_project_service" "servicenetworking" { + project = google_project.project.project_id + service = "servicenetworking.googleapis.com" +} + +resource "google_compute_network" "apigee_network" { + name = "apigee-network" + project = google_project.project.project_id + depends_on = [google_project_service.compute] +} + +resource "google_compute_global_address" "apigee_range" { + name = "apigee-range" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 16 + network = google_compute_network.apigee_network.id + project = google_project.project.project_id +} + +resource "google_service_networking_connection" "apigee_vpc_connection" { + network = google_compute_network.apigee_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.apigee_range.name] + depends_on = [google_project_service.servicenetworking] +} + +resource "google_apigee_organization" "apigee_org" { + analytics_region = "us-central1" + project_id = google_project.project.project_id + authorized_network = google_compute_network.apigee_network.id + depends_on = [ + google_service_networking_connection.apigee_vpc_connection, + google_project_service.apigee, + ] +} + +resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { + org_id = google_apigee_organization.apigee_org.id + name = "tf-test%{random_suffix}" + description = "Apigee Environment" + display_name = "environment-1" +} diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb index 9079ea68f83f..dae450621964 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb @@ -1,24 +1,23 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "<%= ctx[:vars]['network_id'] %>" + name = "apigee-network" } resource "google_compute_global_address" "apigee_range" { - name = "<%= ctx[:vars]['network_range_id'] %>" + name = "apigee-range" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 network = google_compute_network.apigee_network.id } - resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.apigee_range.name] } -resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { +resource "google_apigee_organization" "org" { analytics_region = "us-central1" project_id = data.google_client_config.current.project authorized_network = google_compute_network.apigee_network.id diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb new file mode 100644 index 000000000000..975fa8dc2b49 --- /dev/null +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb @@ -0,0 +1,54 @@ +resource "google_project" "project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "<%= ctx[:test_env_vars]['org_id'] %>" + billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" +} + +resource "google_project_service" "apigee" { + project = google_project.project.project_id + service = "apigee.googleapis.com" +} + +resource "google_project_service" "compute" { + project = google_project.project.project_id + service = "compute.googleapis.com" +} + +resource "google_project_service" "servicenetworking" { + project = google_project.project.project_id + service = "servicenetworking.googleapis.com" +} + +resource "google_compute_network" "apigee_network" { + name = "apigee-network" + project = google_project.project.project_id + depends_on = [google_project_service.compute] +} + +resource "google_compute_global_address" "apigee_range" { + name = "apigee-range" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 16 + network = google_compute_network.apigee_network.id + project = google_project.project.project_id +} + +resource "google_service_networking_connection" "apigee_vpc_connection" { + network = google_compute_network.apigee_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.apigee_range.name] + depends_on = [google_project_service.servicenetworking] +} + +resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { + analytics_region = "us-central1" + project_id = google_project.project.project_id + authorized_network = google_compute_network.apigee_network.id + depends_on = [ + google_service_networking_connection.apigee_vpc_connection, + google_project_service.apigee, + ] +} + diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb index 1bde84ac0229..12bb56f975af 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb @@ -1,17 +1,16 @@ data "google_client_config" "current" {} resource "google_compute_network" "apigee_network" { - name = "<%= ctx[:vars]['network_id'] %>" + name = "apigee-network" } resource "google_compute_global_address" "apigee_range" { - name = "<%= ctx[:vars]['network_range_id'] %>" + name = "apigee-range" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 network = google_compute_network.apigee_network.id } - resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" @@ -19,12 +18,12 @@ resource "google_service_networking_connection" "apigee_vpc_connection" { } resource "google_kms_key_ring" "apigee_keyring" { - name = "<%= ctx[:vars]['keyring_id'] %>" + name = "apigee-keyring" location = "us-central1" } resource "google_kms_crypto_key" "apigee_key" { - name = "<%= ctx[:vars]['key_id'] %>" + name = "apigee-key" key_ring = google_kms_key_ring.apigee_keyring.id lifecycle { @@ -34,28 +33,25 @@ resource "google_kms_crypto_key" "apigee_key" { resource "google_project_service_identity" "apigee_sa" { provider = google-beta - - project = data.google_client_config.current.project - service = "apigee.googleapis.com" + project = google_project.project.project_id + service = google_project_service.apigee.service } resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { crypto_key_id = google_kms_crypto_key.apigee_key.id role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" - members = [ "serviceAccount:${google_project_service_identity.apigee_sa.email}", ] } -resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { +resource "google_apigee_organization" "org" { analytics_region = "us-central1" display_name = "apigee-org" description = "Terraform-provisioned Apigee Org." project_id = data.google_client_config.current.project authorized_network = google_compute_network.apigee_network.id runtime_database_encryption_key_name = google_kms_crypto_key.apigee_key.id - depends_on = [ google_service_networking_connection.apigee_vpc_connection, google_kms_crypto_key_iam_binding.apigee_sa_keyuser, diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb index 7a162f9631ed..cc62f08fd427 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb @@ -1,70 +1,108 @@ -data "google_client_config" "current" { - provider = google-beta +resource "google_project" "project" { + provider = google-beta + + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "<%= ctx[:test_env_vars]['org_id'] %>" + billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" +} + +resource "google_project_service" "apigee" { + provider = google-beta + + project = google_project.project.project_id + service = "apigee.googleapis.com" +} + +resource "google_project_service" "compute" { + provider = google-beta + + project = google_project.project.project_id + service = "compute.googleapis.com" +} + +resource "google_project_service" "servicenetworking" { + provider = google-beta + + project = google_project.project.project_id + service = "servicenetworking.googleapis.com" +} + +resource "google_project_service" "kms" { + provider = google-beta + + project = google_project.project.project_id + service = "cloudkms.googleapis.com" } resource "google_compute_network" "apigee_network" { - provider = google-beta + provider = google-beta - name = "<%= ctx[:vars]['network_id'] %>" + name = "apigee-network" + project = google_project.project.project_id + depends_on = [google_project_service.compute] } resource "google_compute_global_address" "apigee_range" { - provider = google-beta + provider = google-beta - name = "<%= ctx[:vars]['network_range_id'] %>" + name = "apigee-range" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 16 network = google_compute_network.apigee_network.id + project = google_project.project.project_id } resource "google_service_networking_connection" "apigee_vpc_connection" { - provider = google-beta + provider = google-beta network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.apigee_range.name] + depends_on = [google_project_service.servicenetworking] } resource "google_kms_key_ring" "apigee_keyring" { provider = google-beta - name = "<%= ctx[:vars]['keyring_id'] %>" - location = "us-central1" + name = "apigee-keyring" + location = "us-central1" + project = google_project.project.project_id + depends_on = [google_project_service.kms] } resource "google_kms_crypto_key" "apigee_key" { - provider = google-beta + provider = google-beta - name = "<%= ctx[:vars]['key_id'] %>" + name = "apigee-key" key_ring = google_kms_key_ring.apigee_keyring.id } resource "google_project_service_identity" "apigee_sa" { provider = google-beta - project = data.google_client_config.current.project - service = "apigee.googleapis.com" + project = google_project.project.project_id + service = google_project_service.apigee.service } resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { - provider = google-beta + provider = google-beta crypto_key_id = google_kms_crypto_key.apigee_key.id role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" - members = [ "serviceAccount:${google_project_service_identity.apigee_sa.email}", ] } resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { - provider = google-beta + provider = google-beta - analytics_region = "us-central1" display_name = "apigee-org" - description = "Terraform-provisioned Apigee Org." - project_id = data.google_client_config.current.project + description = "Terraform-managed Apigee Org" + analytics_region = "us-central1" + project_id = google_project.project.project_id authorized_network = google_compute_network.apigee_network.id runtime_database_encryption_key_name = google_kms_crypto_key.apigee_key.id From c506d874a0f80e6fcb7368521eb34fb1b02e7519 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Tue, 19 Oct 2021 18:05:57 +0000 Subject: [PATCH 06/14] Revert all changes to test files. --- .../examples/apigee_organization_cloud_basic_test.tf.erb | 1 - 1 file changed, 1 deletion(-) diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb index 975fa8dc2b49..87fab9350fc3 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic_test.tf.erb @@ -51,4 +51,3 @@ resource "google_apigee_organization" "<%= ctx[:primary_resource_id] %>" { google_project_service.apigee, ] } - From 27bca670f0b615164248957ccc25ddace0902cad Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Tue, 19 Oct 2021 18:12:12 +0000 Subject: [PATCH 07/14] Revert all changes to test files. --- mmv1/products/apigee/terraform.yaml | 1 + .../terraform/examples/apigee_environment_basic.tf.erb | 2 ++ .../terraform/examples/apigee_organization_cloud_basic.tf.erb | 1 + .../terraform/examples/apigee_organization_cloud_full.tf.erb | 3 +++ .../examples/apigee_organization_cloud_full_test.tf.erb | 1 + 5 files changed, 8 insertions(+) diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index fea76b759322..038eecbc961e 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -10,6 +10,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + --- !ruby/object:Provider::Terraform::Config overrides: !ruby/object:Overrides::ResourceOverrides Organization: !ruby/object:Overrides::Terraform::ResourceOverride diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb index 04da4189e0c8..7d3eadbb8a66 100644 --- a/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_environment_basic.tf.erb @@ -11,11 +11,13 @@ resource "google_compute_global_address" "apigee_range" { prefix_length = 16 network = google_compute_network.apigee_network.id } + resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" reserved_peering_ranges = [google_compute_global_address.apigee_range.name] } + resource "google_apigee_organization" "apigee_org" { analytics_region = "us-central1" project_id = data.google_client_config.current.project diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb index dae450621964..d2e0ff043303 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_basic.tf.erb @@ -11,6 +11,7 @@ resource "google_compute_global_address" "apigee_range" { prefix_length = 16 network = google_compute_network.apigee_network.id } + resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb index 12bb56f975af..891fb47422a9 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full.tf.erb @@ -11,6 +11,7 @@ resource "google_compute_global_address" "apigee_range" { prefix_length = 16 network = google_compute_network.apigee_network.id } + resource "google_service_networking_connection" "apigee_vpc_connection" { network = google_compute_network.apigee_network.id service = "servicenetworking.googleapis.com" @@ -40,6 +41,7 @@ resource "google_project_service_identity" "apigee_sa" { resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { crypto_key_id = google_kms_crypto_key.apigee_key.id role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + members = [ "serviceAccount:${google_project_service_identity.apigee_sa.email}", ] @@ -52,6 +54,7 @@ resource "google_apigee_organization" "org" { project_id = data.google_client_config.current.project authorized_network = google_compute_network.apigee_network.id runtime_database_encryption_key_name = google_kms_crypto_key.apigee_key.id + depends_on = [ google_service_networking_connection.apigee_vpc_connection, google_kms_crypto_key_iam_binding.apigee_sa_keyuser, diff --git a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb index cc62f08fd427..32b47756f31a 100644 --- a/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb +++ b/mmv1/templates/terraform/examples/apigee_organization_cloud_full_test.tf.erb @@ -91,6 +91,7 @@ resource "google_kms_crypto_key_iam_binding" "apigee_sa_keyuser" { crypto_key_id = google_kms_crypto_key.apigee_key.id role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + members = [ "serviceAccount:${google_project_service_identity.apigee_sa.email}", ] From f4fde558b11b34bfd6241b7225a9a78ef267a2f9 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Tue, 19 Oct 2021 23:31:44 +0000 Subject: [PATCH 08/14] Add primary_resource_name to fix tests. --- mmv1/products/apigee/terraform.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 038eecbc961e..22ab424b4cb5 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -103,6 +103,7 @@ overrides: !ruby/object:Overrides::ResourceOverrides # the resources needed for the acceptance test. name: "apigee_environment_basic_test" primary_resource_id: "apigee_environment" + primary_resource_name: "getTestProjectFromEnv(), fmt.Sprintf(\"tf-test-apigee-env%s\", context[\"random_suffix\"])" test_env_vars: org_id: :ORG_ID billing_account: :BILLING_ACCT From 0c4ac429ba58da7e73eea5f669469f497f765875 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Mon, 25 Oct 2021 21:34:35 +0000 Subject: [PATCH 09/14] Update iam_attributes.tf.erb to honor skip_test. --- mmv1/templates/terraform/iam/iam_attributes.tf.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mmv1/templates/terraform/iam/iam_attributes.tf.erb b/mmv1/templates/terraform/iam/iam_attributes.tf.erb index a67618cf232a..94d98aed6467 100644 --- a/mmv1/templates/terraform/iam/iam_attributes.tf.erb +++ b/mmv1/templates/terraform/iam/iam_attributes.tf.erb @@ -1,4 +1,4 @@ -<% example = object.examples +<% example = object.examples.reject(&:skip_test) .reject { |e| @api.version_obj_or_closest(version) < @api.version_obj_or_closest(e.min_version) } .first -%> <% self_link_url = object.iam_policy.self_link || object.self_link_url -%> @@ -11,4 +11,4 @@ <% attribute_val = p.underscore -%> <% end -%> <%= attribute_val.underscore -%> = <%= parent_resource_type_type -%>.<%= example.primary_resource_id -%>.<%= p.underscore %> -<% end -%> \ No newline at end of file +<% end -%> From 4c435e5958870fd76de6b34b25c8a6474231fd46 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Wed, 27 Oct 2021 19:14:41 +0000 Subject: [PATCH 10/14] Don't reject skip_tests when example is nil. --- mmv1/templates/terraform/iam/iam_attributes.tf.erb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/mmv1/templates/terraform/iam/iam_attributes.tf.erb b/mmv1/templates/terraform/iam/iam_attributes.tf.erb index 94d98aed6467..171e3f258e28 100644 --- a/mmv1/templates/terraform/iam/iam_attributes.tf.erb +++ b/mmv1/templates/terraform/iam/iam_attributes.tf.erb @@ -1,6 +1,11 @@ <% example = object.examples.reject(&:skip_test) .reject { |e| @api.version_obj_or_closest(version) < @api.version_obj_or_closest(e.min_version) } - .first -%> + .first -%> +<% if !example -%> +<% example = object.examples + .reject { |e| @api.version_obj_or_closest(version) < @api.version_obj_or_closest(e.min_version) } + .first -%> +<% end -%> <% self_link_url = object.iam_policy.self_link || object.self_link_url -%> <% parent_resource_last_param_name = extract_identifiers(self_link_url).last -%> <% parent_resource_type_type = object.iam_policy.parent_resource_type || resource_ns -%> From 68d42494227c9f32a54ccbef84158123e74e1f85 Mon Sep 17 00:00:00 2001 From: xuchenma <67921399+xuchenma@users.noreply.github.com> Date: Fri, 5 Nov 2021 11:35:37 -0700 Subject: [PATCH 11/14] Update mmv1/products/apigee/api.yaml Co-authored-by: Stephen Lewis (Burrows) --- mmv1/products/apigee/api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index 0323e8314cb4..3f0c46710d8a 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -235,7 +235,7 @@ objects: exclude: false method_name_separator: ':' parent_resource_attribute: 'env_id' - import_format: ["{{org_id}}/environments/{{name}}", "{{name}}"] + import_format: ["{{%org_id}}/environments/{{name}}", "{{name}}"] base_url: "{{org_id}}/environments/{{name}}" self_link: "{{org_id}}/environments/{{name}}" parameters: From 5586f70d77a82736bc504693be69cdce099cc6fd Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Wed, 10 Nov 2021 19:40:16 +0000 Subject: [PATCH 12/14] Fix primary_resource_name for apigee organization name. --- mmv1/products/apigee/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 3d3169bb5cda..d3e700cecc20 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -103,7 +103,7 @@ overrides: !ruby/object:Overrides::ResourceOverrides # the resources needed for the acceptance test. name: "apigee_environment_basic_test" primary_resource_id: "apigee_environment" - primary_resource_name: "getTestProjectFromEnv(), fmt.Sprintf(\"tf-test-apigee-env%s\", context[\"random_suffix\"])" + primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", context[\"random_suffix\"]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" test_env_vars: org_id: :ORG_ID billing_account: :BILLING_ACCT From 91a586bf0358afc1829f51923ce8a83e76b33d30 Mon Sep 17 00:00:00 2001 From: Xuchen Ma Date: Fri, 1 Apr 2022 00:38:11 +0000 Subject: [PATCH 13/14] Add deploymentType and apiProxyType to ApigeeEnvironment. --- mmv1/products/apigee/api.yaml | 25 ++++++++ mmv1/products/apigee/terraform.yaml | 15 +++++ ...basic_deployment_apiproxy_type_test.tf.erb | 64 +++++++++++++++++++ 3 files changed, 104 insertions(+) create mode 100644 mmv1/templates/terraform/examples/apigee_environment_basic_deployment_apiproxy_type_test.tf.erb diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index e6422178aa63..65fb328f7a09 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -277,6 +277,31 @@ objects: Description of the environment. required: false input: true + - !ruby/object:Api::Type::Enum + name: 'deploymentType' + description: | + Optional. Deployment type supported by the environment. The deployment type can be + set when creating the environment and cannot be changed. When you enable archive + deployment, you will be prevented from performing a subset of actions within the + environment, including:\ + Managing the deployment of API proxy or shared flow revisions;\ + Creating, updating, or deleting resource files;\ + Creating, updating, or deleting target servers; + values: + - "DEPLOYMENT_TYPE_UNSPECIFIED" + - "PROXY" + - "ARCHIVE" + input: true + - !ruby/object:Api::Type::Enum + name: 'apiProxyType' + description: | + Optional. API Proxy type supported by the environment. The type can be set when creating + the Environment and cannot be changed. + values: + - "API_PROXY_TYPE_UNSPECIFIED" + - "PROGRAMMABLE" + - "CONFIGURABLE" + input: true references: !ruby/object:Api::Resource::ReferenceLinks guides: 'Creating an environment': diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 175ddb64893f..bcb8e187276c 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -144,6 +144,21 @@ overrides: !ruby/object:Overrides::ResourceOverrides skip_docs: true # Resource creation race skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: "apigee_environment_basic_deployment_apiproxy_type_test" + primary_resource_id: "apigee_environment" + primary_resource_name: "fmt.Sprintf(\"organizations/tf-test%s\", context[\"random_suffix\"]), fmt.Sprintf(\"tf-test%s\", context[\"random_suffix\"])" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + # Resource creation race + skip_vcr: true + properties: + deploymentType: !ruby/object:Overrides::Terraform::PropertyOverride + default_from_api: true + apiProxyType: !ruby/object:Overrides::Terraform::PropertyOverride + default_from_api: true timeouts: !ruby/object:Api::Timeouts insert_minutes: 30 delete_minutes: 30 diff --git a/mmv1/templates/terraform/examples/apigee_environment_basic_deployment_apiproxy_type_test.tf.erb b/mmv1/templates/terraform/examples/apigee_environment_basic_deployment_apiproxy_type_test.tf.erb new file mode 100644 index 000000000000..dc79ceb0668f --- /dev/null +++ b/mmv1/templates/terraform/examples/apigee_environment_basic_deployment_apiproxy_type_test.tf.erb @@ -0,0 +1,64 @@ +resource "google_project" "project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "<%= ctx[:test_env_vars]['org_id'] %>" + billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" +} + +resource "google_project_service" "apigee" { + project = google_project.project.project_id + service = "apigee.googleapis.com" +} + +resource "google_project_service" "servicenetworking" { + project = google_project.project.project_id + service = "servicenetworking.googleapis.com" + depends_on = [google_project_service.apigee] +} + +resource "google_project_service" "compute" { + project = google_project.project.project_id + service = "compute.googleapis.com" + depends_on = [google_project_service.servicenetworking] +} + +resource "google_compute_network" "apigee_network" { + name = "apigee-network" + project = google_project.project.project_id + depends_on = [google_project_service.compute] +} + +resource "google_compute_global_address" "apigee_range" { + name = "apigee-range" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 16 + network = google_compute_network.apigee_network.id + project = google_project.project.project_id +} + +resource "google_service_networking_connection" "apigee_vpc_connection" { + network = google_compute_network.apigee_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.apigee_range.name] + depends_on = [google_project_service.servicenetworking] +} + +resource "google_apigee_organization" "apigee_org" { + analytics_region = "us-central1" + project_id = google_project.project.project_id + authorized_network = google_compute_network.apigee_network.id + depends_on = [ + google_service_networking_connection.apigee_vpc_connection, + google_project_service.apigee, + ] +} + +resource "google_apigee_environment" "<%= ctx[:primary_resource_id] %>" { + org_id = google_apigee_organization.apigee_org.id + name = "tf-test%{random_suffix}" + description = "Apigee Environment" + display_name = "environment-1" + deployment_type = "PROXY" + api_proxy_type = "PROGRAMMABLE" +} From 3511bac33ce504cd30df620d3feaed3bee384677 Mon Sep 17 00:00:00 2001 From: Cameron Thornton Date: Mon, 4 Apr 2022 12:03:59 -0500 Subject: [PATCH 14/14] Update mmv1/products/apigee/api.yaml --- mmv1/products/apigee/api.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index 65fb328f7a09..d30d65592889 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -283,10 +283,10 @@ objects: Optional. Deployment type supported by the environment. The deployment type can be set when creating the environment and cannot be changed. When you enable archive deployment, you will be prevented from performing a subset of actions within the - environment, including:\ - Managing the deployment of API proxy or shared flow revisions;\ - Creating, updating, or deleting resource files;\ - Creating, updating, or deleting target servers; + environment, including: + Managing the deployment of API proxy or shared flow revisions; + Creating, updating, or deleting resource files; + Creating, updating, or deleting target servers. values: - "DEPLOYMENT_TYPE_UNSPECIFIED" - "PROXY"