Add Certificate Authority Resource (Certificate Authority Service) (#…

…4382) (#2877)

* Add resource google_privateca_certificate_authority

In Certificate Authority Service (privateca).

See
https://cloud.google.com/certificate-authority-service/docs/reference/rest/v1beta1/projects.locations.certificateAuthorities
for resource documentation.

Notes:
- This change doesn't implement support for subordinate CAs, which require
  additional customization because they must be activated.

Customizations:
- Use POST :scheduleDelete to delete the resource (delete is not supported)
- On pre_delete, POST :disable to disable the resources (required for scheduling
  deletd)
- Check resource deletion by checking that status is DELETION_PENDING

* Set key_spec input=true

Co-authored-by: Scott Suarez <[email protected]>

* Make algorithm required

Co-authored-by: Scott Suarez <[email protected]>

* Make include_ca_cert_url required.

Co-authored-by: Scott Suarez <[email protected]>

* Make include_crl_access_url required.

Co-authored-by: Scott Suarez <[email protected]>

* Mark additional required fields as required, and add createTime/updateTime.

* Fix tests by removing required markers where default_value is also set.

Co-authored-by: Scott Suarez <[email protected]>
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Scott Suarez <[email protected]>

.changelog/4382.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+`google_privateca_certificate_authority`
+```

google-beta/config.go

@@ -132,6 +132,7 @@ type Config struct {
 	NotebooksBasePath            string
 	OSConfigBasePath             string
 	OSLoginBasePath              string
+	PrivatecaBasePath            string
 	PubsubBasePath               string
 	PubsubLiteBasePath           string
 	RedisBasePath                string
@@ -220,6 +221,7 @@ var NetworkManagementDefaultBasePath = "https://networkmanagement.googleapis.com
 var NotebooksDefaultBasePath = "https://notebooks.googleapis.com/v1beta1/"
 var OSConfigDefaultBasePath = "https://osconfig.googleapis.com/v1beta/"
 var OSLoginDefaultBasePath = "https://oslogin.googleapis.com/v1/"
+var PrivatecaDefaultBasePath = "https://privateca.googleapis.com/v1beta1/"
 var PubsubDefaultBasePath = "https://pubsub.googleapis.com/v1/"
 var PubsubLiteDefaultBasePath = "https://{{region}}-pubsublite.googleapis.com/v1/admin/"
 var RedisDefaultBasePath = "https://redis.googleapis.com/v1beta1/"
@@ -1020,6 +1022,7 @@ func ConfigureBasePaths(c *Config) {
 	c.NotebooksBasePath = NotebooksDefaultBasePath
 	c.OSConfigBasePath = OSConfigDefaultBasePath
 	c.OSLoginBasePath = OSLoginDefaultBasePath
+	c.PrivatecaBasePath = PrivatecaDefaultBasePath
 	c.PubsubBasePath = PubsubDefaultBasePath
 	c.PubsubLiteBasePath = PubsubLiteDefaultBasePath
 	c.RedisBasePath = RedisDefaultBasePath

google-beta/privateca_operation.go

@@ -0,0 +1,78 @@
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+package google
+
+import (
+	"encoding/json"
+	"fmt"
+	"time"
+)
+
+type PrivatecaOperationWaiter struct {
+	Config    *Config
+	UserAgent string
+	Project   string
+	CommonOperationWaiter
+}
+
+func (w *PrivatecaOperationWaiter) QueryOp() (interface{}, error) {
+	if w == nil {
+		return nil, fmt.Errorf("Cannot query operation, it's unset or nil.")
+	}
+	// Returns the proper get.
+	url := fmt.Sprintf("https://privateca.googleapis.com/v1beta1/%s", w.CommonOperationWaiter.Op.Name)
+
+	return sendRequest(w.Config, "GET", w.Project, url, w.UserAgent, nil)
+}
+
+func createPrivatecaWaiter(config *Config, op map[string]interface{}, project, activity, userAgent string) (*PrivatecaOperationWaiter, error) {
+	if val, ok := op["name"]; !ok || val == "" {
+		// An operation could also be indicated with a "metadata" field.
+		if _, ok := op["metadata"]; !ok {
+			// This was a synchronous call - there is no operation to wait for.
+			return nil, nil
+		}
+	}
+	w := &PrivatecaOperationWaiter{
+		Config:    config,
+		UserAgent: userAgent,
+		Project:   project,
+	}
+	if err := w.CommonOperationWaiter.SetOp(op); err != nil {
+		return nil, err
+	}
+	return w, nil
+}
+
+// nolint: deadcode,unused
+func privatecaOperationWaitTimeWithResponse(config *Config, op map[string]interface{}, response *map[string]interface{}, project, activity, userAgent string, timeout time.Duration) error {
+	w, err := createPrivatecaWaiter(config, op, project, activity, userAgent)
+	if err != nil || w == nil {
+		// If w is nil, the op was synchronous.
+		return err
+	}
+	if err := OperationWait(w, activity, timeout, config.PollInterval); err != nil {
+		return err
+	}
+	return json.Unmarshal([]byte(w.CommonOperationWaiter.Op.Response), response)
+}
+
+func privatecaOperationWaitTime(config *Config, op map[string]interface{}, project, activity, userAgent string, timeout time.Duration) error {
+	w, err := createPrivatecaWaiter(config, op, project, activity, userAgent)
+	if err != nil || w == nil {
+		// If w is nil, the op was synchronous.
+		return err
+	}
+	return OperationWait(w, activity, timeout, config.PollInterval)
+}

google-beta/provider.go

@@ -527,6 +527,14 @@ func Provider() *schema.Provider {
 					"GOOGLE_OS_LOGIN_CUSTOM_ENDPOINT",
 				}, OSLoginDefaultBasePath),
 			},
+			"privateca_custom_endpoint": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateCustomEndpoint,
+				DefaultFunc: schema.MultiEnvDefaultFunc([]string{
+					"GOOGLE_PRIVATECA_CUSTOM_ENDPOINT",
+				}, PrivatecaDefaultBasePath),
+			},
 			"pubsub_custom_endpoint": {
 				Type:         schema.TypeString,
 				Optional:     true,
@@ -790,9 +798,9 @@ func Provider() *schema.Provider {
 	return provider
 }
 
-// Generated resources: 206
+// Generated resources: 207
 // Generated IAM resources: 105
-// Total generated resources: 311
+// Total generated resources: 312
 func ResourceMap() map[string]*schema.Resource {
 	resourceMap, _ := ResourceMapWithErrors()
 	return resourceMap
@@ -1063,6 +1071,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
 			"google_os_config_patch_deployment":                            resourceOSConfigPatchDeployment(),
 			"google_os_config_guest_policies":                              resourceOSConfigGuestPolicies(),
 			"google_os_login_ssh_public_key":                               resourceOSLoginSSHPublicKey(),
+			"google_privateca_certificate_authority":                       resourcePrivatecaCertificateAuthority(),
 			"google_pubsub_topic":                                          resourcePubsubTopic(),
 			"google_pubsub_topic_iam_binding":                              ResourceIamBinding(PubsubTopicIamSchema, PubsubTopicIamUpdaterProducer, PubsubTopicIdParseFunc),
 			"google_pubsub_topic_iam_member":                               ResourceIamMember(PubsubTopicIamSchema, PubsubTopicIamUpdaterProducer, PubsubTopicIdParseFunc),
@@ -1350,6 +1359,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr
 	config.NotebooksBasePath = d.Get("notebooks_custom_endpoint").(string)
 	config.OSConfigBasePath = d.Get("os_config_custom_endpoint").(string)
 	config.OSLoginBasePath = d.Get("os_login_custom_endpoint").(string)
+	config.PrivatecaBasePath = d.Get("privateca_custom_endpoint").(string)
 	config.PubsubBasePath = d.Get("pubsub_custom_endpoint").(string)
 	config.PubsubLiteBasePath = d.Get("pubsub_lite_custom_endpoint").(string)
 	config.RedisBasePath = d.Get("redis_custom_endpoint").(string)