App check debug token (#9930) (#17242)

* App check debug token

* Make app_id a parameter instead of a virtual field. It seems virtual fields are all forced optional.

* Add update displayName test

* Use api_name and identity to wire up debugTokenId

[upstream:6cfc4dc3f29dcb3e087c0cc468c5ff379867b962]

Signed-off-by: Modular Magician <magic-modules@google.com>

.changelog/9930.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+`google_firebase_app_check_debug_token`
+```

google/provider/provider_mmv1_resources.go

@@ -385,9 +385,9 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{
 }
 
 // Resources
-// Generated resources: 378
+// Generated resources: 379
 // Generated IAM resources: 225
-// Total generated resources: 603
+// Total generated resources: 604
 var generatedResources = map[string]*schema.Resource{
 	"google_folder_access_approval_settings":                         accessapproval.ResourceAccessApprovalFolderSettings(),
 	"google_organization_access_approval_settings":                   accessapproval.ResourceAccessApprovalOrganizationSettings(),
@@ -723,6 +723,7 @@ var generatedResources = map[string]*schema.Resource{
 	"google_filestore_backup":                                        filestore.ResourceFilestoreBackup(),
 	"google_filestore_instance":                                      filestore.ResourceFilestoreInstance(),
 	"google_filestore_snapshot":                                      filestore.ResourceFilestoreSnapshot(),
+	"google_firebase_app_check_debug_token":                          firebaseappcheck.ResourceFirebaseAppCheckDebugToken(),
 	"google_firebase_app_check_service_config":                       firebaseappcheck.ResourceFirebaseAppCheckServiceConfig(),
 	"google_firestore_backup_schedule":                               firestore.ResourceFirestoreBackupSchedule(),
 	"google_firestore_database":                                      firestore.ResourceFirestoreDatabase(),

google/services/firebaseappcheck/resource_firebase_app_check_debug_token.go

@@ -0,0 +1,369 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+
+package firebaseappcheck
+
+import (
+	"fmt"
+	"log"
+	"reflect"
+	"strings"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/hashicorp/terraform-provider-google/google/tpgresource"
+	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
+)
+
+func ResourceFirebaseAppCheckDebugToken() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceFirebaseAppCheckDebugTokenCreate,
+		Read:   resourceFirebaseAppCheckDebugTokenRead,
+		Update: resourceFirebaseAppCheckDebugTokenUpdate,
+		Delete: resourceFirebaseAppCheckDebugTokenDelete,
+
+		Importer: &schema.ResourceImporter{
+			State: resourceFirebaseAppCheckDebugTokenImport,
+		},
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(20 * time.Minute),
+			Update: schema.DefaultTimeout(20 * time.Minute),
+			Delete: schema.DefaultTimeout(20 * time.Minute),
+		},
+
+		CustomizeDiff: customdiff.All(
+			tpgresource.DefaultProviderProject,
+		),
+
+		Schema: map[string]*schema.Schema{
+			"app_id": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+				Description: `The ID of a
+[Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id),
+[Apple App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.iosApps#IosApp.FIELDS.app_id),
+or [Android App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.androidApps#AndroidApp.FIELDS.app_id)`,
+			},
+			"display_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: `A human readable display name used to identify this debug token.`,
+			},
+			"token": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+				Description: `The secret token itself. Must be provided during creation, and must be a UUID4,
+case insensitive. You may use a method of your choice such as random/random_uuid
+to generate the token.
+
+This field is immutable once set, and cannot be updated. You can, however, delete
+this debug token to revoke it.
+
+For security reasons, this field will never be populated in any response.`,
+				Sensitive: true,
+			},
+			"debug_token_id": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: `The last segment of the resource name of the debug token.`,
+			},
+			"project": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+				ForceNew: true,
+			},
+		},
+		UseJSONNumber: true,
+	}
+}
+
+func resourceFirebaseAppCheckDebugTokenCreate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	obj := make(map[string]interface{})
+	displayNameProp, err := expandFirebaseAppCheckDebugTokenDisplayName(d.Get("display_name"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("display_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(displayNameProp)) && (ok || !reflect.DeepEqual(v, displayNameProp)) {
+		obj["displayName"] = displayNameProp
+	}
+	tokenProp, err := expandFirebaseAppCheckDebugTokenToken(d.Get("token"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("token"); !tpgresource.IsEmptyValue(reflect.ValueOf(tokenProp)) && (ok || !reflect.DeepEqual(v, tokenProp)) {
+		obj["token"] = tokenProp
+	}
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens")
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Creating new DebugToken: %#v", obj)
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for DebugToken: %s", err)
+	}
+	billingProject = project
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    config,
+		Method:    "POST",
+		Project:   billingProject,
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+		Timeout:   d.Timeout(schema.TimeoutCreate),
+	})
+	if err != nil {
+		return fmt.Errorf("Error creating DebugToken: %s", err)
+	}
+	if err := d.Set("debug_token_id", flattenFirebaseAppCheckDebugTokenDebugTokenId(res["name"], d, config)); err != nil {
+		return fmt.Errorf(`Error setting computed identity field "debug_token_id": %s`, err)
+	}
+
+	// Store the ID now
+	id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}")
+	if err != nil {
+		return fmt.Errorf("Error constructing id: %s", err)
+	}
+	d.SetId(id)
+
+	log.Printf("[DEBUG] Finished creating DebugToken %q: %#v", d.Id(), res)
+
+	return resourceFirebaseAppCheckDebugTokenRead(d, meta)
+}
+
+func resourceFirebaseAppCheckDebugTokenRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}")
+	if err != nil {
+		return err
+	}
+
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for DebugToken: %s", err)
+	}
+	billingProject = project
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    config,
+		Method:    "GET",
+		Project:   billingProject,
+		RawURL:    url,
+		UserAgent: userAgent,
+	})
+	if err != nil {
+		return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("FirebaseAppCheckDebugToken %q", d.Id()))
+	}
+
+	if err := d.Set("project", project); err != nil {
+		return fmt.Errorf("Error reading DebugToken: %s", err)
+	}
+
+	if err := d.Set("debug_token_id", flattenFirebaseAppCheckDebugTokenDebugTokenId(res["name"], d, config)); err != nil {
+		return fmt.Errorf("Error reading DebugToken: %s", err)
+	}
+	if err := d.Set("display_name", flattenFirebaseAppCheckDebugTokenDisplayName(res["displayName"], d, config)); err != nil {
+		return fmt.Errorf("Error reading DebugToken: %s", err)
+	}
+
+	return nil
+}
+
+func resourceFirebaseAppCheckDebugTokenUpdate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for DebugToken: %s", err)
+	}
+	billingProject = project
+
+	obj := make(map[string]interface{})
+	displayNameProp, err := expandFirebaseAppCheckDebugTokenDisplayName(d.Get("display_name"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("display_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, displayNameProp)) {
+		obj["displayName"] = displayNameProp
+	}
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}")
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Updating DebugToken %q: %#v", d.Id(), obj)
+	updateMask := []string{}
+
+	if d.HasChange("display_name") {
+		updateMask = append(updateMask, "displayName")
+	}
+	// updateMask is a URL parameter but not present in the schema, so ReplaceVars
+	// won't set it
+	url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
+	if err != nil {
+		return err
+	}
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	// if updateMask is empty we are not updating anything so skip the post
+	if len(updateMask) > 0 {
+		res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+			Config:    config,
+			Method:    "PATCH",
+			Project:   billingProject,
+			RawURL:    url,
+			UserAgent: userAgent,
+			Body:      obj,
+			Timeout:   d.Timeout(schema.TimeoutUpdate),
+		})
+
+		if err != nil {
+			return fmt.Errorf("Error updating DebugToken %q: %s", d.Id(), err)
+		} else {
+			log.Printf("[DEBUG] Finished updating DebugToken %q: %#v", d.Id(), res)
+		}
+
+	}
+
+	return resourceFirebaseAppCheckDebugTokenRead(d, meta)
+}
+
+func resourceFirebaseAppCheckDebugTokenDelete(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for DebugToken: %s", err)
+	}
+	billingProject = project
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}")
+	if err != nil {
+		return err
+	}
+
+	var obj map[string]interface{}
+	log.Printf("[DEBUG] Deleting DebugToken %q", d.Id())
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    config,
+		Method:    "DELETE",
+		Project:   billingProject,
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+		Timeout:   d.Timeout(schema.TimeoutDelete),
+	})
+	if err != nil {
+		return transport_tpg.HandleNotFoundError(err, d, "DebugToken")
+	}
+
+	log.Printf("[DEBUG] Finished deleting DebugToken %q: %#v", d.Id(), res)
+	return nil
+}
+
+func resourceFirebaseAppCheckDebugTokenImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	config := meta.(*transport_tpg.Config)
+	if err := tpgresource.ParseImportId([]string{
+		"^projects/(?P<project>[^/]+)/apps/(?P<app_id>[^/]+)/debugTokens/(?P<debug_token_id>[^/]+)$",
+		"^(?P<project>[^/]+)/(?P<app_id>[^/]+)/(?P<debug_token_id>[^/]+)$",
+		"^(?P<app_id>[^/]+)/(?P<debug_token_id>[^/]+)$",
+	}, d, config); err != nil {
+		return nil, err
+	}
+
+	// Replace import id for the resource id
+	id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}")
+	if err != nil {
+		return nil, fmt.Errorf("Error constructing id: %s", err)
+	}
+	d.SetId(id)
+
+	return []*schema.ResourceData{d}, nil
+}
+
+func flattenFirebaseAppCheckDebugTokenDebugTokenId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return v
+	}
+	return tpgresource.NameFromSelfLinkStateFunc(v)
+}
+
+func flattenFirebaseAppCheckDebugTokenDisplayName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func expandFirebaseAppCheckDebugTokenDisplayName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandFirebaseAppCheckDebugTokenToken(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}