Add support for parameter manager parameter resource google_parameter_manager_parameter
#12630
+284
−2
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,117 @@ | ||
| # Copyright 2024 Google Inc. | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| --- | ||
| name: 'Parameter' | ||
| description: | | ||
| A Parameter resource is a logical parameter. | ||
| references: | ||
| guides: | ||
| api: 'https://cloud.google.com/secret-manager/parameter-manager/docs/reference/rest/v1/projects.locations.parameters' | ||
| docs: | ||
| base_url: 'projects/{{project}}/locations/global/parameters' | ||
| self_link: 'projects/{{project}}/locations/global/parameters/{{parameter_id}}' | ||
| create_url: 'projects/{{project}}/locations/global/parameters?parameter_id={{parameter_id}}' | ||
| update_verb: 'PATCH' | ||
| update_mask: true | ||
| import_format: | ||
| - 'projects/{{project}}/locations/global/parameters/{{parameter_id}}' | ||
| timeouts: | ||
| insert_minutes: 20 | ||
| update_minutes: 20 | ||
| delete_minutes: 20 | ||
| examples: | ||
| - name: 'parameter_config_basic' | ||
| primary_resource_id: 'parameter-basic' | ||
| vars: | ||
| parameter_id: 'parameter' | ||
| - name: 'parameter_with_format' | ||
| primary_resource_id: 'parameter-with-format' | ||
| vars: | ||
| parameter_id: 'parameter' | ||
| - name: 'parameter_with_labels' | ||
| primary_resource_id: 'parameter-with-labels' | ||
| vars: | ||
| parameter_id: 'parameter' | ||
| parameters: | ||
| - name: 'parameterId' | ||
| type: String | ||
| description: | | ||
| This must be unique within the project. | ||
| url_param_only: true | ||
| required: true | ||
| immutable: true | ||
| properties: | ||
| - name: 'name' | ||
| type: String | ||
| description: | | ||
| The resource name of the Parameter. Format: | ||
| `projects/{{project}}/locations/global/parameters/{{parameter_id}}` | ||
| output: true | ||
| - name: 'createTime' | ||
| type: String | ||
| description: | | ||
| The time at which the Parameter was created. | ||
| output: true | ||
| - name: 'updateTime' | ||
| type: String | ||
| description: | | ||
| The time at which the Parameter was updated. | ||
| output: true | ||
| - name: 'policyMember' | ||
| type: NestedObject | ||
| description: | | ||
| Policy member strings of a Google Cloud resource. | ||
| output: true | ||
| properties: | ||
| - name: 'iamPolicyUidPrincipal' | ||
| type: String | ||
| description: | | ||
| IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. | ||
| If a resource is deleted and recreated with the same name, the binding will not be applicable to the | ||
| new resource. Format: | ||
| `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}` | ||
| output: true | ||
| - name: 'iamPolicyNamePrincipal' | ||
| type: String | ||
| description: | | ||
| IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a | ||
| resource is deleted and recreated with the same name, the binding will be applicable to the | ||
| new resource. Format: | ||
| `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}` | ||
| output: true | ||
| - name: 'labels' | ||
| type: KeyValueLabels | ||
| description: | | ||
| The labels assigned to this Parameter. | ||
|
|
||
| Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, | ||
| and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} | ||
|
|
||
| Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, | ||
| and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} | ||
|
|
||
| No more than 64 labels can be assigned to a given resource. | ||
|
|
||
| An object containing a list of "key": value pairs. Example: | ||
| { "name": "wrench", "mass": "1.3kg", "count": "3" }. | ||
| - name: 'format' | ||
| type: Enum | ||
| description: | | ||
| The format type of the parameter resource. Default value is UNFORMATTED. | ||
| default_from_api: true | ||
|
There was a problem hiding this comment. Is this default expected to be stable over time? If so, it would be a slightly better UX to use default_value rather than default_from_api. More info at https://googlecloudplatform.github.io/magic-modules/develop/diffs/#default. There was a problem hiding this comment.
What do you think @gptSanyam?
However, AFAIK, default values are being sent in the request body itself. So, I think it would be better that the field is optional + computed. @melinath Let me know your thoughts. There was a problem hiding this comment. What is the problem with sending default values in the request body? That is also what happens if a user sets a value. There was a problem hiding this comment. I think if in future the default from the API side changes than it would require the change to be done in the provider too. There was a problem hiding this comment. But, Yeah, I agree with your point that if default from the API is going to stable than we can also use the default values. There was a problem hiding this comment. Let's just leave this as default_from_api since the regional variant was already merged with that. For future reference, default_value is preferred where possible for the reasons listed above, but it's not the end of the world to use default_from_api instead. There was a problem hiding this comment. Thanks @melinath So my recommendation is to change this to default value. There was a problem hiding this comment. Okay, SGTM - the other resource was merged on Wednesday so it should still be safe to change that. There was a problem hiding this comment. @melinath I've used |
||
| immutable: true | ||
| enum_values: | ||
| - 'UNFORMATTED' | ||
| - 'YAML' | ||
| - 'JSON' | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| # Copyright 2024 Google Inc. | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| --- | ||
| name: 'ParameterManager' | ||
| display_name: 'Parameter Manager' | ||
| versions: | ||
| - name: 'ga' | ||
melinath marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| base_url: 'https://parametermanager.googleapis.com/v1/' | ||
| - name: 'beta' | ||
| base_url: 'https://parametermanager.googleapis.com/v1/' | ||
| scopes: | ||
| - 'https://www.googleapis.com/auth/cloud-platform' | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| resource "google_parameter_manager_parameter" "{{$.PrimaryResourceId}}" { | ||
| parameter_id = "{{index $.Vars "parameter_id"}}" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| resource "google_parameter_manager_parameter" "{{$.PrimaryResourceId}}" { | ||
| parameter_id = "{{index $.Vars "parameter_id"}}" | ||
| format = "JSON" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| resource "google_parameter_manager_parameter" "{{$.PrimaryResourceId}}" { | ||
| parameter_id = "{{index $.Vars "parameter_id"}}" | ||
|
|
||
| labels = { | ||
| key1 = "val1" | ||
| key2 = "val2" | ||
| key3 = "val3" | ||
| key4 = "val4" | ||
| key5 = "val5" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| package parametermanager_test | ||
|
|
||
| import ( | ||
| "testing" | ||
|
|
||
| "github.com/hashicorp/terraform-plugin-testing/helper/resource" | ||
| "github.com/hashicorp/terraform-provider-google/google/acctest" | ||
| ) | ||
|
|
||
| func TestAccParameterManagerParameter_import(t *testing.T) { | ||
| t.Parallel() | ||
|
|
||
| context := map[string]interface{}{ | ||
| "random_suffix": acctest.RandString(t, 10), | ||
| } | ||
|
|
||
| acctest.VcrTest(t, resource.TestCase{ | ||
| PreCheck: func() { acctest.AccTestPreCheck(t) }, | ||
| ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), | ||
| CheckDestroy: testAccCheckParameterManagerParameterDestroyProducer(t), | ||
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: testAccParameterManagerParameter_import(context), | ||
| }, | ||
| { | ||
| ResourceName: "google_parameter_manager_parameter.parameter-import", | ||
| ImportState: true, | ||
| ImportStateVerify: true, | ||
| ImportStateVerifyIgnore: []string{"labels", "parameter_id", "terraform_labels"}, | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func testAccParameterManagerParameter_import(context map[string]interface{}) string { | ||
| return acctest.Nprintf(` | ||
| resource "google_parameter_manager_parameter" "parameter-import" { | ||
| parameter_id = "tf_test_parameter%{random_suffix}" | ||
| format = "YAML" | ||
|
|
||
| labels = { | ||
| key1 = "val1" | ||
| key2 = "val2" | ||
| key3 = "val3" | ||
| key4 = "val4" | ||
| key5 = "val5" | ||
| } | ||
| } | ||
| `, context) | ||
| } | ||
|
|
||
| func TestAccParameterManagerParameter_labelsUpdate(t *testing.T) { | ||
| t.Parallel() | ||
|
|
||
| context := map[string]interface{}{ | ||
| "random_suffix": acctest.RandString(t, 10), | ||
| } | ||
|
|
||
| acctest.VcrTest(t, resource.TestCase{ | ||
| PreCheck: func() { acctest.AccTestPreCheck(t) }, | ||
| ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), | ||
| CheckDestroy: testAccCheckParameterManagerParameterDestroyProducer(t), | ||
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: testAccParameterManagerParameter_withoutLabels(context), | ||
| }, | ||
| { | ||
| ResourceName: "google_parameter_manager_parameter.parameter-with-labels", | ||
| ImportState: true, | ||
| ImportStateVerify: true, | ||
| ImportStateVerifyIgnore: []string{"labels", "parameter_id", "terraform_labels"}, | ||
| }, | ||
| { | ||
| Config: testAccParameterManagerParameter_labelsUpdate(context), | ||
| }, | ||
| { | ||
| ResourceName: "google_parameter_manager_parameter.parameter-with-labels", | ||
| ImportState: true, | ||
| ImportStateVerify: true, | ||
| ImportStateVerifyIgnore: []string{"labels", "parameter_id", "terraform_labels"}, | ||
| }, | ||
| { | ||
| Config: testAccParameterManagerParameter_labelsUpdateOther(context), | ||
| }, | ||
| { | ||
| ResourceName: "google_parameter_manager_parameter.parameter-with-labels", | ||
| ImportState: true, | ||
| ImportStateVerify: true, | ||
| ImportStateVerifyIgnore: []string{"labels", "parameter_id", "terraform_labels"}, | ||
| }, | ||
| { | ||
| Config: testAccParameterManagerParameter_withoutLabels(context), | ||
| }, | ||
| { | ||
| ResourceName: "google_parameter_manager_parameter.parameter-with-labels", | ||
| ImportState: true, | ||
| ImportStateVerify: true, | ||
| ImportStateVerifyIgnore: []string{"labels", "parameter_id", "terraform_labels"}, | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func testAccParameterManagerParameter_withoutLabels(context map[string]interface{}) string { | ||
| return acctest.Nprintf(` | ||
| resource "google_parameter_manager_parameter" "parameter-with-labels" { | ||
| parameter_id = "tf_test_parameter%{random_suffix}" | ||
| format = "JSON" | ||
| } | ||
| `, context) | ||
| } | ||
|
|
||
| func testAccParameterManagerParameter_labelsUpdate(context map[string]interface{}) string { | ||
| return acctest.Nprintf(` | ||
| resource "google_parameter_manager_parameter" "parameter-with-labels" { | ||
| parameter_id = "tf_test_parameter%{random_suffix}" | ||
| format = "JSON" | ||
|
|
||
| labels = { | ||
| key1 = "val1" | ||
| key2 = "val2" | ||
| key3 = "val3" | ||
| key4 = "val4" | ||
| key5 = "val5" | ||
| } | ||
| } | ||
| `, context) | ||
| } | ||
|
|
||
| func testAccParameterManagerParameter_labelsUpdateOther(context map[string]interface{}) string { | ||
| return acctest.Nprintf(` | ||
| resource "google_parameter_manager_parameter" "parameter-with-labels" { | ||
| parameter_id = "tf_test_parameter%{random_suffix}" | ||
| format = "JSON" | ||
|
|
||
| labels = { | ||
| key1 = "val1" | ||
| key2 = "updateval2" | ||
| updatekey3 = "val3" | ||
| updatekey4 = "updateval4" | ||
| key6 = "val6" | ||
| } | ||
| } | ||
| `, context) | ||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will parameters ever be location-based? Or are they strictly limited to global forever?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The API is regional and global is considered as a region ( so base URL can be parameterised)
However the URL for global and regional API endpoints vary:
Global: parametermanager.googleapis.com
Regional: parametermanager.**{location}.rep.**googleapis.com
@slevenick Just because of this we will have to make keep regional and global resources. Can these be combined?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmmm, does the regional endpoint work for global? Like
parametermanager.**global.rep.**googleapis.com?If so, it should be easy to regionalize it now and allow global as a region.
Otherwise it should be possible, but may require some special casing. A lot of it depends on how you want to surface these resources to customers. Should they be separate resources in Terraform or not?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does the regional endpoint work for global? Like parametermanager.**global.rep.**googleapis.com?
@slevenick Regarding separate resources: Given that we don't have any change in logic, I don't have a strong reason why we should have separate resources apart from segregating the endpoints.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could do switching of the endpoint based on the value of a location field to combine the resources. We would need to make that decision now though, so we should discuss.
Such an approach would complicate use of custom endpoints for this resource though, so we may need to accommodate that somehow
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed offline we will continue with having separate resources for global and regional Parameters and Parameter Versions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like the regional variants may need to be handwritten per hashicorp/terraform-provider-google#12738 (comment)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
making a regional variant product folder might be easier.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@melinath We have already created a separate regional product folder along with the equivalent regional resource and this has been merged as a part of the PR #12631