RouterBgpPeer BFD support

[drebes]

Release Note Template for Downstream PRs (will be copied)

compute: Added `bfd` to `google_compute_router_peer`

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 36 insertions(+))
Terraform Beta: Diff ( 3 files changed, 561 insertions(+))

[drebes]

This is causing a panic here:

func flattenComputeRouterBgpPeerBfd(v interface{}, d *schema.ResourceData, config *Config) interface{} {
        if v == nil {
                return v
        }
        l := v.([]interface{})

when we read back the bfd block and try to flatten it:

$ make testacc TEST=./google-beta TESTARGS='-run=TestAccComputeRouterPeer_basic'
==> Checking source code against gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 TF_SCHEMA_PANIC_ON_ERROR=1 go test ./google-beta -v -run=TestAccComputeRouterPeer_basic -timeout 240m -ldflags="-X=github.com/terraform-providers/terraform-provider-google-beta/version.ProviderVersion=acc"
=== RUN   TestAccComputeRouterPeer_basic
=== PAUSE TestAccComputeRouterPeer_basic
=== CONT  TestAccComputeRouterPeer_basic
panic: interface conversion: interface {} is map[string]interface {}, not []interface {}

goroutine 572 [running]:
github.com/terraform-providers/terraform-provider-google-beta/google-beta.flattenComputeRouterBgpPeerBfd(0x32c6b60, 0xc000ebe0f0, 0xc000028460, 0xc000897800, 0xc0000ed068, 0x0)
	/Users/drebes/Development/go/src/github.com/terraform-providers/terraform-provider-google-beta/google-beta/resource_compute_router_bgp_peer.go:643 +0x5f1
github.com/terraform-providers/terraform-provider-google-beta/google-beta.resourceComputeRouterBgpPeerRead(0xc000028460, 0x339f140, 0xc000897800, 0x2, 0x2)
...

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 43 insertions(+), 3 deletions(-))
Terraform Beta: Diff ( 3 files changed, 567 insertions(+), 3 deletions(-))

[danawillow]

Tests are failing:

TestAccComputeRouterPeer_enable
  === RUN   TestAccComputeRouterPeer_enable
=== PAUSE TestAccComputeRouterPeer_enable
=== CONT  TestAccComputeRouterPeer_enable
--- FAIL: TestAccComputeRouterPeer_enable (272.74s)
    testing.go:635: Step 2 error: errors during apply:
        
        Error: Error updating RouterBgpPeer "projects/ci-test-project-188019/regions/us-central1/routers/router-peer-test-bveczl1ojl/router-peer-test-bveczl1ojl": googleapi: Error 400: Invalid value for field '': ''. Bgp Peer Enable field is not supported yet., invalid
        
          on /opt/teamcity-agent/temp/buildTmp/tf-test516292606/main.tf line 78:
          (source code not available)
        
        
FAIL

TestAccComputeRouterPeer_bfd
  === RUN   TestAccComputeRouterPeer_bfd
=== PAUSE TestAccComputeRouterPeer_bfd
=== CONT  TestAccComputeRouterPeer_bfd
--- FAIL: TestAccComputeRouterPeer_bfd (273.17s)
    testing.go:635: Step 2 error: errors during apply:
        
        Error: Error updating RouterBgpPeer "projects/ci-test-project-188019/regions/us-central1/routers/router-peer-test-b33119hwzx/router-peer-test-b33119hwzx": googleapi: Error 400: Invalid value for field 'project': 'ci-test-project-188019'. Bgp Peer BFD Min Transmit Interval field is not supported yet., invalid
        
          on /opt/teamcity-agent/temp/buildTmp/tf-test782931738/main.tf line 78:
          (source code not available)
        
        
FAIL

[danawillow]

Does "true" work here or does it have to be all caps?

[drebes]

Surprisingly it does. Regarding your errors this is because the feature is currently in closed Beta requiring project whitelisting, otherwise the fields are unavailable (and a reason why we shouldn't merge before the open Beta is launched, and the enable = TRUE by default will fail if the project is not whitelisted).

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 43 insertions(+), 3 deletions(-))
Terraform Beta: Diff ( 3 files changed, 572 insertions(+), 3 deletions(-))

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 43 insertions(+), 3 deletions(-))
Terraform Beta: Diff ( 3 files changed, 571 insertions(+), 3 deletions(-))

[drebes]

Tests all pass now, but as it still requires project whitelisting we should hold on merging as it would break peers on TPGB.

$ make testacc TEST=./google-beta TESTARGS='-run=TestAccComputeRouterPeer'
==> Checking source code against gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 TF_SCHEMA_PANIC_ON_ERROR=1 go test ./google-beta -v -run=TestAccComputeRouterPeer -timeout 240m -ldflags="-X=github.com/terraform-providers/terraform-provider-google-beta/version.ProviderVersion=acc"
=== RUN   TestAccComputeRouterPeer_basic
=== PAUSE TestAccComputeRouterPeer_basic
=== RUN   TestAccComputeRouterPeer_advertiseMode
=== PAUSE TestAccComputeRouterPeer_advertiseMode
=== RUN   TestAccComputeRouterPeer_enable
=== PAUSE TestAccComputeRouterPeer_enable
=== RUN   TestAccComputeRouterPeer_bfd
=== PAUSE TestAccComputeRouterPeer_bfd
=== CONT  TestAccComputeRouterPeer_basic
=== CONT  TestAccComputeRouterPeer_bfd
=== CONT  TestAccComputeRouterPeer_enable
=== CONT  TestAccComputeRouterPeer_advertiseMode
--- PASS: TestAccComputeRouterPeer_advertiseMode (185.63s)
--- PASS: TestAccComputeRouterPeer_basic (205.13s)
--- PASS: TestAccComputeRouterPeer_bfd (221.41s)
--- PASS: TestAccComputeRouterPeer_enable (227.80s)
PASS
ok  	github.com/terraform-providers/terraform-provider-google-beta/google-beta	227.851s

[danawillow]

@drebes what's the current status on this?

[drebes]

Sorry, mixed this with the firewall one. This is on hold as the public beta is delayed.

[drebes]

BFD finally made it to Public Preview. Unfortunately, BFD on Cloud Routers attached to VPN tunnels has been removed so there is no easy way to implement acceptance tests (Only Partner and Dedicated Interconnect is supported, but Partner interconnected manages the interface and BGP peer automatically, so can't be used for acceptance testing).

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 68 insertions(+), 9 deletions(-))
Terraform Beta: Diff ( 12 files changed, 270 insertions(+), 22 deletions(-))

[drebes]

Added integration tests, using VPN. VPN accepts the bfd field as long as the state is set to DISABLED, so we use that.

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 402 insertions(+), 9 deletions(-))
Terraform Beta: Diff ( 10 files changed, 406 insertions(+), 12 deletions(-))

[modular-magician]

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccCloudbuildWorkerPool_withNetwork|TestAccCloudFunctionsFunction_vpcConnector|TestAccComputeFirewallPolicyRule_update|TestAccComputeForwardingRule_update|TestAccComputeInstanceFromMachineImage_basic|TestAccComputeInstanceFromMachineImage_overrideMetadataDotStartupScript|TestAccComputeInstanceFromMachineImage_diffProject|TestAccComputeOrganizationSecurityPolicyAssociation_organizationSecurityPolicyAssociationBasicExample|TestAccComputeOrganizationSecurityPolicy_organizationSecurityPolicyUpdateExample|TestAccComputeOrganizationSecurityPolicyRule_organizationSecurityPolicyRuleUpdateExample|TestAccComputeRegionNetworkEndpointGroup_regionNetworkEndpointGroupAppengineExample|TestAccComputeRouterPeer_bfd|TestAccContainerAnalysisOccurrence_multipleSignatures|TestAccContainerNodePool_ephemeralStorageConfig|TestAccServiceNetworkingPeeredDNSDomain_basic|TestAccSqlUser_postgresIAM You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=213519

[rileykarson]

Hey! Just noting I've seen this and it's in my inbox as a task, I'll get to it within a couple of days.

[modular-magician]

Tests failed during RECORDING mode: TestAccComputeOrganizationSecurityPolicyRule_organizationSecurityPolicyRuleUpdateExample|TestAccCloudbuildWorkerPool_withNetwork|TestAccContainerAnalysisOccurrence_multipleSignatures|TestAccComputeFirewallPolicyRule_update|TestAccContainerNodePool_ephemeralStorageConfig|TestAccComputeInstanceFromMachineImage_basic|TestAccComputeInstanceFromMachineImage_overrideMetadataDotStartupScript|TestAccComputeRegionNetworkEndpointGroup_regionNetworkEndpointGroupAppengineExample|TestAccCloudFunctionsFunction_vpcConnector|TestAccComputeInstanceFromMachineImage_diffProject|TestAccSqlUser_postgresIAM Please fix these to complete your PR

[rileykarson]

What stops us from making this the example? It's a lot of config but if that's required to use the feature, I don't see a problem documenting it! See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_service_attachment#example-usage---service-attachment-basic for example

[drebes]

BFD doesn't make much sense for VPN right now as it can only be DISABLED. A more realistic example is to use it with interconnect but that can't be tested due to the APIs. I'm OK making this a proper example once BFD support for VPN is added, though.

[rileykarson]

SGTM, thanks!