Skip to content

Commit

Permalink
Support deleting Firestore databases
Browse files Browse the repository at this point in the history
Due to backwards compatibility concerns, the default behavior remains to
abandon the database upon destroy rather than to actually delete it.

To actually delete the database, you must set deletion_policy to DELETE,
and apply if necessary, before running `terraform destroy`.

This also cleans up some related deletion-related docs and bugs:

* Updates the delete protection docs
* Either delete protection or deletion policy being set prevents destroy

Fixes hashicorp/terraform-provider-google#16488
Fixes hashicorp/terraform-provider-google#16404
Fixes hashicorp/terraform-provider-google#16325
  • Loading branch information
rwhogg committed Nov 9, 2023
1 parent a01c414 commit f53a06e
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 2 deletions.
31 changes: 29 additions & 2 deletions mmv1/products/firestore/Database.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ async: !ruby/object:Api::OpAsync
error: !ruby/object:Api::OpAsync::Error
path: 'error'
message: 'message'
skip_delete: true
autogen_async: true
id_format: 'projects/{{project}}/databases/{{name}}'
import_format:
Expand Down Expand Up @@ -105,6 +104,32 @@ examples:
test_env_vars:
project_id: :PROJECT_NAME
skip_test: true
- !ruby/object:Provider::Terraform::Examples
name: 'firestore_database_with_deletion_policy'
primary_resource_id: 'database'
pull_external: true
vars:
name: "example-database-id"
test_env_vars:
project_id: :PROJECT_NAME
ignore_read_extra:
- project
- etag
virtual_fields:
- !ruby/object:Api::Type::Enum
name: 'deletion_policy'
description: |
Deletion behavior for this database.
If the deletion policy is ABANDON, the database will be removed from Terraform state but not deleted from Google Cloud upon destruction.
If the deletion policy is DELETE, the database will both be removed from Terraform state and deleted from Google Cloud upon destruction.
The default value is ABANDON.
See also delete_protection.
values:
- :DELETE
- :ABANDON
default_value: :ABANDON
custom_code: !ruby/object:Provider::Terraform::CustomCode
pre_delete: templates/terraform/pre_delete/firestore_database.go.erb
properties:
- !ruby/object:Api::Type::String
name: name
Expand Down Expand Up @@ -177,8 +202,10 @@ properties:
name: deleteProtectionState
description: |
State of delete protection for the database.
When delete protection is enabled, this database cannot be deleted.
The default value is DELETE_PROTECTION_DISABLED.
Note: Additionally, to delete this database using `terraform destroy`, deletion_policy must be set to DELETE.
values:
- :DELETE_PROTECTION_STATE_UNSPECIFIED
- :DELETE_PROTECTION_ENABLED
- :DELETE_PROTECTION_DISABLED
default_from_api: true
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
resource "google_firestore_database" "<%= ctx[:primary_resource_id] %>" {
project = "<%= ctx[:test_env_vars]['project_id'] %>"
name = "<%= ctx[:vars]['name']%>"
location_id = "nam5"
type = "FIRESTORE_NATIVE"

# Required to allow deleting the database with Terraform
# Also ensure that delete_protection_state is set to DELETE_PROTECTION_DISABLED (the default)
deletion_policy = "DELETE"
}
7 changes: 7 additions & 0 deletions mmv1/templates/terraform/pre_delete/firestore_database.go.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
if deletionPolicy := d.Get("deletion_policy"); deletionPolicy == "ABANDON" {
log.Printf("[WARN] Firestore database %q deletion_policy is set to 'ABANDON', skipping deletion", d.Get("name").(string))
return nil
}
if d.Get("deletion_protection").(bool) {
return fmt.Errorf("Cannot delete Firestore database %s: Delete Protection is enabled. Set delete_protection_state to DELETE_PROTECTION_DISABLED for this resource and run \"terraform apply\" before attempting to delete it.", d.Get("name").(string))
}

0 comments on commit f53a06e

Please sign in to comment.