Skip to content

Commit

Permalink
fix(hashicorp/terraform-provider-google#8370): Converting non-legacy …
Browse files Browse the repository at this point in the history
…BQ roles to legacy ones to suppress diff
  • Loading branch information
sachinpro committed Oct 15, 2024
1 parent b0450ba commit 5d5f997
Show file tree
Hide file tree
Showing 3 changed files with 84 additions and 4 deletions.
6 changes: 2 additions & 4 deletions mmv1/products/bigquery/Dataset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,6 @@ references:
'Datasets Intro': 'https://cloud.google.com/bigquery/docs/datasets-intro'
api: 'https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets'
docs:
warning: |
You must specify the role field using the legacy format `OWNER` instead of `roles/bigquery.dataOwner`.
The API does accept both formats but it will always return the legacy format which results in Terraform
showing permanent diff on each plan and apply operation.
base_url: 'projects/{{project}}/datasets'
self_link: 'projects/{{project}}/datasets/{{dataset_id}}'
has_self_link: true
Expand All @@ -37,6 +33,8 @@ timeouts:
delete_minutes: 20
custom_code:
constants: 'templates/terraform/constants/bigquery_dataset.go.tmpl'
custom_diff:
- 'SetAccessDiff'
exclude_sweeper: true
examples:
- name: 'bigquery_dataset_basic'
Expand Down
46 changes: 46 additions & 0 deletions mmv1/templates/terraform/constants/bigquery_dataset.go.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,49 @@ func validateDefaultTableExpirationMs(v interface{}, k string) (ws []string, err

return
}

// The CustomizeDiff func to use legacy roles for access field in bigquery_dataset
// because the API returns that.
func SetAccessDiff(_ context.Context, d *schema.ResourceDiff, meta interface{}) error {
return setAccessFields("access", d, meta, false)
}

func setAccessFields(accessField string, d *schema.ResourceDiff, meta interface{}, skipAttribution bool) error {
raw := d.Get(accessField)
fmt.Printf("setAccessFields raw:: %v\n", raw)
if raw == nil {
return nil
}

access, ok := raw.(*schema.Set)
if !ok {
return fmt.Errorf("access field %q is not a set", accessField)
}

var newAccess []interface{}
for _, v := range access.List() {
m, ok := v.(map[string]interface{})
if !ok {
return fmt.Errorf("access element is not a map: %v", v)
}

if role, ok := m["role"]; ok {
switch role {
case "roles/bigquery.dataOwner":
m["role"] = "OWNER"
case "roles/bigquery.dataEditor":
m["role"] = "WRITER"
case "roles/bigquery.dataViewer":
m["role"] = "READER"
}
}

newAccess = append(newAccess, m)
}

if err := d.SetNew(accessField, newAccess); err != nil {
return fmt.Errorf("error setting new access diff: %w", err)
}

return nil
}
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,29 @@ func TestAccBigQueryDataset_datasetWithContents(t *testing.T) {
})
}

func TestAccBigQueryDataset_nonLegacyAccess(t *testing.T) {
t.Parallel()

datasetID := fmt.Sprintf("tf_test_access_%s", acctest.RandString(t, 10))

acctest.VcrTest(t, resource.TestCase{
PreCheck: func() { acctest.AccTestPreCheck(t) },
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
CheckDestroy: testAccCheckBigQueryDatasetDestroyProducer(t),
Steps: []resource.TestStep{
{
Config: testAccBigQueryDatasetWithNonLegacyAccess(datasetID),
},
{
ResourceName: "google_bigquery_dataset.access_test",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
},
},
})
}

func TestAccBigQueryDataset_access(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -639,6 +662,19 @@ resource "google_bigquery_dataset" "test" {
`, datasetID, location)
}

func testAccBigQueryDatasetWithNonLegacyAccess(datasetID string) string {
return fmt.Sprintf(`
resource "google_bigquery_dataset" "access_test" {
dataset_id = "%s"
access {
role = "roles/bigquery.dataOwner"
user_by_email = "[email protected]"
}
}
`, datasetID)
}

func testAccBigQueryDatasetWithOneAccess(datasetID string) string {
return fmt.Sprintf(`
resource "google_bigquery_dataset" "access_test" {
Expand Down

0 comments on commit 5d5f997

Please sign in to comment.