Merge pull request #9 from hashicorp/main

Fork Sync: Update from parent repository
opentofu · Sep 20, 2023 · 9c71e26 · 9c71e26
2 parents 4405400 + 05b68ef
commit 9c71e26
Show file tree

Hide file tree

Showing 18 changed files with 1,891 additions and 8 deletions.
diff --git a/.changelog/8972.txt b/.changelog/8972.txt
@@ -0,0 +1,3 @@
+```release-note:new-datasource
+google_certificate_manager_certificate_map
+```
diff --git a/.changelog/8988.txt b/.changelog/8988.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+osconfig: fixed no more than one setting is allowed under `patch_config.windows_update` on `google_os_config_patch_deployment`
+```
diff --git a/.changelog/8993.txt b/.changelog/8993.txt
@@ -0,0 +1,3 @@
+```release-note:new-resource
+`google_scc_project_custom_module`
+```
diff --git a/.changelog/9001.txt b/.changelog/9001.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+identityplayform: fixed a potential perma-diff for `sign_in` in `google_identity_platform_config` resource
+```
diff --git a/google/provider/provider.go b/google/provider/provider.go
@@ -779,6 +779,7 @@ func DatasourceMapWithErrors() (map[string]*schema.Resource, error) {
 		"google_beyondcorp_app_gateway":                       beyondcorp.DataSourceGoogleBeyondcorpAppGateway(),
 		"google_billing_account":                              billing.DataSourceGoogleBillingAccount(),
 		"google_bigquery_default_service_account":             bigquery.DataSourceGoogleBigqueryDefaultServiceAccount(),
+		"google_certificate_manager_certificate_map":          certificatemanager.DataSourceGoogleCertificateManagerCertificateMap(),
 		"google_cloudbuild_trigger":                           cloudbuild.DataSourceGoogleCloudBuildTrigger(),
 		"google_cloudfunctions_function":                      cloudfunctions.DataSourceGoogleCloudFunctionsFunction(),
 		"google_cloudfunctions2_function":                     cloudfunctions2.DataSourceGoogleCloudFunctions2Function(),
@@ -993,9 +994,9 @@ func DatasourceMapWithErrors() (map[string]*schema.Resource, error) {
 		})
 }
 
-// Generated resources: 325
+// Generated resources: 326
 // Generated IAM resources: 210
-// Total generated resources: 535
+// Total generated resources: 536
 func ResourceMap() map[string]*schema.Resource {
 	resourceMap, _ := ResourceMapWithErrors()
 	return resourceMap
@@ -1477,6 +1478,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
 			"google_secret_manager_secret_version":                           secretmanager.ResourceSecretManagerSecretVersion(),
 			"google_scc_mute_config":                                         securitycenter.ResourceSecurityCenterMuteConfig(),
 			"google_scc_notification_config":                                 securitycenter.ResourceSecurityCenterNotificationConfig(),
+			"google_scc_project_custom_module":                               securitycenter.ResourceSecurityCenterProjectCustomModule(),
 			"google_scc_source":                                              securitycenter.ResourceSecurityCenterSource(),
 			"google_scc_source_iam_binding":                                  tpgiamresource.ResourceIamBinding(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc),
 			"google_scc_source_iam_member":                                   tpgiamresource.ResourceIamMember(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc),

diff --git a/google/services/certificatemanager/data_source_google_certificate_manager_certificate_map.go b/google/services/certificatemanager/data_source_google_certificate_manager_certificate_map.go
@@ -0,0 +1,46 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package certificatemanager
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-google/google/tpgresource"
+	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
+)
+
+func DataSourceGoogleCertificateManagerCertificateMap() *schema.Resource {
+
+	dsSchema := tpgresource.DatasourceSchemaFromResourceSchema(ResourceCertificateManagerCertificateMap().Schema)
+	tpgresource.AddRequiredFieldsToSchema(dsSchema, "name")
+	tpgresource.AddOptionalFieldsToSchema(dsSchema, "project")
+
+	return &schema.Resource{
+		Read:   dataSourceGoogleCertificateManagerCertificateMapRead,
+		Schema: dsSchema,
+	}
+}
+
+func dataSourceGoogleCertificateManagerCertificateMapRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+
+	name := d.Get("name").(string)
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return err
+	}
+
+	id := fmt.Sprintf("projects/%s/locations/global/certificateMaps/%s", project, name)
+	d.SetId(id)
+	err = resourceCertificateManagerCertificateMapRead(d, meta)
+	if err != nil {
+		return err
+	}
+
+	if d.Id() == "" {
+		return fmt.Errorf("%s not found", id)
+	}
+	return nil
+}
diff --git a/...ervices/certificatemanager/data_source_google_certificate_manager_certificate_map_test.go b/...ervices/certificatemanager/data_source_google_certificate_manager_certificate_map_test.go
@@ -0,0 +1,111 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package certificatemanager_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-provider-google/google/acctest"
+	"github.com/hashicorp/terraform-provider-google/google/envvar"
+)
+
+func TestAccDataSourceGoogleCertificateManagerCertificateMap_basic(t *testing.T) {
+	t.Parallel()
+
+	project := envvar.GetTestProjectFromEnv()
+
+	description := "My acceptance data source test certificate map"
+	name := fmt.Sprintf("tf-test-certificate-map-%d", acctest.RandInt(t))
+	id := fmt.Sprintf("projects/%s/locations/global/certificateMaps/%s", project, name)
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceGoogleCertificateManagerCertificateMap_basic(name, description),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.google_certificate_manager_certificate_map.cert_map_data", "id", id),
+					resource.TestCheckResourceAttr("data.google_certificate_manager_certificate_map.cert_map_data", "description", description),
+					resource.TestCheckResourceAttr("data.google_certificate_manager_certificate_map.cert_map_data", "name", name),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceGoogleCertificateManagerCertificateMap_basic(certificateMapName, certificateMapDescription string) string {
+	return fmt.Sprintf(`
+resource "google_certificate_manager_certificate_map" "cert_map" {
+	name        = "%s"
+	description = "%s"
+	labels      = {
+		"terraform" : true,
+		"acc-test"  : true,
+	}
+}
+data "google_certificate_manager_certificate_map" "cert_map_data" {
+	name = google_certificate_manager_certificate_map.cert_map.name
+}
+`, certificateMapName, certificateMapDescription)
+}
+
+func TestAccDataSourceGoogleCertificateManagerCertificateMap_certificateMapEntryUsingMapDatasource(t *testing.T) {
+	t.Parallel()
+
+	project := envvar.GetTestProjectFromEnv()
+
+	certName := fmt.Sprintf("tf-test-certificate-%d", acctest.RandInt(t))
+	mapEntryName := fmt.Sprintf("tf-test-certificate-map-entry-%d", acctest.RandInt(t))
+	mapName := fmt.Sprintf("tf-test-certificate-map-%d", acctest.RandInt(t))
+	id := fmt.Sprintf("projects/%s/locations/global/certificateMaps/%s", project, mapName)
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceGoogleCertificateManagerCertificateMap_certificateMapEntryUsingMapDatasource(mapName, mapEntryName, certName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.google_certificate_manager_certificate_map.cert_map_data", "id", id),
+					resource.TestCheckResourceAttr("data.google_certificate_manager_certificate_map.cert_map_data", "name", mapName),
+					resource.TestCheckResourceAttr("google_certificate_manager_certificate_map_entry.cert_map_entry", "map", mapName), // check that the certificate map entry is referencing the data source
+
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceGoogleCertificateManagerCertificateMap_certificateMapEntryUsingMapDatasource(certificateMapName, certificateMapEntryName, certificateName string) string {
+	return fmt.Sprintf(`
+resource "google_certificate_manager_certificate_map" "cert_map" {
+	name        = "%s"
+	description = "certificate map example created for testing data sources in TF"
+	labels      = {
+		"terraform" : true,
+		"acc-test"  : true,
+	}
+}
+data "google_certificate_manager_certificate_map" "cert_map_data" {
+	name = google_certificate_manager_certificate_map.cert_map.name
+}
+resource "google_certificate_manager_certificate" "certificate" {
+	name        = "%s"
+	description = "Global cert"
+	self_managed {
+	  pem_certificate = file("test-fixtures/cert.pem")
+	  pem_private_key = file("test-fixtures/private-key.pem")
+	}
+}
+resource "google_certificate_manager_certificate_map_entry" "cert_map_entry" {
+	name        = "%s"
+	description = "certificate map entry that reference a data source of certificate map and a self managed certificate"
+	map = data.google_certificate_manager_certificate_map.cert_map_data.name
+	certificates = [google_certificate_manager_certificate.certificate.id]
+	matcher = "PRIMARY"
+}
+`, certificateMapName, certificateName, certificateMapEntryName)
+}
diff --git a/google/services/identityplatform/resource_identity_platform_config.go b/google/services/identityplatform/resource_identity_platform_config.go
@@ -157,6 +157,7 @@ func ResourceIdentityPlatformConfig() *schema.Resource {
 			},
 			"sign_in": {
 				Type:        schema.TypeList,
+				Computed:    true,
 				Optional:    true,
 				Description: `Configuration related to local sign in methods.`,
 				MaxItems:    1,

diff --git a/google/services/identityplatform/resource_identity_platform_config_generated_test.go b/google/services/identityplatform/resource_identity_platform_config_generated_test.go
@@ -119,7 +119,6 @@ resource "google_identity_platform_config" "default" {
 }
 
 func TestAccIdentityPlatformConfig_identityPlatformConfigMinimalExample(t *testing.T) {
-	acctest.SkipIfVcr(t)
 	t.Parallel()
 
 	context := map[string]interface{}{
@@ -164,6 +163,10 @@ resource "google_project_service" "identitytoolkit" {
 
 resource "google_identity_platform_config" "default" {
   project = google_project.default.project_id
+  
+  depends_on = [
+    google_project_service.identitytoolkit
+  ]
 }
 `, context)
 }
diff --git a/google/services/osconfig/resource_os_config_patch_deployment.go b/google/services/osconfig/resource_os_config_patch_deployment.go
@@ -547,7 +547,8 @@ be executed directly, which will likely only succeed for scripts with shebang li
 											Type:         schema.TypeString,
 											ValidateFunc: verify.ValidateEnum([]string{"CRITICAL", "SECURITY", "DEFINITION", "DRIVER", "FEATURE_PACK", "SERVICE_PACK", "TOOL", "UPDATE_ROLLUP", "UPDATE"}),
 										},
-										ExactlyOneOf: []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
+										ConflictsWith: []string{"patch_config.0.windows_update.0.exclusive_patches"},
+										AtLeastOneOf:  []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
 									},
 									"excludes": {
 										Type:        schema.TypeList,
@@ -557,7 +558,8 @@ be executed directly, which will likely only succeed for scripts with shebang li
 										Elem: &schema.Schema{
 											Type: schema.TypeString,
 										},
-										ExactlyOneOf: []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
+										ConflictsWith: []string{"patch_config.0.windows_update.0.exclusive_patches"},
+										AtLeastOneOf:  []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
 									},
 									"exclusive_patches": {
 										Type:     schema.TypeList,
@@ -568,7 +570,8 @@ This field must not be used with other patch configurations.`,
 										Elem: &schema.Schema{
 											Type: schema.TypeString,
 										},
-										ExactlyOneOf: []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
+										ConflictsWith: []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes"},
+										AtLeastOneOf:  []string{"patch_config.0.windows_update.0.classifications", "patch_config.0.windows_update.0.excludes", "patch_config.0.windows_update.0.exclusive_patches"},
 									},
 								},
 							},

diff --git a/google/services/osconfig/resource_os_config_patch_deployment_generated_test.go b/google/services/osconfig/resource_os_config_patch_deployment_generated_test.go
@@ -305,7 +305,7 @@ resource "google_os_config_patch_deployment" "patch" {
 
   patch_config {
     mig_instances_allowed = true
-    
+
     reboot_config = "ALWAYS"
 
     apt {
@@ -329,6 +329,7 @@ resource "google_os_config_patch_deployment" "patch" {
 
     windows_update {
       classifications = ["CRITICAL", "SECURITY", "UPDATE"]
+      excludes = ["5012170"]
     }
 
     pre_step {