From 6c531303854fa704d8dbc6da19dbeee1a6226eb4 Mon Sep 17 00:00:00 2001
From: Modular Magician <magic-modules@google.com>
Date: Tue, 14 Mar 2023 02:42:57 +0000
Subject: [PATCH] Move IAM bootstrap to its own file, improve error messages
 (#7424)

* Move IAM bootstrap to its own file, improve errors

Also bootstrap roles/cloudbuild.builds.builder for cloudbuild service
agent.

* Re-add BootstrapConfig (accidentally deleted)

* Fix wrong variable name

* Bootstrap the role previously hardcoded for pubsub

* Move error message back into bootstrap function

This will dedup the code that calls this function. It now returns a
boolean and sends the more useful error through t.Error.

* Bootstrap the permissions for pubsub service agent

* Bootstrap the role in the correct test

* Fix formatting

Signed-off-by: Modular Magician <magic-modules@google.com>
---
 converters/google/resources/iam.go | 59 ------------------------------
 go.mod                             |  2 +-
 go.sum                             |  4 +-
 3 files changed, 3 insertions(+), 62 deletions(-)

diff --git a/converters/google/resources/iam.go b/converters/google/resources/iam.go
index 83dc3f2a9..7b00b1168 100644
--- a/converters/google/resources/iam.go
+++ b/converters/google/resources/iam.go
@@ -447,65 +447,6 @@ func compareBindings(a, b []*cloudresourcemanager.Binding) bool {
 	return reflect.DeepEqual(aMap, bMap)
 }
 
-// Returns a map representing iam bindings that are in one map but not the other.
-func missingBindingsMap(aMap, bMap map[iamBindingKey]map[string]struct{}) map[iamBindingKey]map[string]struct{} {
-	results := make(map[iamBindingKey]map[string]struct{})
-	for key, aMembers := range aMap {
-		if bMembers, ok := bMap[key]; ok {
-			// The key is in both maps.
-			resultMembers := make(map[string]struct{})
-
-			for aMember := range aMembers {
-				if _, ok := bMembers[aMember]; !ok {
-					// The member is in a but not in b.
-					resultMembers[aMember] = struct{}{}
-				}
-			}
-			for bMember := range bMembers {
-				if _, ok := aMembers[bMember]; !ok {
-					// The member is in b but not in a.
-					resultMembers[bMember] = struct{}{}
-				}
-			}
-
-			if len(resultMembers) > 0 {
-				results[key] = resultMembers
-			}
-		} else {
-			// The key is in map a but not map b.
-			results[key] = aMembers
-		}
-	}
-
-	for key, bMembers := range bMap {
-		if _, ok := aMap[key]; !ok {
-			// The key is in map b but not map a.
-			results[key] = bMembers
-		}
-	}
-
-	return results
-}
-
-// Returns the bindings that are in one set of bindings and not the other.
-func missingBindings(a, b []*cloudresourcemanager.Binding) []*cloudresourcemanager.Binding {
-	aMap := createIamBindingsMap(a)
-	bMap := createIamBindingsMap(b)
-
-	var results []*cloudresourcemanager.Binding
-	for key, membersSet := range missingBindingsMap(aMap, bMap) {
-		members := make([]string, 0, len(membersSet))
-		for member := range membersSet {
-			members = append(members, member)
-		}
-		results = append(results, &cloudresourcemanager.Binding{
-			Role:    key.Role,
-			Members: members,
-		})
-	}
-	return results
-}
-
 func compareAuditConfigs(a, b []*cloudresourcemanager.AuditConfig) bool {
 	aMap := createIamAuditConfigsMap(a)
 	bMap := createIamAuditConfigsMap(b)
diff --git a/go.mod b/go.mod
index 4ebb2693b..bf3e964ad 100644
--- a/go.mod
+++ b/go.mod
@@ -26,7 +26,7 @@ require (
 	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/terraform-json v0.14.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0
-	github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0
+	github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pkg/errors v0.9.1
 	github.com/sirupsen/logrus v1.9.0
diff --git a/go.sum b/go.sum
index cc96a1ce5..f7532bc82 100644
--- a/go.sum
+++ b/go.sum
@@ -514,8 +514,8 @@ github.com/hashicorp/terraform-plugin-log v0.7.0 h1:SDxJUyT8TwN4l5b5/VkiTIaQgY6R
 github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 h1:FtCLTiTcykdsURXPt/ku7fYXm3y19nbzbZcUxHx9RbI=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0/go.mod h1:80wf5oad1tW+oLnbXS4UTYmDCrl7BuN1Q+IA91X1a4Y=
-github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0 h1:PlLNSe7E98n0r8bb6FblupSb0OSmVOZDTBh0TQ4lO3c=
-github.com/hashicorp/terraform-provider-google v1.20.1-0.20230313163807-5a25f2f0f7d0/go.mod h1:Me09EooskxD1HNA2k+14YdLghnF8lt2HOda03gBkNpc=
+github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28 h1:eKS5B7DZMfspAK5uQJdk9mtPml7wgj/N7CaJTFHdZC4=
+github.com/hashicorp/terraform-provider-google v1.20.1-0.20230314023741-5014025adf28/go.mod h1:Me09EooskxD1HNA2k+14YdLghnF8lt2HOda03gBkNpc=
 github.com/hashicorp/terraform-registry-address v0.1.0 h1:W6JkV9wbum+m516rCl5/NjKxCyTVaaUBbzYcMzBDO3U=
 github.com/hashicorp/terraform-registry-address v0.1.0/go.mod h1:EnyO2jYO6j29DTHbJcm00E5nQTFeTtyZH3H5ycydQ5A=
 github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0=