From 6d0f4bc27686edfc7bd82662b62e453810eb37de Mon Sep 17 00:00:00 2001 From: Upo Date: Thu, 27 Aug 2020 17:14:10 +0100 Subject: [PATCH] Add Erase Windows VSS support to compute disk (#3898) Co-authored-by: Cameron Thornton --- products/compute/api.yaml | 32 +++++++--- .../terraform/examples/disk_basic.tf.erb | 2 +- .../terraform/examples/stateful_igm.tf.erb | 2 +- .../terraform/examples/stateful_rigm.tf.erb | 2 +- .../tests/resource_compute_disk_test.go.erb | 61 +++++++++++++++++++ 5 files changed, 89 insertions(+), 10 deletions(-) diff --git a/products/compute/api.yaml b/products/compute/api.yaml index 82a8004caef7..4b2c109ed5f6 100644 --- a/products/compute/api.yaml +++ b/products/compute/api.yaml @@ -2636,10 +2636,6 @@ objects: required: true - !ruby/object:Api::Resource name: 'Disk' - # TODO(nelsonjr): Implement disk special actions as defined in the API: - # - resize - # - createSnapshot - # - setLabels kind: 'compute#disk' input: true base_url: projects/{{project}}/zones/{{zone}}/disks @@ -2717,6 +2713,11 @@ objects: name: 'kmsKeyName' description: | The name of the encryption key that is stored in Google Cloud KMS. + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. input: true - !ruby/object:Api::Type::String name: 'sourceImageId' @@ -2762,6 +2763,11 @@ objects: Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. input: true - !ruby/object:Api::Type::ResourceRef name: 'sourceSnapshot' @@ -2799,6 +2805,11 @@ objects: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. output: true + - !ruby/object:Api::Type::String + name: 'kmsKeyServiceAccount' + description: | + The service account used for the encryption request for the given KMS key. + If absent, the Compute Engine Service Agent service account is used. input: true - !ruby/object:Api::Type::String name: 'sourceSnapshotId' @@ -2900,6 +2911,13 @@ objects: description: | URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. + - !ruby/object:Api::Type::Boolean + name: 'eraseWindowsVssSignature' + min_version: beta + default_value: false + description: | + Specifies whether the disk restored from a source snapshot + should erase Windows specific VSS signature. - !ruby/object:Api::Type::String name: 'sourceImage' description: | @@ -2908,14 +2926,14 @@ objects: To create a disk with one of the public operating system images, specify the image by its family name. For example, specify - family/debian-8 to use the latest Debian 8 image: + family/debian-9 to use the latest Debian 9 image: - projects/debian-cloud/global/images/family/debian-8 + projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: - projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD + projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a private image that you created, specify the image name in the following format: diff --git a/templates/terraform/examples/disk_basic.tf.erb b/templates/terraform/examples/disk_basic.tf.erb index 7e3028d9b806..1a77ffa348ea 100644 --- a/templates/terraform/examples/disk_basic.tf.erb +++ b/templates/terraform/examples/disk_basic.tf.erb @@ -2,7 +2,7 @@ resource "google_compute_disk" "default" { name = "<%= ctx[:vars]['disk_name'] %>" type = "pd-ssd" zone = "us-central1-a" - image = "debian-8-jessie-v20170523" + image = "debian-9-stretch-v20200805" labels = { environment = "dev" } diff --git a/templates/terraform/examples/stateful_igm.tf.erb b/templates/terraform/examples/stateful_igm.tf.erb index 4df648bb26a8..47ab2f33b50f 100644 --- a/templates/terraform/examples/stateful_igm.tf.erb +++ b/templates/terraform/examples/stateful_igm.tf.erb @@ -42,7 +42,7 @@ resource "google_compute_disk" "default" { name = "test-disk-%{random_suffix}" type = "pd-ssd" zone = google_compute_instance_group_manager.igm.zone - image = "debian-8-jessie-v20170523" + image = "debian-9-stretch-v20200805" physical_block_size_bytes = 4096 } diff --git a/templates/terraform/examples/stateful_rigm.tf.erb b/templates/terraform/examples/stateful_rigm.tf.erb index c6ca87ac404b..85e0ed9e31e9 100644 --- a/templates/terraform/examples/stateful_rigm.tf.erb +++ b/templates/terraform/examples/stateful_rigm.tf.erb @@ -42,7 +42,7 @@ resource "google_compute_disk" "default" { name = "test-disk-%{random_suffix}" type = "pd-ssd" zone = "us-central1-a" - image = "debian-8-jessie-v20170523" + image = "debian-9-stretch-v20200805" physical_block_size_bytes = 4096 } diff --git a/third_party/terraform/tests/resource_compute_disk_test.go.erb b/third_party/terraform/tests/resource_compute_disk_test.go.erb index ff086a01cb8a..5bb3be13b51f 100644 --- a/third_party/terraform/tests/resource_compute_disk_test.go.erb +++ b/third_party/terraform/tests/resource_compute_disk_test.go.erb @@ -457,6 +457,32 @@ func TestAccComputeDisk_resourcePolicies(t *testing.T) { } <% end -%> +<% unless version == 'ga' -%> +func TestAccComputeDisk_VSSWindows(t *testing.T) { + t.Parallel() + + diskName := fmt.Sprintf("tf-test-%s", randString(t, 10)) + firstDiskName := fmt.Sprintf("tf-test-%s", randString(t, 10)) + snapshotName := fmt.Sprintf("tf-test-%s", randString(t, 10)) + projectName := getTestProjectFromEnv() + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccComputeDisk_WindowsVSS(firstDiskName, projectName, snapshotName, diskName), + }, + { + ResourceName: "google_compute_disk.foobar", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} +<% end -%> + func testAccCheckComputeDiskExists(t *testing.T, n, p string, disk *compute.Disk) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -775,3 +801,38 @@ resource "google_compute_disk" "foobar" { `, policyName, diskName) } <% end -%> + + +<% unless version == 'ga' -%> +func testAccComputeDisk_WindowsVSS(firstDiskName, projectName, snapshotName, diskName string) string { + return fmt.Sprintf(` +resource "google_compute_disk" "sourcedisk" { + name = "d1-%s" + image = "windows-server-2019-dc-v20200813" + size = 50 + type = "pd-ssd" + zone = "us-central1-a" + project = "%s" +} + +resource "google_compute_snapshot" "snapdisk" { + name = "%s" + source_disk = google_compute_disk.sourcedisk.name + zone = "us-central1-a" + project = "%s" +} + +resource "google_compute_disk" "foobar" { + name = "%s" + snapshot = google_compute_snapshot.snapdisk.self_link + size = 50 + type = "pd-ssd" + zone = "us-central1-a" + erase_windows_vss_signature = true + timeouts { + create = "10m" + } +} +`, firstDiskName, projectName, snapshotName, projectName, diskName) +} +<% end -%>