Add policycontroller fields to fleet default configs for GKE Hub Feature resource

[tonyzhc]

Add the policycontroller feature config for fleet default configs for the Feature resource. Fixes hashicorp/terraform-provider-google#16373.

Release Note Template for Downstream PRs (will be copied)

gkehub2: added `policycontroller` field to `fleet_default_member_config` under the `google_gke_hub_feature` resource. Users can now configure a default Policy Controller configuration for new memberships added to the fleet.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 3 files changed, 1463 insertions(+))
Terraform Beta: Diff ( 3 files changed, 1469 insertions(+))
TF Conversion: Diff ( 1 file changed, 457 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_gke_hub_feature (5 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_gke_hub_feature" "primary" {
  fleet_default_member_config {
    policycontroller {
      policy_controller_hub_config {
        audit_interval_seconds     = # value needed
        constraint_violation_limit = # value needed
        deployment_configs {
          component = # value needed
          container_resources {
            limits {
              cpu    = # value needed
              memory = # value needed
            }
            requests {
              cpu    = # value needed
              memory = # value needed
            }
          }
          pod_affinity = # value needed
          pod_toleration {
            effect   = # value needed
            key      = # value needed
            operator = # value needed
            value    = # value needed
          }
          replica_count = # value needed
        }
        exemptable_namespaces = # value needed
        install_spec          = # value needed
        log_denies_enabled    = # value needed
        monitoring {
          backends = # value needed
        }
        mutation_enabled = # value needed
        policy_content {
          bundles {
            bundle              = # value needed
            exempted_namespaces = # value needed
          }
          template_library {
            installation = # value needed
          }
        }
        referential_rules_enabled = # value needed
      }
      version = # value needed
    }
  }
}

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 3 files changed, 1463 insertions(+))
Terraform Beta: Diff ( 3 files changed, 1463 insertions(+))
TF Conversion: Diff ( 1 file changed, 457 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_gke_hub_feature (5 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_gke_hub_feature" "primary" {
  fleet_default_member_config {
    policycontroller {
      policy_controller_hub_config {
        audit_interval_seconds     = # value needed
        constraint_violation_limit = # value needed
        deployment_configs {
          component = # value needed
          container_resources {
            limits {
              cpu    = # value needed
              memory = # value needed
            }
            requests {
              cpu    = # value needed
              memory = # value needed
            }
          }
          pod_affinity = # value needed
          pod_toleration {
            effect   = # value needed
            key      = # value needed
            operator = # value needed
            value    = # value needed
          }
          replica_count = # value needed
        }
        exemptable_namespaces = # value needed
        install_spec          = # value needed
        log_denies_enabled    = # value needed
        monitoring {
          backends = # value needed
        }
        mutation_enabled = # value needed
        policy_content {
          bundles {
            bundle              = # value needed
            exempted_namespaces = # value needed
          }
          template_library {
            installation = # value needed
          }
        }
        referential_rules_enabled = # value needed
      }
      version = # value needed
    }
  }
}

[modular-magician]

Tests analytics

Total tests: 3227
Passed tests 2896
Skipped tests: 330
Affected tests: 1

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccDataprocClusterIamPolicy

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccDataprocClusterIamPolicy[Debug log]

Rerun these tests in REPLAYING mode to catch issues

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{green}{\textsf{All tests passed!}}$
View the build log or the debug log for each test

[c2thorn]

kicked off a non-VCR test run of TestAccGKEHubFeature_FleetDefaultMemberConfigPolicyController in our environment. Will give the results once completed.

[c2thorn]

test passed

[tonyzhc]

Thank you! I would like to hold off on merging so that my TL can take a look at the PR as well.

[c2thorn]

Thank you! I would like to hold off on merging so that my TL can take a look at the PR as well.

sounds good.

going on vacation

[c2thorn]

Will be OOO for a while, reassigning a random reviewer to carry this forward once ready.

[ekitson]

LGTM