Generate runtimeconfig IAM resources

Signed-off-by: Modular Magician <[email protected]>
hashicorp · Sep 13, 2019 · 34715a9 · 34715a9
1 parent b072474
commit 34715a9
Show file tree

Hide file tree

Showing 7 changed files with 497 additions and 9 deletions.
diff --git a/google/config.go b/google/config.go
@@ -92,6 +92,7 @@ type Config struct {
 	PubsubBasePath               string
 	RedisBasePath                string
 	ResourceManagerBasePath      string
+	RuntimeconfigBasePath        string
 	SecurityCenterBasePath       string
 	SourceRepoBasePath           string
 	SpannerBasePath              string
@@ -147,8 +148,7 @@ type Config struct {
 	ResourceManagerV2Beta1BasePath string
 	clientResourceManagerV2Beta1   *resourceManagerV2Beta1.Service
 
-	RuntimeconfigBasePath string
-	clientRuntimeconfig   *runtimeconfig.Service
+	clientRuntimeconfig *runtimeconfig.Service
 
 	clientSpanner *spanner.Service
 
@@ -218,6 +218,7 @@ var MonitoringDefaultBasePath = "https://monitoring.googleapis.com/v3/"
 var PubsubDefaultBasePath = "https://pubsub.googleapis.com/v1/"
 var RedisDefaultBasePath = "https://redis.googleapis.com/v1/"
 var ResourceManagerDefaultBasePath = "https://cloudresourcemanager.googleapis.com/v1/"
+var RuntimeconfigDefaultBasePath = "https://runtimeconfig.googleapis.com/v1beta1/"
 var SecurityCenterDefaultBasePath = "https://securitycenter.googleapis.com/v1/"
 var SourceRepoDefaultBasePath = "https://sourcerepo.googleapis.com/v1/"
 var SpannerDefaultBasePath = "https://spanner.googleapis.com/v1/"
@@ -681,6 +682,7 @@ func ConfigureBasePaths(c *Config) {
 	c.PubsubBasePath = PubsubDefaultBasePath
 	c.RedisBasePath = RedisDefaultBasePath
 	c.ResourceManagerBasePath = ResourceManagerDefaultBasePath
+	c.RuntimeconfigBasePath = RuntimeconfigDefaultBasePath
 	c.SecurityCenterBasePath = SecurityCenterDefaultBasePath
 	c.SourceRepoBasePath = SourceRepoDefaultBasePath
 	c.SpannerBasePath = SpannerDefaultBasePath
@@ -699,7 +701,6 @@ func ConfigureBasePaths(c *Config) {
 	c.DnsBetaBasePath = DnsBetaDefaultBasePath
 	c.IamCredentialsBasePath = IamCredentialsDefaultBasePath
 	c.ResourceManagerV2Beta1BasePath = ResourceManagerV2Beta1DefaultBasePath
-	c.RuntimeconfigBasePath = RuntimeconfigDefaultBasePath
 	c.IAMBasePath = IAMDefaultBasePath
 	c.ServiceManagementBasePath = ServiceManagementDefaultBasePath
 	c.ServiceNetworkingBasePath = ServiceNetworkingDefaultBasePath

diff --git a/google/iam_runtimeconfig_config.go b/google/iam_runtimeconfig_config.go
@@ -0,0 +1,169 @@
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+package google
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/errwrap"
+	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/cloudresourcemanager/v1"
+)
+
+var RuntimeconfigConfigIamSchema = map[string]*schema.Schema{
+	"project": {
+		Type:     schema.TypeString,
+		Computed: true,
+		Optional: true,
+		ForceNew: true,
+	},
+	"config": {
+		Type:             schema.TypeString,
+		Required:         true,
+		ForceNew:         true,
+		DiffSuppressFunc: compareSelfLinkOrResourceName,
+	},
+}
+
+type RuntimeconfigConfigIamUpdater struct {
+	project string
+	config  string
+	d       *schema.ResourceData
+	Config  *Config
+}
+
+func RuntimeconfigConfigIamUpdaterProducer(d *schema.ResourceData, config *Config) (ResourceIamUpdater, error) {
+	values := make(map[string]string)
+
+	project, err := getProject(d, config)
+	if err != nil {
+		return nil, err
+	}
+	values["project"] = project
+
+	// We may have gotten either a long or short name, so attempt to parse long name if possible
+	m, err := getImportIdQualifiers([]string{"projects/(?P<project>[^/]+)/configs/(?P<config>[^/]+)", "(?P<project>[^/]+)/(?P<config>[^/]+)", "(?P<config>[^/]+)"}, d, config, d.Get("config").(string))
+	if err != nil {
+		return nil, err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &RuntimeconfigConfigIamUpdater{
+		project: values["project"],
+		config:  values["config"],
+		d:       d,
+		Config:  config,
+	}
+
+	d.Set("project", u.project)
+	d.Set("config", u.GetResourceId())
+
+	d.SetId(u.GetResourceId())
+
+	return u, nil
+}
+
+func RuntimeconfigConfigIdParseFunc(d *schema.ResourceData, config *Config) error {
+	values := make(map[string]string)
+
+	project, err := getProject(d, config)
+	if err != nil {
+		return err
+	}
+	values["project"] = project
+
+	m, err := getImportIdQualifiers([]string{"projects/(?P<project>[^/]+)/configs/(?P<config>[^/]+)", "(?P<project>[^/]+)/(?P<config>[^/]+)", "(?P<config>[^/]+)"}, d, config, d.Id())
+	if err != nil {
+		return err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &RuntimeconfigConfigIamUpdater{
+		project: values["project"],
+		config:  values["config"],
+		d:       d,
+		Config:  config,
+	}
+	d.Set("config", u.GetResourceId())
+	d.SetId(u.GetResourceId())
+	return nil
+}
+
+func (u *RuntimeconfigConfigIamUpdater) GetResourceIamPolicy() (*cloudresourcemanager.Policy, error) {
+	url := u.qualifyConfigUrl("getIamPolicy")
+
+	project, err := getProject(u.d, u.Config)
+	if err != nil {
+		return nil, err
+	}
+
+	policy, err := sendRequest(u.Config, "GET", project, url, nil)
+	if err != nil {
+		return nil, errwrap.Wrapf(fmt.Sprintf("Error retrieving IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	out := &cloudresourcemanager.Policy{}
+	err = Convert(policy, out)
+	if err != nil {
+		return nil, errwrap.Wrapf("Cannot convert a policy to a resource manager policy: {{err}}", err)
+	}
+
+	return out, nil
+}
+
+func (u *RuntimeconfigConfigIamUpdater) SetResourceIamPolicy(policy *cloudresourcemanager.Policy) error {
+	json, err := ConvertToMap(policy)
+	if err != nil {
+		return err
+	}
+
+	obj := make(map[string]interface{})
+	obj["policy"] = json
+
+	url := u.qualifyConfigUrl("setIamPolicy")
+
+	project, err := getProject(u.d, u.Config)
+	if err != nil {
+		return err
+	}
+
+	_, err = sendRequestWithTimeout(u.Config, "POST", project, url, obj, u.d.Timeout(schema.TimeoutCreate))
+	if err != nil {
+		return errwrap.Wrapf(fmt.Sprintf("Error setting IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	return nil
+}
+
+func (u *RuntimeconfigConfigIamUpdater) qualifyConfigUrl(methodIdentifier string) string {
+	return fmt.Sprintf("https://runtimeconfig.googleapis.com/v1beta1/%s:%s", fmt.Sprintf("projects/%s/configs/%s", u.project, u.config), methodIdentifier)
+}
+
+func (u *RuntimeconfigConfigIamUpdater) GetResourceId() string {
+	return fmt.Sprintf("projects/%s/configs/%s", u.project, u.config)
+}
+
+func (u *RuntimeconfigConfigIamUpdater) GetMutexKey() string {
+	return fmt.Sprintf("iam-runtimeconfig-config-%s", u.GetResourceId())
+}
+
+func (u *RuntimeconfigConfigIamUpdater) DescribeResource() string {
+	return fmt.Sprintf("runtimeconfig config %q", u.GetResourceId())
+}
diff --git a/google/iam_runtimeconfig_config_generated_test.go b/google/iam_runtimeconfig_config_generated_test.go
@@ -0,0 +1,179 @@
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+
+package google
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/acctest"
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccRuntimeconfigConfigIamBindingGenerated(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(10),
+		"role":          "roles/viewer",
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRuntimeconfigConfigIamBinding_basicGenerated(context),
+			},
+			{
+				ResourceName:      "google_runtimeconfig_config_iam_binding.foo",
+				ImportStateId:     fmt.Sprintf("projects/%s/configs/%s roles/viewer", getTestProjectFromEnv(), fmt.Sprintf("my-config%s", context["random_suffix"])),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				// Test Iam Binding update
+				Config: testAccRuntimeconfigConfigIamBinding_updateGenerated(context),
+			},
+			{
+				ResourceName:      "google_runtimeconfig_config_iam_binding.foo",
+				ImportStateId:     fmt.Sprintf("projects/%s/configs/%s roles/viewer", getTestProjectFromEnv(), fmt.Sprintf("my-config%s", context["random_suffix"])),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccRuntimeconfigConfigIamMemberGenerated(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(10),
+		"role":          "roles/viewer",
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				// Test Iam Member creation (no update for member, no need to test)
+				Config: testAccRuntimeconfigConfigIamMember_basicGenerated(context),
+			},
+			{
+				ResourceName:      "google_runtimeconfig_config_iam_member.foo",
+				ImportStateId:     fmt.Sprintf("projects/%s/configs/%s roles/viewer user:[email protected]", getTestProjectFromEnv(), fmt.Sprintf("my-config%s", context["random_suffix"])),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccRuntimeconfigConfigIamPolicyGenerated(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(10),
+		"role":          "roles/viewer",
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRuntimeconfigConfigIamPolicy_basicGenerated(context),
+			},
+			{
+				ResourceName:      "google_runtimeconfig_config_iam_policy.foo",
+				ImportStateId:     fmt.Sprintf("projects/%s/configs/%s", getTestProjectFromEnv(), fmt.Sprintf("my-config%s", context["random_suffix"])),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccRuntimeconfigConfigIamMember_basicGenerated(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_runtimeconfig_config" "config" {
+ 	name = "my-config%{random_suffix}"
+ 	description = "Runtime configuration values for my service"
+}
+
+resource "google_runtimeconfig_config_iam_member" "foo" {
+	project = "${google_runtimeconfig_config.config.project}"
+	config = "${google_runtimeconfig_config.config.name}"
+	role = "%{role}"
+	member = "user:[email protected]"
+}
+`, context)
+}
+
+func testAccRuntimeconfigConfigIamPolicy_basicGenerated(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_runtimeconfig_config" "config" {
+ 	name = "my-config%{random_suffix}"
+ 	description = "Runtime configuration values for my service"
+}
+
+data "google_iam_policy" "foo" {
+	binding {
+		role = "%{role}"
+		members = ["user:[email protected]"]
+	}
+}
+
+resource "google_runtimeconfig_config_iam_policy" "foo" {
+	project = "${google_runtimeconfig_config.config.project}"
+	config = "${google_runtimeconfig_config.config.name}"
+	policy_data = "${data.google_iam_policy.foo.policy_data}"
+}
+`, context)
+}
+
+func testAccRuntimeconfigConfigIamBinding_basicGenerated(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_runtimeconfig_config" "config" {
+ 	name = "my-config%{random_suffix}"
+ 	description = "Runtime configuration values for my service"
+}
+
+resource "google_runtimeconfig_config_iam_binding" "foo" {
+	project = "${google_runtimeconfig_config.config.project}"
+	config = "${google_runtimeconfig_config.config.name}"
+	role = "%{role}"
+	members = ["user:[email protected]"]
+}
+`, context)
+}
+
+func testAccRuntimeconfigConfigIamBinding_updateGenerated(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_runtimeconfig_config" "config" {
+ 	name = "my-config%{random_suffix}"
+ 	description = "Runtime configuration values for my service"
+}
+
+resource "google_runtimeconfig_config_iam_binding" "foo" {
+	project = "${google_runtimeconfig_config.config.project}"
+	config = "${google_runtimeconfig_config.config.name}"
+	role = "%{role}"
+	members = ["user:[email protected]", "user:[email protected]"]
+}
+`, context)
+}