Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat name constraints #7400

Merged
merged 4 commits into from
Mar 10, 2023
Merged

Conversation

gfxcc
Copy link
Contributor

@gfxcc gfxcc commented Mar 3, 2023

Add support for X.509 name constraints.

If this PR is for Terraform, I acknowledge that I have:

  • Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
  • Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
  • Generated Terraform providers, and ran make test and make lint in the generated providers to ensure it passes unit and linter tests.
  • Ran relevant acceptance tests using my own Google Cloud project and credentials (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
  • Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

privateca: added support for X.509 name constraints

@gfxcc gfxcc marked this pull request as ready for review March 3, 2023 06:01
@gfxcc gfxcc requested a review from a team as a code owner March 3, 2023 06:01
@gfxcc gfxcc requested review from shuyama1 and removed request for a team March 3, 2023 06:01
@gfxcc gfxcc force-pushed the feat-name-constraints branch from 0b3dedf to eca8f43 Compare March 3, 2023 17:14
@shuyama1
Copy link
Member

shuyama1 commented Mar 3, 2023

/gcbrun

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 10 files changed, 908 insertions(+), 4 deletions(-))
Terraform Beta: Diff ( 10 files changed, 908 insertions(+), 4 deletions(-))
TF Validator: Diff ( 6 files changed, 69 insertions(+), 3 deletions(-))
TF OiCS: Diff ( 2 files changed, 22 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2487
Passed tests 2214
Skipped tests: 258
Failed tests: 15

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccPrivatecaCertificate_privatecaCertificateUpdate|TestAccComposerEnvironment_withWebServerConfig|TestAccPrivatecaCaPool_privatecaCapoolAllFieldsExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample|TestAccPrivatecaCaPool_updateCaOption|TestAccPrivatecaCertificate_privatecaCertificateNoAuthorityExample|TestAccPrivatecaCaPool_privatecaCapoolEmptyBaseline|TestAccPrivatecaCaPool_privatecaCapoolUpdate|TestAccPrivatecaCertificate_privatecaCertificateConfigExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityUpdate|TestAccPrivatecaCertificateAuthority_rootCaManageDesiredState|TestAccPrivatecaCertificate_privatecaCertificateWithTemplateExample|TestAccPrivatecaCertificate_privatecaCertificateCsrExample|TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample|TestAccDataSourcePrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccPrivatecaCertificate_privatecaCertificateUpdate[Debug log]
TestAccPrivatecaCaPool_privatecaCapoolAllFieldsExample[Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample[Debug log]
TestAccPrivatecaCaPool_updateCaOption[Debug log]
TestAccPrivatecaCertificate_privatecaCertificateNoAuthorityExample[Debug log]
TestAccPrivatecaCaPool_privatecaCapoolEmptyBaseline[Debug log]
TestAccPrivatecaCaPool_privatecaCapoolUpdate[Debug log]
TestAccPrivatecaCertificate_privatecaCertificateConfigExample[Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityUpdate[Debug log]
TestAccPrivatecaCertificateAuthority_rootCaManageDesiredState[Debug log]
TestAccPrivatecaCertificate_privatecaCertificateWithTemplateExample[Debug log]
TestAccPrivatecaCertificate_privatecaCertificateCsrExample[Debug log]
TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample[Debug log]
TestAccDataSourcePrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample[Debug log]

Tests failed during RECORDING mode:
TestAccComposerEnvironment_withWebServerConfig[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

Copy link
Member

@shuyama1 shuyama1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall! Only one small comment.

We recently split the product level api.yaml to individual resource files. You'll likely need to move the code in api.yaml to each resource .yaml file in https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products/privateca to resolve conflicts. Sorry for the extra work.

@@ -328,6 +328,88 @@ objects:
item_type: Api::Type::Integer
description: |
An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
- !ruby/object:Api::Type::NestedObject
name: 'nameConstraints'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think if it makes sense to mark one of the subfields required, likely critical? This way, we can prevent user from sending empty block name_constraints{}, as it usually end up causing more problems.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can customer set a required boolean field to false?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, I believe they should be able to

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@gfxcc gfxcc force-pushed the feat-name-constraints branch from eca8f43 to 2ff9a1f Compare March 9, 2023 18:32
@shuyama1
Copy link
Member

/gcbrun

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
Terraform Beta: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
TF Validator: Diff ( 6 files changed, 69 insertions(+), 3 deletions(-))
TF OiCS: Diff ( 1 file changed, 11 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2497
Passed tests 2161
Skipped tests: 262
Affected tests: 74

Action taken

Found 74 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccComputeSharedVpc_basic|TestAccIAM2AccessBoundaryPolicy|TestAccKmsKeyRing_basic|TestAccComputeResourceUsageExportBucket|TestAccServiceNetworkingPeeredDNSDomain_basic|TestAccIAM2DenyPolicy_iamDenyPolicyUpdate|TestAccIAM2DenyPolicy_iamDenyPolicyBasicExample|TestAccProject_deleteDefaultNetwork|TestAccFirebaserulesRelease_BasicRelease|TestAccResourceGoogleProjectDefaultServiceAccountsDeprivilege|TestAccResourceGoogleProjectDefaultServiceAccountsDeleteRevertIgnoreFailure|TestAccResourceGoogleProjectDefaultServiceAccountsDelete|TestAccResourceGoogleProjectDefaultServiceAccountsDisable|TestAccResourceGoogleProjectDefaultServiceAccountsBasic|TestAccDialogflowAgent_update|TestAccDialogflowIntent_update|TestAccDialogflowIntent_basic|TestAccDialogflowFulfillment_update|TestAccDialogflowEntityType_update|TestAccComputeProjectMetadata_modify_2|TestAccComputeProjectMetadata_modify_1|TestAccComputeProjectMetadata_basic|TestAccComputeInstanceFromMachineImage_diffProject|TestAccComputeProjectDefaultNetworkTier_modify|TestAccComputeProjectDefaultNetworkTier_basic|TestAccBinaryAuthorizationPolicy_update|TestAccBinaryAuthorizationPolicy_separateProject|TestAccBinaryAuthorizationPolicy_full|TestAccAssuredWorkloadsWorkload_FullHandWritten|TestAccAssuredWorkloadsWorkload_BasicHandWritten|TestAccBinaryAuthorizationPolicy_basic|TestAccAppEngineFlexibleAppVersion_update|TestAccAppEngineStandardAppVersion_update|TestAccApigeeEnvReferences_apigeeEnvironmentReferenceTestExample|TestAccApigeeSyncAuthorization_update|TestAccApigeeSyncAuthorization_apigeeSyncAuthorizationBasicTestExample|TestAccApigeeEnvKeystore_apigeeEnvironmentKeystoreTestExample|TestAccApigeeAddonsConfig_apigeeAddonsTestExample|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccIapAppEngineServiceIamPolicyGenerated_withCondition|TestAccIapAppEngineServiceIamPolicyGenerated|TestAccIapAppEngineServiceIamMemberGenerated|TestAccIapAppEngineServiceIamMemberGenerated_withCondition|TestAccIapAppEngineServiceIamBindingGenerated|TestAccIapAppEngineServiceIamBindingGenerated_withCondition|TestAccKmsKeyRingIamPolicy_withCondition|TestAccKmsCryptoKeyIamBinding|TestAccKmsCryptoKeyVersion_patch|TestAccKmsCryptoKey_basic|TestAccKmsCryptoKeyVersion_skipInitialVersion|TestAccKmsCryptoKeyIamPolicy_withCondition|TestAccKmsCryptoKey_template|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample|TestAccKmsCryptoKey_destroyDuration|TestAccKmsKeyRingIamPolicy|TestAccKmsCryptoKeyIamMember_withCondition|TestAccKmsKeyRingIamMember|TestAccKmsCryptoKey_importOnly|TestAccKmsCryptoKeyIamMember|TestAccKmsCryptoKeyVersion_basic|TestAccKmsCryptoKeyIamBinding_withCondition|TestAccKmsKeyRingIamBinding|TestAccKmsCryptoKeyIamPolicy|TestAccKmsKeyRingIamMember_withCondition|TestAccLoggingBucketConfig_CreateBuckets_withCustomId|TestAccKmsKeyRingIamBinding_withCondition|TestAccLoggingBucketConfigProject_cmekSettings|TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccLoggingProjectCmekSettings_basic|TestAccDataSourceDnsManagedZone_basic|TestAccApigeeEnvironmentIamPolicyGenerated|TestAccOsConfigOsPolicyAssignment_basicOsPolicyAssignment|TestAccApigeeEnvironmentIamMemberGenerated|TestAccApigeeEnvironmentIamBindingGenerated

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccComputeSharedVpc_basic[Debug log]
TestAccIAM2AccessBoundaryPolicy[Debug log]
TestAccKmsKeyRing_basic[Debug log]
TestAccComputeResourceUsageExportBucket[Debug log]
TestAccServiceNetworkingPeeredDNSDomain_basic[Debug log]
TestAccIAM2DenyPolicy_iamDenyPolicyUpdate[Debug log]
TestAccIAM2DenyPolicy_iamDenyPolicyBasicExample[Debug log]
TestAccProject_deleteDefaultNetwork[Debug log]
TestAccFirebaserulesRelease_BasicRelease[Debug log]
TestAccResourceGoogleProjectDefaultServiceAccountsDeprivilege[Debug log]
TestAccResourceGoogleProjectDefaultServiceAccountsDeleteRevertIgnoreFailure[Debug log]
TestAccResourceGoogleProjectDefaultServiceAccountsDelete[Debug log]
TestAccResourceGoogleProjectDefaultServiceAccountsDisable[Debug log]
TestAccResourceGoogleProjectDefaultServiceAccountsBasic[Debug log]
TestAccDialogflowAgent_update[Debug log]
TestAccDialogflowIntent_update[Debug log]
TestAccDialogflowIntent_basic[Debug log]
TestAccDialogflowFulfillment_update[Debug log]
TestAccDialogflowEntityType_update[Debug log]
TestAccComputeProjectMetadata_modify_2[Debug log]
TestAccComputeProjectMetadata_modify_1[Debug log]
TestAccComputeProjectMetadata_basic[Debug log]
TestAccComputeInstanceFromMachineImage_diffProject[Debug log]
TestAccComputeProjectDefaultNetworkTier_modify[Debug log]
TestAccComputeProjectDefaultNetworkTier_basic[Debug log]
TestAccBinaryAuthorizationPolicy_update[Debug log]
TestAccBinaryAuthorizationPolicy_separateProject[Debug log]
TestAccBinaryAuthorizationPolicy_full[Debug log]
TestAccAssuredWorkloadsWorkload_FullHandWritten[Debug log]
TestAccAssuredWorkloadsWorkload_BasicHandWritten[Debug log]
TestAccBinaryAuthorizationPolicy_basic[Debug log]
TestAccAppEngineFlexibleAppVersion_update[Debug log]
TestAccAppEngineStandardAppVersion_update[Debug log]
TestAccApigeeEnvReferences_apigeeEnvironmentReferenceTestExample[Debug log]
TestAccApigeeSyncAuthorization_update[Debug log]
TestAccApigeeSyncAuthorization_apigeeSyncAuthorizationBasicTestExample[Debug log]
TestAccApigeeEnvKeystore_apigeeEnvironmentKeystoreTestExample[Debug log]
TestAccApigeeAddonsConfig_apigeeAddonsTestExample[Debug log]
TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[Debug log]
TestAccIapAppEngineServiceIamPolicyGenerated_withCondition[Debug log]
TestAccIapAppEngineServiceIamPolicyGenerated[Debug log]
TestAccIapAppEngineServiceIamMemberGenerated[Debug log]
TestAccIapAppEngineServiceIamMemberGenerated_withCondition[Debug log]
TestAccIapAppEngineServiceIamBindingGenerated[Debug log]
TestAccIapAppEngineServiceIamBindingGenerated_withCondition[Debug log]
TestAccKmsKeyRingIamPolicy_withCondition[Debug log]
TestAccKmsCryptoKeyIamBinding[Debug log]
TestAccKmsCryptoKeyVersion_patch[Debug log]
TestAccKmsCryptoKey_basic[Debug log]
TestAccKmsCryptoKeyVersion_skipInitialVersion[Debug log]
TestAccKmsCryptoKeyIamPolicy_withCondition[Debug log]
TestAccKmsCryptoKey_template[Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample[Debug log]
TestAccKmsCryptoKey_destroyDuration[Debug log]
TestAccKmsKeyRingIamPolicy[Debug log]
TestAccKmsCryptoKeyIamMember_withCondition[Debug log]
TestAccKmsKeyRingIamMember[Debug log]
TestAccKmsCryptoKey_importOnly[Debug log]
TestAccKmsCryptoKeyIamMember[Debug log]
TestAccKmsCryptoKeyVersion_basic[Debug log]
TestAccKmsCryptoKeyIamBinding_withCondition[Debug log]
TestAccKmsKeyRingIamBinding[Debug log]
TestAccKmsCryptoKeyIamPolicy[Debug log]
TestAccKmsKeyRingIamMember_withCondition[Debug log]
TestAccLoggingBucketConfig_CreateBuckets_withCustomId[Debug log]
TestAccKmsKeyRingIamBinding_withCondition[Debug log]
TestAccLoggingBucketConfigProject_cmekSettings[Debug log]
TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic[Debug log]
TestAccLoggingProjectCmekSettings_basic[Debug log]
TestAccApigeeEnvironmentIamPolicyGenerated[Debug log]
TestAccOsConfigOsPolicyAssignment_basicOsPolicyAssignment[Debug log]
TestAccApigeeEnvironmentIamMemberGenerated[Debug log]
TestAccApigeeEnvironmentIamBindingGenerated[Debug log]

Tests failed during RECORDING mode:
TestAccDataSourceDnsManagedZone_basic[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

@gfxcc
Copy link
Contributor Author

gfxcc commented Mar 10, 2023

LGTM overall! Only one small comment.

We recently split the product level api.yaml to individual resource files. You'll likely need to move the code in api.yaml to each resource .yaml file in https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products/privateca to resolve conflicts. Sorry for the extra work.

Done. The resource split looks great! That does make the code more easier to be managed.

PTAL

@shuyama1
Copy link
Member

/gcbrun

1 similar comment
@shuyama1
Copy link
Member

/gcbrun

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
Terraform Beta: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
TF Validator: Diff ( 6 files changed, 69 insertions(+), 3 deletions(-))
TF OiCS: Diff ( 1 file changed, 11 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2497
Passed tests 2234
Skipped tests: 262
Affected tests: 1

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccDataSourceDnsManagedZone_basic

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

Tests failed during RECORDING mode:
TestAccDataSourceDnsManagedZone_basic[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

@gfxcc gfxcc force-pushed the feat-name-constraints branch from a556f7e to 7b64ffa Compare March 10, 2023 18:25
Comment on lines +355 to +418
- !ruby/object:Api::Type::Array
name: 'permittedDnsNames'
description: |
Contains permitted DNS names. Any DNS name that can be
constructed by simply adding zero or more labels to
the left-hand side of the name satisfies the name constraint.
For example, `example.com`, `www.example.com`, `www.sub.example.com`
would satisfy `example.com` while `example1.com` does not.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'excludedDnsNames'
description: |
Contains excluded DNS names. Any DNS name that can be
constructed by simply adding zero or more labels to
the left-hand side of the name satisfies the name constraint.
For example, `example.com`, `www.example.com`, `www.sub.example.com`
would satisfy `example.com` while `example1.com` does not.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'permittedIpRanges'
description: |
Contains the permitted IP ranges. For IPv4 addresses, the ranges
are expressed using CIDR notation as specified in RFC 4632.
For IPv6 addresses, the ranges are expressed in similar encoding as IPv4
addresses.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'excludedIpRanges'
description: |
Contains the excluded IP ranges. For IPv4 addresses, the ranges
are expressed using CIDR notation as specified in RFC 4632.
For IPv6 addresses, the ranges are expressed in similar encoding as IPv4
addresses.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'permittedEmailAddresses'
description: |
Contains the permitted email addresses. The value can be a particular
email address, a hostname to indicate all email addresses on that host or
a domain with a leading period (e.g. `.example.com`) to indicate
all email addresses in that domain.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'excludedEmailAddresses'
description: |
Contains the excluded email addresses. The value can be a particular
email address, a hostname to indicate all email addresses on that host or
a domain with a leading period (e.g. `.example.com`) to indicate
all email addresses in that domain.
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'permittedUris'
description: |
Contains the permitted URIs that apply to the host part of the name.
The value can be a hostname or a domain with a
leading period (like `.example.com`)
item_type: Api::Type::String
- !ruby/object:Api::Type::Array
name: 'excludedUris'
description: |
Contains the excluded URIs that apply to the host part of the name.
The value can be a hostname or a domain with a
leading period (like `.example.com`)
item_type: Api::Type::String
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Can we test multiple entries for these values? Just want to make sure if the API returns the elements the same order they've been configured to make sure if they're list or set.

  • Do we know if API will return values for these fields if they're not explicitly specified? My assumption is no, but just want to make sure.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Can we test multiple entries for these values? Just want to make sure if the API returns the elements the same order they've been configured to make sure if they're list or set.

Done.

  • Do we know if API will return values for these fields if they're not explicitly specified? My assumption is no, but just want to make sure.

No.

@gfxcc gfxcc force-pushed the feat-name-constraints branch from 7b64ffa to ffe9ba4 Compare March 10, 2023 18:27
@shuyama1
Copy link
Member

/gcbrun

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
Terraform Beta: Diff ( 9 files changed, 897 insertions(+), 4 deletions(-))
TF Validator: Diff ( 6 files changed, 69 insertions(+), 3 deletions(-))
TF OiCS: Diff ( 1 file changed, 11 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2497
Passed tests 2231
Skipped tests: 262
Affected tests: 4

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccPrivatecaCaPool_privatecaCapoolAllFieldsExample|TestAccComputeForwardingRule_update|TestAccFirebaserulesRelease_BasicRelease|TestAccDataSourceDnsManagedZone_basic

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccPrivatecaCaPool_privatecaCapoolAllFieldsExample[Debug log]
TestAccComputeForwardingRule_update[Debug log]
TestAccFirebaserulesRelease_BasicRelease[Debug log]

Tests failed during RECORDING mode:
TestAccDataSourceDnsManagedZone_basic[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

Copy link
Member

@shuyama1 shuyama1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Failing test is not related to this PR. Thank you for your contribution!

@shuyama1 shuyama1 merged commit 28b542d into GoogleCloudPlatform:main Mar 10, 2023
geojaz pushed a commit to geojaz/magic-modules that referenced this pull request Mar 13, 2023
dbjnbnrj added a commit to dbjnbnrj/magic-modules that referenced this pull request Mar 15, 2023
Adding AuthorizedOrgsDesc to AccessContextManager (GoogleCloudPlatform#7178)

Allow project field in Firebase apps datasource (GoogleCloudPlatform#7300)

* Allow project field in Firebase apps datasource

* Add tf_test to the display name

* update to capitalized dependencies
Rename compute_(region)_per_instance_config test files to .erb files … (GoogleCloudPlatform#7409)

* Rename compute_(region)_per_instance_config test files to .erb files since the resources have fields in beta.

* Omit stateful_ip tests for GA
Bootstrap network cleanup (GoogleCloudPlatform#7367)

* Update bootstrapped networks for alloydb

* Update bootstrapped networks for redis

* Update bootstrapped networks for vertexai

* Update comment for BootstrapSharedTestNetwork to be more clear
Fix override directory concat (GoogleCloudPlatform#7413)

Bootstrap required permissions for composer environment tests (GoogleCloudPlatform#7391)

* Bootstrap the required permissions

* Make BootstrapAllPSARoles actually work

Also adds some helper functions for debugging what the bootstrap
function does. It will now log the roles that were missing in the
policy.

* Add missing return, fix nits

* Fix typo in service agent name

* Account for newly exported test functions
Add maintenance_interval field to Instance Template and Instance scheduling. (GoogleCloudPlatform#7365)

* Move testing to handwritten

* Move testing to handwritten

* Fix lint

* Fix typo

* Add remove step and update documentation

* Add remove step and update documentation

* Fix comparing string to nil

* Add field to handwritten defs

* rebase on main & resolve conflicts

* Fix doc formatting

* Add maintenance interval to Instance resource

* Add maintenance interval to Instance resource

* Add maintenance interval to Instance resource

* Change function names to valid

* Fix type mismatch

* Fix type mismatch

* Fix function name
Fix naming of resource policies in tests to be sweepable (GoogleCloudPlatform#7412)

Skip TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample (GoogleCloudPlatform#7415)

Add support for Apigee Sharedflow (GoogleCloudPlatform#7202)

* added sharedflows mmv1 with error

* fix indentation issue for sharedflow

* add semi auto generated resourceApigeeSharedFlow

* remove sharedflow mmv1 and add sharedflow manual provider

* adding files for debugging review, test have issue

* adding files for debugging review, test have issue

* update test, doc, provider for apigee

* Update api.yaml

remove empty new line

* Update api.yaml

* Rename resource_apigee_shared_flow_generated_test.go to resource_apigee_shared_flow_test.go

* Update resource_apigee_shared_flow.go

update import regex, change debug messages to log.Printf

* Update mmv1/third_party/terraform/utils/provider.go.erb

Co-authored-by: megan07 <mbang@hashicorp.com>

* update PR to address comments

* update test

* fix sharedflow attribute update issue, add sharedflow deployment

* Update apigee_shared_flow_deployment.html.markdown

minor doc fix

* Update mmv1/third_party/terraform/utils/provider.go.erb

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update mmv1/third_party/terraform/website/docs/r/apigee_shared_flow.html.markdown

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update resource_apigee_shared_flow_test.go

remove commented out (unused) line of code

* Delete api.yaml

remove api.yaml as it is not needed for handwritten resource. Current repo structure no longer uses aggregated api.yaml

* Rename apigee_shared_flow.html.markdown to apigee_sharedflow.html.markdown

* Rename apigee_shared_flow_deployment.html.markdown to apigee_sharedflow_deployment.html.markdown

* Rename resource_apigee_shared_flow.go to resource_apigee_sharedflow.go

* Rename resource_apigee_shared_flow_deployment_test.go to resource_apigee_sharedflow_deployment_test.go

* Rename resource_apigee_shared_flow_test.go to resource_apigee_sharedflow_test.go

* Rename resource_apigee_shared_flow_sweeper_test.go to resource_apigee_sharedflow_sweeper_test.go

* Update resource_apigee_sharedflow.go

remove comment lines

* Update mmv1/third_party/terraform/resources/resource_apigee_sharedflow.go

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update resource_apigee_sharedflow_deployment_test.go

remove unused debugging log

* update function name to capitalize

* Update resource_apigee_sharedflow_deployment_test.go

remove fmt.print

* add flowhook

* move flowhook doc

* Update mmv1/third_party/terraform/tests/resource_apigee_flowhook_test.go

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update mmv1/third_party/terraform/website/docs/r/apigee_flowhook.html.markdown

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update mmv1/third_party/terraform/website/docs/r/apigee_flowhook.html.markdown

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update mmv1/third_party/terraform/tests/resource_apigee_flowhook_test.go

Co-authored-by: megan07 <mbang@hashicorp.com>

* Update resource_apigee_flowhook_test.go

remove fmt.print

* update some resource attribute properties

* Update apigee_flowhook.html.markdown

updated `description` and `continue_on_error` as optional

* update referenced function naming case

---------

Co-authored-by: Ray Xu <xrc@google.com>
Co-authored-by: megan07 <mbang@hashicorp.com>
add tests (GoogleCloudPlatform#7357)

Co-authored-by: Edward Sun <sunedward@google.com>
run gofmt + fix capitalization errors from previous PRs (GoogleCloudPlatform#7420)

switch ci secrets to use secret manager (GoogleCloudPlatform#7408)

Update field descriptions (GoogleCloudPlatform#7402)

HA VPN over Cloud Interconnect has launched in GA
We should still probably add a sample or two showing how to use it.
Document PRODUCT_BASE_PATH override for DCL resource IAM (GoogleCloudPlatform#7418)

yaqs/1723187608399380480
Add support for accelerators to google_datafusion_instance (GoogleCloudPlatform#6851)

Added support to the field for Data Fusion, updated corresponding generated and handwritten tests, and added a custom diffsuppressfunc.

Currently suggests a manual fix to a potential diff issue, will be able to update down line based on feedback from API team.
Fix alloydb_cluster permadiff (GoogleCloudPlatform#7421)

Fix dns_managed_zone tests using unverified domain (GoogleCloudPlatform#7422)

Add SKIP_PROJECT_SWEEPER env variable for skipping the project sweeper (GoogleCloudPlatform#7432)

Remove percent sign when parsing metadata name (GoogleCloudPlatform#7417)

* Remove percent sign when parsing metadata name

* Remove percent sign when parsing metadata name
Merge branch 'GoogleCloudPlatform:main' into feature/iam_policy

Add ignore read on reserved ip ranges (GoogleCloudPlatform#7429)

Fix serviceusage links, clean up service resource stub (GoogleCloudPlatform#7435)

Remove use of `make generate` from TPG/TPGB-specific step in CI (GoogleCloudPlatform#7379)

Updating default accelerator.state field behavior in Data Fusion Instance (GoogleCloudPlatform#7434)

Making suggested default behavior functionality updates in previous accelerators PR.
Modify resource attribute 'input' to 'immutable' (GoogleCloudPlatform#7431)

* Modify resource attribute 'input' to 'immutable'
Remove noisy logging of project sweeper being skipped (GoogleCloudPlatform#7439)

Fix PubSub-to-BigQuery push configuration example (GoogleCloudPlatform#7410)

Rework + reflow provider reference, touch up index (GoogleCloudPlatform#7437)

Fix eventarc tests to use dedicated bootstrapped keys (GoogleCloudPlatform#7440)

Update docs for changing attribute `input` to `immutable` (GoogleCloudPlatform#7442)

Feat name constraints (GoogleCloudPlatform#7400)

Remove game_service_cluster_basic test (GoogleCloudPlatform#7443)

send friendly_name (GoogleCloudPlatform#7433)

* send friendly_name

* fixed validator failures

* update

* fix validator errors

---------

Co-authored-by: Edward Sun <sunedward@google.com>
Fix headline of google_iam_workload_identity_pool (GoogleCloudPlatform#7449)

Move IAM bootstrap to its own file, improve error messages (GoogleCloudPlatform#7424)

* Move IAM bootstrap to its own file, improve errors

Also bootstrap roles/cloudbuild.builds.builder for cloudbuild service
agent.

* Re-add BootstrapConfig (accidentally deleted)

* Fix wrong variable name

* Bootstrap the role previously hardcoded for pubsub

* Move error message back into bootstrap function

This will dedup the code that calls this function. It now returns a
boolean and sends the more useful error through t.Error.

* Bootstrap the permissions for pubsub service agent

* Bootstrap the role in the correct test

* Fix formatting
Changing name field on google_compute_disk for TestAccComputeInstanceTemplate_sourceSnapshotEncryptionKey to include randomly generated string (GoogleCloudPlatform#7392)

* Changed name within google_compute_disk  on line 3162 to inclue and randomly generated string

* Cleaned up arguments being passed in to be more inline with other tests

* Updated based on addtional PR comments

* Fixed swapping of values within new context
If not specified, a default Workstations service agent SA is returned (GoogleCloudPlatform#7428)

* If not specified, a default service agent SA is returned

* Revert "Skip TestAccWorkstationsWorkstationConfig_workstationConfigEncryptionKeyExample"

This reverts commit 097bdbe.

* remove `rotation_period`
update BigqueryDatapolicy to ga (GoogleCloudPlatform#6797)

fix managed.dnsAuthorizations: (GoogleCloudPlatform#7445)

Co-authored-by: Edward Sun <sunedward@google.com>
google_compute_security_policy: force send enforce_on_key so it can be unset on (GoogleCloudPlatform#7454)

Make `hostname` and `matcher` fields immutable (GoogleCloudPlatform#7448)

Add note on requiredness (GoogleCloudPlatform#7453)

Update BootstrapProject to support use across multiple projects/environments (GoogleCloudPlatform#7369)

* Update BootstrapProject to support use across multiple projects/environments

* Fix typo

* Fix arguments for getTestProjectFromEnv

* Fix project naming strategy for BootstrapProject to produce valid names in all envs

* Fix typo

* Fix function name after rebase
Update resource names in acceptance test to use `tf-test-` prefix (GoogleCloudPlatform#7450)

fix datastream_stream dataset id import (GoogleCloudPlatform#7451)

Merge branch 'GoogleCloudPlatform:main' into feature/iam_policy

Removing api.yaml and replacing with per product configs

Merge branch 'feature/iam_policy' of https://github.com/dbjnbnrj/magic-modules into feature/iam_policy
ericayyliu pushed a commit to ericayyliu/magic-modules that referenced this pull request Jul 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants