Added support for workload-vulnerability-scanning and workload-config-audit #7310
Conversation
|
/gcbrun |
|
/gcbrun |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 1 file changed, 22 insertions(+)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccFirebaserulesRelease_BasicRelease|TestAccContainerCluster_withProtectConfig|TestAccApigeeAddonsConfig_apigeeAddonsTestExample |
| "workload_config": { | ||
| Type: schema.TypeList, | ||
| Optional: true, | ||
| MaxItems: 1, | ||
| Description: `WorkloadConfig defines the flags to enable or disable the workload configurations for the cluster.`, | ||
| Elem: &schema.Resource{ | ||
| Schema: map[string]*schema.Schema{ | ||
| "audit_mode": { | ||
| Type: schema.TypeString, | ||
| Optional: true, | ||
| Description: `Mode defines how to audit the workload configs. Accepted values are MODE_UNSPECIFIED, DISABLED, BASIC.`, | ||
| }, | ||
| }, | ||
| }, | ||
| }, | ||
| "workload_vulnerability_mode": { | ||
| Type: schema.TypeString, | ||
| Optional: true, | ||
| Description: `WorkloadVulnerabilityMode defines mode to perform vulnerability scanning. Accepted values are WORKLOAD_VULNERABILITY_MODE_UNSPECIFIED, DISABLED, BASIC.`, | ||
| }, |
There was a problem hiding this comment.
Can we make one of the subfields required (or have AtLeastOneOf added to them) to prevent users from sending empty blocks.
There was a problem hiding this comment.
made workload_config and audit_mode required to ensure that empty objects are never passed as input. Also added computed:true to workload_vulnerability_mode as default value is added to the field by server if no value is specified.
|
|
||
| ```hcl | ||
| protect_config { | ||
| workload_config { | ||
| audit_mode = "BASIC" | ||
| } | ||
| workload_vulnerability_mode = "BASIC" | ||
| } | ||
| ``` |
There was a problem hiding this comment.
We don't necessarily need to provide use example usage for every feature. I think we can remove it for this case or we can move it to the top in the same format as other examples.
There was a problem hiding this comment.
removed this example.
|
/gcbrun |
|
/gcbrun |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are. Terraform GA: Diff ( 1 file changed, 13 insertions(+)) |
Tests analyticsTotal tests: Action takenTriggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed testsTestAccFirebaserulesRelease_BasicRelease|TestAccApigeeAddonsConfig_apigeeAddonsTestExample|TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample |
|
Tests passed during RECORDING mode: Tests failed during RECORDING mode: Please fix these to complete your PR |
|
Test failure seems unrelated to this PR. |
…-audit (GoogleCloudPlatform#7310) * Added support for workload-vulnerability-scanning and workload-config-audit Fixes hashicorp/terraform-provider-google#12778 * Made google_container_cluster protect_config field optional * made container_cluster protect_config.workload_config.audit_mode required * Made fields inside protect_config as atleastOneOf in container_cluster resource. --------- Co-authored-by: Avinash Kumar <avikuma@google.com>
* main: (41 commits) update the test cases to resolve resourcename not found error Adds `grpc` field to `liveness_probe` and `startup_probe` to `google_cloud_run_v2_service` resource (GoogleCloudPlatform#6987) Upgrade DCL to v1.34 (GoogleCloudPlatform#7276) Add max_distance field to group placement policy (GoogleCloudPlatform#7354) Add stateful_ips to region_per_instance_config and per_instance_config (GoogleCloudPlatform#7316) Added support for workload-vulnerability-scanning and workload-config-audit (GoogleCloudPlatform#7310) datacatalog - bump Taxonomy and PolicyTag to ga (GoogleCloudPlatform#6989) Added best practices documentation for ForceNew fields (GoogleCloudPlatform#7127) Split resources in "B" products (GoogleCloudPlatform#7350) force recreate on master_config.num_instances (GoogleCloudPlatform#7349) Fix DataFusion instance versions used in tests (GoogleCloudPlatform#7343) remove duplicate word in Cluster.yaml (GoogleCloudPlatform#7347) Move more billing tests that require permissions beyond Billing User to master billing account (GoogleCloudPlatform#7344) Remove artifact repository beta URL, fixup handwritten tests (GoogleCloudPlatform#7345) Cloud Workstations - Workstation Config (GoogleCloudPlatform#7017) Add missing `type` argument to data source docs (GoogleCloudPlatform#7341) Fix caps in spanner resource schema accesses (GoogleCloudPlatform#7346) Downgrade Go to 1.18, modify comments (GoogleCloudPlatform#7339) feat: Add support for deletion_policy on shared vpc service project (GoogleCloudPlatform#7283) fixed virtual field update issues (GoogleCloudPlatform#7318) ...
…-audit (GoogleCloudPlatform#7310) * Added support for workload-vulnerability-scanning and workload-config-audit Fixes hashicorp/terraform-provider-google#12778 * Made google_container_cluster protect_config field optional * made container_cluster protect_config.workload_config.audit_mode required * Made fields inside protect_config as atleastOneOf in container_cluster resource. --------- Co-authored-by: Avinash Kumar <avikuma@google.com>
Added support for workload-vulnerability-scanning and workload-config-audit
Fixes hashicorp/terraform-provider-google#12778
If this PR is for Terraform, I acknowledge that I have:
make testandmake lintin the generated providers to ensure it passes unit and linter tests.Release Note Template for Downstream PRs (will be copied)