Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add certificate manager public CA external account key resource #14983

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/8171.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
`google_certificate_manager_public_ca_external_account_key`
```
1 change: 1 addition & 0 deletions google/config_test_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ func configureTestBasePaths(c *transport_tpg.Config, url string) {
c.OSConfigBasePath = url
c.OSLoginBasePath = url
c.PrivatecaBasePath = url
c.PublicCABasePath = url
c.PubsubBasePath = url
c.PubsubLiteBasePath = url
c.RedisBasePath = url
Expand Down
6 changes: 6 additions & 0 deletions google/framework_provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -533,6 +533,12 @@ func (p *FrameworkProvider) Schema(_ context.Context, _ provider.SchemaRequest,
transport_tpg.CustomEndpointValidator(),
},
},
"public_ca_custom_endpoint": &schema.StringAttribute{
Optional: true,
Validators: []validator.String{
transport_tpg.CustomEndpointValidator(),
},
},
"pubsub_custom_endpoint": &schema.StringAttribute{
Optional: true,
Validators: []validator.String{
Expand Down
1 change: 1 addition & 0 deletions google/fwmodels/provider_model.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ type ProviderModel struct {
OSConfigCustomEndpoint types.String `tfsdk:"os_config_custom_endpoint"`
OSLoginCustomEndpoint types.String `tfsdk:"os_login_custom_endpoint"`
PrivatecaCustomEndpoint types.String `tfsdk:"privateca_custom_endpoint"`
PublicCACustomEndpoint types.String `tfsdk:"public_ca_custom_endpoint"`
PubsubCustomEndpoint types.String `tfsdk:"pubsub_custom_endpoint"`
PubsubLiteCustomEndpoint types.String `tfsdk:"pubsub_lite_custom_endpoint"`
RedisCustomEndpoint types.String `tfsdk:"redis_custom_endpoint"`
Expand Down
10 changes: 10 additions & 0 deletions google/fwtransport/framework_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ type FrameworkProviderConfig struct {
OSConfigBasePath string
OSLoginBasePath string
PrivatecaBasePath string
PublicCABasePath string
PubsubBasePath string
PubsubLiteBasePath string
RedisBasePath string
Expand Down Expand Up @@ -249,6 +250,7 @@ func (p *FrameworkProviderConfig) LoadAndValidateFramework(ctx context.Context,
p.OSConfigBasePath = data.OSConfigCustomEndpoint.ValueString()
p.OSLoginBasePath = data.OSLoginCustomEndpoint.ValueString()
p.PrivatecaBasePath = data.PrivatecaCustomEndpoint.ValueString()
p.PublicCABasePath = data.PublicCACustomEndpoint.ValueString()
p.PubsubBasePath = data.PubsubCustomEndpoint.ValueString()
p.PubsubLiteBasePath = data.PubsubLiteCustomEndpoint.ValueString()
p.RedisBasePath = data.RedisCustomEndpoint.ValueString()
Expand Down Expand Up @@ -949,6 +951,14 @@ func (p *FrameworkProviderConfig) HandleDefaults(ctx context.Context, data *fwmo
data.PrivatecaCustomEndpoint = types.StringValue(customEndpoint.(string))
}
}
if data.PublicCACustomEndpoint.IsNull() {
customEndpoint := transport_tpg.MultiEnvDefault([]string{
"GOOGLE_PUBLIC_CA_CUSTOM_ENDPOINT",
}, transport_tpg.DefaultBasePaths[transport_tpg.PublicCABasePathKey])
if customEndpoint != nil {
data.PublicCACustomEndpoint = types.StringValue(customEndpoint.(string))
}
}
if data.PubsubCustomEndpoint.IsNull() {
customEndpoint := transport_tpg.MultiEnvDefault([]string{
"GOOGLE_PUBSUB_CUSTOM_ENDPOINT",
Expand Down
12 changes: 10 additions & 2 deletions google/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ import (
"github.com/hashicorp/terraform-provider-google/google/services/osconfig"
"github.com/hashicorp/terraform-provider-google/google/services/oslogin"
"github.com/hashicorp/terraform-provider-google/google/services/privateca"
"github.com/hashicorp/terraform-provider-google/google/services/publicca"
"github.com/hashicorp/terraform-provider-google/google/services/pubsub"
"github.com/hashicorp/terraform-provider-google/google/services/pubsublite"
"github.com/hashicorp/terraform-provider-google/google/services/redis"
Expand Down Expand Up @@ -564,6 +565,11 @@ func Provider() *schema.Provider {
Optional: true,
ValidateFunc: transport_tpg.ValidateCustomEndpoint,
},
"public_ca_custom_endpoint": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: transport_tpg.ValidateCustomEndpoint,
},
"pubsub_custom_endpoint": {
Type: schema.TypeString,
Optional: true,
Expand Down Expand Up @@ -920,9 +926,9 @@ func DatasourceMapWithErrors() (map[string]*schema.Resource, error) {
})
}

// Generated resources: 291
// Generated resources: 292
// Generated IAM resources: 195
// Total generated resources: 486
// Total generated resources: 487
func ResourceMap() map[string]*schema.Resource {
resourceMap, _ := ResourceMapWithErrors()
return resourceMap
Expand Down Expand Up @@ -1338,6 +1344,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
"google_privateca_certificate_template_iam_binding": tpgiamresource.ResourceIamBinding(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc),
"google_privateca_certificate_template_iam_member": tpgiamresource.ResourceIamMember(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc),
"google_privateca_certificate_template_iam_policy": tpgiamresource.ResourceIamPolicy(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc),
"google_public_ca_external_account_key": publicca.ResourcePublicCAExternalAccountKey(),
"google_pubsub_schema": pubsub.ResourcePubsubSchema(),
"google_pubsub_subscription": pubsub.ResourcePubsubSubscription(),
"google_pubsub_topic": pubsub.ResourcePubsubTopic(),
Expand Down Expand Up @@ -1710,6 +1717,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr
config.OSConfigBasePath = d.Get("os_config_custom_endpoint").(string)
config.OSLoginBasePath = d.Get("os_login_custom_endpoint").(string)
config.PrivatecaBasePath = d.Get("privateca_custom_endpoint").(string)
config.PublicCABasePath = d.Get("public_ca_custom_endpoint").(string)
config.PubsubBasePath = d.Get("pubsub_custom_endpoint").(string)
config.PubsubLiteBasePath = d.Get("pubsub_lite_custom_endpoint").(string)
config.RedisBasePath = d.Get("redis_custom_endpoint").(string)
Expand Down
54 changes: 54 additions & 0 deletions google/resource_public_ca_external_account_key_generated_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

// ----------------------------------------------------------------------------
//
// *** AUTO GENERATED CODE *** Type: MMv1 ***
//
// ----------------------------------------------------------------------------
//
// This file is automatically generated by Magic Modules and manual
// changes will be clobbered when the file is regenerated.
//
// Please read more about how to change this file in
// .github/CONTRIBUTING.md.
//
// ----------------------------------------------------------------------------

package google

import (
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"

"github.com/hashicorp/terraform-provider-google/google/acctest"
"github.com/hashicorp/terraform-provider-google/google/tpgresource"
)

func TestAccPublicCAExternalAccountKey_publicCaExternalAccountKeyExample(t *testing.T) {
t.Parallel()

context := map[string]interface{}{
"project": acctest.GetTestProjectFromEnv(),
"random_suffix": RandString(t, 10),
}

VcrTest(t, resource.TestCase{
PreCheck: func() { acctest.AccTestPreCheck(t) },
ProtoV5ProviderFactories: ProtoV5ProviderFactories(t),
Steps: []resource.TestStep{
{
Config: testAccPublicCAExternalAccountKey_publicCaExternalAccountKeyExample(context),
},
},
})
}

func testAccPublicCAExternalAccountKey_publicCaExternalAccountKeyExample(context map[string]interface{}) string {
return tpgresource.Nprintf(`
resource "google_public_ca_external_account_key" "prod" {
project = "%{project}"
}
`, context)
}
165 changes: 165 additions & 0 deletions google/services/publicca/resource_public_ca_external_account_key.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

// ----------------------------------------------------------------------------
//
// *** AUTO GENERATED CODE *** Type: MMv1 ***
//
// ----------------------------------------------------------------------------
//
// This file is automatically generated by Magic Modules and manual
// changes will be clobbered when the file is regenerated.
//
// Please read more about how to change this file in
// .github/CONTRIBUTING.md.
//
// ----------------------------------------------------------------------------

package publicca

import (
"fmt"
"log"
"time"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/hashicorp/terraform-provider-google/google/tpgresource"
transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
)

func ResourcePublicCAExternalAccountKey() *schema.Resource {
return &schema.Resource{
Create: resourcePublicCAExternalAccountKeyCreate,
Read: resourcePublicCAExternalAccountKeyRead,
Delete: resourcePublicCAExternalAccountKeyDelete,

Timeouts: &schema.ResourceTimeout{
Create: schema.DefaultTimeout(20 * time.Minute),
Delete: schema.DefaultTimeout(20 * time.Minute),
},

Schema: map[string]*schema.Schema{
"location": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
Description: `Location for the externalAccountKey. Currently only 'global' is supported.`,
Default: "global",
},
"b64_mac_key": {
Type: schema.TypeString,
Computed: true,
Description: `Base64-URL-encoded HS256 key. It is generated by the PublicCertificateAuthorityService
when the ExternalAccountKey is created.`,
Sensitive: true,
},
"key_id": {
Type: schema.TypeString,
Computed: true,
Description: `It is generated by the PublicCertificateAuthorityService when the ExternalAccountKey is created.`,
Sensitive: true,
},
"name": {
Type: schema.TypeString,
Computed: true,
Description: `Resource name. projects/{project}/locations/{location}/externalAccountKeys/{keyId}.`,
},
"project": {
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
},
},
UseJSONNumber: true,
}
}

func resourcePublicCAExternalAccountKeyCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}

obj := make(map[string]interface{})

url, err := tpgresource.ReplaceVars(d, config, "{{PublicCABasePath}}projects/{{project}}/locations/{{location}}/externalAccountKeys")
if err != nil {
return err
}

log.Printf("[DEBUG] Creating new ExternalAccountKey: %#v", obj)
billingProject := ""

project, err := tpgresource.GetProject(d, config)
if err != nil {
return fmt.Errorf("Error fetching project for ExternalAccountKey: %s", err)
}
billingProject = project

// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}

res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "POST",
Project: billingProject,
RawURL: url,
UserAgent: userAgent,
Body: obj,
Timeout: d.Timeout(schema.TimeoutCreate),
})
if err != nil {
return fmt.Errorf("Error creating ExternalAccountKey: %s", err)
}
if err := d.Set("name", flattenPublicCAExternalAccountKeyName(res["name"], d, config)); err != nil {
return fmt.Errorf(`Error setting computed identity field "name": %s`, err)
}
if err := d.Set("key_id", flattenPublicCAExternalAccountKeyKeyId(res["keyId"], d, config)); err != nil {
return fmt.Errorf(`Error setting computed identity field "key_id": %s`, err)
}
if err := d.Set("b64_mac_key", flattenPublicCAExternalAccountKeyB64MacKey(res["b64MacKey"], d, config)); err != nil {
return fmt.Errorf(`Error setting computed identity field "b64_mac_key": %s`, err)
}

// Store the ID now
id, err := tpgresource.ReplaceVars(d, config, "{{name}}")
if err != nil {
return fmt.Errorf("Error constructing id: %s", err)
}
d.SetId(id)

log.Printf("[DEBUG] Finished creating ExternalAccountKey %q: %#v", d.Id(), res)

return resourcePublicCAExternalAccountKeyRead(d, meta)
}

func resourcePublicCAExternalAccountKeyRead(d *schema.ResourceData, meta interface{}) error {
// This resource could not be read from the API.
return nil
}

func resourcePublicCAExternalAccountKeyDelete(d *schema.ResourceData, meta interface{}) error {
log.Printf("[WARNING] PublicCA ExternalAccountKey resources"+
" cannot be deleted from Google Cloud. The resource %s will be removed from Terraform"+
" state, but will still be present on Google Cloud.", d.Id())
d.SetId("")

return nil
}

func flattenPublicCAExternalAccountKeyName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func flattenPublicCAExternalAccountKeyKeyId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func flattenPublicCAExternalAccountKeyB64MacKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
9 changes: 9 additions & 0 deletions google/transport/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,7 @@ type Config struct {
OSConfigBasePath string
OSLoginBasePath string
PrivatecaBasePath string
PublicCABasePath string
PubsubBasePath string
PubsubLiteBasePath string
RedisBasePath string
Expand Down Expand Up @@ -361,6 +362,7 @@ const NotebooksBasePathKey = "Notebooks"
const OSConfigBasePathKey = "OSConfig"
const OSLoginBasePathKey = "OSLogin"
const PrivatecaBasePathKey = "Privateca"
const PublicCABasePathKey = "PublicCA"
const PubsubBasePathKey = "Pubsub"
const PubsubLiteBasePathKey = "PubsubLite"
const RedisBasePathKey = "Redis"
Expand Down Expand Up @@ -464,6 +466,7 @@ var DefaultBasePaths = map[string]string{
OSConfigBasePathKey: "https://osconfig.googleapis.com/v1/",
OSLoginBasePathKey: "https://oslogin.googleapis.com/v1/",
PrivatecaBasePathKey: "https://privateca.googleapis.com/v1/",
PublicCABasePathKey: "https://publicca.googleapis.com/v1/",
PubsubBasePathKey: "https://pubsub.googleapis.com/v1/",
PubsubLiteBasePathKey: "https://{{region}}-pubsublite.googleapis.com/v1/admin/",
RedisBasePathKey: "https://redis.googleapis.com/v1/",
Expand Down Expand Up @@ -910,6 +913,11 @@ func HandleSDKDefaults(d *schema.ResourceData) error {
"GOOGLE_PRIVATECA_CUSTOM_ENDPOINT",
}, DefaultBasePaths[PrivatecaBasePathKey]))
}
if d.Get("public_ca_custom_endpoint") == "" {
d.Set("public_ca_custom_endpoint", MultiEnvDefault([]string{
"GOOGLE_PUBLIC_CA_CUSTOM_ENDPOINT",
}, DefaultBasePaths[PublicCABasePathKey]))
}
if d.Get("pubsub_custom_endpoint") == "" {
d.Set("pubsub_custom_endpoint", MultiEnvDefault([]string{
"GOOGLE_PUBSUB_CUSTOM_ENDPOINT",
Expand Down Expand Up @@ -1910,6 +1918,7 @@ func ConfigureBasePaths(c *Config) {
c.OSConfigBasePath = DefaultBasePaths[OSConfigBasePathKey]
c.OSLoginBasePath = DefaultBasePaths[OSLoginBasePathKey]
c.PrivatecaBasePath = DefaultBasePaths[PrivatecaBasePathKey]
c.PublicCABasePath = DefaultBasePaths[PublicCABasePathKey]
c.PubsubBasePath = DefaultBasePaths[PubsubBasePathKey]
c.PubsubLiteBasePath = DefaultBasePaths[PubsubLiteBasePathKey]
c.RedisBasePath = DefaultBasePaths[RedisBasePathKey]
Expand Down
Loading