From 601e7b22dd30d326a38715324932010ca2faa8d3 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 6 Apr 2024 22:55:34 +0300
Subject: [PATCH 1/5] routine

---
 .../bigquerydatapolicy/DataPolicy.yaml        | 21 +++++++++++-
 ...gquery_datapolicy_data_policy_basic.tf.erb | 34 +++++++++----------
 ...uery_datapolicy_data_policy_routine.tf.erb | 34 +++++++++++++++++++
 3 files changed, 71 insertions(+), 18 deletions(-)
 create mode 100644 mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb

diff --git a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
index 4f6df8f2bd7c..2bbd38659e00 100644
--- a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
+++ b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
@@ -48,6 +48,16 @@ examples:
     vars:
       data_policy_id: 'data_policy'
       taxonomy: 'taxonomy'
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'bigquery_datapolicy_data_policy_routine'
+    primary_resource_id: 'data_policy'
+    primary_resource_name:
+      'fmt.Sprintf("tf_test_data_policy%s", context["random_suffix"])'
+    vars:
+      data_policy_id: 'data_policy'
+      taxonomy: 'taxonomy'
+      dataset_id: 'dataset_id'
+      routine_id: 'routine_id'
 properties:
   - !ruby/object:Api::Type::String
     name: name
@@ -88,7 +98,9 @@ properties:
     properties:
       - !ruby/object:Api::Type::Enum
         name: 'predefinedExpression'
-        required: true
+        exactly_one_of:
+          - data_masking_policy.0.predefined_expression
+          - data_masking_policy.0.routine
         description: |-
           The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
         values:
@@ -99,3 +111,10 @@ properties:
           - :FIRST_FOUR_CHARACTERS
           - :EMAIL_MASK
           - :DATE_YEAR_MASK
+      - !ruby/object:Api::Type::String
+        exactly_one_of:
+          - data_masking_policy.0.predefined_expression
+          - data_masking_policy.0.routine
+        name: routine
+        description: |-
+          The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}.
\ No newline at end of file
diff --git a/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_basic.tf.erb b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_basic.tf.erb
index caedf28e80c7..395e8fbac5b3 100644
--- a/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_basic.tf.erb
+++ b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_basic.tf.erb
@@ -1,19 +1,19 @@
 resource "google_bigquery_datapolicy_data_policy" "<%= ctx[:primary_resource_id] %>" {
-    location         = "us-central1"
-    data_policy_id   = "<%= ctx[:vars]['data_policy_id'] %>"
-    policy_tag       = google_data_catalog_policy_tag.policy_tag.name
-    data_policy_type = "COLUMN_LEVEL_SECURITY_POLICY"
-  }
+  location         = "us-central1"
+  data_policy_id   = "<%= ctx[:vars]['data_policy_id'] %>"
+  policy_tag       = google_data_catalog_policy_tag.policy_tag.name
+  data_policy_type = "COLUMN_LEVEL_SECURITY_POLICY"
+}
 
-  resource "google_data_catalog_policy_tag" "policy_tag" {
-    taxonomy     = google_data_catalog_taxonomy.taxonomy.id
-    display_name = "Low security"
-    description  = "A policy tag normally associated with low security items"
-  }
-  
-  resource "google_data_catalog_taxonomy" "taxonomy" {
-    region                 = "us-central1"
-    display_name           = "<%= ctx[:vars]['taxonomy'] %>"
-    description            = "A collection of policy tags"
-    activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
-  }
\ No newline at end of file
+resource "google_data_catalog_policy_tag" "policy_tag" {
+  taxonomy     = google_data_catalog_taxonomy.taxonomy.id
+  display_name = "Low security"
+  description  = "A policy tag normally associated with low security items"
+}
+
+resource "google_data_catalog_taxonomy" "taxonomy" {
+  region                 = "us-central1"
+  display_name           = "<%= ctx[:vars]['taxonomy'] %>"
+  description            = "A collection of policy tags"
+  activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
+}
\ No newline at end of file
diff --git a/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb
new file mode 100644
index 000000000000..e8270a75d2fc
--- /dev/null
+++ b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb
@@ -0,0 +1,34 @@
+resource "google_bigquery_datapolicy_data_policy" "<%= ctx[:primary_resource_id] %>" {
+  location         = "us-central1"
+  data_policy_id   = "<%= ctx[:vars]['data_policy_id'] %>"
+  policy_tag       = google_data_catalog_policy_tag.policy_tag.name
+  data_policy_type = "DATA_MASKING_POLICY"  
+  data_masking_policy {
+    routine               = google_bigquery_routine.test.id
+  }
+}
+
+resource "google_data_catalog_policy_tag" "policy_tag" {
+  taxonomy     = google_data_catalog_taxonomy.taxonomy.id
+  display_name = "Low security"
+  description  = "A policy tag normally associated with low security items"
+}
+  
+resource "google_data_catalog_taxonomy" "taxonomy" {
+  region                 = "us-central1"
+  display_name           = "<%= ctx[:vars]['taxonomy'] %>"
+  description            = "A collection of policy tags"
+  activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
+}
+
+resource "google_bigquery_dataset" "test" {
+  dataset_id = "<%= ctx[:vars]['dataset_id'] %>"
+}
+
+resource "google_bigquery_routine" "test" {
+  dataset_id      = google_bigquery_dataset.test.dataset_id
+  routine_id      = "<%= ctx[:vars]['routine_id'] %>"
+  routine_type    = "PROCEDURE"
+  language        = "SQL"
+  definition_body = "CREATE FUNCTION Add(x FLOAT64, y FLOAT64) RETURNS FLOAT64 AS (x + y);"
+}
\ No newline at end of file

From c138caf7b2bcadcbc0c2ba06a1649d3ff0fdb6d4 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 6 Apr 2024 23:12:51 +0300
Subject: [PATCH 2/5] fix

---
 .../bigquerydatapolicy/DataPolicy.yaml        |  2 +-
 ...uery_datapolicy_data_policy_routine.tf.erb | 22 +++++++++++++------
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
index 2bbd38659e00..f46774b0a095 100644
--- a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
+++ b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
@@ -57,7 +57,6 @@ examples:
       data_policy_id: 'data_policy'
       taxonomy: 'taxonomy'
       dataset_id: 'dataset_id'
-      routine_id: 'routine_id'
 properties:
   - !ruby/object:Api::Type::String
     name: name
@@ -116,5 +115,6 @@ properties:
           - data_masking_policy.0.predefined_expression
           - data_masking_policy.0.routine
         name: routine
+        diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress'
         description: |-
           The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}.
\ No newline at end of file
diff --git a/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb
index e8270a75d2fc..a270ebab8188 100644
--- a/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb
+++ b/mmv1/templates/terraform/examples/bigquery_datapolicy_data_policy_routine.tf.erb
@@ -4,7 +4,7 @@ resource "google_bigquery_datapolicy_data_policy" "<%= ctx[:primary_resource_id]
   policy_tag       = google_data_catalog_policy_tag.policy_tag.name
   data_policy_type = "DATA_MASKING_POLICY"  
   data_masking_policy {
-    routine               = google_bigquery_routine.test.id
+    routine = google_bigquery_routine.custom_masking_routine.id
   }
 }
 
@@ -23,12 +23,20 @@ resource "google_data_catalog_taxonomy" "taxonomy" {
 
 resource "google_bigquery_dataset" "test" {
   dataset_id = "<%= ctx[:vars]['dataset_id'] %>"
+  location   = "us-central1"
 }
 
-resource "google_bigquery_routine" "test" {
-  dataset_id      = google_bigquery_dataset.test.dataset_id
-  routine_id      = "<%= ctx[:vars]['routine_id'] %>"
-  routine_type    = "PROCEDURE"
-  language        = "SQL"
-  definition_body = "CREATE FUNCTION Add(x FLOAT64, y FLOAT64) RETURNS FLOAT64 AS (x + y);"
+resource "google_bigquery_routine" "custom_masking_routine" {
+	dataset_id           = google_bigquery_dataset.test.dataset_id
+	routine_id           = "custom_masking_routine"
+	routine_type         = "SCALAR_FUNCTION"
+	language             = "SQL"
+	data_governance_type = "DATA_MASKING"
+	definition_body      = "SAFE.REGEXP_REPLACE(ssn, '[0-9]', 'X')"
+	return_type          = "{\"typeKind\" :  \"STRING\"}"
+
+	arguments {
+	  name = "ssn"
+	  data_type = "{\"typeKind\" :  \"STRING\"}"
+	} 
 }
\ No newline at end of file

From f52c36d3d0521609668b378dbb55d4d21960441f Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 6 Apr 2024 23:18:08 +0300
Subject: [PATCH 3/5] fix

---
 mmv1/products/bigquerydatapolicy/DataPolicy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
index f46774b0a095..1463ecae2791 100644
--- a/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
+++ b/mmv1/products/bigquerydatapolicy/DataPolicy.yaml
@@ -117,4 +117,4 @@ properties:
         name: routine
         diff_suppress_func: 'tpgresource.ProjectNumberDiffSuppress'
         description: |-
-          The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}.
\ No newline at end of file
+          The name of the BigQuery routine that contains the custom masking routine, in the format of projects/{projectNumber}/datasets/{dataset_id}/routines/{routine_id}.

From b056665d9b29130d8713fec0d474118980638b13 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Mon, 15 Apr 2024 22:39:31 +0300
Subject: [PATCH 4/5] routine update

---
 ...ce_bigquery_datapolicy_data_policy_test.go | 90 +++++++++++++++++++
 1 file changed, 90 insertions(+)

diff --git a/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go b/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
index bb323b8681bd..f3ba0ee04ac8 100644
--- a/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
+++ b/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
@@ -35,6 +35,34 @@ func TestAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyUpdate(t *t
 	})
 }
 
+func TestAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineExample(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckBigqueryDatapolicyDataPolicyDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineExample(context),
+			},
+			{
+				ResourceName:            "google_bigquery_datapolicy_data_policy.data_policy",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"location"},
+			},
+			{
+				Config: testAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineUpdate(context),
+			},
+		},
+	})
+}
+
 func testAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyUpdate(context map[string]interface{}) string {
 	return acctest.Nprintf(`
 resource "google_bigquery_datapolicy_data_policy" "data_policy" {
@@ -74,3 +102,65 @@ resource "google_bigquery_datapolicy_data_policy" "data_policy" {
   }
 `, context)
 }
+
+func testAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineUpdate(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_bigquery_datapolicy_data_policy" "data_policy" {
+  location         = "us-central1"
+  data_policy_id   = "tf_test_data_policy%{random_suffix}"
+  policy_tag       = google_data_catalog_policy_tag.policy_tag.name
+  data_policy_type = "DATA_MASKING_POLICY"  
+  data_masking_policy {
+    routine = google_bigquery_routine.custom_masking_routine_updated.id
+  }
+}
+
+resource "google_data_catalog_policy_tag" "policy_tag" {
+  taxonomy     = google_data_catalog_taxonomy.taxonomy.id
+  display_name = "Low security"
+  description  = "A policy tag normally associated with low security items"
+}
+  
+resource "google_data_catalog_taxonomy" "taxonomy" {
+  region                 = "us-central1"
+  display_name           = "taxonomy%{random_suffix}"
+  description            = "A collection of policy tags"
+  activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
+}
+
+resource "google_bigquery_dataset" "test" {
+  dataset_id = "tf_test_dataset_id%{random_suffix}"
+  location   = "us-central1"
+}
+
+resource "google_bigquery_routine" "custom_masking_routine" {
+	dataset_id           = google_bigquery_dataset.test.dataset_id
+	routine_id           = "custom_masking_routine"
+	routine_type         = "SCALAR_FUNCTION"
+	language             = "SQL"
+	data_governance_type = "DATA_MASKING"
+	definition_body      = "SAFE.REGEXP_REPLACE(ssn, '[0-9]', 'X')"
+	return_type          = "{\"typeKind\" :  \"STRING\"}"
+
+	arguments {
+	  name = "ssn"
+	  data_type = "{\"typeKind\" :  \"STRING\"}"
+	} 
+}
+
+resource "google_bigquery_routine" "custom_masking_routine_updated" {
+	dataset_id           = google_bigquery_dataset.test.dataset_id
+	routine_id           = "custom_masking_routine_update"
+	routine_type         = "SCALAR_FUNCTION"
+	language             = "SQL"
+	data_governance_type = "DATA_MASKING"
+	definition_body      = "SAFE.REGEXP_REPLACE(ssn, '[0-9]', 'X')"
+	return_type          = "{\"typeKind\" :  \"STRING\"}"
+
+	arguments {
+	  name = "ssn"
+	  data_type = "{\"typeKind\" :  \"STRING\"}"
+	} 
+}
+`, context)
+}

From 6fe065c7d0c57fcc84438d8d4bac9c0b6ed84172 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Mon, 15 Apr 2024 22:42:30 +0300
Subject: [PATCH 5/5] routine update

---
 .../resource_bigquery_datapolicy_data_policy_test.go            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go b/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
index f3ba0ee04ac8..7725a32b062b 100644
--- a/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
+++ b/mmv1/third_party/terraform/services/bigquerydatapolicy/resource_bigquery_datapolicy_data_policy_test.go
@@ -35,7 +35,7 @@ func TestAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyUpdate(t *t
 	})
 }
 
-func TestAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineExample(t *testing.T) {
+func TestAccBigqueryDatapolicyDataPolicy_bigqueryDatapolicyDataPolicyRoutineUpdate(t *testing.T) {
 	t.Parallel()
 
 	context := map[string]interface{}{