Adding AuthorizedOrgsDesc to AccessContextManager #7178
Conversation
… Other changes require destructive updates.
…h can be updated in-place and which cannot. Also updated some description strings.
|
Oops! It looks like you're using an unknown release-note type in your changelog entries:
Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md. |
|
Hello! I am a robot who works on Magic Modules PRs. I've detected that you're a community contributor. @shuyama1, a repository maintainer, has been assigned to assist you and help review your changes. ❓ First time contributing? Click here for more detailsYour assigned reviewer will help review your code by:
You can help make sure that review is quick by running local tests and ensuring they're passing in between each push you make to your PR's branch. Also, try to leave a comment with each push you make, as pushes generally don't generate emails. If your reviewer doesn't get back to you within a week after your most recent change, please feel free to leave a comment on the issue asking them to take a look! In the absence of a dedicated review dashboard most maintainers manage their pending reviews through email, and those will sometimes get lost in their inbox. |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 4 files changed, 712 insertions(+), 2 deletions(-)) |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 713 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccAccessContextManager|TestAccFirebaserulesRelease_BasicRelease|TestAccRegionInstanceGroupManager_stateful|TestAccAccessContextManagerAuthorizedOrgsDesc_accessContextManagerAuthorizedOrgsDescBasicExample|TestAccContainerCluster_failedCreation |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 694 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccAccessContextManager|TestAccContainerCluster_failedCreation |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 695 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccAccessContextManager|TestAccContainerCluster_failedCreation |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 694 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccAccessContextManager|TestAccContainerCluster_failedCreation|TestAccFirebaserulesRelease_BasicRelease |
…er_authorized_orgs_desc_test.go Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
…er_authorized_orgs_desc_test.go Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
…er_authorized_orgs_desc_test.go Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
…er_authorized_orgs_desc_test.go Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com>
|
/gcbrun |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 697 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Errors occurred during REPLAYING mode. Please fix them to complete your PR |
mmv1/third_party/terraform/tests/resource_access_context_manager_authorized_orgs_desc_test.go
Outdated
Show resolved
Hide resolved
…er_authorized_orgs_desc_test.go
|
/gcbrun |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 697 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenFound 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected testsTestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample|TestAccFirebaserulesRelease_BasicRelease |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
| - !ruby/object:Api::Type::Time | ||
| name: 'createTime' | ||
| description: | | ||
| Time the AuthorizedOrgsDesc was created in UTC. | ||
| output: true | ||
| - !ruby/object:Api::Type::Time | ||
| name: 'updateTime' | ||
| description: | | ||
| Time the AuthorizedOrgsDesc was updated in UTC. | ||
| output: true |
There was a problem hiding this comment.
We can remove these two fields as they may not be useful for Terraform users
| - !ruby/object:Api::Type::Enum | ||
| name: assetType | ||
| input: true | ||
| description: | | ||
| The type of entities that need to use the authorization relationship during | ||
| evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and | ||
| "ASSET_TYPE_CREDENTIAL_STRENGTH". | ||
| values: | ||
| - :ASSET_TYPE_UNSPECIFIED | ||
| - :ASSET_TYPE_DEVICE | ||
| - :ASSET_TYPE_CREDENTIAL_STRENGTH | ||
| - !ruby/object:Api::Type::Enum | ||
| name: authorizationDirection | ||
| input: true | ||
| description: | | ||
| The direction of the authorization relationship between this organization | ||
| and the organizations listed in the "orgs" field. The valid values for this | ||
| field include the following: | ||
|
|
||
| AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic | ||
| in the organizations listed in the `orgs` field. | ||
|
|
||
| AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs` | ||
| field to evaluate the traffic in this organization. | ||
|
|
||
| For the authorization relationship to take effect, all of the organizations | ||
| must authorize and specify the appropriate relationship direction. For | ||
| example, if organization A authorized organization B and C to evaluate its | ||
| traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization | ||
| direction, organizations B and C must specify | ||
| "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their | ||
| "AuthorizedOrgsDesc" resource. | ||
| values: | ||
| - :AUTHORIZATION_DIRECTION_UNSPECIFIED | ||
| - :AUTHORIZATION_DIRECTION_TO | ||
| - :AUTHORIZATION_DIRECTION_FROM | ||
| - !ruby/object:Api::Type::Enum | ||
| name: authorizationType | ||
| input: true | ||
| description: | | ||
| A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST". | ||
| values: | ||
| - :AUTHORIZATION_TYPE_UNSPECIFIED | ||
| - :AUTHORIZATION_TYPE_TRUST |
There was a problem hiding this comment.
Is there a server-side default values for these fields -- Does API return values for them if they are not explicitly specified?
Also should we remove *_UNSPECIFIED values? My understanding is that they are not valid values for users to specify.
There was a problem hiding this comment.
There are no server-side default values for assetType, authorizationDirection, or authorizationType. The user must specify them.
The *_UNSPECIFIED values exist under the hood, which is why I added them in the code here, but they cannot be used so IMO it's reasonable to remove them here.
|
/gcbrun |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 5 files changed, 697 insertions(+), 2 deletions(-)) |
Tests analyticsTotal tests: Action takenFound 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected testsTestAccFirebaserulesRelease_BasicRelease|TestAccComputeForwardingRule_update|TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
Adding AuthorizedOrgsDesc to AccessContextManager (GoogleCloudPlatform#7178) Allow project field in Firebase apps datasource (GoogleCloudPlatform#7300) * Allow project field in Firebase apps datasource * Add tf_test to the display name * update to capitalized dependencies Rename compute_(region)_per_instance_config test files to .erb files … (GoogleCloudPlatform#7409) * Rename compute_(region)_per_instance_config test files to .erb files since the resources have fields in beta. * Omit stateful_ip tests for GA Bootstrap network cleanup (GoogleCloudPlatform#7367) * Update bootstrapped networks for alloydb * Update bootstrapped networks for redis * Update bootstrapped networks for vertexai * Update comment for BootstrapSharedTestNetwork to be more clear Fix override directory concat (GoogleCloudPlatform#7413) Bootstrap required permissions for composer environment tests (GoogleCloudPlatform#7391) * Bootstrap the required permissions * Make BootstrapAllPSARoles actually work Also adds some helper functions for debugging what the bootstrap function does. It will now log the roles that were missing in the policy. * Add missing return, fix nits * Fix typo in service agent name * Account for newly exported test functions Add maintenance_interval field to Instance Template and Instance scheduling. (GoogleCloudPlatform#7365) * Move testing to handwritten * Move testing to handwritten * Fix lint * Fix typo * Add remove step and update documentation * Add remove step and update documentation * Fix comparing string to nil * Add field to handwritten defs * rebase on main & resolve conflicts * Fix doc formatting * Add maintenance interval to Instance resource * Add maintenance interval to Instance resource * Add maintenance interval to Instance resource * Change function names to valid * Fix type mismatch * Fix type mismatch * Fix function name Fix naming of resource policies in tests to be sweepable (GoogleCloudPlatform#7412) Skip TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample (GoogleCloudPlatform#7415) Add support for Apigee Sharedflow (GoogleCloudPlatform#7202) * added sharedflows mmv1 with error * fix indentation issue for sharedflow * add semi auto generated resourceApigeeSharedFlow * remove sharedflow mmv1 and add sharedflow manual provider * adding files for debugging review, test have issue * adding files for debugging review, test have issue * update test, doc, provider for apigee * Update api.yaml remove empty new line * Update api.yaml * Rename resource_apigee_shared_flow_generated_test.go to resource_apigee_shared_flow_test.go * Update resource_apigee_shared_flow.go update import regex, change debug messages to log.Printf * Update mmv1/third_party/terraform/utils/provider.go.erb Co-authored-by: megan07 <mbang@hashicorp.com> * update PR to address comments * update test * fix sharedflow attribute update issue, add sharedflow deployment * Update apigee_shared_flow_deployment.html.markdown minor doc fix * Update mmv1/third_party/terraform/utils/provider.go.erb Co-authored-by: megan07 <mbang@hashicorp.com> * Update mmv1/third_party/terraform/website/docs/r/apigee_shared_flow.html.markdown Co-authored-by: megan07 <mbang@hashicorp.com> * Update resource_apigee_shared_flow_test.go remove commented out (unused) line of code * Delete api.yaml remove api.yaml as it is not needed for handwritten resource. Current repo structure no longer uses aggregated api.yaml * Rename apigee_shared_flow.html.markdown to apigee_sharedflow.html.markdown * Rename apigee_shared_flow_deployment.html.markdown to apigee_sharedflow_deployment.html.markdown * Rename resource_apigee_shared_flow.go to resource_apigee_sharedflow.go * Rename resource_apigee_shared_flow_deployment_test.go to resource_apigee_sharedflow_deployment_test.go * Rename resource_apigee_shared_flow_test.go to resource_apigee_sharedflow_test.go * Rename resource_apigee_shared_flow_sweeper_test.go to resource_apigee_sharedflow_sweeper_test.go * Update resource_apigee_sharedflow.go remove comment lines * Update mmv1/third_party/terraform/resources/resource_apigee_sharedflow.go Co-authored-by: megan07 <mbang@hashicorp.com> * Update resource_apigee_sharedflow_deployment_test.go remove unused debugging log * update function name to capitalize * Update resource_apigee_sharedflow_deployment_test.go remove fmt.print * add flowhook * move flowhook doc * Update mmv1/third_party/terraform/tests/resource_apigee_flowhook_test.go Co-authored-by: megan07 <mbang@hashicorp.com> * Update mmv1/third_party/terraform/website/docs/r/apigee_flowhook.html.markdown Co-authored-by: megan07 <mbang@hashicorp.com> * Update mmv1/third_party/terraform/website/docs/r/apigee_flowhook.html.markdown Co-authored-by: megan07 <mbang@hashicorp.com> * Update mmv1/third_party/terraform/tests/resource_apigee_flowhook_test.go Co-authored-by: megan07 <mbang@hashicorp.com> * Update resource_apigee_flowhook_test.go remove fmt.print * update some resource attribute properties * Update apigee_flowhook.html.markdown updated `description` and `continue_on_error` as optional * update referenced function naming case --------- Co-authored-by: Ray Xu <xrc@google.com> Co-authored-by: megan07 <mbang@hashicorp.com> add tests (GoogleCloudPlatform#7357) Co-authored-by: Edward Sun <sunedward@google.com> run gofmt + fix capitalization errors from previous PRs (GoogleCloudPlatform#7420) switch ci secrets to use secret manager (GoogleCloudPlatform#7408) Update field descriptions (GoogleCloudPlatform#7402) HA VPN over Cloud Interconnect has launched in GA We should still probably add a sample or two showing how to use it. Document PRODUCT_BASE_PATH override for DCL resource IAM (GoogleCloudPlatform#7418) yaqs/1723187608399380480 Add support for accelerators to google_datafusion_instance (GoogleCloudPlatform#6851) Added support to the field for Data Fusion, updated corresponding generated and handwritten tests, and added a custom diffsuppressfunc. Currently suggests a manual fix to a potential diff issue, will be able to update down line based on feedback from API team. Fix alloydb_cluster permadiff (GoogleCloudPlatform#7421) Fix dns_managed_zone tests using unverified domain (GoogleCloudPlatform#7422) Add SKIP_PROJECT_SWEEPER env variable for skipping the project sweeper (GoogleCloudPlatform#7432) Remove percent sign when parsing metadata name (GoogleCloudPlatform#7417) * Remove percent sign when parsing metadata name * Remove percent sign when parsing metadata name Merge branch 'GoogleCloudPlatform:main' into feature/iam_policy Add ignore read on reserved ip ranges (GoogleCloudPlatform#7429) Fix serviceusage links, clean up service resource stub (GoogleCloudPlatform#7435) Remove use of `make generate` from TPG/TPGB-specific step in CI (GoogleCloudPlatform#7379) Updating default accelerator.state field behavior in Data Fusion Instance (GoogleCloudPlatform#7434) Making suggested default behavior functionality updates in previous accelerators PR. Modify resource attribute 'input' to 'immutable' (GoogleCloudPlatform#7431) * Modify resource attribute 'input' to 'immutable' Remove noisy logging of project sweeper being skipped (GoogleCloudPlatform#7439) Fix PubSub-to-BigQuery push configuration example (GoogleCloudPlatform#7410) Rework + reflow provider reference, touch up index (GoogleCloudPlatform#7437) Fix eventarc tests to use dedicated bootstrapped keys (GoogleCloudPlatform#7440) Update docs for changing attribute `input` to `immutable` (GoogleCloudPlatform#7442) Feat name constraints (GoogleCloudPlatform#7400) Remove game_service_cluster_basic test (GoogleCloudPlatform#7443) send friendly_name (GoogleCloudPlatform#7433) * send friendly_name * fixed validator failures * update * fix validator errors --------- Co-authored-by: Edward Sun <sunedward@google.com> Fix headline of google_iam_workload_identity_pool (GoogleCloudPlatform#7449) Move IAM bootstrap to its own file, improve error messages (GoogleCloudPlatform#7424) * Move IAM bootstrap to its own file, improve errors Also bootstrap roles/cloudbuild.builds.builder for cloudbuild service agent. * Re-add BootstrapConfig (accidentally deleted) * Fix wrong variable name * Bootstrap the role previously hardcoded for pubsub * Move error message back into bootstrap function This will dedup the code that calls this function. It now returns a boolean and sends the more useful error through t.Error. * Bootstrap the permissions for pubsub service agent * Bootstrap the role in the correct test * Fix formatting Changing name field on google_compute_disk for TestAccComputeInstanceTemplate_sourceSnapshotEncryptionKey to include randomly generated string (GoogleCloudPlatform#7392) * Changed name within google_compute_disk on line 3162 to inclue and randomly generated string * Cleaned up arguments being passed in to be more inline with other tests * Updated based on addtional PR comments * Fixed swapping of values within new context If not specified, a default Workstations service agent SA is returned (GoogleCloudPlatform#7428) * If not specified, a default service agent SA is returned * Revert "Skip TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample" This reverts commit 097bdbe. * remove `rotation_period` update BigqueryDatapolicy to ga (GoogleCloudPlatform#6797) fix managed.dnsAuthorizations: (GoogleCloudPlatform#7445) Co-authored-by: Edward Sun <sunedward@google.com> google_compute_security_policy: force send enforce_on_key so it can be unset on (GoogleCloudPlatform#7454) Make `hostname` and `matcher` fields immutable (GoogleCloudPlatform#7448) Add note on requiredness (GoogleCloudPlatform#7453) Update BootstrapProject to support use across multiple projects/environments (GoogleCloudPlatform#7369) * Update BootstrapProject to support use across multiple projects/environments * Fix typo * Fix arguments for getTestProjectFromEnv * Fix project naming strategy for BootstrapProject to produce valid names in all envs * Fix typo * Fix function name after rebase Update resource names in acceptance test to use `tf-test-` prefix (GoogleCloudPlatform#7450) fix datastream_stream dataset id import (GoogleCloudPlatform#7451) Merge branch 'GoogleCloudPlatform:main' into feature/iam_policy Removing api.yaml and replacing with per product configs Merge branch 'feature/iam_policy' of https://github.com/dbjnbnrj/magic-modules into feature/iam_policy
If this PR is for Terraform, I acknowledge that I have:
make testandmake lintto ensure it passes unit and linter tests.Release Note Template for Downstream PRs (will be copied)