Skip to content
This repository has been archived by the owner on Nov 27, 2024. It is now read-only.

Commit

Permalink
Move IAM bootstrap to its own file, improve error messages (#7424) (#…
Browse files Browse the repository at this point in the history 
…1452)

* Move IAM bootstrap to its own file, improve errors

Also bootstrap roles/cloudbuild.builds.builder for cloudbuild service
agent.

* Re-add BootstrapConfig (accidentally deleted)

* Fix wrong variable name

* Bootstrap the role previously hardcoded for pubsub

* Move error message back into bootstrap function

This will dedup the code that calls this function. It now returns a
boolean and sends the more useful error through t.Error.

* Bootstrap the permissions for pubsub service agent

* Bootstrap the role in the correct test

* Fix formatting

Signed-off-by: Modular Magician <magic-modules@google.com>
  • Loading branch information
@modular-magician
modular-magician authored Mar 14, 2023
1 parent 71dc5e6 commit 5502b4a
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 62 deletions.
59 changes: 0 additions & 59 deletions converters/google/resources/iam.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -447,65 +447,6 @@ func compareBindings(a, b []*cloudresourcemanager.Binding) bool {
return reflect.DeepEqual(aMap, bMap)
}

// Returns a map representing iam bindings that are in one map but not the other.
func missingBindingsMap(aMap, bMap map[iamBindingKey]map[string]struct{}) map[iamBindingKey]map[string]struct{} {
results := make(map[iamBindingKey]map[string]struct{})
for key, aMembers := range aMap {
if bMembers, ok := bMap[key]; ok {
// The key is in both maps.
resultMembers := make(map[string]struct{})

for aMember := range aMembers {
if _, ok := bMembers[aMember]; !ok {
// The member is in a but not in b.
resultMembers[aMember] = struct{}{}
}
}
for bMember := range bMembers {
if _, ok := aMembers[bMember]; !ok {
// The member is in b but not in a.
resultMembers[bMember] = struct{}{}
}
}

if len(resultMembers) > 0 {
results[key] = resultMembers
}
} else {
// The key is in map a but not map b.
results[key] = aMembers
}
}

for key, bMembers := range bMap {
if _, ok := aMap[key]; !ok {
// The key is in map b but not map a.
results[key] = bMembers
}
}

return results
}

// Returns the bindings that are in one set of bindings and not the other.
func missingBindings(a, b []*cloudresourcemanager.Binding) []*cloudresourcemanager.Binding {
aMap := createIamBindingsMap(a)
bMap := createIamBindingsMap(b)

var results []*cloudresourcemanager.Binding
for key, membersSet := range missingBindingsMap(aMap, bMap) {
members := make([]string, 0, len(membersSet))
for member := range membersSet {
members = append(members, member)
}
results = append(results, &cloudresourcemanager.Binding{
Role: key.Role,
Members: members,
})
}
return results
}

func compareAuditConfigs(a, b []*cloudresourcemanager.AuditConfig) bool {
aMap := createIamAuditConfigsMap(a)
bMap := createIamAuditConfigsMap(b)
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ require (
github.com/hashicorp/go-cleanhttp v0.5.2
github.com/hashicorp/terraform-json v0.14.0
github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28
github.com/mitchellh/go-homedir v1.1.0
github.com/pkg/errors v0.9.1
github.com/sirupsen/logrus v1.9.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -514,8 +514,8 @@ github.com/hashicorp/terraform-plugin-log v0.7.0 h1:SDxJUyT8TwN4l5b5/VkiTIaQgY6R
github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4=
github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 h1:FtCLTiTcykdsURXPt/ku7fYXm3y19nbzbZcUxHx9RbI=
github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0/go.mod h1:80wf5oad1tW+oLnbXS4UTYmDCrl7BuN1Q+IA91X1a4Y=
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0 h1:PlLNSe7E98n0r8bb6FblupSb0OSmVOZDTBh0TQ4lO3c=
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0/go.mod h1:Me09EooskxD1HNA2k+14YdLghnF8lt2HOda03gBkNpc=
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28 h1:eKS5B7DZMfspAK5uQJdk9mtPml7wgj/N7CaJTFHdZC4=
github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28/go.mod h1:Me09EooskxD1HNA2k+14YdLghnF8lt2HOda03gBkNpc=
github.com/hashicorp/terraform-registry-address v0.1.0 h1:W6JkV9wbum+m516rCl5/NjKxCyTVaaUBbzYcMzBDO3U=
github.com/hashicorp/terraform-registry-address v0.1.0/go.mod h1:EnyO2jYO6j29DTHbJcm00E5nQTFeTtyZH3H5ycydQ5A=
github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0=
Expand Down

0 comments on commit 5502b4a

Please sign in to comment.