From 9a31ccde1f6d450986424c8ee969c9b26713f329 Mon Sep 17 00:00:00 2001 From: Cameron Thornton Date: Mon, 9 Sep 2024 01:41:32 -0500 Subject: [PATCH 1/3] test converting accessapproval --- .../accessapproval/FolderSettings.yaml | 114 +++++++------ .../accessapproval/OrganizationSettings.yaml | 112 +++++++------ .../accessapproval/ProjectSettings.yaml | 123 +++++++------- .../accessapproval/go_FolderSettings.yaml | 151 ------------------ .../go_OrganizationSettings.yaml | 131 --------------- .../accessapproval/go_ProjectSettings.yaml | 140 ---------------- mmv1/products/accessapproval/go_product.yaml | 22 --- mmv1/products/accessapproval/product.yaml | 16 +- 8 files changed, 194 insertions(+), 615 deletions(-) delete mode 100644 mmv1/products/accessapproval/go_FolderSettings.yaml delete mode 100644 mmv1/products/accessapproval/go_OrganizationSettings.yaml delete mode 100644 mmv1/products/accessapproval/go_ProjectSettings.yaml delete mode 100644 mmv1/products/accessapproval/go_product.yaml diff --git a/mmv1/products/accessapproval/FolderSettings.yaml b/mmv1/products/accessapproval/FolderSettings.yaml index b16f1d807c30..a466d51e29dd 100644 --- a/mmv1/products/accessapproval/FolderSettings.yaml +++ b/mmv1/products/accessapproval/FolderSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,67 +11,73 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: FolderSettings -base_url: 'folders/{{folder_id}}/accessApprovalSettings' -self_link: 'folders/{{folder_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'FolderSettings' +legacy_name: 'google_folder_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' -legacy_name: 'google_folder_access_approval_settings' -import_format: ['folders/{{folder_id}}/accessApprovalSettings'] +docs: +base_url: 'folders/{{folder_id}}/accessApprovalSettings' +self_link: 'folders/{{folder_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'folders/{{folder_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + constants: 'templates/terraform/constants/go/access_approval.go.tmpl' + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_folder_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'folder_access_approval_full' + - name: 'folder_access_approval_full' primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples + org_id: 'ORG_ID' skip_test: true - name: 'folder_access_approval_active_key_version' + - name: 'folder_access_approval_active_key_version' primary_resource_id: 'folder_access_approval' vars: folder_name: 'my-folder' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_folder_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb - constants: templates/terraform/constants/access_approval.go.erb + org_id: 'ORG_ID' + skip_test: true parameters: - - !ruby/object:Api::Type::String - name: folder_id + - name: 'folder_id' + type: String description: | ID of the folder of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -79,12 +85,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): * all @@ -110,34 +117,35 @@ properties: * iam.googleapis.com * pubsub.googleapis.com * storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | If the field is true, that indicates that an ancestor of this Folder has set active_key_version. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. + output: true diff --git a/mmv1/products/accessapproval/OrganizationSettings.yaml b/mmv1/products/accessapproval/OrganizationSettings.yaml index 7e72511aedd5..c486995d8b83 100644 --- a/mmv1/products/accessapproval/OrganizationSettings.yaml +++ b/mmv1/products/accessapproval/OrganizationSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,62 +11,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: OrganizationSettings -base_url: 'organizations/{{organization_id}}/accessApprovalSettings' -self_link: 'organizations/{{organization_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'OrganizationSettings' +legacy_name: 'google_organization_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' -legacy_name: 'google_organization_access_approval_settings' -import_format: ['organizations/{{organization_id}}/accessApprovalSettings'] +docs: +base_url: 'organizations/{{organization_id}}/accessApprovalSettings' +self_link: 'organizations/{{organization_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'organizations/{{organization_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_organization_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'organization_access_approval_full' + - name: 'organization_access_approval_full' primary_resource_id: 'organization_access_approval' test_env_vars: - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples + org_id: 'ORG_ID' skip_test: true - name: 'organization_access_approval_active_key_version' + - name: 'organization_access_approval_active_key_version' primary_resource_id: 'organization_access_approval' test_env_vars: - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_organization_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb + org_id: 'ORG_ID' + skip_test: true parameters: - - !ruby/object:Api::Type::String - name: organization_id + - name: 'organization_id' + type: String description: | ID of the organization of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -74,12 +80,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -92,32 +99,33 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | This field will always be unset for the organization since organizations do not have ancestors. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | This field will always be unset for the organization since organizations do not have ancestors. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.). + output: true diff --git a/mmv1/products/accessapproval/ProjectSettings.yaml b/mmv1/products/accessapproval/ProjectSettings.yaml index 68eddf5026e8..806609b22c4f 100644 --- a/mmv1/products/accessapproval/ProjectSettings.yaml +++ b/mmv1/products/accessapproval/ProjectSettings.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,64 +11,70 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Resource -name: ProjectSettings -base_url: 'projects/{{project_id}}/accessApprovalSettings' -self_link: 'projects/{{project_id}}/accessApprovalSettings' -create_verb: :PATCH -update_verb: :PATCH -update_mask: true +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'ProjectSettings' +legacy_name: 'google_project_access_approval_settings' description: | Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: !ruby/object:Api::Resource::ReferenceLinks +references: + guides: api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' -legacy_name: 'google_project_access_approval_settings' -import_format: ['projects/{{project_id}}/accessApprovalSettings'] +docs: +base_url: 'projects/{{project_id}}/accessApprovalSettings' +self_link: 'projects/{{project_id}}/accessApprovalSettings' +create_verb: 'PATCH' +update_verb: 'PATCH' +update_mask: true +import_format: + - 'projects/{{project_id}}/accessApprovalSettings' +timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 +custom_code: + pre_create: 'templates/terraform/update_mask.go.tmpl' + custom_delete: 'templates/terraform/custom_delete/go/clear_project_access_approval_settings.go.tmpl' examples: - - !ruby/object:Provider::Terraform::Examples - skip_test: true - name: 'project_access_approval_full' + - name: 'project_access_approval_full' primary_resource_id: 'project_access_approval' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID - - !ruby/object:Provider::Terraform::Examples + project: 'PROJECT_NAME' + org_id: 'ORG_ID' skip_test: true - name: 'project_access_approval_active_key_version' + - name: 'project_access_approval_active_key_version' primary_resource_id: 'project_access_approval' test_env_vars: - project: :PROJECT_NAME - org_id: :ORG_ID -custom_code: !ruby/object:Provider::Terraform::CustomCode - custom_delete: templates/terraform/custom_delete/clear_project_access_approval_settings.go.erb - pre_create: templates/terraform/update_mask.erb + project: 'PROJECT_NAME' + org_id: 'ORG_ID' + skip_test: true parameters: - - !ruby/object:Api::Type::String - name: project_id + - name: 'project_id' + type: String description: | ID of the project of the access approval settings. + url_param_only: true required: true immutable: true - url_param_only: true properties: - - !ruby/object:Api::Type::String - name: name + - name: 'name' + type: String description: | The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" output: true - - !ruby/object:Api::Type::Array - name: notificationEmails + - name: 'notificationEmails' + type: Array description: | A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. - max_size: 50 - item_type: Api::Type::String is_set: true default_from_api: true - - !ruby/object:Api::Type::Array - name: enrolledServices - required: true + item_type: + type: String + max_size: 50 + - name: 'enrolledServices' + type: Array description: | A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required @@ -76,12 +82,13 @@ properties: A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. is_set: true + required: true set_hash_func: accessApprovalEnrolledServicesHash - item_type: !ruby/object:Api::Type::NestedObject + item_type: + type: NestedObject properties: - - !ruby/object:Api::Type::String - name: cloudProduct - required: true + - name: 'cloudProduct' + type: String description: | The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all @@ -94,40 +101,40 @@ properties: iam.googleapis.com pubsub.googleapis.com storage.googleapis.com - - !ruby/object:Api::Type::Enum - name: enrollmentLevel + required: true + - name: 'enrollmentLevel' + type: Enum description: | The enrollment level of the service. - default_value: :BLOCK_ALL - values: - - :BLOCK_ALL - - !ruby/object:Api::Type::Boolean - name: enrolledAncestor - output: true + default_value: "BLOCK_ALL" + enum_values: + - 'BLOCK_ALL' + - name: 'enrolledAncestor' + type: Boolean description: | If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. - - !ruby/object:Api::Type::String - name: activeKeyVersion + output: true + - name: 'activeKeyVersion' + type: String description: | The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - !ruby/object:Api::Type::Boolean - name: ancestorHasActiveKeyVersion - output: true + - name: 'ancestorHasActiveKeyVersion' + type: Boolean description: | If the field is true, that indicates that an ancestor of this Project has set active_key_version. - - !ruby/object:Api::Type::Boolean - name: invalidKeyVersion output: true + - name: 'invalidKeyVersion' + type: Boolean description: | If the field is true, that indicates that there is some configuration issue with the active_key_version configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. - - !ruby/object:Api::Type::String - name: project + output: true + - name: 'project' + type: String description: | Project id. - deprecation_message: >- - `project` is deprecated and will be removed in a future major release. Use `project_id` instead. + deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' diff --git a/mmv1/products/accessapproval/go_FolderSettings.yaml b/mmv1/products/accessapproval/go_FolderSettings.yaml deleted file mode 100644 index a466d51e29dd..000000000000 --- a/mmv1/products/accessapproval/go_FolderSettings.yaml +++ /dev/null @@ -1,151 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'FolderSettings' -legacy_name: 'google_folder_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/folders' -docs: -base_url: 'folders/{{folder_id}}/accessApprovalSettings' -self_link: 'folders/{{folder_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'folders/{{folder_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - constants: 'templates/terraform/constants/go/access_approval.go.tmpl' - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_folder_access_approval_settings.go.tmpl' -examples: - - name: 'folder_access_approval_full' - primary_resource_id: 'folder_access_approval' - vars: - folder_name: 'my-folder' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true - - name: 'folder_access_approval_active_key_version' - primary_resource_id: 'folder_access_approval' - vars: - folder_name: 'my-folder' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'folder_id' - type: String - description: | - ID of the folder of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can only be done on an all or nothing basis. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - * all - * App Engine - * BigQuery - * Cloud Bigtable - * Cloud Key Management Service - * Compute Engine - * Cloud Dataflow - * Cloud Identity and Access Management - * Cloud Pub/Sub - * Cloud Storage - * Persistent Disk - - Note: These values are supported as input, but considered a legacy format: - * all - * appengine.googleapis.com - * bigquery.googleapis.com - * bigtable.googleapis.com - * cloudkms.googleapis.com - * compute.googleapis.com - * dataflow.googleapis.com - * iam.googleapis.com - * pubsub.googleapis.com - * storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that an ancestor of this Folder has set active_key_version. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, - as key versions are inherited top-down. - output: true diff --git a/mmv1/products/accessapproval/go_OrganizationSettings.yaml b/mmv1/products/accessapproval/go_OrganizationSettings.yaml deleted file mode 100644 index c486995d8b83..000000000000 --- a/mmv1/products/accessapproval/go_OrganizationSettings.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'OrganizationSettings' -legacy_name: 'google_organization_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations' -docs: -base_url: 'organizations/{{organization_id}}/accessApprovalSettings' -self_link: 'organizations/{{organization_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'organizations/{{organization_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_organization_access_approval_settings.go.tmpl' -examples: - - name: 'organization_access_approval_full' - primary_resource_id: 'organization_access_approval' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true - - name: 'organization_access_approval_active_key_version' - primary_resource_id: 'organization_access_approval' - test_env_vars: - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'organization_id' - type: String - description: | - ID of the organization of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can be done for individual services. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - This field will always be unset for the organization since organizations do not have ancestors. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - This field will always be unset for the organization since organizations do not have ancestors. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.). - output: true diff --git a/mmv1/products/accessapproval/go_ProjectSettings.yaml b/mmv1/products/accessapproval/go_ProjectSettings.yaml deleted file mode 100644 index 806609b22c4f..000000000000 --- a/mmv1/products/accessapproval/go_ProjectSettings.yaml +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'ProjectSettings' -legacy_name: 'google_project_access_approval_settings' -description: | - Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content. -references: - guides: - api: 'https://cloud.google.com/access-approval/docs/reference/rest/v1/projects' -docs: -base_url: 'projects/{{project_id}}/accessApprovalSettings' -self_link: 'projects/{{project_id}}/accessApprovalSettings' -create_verb: 'PATCH' -update_verb: 'PATCH' -update_mask: true -import_format: - - 'projects/{{project_id}}/accessApprovalSettings' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_create: 'templates/terraform/update_mask.go.tmpl' - custom_delete: 'templates/terraform/custom_delete/go/clear_project_access_approval_settings.go.tmpl' -examples: - - name: 'project_access_approval_full' - primary_resource_id: 'project_access_approval' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' - skip_test: true - - name: 'project_access_approval_active_key_version' - primary_resource_id: 'project_access_approval' - test_env_vars: - project: 'PROJECT_NAME' - org_id: 'ORG_ID' - skip_test: true -parameters: - - name: 'project_id' - type: String - description: | - ID of the project of the access approval settings. - url_param_only: true - required: true - immutable: true -properties: - - name: 'name' - type: String - description: | - The resource name of the settings. Format is "projects/{project_id}/accessApprovalSettings" - output: true - - name: 'notificationEmails' - type: Array - description: | - A list of email addresses to which notifications relating to approval requests should be sent. - Notifications relating to a resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are allowed. - is_set: true - default_from_api: true - item_type: - type: String - max_size: 50 - - name: 'enrolledServices' - type: Array - description: | - A list of Google Cloud Services for which the given resource has Access Approval enrolled. - Access requests for the resource given by name against any of these services contained here will be required - to have explicit approval. Enrollment can only be done on an all or nothing basis. - - A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. - is_set: true - required: true - set_hash_func: accessApprovalEnrolledServicesHash - item_type: - type: NestedObject - properties: - - name: 'cloudProduct' - type: String - description: | - The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com - required: true - - name: 'enrollmentLevel' - type: Enum - description: | - The enrollment level of the service. - default_value: "BLOCK_ALL" - enum_values: - - 'BLOCK_ALL' - - name: 'enrolledAncestor' - type: Boolean - description: | - If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project. - output: true - - name: 'activeKeyVersion' - type: String - description: | - The asymmetric crypto key version to use for signing approval requests. - Empty active_key_version indicates that a Google-managed key should be used for signing. - This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set. - - name: 'ancestorHasActiveKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that an ancestor of this Project has set active_key_version. - output: true - - name: 'invalidKeyVersion' - type: Boolean - description: | - If the field is true, that indicates that there is some configuration issue with the active_key_version - configured on this Project (e.g. it doesn't exist or the Access Approval service account doesn't have the - correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, - as key versions are inherited top-down. - output: true - - name: 'project' - type: String - description: | - Project id. - deprecation_message: '`project` is deprecated and will be removed in a future major release. Use `project_id` instead.' diff --git a/mmv1/products/accessapproval/go_product.yaml b/mmv1/products/accessapproval/go_product.yaml deleted file mode 100644 index d925b1742897..000000000000 --- a/mmv1/products/accessapproval/go_product.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Warning: This is a temporary file, and should not be edited directly ---- -name: 'AccessApproval' -display_name: 'Access Approval' -versions: - - name: 'ga' - base_url: 'https://accessapproval.googleapis.com/v1/' -scopes: - - 'https://www.googleapis.com/auth/cloud-platform' diff --git a/mmv1/products/accessapproval/product.yaml b/mmv1/products/accessapproval/product.yaml index ec7d98243638..d925b1742897 100644 --- a/mmv1/products/accessapproval/product.yaml +++ b/mmv1/products/accessapproval/product.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google Inc. +# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,12 +11,12 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- !ruby/object:Api::Product -name: AccessApproval -display_name: Access Approval +# Warning: This is a temporary file, and should not be edited directly +--- +name: 'AccessApproval' +display_name: 'Access Approval' versions: - - !ruby/object:Api::Product::Version - name: ga - base_url: https://accessapproval.googleapis.com/v1/ + - name: 'ga' + base_url: 'https://accessapproval.googleapis.com/v1/' scopes: - - https://www.googleapis.com/auth/cloud-platform + - 'https://www.googleapis.com/auth/cloud-platform' From 3490d78c16f5ec85432459fa536bed53f9098dbf Mon Sep 17 00:00:00 2001 From: Cameron Thornton Date: Mon, 9 Sep 2024 07:37:36 -0500 Subject: [PATCH 2/3] rename template files --- ...s_approval_full.tf.erb => folder_access_approval_full.tf.tmpl} | 0 ....erb => resource_app_engine_flexible_app_version_test.go.tmpl} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename mmv1/templates/terraform/examples/{folder_access_approval_full.tf.erb => folder_access_approval_full.tf.tmpl} (100%) rename mmv1/third_party/terraform/services/appengine/{resource_app_engine_flexible_app_version_test.go.erb => resource_app_engine_flexible_app_version_test.go.tmpl} (100%) diff --git a/mmv1/templates/terraform/examples/folder_access_approval_full.tf.erb b/mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl similarity index 100% rename from mmv1/templates/terraform/examples/folder_access_approval_full.tf.erb rename to mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl diff --git a/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.erb b/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl similarity index 100% rename from mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.erb rename to mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl From e61af2ad0bb4f99b3fec60de93592dcc84bf0eb0 Mon Sep 17 00:00:00 2001 From: Cameron Thornton Date: Mon, 9 Sep 2024 07:39:37 -0500 Subject: [PATCH 3/3] move go file --- .../folder_access_approval_full.tf.tmpl | 6 +- .../go/folder_access_approval_full.tf.tmpl | 14 - ...p_engine_flexible_app_version_test.go.tmpl | 445 ------------------ ...p_engine_flexible_app_version_test.go.tmpl | 5 +- 4 files changed, 5 insertions(+), 465 deletions(-) delete mode 100644 mmv1/templates/terraform/examples/go/folder_access_approval_full.tf.tmpl delete mode 100644 mmv1/third_party/terraform/services/appengine/go/resource_app_engine_flexible_app_version_test.go.tmpl diff --git a/mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl b/mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl index 140550f5a161..fc08b3dee4f8 100644 --- a/mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl +++ b/mmv1/templates/terraform/examples/folder_access_approval_full.tf.tmpl @@ -1,10 +1,10 @@ resource "google_folder" "my_folder" { - display_name = "<%= ctx[:vars]['folder_name'] %>" - parent = "organizations/<%= ctx[:test_env_vars]['org_id'] %>" + display_name = "{{index $.Vars "folder_name"}}" + parent = "organizations/{{index $.TestEnvVars "org_id"}}" deletion_protection = false } -resource "google_folder_access_approval_settings" "<%= ctx[:primary_resource_id] %>" { +resource "google_folder_access_approval_settings" "{{$.PrimaryResourceId}}" { folder_id = google_folder.my_folder.folder_id notification_emails = ["testuser@example.com", "example.user@example.com"] diff --git a/mmv1/templates/terraform/examples/go/folder_access_approval_full.tf.tmpl b/mmv1/templates/terraform/examples/go/folder_access_approval_full.tf.tmpl deleted file mode 100644 index fc08b3dee4f8..000000000000 --- a/mmv1/templates/terraform/examples/go/folder_access_approval_full.tf.tmpl +++ /dev/null @@ -1,14 +0,0 @@ -resource "google_folder" "my_folder" { - display_name = "{{index $.Vars "folder_name"}}" - parent = "organizations/{{index $.TestEnvVars "org_id"}}" - deletion_protection = false -} - -resource "google_folder_access_approval_settings" "{{$.PrimaryResourceId}}" { - folder_id = google_folder.my_folder.folder_id - notification_emails = ["testuser@example.com", "example.user@example.com"] - - enrolled_services { - cloud_product = "all" - } -} diff --git a/mmv1/third_party/terraform/services/appengine/go/resource_app_engine_flexible_app_version_test.go.tmpl b/mmv1/third_party/terraform/services/appengine/go/resource_app_engine_flexible_app_version_test.go.tmpl deleted file mode 100644 index 141be1e2be7d..000000000000 --- a/mmv1/third_party/terraform/services/appengine/go/resource_app_engine_flexible_app_version_test.go.tmpl +++ /dev/null @@ -1,445 +0,0 @@ -package appengine_test - -{{ if ne $.TargetVersionName `ga` -}} - -import ( - "log" - "strings" - "testing" - - "github.com/hashicorp/terraform-plugin-testing/helper/resource" - "github.com/hashicorp/terraform-plugin-testing/terraform" - "github.com/hashicorp/terraform-provider-google/google/acctest" - "github.com/hashicorp/terraform-provider-google/google/envvar" -) - -func TestAccAppEngineFlexibleAppVersion_update(t *testing.T) { - t.Skip("https://github.com/hashicorp/terraform-provider-google/issues/18239") - t.Parallel() - - context := map[string]interface{}{ - "org_id": envvar.GetTestOrgFromEnv(t), - "billing_account": envvar.GetTestBillingAccountFromEnv(t), - "random_suffix": acctest.RandString(t, 10), - } - - acctest.VcrTest(t, resource.TestCase{ - PreCheck: func() { acctest.AccTestPreCheck(t) }, - ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t), - CheckDestroy: testAccCheckAppEngineFlexibleAppVersionDestroyProducer(t), - Steps: []resource.TestStep{ - { - Config: testAccAppEngineFlexibleAppVersion_python(context), - }, - { - ResourceName: "google_app_engine_flexible_app_version.foo", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"env_variables", "deployment", "entrypoint", "service", "noop_on_destroy"}, - }, - { - Config: testAccAppEngineFlexibleAppVersion_pythonUpdate(context), - }, - { - ResourceName: "google_app_engine_flexible_app_version.foo", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"env_variables", "deployment", "entrypoint", "service", "delete_service_on_destroy"}, - }, - }, - }) -} - -func testAccAppEngineFlexibleAppVersion_python(context map[string]interface{}) string { - return acctest.Nprintf(` -resource "google_project" "my_project" { - provider = google-beta - name = "tf-test-appeng-flex%{random_suffix}" - project_id = "tf-test-appeng-flex%{random_suffix}" - org_id = "%{org_id}" - billing_account = "%{billing_account}" - deletion_policy = "DELETE" -} - -resource "google_project_service" "compute" { - provider = google-beta - project = google_project.my_project.project_id - service = "compute.googleapis.com" - - disable_dependent_services = false -} - -resource "google_project_service" "appengineflex" { - provider = google-beta - project = google_project.my_project.project_id - service = "appengineflex.googleapis.com" - - disable_dependent_services = false - depends_on = [google_project_service.compute] -} - -resource "google_compute_network" "network" { - provider = google-beta - project = google_project_service.compute.project - name = "custom" - auto_create_subnetworks = "false" -} - -resource "google_compute_subnetwork" "subnetwork" { - provider = google-beta - project = google_project_service.compute.project - name = "custom" - region = "us-central1" - network = google_compute_network.network.id - ip_cidr_range = "10.0.0.0/16" - private_ip_google_access = true -} - -resource "google_app_engine_application" "app" { - provider = google-beta - project = google_project.my_project.project_id - location_id = "us-central" -} - -resource "google_project_iam_member" "gae_api" { - provider = google-beta - project = google_project_service.appengineflex.project - role = "roles/compute.networkUser" - member = "serviceAccount:service-${google_project.my_project.number}@gae-api-prod.google.com.iam.gserviceaccount.com" -} - -resource "google_app_engine_standard_app_version" "foo" { - provider = google-beta - project = google_project_iam_member.gae_api.project - version_id = "v1" - service = "default" - runtime = "python38" - - entrypoint { - shell = "gunicorn -b :$PORT main:app" - } - - deployment { - files { - name = "main.py" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.main.name}" - } - - files { - name = "requirements.txt" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.requirements.name}" - } - } - - env_variables = { - port = "8000" - } - - noop_on_destroy = true -} - -resource "google_app_engine_flexible_app_version" "foo" { - provider = google-beta - project = google_project_iam_member.gae_api.project - version_id = "v1" - service = "custom" - runtime = "python" - - runtime_api_version = "1" - - resources { - cpu = 1 - memory_gb = 0.5 - disk_gb = 10 - } - - entrypoint { - shell = "gunicorn -b :$PORT main:app" - } - - flexible_runtime_settings { - operating_system = "ubuntu22" - runtime_version = "3.11" - } - - deployment { - files { - name = "main.py" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.main.name}" - } - - files { - name = "requirements.txt" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.requirements.name}" - } - - files { - name = "app.yaml" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.yaml.name}" - } - } - - liveness_check { - path = "alive" - } - - readiness_check { - path = "ready" - } - - env_variables = { - port = "8000" - } - - network { - name = google_compute_network.network.name - subnetwork = google_compute_subnetwork.subnetwork.name - instance_ip_mode = "EXTERNAL" - } - - instance_class = "B1" - - manual_scaling { - instances = 1 - } - - noop_on_destroy = true - - depends_on = [google_app_engine_standard_app_version.foo] -} - -resource "google_storage_bucket" "bucket" { - provider = google-beta - project = google_project.my_project.project_id - name = "tf-test-%{random_suffix}-flex-ae-bucket" - location = "US" -} - -resource "google_storage_bucket_object" "yaml" { - provider = google-beta - name = "app.yaml" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/app.yaml" -} - -resource "google_storage_bucket_object" "requirements" { - provider = google-beta - name = "requirements.txt" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/requirements.txt" -} - -resource "google_storage_bucket_object" "main" { - provider = google-beta - name = "main.py" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/main.py" -}`, context) -} - -func testAccAppEngineFlexibleAppVersion_pythonUpdate(context map[string]interface{}) string { - return acctest.Nprintf(` -resource "google_project" "my_project" { - provider = google-beta - name = "tf-test-appeng-flex%{random_suffix}" - project_id = "tf-test-appeng-flex%{random_suffix}" - org_id = "%{org_id}" - billing_account = "%{billing_account}" - deletion_policy = "DELETE" -} - -resource "google_project_service" "compute" { - provider = google-beta - project = google_project.my_project.project_id - service = "compute.googleapis.com" - - disable_dependent_services = false -} - -resource "google_project_service" "appengineflex" { - provider = google-beta - project = google_project.my_project.project_id - service = "appengineflex.googleapis.com" - - disable_dependent_services = false - depends_on = [google_project_service.compute] -} - -resource "google_compute_network" "network" { - provider = google-beta - project = google_project_service.compute.project - name = "custom" - auto_create_subnetworks = "false" -} - -resource "google_compute_subnetwork" "subnetwork" { - provider = google-beta - project = google_project_service.compute.project - name = "custom" - region = "us-central1" - network = google_compute_network.network.id - ip_cidr_range = "10.0.0.0/16" - private_ip_google_access = true -} - -resource "google_app_engine_application" "app" { - provider = google-beta - project = google_project.my_project.project_id - location_id = "us-central" -} - -resource "google_project_iam_member" "gae_api" { - provider = google-beta - project = google_project_service.appengineflex.project - role = "roles/compute.networkUser" - member = "serviceAccount:service-${google_project.my_project.number}@gae-api-prod.google.com.iam.gserviceaccount.com" -} - -resource "google_app_engine_standard_app_version" "foo" { - provider = google-beta - project = google_project_iam_member.gae_api.project - version_id = "v1" - service = "default" - runtime = "python38" - - entrypoint { - shell = "gunicorn -b :$PORT main:app" - } - - deployment { - files { - name = "main.py" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.main.name}" - } - - files { - name = "requirements.txt" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.requirements.name}" - } - } - - env_variables = { - port = "8000" - } - - noop_on_destroy = true -} - -resource "google_app_engine_flexible_app_version" "foo" { - provider = google-beta - project = google_project_iam_member.gae_api.project - version_id = "v1" - service = "custom" - runtime = "python" - - runtime_api_version = "1" - - resources { - cpu = 1 - memory_gb = 1 - disk_gb = 10 - } - - entrypoint { - shell = "gunicorn -b :$PORT main:app" - } - - flexible_runtime_settings { - operating_system = "ubuntu22" - runtime_version = "3.11" - } - - deployment { - files { - name = "main.py" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.main.name}" - } - - files { - name = "requirements.txt" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.requirements.name}" - } - - files { - name = "app.yaml" - source_url = "https://storage.googleapis.com/${google_storage_bucket.bucket.name}/${google_storage_bucket_object.yaml.name}" - } - } - - liveness_check { - path = "" - } - - readiness_check { - path = "" - } - - env_variables = { - port = "8000" - } - - network { - name = google_compute_network.network.name - subnetwork = google_compute_subnetwork.subnetwork.name - instance_ip_mode = "INTERNAL" - } - - instance_class = "B2" - - manual_scaling { - instances = 2 - } - - delete_service_on_destroy = true - - depends_on = [google_app_engine_standard_app_version.foo] -} - -resource "google_storage_bucket" "bucket" { - provider = google-beta - project = google_project.my_project.project_id - name = "tf-test-%{random_suffix}-flex-ae-bucket" - location = "US" -} - -resource "google_storage_bucket_object" "yaml" { - provider = google-beta - name = "app.yaml" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/app.yaml" -} - -resource "google_storage_bucket_object" "requirements" { - provider = google-beta - name = "requirements.txt" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/requirements.txt" -} - -resource "google_storage_bucket_object" "main" { - provider = google-beta - name = "main.py" - bucket = google_storage_bucket.bucket.name - source = "./test-fixtures/hello-world-flask/main.py" -}`, context) -} - -// Remove when generated test is enabled -func testAccCheckAppEngineFlexibleAppVersionDestroyProducer(t *testing.T) func(s *terraform.State) error { - return func(s *terraform.State) error { - for name, rs := range s.RootModule().Resources { - if rs.Type != "google_app_engine_flexible_app_version" { - continue - } - if strings.HasPrefix(name, "data.") { - continue - } - - log.Printf("[DEBUG] Ignoring destroy during test") - } - - return nil - } -} - -{{ end }} diff --git a/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl b/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl index bd3832d48dd1..141be1e2be7d 100644 --- a/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl +++ b/mmv1/third_party/terraform/services/appengine/resource_app_engine_flexible_app_version_test.go.tmpl @@ -1,7 +1,6 @@ -<% autogen_exception -%> package appengine_test -<% unless version == 'ga' -%> +{{ if ne $.TargetVersionName `ga` -}} import ( "log" @@ -443,4 +442,4 @@ func testAccCheckAppEngineFlexibleAppVersionDestroyProducer(t *testing.T) func(s } } -<% end -%> +{{ end }}