Add Erase Windows VSS support to compute disk (#3898)

Co-authored-by: Cameron Thornton <[email protected]>
GoogleCloudPlatform · Aug 27, 2020 · 6d0f4bc · 6d0f4bc
1 parent 44f84cd
commit 6d0f4bc
Show file tree

Hide file tree

Showing 5 changed files with 89 additions and 10 deletions.
diff --git a/products/compute/api.yaml b/products/compute/api.yaml
@@ -2636,10 +2636,6 @@ objects:
         required: true
   - !ruby/object:Api::Resource
     name: 'Disk'
-    # TODO(nelsonjr): Implement disk special actions as defined in the API:
-    # - resize
-    # - createSnapshot
-    # - setLabels
     kind: 'compute#disk'
     input: true
     base_url: projects/{{project}}/zones/{{zone}}/disks
@@ -2717,6 +2713,11 @@ objects:
             name: 'kmsKeyName'
             description: |
               The name of the encryption key that is stored in Google Cloud KMS.
+          - !ruby/object:Api::Type::String
+            name: 'kmsKeyServiceAccount'
+            description: |
+              The service account used for the encryption request for the given KMS key. 
+              If absent, the Compute Engine Service Agent service account is used.
         input: true
       - !ruby/object:Api::Type::String
         name: 'sourceImageId'
@@ -2762,6 +2763,11 @@ objects:
               Your project's Compute Engine System service account
               (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have
               `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature.
+          - !ruby/object:Api::Type::String
+            name: 'kmsKeyServiceAccount'
+            description: |
+              The service account used for the encryption request for the given KMS key. 
+              If absent, the Compute Engine Service Agent service account is used.
         input: true
       - !ruby/object:Api::Type::ResourceRef
         name: 'sourceSnapshot'
@@ -2799,6 +2805,11 @@ objects:
               The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
               encryption key that protects this resource.
             output: true
+          - !ruby/object:Api::Type::String
+            name: 'kmsKeyServiceAccount'
+            description: |
+              The service account used for the encryption request for the given KMS key. 
+              If absent, the Compute Engine Service Agent service account is used.
         input: true
       - !ruby/object:Api::Type::String
         name: 'sourceSnapshotId'
@@ -2900,6 +2911,13 @@ objects:
         description: |
           URL of the disk type resource describing which disk type to use to
           create the disk. Provide this when creating the disk.
+      - !ruby/object:Api::Type::Boolean
+        name: 'eraseWindowsVssSignature'
+        min_version: beta
+        default_value: false
+        description: |
+          Specifies whether the disk restored from a source snapshot
+          should erase Windows specific VSS signature.
       - !ruby/object:Api::Type::String
         name: 'sourceImage'
         description: |
@@ -2908,14 +2926,14 @@ objects:
 
           To create a disk with one of the public operating system images,
           specify the image by its family name. For example, specify
-          family/debian-8 to use the latest Debian 8 image:
+          family/debian-9 to use the latest Debian 9 image:
 
-          projects/debian-cloud/global/images/family/debian-8
+          projects/debian-cloud/global/images/family/debian-9
 
           Alternatively, use a specific version of a public operating system
           image:
 
-          projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
+          projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
 
           To create a disk with a private image that you created, specify the
           image name in the following format:

diff --git a/templates/terraform/examples/disk_basic.tf.erb b/templates/terraform/examples/disk_basic.tf.erb
@@ -2,7 +2,7 @@ resource "google_compute_disk" "default" {
   name  = "<%= ctx[:vars]['disk_name'] %>"
   type  = "pd-ssd"
   zone  = "us-central1-a"
-  image = "debian-8-jessie-v20170523"
+  image = "debian-9-stretch-v20200805"
   labels = {
     environment = "dev"
   }

diff --git a/templates/terraform/examples/stateful_igm.tf.erb b/templates/terraform/examples/stateful_igm.tf.erb
@@ -42,7 +42,7 @@ resource "google_compute_disk" "default" {
   name  = "test-disk-%{random_suffix}"
   type  = "pd-ssd"
   zone  = google_compute_instance_group_manager.igm.zone
-  image = "debian-8-jessie-v20170523"
+  image = "debian-9-stretch-v20200805"
   physical_block_size_bytes = 4096
 }
 

diff --git a/templates/terraform/examples/stateful_rigm.tf.erb b/templates/terraform/examples/stateful_rigm.tf.erb
@@ -42,7 +42,7 @@ resource "google_compute_disk" "default" {
   name  = "test-disk-%{random_suffix}"
   type  = "pd-ssd"
   zone  = "us-central1-a"
-  image = "debian-8-jessie-v20170523"
+  image = "debian-9-stretch-v20200805"
   physical_block_size_bytes = 4096
 }
 

diff --git a/third_party/terraform/tests/resource_compute_disk_test.go.erb b/third_party/terraform/tests/resource_compute_disk_test.go.erb
@@ -457,6 +457,32 @@ func TestAccComputeDisk_resourcePolicies(t *testing.T) {
 }
 <% end -%>
 
+<% unless version == 'ga' -%>
+func TestAccComputeDisk_VSSWindows(t *testing.T) {
+	t.Parallel()
+
+	diskName := fmt.Sprintf("tf-test-%s", randString(t, 10))
+	firstDiskName := fmt.Sprintf("tf-test-%s", randString(t, 10))
+	snapshotName := fmt.Sprintf("tf-test-%s", randString(t, 10))
+	projectName := getTestProjectFromEnv()
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeDisk_WindowsVSS(firstDiskName, projectName, snapshotName, diskName),
+			},
+			{
+				ResourceName:      "google_compute_disk.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+<% end -%>
+
 func testAccCheckComputeDiskExists(t *testing.T, n, p string, disk *compute.Disk) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[n]
@@ -775,3 +801,38 @@ resource "google_compute_disk" "foobar" {
 `, policyName, diskName)
 }
 <% end -%>
+
+
+<% unless version == 'ga' -%>
+func testAccComputeDisk_WindowsVSS(firstDiskName, projectName, snapshotName, diskName string) string {
+	return fmt.Sprintf(`
+resource "google_compute_disk" "sourcedisk" {
+  name    = "d1-%s"
+  image   = "windows-server-2019-dc-v20200813"
+  size    = 50
+  type    = "pd-ssd"
+  zone    = "us-central1-a"
+  project = "%s"
+}
+
+resource "google_compute_snapshot" "snapdisk" {
+  name        = "%s"
+  source_disk = google_compute_disk.sourcedisk.name
+  zone        = "us-central1-a"
+  project     = "%s"
+}
+
+resource "google_compute_disk" "foobar" {
+  name                        = "%s"
+  snapshot                    = google_compute_snapshot.snapdisk.self_link
+  size                        = 50
+  type                        = "pd-ssd"
+  zone                        = "us-central1-a"
+  erase_windows_vss_signature = true
+  timeouts {
+    create = "10m"
+  }
+}
+`, firstDiskName, projectName, snapshotName, projectName, diskName)
+}
+<% end -%>