From 489f02dede9615a6443dae7bb9ca29c3ad3461ad Mon Sep 17 00:00:00 2001
From: Sam Levenick <slevenick@google.com>
Date: Fri, 13 Sep 2019 17:38:11 -0700
Subject: [PATCH] Add endpoints service IAM

---
 products/endpoints/api.yaml                   | 40 +++++++++++++++++++
 products/endpoints/terraform.yaml             | 39 ++++++++++++++++++
 .../terraform/examples/endpoints_iam.tf.erb   | 14 +++++++
 templates/terraform/iam/iam_context.go.erb    |  3 ++
 4 files changed, 96 insertions(+)
 create mode 100644 products/endpoints/api.yaml
 create mode 100644 products/endpoints/terraform.yaml
 create mode 100644 templates/terraform/examples/endpoints_iam.tf.erb

diff --git a/products/endpoints/api.yaml b/products/endpoints/api.yaml
new file mode 100644
index 000000000000..8383fe0bfe14
--- /dev/null
+++ b/products/endpoints/api.yaml
@@ -0,0 +1,40 @@
+# Copyright 2017 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# TODO(nelsonjr): Make all Zone and Region resource ref
+
+--- !ruby/object:Api::Product
+name: Endpoints
+display_name: Endpoints Service
+versions:
+  - !ruby/object:Api::Product::Version
+    name: ga
+    base_url: https://servicemanagement.googleapis.com/v1/
+scopes:
+  - https://www.googleapis.com/auth/cloudplatform
+apis_required:
+  - !ruby/object:Api::Product::ApiReference
+    name: Service Management API
+    url: https://console.cloud.google.com/apis/library/servicemanagement.googleapis.com/
+objects:
+  - !ruby/object:Api::Resource
+    name: 'Service'
+    base_url: services
+    self_link: services/{{serviceName}}
+    description: |
+      A service that is managed by Google Service Management
+    properties:
+      - !ruby/object:Api::Type::String
+        name: 'serviceName'
+        description: The name of the service.
+        required: true
\ No newline at end of file
diff --git a/products/endpoints/terraform.yaml b/products/endpoints/terraform.yaml
new file mode 100644
index 000000000000..290de42f2922
--- /dev/null
+++ b/products/endpoints/terraform.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Provider::Terraform::Config
+overrides: !ruby/object:Overrides::ResourceOverrides
+  Service: !ruby/object:Overrides::Terraform::ResourceOverride
+    id_format: 'services/{{serviceName}}'
+    import_format: ["services/{{serviceName}}"]
+    exclude_resource: true
+    iam_policy: !ruby/object:Api::Resource::IamPolicy
+      parent_resource_attribute: 'service_name'
+      method_name_separator: ':'
+      fetch_iam_policy_verb: :POST
+      exclude: false
+    examples:
+      - !ruby/object:Provider::Terraform::Examples
+        name: "endpoints_iam"
+        primary_resource_id: "endpoints_service"
+        primary_resource_name: "fmt.Sprintf(\"endpoint%s.endpoints.%s.cloud.goog\", context[\"random_suffix\"], context[\"project_name\"])"
+        vars:
+          name: "endpoint"
+        test_env_vars:
+          project_name: :PROJECT_NAME
+# This is for copying files over
+files: !ruby/object:Provider::Config::Files
+  # These files have templating (ERB) code that will be run.
+  # This is usually to add licensing info, autogeneration notices, etc.
+  compile:
+<%= lines(indent(compile('provider/terraform/product~compile.yaml'), 4)) -%>
diff --git a/templates/terraform/examples/endpoints_iam.tf.erb b/templates/terraform/examples/endpoints_iam.tf.erb
new file mode 100644
index 000000000000..2639254e9591
--- /dev/null
+++ b/templates/terraform/examples/endpoints_iam.tf.erb
@@ -0,0 +1,14 @@
+resource "google_endpoints_service" "<%= ctx[:primary_resource_id] %>" {
+  service_name = "<%= ctx[:vars]["name"] %>.endpoints.<%= ctx[:test_env_vars]["project_name"] %>.cloud.goog"
+  project = "<%= ctx[:test_env_vars]["project_name"] %>"
+  grpc_config = <<EOF
+type: google.api.Service
+config_version: 3
+name: <%= ctx[:vars]["name"] %>.endpoints.<%= ctx[:test_env_vars]["project_name"] %>.cloud.goog
+usage:
+  rules:
+  - selector: endpoints.examples.bookstore.Bookstore.ListShelves
+    allow_unregistered_calls: true
+EOF
+  protoc_output_base64 = "${filebase64("test-fixtures/test_api_descriptor.pb")}"
+}
diff --git a/templates/terraform/iam/iam_context.go.erb b/templates/terraform/iam/iam_context.go.erb
index 3980906483bb..1a6e50d6bd14 100644
--- a/templates/terraform/iam/iam_context.go.erb
+++ b/templates/terraform/iam/iam_context.go.erb
@@ -8,6 +8,9 @@ context := map[string]interface{}{
 <% if var_type == :ORG_ID  -%>
 	"<%= var_name -%>": getTestOrgFromEnv(t),
 <% end -%>
+<% if var_type == :PROJECT_NAME  -%>
+	"<%= var_name -%>": getTestProjectFromEnv(),
+<% end -%>
 <% end -%>
 <% unless example.test_custom_context.nil? -%>
 <% example.test_custom_context.each do |var_name, custom_val| -%>