diff --git a/mmv1/third_party/terraform/tests/resource_eventarc_channel_test.go.erb b/mmv1/third_party/terraform/tests/resource_eventarc_channel_test.go.erb new file mode 100644 index 000000000000..9e7975d14f81 --- /dev/null +++ b/mmv1/third_party/terraform/tests/resource_eventarc_channel_test.go.erb @@ -0,0 +1,211 @@ +<% autogen_exception -%> +package google + +import ( + "context" + "fmt" + "strings" + "testing" + + dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + <% if version == "ga" -%> + eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc" + <% else -%> + eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc/beta" + <% end %> + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func TestAccEventarcChannel_basic(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "region": getTestRegionFromEnv(), + "project_name": getTestProjectFromEnv(), + "random_suffix": randString(t, 10), + } + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEventarcChannelDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccEventarcChannel_basic(context), + }, + { + ResourceName: "google_eventarc_channel.primary", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccEventarcChannel_cryptoKeyUpdate(t *testing.T) { + t.Parallel() + + region := getTestRegionFromEnv() + key1 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key1") + key2 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key2") + + context := map[string]interface{}{ + "region": region, + "project_name": getTestProjectFromEnv(), + "key_ring": GetResourceNameFromSelfLink(key1.KeyRing.Name), + "key1": GetResourceNameFromSelfLink(key1.CryptoKey.Name), + "key2": GetResourceNameFromSelfLink(key2.CryptoKey.Name), + "random_suffix": randString(t, 10), + } + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEventarcChannelDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccEventarcChannel_setCryptoKey(context), + }, + { + ResourceName: "google_eventarc_channel.primary", + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccEventarcChannel_cryptoKeyUpdate(context), + }, + { + ResourceName: "google_eventarc_channel.primary", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccEventarcChannel_basic(context map[string]interface{}) string { + return Nprintf(` +data "google_project" "test_project" { + project_id = "%{project_name}" +} + +resource "google_eventarc_channel" "primary" { + location = "%{region}" + name = "tf-test-name%{random_suffix}" + third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog" +} +`, context) +} + +func testAccEventarcChannel_setCryptoKey(context map[string]interface{}) string { + return Nprintf(` +data "google_project" "test_project" { + project_id = "%{project_name}" +} + +data "google_kms_key_ring" "test_key_ring" { + name = "%{key_ring}" + location = "us-central1" +} + +data "google_kms_crypto_key" "key1" { + name = "%{key1}" + key_ring = data.google_kms_key_ring.test_key_ring.id +} + + +resource "google_kms_crypto_key_iam_binding" "key1_binding" { + crypto_key_id = data.google_kms_crypto_key.key1.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + members = [ + "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com", + ] +} + +resource "google_eventarc_channel" "primary" { + location = "%{region}" + name = "tf-test-name%{random_suffix}" + crypto_key_name = data.google_kms_crypto_key.key1.id + third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog" + depends_on = [google_kms_crypto_key_iam_binding.key1_binding] +} +`, context) +} + +func testAccEventarcChannel_cryptoKeyUpdate(context map[string]interface{}) string { + return Nprintf(` +data "google_project" "test_project" { + project_id = "%{project_name}" +} + +data "google_kms_key_ring" "test_key_ring" { + name = "%{key_ring}" + location = "us-central1" +} + +data "google_kms_crypto_key" "key2" { + name = "%{key2}" + key_ring = data.google_kms_key_ring.test_key_ring.id +} + +resource "google_kms_crypto_key_iam_binding" "key2_binding" { + crypto_key_id = data.google_kms_crypto_key.key2.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + members = [ + "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com", + ] +} + +resource "google_eventarc_channel" "primary" { + location = "%{region}" + name = "tf-test-name%{random_suffix}" + crypto_key_name= data.google_kms_crypto_key.key2.id + third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog" + depends_on = [google_kms_crypto_key_iam_binding.key2_binding] +} +`, context) +} + +func testAccCheckEventarcChannelDestroyProducer(t *testing.T) func(s *terraform.State) error { + return func(s *terraform.State) error { + for name, rs := range s.RootModule().Resources { + if rs.Type != "rs.google_eventarc_channel" { + continue + } + if strings.HasPrefix(name, "data.") { + continue + } + + config := googleProviderConfig(t) + + billingProject := "" + if config.BillingProject != "" { + billingProject = config.BillingProject + } + + obj := &eventarc.Channel{ + Location: dcl.String(rs.Primary.Attributes["location"]), + Name: dcl.String(rs.Primary.Attributes["name"]), + CryptoKeyName: dcl.String(rs.Primary.Attributes["crypto_key_name"]), + Project: dcl.StringOrNil(rs.Primary.Attributes["project"]), + ThirdPartyProvider: dcl.String(rs.Primary.Attributes["third_party_provider"]), + ActivationToken: dcl.StringOrNil(rs.Primary.Attributes["activation_token"]), + CreateTime: dcl.StringOrNil(rs.Primary.Attributes["create_time"]), + PubsubTopic: dcl.StringOrNil(rs.Primary.Attributes["pubsub_topic"]), + State: eventarc.ChannelStateEnumRef(rs.Primary.Attributes["state"]), + Uid: dcl.StringOrNil(rs.Primary.Attributes["uid"]), + UpdateTime: dcl.StringOrNil(rs.Primary.Attributes["update_time"]), + } + + client := NewDCLEventarcClient(config, config.userAgent, billingProject, 0) + _, err := client.GetChannel(context.Background(), obj) + if err == nil { + return fmt.Errorf("google_eventarc_channel still exists %v", obj) + } + } + return nil + } +} diff --git a/mmv1/third_party/terraform/tests/resource_eventarc_trigger_test.go.erb b/mmv1/third_party/terraform/tests/resource_eventarc_trigger_test.go.erb new file mode 100644 index 000000000000..21656cbfc9ec --- /dev/null +++ b/mmv1/third_party/terraform/tests/resource_eventarc_trigger_test.go.erb @@ -0,0 +1,175 @@ +<% autogen_exception -%> +package google + +import ( + "context" + "fmt" + "strings" + "testing" + + dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + <% if version == "ga" -%> + eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc" + <% else -%> + eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc/beta" + <% end %> + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + + +func TestAccEventarcTrigger_channel(t *testing.T) { + t.Parallel() + + region := getTestRegionFromEnv() + key1 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key1") + key2 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key2") + + context := map[string]interface{}{ + "region": region, + "project_name": getTestProjectFromEnv(), + "service_account": getTestServiceAccountFromEnv(t), + "key_ring": GetResourceNameFromSelfLink(key1.KeyRing.Name), + "key1": GetResourceNameFromSelfLink(key1.CryptoKey.Name), + "key2": GetResourceNameFromSelfLink(key2.CryptoKey.Name), + "random_suffix": randString(t, 10), + } + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEventarcChannelTriggerDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccEventarcTrigger_createTriggerWithChannelName(context), + }, + { + ResourceName: "google_eventarc_trigger.primary", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccEventarcTrigger_createTriggerWithChannelName(context map[string]interface{}) string { + return Nprintf(` +data "google_project" "test_project" { + project_id = "%{project_name}" +} + +data "google_kms_key_ring" "test_key_ring" { + name = "%{key_ring}" + location = "us-central1" +} + +data "google_kms_crypto_key" "key1" { + name = "%{key1}" + key_ring = data.google_kms_key_ring.test_key_ring.id +} + + +resource "google_kms_crypto_key_iam_binding" "key1_binding" { + crypto_key_id = data.google_kms_crypto_key.key1.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + members = [ + "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com", + ] +} + +resource "google_eventarc_channel" "test_channel" { + location = "%{region}" + name = "tf-test-channel%{random_suffix}" + crypto_key_name = data.google_kms_crypto_key.key1.id + third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog" + depends_on = [google_kms_crypto_key_iam_binding.key1_binding] +} + +resource "google_cloud_run_service" "default" { + name = "tf-test-eventarc-service%{random_suffix}" + location = "%{region}" + + metadata { + namespace = "%{project_name}" + } + + template { + spec { + containers { + image = "gcr.io/cloudrun/hello" + ports { + container_port = 8080 + } + } + container_concurrency = 50 + timeout_seconds = 100 + } + } + + traffic { + percent = 100 + latest_revision = true + } +} + +resource "google_eventarc_trigger" "primary" { + name = "tf-test-trigger%{random_suffix}" + location = "%{region}" + matching_criteria { + attribute = "type" + value = "datadog.v1.alert" + } + destination { + cloud_run_service { + service = google_cloud_run_service.default.name + region = "%{region}" + } + } + service_account= "%{service_account}" + + channel = "projects/${data.google_project.test_project.project_id}/locations/%{region}/channels/${google_eventarc_channel.test_channel.name}" + + depends_on =[google_cloud_run_service.default,google_eventarc_channel.test_channel] +} +`, context) +} + +func testAccCheckEventarcChannelTriggerDestroyProducer(t *testing.T) func(s *terraform.State) error { + return func(s *terraform.State) error { + for name, rs := range s.RootModule().Resources { + if rs.Type != "rs.google_eventarc_trigger" { + continue + } + if strings.HasPrefix(name, "data.") { + continue + } + + config := googleProviderConfig(t) + + billingProject := "" + if config.BillingProject != "" { + billingProject = config.BillingProject + } + + obj := &eventarc.Trigger{ + Location: dcl.String(rs.Primary.Attributes["location"]), + Name: dcl.String(rs.Primary.Attributes["name"]), + Project: dcl.StringOrNil(rs.Primary.Attributes["project"]), + ServiceAccount: dcl.String(rs.Primary.Attributes["service_account"]), + CreateTime: dcl.StringOrNil(rs.Primary.Attributes["create_time"]), + Etag: dcl.StringOrNil(rs.Primary.Attributes["etag"]), + Uid: dcl.StringOrNil(rs.Primary.Attributes["uid"]), + UpdateTime: dcl.StringOrNil(rs.Primary.Attributes["update_time"]), + Channel: dcl.StringOrNil(rs.Primary.Attributes["channel"]), + } + + client := NewDCLEventarcClient(config, config.userAgent, billingProject, 0) + _, err := client.GetTrigger(context.Background(), obj) + if err == nil { + return fmt.Errorf("google_eventarc_trigger still exists %v", obj) + } + } + return nil + } +} diff --git a/tpgtools/main.go b/tpgtools/main.go index 1e02caf73e3d..47541e7f0f54 100644 --- a/tpgtools/main.go +++ b/tpgtools/main.go @@ -128,6 +128,7 @@ func skipResource(r *Resource) bool { if sFilter != nil && *sFilter != "" && DCLPackageName(*sFilter) != r.ProductMetadata().PackageName { return true } + // skip filtered resources if rFilter != nil && *rFilter != "" && SnakeCaseTerraformResourceName(*rFilter) != r.Name() { return true diff --git a/tpgtools/overrides/eventarc/beta/channel.yaml b/tpgtools/overrides/eventarc/beta/channel.yaml new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/tpgtools/overrides/eventarc/beta/trigger.yaml b/tpgtools/overrides/eventarc/beta/trigger.yaml index c12b6698fff4..2b02fd09b9ce 100644 --- a/tpgtools/overrides/eventarc/beta/trigger.yaml +++ b/tpgtools/overrides/eventarc/beta/trigger.yaml @@ -11,5 +11,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -- type: EXCLUDE - field: channel + diff --git a/tpgtools/overrides/eventarc/channel.yaml b/tpgtools/overrides/eventarc/channel.yaml new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/tpgtools/overrides/eventarc/samples/channel/basic.tf.tmpl b/tpgtools/overrides/eventarc/samples/channel/basic.tf.tmpl new file mode 100644 index 000000000000..b1f4e3e8a86e --- /dev/null +++ b/tpgtools/overrides/eventarc/samples/channel/basic.tf.tmpl @@ -0,0 +1,31 @@ +data "google_project" "test_project" { + project_id = "{{project-id}}" +} + +data "google_kms_key_ring" "test_key_ring" { + name = "{{keyring}}" + location = "{{region}}" +} + +data "google_kms_crypto_key" "key" { + name = "{{key}}" + key_ring = data.google_kms_key_ring.test_key_ring.id +} + +resource "google_kms_crypto_key_iam_binding" "key1_binding" { + crypto_key_id = data.google_kms_crypto_key.key1.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + members = [ + "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com", + ] +} + +resource "google_eventarc_channel" "primary" { + location = "{{region}}" + name = "{{channel}}" + project = "${data.google_project.test_project.project_id}" + crypto_key_name = "${data.google_kms_crypto_key.key1.id}" + third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/{{region}}/providers/datadog" + depends_on = [google_kms_crypto_key_iam_binding.key1_binding] +} \ No newline at end of file diff --git a/tpgtools/overrides/eventarc/samples/channel/basic.yaml b/tpgtools/overrides/eventarc/samples/channel/basic.yaml new file mode 100644 index 000000000000..b90664e7577d --- /dev/null +++ b/tpgtools/overrides/eventarc/samples/channel/basic.yaml @@ -0,0 +1,11 @@ +variables: + - name: "project-id" + type: "project" + - name: "region" + type: "region" + - name: "keyring" + type: "resource_name" + - name: "key" + type: "resource_name" + - name: "channel" + type: "resource_name" diff --git a/tpgtools/overrides/eventarc/samples/channel/meta.yaml b/tpgtools/overrides/eventarc/samples/channel/meta.yaml new file mode 100644 index 000000000000..ae5bc4975b88 --- /dev/null +++ b/tpgtools/overrides/eventarc/samples/channel/meta.yaml @@ -0,0 +1,8 @@ +# meta.yaml +# +# +# We are hiding the terraform template because the test's for an Eventarc Channel are handwritten in mmv1. We are handwriting the +# kms key and ring constraints to bootstrap those dependencies to avoid creating a whole new project for the test. +# However we want to generate the docs for a channel on the registry. We make tpgtools do this without it generating a test +test_hide: + - basic.tf.tmpl diff --git a/tpgtools/overrides/eventarc/trigger.yaml b/tpgtools/overrides/eventarc/trigger.yaml index c12b6698fff4..13ed711e62fe 100644 --- a/tpgtools/overrides/eventarc/trigger.yaml +++ b/tpgtools/overrides/eventarc/trigger.yaml @@ -11,5 +11,3 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -- type: EXCLUDE - field: channel