Add update support to serverTlsPolicy field in region_target_https_pr…

…oxy (#11184)
GoogleCloudPlatform · Aug 6, 2024 · 6a47cfc · 6a47cfc
1 parent 9ec8aa0
commit 6a47cfc
Show file tree

Hide file tree

Showing 3 changed files with 383 additions and 3 deletions.
diff --git a/mmv1/products/compute/RegionTargetHttpsProxy.yaml b/mmv1/products/compute/RegionTargetHttpsProxy.yaml
@@ -204,3 +204,13 @@ properties:
       INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
       loadBalancingScheme consult ServerTlsPolicy documentation.
       If left blank, communications are not encrypted.
+
+      If you remove this field from your configuration at the same time as
+      deleting or recreating a referenced ServerTlsPolicy resource, you will
+      receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+      within the ServerTlsPolicy resource to avoid this.
+    update_id: 'serverTlsPolicy'
+    fingerprint_name: 'fingerprint'
+    update_verb: :PATCH
+    update_url:
+      'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}'
diff --git a/mmv1/templates/terraform/encoders/compute_region_target_https_proxy.go.erb b/mmv1/templates/terraform/encoders/compute_region_target_https_proxy.go.erb
@@ -7,4 +7,12 @@ if _, ok := obj["certificateManagerCertificates"]; ok {
 	obj["sslCertificates"] = obj["certificateManagerCertificates"]
 	delete(obj, "certificateManagerCertificates")
 }
-return obj, nil
+
+// Send null if serverTlsPolicy is not set. Without this, Terraform would not send any value for `serverTlsPolicy`
+// in the "PATCH" payload so if you were to remove a server TLS policy from a target HTTPS proxy, it would NOT remove
+// the association.
+if _, ok := obj["serverTlsPolicy"]; !ok {
+	obj["serverTlsPolicy"] = nil
+}
+
+return obj, nil