Add rate limit options for compute resource security policy rules

[kylejohnson514]

This PR is based off of hashicorp/terraform-provider-google-beta#3596 and includes the requested changes from that PR's feedback

Fixes hashicorp/terraform-provider-google#10020

Similar to hashicorp/terraform-provider-google#8984

If this PR is for Terraform, I acknowledge that I have:

• Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
• Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
• Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
• Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
• Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

compute: Added field `rate_limit_options` to `google_compute_security_policy` rules (beta)

[google-cla]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here with @googlebot I signed it! and we'll verify it.

---

What to do if you already signed the CLA

Individual signers

• It's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.

Corporate signers

• Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
• The email used to register you as an authorized contributor must be the email used for the Git commit. Check your existing CLA data and verify that your email is set on your git commits.
• The email used to register you as an authorized contributor must also be attached to your GitHub account.

ℹ️ Googlers: Go here for more info.

[modular-magician]

Oops! It looks like you're using an unknown release-note type in your changelog entries:

• REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

[modular-magician]

Hello! I am a robot who works on Magic Modules PRs.

I have detected that you are a community contributor, so your PR will be assigned to someone with a commit-bit on this repo for initial review.

Thanks for your contribution! A human will be with you soon.

@ndmckinley, please review this PR or find an appropriate assignee.

[kylejohnson514]

@googlebot I signed it!

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform Beta: Diff ( 2 files changed, 202 insertions(+), 11 deletions(-))

[kylejohnson514]

Hi, could I get some help with building/running tests on this? Trying to do either throws errors with output that looks like this:

go generate  ./...
go install
# github.com/hashicorp/terraform-provider-google-beta/google-beta
google-beta/resource_compute_security_policy.go:567:3: unknown field 'RateLimitOptions' in struct literal of type "google.golang.org/api/compute/v0.beta".SecurityPolicyRule
google-beta/resource_compute_security_policy.go:620:70: rule.RateLimitOptions undefined (type *"google.golang.org/api/compute/v0.beta".SecurityPolicyRule has no field or method RateLimitOptions)
google-beta/resource_compute_security_policy.go:722:74: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptions
google-beta/resource_compute_security_policy.go:728:10: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptions
google-beta/resource_compute_security_policy.go:739:49: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptionsThreshold
google-beta/resource_compute_security_policy.go:745:10: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptionsThreshold
google-beta/resource_compute_security_policy.go:751:54: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptions
google-beta/resource_compute_security_policy.go:769:29: undefined: "google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptionsThreshold
make: *** [build] Error 2

However, if you visit https://pkg.go.dev/google.golang.org/api/compute/v0.beta#SecurityPolicyRule , you can see that SecurityPolicyRule contains RateLimitOptions *SecurityPolicyRuleRateLimitOptions 'json:"rateLimitOptions,omitempty"'

[modular-magician]

Oops! It looks like you're using an unknown release-note type in your changelog entries:

• REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

[modular-magician]

Oops! It looks like you're using an unknown release-note type in your changelog entries:

• REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 30 insertions(+))
Terraform Beta: Diff ( 3 files changed, 232 insertions(+), 11 deletions(-))

[kylejohnson514]

Bumping this to get a set of eyes on it for review

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 30 insertions(+))
Terraform Beta: Diff ( 3 files changed, 230 insertions(+), 11 deletions(-))

[nat-henderson]

Looks like we're seeing compile errors:

go install
# github.com/hashicorp/terraform-provider-google-beta/google-beta
google-beta/resource_compute_security_policy.go:718:3: cannot use data["ban_duration_sec"].(int) (type int) as type int64 in field value
google-beta/resource_compute_security_policy.go:729:3: cannot use data["count"].(int) (type int) as type int64 in field value
google-beta/resource_compute_security_policy.go:730:3: cannot use data["interval_sec"].(int) (type int) as type int64 in field value
google-beta/resource_compute_security_policy.go:740:48: conf.Threshold undefined (type *"google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptions has no field or method Threshold)
google-beta/resource_compute_security_policy.go:741:48: conf.Threshold undefined (type *"google.golang.org/api/compute/v0.beta".SecurityPolicyRuleRateLimitOptions has no field or method Threshold)
make: *** [build] Error 2
GNUmakefile:9: recipe for target 'build' failed

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 1 file changed, 30 insertions(+))
Terraform Beta: Diff ( 3 files changed, 230 insertions(+), 11 deletions(-))

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 246 insertions(+), 12 deletions(-))

[rileykarson]

I think the cause of the error has been fixed (I think it was being run in the GA provider, where the field wasn't added?)

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 51 insertions(+), 19 deletions(-))
Terraform Beta: Diff ( 4 files changed, 264 insertions(+), 30 deletions(-))

[modular-magician]

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccDatasourceGoogleServiceNetworkingPeeredDnsDomain_basic|TestAccApigeeEnvironmentIamBindingGenerated|TestAccApigeeEnvironmentIamMemberGenerated|TestAccApigeeEnvironmentIamPolicyGenerated|TestAccCloudRunService_cloudRunServiceSecretVolumesExample|TestAccCloudbuildWorkerPool_basic|TestAccInstanceGroupManager_waitForStatus|TestAccComputeRegionBackendService_withBackendInternalManaged|TestAccComputeSecurityPolicy_withRateLimitOptions|TestAccContainerNodePool_withInvalidUpgradeSettings|TestAccServiceNetworkingPeeredDNSDomain_basic|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccPrivatecaCertificate_privatecaCertificateConfigExample|TestAccPrivatecaCertificate_privatecaCertificateNoAuthorityExample You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=243882

[kylejohnson514]

@rileykarson any ideas to help get my local working to run tests? looks like we're still failing

[rileykarson]

I'm not sure what's causing the issues you ran in to- I'd make sure your copies of both repos are relatively in sync, goimports is installed, and you run the generation command again. The failure indicated in that message is a false positive (there's no recording because the test is new) but the RECORDING step failed too:

------- Stdout: -------
=== RUN   TestAccComputeSecurityPolicy_withRateLimitOptions
=== PAUSE TestAccComputeSecurityPolicy_withRateLimitOptions
=== CONT  TestAccComputeSecurityPolicy_withRateLimitOptions
provider_test.go:286: Step 1/2 error: Error running pre-apply refresh: exit status 1
There are some problems with the CLI configuration:
Error: The specified plugin cache dir /opt/teamcity-agent/work/2e51954ade9939a/.provider-cache cannot be opened: stat /opt/teamcity-agent/work/2e51954ade9939a/.provider-cache: no such file or directory
As a result of the above problems, Terraform may not behave as intended.
Error: expected rule.0.action to be one of [allow deny(403) deny(404) deny(502) rate_based_ban threshold], got throttle
on terraform_plugin_test.tf line 2, in resource "google_compute_security_policy" "policy":
2: resource "google_compute_security_policy" "policy" {
--- FAIL: TestAccComputeSecurityPolicy_withRateLimitOptions (6.90s)
FAIL

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 246 insertions(+), 12 deletions(-))

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 282 insertions(+), 12 deletions(-))

[kylejohnson514]

@rileykarson I figured out my local env (woo!) and these tests are running successfully now. Can you try to kick off gbcrun?

[rileykarson]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 282 insertions(+), 12 deletions(-))

[rileykarson]

Looks like the tests timed out because the agent was full- started a manual run (https://ci-oss.hashicorp.engineering/buildConfiguration/GoogleCloudBeta_ProviderGoogleCloudBetaMmUpstream/246237 for my convenience, although that'll be access restricted for you)

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 282 insertions(+), 12 deletions(-))

[rileykarson]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 282 insertions(+), 12 deletions(-))
TF Validator: Diff ( 2 files changed, 33 insertions(+), 1 deletion(-))

[rileykarson]

Test passed, LGTM

Reference for maintainers: https://ci-oss.hashicorp.engineering/buildConfiguration/GoogleCloudBeta_ProviderGoogleCloudBetaMmUpstream/250520?buildTab=tests&status=passed