-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add bigtable instance IAM resources #3939
Add bigtable instance IAM resources #3939
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! Just a few small comments so far.
Do you mind splitting the vendoring updates to a separate PR (you can follow this guide if you can't get go mod vendor
to work), and updating the bottom of https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/provider_reference.html.markdown with the custom endpoint reference as well?
google/config.go
Outdated
bigtableClientFactory *BigtableClientFactory | ||
bigtableClientFactory *BigtableClientFactory | ||
BigtableAdminBasePath string | ||
clientBigtableInstances *bigtableadmin.ProjectsInstancesService |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
clientBigtableInstances *bigtableadmin.ProjectsInstancesService | |
// Unlike other clients, the Bigtable Admin client doesn't use a single | |
// service. Instead, there are several distinct services created off | |
// the base service object. To imitate most other handwritten clients, | |
// we expose those directly instead of providing the `Service` object | |
// as a factory. | |
clientBigtableProjectsInstances *bigtableadmin.ProjectsInstancesService |
Let's call this clientBigtableProjectsInstances
to match the service name. Also adding a comment to make it clear why bigtable is different than other clients.
@@ -427,6 +430,16 @@ func (c *Config) LoadAndValidate() error { | |||
TokenSource: tokenSource, | |||
} | |||
|
|||
bigtableAdminBasePath := removeBasePathVersion(c.BigtableAdminBasePath) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mind adding a logging message similar to other clients? This is mostly for consistency, it can also help with debugging if the value isn't being set.
google/iam_bigtable_instance.go
Outdated
out := &bigtableadmin.Policy{} | ||
err := Convert(p, out) | ||
if err != nil { | ||
return nil, errwrap.Wrapf("Cannot convert a dataproc policy to a cloudresourcemanager policy: {{err}}", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return nil, errwrap.Wrapf("Cannot convert a dataproc policy to a cloudresourcemanager policy: {{err}}", err) | |
return nil, errwrap.Wrapf("Cannot convert a bigtable policy to a cloudresourcemanager policy: {{err}}", err) |
google/iam_bigtable_instance.go
Outdated
out := &cloudresourcemanager.Policy{} | ||
err := Convert(p, out) | ||
if err != nil { | ||
return nil, errwrap.Wrapf("Cannot convert a cloudresourcemanager policy to a dataproc policy: {{err}}", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return nil, errwrap.Wrapf("Cannot convert a cloudresourcemanager policy to a dataproc policy: {{err}}", err) | |
return nil, errwrap.Wrapf("Cannot convert a cloudresourcemanager policy to a bigtable policy: {{err}}", err) |
@@ -227,6 +227,17 @@ var StorageTransferCustomEndpointEntry = &schema.Schema{ | |||
}, StorageTransferDefaultBasePath), | |||
} | |||
|
|||
var BigtableAdminDefaultBasePath = "https://bigtableadmin.googleapis.com/v2/" | |||
var BigtableAdminCustomEndpointEntryKey = "bigtableadmin_custom_endpoint" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
var BigtableAdminCustomEndpointEntryKey = "bigtableadmin_custom_endpoint" | |
var BigtableAdminCustomEndpointEntryKey = "bigtable_custom_endpoint" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Internally, let's keep "Bigtable Admin", but externally we publish resources as "Bigtable" so for user-facing values let's use that naming.
Optional: true, | ||
ValidateFunc: validateCustomEndpoint, | ||
DefaultFunc: schema.MultiEnvDefaultFunc([]string{ | ||
"GOOGLE_BIGTABLE_ADMIN_CUSTOM_ENDPOINT", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"GOOGLE_BIGTABLE_ADMIN_CUSTOM_ENDPOINT", | |
"GOOGLE_BIGTABLE_CUSTOM_ENDPOINT", |
1b9523c
to
f954028
Compare
@rileykarson Thanks for reviewing this! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Merged the vendoring PR, do you mind rebasing / merging master?
@@ -217,6 +217,7 @@ be used for configuration are below: | |||
|
|||
* `access_context_manager_custom_endpoint` (`GOOGLE_ACCESS_CONTEXT_MANAGER_CUSTOM_ENDPOINT`) - `https://accesscontextmanager.googleapis.com/v1/` | |||
* `app_engine_custom_endpoint` (`GOOGLE_APP_ENGINE_CUSTOM_ENDPOINT`) - `https://appengine.googleapis.com/v1/` | |||
* `bigtable_custom_endpoint` (`GOOGLE_BIGTABLE_CUSTOM_ENDPOINT`) - `https://bigtableadmin.googleapis.com/v2/` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I think this goes after bigquery
alphabetically?
Added relevant docs and tests
f954028
to
470472a
Compare
@rileykarson Rebased and done with suggested changes. Thanks for the review! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your great work @sandlis! I'll upstream this to Magic Modules so the changes are applied to google-beta
too, and then merge this PR.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
Currently, there is no way in Terraform to manage IAM roles for Bigtable Instances.
This PR adds support for that.