Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add certificate_map to compute_target_ssl_proxy #6443

Conversation

pawel-grz-krawczyk
Copy link
Contributor

@pawel-grz-krawczyk pawel-grz-krawczyk commented Aug 22, 2022

Add certificate_map option to compute_target_ssl_proxy in order to support new certificate-manager (with wildcard support).

Similar PR: #5991

If this PR is for Terraform, I acknowledge that I have:

  • Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
  • Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
  • Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
  • Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
  • Read the Release Notes Guide before writing my release note below.
compute: added `certificate_map` to `compute_target_ssl_proxy` resource

@modular-magician
Copy link
Collaborator

Oops! It looks like no changelog entry is attached to this PR. Please include a release note block in the PR body, as described in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md:

```release-note:TYPE
Release note
```

@modular-magician
Copy link
Collaborator

Hello! I am a robot who works on Magic Modules PRs.

I've detected that you're a community contributor. @c2thorn, a repository maintainer, has been assigned to assist you and help review your changes.

❓ First time contributing? Click here for more details

Your assigned reviewer will help review your code by:

  • Ensuring it's backwards compatible, covers common error cases, etc.
  • Summarizing the change into a user-facing changelog note.
  • Passes tests, either our "VCR" suite, a set of presubmit tests, or with manual test runs.

You can help make sure that review is quick by running local tests and ensuring they're passing in between each push you make to your PR's branch. Also, try to leave a comment with each push you make, as pushes generally don't generate emails.

If your reviewer doesn't get back to you within a week after your most recent change, please feel free to leave a comment on the issue asking them to take a look! In the absence of a dedicated review dashboard most maintainers manage their pending reviews through email, and those will sometimes get lost in their inbox.


@pawel-grz-krawczyk pawel-grz-krawczyk changed the title Compute certificate manager Add certificate_map to compute_target_ssl_proxy Aug 22, 2022
@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 197 insertions(+), 25 deletions(-))
Terraform Beta: Diff ( 3 files changed, 197 insertions(+), 25 deletions(-))
TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 0
Passed tests 0
Skipped tests: 0
Failed tests: 0

Errors occurred during REPLAYING mode. Please fix them to complete your PR
View the build log

@pawel-grz-krawczyk
Copy link
Contributor Author

pawel-grz-krawczyk commented Aug 23, 2022

I ran acceptance test:

make testacc TEST=./google TESTARGS='-run=TestAccComputeTargetSslProxy_update'

I got the following error:

go generate  ./...
TF_ACC=1 TF_SCHEMA_PANIC_ON_ERROR=1 go test ./google -v -run=TestAccComputeTargetSslProxy_update -timeout 240m -ldflags="-X=github.com/hashicorp/terraform-provider-google/version.ProviderVersion=acc"
=== RUN   TestAccComputeTargetSslProxy_update
    provider_test.go:445: One of GOOGLE_CREDENTIALS, GOOGLE_CLOUD_KEYFILE_JSON, GCLOUD_KEYFILE_JSON, GOOGLE_APPLICATION_CREDENTIALS, GOOGLE_USE_DEFAULT_CREDENTIALS must be set for acceptance tests
--- FAIL: TestAccComputeTargetSslProxy_update (0.00s)
FAIL
FAIL    github.com/hashicorp/terraform-provider-google/google   0.312s
FAIL
make: *** [GNUmakefile:15: testacc] Error 1

Any ideas how to fix it? Is it problem with the way I ran the test or maybe the code needs to be updated?

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 193 insertions(+), 26 deletions(-))
Terraform Beta: Diff ( 3 files changed, 193 insertions(+), 26 deletions(-))
TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2140
Passed tests 1900
Skipped tests: 228
Failed tests: 12

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccComputeTargetSslProxy_update|TestAccSqlDatabaseInstance_SqlServerAuditConfig|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudFunctions2Function_fullUpdate|TestAccCGCSnippet_eventarcWorkflowsExample|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccComputeTargetSslProxy_update[view]
TestAccCloudFunctions2Function_fullUpdate[view]
TestAccCGCSnippet_eventarcWorkflowsExample[view]
TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view]
TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view]

Tests failed during RECORDING mode:
TestAccSqlDatabaseInstance_SqlServerAuditConfig[view]
TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[view]
TestAccComputeInstance_networkPerformanceConfig[view]
TestAccComputeInstance_soleTenantNodeAffinities[view]
TestAccComputeGlobalForwardingRule_internalLoadBalancing[view]
TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view]

Please fix these to complete your PR
View the build log or the debug log for each test

@pawel-grz-krawczyk
Copy link
Contributor Author

TestAccComputeTargetSslProxy_update has passed. Not passing tests seem to be unrelated to the change in this PR, looks like flakiness.

Copy link
Member

@c2thorn c2thorn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution @pawel-grz-krawczyk. Just requesting an update to the test

provider_test.go:445: One of GOOGLE_CREDENTIALS, GOOGLE_CLOUD_KEYFILE_JSON, GCLOUD_KEYFILE_JSON, GOOGLE_APPLICATION_CREDENTIALS, GOOGLE_USE_DEFAULT_CREDENTIALS must be set for acceptance tests

You'll need to set some sort of credential, check out https://github.com/hashicorp/terraform-provider-google/blob/main/.github/CONTRIBUTING.md#running-tests

You are correct in assuming other failing tests are not related

),
},
{
Config: testAccComputeTargetSslProxy_certificateMap(resourceSuffix),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we test the update function of certificate_map similar to how the ssl_certificates field is tested?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you elaborate? What exactly does "similar" mean?

The only difference that I see is that in certificate_map case we use different resource name format than in ssl_certificates:

certificate_map = "//certificatemanager.googleapis.com/${google_certificate_manager_certificate_map.map.id}"

vs

ssl_certificates = [google_compute_ssl_certificate.bar.name]

I'm not sure whether this format is necessary, I've seen it in one of tests though: mmv1/third_party/terraform/tests/resource_compute_target_https_proxy_test.go.erb

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the ambiguity. In testAccComputeTargetSslProxy_basic1, ssl_certificates is set to google_compute_ssl_policy.foo.self_link. It is updated to google_compute_ssl_certificate.bar.name in testAccComputeTargetSslProxy_basic2.

I wanted to test out the update functionality of certificate_map (especially as it uses a update_verb and separate update_url) by adding a step where we update the value. However you think that should be done

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done (similar to testAccComputeTargetSslProxy_basic1 and testAccComputeTargetSslProxy_basic2)

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 259 insertions(+), 26 deletions(-))
Terraform Beta: Diff ( 3 files changed, 259 insertions(+), 26 deletions(-))
TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2151
Passed tests 1906
Skipped tests: 233
Failed tests: 12

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccComputeTargetSslProxy_update|TestAccFirebaserulesRelease_BasicRelease|TestAccSqlDatabaseInstance_SqlServerAuditConfig|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCGCSnippet_eventarcWorkflowsExample|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudFunctions2Function_fullUpdate|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccFirebaserulesRelease_BasicRelease[Debug log]
TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[Debug log]
TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[Debug log]
TestAccCloudFunctions2Function_fullUpdate[Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[Debug log]

Tests failed during RECORDING mode:
TestAccComputeTargetSslProxy_update[Error message] [Debug log]
TestAccSqlDatabaseInstance_SqlServerAuditConfig[Error message] [Debug log]
TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[Error message] [Debug log]
TestAccComputeInstance_soleTenantNodeAffinities[Error message] [Debug log]
TestAccComputeGlobalForwardingRule_internalLoadBalancing[Error message] [Debug log]
TestAccCGCSnippet_eventarcWorkflowsExample[Error message] [Debug log]
TestAccCloudRunService_cloudRunServiceStaticOutboundExample[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 259 insertions(+), 26 deletions(-))
Terraform Beta: Diff ( 3 files changed, 259 insertions(+), 26 deletions(-))
TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 2151
Passed tests 1910
Skipped tests: 233
Failed tests: 8

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccComputeTargetSslProxy_update|TestAccFirebaserulesRelease_BasicRelease|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccSqlDatabaseInstance_SqlServerAuditConfig|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample

@modular-magician
Copy link
Collaborator

Tests passed during RECORDING mode:
TestAccComputeTargetSslProxy_update[Debug log]
TestAccFirebaserulesRelease_BasicRelease[Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[Debug log]

Tests failed during RECORDING mode:
TestAccComputeInstance_soleTenantNodeAffinities[Error message] [Debug log]
TestAccComputeGlobalForwardingRule_internalLoadBalancing[Error message] [Debug log]
TestAccCloudRunService_cloudRunServiceStaticOutboundExample[Error message] [Debug log]
TestAccSqlDatabaseInstance_SqlServerAuditConfig[Error message] [Debug log]
TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[Error message] [Debug log]

Please fix these to complete your PR
View the build log or the debug log for each test

Copy link
Member

@c2thorn c2thorn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants