From 4acf2fb4ac95d8fde3787bb03f5449b214c63a42 Mon Sep 17 00:00:00 2001 From: The Magician Date: Mon, 26 Sep 2022 04:54:11 -0700 Subject: [PATCH] feat(google_container_cluster): support notification filter (#6508) (#12643) Signed-off-by: toVersus Signed-off-by: toVersus Signed-off-by: Modular Magician Signed-off-by: toVersus Signed-off-by: Modular Magician --- .changelog/6508.txt | 3 + google/resource_container_cluster.go | 52 +++++++- google/resource_container_cluster_test.go | 114 +++++++++++++++++- .../docs/r/container_cluster.html.markdown | 6 + 4 files changed, 173 insertions(+), 2 deletions(-) create mode 100644 .changelog/6508.txt diff --git a/.changelog/6508.txt b/.changelog/6508.txt new file mode 100644 index 00000000000..d720dc894ba --- /dev/null +++ b/.changelog/6508.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +container: added `notification_config.pubsub.filter` field to `google_container_cluster` +``` diff --git a/google/resource_container_cluster.go b/google/resource_container_cluster.go index db3d1279724..c25f5e8950b 100755 --- a/google/resource_container_cluster.go +++ b/google/resource_container_cluster.go @@ -681,6 +681,25 @@ func resourceContainerCluster() *schema.Resource { Optional: true, Description: `The pubsub topic to push upgrade notifications to. Must be in the same project as the cluster. Must be in the format: projects/{project}/topics/{topic}.`, }, + "filter": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Description: `Allows filtering to one or more specific event types. If event types are present, those and only those event types will be transmitted to the cluster. Other types will be skipped. If no filter is specified, or no event types are present, all event types will be sent`, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "event_type": { + Type: schema.TypeList, + Required: true, + Description: `Can be used to filter what notifications are sent. Valid values include include UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT and SECURITY_BULLETIN_EVENT`, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.StringInSlice([]string{"UPGRADE_AVAILABLE_EVENT", "UPGRADE_EVENT", "SECURITY_BULLETIN_EVENT"}, false), + }, + }, + }, + }, + }, }, }, }, @@ -3138,12 +3157,22 @@ func expandNotificationConfig(configured interface{}) *container.NotificationCon if len(v.([]interface{})) > 0 { pubsub := notificationConfig["pubsub"].([]interface{})[0].(map[string]interface{}) - return &container.NotificationConfig{ + nc := &container.NotificationConfig{ Pubsub: &container.PubSub{ Enabled: pubsub["enabled"].(bool), Topic: pubsub["topic"].(string), }, } + + if vv, ok := pubsub["filter"]; ok && len(vv.([]interface{})) > 0 { + filter := vv.([]interface{})[0].(map[string]interface{}) + eventType := filter["event_type"].([]interface{}) + nc.Pubsub.Filter = &container.Filter{ + EventType: convertStringArr(eventType), + } + } + + return nc } } @@ -3466,6 +3495,27 @@ func flattenNotificationConfig(c *container.NotificationConfig) []map[string]int return nil } + if c.Pubsub.Filter != nil { + filter := []map[string]interface{}{} + if len(c.Pubsub.Filter.EventType) > 0 { + filter = append(filter, map[string]interface{}{ + "event_type": c.Pubsub.Filter.EventType, + }) + } + + return []map[string]interface{}{ + { + "pubsub": []map[string]interface{}{ + { + "enabled": c.Pubsub.Enabled, + "topic": c.Pubsub.Topic, + "filter": filter, + }, + }, + }, + } + } + return []map[string]interface{}{ { "pubsub": []map[string]interface{}{ diff --git a/google/resource_container_cluster_test.go b/google/resource_container_cluster_test.go index 3cb8b6f4144..30d78375023 100755 --- a/google/resource_container_cluster_test.go +++ b/google/resource_container_cluster_test.go @@ -244,6 +244,46 @@ func TestAccContainerCluster_withNotificationConfig(t *testing.T) { }) } +func TestAccContainerCluster_withFilteredNotificationConfig(t *testing.T) { + t.Parallel() + + clusterName := fmt.Sprintf("tf-test-cluster-%s", randString(t, 10)) + topic := fmt.Sprintf("tf-test-topic-%s", randString(t, 10)) + newTopic := fmt.Sprintf("tf-test-topic-%s", randString(t, 10)) + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckContainerClusterDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccContainerCluster_withFilteredNotificationConfig(clusterName, topic), + }, + { + ResourceName: "google_container_cluster.filtered_notification_config", + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccContainerCluster_withFilteredNotificationConfigUpdate(clusterName, newTopic), + }, + { + ResourceName: "google_container_cluster.filtered_notification_config", + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccContainerCluster_disableFilteredNotificationConfig(clusterName, newTopic), + }, + { + ResourceName: "google_container_cluster.filtered_notification_config", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccContainerCluster_withConfidentialNodes(t *testing.T) { t.Parallel() @@ -2767,7 +2807,7 @@ resource "google_container_cluster" "notification_config" { notification_config { pubsub { enabled = true - topic = google_pubsub_topic.%s.id + topic = google_pubsub_topic.%s.id } } } @@ -2789,6 +2829,78 @@ resource "google_container_cluster" "notification_config" { `, clusterName) } +func testAccContainerCluster_withFilteredNotificationConfig(clusterName string, topic string) string { + + return fmt.Sprintf(` + +resource "google_pubsub_topic" "%s" { + name = "%s" +} + +resource "google_container_cluster" "filtered_notification_config" { + name = "%s" + location = "us-central1-a" + initial_node_count = 3 + notification_config { + pubsub { + enabled = true + topic = google_pubsub_topic.%s.id + filter { + event_type = ["UPGRADE_EVENT", "SECURITY_BULLETIN_EVENT"] + } + } + } +} +`, topic, topic, clusterName, topic) +} + +func testAccContainerCluster_withFilteredNotificationConfigUpdate(clusterName string, topic string) string { + + return fmt.Sprintf(` + +resource "google_pubsub_topic" "%s" { + name = "%s" +} + +resource "google_container_cluster" "filtered_notification_config" { + name = "%s" + location = "us-central1-a" + initial_node_count = 3 + notification_config { + pubsub { + enabled = true + topic = google_pubsub_topic.%s.id + filter { + event_type = ["UPGRADE_AVAILABLE_EVENT"] + } + } + } +} +`, topic, topic, clusterName, topic) +} + +func testAccContainerCluster_disableFilteredNotificationConfig(clusterName string, topic string) string { + + return fmt.Sprintf(` + +resource "google_pubsub_topic" "%s" { + name = "%s" +} + +resource "google_container_cluster" "filtered_notification_config" { + name = "%s" + location = "us-central1-a" + initial_node_count = 3 + notification_config { + pubsub { + enabled = true + topic = google_pubsub_topic.%s.id + } + } +} +`, topic, topic, clusterName, topic) +} + func testAccContainerCluster_withConfidentialNodes(clusterName string, npName string) string { return fmt.Sprintf(` resource "google_container_cluster" "confidential_nodes" { diff --git a/website/docs/r/container_cluster.html.markdown b/website/docs/r/container_cluster.html.markdown index 8b82b003bbe..956a15f1cca 100755 --- a/website/docs/r/container_cluster.html.markdown +++ b/website/docs/r/container_cluster.html.markdown @@ -886,6 +886,8 @@ The `pubsub` block supports: * `topic` (Optional) - The pubsub topic to push upgrade notifications to. Must be in the same project as the cluster. Must be in the format: `projects/{project}/topics/{topic}`. +* `filter` (Optional) - Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Structure is [documented below](#nested_notification_filter). + ```hcl notification_config { pubsub { @@ -895,6 +897,10 @@ notification_config { } ``` + The `filter` block supports: + +* `event_type` (Optional) - Can be used to filter what notifications are sent. Accepted values are `UPGRADE_AVAILABLE_EVENT`, `UPGRADE_EVENT` and `SECURITY_BULLETIN_EVENT`. See [Filtering notifications](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-notifications#filtering) for more details. + The `confidential_nodes` block supports: * `enabled` (Required) - Enable Confidential Nodes for this cluster.