diff --git a/.changelog/4234.txt b/.changelog/4234.txt new file mode 100644 index 00000000000..56e758a1b4c --- /dev/null +++ b/.changelog/4234.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +runtimeconfig: marked value and text fields in `google_runtimeconfig_variable` resource as sensitive +``` diff --git a/google/resource_runtimeconfig_variable.go b/google/resource_runtimeconfig_variable.go index ecd49781a83..010ee25cf54 100644 --- a/google/resource_runtimeconfig_variable.go +++ b/google/resource_runtimeconfig_variable.go @@ -43,15 +43,17 @@ func resourceRuntimeconfigVariable() *schema.Resource { }, "value": { - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"text"}, + Type: schema.TypeString, + Optional: true, + Sensitive: true, + ExactlyOneOf: []string{"text", "value"}, }, "text": { - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"value"}, + Type: schema.TypeString, + Optional: true, + Sensitive: true, + ExactlyOneOf: []string{"text", "value"}, }, "update_time": { @@ -188,13 +190,9 @@ func resourceRuntimeconfigVariableParseFullName(fullName string) (project, confi // newRuntimeconfigVariableFromResourceData builds a new runtimeconfig.Variable struct from the data stored in a // schema.ResourceData. Also returns the full name of the parent. Returns nil, "", err upon error. func newRuntimeconfigVariableFromResourceData(d *schema.ResourceData, project string) (variable *runtimeconfig.Variable, parent string, err error) { - // Validate that both text and value are not set - text, textSet := d.GetOk("text") - value, valueSet := d.GetOk("value") - if !textSet && !valueSet { - return nil, "", fmt.Errorf("You must specify one of value or text.") - } + text := d.Get("text") + value := d.Get("value") // TODO(selmanj) here we assume it's a simple name, not a full name. Should probably support full name as well parent = d.Get("parent").(string) @@ -206,7 +204,7 @@ func newRuntimeconfigVariableFromResourceData(d *schema.ResourceData, project st Name: fullName, } - if textSet { + if text != "" { variable.Text = text.(string) } else { variable.Value = value.(string) diff --git a/google/resource_runtimeconfig_variable_test.go b/google/resource_runtimeconfig_variable_test.go index fab6eacde03..104143f29bb 100644 --- a/google/resource_runtimeconfig_variable_test.go +++ b/google/resource_runtimeconfig_variable_test.go @@ -2,13 +2,12 @@ package google import ( "fmt" - "regexp" "testing" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "google.golang.org/api/runtimeconfig/v1beta1" + runtimeconfig "google.golang.org/api/runtimeconfig/v1beta1" ) func TestAccRuntimeconfigVariable_basic(t *testing.T) { @@ -107,38 +106,6 @@ func TestAccRuntimeconfigVariable_basicValue(t *testing.T) { }) } -func TestAccRuntimeconfigVariable_errorsOnBothValueAndText(t *testing.T) { - // Unit test, no HTTP interactions - skipIfVcr(t) - t.Parallel() - - vcrTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccRuntimeconfigVariable_invalidBothTextValue(randString(t, 10)), - ExpectError: regexp.MustCompile("conflicts with"), - }, - }, - }) -} - -func TestAccRuntimeconfigVariable_errorsOnMissingValueAndText(t *testing.T) { - t.Parallel() - - vcrTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccRuntimeconfigVariable_invalidMissingTextValue(randString(t, 10)), - ExpectError: regexp.MustCompile("You must specify one of value or text"), - }, - }, - }) -} - func testAccCheckRuntimeconfigVariableExists(t *testing.T, resourceName string, variable *runtimeconfig.Variable) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[resourceName] @@ -268,31 +235,3 @@ resource "google_runtimeconfig_variable" "foobar" { } `, suffix, name, value) } - -func testAccRuntimeconfigVariable_invalidBothTextValue(suffix string) string { - return fmt.Sprintf(` -resource "google_runtimeconfig_config" "foobar" { - name = "some-config-%s" -} - -resource "google_runtimeconfig_variable" "foobar" { - parent = google_runtimeconfig_config.foobar.name - name = "%s" - text = "here's my value" - value = "Zm9vYmFyCg==" -} -`, suffix, suffix) -} - -func testAccRuntimeconfigVariable_invalidMissingTextValue(suffix string) string { - return fmt.Sprintf(` -resource "google_runtimeconfig_config" "foobar" { - name = "some-config-%s" -} - -resource "google_runtimeconfig_variable" "foobar" { - parent = google_runtimeconfig_config.foobar.name - name = "my-variable-namespace/%s" -} -`, suffix, suffix) -}