diff --git a/.changelog/9930.txt b/.changelog/9930.txt new file mode 100644 index 00000000000..e3eab1dbac7 --- /dev/null +++ b/.changelog/9930.txt @@ -0,0 +1,3 @@ +```release-note:new-resource +`google_firebase_app_check_debug_token` +``` \ No newline at end of file diff --git a/google/provider/provider_mmv1_resources.go b/google/provider/provider_mmv1_resources.go index 9c3be682f65..9d3057d5ad9 100644 --- a/google/provider/provider_mmv1_resources.go +++ b/google/provider/provider_mmv1_resources.go @@ -385,9 +385,9 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{ } // Resources -// Generated resources: 378 +// Generated resources: 379 // Generated IAM resources: 225 -// Total generated resources: 603 +// Total generated resources: 604 var generatedResources = map[string]*schema.Resource{ "google_folder_access_approval_settings": accessapproval.ResourceAccessApprovalFolderSettings(), "google_organization_access_approval_settings": accessapproval.ResourceAccessApprovalOrganizationSettings(), @@ -723,6 +723,7 @@ var generatedResources = map[string]*schema.Resource{ "google_filestore_backup": filestore.ResourceFilestoreBackup(), "google_filestore_instance": filestore.ResourceFilestoreInstance(), "google_filestore_snapshot": filestore.ResourceFilestoreSnapshot(), + "google_firebase_app_check_debug_token": firebaseappcheck.ResourceFirebaseAppCheckDebugToken(), "google_firebase_app_check_service_config": firebaseappcheck.ResourceFirebaseAppCheckServiceConfig(), "google_firestore_backup_schedule": firestore.ResourceFirestoreBackupSchedule(), "google_firestore_database": firestore.ResourceFirestoreDatabase(), diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_debug_token.go b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token.go new file mode 100644 index 00000000000..57fd618ca03 --- /dev/null +++ b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token.go @@ -0,0 +1,369 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck + +import ( + "fmt" + "log" + "reflect" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func ResourceFirebaseAppCheckDebugToken() *schema.Resource { + return &schema.Resource{ + Create: resourceFirebaseAppCheckDebugTokenCreate, + Read: resourceFirebaseAppCheckDebugTokenRead, + Update: resourceFirebaseAppCheckDebugTokenUpdate, + Delete: resourceFirebaseAppCheckDebugTokenDelete, + + Importer: &schema.ResourceImporter{ + State: resourceFirebaseAppCheckDebugTokenImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + CustomizeDiff: customdiff.All( + tpgresource.DefaultProviderProject, + ), + + Schema: map[string]*schema.Schema{ + "app_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `The ID of a +[Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id), +[Apple App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.iosApps#IosApp.FIELDS.app_id), +or [Android App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.androidApps#AndroidApp.FIELDS.app_id)`, + }, + "display_name": { + Type: schema.TypeString, + Required: true, + Description: `A human readable display name used to identify this debug token.`, + }, + "token": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `The secret token itself. Must be provided during creation, and must be a UUID4, +case insensitive. You may use a method of your choice such as random/random_uuid +to generate the token. + +This field is immutable once set, and cannot be updated. You can, however, delete +this debug token to revoke it. + +For security reasons, this field will never be populated in any response.`, + Sensitive: true, + }, + "debug_token_id": { + Type: schema.TypeString, + Computed: true, + Description: `The last segment of the resource name of the debug token.`, + }, + "project": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + }, + UseJSONNumber: true, + } +} + +func resourceFirebaseAppCheckDebugTokenCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + displayNameProp, err := expandFirebaseAppCheckDebugTokenDisplayName(d.Get("display_name"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("display_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(displayNameProp)) && (ok || !reflect.DeepEqual(v, displayNameProp)) { + obj["displayName"] = displayNameProp + } + tokenProp, err := expandFirebaseAppCheckDebugTokenToken(d.Get("token"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("token"); !tpgresource.IsEmptyValue(reflect.ValueOf(tokenProp)) && (ok || !reflect.DeepEqual(v, tokenProp)) { + obj["token"] = tokenProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new DebugToken: %#v", obj) + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for DebugToken: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "POST", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating DebugToken: %s", err) + } + if err := d.Set("debug_token_id", flattenFirebaseAppCheckDebugTokenDebugTokenId(res["name"], d, config)); err != nil { + return fmt.Errorf(`Error setting computed identity field "debug_token_id": %s`, err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating DebugToken %q: %#v", d.Id(), res) + + return resourceFirebaseAppCheckDebugTokenRead(d, meta) +} + +func resourceFirebaseAppCheckDebugTokenRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for DebugToken: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("FirebaseAppCheckDebugToken %q", d.Id())) + } + + if err := d.Set("project", project); err != nil { + return fmt.Errorf("Error reading DebugToken: %s", err) + } + + if err := d.Set("debug_token_id", flattenFirebaseAppCheckDebugTokenDebugTokenId(res["name"], d, config)); err != nil { + return fmt.Errorf("Error reading DebugToken: %s", err) + } + if err := d.Set("display_name", flattenFirebaseAppCheckDebugTokenDisplayName(res["displayName"], d, config)); err != nil { + return fmt.Errorf("Error reading DebugToken: %s", err) + } + + return nil +} + +func resourceFirebaseAppCheckDebugTokenUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for DebugToken: %s", err) + } + billingProject = project + + obj := make(map[string]interface{}) + displayNameProp, err := expandFirebaseAppCheckDebugTokenDisplayName(d.Get("display_name"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("display_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, displayNameProp)) { + obj["displayName"] = displayNameProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return err + } + + log.Printf("[DEBUG] Updating DebugToken %q: %#v", d.Id(), obj) + updateMask := []string{} + + if d.HasChange("display_name") { + updateMask = append(updateMask, "displayName") + } + // updateMask is a URL parameter but not present in the schema, so ReplaceVars + // won't set it + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) + if err != nil { + return err + } + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + // if updateMask is empty we are not updating anything so skip the post + if len(updateMask) > 0 { + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutUpdate), + }) + + if err != nil { + return fmt.Errorf("Error updating DebugToken %q: %s", d.Id(), err) + } else { + log.Printf("[DEBUG] Finished updating DebugToken %q: %#v", d.Id(), res) + } + + } + + return resourceFirebaseAppCheckDebugTokenRead(d, meta) +} + +func resourceFirebaseAppCheckDebugTokenDelete(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for DebugToken: %s", err) + } + billingProject = project + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return err + } + + var obj map[string]interface{} + log.Printf("[DEBUG] Deleting DebugToken %q", d.Id()) + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "DELETE", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutDelete), + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, "DebugToken") + } + + log.Printf("[DEBUG] Finished deleting DebugToken %q: %#v", d.Id(), res) + return nil +} + +func resourceFirebaseAppCheckDebugTokenImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + if err := tpgresource.ParseImportId([]string{ + "^projects/(?P[^/]+)/apps/(?P[^/]+)/debugTokens/(?P[^/]+)$", + "^(?P[^/]+)/(?P[^/]+)/(?P[^/]+)$", + "^(?P[^/]+)/(?P[^/]+)$", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func flattenFirebaseAppCheckDebugTokenDebugTokenId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return v + } + return tpgresource.NameFromSelfLinkStateFunc(v) +} + +func flattenFirebaseAppCheckDebugTokenDisplayName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func expandFirebaseAppCheckDebugTokenDisplayName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandFirebaseAppCheckDebugTokenToken(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_generated_test.go b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_generated_test.go new file mode 100644 index 00000000000..c2dff94d980 --- /dev/null +++ b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_generated_test.go @@ -0,0 +1,127 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck_test + +import ( + "fmt" + "strings" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func TestAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenBasicExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token": "5E728315-E121-467F-BCA1-1FE71130BB98", + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + CheckDestroy: testAccCheckFirebaseAppCheckDebugTokenDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenBasicExample(context), + }, + { + ResourceName: "google_firebase_app_check_debug_token.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"token", "app_id"}, + }, + }, + }) +} + +func testAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenBasicExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_firebase_web_app" "default" { + project = "%{project_id}" + display_name = "Web App for debug token" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_debug_token" "default" { + project = "%{project_id}" + app_id = google_firebase_web_app.default.app_id + display_name = "Debug Token%{random_suffix}" + token = "%{token}" + + depends_on = [time_sleep.wait_30s] +} +`, context) +} + +func testAccCheckFirebaseAppCheckDebugTokenDestroyProducer(t *testing.T) func(s *terraform.State) error { + return func(s *terraform.State) error { + for name, rs := range s.RootModule().Resources { + if rs.Type != "google_firebase_app_check_debug_token" { + continue + } + if strings.HasPrefix(name, "data.") { + continue + } + + config := acctest.GoogleProviderConfig(t) + + url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}") + if err != nil { + return err + } + + billingProject := "" + + if config.BillingProject != "" { + billingProject = config.BillingProject + } + + _, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: config.UserAgent, + }) + if err == nil { + return fmt.Errorf("FirebaseAppCheckDebugToken still exists at %s", url) + } + } + + return nil + } +} diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_sweeper.go b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_sweeper.go new file mode 100644 index 00000000000..9e983f7ae95 --- /dev/null +++ b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_sweeper.go @@ -0,0 +1,143 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck + +import ( + "context" + "log" + "strings" + "testing" + + "github.com/hashicorp/terraform-provider-google/google/envvar" + "github.com/hashicorp/terraform-provider-google/google/sweeper" + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func init() { + sweeper.AddTestSweepers("FirebaseAppCheckDebugToken", testSweepFirebaseAppCheckDebugToken) +} + +// At the time of writing, the CI only passes us-central1 as the region +func testSweepFirebaseAppCheckDebugToken(region string) error { + resourceName := "FirebaseAppCheckDebugToken" + log.Printf("[INFO][SWEEPER_LOG] Starting sweeper for %s", resourceName) + + config, err := sweeper.SharedConfigForRegion(region) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error getting shared config for region: %s", err) + return err + } + + err = config.LoadAndValidate(context.Background()) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error loading: %s", err) + return err + } + + t := &testing.T{} + billingId := envvar.GetTestBillingAccountFromEnv(t) + + // Setup variables to replace in list template + d := &tpgresource.ResourceDataMock{ + FieldsInSchema: map[string]interface{}{ + "project": config.Project, + "region": region, + "location": region, + "zone": "-", + "billing_account": billingId, + }, + } + + listTemplate := strings.Split("https://firebaseappcheck.googleapis.com/v1/projects/{{project}}/apps/{{app_id}}/debugTokens", "?")[0] + listUrl, err := tpgresource.ReplaceVars(d, config, listTemplate) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error preparing sweeper list url: %s", err) + return nil + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: config.Project, + RawURL: listUrl, + UserAgent: config.UserAgent, + }) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] Error in response from request %s: %s", listUrl, err) + return nil + } + + resourceList, ok := res["debugTokens"] + if !ok { + log.Printf("[INFO][SWEEPER_LOG] Nothing found in response.") + return nil + } + + rl := resourceList.([]interface{}) + + log.Printf("[INFO][SWEEPER_LOG] Found %d items in %s list response.", len(rl), resourceName) + // Keep count of items that aren't sweepable for logging. + nonPrefixCount := 0 + for _, ri := range rl { + obj := ri.(map[string]interface{}) + var name string + // Id detected in the delete URL, attempt to use id. + if obj["id"] != nil { + name = tpgresource.GetResourceNameFromSelfLink(obj["id"].(string)) + } else if obj["name"] != nil { + name = tpgresource.GetResourceNameFromSelfLink(obj["name"].(string)) + } else { + log.Printf("[INFO][SWEEPER_LOG] %s resource name and id were nil", resourceName) + return nil + } + // Skip resources that shouldn't be sweeped + if !sweeper.IsSweepableTestResource(name) { + nonPrefixCount++ + continue + } + + deleteTemplate := "https://firebaseappcheck.googleapis.com/v1/projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}" + deleteUrl, err := tpgresource.ReplaceVars(d, config, deleteTemplate) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error preparing delete url: %s", err) + return nil + } + deleteUrl = deleteUrl + name + + // Don't wait on operations as we may have a lot to delete + _, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "DELETE", + Project: config.Project, + RawURL: deleteUrl, + UserAgent: config.UserAgent, + }) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] Error deleting for url %s : %s", deleteUrl, err) + } else { + log.Printf("[INFO][SWEEPER_LOG] Sent delete request for %s resource: %s", resourceName, name) + } + } + + if nonPrefixCount > 0 { + log.Printf("[INFO][SWEEPER_LOG] %d items were non-sweepable and skipped.", nonPrefixCount) + } + + return nil +} diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_test.go b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_test.go new file mode 100644 index 00000000000..26345c544bf --- /dev/null +++ b/google/services/firebaseappcheck/resource_firebase_app_check_debug_token_test.go @@ -0,0 +1,83 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package firebaseappcheck_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" +) + +func TestAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "display_name": "Debug Token 1", + "token": "5E728315-E121-467F-BCA1-1FE71130BB98", + } + + contextUpdated := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "display_name": "Debug Token 2", + "token": "5E728315-E121-467F-BCA1-1FE71130BB98", + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + CheckDestroy: testAccCheckFirebaseAppCheckDebugTokenDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenTemplate(context), + }, + { + ResourceName: "google_firebase_app_check_debug_token.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"token", "app_id"}, + }, + { + Config: testAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenTemplate(contextUpdated), + }, + { + ResourceName: "google_firebase_app_check_debug_token.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"token", "app_id"}, + }, + }, + }) +} + +func testAccFirebaseAppCheckDebugToken_firebaseAppCheckDebugTokenTemplate(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_firebase_web_app" "default" { + project = "%{project_id}" + display_name = "Web App for debug token" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_debug_token" "default" { + project = "%{project_id}" + app_id = google_firebase_web_app.default.app_id + display_name = "%{display_name}" + token = "%{token}" + + depends_on = [time_sleep.wait_30s] +} +`, context) +} diff --git a/website/docs/r/firebase_app_check_debug_token.html.markdown b/website/docs/r/firebase_app_check_debug_token.html.markdown new file mode 100644 index 00000000000..5fe294250b3 --- /dev/null +++ b/website/docs/r/firebase_app_check_debug_token.html.markdown @@ -0,0 +1,147 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Firebase App Check" +description: |- + A debug token is a secret used during the development or integration testing of + an app. +--- + +# google\_firebase\_app\_check\_debug\_token + +A debug token is a secret used during the development or integration testing of +an app. It essentially allows the development or integration testing to bypass +app attestation while still allowing App Check to enforce protection on supported +production Firebase services. + + +To get more information about DebugToken, see: + +* [API documentation](https://firebase.google.com/docs/reference/appcheck/rest/v1/projects.apps.debugTokens) +* How-to Guides + * [Official Documentation](https://firebase.google.com/docs/app-check) + +~> **Warning:** All arguments including the following potentially sensitive +values will be stored in the raw state as plain text: `token`. +[Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data). + +## Example Usage - Firebase App Check Debug Token Basic + + +```hcl +resource "google_firebase_web_app" "default" { + project = "my-project-name" + display_name = "Web App for debug token" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_debug_token" "default" { + project = "my-project-name" + app_id = google_firebase_web_app.default.app_id + display_name = "Debug Token" + token = "00000000-AAAA-BBBB-CCCC-000000000000" + + depends_on = [time_sleep.wait_30s] +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `display_name` - + (Required) + A human readable display name used to identify this debug token. + +* `token` - + (Required) + The secret token itself. Must be provided during creation, and must be a UUID4, + case insensitive. You may use a method of your choice such as random/random_uuid + to generate the token. + This field is immutable once set, and cannot be updated. You can, however, delete + this debug token to revoke it. + For security reasons, this field will never be populated in any response. + **Note**: This property is sensitive and will not be displayed in the plan. + +* `app_id` - + (Required) + The ID of a + [Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id), + [Apple App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.iosApps#IosApp.FIELDS.app_id), + or [Android App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.androidApps#AndroidApp.FIELDS.app_id) + + +- - - + + +* `project` - (Optional) The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}` + +* `debug_token_id` - + The last segment of the resource name of the debug token. + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `update` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +DebugToken can be imported using any of these accepted formats: + +* `projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}` +* `{{project}}/{{app_id}}/{{debug_token_id}}` +* `{{app_id}}/{{debug_token_id}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import DebugToken using one of the formats above. For example: + +```tf +import { + id = "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}" + to = google_firebase_app_check_debug_token.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), DebugToken can be imported using one of the formats above. For example: + +``` +$ terraform import google_firebase_app_check_debug_token.default projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}} +$ terraform import google_firebase_app_check_debug_token.default {{project}}/{{app_id}}/{{debug_token_id}} +$ terraform import google_firebase_app_check_debug_token.default {{app_id}}/{{debug_token_id}} +``` + +## User Project Overrides + +This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).