From 023b575b0ccf424137fe332cc40701f5bef9f3b6 Mon Sep 17 00:00:00 2001 From: Ishana Narayanan Date: Mon, 6 Jan 2025 14:44:12 -0500 Subject: [PATCH] Expand Terraform for Developer Connect (#12391) --- .../products/developerconnect/Connection.yaml | 485 ++++++++++++------ .../developerconnect/GitRepositoryLink.yaml | 16 - mmv1/products/developerconnect/product.yaml | 11 +- ...ct_connection_existing_credentials.tf.tmpl | 3 +- ...t_connection_existing_installation.tf.tmpl | 7 - ...eveloper_connect_connection_github.tf.tmpl | 12 + ...oper_connect_connection_github_doc.tf.tmpl | 42 ++ ...nnect_connection_github_enterprise.tf.tmpl | 12 + ...t_connection_github_enterprise_doc.tf.tmpl | 61 +++ ...eveloper_connect_connection_gitlab.tf.tmpl | 16 + ...oper_connect_connection_gitlab_doc.tf.tmpl | 81 +++ ...nnect_connection_gitlab_enterprise.tf.tmpl | 18 + ...t_connection_gitlab_enterprise_doc.tf.tmpl | 83 +++ .../developer_connect_connection_new.tf.tmpl | 9 +- ...connect_git_repository_link_github.tf.tmpl | 2 - ...ect_git_repository_link_github_doc.tf.tmpl | 1 - ..._developer_connect_connection_test.go.tmpl | 384 +++++++++++++- 17 files changed, 1039 insertions(+), 204 deletions(-) create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_github.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_github_doc.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise_doc.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_gitlab.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_gitlab_doc.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise.tf.tmpl create mode 100644 mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise_doc.tf.tmpl diff --git a/mmv1/products/developerconnect/Connection.yaml b/mmv1/products/developerconnect/Connection.yaml index 32cc8383038b..b1c0047b149a 100644 --- a/mmv1/products/developerconnect/Connection.yaml +++ b/mmv1/products/developerconnect/Connection.yaml @@ -12,218 +12,401 @@ # limitations under the License. --- -name: 'Connection' -description: | - A connection to a GitHub App installation. -min_version: 'beta' -docs: -id_format: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -base_url: 'projects/{{project}}/locations/{{location}}/connections' -self_link: 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -create_url: 'projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}}' -update_verb: 'PATCH' +name: Connection +description: A connection for GitHub, GitHub Enterprise, GitLab, and GitLab Enterprise. +base_url: projects/{{project}}/locations/{{location}}/connections update_mask: true +self_link: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} +create_url: projects/{{project}}/locations/{{location}}/connections?connectionId={{connection_id}} +update_verb: PATCH +id_format: projects/{{project}}/locations/{{location}}/connections/{{connection_id}} import_format: - - 'projects/{{project}}/locations/{{location}}/connections/{{connection_id}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -autogen_async: true -async: - actions: ['create', 'delete', 'update'] - type: 'OpAsync' - operation: - base_url: '{{op_id}}' - result: - resource_inside_response: true -custom_code: + - projects/{{project}}/locations/{{location}}/connections/{{connection_id}} examples: - name: 'developer_connect_connection_new' primary_resource_id: 'my-connection' primary_resource_name: 'fmt.Sprintf("tf-test-connection-new%s", context["random_suffix"])' - min_version: 'beta' vars: connection_name: 'tf-test-connection-new' test_env_vars: project: 'PROJECT_NAME' + exclude_test: true - name: 'developer_connect_connection_existing_credentials' primary_resource_id: 'my-connection' primary_resource_name: 'fmt.Sprintf("tf-test-connection-cred%s", context["random_suffix"])' - min_version: 'beta' vars: connection_name: 'tf-test-connection-cred' secret_name: "projects/your-project/secrets/your-secret-id/versions/latest" test_vars_overrides: secret_name: '"projects/devconnect-terraform-creds/secrets/tf-test-do-not-change-github-oauthtoken-e0b9e7/versions/1"' - name: 'developer_connect_connection_existing_installation' - min_version: 'beta' exclude_test: true + - name: 'developer_connect_connection_github' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + vars: + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_github_doc' + exclude_test: true + - name: 'developer_connect_connection_github_enterprise' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + vars: + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_github_enterprise_doc' + exclude_test: true + - name: 'developer_connect_connection_gitlab' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + vars: + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_gitlab_doc' + exclude_test: true + - name: 'developer_connect_connection_gitlab_enterprise' + primary_resource_id: 'my-connection' + primary_resource_name: 'fmt.Sprintf("tf-test-connection%s", context["random_suffix"])' + vars: + connection_name: 'tf-test-connection' + - name: 'developer_connect_connection_gitlab_enterprise_doc' + exclude_test: true +autogen_async: true +async: + operation: + timeouts: + insert_minutes: 20 + update_minutes: 20 + delete_minutes: 20 + base_url: '{{op_id}}' + actions: + - create + - delete + - update + type: OpAsync + result: + resource_inside_response: true + error: {} + include_project: false +autogen_status: Q29ubmVjdGlvbg== parameters: - - name: 'location' + - name: location type: String - description: | - Resource ID segment making up resource `name`. It identifies the resource - within its parent collection as described in https://google.aip.dev/122. See documentation - for resource type `developerconnect.googleapis.com/GitRepositoryLink`. - min_version: 'beta' + description: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + immutable: true url_param_only: true required: true - immutable: true - - name: 'connectionId' + - name: connectionId type: String - description: | - Required. Id of the requesting object. If auto-generating Id server-side, - remove this field and connection_id from the method_signature of Create RPC. - min_version: 'beta' + description: |- + Required. Id of the requesting object + If auto-generating Id server-side, remove this field and + connection_id from the method_signature of Create RPC + immutable: true url_param_only: true required: true - immutable: true properties: - - name: 'githubConfig' + - name: githubConfig type: NestedObject - description: | - Configuration for connections to github.com. - min_version: 'beta' + description: Configuration for connections to github.com. properties: - - name: 'githubApp' + - name: installationUri type: String - description: | - Required. Immutable. The GitHub Application that was installed to - the GitHub user or organization. + description: |- + Output only. The URI to navigate to in order to manage the installation associated + with this GitHubConfig. + output: true + - name: githubApp + type: String + description: |- + Required. Immutable. The GitHub Application that was installed to the GitHub user or + organization. Possible values: - GIT_HUB_APP_UNSPECIFIED - DEVELOPER_CONNECT - FIREBASE" - min_version: 'beta' - required: true + GIT_HUB_APP_UNSPECIFIED + DEVELOPER_CONNECT + FIREBASE immutable: true - - name: 'authorizerCredential' + required: true + - name: authorizerCredential type: NestedObject - description: | - Represents an OAuth token of the account that authorized the Connection,and - associated metadata. - min_version: 'beta' + description: |- + Represents an OAuth token of the account that authorized the Connection, + and associated metadata. default_from_api: true properties: - - name: 'oauthTokenSecretVersion' + - name: oauthTokenSecretVersion type: String - description: | - Required. A SecretManager resource containing the OAuth token - that authorizes the connection. - Format: `projects/*/secrets/*/versions/*`. - min_version: 'beta' + description: |- + Required. A SecretManager resource containing the OAuth token that authorizes + the connection. Format: `projects/*/secrets/*/versions/*`. required: true - - name: 'username' + - name: username type: String - description: | - Output only. The username associated with this token. - min_version: 'beta' + description: Output only. The username associated with this token. output: true - - name: 'appInstallationId' + - name: appInstallationId type: String - description: | - Optional. GitHub App installation id. - min_version: 'beta' + description: Optional. GitHub App installation id. default_from_api: true - - name: 'installationUri' + - name: githubEnterpriseConfig + type: NestedObject + description: Configuration for connections to an instance of GitHub Enterprise. + properties: + - name: appSlug + type: String + description: Output only. The URL-friendly name of the GitHub App. + output: true + - name: privateKeySecretVersion + type: String + description: |- + Optional. SecretManager resource containing the private key of the GitHub App, + formatted as `projects/*/secrets/*/versions/*`. + - name: installationUri + type: String + description: |- + Output only. The URI to navigate to in order to manage the installation associated + with this GitHubEnterpriseConfig. + output: true + - name: serviceDirectoryConfig + type: NestedObject + description: |- + ServiceDirectoryConfig represents Service Directory configuration for a + connection. + properties: + - name: service + type: String + description: |- + Required. The Service Directory service name. + Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + required: true + - name: serverVersion type: String - description: | - Output only. The URI to navigate to in order to manage the installation - associated with this GitHubConfig. - min_version: 'beta' + description: Output only. GitHub Enterprise version installed at the host_uri. output: true - - name: 'name' + - name: sslCaCertificate + type: String + description: Optional. SSL certificate to use for requests to GitHub Enterprise. + - name: hostUri + type: String + description: Required. The URI of the GitHub Enterprise host this connection is for. + required: true + - name: appId + type: String + description: Optional. ID of the GitHub App created from the manifest. + - name: webhookSecretSecretVersion + type: String + description: |- + Optional. SecretManager resource containing the webhook secret of the GitHub App, + formatted as `projects/*/secrets/*/versions/*`. + - name: appInstallationId + type: String + description: Optional. ID of the installation of the GitHub App. + - name: labels + type: KeyValueLabels + description: Optional. Labels as key value pairs + - name: etag type: String - description: | + description: |- + Optional. This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + - name: uid + type: String + description: Output only. A system-assigned unique identifier for a the GitRepositoryLink. + output: true + - name: name + type: String + description: |- Identifier. The resource name of the connection, in the format `projects/{project}/locations/{location}/connections/{connection_id}`. - min_version: 'beta' output: true - - name: 'createTime' - type: String - description: | - Output only. [Output only] Create timestamp - min_version: 'beta' + - name: reconciling + type: Boolean + description: |- + Output only. Set to true when the connection is being set up or updated in the + background. output: true - - name: 'updateTime' + - name: gitlabEnterpriseConfig + type: NestedObject + description: Configuration for connections to an instance of GitLab Enterprise. + properties: + - name: authorizerCredential + type: NestedObject + description: |- + Represents a personal access token that authorized the Connection, + and associated metadata. + required: true + properties: + - name: userTokenSecretVersion + type: String + description: |- + Required. A SecretManager resource containing the user token that authorizes + the Developer Connect connection. Format: + `projects/*/secrets/*/versions/*`. + required: true + - name: username + type: String + description: Output only. The username associated with this token. + output: true + - name: serviceDirectoryConfig + type: NestedObject + description: |- + ServiceDirectoryConfig represents Service Directory configuration for a + connection. + properties: + - name: service + type: String + description: |- + Required. The Service Directory service name. + Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + required: true + - name: sslCaCertificate + type: String + description: |- + Optional. SSL Certificate Authority certificate to use for requests to GitLab + Enterprise instance. + - name: serverVersion + type: String + description: Output only. Version of the GitLab Enterprise server running on the `host_uri`. + output: true + - name: hostUri + type: String + description: Required. The URI of the GitLab Enterprise host this connection is for. + required: true + - name: webhookSecretSecretVersion + type: String + description: |- + Required. Immutable. SecretManager resource containing the webhook secret of a GitLab project, + formatted as `projects/*/secrets/*/versions/*`. This is used to validate + webhooks. + immutable: true + required: true + - name: readAuthorizerCredential + type: NestedObject + description: |- + Represents a personal access token that authorized the Connection, + and associated metadata. + required: true + properties: + - name: userTokenSecretVersion + type: String + description: |- + Required. A SecretManager resource containing the user token that authorizes + the Developer Connect connection. Format: + `projects/*/secrets/*/versions/*`. + required: true + - name: username + type: String + description: Output only. The username associated with this token. + output: true + - name: updateTime type: String - description: | - Output only. [Output only] Update timestamp - min_version: 'beta' + description: Output only. [Output only] Update timestamp output: true - - name: 'deleteTime' + - name: deleteTime type: String - description: | - Output only. [Output only] Delete timestamp - min_version: 'beta' + description: Output only. [Output only] Delete timestamp output: true - - name: 'labels' - type: KeyValueLabels - description: | - Optional. Labels as key value pairs - min_version: 'beta' - - name: 'installationState' + - name: installationState type: NestedObject - description: | - Describes stage and necessary actions to be taken by the user to complete the installation. - Used for GitHub and GitHub Enterprise based connections. - min_version: 'beta' + description: |- + Describes stage and necessary actions to be taken by the + user to complete the installation. Used for GitHub and GitHub Enterprise + based connections. output: true properties: - - name: 'stage' + - name: message + type: String + description: |- + Output only. Message of what the user should do next to continue the installation. + Empty string if the installation is already complete. + - name: actionUri type: String - description: | + description: |- + Output only. Link to follow for next action. Empty string if the installation is already + complete. + - name: stage + type: String + description: |- Output only. Current step of the installation process. Possible values: - STAGE_UNSPECIFIED - PENDING_CREATE_APP - PENDING_USER_OAUTH - PENDING_INSTALL_APP - COMPLETE - min_version: 'beta' + STAGE_UNSPECIFIED + PENDING_CREATE_APP + PENDING_USER_OAUTH + PENDING_INSTALL_APP + COMPLETE output: true - - name: 'message' - type: String - description: | - Output only. Message of what the user should do next to continue - the installation.Empty string if the installation is already complete. - min_version: 'beta' - - name: 'actionUri' - type: String - description: | - Output only. Link to follow for next action. Empty string if the - installation is already complete. - min_version: 'beta' - - name: 'disabled' - type: Boolean - description: - Optional. If disabled is set to true, functionality is disabled for - this connection. Repository based API methods and webhooks processing - for repositories in this connection will be disabled. - min_version: 'beta' - - name: 'reconciling' + - name: disabled type: Boolean - description: | - Output only. Set to true when the connection is being set up or updated - in the background. - min_version: 'beta' - output: true - - name: 'annotations' + description: |- + Optional. If disabled is set to true, functionality is disabled for this connection. + Repository based API methods and webhooks processing for repositories in + this connection will be disabled. + - name: annotations type: KeyValueAnnotations - description: | - Optional. Allows clients to store small amounts of arbitrary data. - min_version: 'beta' - - name: 'etag' - type: String - description: | - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. - min_version: 'beta' - - name: 'uid' + description: Optional. Allows clients to store small amounts of arbitrary data. + - name: gitlabConfig + type: NestedObject + description: Configuration for connections to gitlab.com. + properties: + - name: webhookSecretSecretVersion + type: String + description: |- + Required. Immutable. SecretManager resource containing the webhook secret of a GitLab project, + formatted as `projects/*/secrets/*/versions/*`. This is used to validate + webhooks. + immutable: true + required: true + - name: readAuthorizerCredential + type: NestedObject + description: |- + Represents a personal access token that authorized the Connection, + and associated metadata. + required: true + properties: + - name: userTokenSecretVersion + type: String + description: |- + Required. A SecretManager resource containing the user token that authorizes + the Developer Connect connection. Format: + `projects/*/secrets/*/versions/*`. + required: true + - name: username + type: String + description: Output only. The username associated with this token. + output: true + - name: authorizerCredential + type: NestedObject + description: |- + Represents a personal access token that authorized the Connection, + and associated metadata. + required: true + properties: + - name: userTokenSecretVersion + type: String + description: |- + Required. A SecretManager resource containing the user token that authorizes + the Developer Connect connection. Format: + `projects/*/secrets/*/versions/*`. + required: true + - name: username + type: String + description: Output only. The username associated with this token. + output: true + - name: createTime type: String - description: | - Output only. A system-assigned unique identifier for a the GitRepositoryLink. - min_version: 'beta' + description: Output only. [Output only] Create timestamp output: true + - name: cryptoKeyConfig + type: NestedObject + description: |- + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + properties: + - name: keyReference + type: String + description: |- + Required. The name of the key which is used to encrypt/decrypt customer data. For key + in Cloud KMS, the key should be in the format of + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + required: true diff --git a/mmv1/products/developerconnect/GitRepositoryLink.yaml b/mmv1/products/developerconnect/GitRepositoryLink.yaml index 7a0f083e3bf8..1b69af6c1f7a 100644 --- a/mmv1/products/developerconnect/GitRepositoryLink.yaml +++ b/mmv1/products/developerconnect/GitRepositoryLink.yaml @@ -14,7 +14,6 @@ --- name: 'GitRepositoryLink' description: "A git repository link to a parent connection." -min_version: 'beta' docs: id_format: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks/{{git_repository_link_id}}' base_url: 'projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/gitRepositoryLinks' @@ -41,13 +40,11 @@ examples: # to show them in the docs. - name: 'developer_connect_git_repository_link_github' primary_resource_id: 'primary' - min_version: 'beta' vars: connection_name: 'my-connection' git_repository_link_name: 'my-repository' exclude_docs: true - name: 'developer_connect_git_repository_link_github_doc' - min_version: 'beta' exclude_test: true parameters: - name: 'location' @@ -56,7 +53,6 @@ parameters: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " - min_version: 'beta' url_param_only: true required: true immutable: true @@ -66,7 +62,6 @@ parameters: "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `developerconnect.googleapis.com/GitRepositoryLink`. " - min_version: 'beta' url_param_only: true required: true immutable: true @@ -76,7 +71,6 @@ parameters: "Required. The ID to use for the repository, which will become the final component of\nthe repository's resource name. This ID should be unique in the connection.\nAllows alphanumeric characters and any of -._~%!$&'()*+,;=@. " - min_version: 'beta' url_param_only: true required: true immutable: true @@ -84,52 +78,42 @@ properties: - name: 'name' type: String description: "Identifier. Resource name of the repository, in the format\n`projects/*/locations/*/connections/*/gitRepositoryLinks/*`. " - min_version: 'beta' output: true - name: 'cloneUri' type: String description: "Required. Git Clone URI. " - min_version: 'beta' required: true - name: 'createTime' type: String description: "Output only. [Output only] Create timestamp " - min_version: 'beta' output: true - name: 'updateTime' type: String description: "Output only. [Output only] Update timestamp " - min_version: 'beta' output: true - name: 'deleteTime' type: String description: "Output only. [Output only] Delete timestamp " - min_version: 'beta' output: true - name: 'labels' type: KeyValueLabels description: "Optional. Labels as key value pairs " - min_version: 'beta' - name: 'etag' type: String description: "Optional. This checksum is computed by the server based on the value of other\nfields, and may be sent on update and delete requests to ensure the\nclient has an up-to-date value before proceeding. " - min_version: 'beta' - name: 'reconciling' type: Boolean description: "Output only. Set to true when the connection is being set up or updated in the\nbackground. " - min_version: 'beta' output: true - name: 'annotations' type: KeyValueAnnotations description: "Optional. Allows clients to store small amounts of arbitrary data. " - min_version: 'beta' - name: 'uid' type: String description: "Output only. A system-assigned unique identifier for a the GitRepositoryLink. " - min_version: 'beta' output: true diff --git a/mmv1/products/developerconnect/product.yaml b/mmv1/products/developerconnect/product.yaml index 5a32e127e0af..ee8ce01b6678 100644 --- a/mmv1/products/developerconnect/product.yaml +++ b/mmv1/products/developerconnect/product.yaml @@ -12,10 +12,11 @@ # limitations under the License. --- -name: 'DeveloperConnect' -display_name: 'Developer Connect' -versions: - - name: 'beta' - base_url: 'https://developerconnect.googleapis.com/v1/' +name: DeveloperConnect +display_name: Developer Connect scopes: - 'https://www.googleapis.com/auth/cloud-platform' +versions: + - base_url: 'https://developerconnect.googleapis.com/v1/' + name: ga +caibaseurl: "" diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_existing_credentials.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_existing_credentials.tf.tmpl index 90886cce18ef..3ccf7d5433a1 100644 --- a/mmv1/templates/terraform/examples/developer_connect_connection_existing_credentials.tf.tmpl +++ b/mmv1/templates/terraform/examples/developer_connect_connection_existing_credentials.tf.tmpl @@ -1,5 +1,4 @@ resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { - provider = google-beta location = "us-central1" connection_id = "{{index $.Vars "connection_name"}}" @@ -15,4 +14,4 @@ resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { output "next_steps" { description = "Follow the action_uri if present to continue setup" value = google_developer_connect_connection.{{$.PrimaryResourceId}}.installation_state -} \ No newline at end of file +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_existing_installation.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_existing_installation.tf.tmpl index de83625203c3..30a75fcad543 100644 --- a/mmv1/templates/terraform/examples/developer_connect_connection_existing_installation.tf.tmpl +++ b/mmv1/templates/terraform/examples/developer_connect_connection_existing_installation.tf.tmpl @@ -1,6 +1,5 @@ resource "google_secret_manager_secret" "github-token-secret" { - provider = google-beta secret_id = "github-token-secret" replication { @@ -9,15 +8,11 @@ resource "google_secret_manager_secret" "github-token-secret" { } resource "google_secret_manager_secret_version" "github-token-secret-version" { - - provider = google-beta secret = google_secret_manager_secret.github-token-secret.id secret_data = file("my-github-token.txt") } resource "google_project_service_identity" "devconnect-p4sa" { - provider = google-beta - service = "developerconnect.googleapis.com" } @@ -31,14 +26,12 @@ data "google_iam_policy" "p4sa-secretAccessor" { resource "google_secret_manager_secret_iam_policy" "policy" { - provider = google-beta secret_id = google_secret_manager_secret.github-token-secret.secret_id policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data } resource "google_developer_connect_connection" "my-connection" { - provider = google-beta location = "us-central1" connection_id = "my-connection" diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_github.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_github.tf.tmpl new file mode 100644 index 000000000000..97d07f9deacf --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_github.tf.tmpl @@ -0,0 +1,12 @@ +resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { + location = "us-central1" + connection_id = "{{index $.Vars "connection_name"}}" + + github_config { + github_app = "DEVELOPER_CONNECT" + + authorizer_credential { + oauth_token_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-do-not-change-github-oauthtoken-e0b9e7/versions/1" + } + } +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_github_doc.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_github_doc.tf.tmpl new file mode 100644 index 000000000000..4fe608a1bede --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_github_doc.tf.tmpl @@ -0,0 +1,42 @@ +resource "google_secret_manager_secret" "github-token-secret" { + + secret_id = "github-token-secret" + + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "github-token-secret-version" { + + secret = google_secret_manager_secret.github-token-secret.id + secret_data = file("my-github-token.txt") +} + +data "google_iam_policy" "p4sa-secretAccessor" { + binding { + role = "roles/secretmanager.secretAccessor" + // Here, 123456789 is the Google Cloud project number for the project that contains the connection. + members = ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"] + } +} + +resource "google_secret_manager_secret_iam_policy" "policy" { + + secret_id = google_secret_manager_secret.github-token-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_developer_connect_connection" "my-connection" { + + location = "us-central1" + connection_id = "my-connection" + + github_config { + github_app = "DEVELOPER_CONNECT" + app_installation_id = 123123 + authorizer_credential { + oauth_token_secret_version = google_secret_manager_secret_version.github-token-secret-version.id + } + } +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise.tf.tmpl new file mode 100644 index 000000000000..1ded312974f5 --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise.tf.tmpl @@ -0,0 +1,12 @@ +resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { + location = "us-central1" + connection_id = "{{index $.Vars "connection_name"}}" + + github_enterprise_config { + host_uri = "https://ghe.proctor-staging-test.com" + app_id = 864434 + private_key_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-private-key-f522d2/versions/latest" + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-webhook-secret-3c806f/versions/latest" + app_installation_id = 837537 + } +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise_doc.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise_doc.tf.tmpl new file mode 100644 index 000000000000..456a7d34e8ca --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_github_enterprise_doc.tf.tmpl @@ -0,0 +1,61 @@ +resource "google_secret_manager_secret" "private-key-secret" { + secret_id = "ghe-pk-secret" + + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "private-key-secret-version" { + secret = google_secret_manager_secret.private-key-secret.id + secret_data = file("private-key.pem") +} + +resource "google_secret_manager_secret" "webhook-secret-secret" { + secret_id = "ghe-token-secret" + + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "webhook-secret-secret-version" { + secret = google_secret_manager_secret.webhook-secret-secret.id + secret_data = "" +} + +data "google_iam_policy" "p4sa-secretAccessor" { + binding { + role = "roles/secretmanager.secretAccessor" + // Here, 123456789 is the Google Cloud project number for the project that contains the connection. + members = ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"] + } +} + +resource "google_secret_manager_secret_iam_policy" "policy-pk" { + secret_id = google_secret_manager_secret.private-key-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_secret_manager_secret_iam_policy" "policy-whs" { + secret_id = google_secret_manager_secret.webhook-secret-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "my-connection" + + github_enterprise_config { + host_uri = "https://ghe.com" + private_key_secret_version = google_secret_manager_secret_version.private-key-secret-version.id + webhook_secret_secret_version = google_secret_manager_secret_version.webhook-secret-secret-version.id + app_id = 100 + app_installation_id = 123123 + } + + depends_on = [ + google_secret_manager_secret_iam_policy.policy-pk, + google_secret_manager_secret_iam_policy.policy-whs + ] +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_gitlab.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab.tf.tmpl new file mode 100644 index 000000000000..e62e64a88461 --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { + location = "us-central1" + connection_id = "{{index $.Vars "connection_name"}}" + + gitlab_config { + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-read-cred/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-auth-cred/versions/latest" + } + } +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_doc.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_doc.tf.tmpl new file mode 100644 index 000000000000..51c2f4714f38 --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_doc.tf.tmpl @@ -0,0 +1,81 @@ +resource "google_secret_manager_secret" "gitlab-read-cred-secret" { + secret_id = "gitlab-read-cred" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-read-cred-secret-version" { + secret = google_secret_manager_secret.gitlab-read-cred-secret.id + secret_data = file("my-gitlab-read-cred.txt") +} + +resource "google_secret_manager_secret" "gitlab-auth-cred-secret" { + secret_id = "gitlab-auth-cred" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-auth-cred-secret-version" { + secret = google_secret_manager_secret.gitlab-auth-cred-secret.id + secret_data = file("my-gitlab-auth-cred.txt") +} + +resource "google_secret_manager_secret" "gitlab-webhook-secret-secret" { + secret_id = "gitlab-webhook-secret" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-webhook-secret-secret-version" { + secret = google_secret_manager_secret.gitlab-webhook-secret-secret.id + secret_data = file("my-gitlab-webhook-secret.txt") + +data "google_iam_policy" "p4sa-secretAccessor" { + binding { + role = "roles/secretmanager.secretAccessor" + // Here, 123456789 is the Google Cloud project number for the project that contains the connection. + members = ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"] + } +} + +resource "google_secret_manager_secret_iam_policy" "policy-rc" { + secret_id = google_secret_manager_secret.gitlab-read-cred-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_secret_manager_secret_iam_policy" "policy-ac" { + secret_id = google_secret_manager_secret.gitlab-auth-cred-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_secret_manager_secret_iam_policy" "policy-wh" { + secret_id = google_secret_manager_secret.gitlab-webhook-secret-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_developer_connect_connection" "my-connection" { + + location = "us-central1" + connection_id = "my-connection" + + gitlab_config { + webhook_secret_secret_version = google_secret_manager_secret_version.gitlab-webhook-secret-secret-version.id + + read_authorizer_credential { + user_token_secret_version = google_secret_manager_secret_version.gitlab-read-cred-secret-version.id + } + + authorizer_credential { + user_token_secret_version = google_secret_manager_secret_version.gitlab-auth-cred-secret-version.id + } + } + + depends_on = [ + google_secret_manager_secret_iam_policy.policy-rc, + google_secret_manager_secret_iam_policy.policy-ac, + google_secret_manager_secret_iam_policy.policy-wh + ] +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise.tf.tmpl new file mode 100644 index 000000000000..dcf4fa7847a2 --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { + location = "us-central1" + connection_id = "{{index $.Vars "connection_name"}}" + + gitlab_enterprise_config { + host_uri = "https://gle-us-central1.gcb-test.com" + + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-read-cred/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-auth-cred/versions/latest" + } + } +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise_doc.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise_doc.tf.tmpl new file mode 100644 index 000000000000..1ff9b798b57a --- /dev/null +++ b/mmv1/templates/terraform/examples/developer_connect_connection_gitlab_enterprise_doc.tf.tmpl @@ -0,0 +1,83 @@ +resource "google_secret_manager_secret" "gitlab-read-cred-secret" { + secret_id = "gitlab-read-cred" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-read-cred-secret-version" { + secret = google_secret_manager_secret.gitlab-read-cred-secret.id + secret_data = file("my-gitlab-read-cred.txt") +} + +resource "google_secret_manager_secret" "gitlab-auth-cred-secret" { + secret_id = "gitlab-auth-cred" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-auth-cred-secret-version" { + secret = google_secret_manager_secret.gitlab-auth-cred-secret.id + secret_data = file("my-gitlab-auth-cred.txt") +} + +resource "google_secret_manager_secret" "gitlab-webhook-secret-secret" { + secret_id = "gitlab-webhook-secret" + replication { + auto {} + } +} + +resource "google_secret_manager_secret_version" "gitlab-webhook-secret-secret-version" { + secret = google_secret_manager_secret.gitlab-webhook-secret-secret.id + secret_data = file("my-gitlab-webhook-secret.txt") + +data "google_iam_policy" "p4sa-secretAccessor" { + binding { + role = "roles/secretmanager.secretAccessor" + // Here, 123456789 is the Google Cloud project number for the project that contains the connection. + members = ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"] + } +} + +resource "google_secret_manager_secret_iam_policy" "policy-rc" { + secret_id = google_secret_manager_secret.gitlab-read-cred-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_secret_manager_secret_iam_policy" "policy-ac" { + secret_id = google_secret_manager_secret.gitlab-auth-cred-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_secret_manager_secret_iam_policy" "policy-wh" { + secret_id = google_secret_manager_secret.gitlab-webhook-secret-secret.secret_id + policy_data = data.google_iam_policy.p4sa-secretAccessor.policy_data +} + +resource "google_developer_connect_connection" "my-connection" { + + location = "us-central1" + connection_id = "my-connection" + + gitlab_enterprise_config { + host_uri = "https://gle.com" + + webhook_secret_secret_version = google_secret_manager_secret_version.gitlab-webhook-secret-secret-version.id + + read_authorizer_credential { + user_token_secret_version = google_secret_manager_secret_version.gitlab-read-cred-secret-version.id + } + + authorizer_credential { + user_token_secret_version = google_secret_manager_secret_version.gitlab-auth-cred-secret-version.id + } + } + + depends_on = [ + google_secret_manager_secret_iam_policy.policy-rc, + google_secret_manager_secret_iam_policy.policy-ac, + google_secret_manager_secret_iam_policy.policy-wh + ] +} diff --git a/mmv1/templates/terraform/examples/developer_connect_connection_new.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_connection_new.tf.tmpl index 9c6dede4321f..e5349abecb34 100644 --- a/mmv1/templates/terraform/examples/developer_connect_connection_new.tf.tmpl +++ b/mmv1/templates/terraform/examples/developer_connect_connection_new.tf.tmpl @@ -2,30 +2,23 @@ resource "google_developer_connect_connection" "{{$.PrimaryResourceId}}" { provider = google-beta location = "us-central1" connection_id = "{{index $.Vars "connection_name"}}" - github_config { github_app = "FIREBASE" } - depends_on = [google_project_iam_member.devconnect-secret] } - output "next_steps" { description = "Follow the action_uri if present to continue setup" value = google_developer_connect_connection.{{$.PrimaryResourceId}}.installation_state } - # Setup permissions. Only needed once per project resource "google_project_service_identity" "devconnect-p4sa" { provider = google-beta - service = "developerconnect.googleapis.com" } - resource "google_project_iam_member" "devconnect-secret" { provider = google-beta - project = "{{index $.TestEnvVars "project"}}" role = "roles/secretmanager.admin" member = google_project_service_identity.devconnect-p4sa.member -} \ No newline at end of file +} diff --git a/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github.tf.tmpl index 1c253849206f..d4cb09a4c0f0 100644 --- a/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github.tf.tmpl +++ b/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github.tf.tmpl @@ -1,5 +1,4 @@ resource "google_developer_connect_git_repository_link" "{{$.PrimaryResourceId}}" { - provider = google-beta git_repository_link_id = "{{index $.Vars "git_repository_link_name"}}" parent_connection = google_developer_connect_connection.github_conn.connection_id clone_uri = "https://github.com/gcb-developerconnect-robot/tf-demo.git" @@ -9,7 +8,6 @@ resource "google_developer_connect_git_repository_link" "{{$.PrimaryResourceId}} resource "google_developer_connect_connection" "github_conn" { - provider = google-beta location = "us-central1" connection_id = "{{index $.Vars "connection_name"}}" disabled = false diff --git a/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github_doc.tf.tmpl b/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github_doc.tf.tmpl index db9d1943ebb4..63829f055fde 100644 --- a/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github_doc.tf.tmpl +++ b/mmv1/templates/terraform/examples/developer_connect_git_repository_link_github_doc.tf.tmpl @@ -1,5 +1,4 @@ resource "google_secret_manager_secret" "github-token-secret" { - provider = google-beta secret_id = "github-token-secret" replication { diff --git a/mmv1/third_party/terraform/services/developerconnect/resource_developer_connect_connection_test.go.tmpl b/mmv1/third_party/terraform/services/developerconnect/resource_developer_connect_connection_test.go.tmpl index 717d43ef0330..5844c1819188 100644 --- a/mmv1/third_party/terraform/services/developerconnect/resource_developer_connect_connection_test.go.tmpl +++ b/mmv1/third_party/terraform/services/developerconnect/resource_developer_connect_connection_test.go.tmpl @@ -1,15 +1,15 @@ package developerconnect_test -{{- if ne $.TargetVersionName "ga" }} import ( "testing" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-google/google/acctest" + ) -func TestAccDeveloperConnectConnection_update(t *testing.T) { +func TestAccDeveloperConnectConnection_developerConnectConnectionGithubUpdate(t *testing.T) { t.Parallel() context := map[string]interface{}{ @@ -18,10 +18,10 @@ func TestAccDeveloperConnectConnection_update(t *testing.T) { acctest.VcrTest(t, resource.TestCase{ PreCheck: func() { acctest.AccTestPreCheck(t) }, - ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), Steps: []resource.TestStep{ { - Config: testAccDeveloperConnectConnection_basic(context), + Config: testAccDeveloperConnectConnection_Github(context), }, { ResourceName: "google_developer_connect_connection.my-connection", @@ -30,22 +30,22 @@ func TestAccDeveloperConnectConnection_update(t *testing.T) { ImportStateVerifyIgnore: []string{"annotations", "connection_id", "labels", "location", "terraform_labels"}, }, { - Config: testAccDeveloperConnectConnection_update(context), + Config: testAccDeveloperConnectConnection_GithubUpdate(context), }, { ResourceName: "google_developer_connect_connection.my-connection", ImportState: true, ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"annotations", "connection_id", "labels", "location", "terraform_labels"}, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, }, }, }) } -func testAccDeveloperConnectConnection_basic(context map[string]interface{}) string { - return acctest.Nprintf(` + +func testAccDeveloperConnectConnection_Github(context map[string]interface{}) string { + return acctest.Nprintf(` resource "google_developer_connect_connection" "my-connection" { - provider = google-beta location = "us-central1" connection_id = "tf-test-tf-test-connection%{random_suffix}" @@ -61,12 +61,17 @@ resource "google_developer_connect_connection" "my-connection" { } -func testAccDeveloperConnectConnection_update(context map[string]interface{}) string { +func testAccDeveloperConnectConnection_GithubUpdate(context map[string]interface{}) string { return acctest.Nprintf(` resource "google_developer_connect_connection" "my-connection" { - provider = google-beta location = "us-central1" connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + crypto_key_config { + key_reference = "projects/devconnect-terraform-creds/locations/us-central1/keyRings/tf-keyring/cryptoKeys/tf-crypto-key" + } github_config { github_app = "DEVELOPER_CONNECT" @@ -80,4 +85,359 @@ resource "google_developer_connect_connection" "my-connection" { `, context) } -{{ end }} + +func TestAccDeveloperConnectConnection_developerConnectConnectionGithubEnterpriseUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDeveloperConnectConnection_GithubEnterprise(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "labels", "terraform_labels"}, + }, + { + Config: testAccDeveloperConnectConnection_GithubEnterpriseUpdate(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + }, + }) +} + + +func testAccDeveloperConnectConnection_GithubEnterprise(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + + github_enterprise_config { + host_uri = "https://ghe.proctor-staging-test.com" + app_id = 864434 + private_key_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-private-key-f522d2/versions/latest" + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-webhook-secret-3c806f/versions/latest" + } +} +`, context) +} + + +func testAccDeveloperConnectConnection_GithubEnterpriseUpdate(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + crypto_key_config { + key_reference = "projects/devconnect-terraform-creds/locations/us-central1/keyRings/tf-keyring/cryptoKeys/tf-crypto-key" + } + + github_enterprise_config { + host_uri = "https://ghe-asia.proctor-staging-test.com" + app_id = 866372 + private_key_secret_version = "projects/devconnect-terraform-creds/secrets/ghe-private-key-update/versions/latest" + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/ghe-webhook-secret-update/versions/latest" + app_installation_id = 808867 + } +} +`, context) +} + + +func TestAccDeveloperConnectConnection_GhePrivConnection(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDeveloperConnectConnection_GhePrivConnection(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + }, + }) +} + + +func testAccDeveloperConnectConnection_GhePrivConnection(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + github_enterprise_config { + host_uri = "https://ghe.proctor-private-ca.com" + app_id = 26 + private_key_secret_version = "projects/devconnect-terraform-creds/secrets/ghe-priv-private-key/versions/latest" + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-webhook-secret-3c806f/versions/latest" + app_installation_id = 24 + + ssl_ca_certificate = "-----BEGIN CERTIFICATE-----\nMIIEXTCCA0WgAwIBAgIUANaBCc9j/xdKJHU0sgmv6yE2WCIwDQYJKoZIhvcNAQEL\nBQAwLDEUMBIGA1UEChMLUHJvY3RvciBFbmcxFDASBgNVBAMTC1Byb2N0b3ItZW5n\nMB4XDTIxMDcxNTIwMDcwMloXDTIyMDcxNTIwMDcwMVowADCCASIwDQYJKoZIhvcN\nAQEBBQADggEPADCCAQoCggEBAMVel7I88DkhwW445BNPBZvJNTV1AreHdz4um4U1\nop2+4L7JeNrUs5SRc0fzeOyOmA9ZzTDu9hBC7zj/sVNUy6cIQGCj32sr5SCAEIat\nnFZlzmVqJPT4J5NAaE37KO5347myTJEBrvpq8az4CtvX0yUzPK0gbUmaSaztVi4o\ndbJLKyv575xCLC/Hu6fIHBDH19eG1Ath9VpuAOkttRRoxu2VqijJZrGqaS+0o+OX\nrLi5HMtZbZjgQB4mc1g3ZDKX/gynxr+CDNaqNOqxuog33Tl5OcOk9DrR3MInaE7F\nyQFuH9mzF64AqOoTf7Tr/eAIz5XVt8K51nk+fSybEfKVwtMCAwEAAaOCAaEwggGd\nMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQU/9dYyqMz\nv9rOMwPZcoIRMDAQCjAfBgNVHSMEGDAWgBTkQGTiCkLCmv/Awxdz5TAVRmyFfDCB\njQYIKwYBBQUHAQEEgYAwfjB8BggrBgEFBQcwAoZwaHR0cDovL3ByaXZhdGVjYS1j\nb250ZW50LTYxYWEyYzA5LTAwMDAtMjJjMi05ZjYyLWQ0ZjU0N2Y4MDIwMC5zdG9y\nYWdlLmdvb2dsZWFwaXMuY29tLzQxNGU4ZTJjZjU2ZWEyYzQxNmM0L2NhLmNydDAo\nBgNVHREBAf8EHjAcghpnaGUucHJvY3Rvci1wcml2YXRlLWNhLmNvbTCBggYDVR0f\nBHsweTB3oHWgc4ZxaHR0cDovL3ByaXZhdGVjYS1jb250ZW50LTYxYWEyYzA5LTAw\nMDAtMjJjMi05ZjYyLWQ0ZjU0N2Y4MDIwMC5zdG9yYWdlLmdvb2dsZWFwaXMuY29t\nLzQxNGU4ZTJjZjU2ZWEyYzQxNmM0L2NybC5jcmwwDQYJKoZIhvcNAQELBQADggEB\nABo6BQLEZZ+YNiDuv2sRvcxSopQQb7fZjqIA9XOA35pNSKay2SncODnNvfsdRnOp\ncoy25sQSIzWyJ9zWl8DZ6evoOu5csZ2PoFqx5LsIq37w+ZcwD6DM8Zm7JqASxmxx\nGqTF0nHC4Aw8q8aJBeRD3PsSkfN5Q3DP3nTDnLyd0l+yPIkHUbZMoiFHX3BkhCng\nG96mYy/y3t16ghfV9lZkXpD/JK5aiN0bTHCDRc69owgfYiAcAqzBJ9gfZ90MBgzv\ngTTQel5dHg49SYXfnUpTy0HdQLEcoggOF8Q8V+xKdKa6eVbrvjJrkEJmvIQI5iCR\nhNvKR25mx8JUopqEXmONmqU=\n-----END CERTIFICATE-----\n\n-----BEGIN CERTIFICATE-----\nMIIDSDCCAjCgAwIBAgITMwWN+62nLcgyLa7p+jD1K90g6TANBgkqhkiG9w0BAQsF\nADAsMRQwEgYDVQQKEwtQcm9jdG9yIEVuZzEUMBIGA1UEAxMLUHJvY3Rvci1lbmcw\nHhcNMjEwNzEyMTM1OTQ0WhcNMzEwNzEwMTM1OTQzWjAsMRQwEgYDVQQKEwtQcm9j\ndG9yIEVuZzEUMBIGA1UEAxMLUHJvY3Rvci1lbmcwggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQCYqJP5Qt90jIbld2dtuUV/zIkBFsTe4fapJfhBji03xBpN\nO1Yxj/jPSZ67Kdeoy0lEwvc2hL5FQGhIjLMR0mzOyN4fk/DZiA/4tAVi7hJyqpUC\n71JSwp7MwXL1b26CSE1MhcoCqA/E4iZxfJfF/ef4lhmC24UEmu8FEbldoy+6OysB\nRu7dGDwicW5F9h7eSkpGAsCRdJHh65iUx/IH0C4Ux2UZRDZdj6wVbuVu9tb938xF\nyRuVClONoLSn/lwdzeV7hQmBSm8qmfgbNPbYRaNLz3hOpsT+27aDQp2/pxue8hFJ\nd7We3+Lr5O4IL45PBwhVEAiFZqde6d4qViNEB2qTAgMBAAGjYzBhMA4GA1UdDwEB\n/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkQGTiCkLCmv/Awxdz\n5TAVRmyFfDAfBgNVHSMEGDAWgBTkQGTiCkLCmv/Awxdz5TAVRmyFfDANBgkqhkiG\n9w0BAQsFAAOCAQEAfy5BJsWdx0oWWi7SFg9MbryWjBVPJl93UqACgG0Cgh813O/x\nlDZQhGO/ZFVhHz/WgooE/HgVNoVJTubKLLzz+zCkOB0wa3GMqJDyFjhFmUtd/3VM\nZh0ZQ+JWYsAiZW4VITj5xEn/d/B3xCFWGC1vhvhptEJ8Fo2cE1yM2pzk08NqFWoY\n4FaH0sbxWgyCKwTmtcYDbnx4FYuddryGCIxbYizqUK1dr4DGKeHonhm/d234Ew3x\n3vIBPoHMOfBec/coP1xAf5o+F+MRMO/sQ3tTGgyOH18lwsHo9SmXCrmOwVQPKrEw\nm+A+5TjXLmenyaBhqXa0vkAZYJhWdROhWC0VTA==\n-----END CERTIFICATE-----\n" + + service_directory_config { + service = "projects/devconnect-terraform-creds/locations/us-central1/namespaces/my-namespace/services/terraform-github" + } + } + +} +`, context) +} + + +func TestAccDeveloperConnectConnection_developerConnectConnectionGitlabUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDeveloperConnectConnection_Gitlab(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + { + Config: testAccDeveloperConnectConnection_GitlabUpdate(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + }, + }) +} + + +func testAccDeveloperConnectConnection_Gitlab(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + + gitlab_config { + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-read-cred/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-auth-cred/versions/latest" + } + } +} +`, context) +} + + +func testAccDeveloperConnectConnection_GitlabUpdate(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + crypto_key_config { + key_reference = "projects/devconnect-terraform-creds/locations/us-central1/keyRings/tf-keyring/cryptoKeys/tf-crypto-key" + } + + gitlab_config { + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-read-cred-update/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-auth-cred-update/versions/latest" + } + } +} +`, context) +} + +func TestAccDeveloperConnectConnection_GlePrivConnection(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDeveloperConnectConnection_GlePrivConnection(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + }, + }) +} + + +func testAccDeveloperConnectConnection_GlePrivConnection(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + gitlab_enterprise_config { + host_uri = "https://gle-us.gle-us-private.com" + + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gle-private-read-token/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gle-private-api/versions/latest" + } + + ssl_ca_certificate = "-----BEGIN CERTIFICATE-----\nMIIFbjCCA1agAwIBAgIUH+nsWsqagMW9Ld8E9J71yPLPpD8wDQYJKoZIhvcNAQEL\nBQAwJDEiMCAGA1UEAwwZZ2xlLXVzLmdsZS11cy1wcml2YXRlLmNvbTAeFw0yNDEw\nMzExNjQzMjBaFw0zNDEwMjkxNjQzMjBaMCQxIjAgBgNVBAMMGWdsZS11cy5nbGUt\ndXMtcHJpdmF0ZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDL\n+dUU8MHo+Eskx4SSnI1thRIiljgsyJSzSOplaD4lqahFnrG0cB0ovKpyRL4A+0wM\nzVW7W1Pfi8DiEOxxfNo7pEj+0zrzJHHqnzW9kApIlRmO1TBBJ7i9HaVamJ1Od01b\n2WI/pnKFEvNfLQSDQBulhkHZ2McyauDhb1DxefKnVX8ac6qhxtc4IzrezIQuJ18N\nDPtNLUDD4rtU4mIX4lx1yBIplrgypAo1HDbJOwW8OR76MtjAY7ek3K6UCyduQtwy\nmfZ23b3Eg69W10HVMVTy6m5NaGKi/TWy2MJ71hKUQ1+tWIPH5SL7FzYPKL4XXw5W\np61LhIiBAd2tgD41b2cQxhUbVifc1qHtnwNz/tE77M9ySH37rEUIlExzr3D3JV+f\nXjXEXUr9as8GRnS5zhD/opKe7wKbwpYMHhylK1h6XH/sBO7dBajf5xCvpZZBDzrK\nkpTqwHspT7p40WF9d8odjEk/xZKn5LdcDG2I+4U7SVS5e8ud41HUQxJwQx56lKfh\n2WB+zs7nSyMfspTj4doY1OADEC1VQCyGrwlbclKTKmUWrgwQdm38KxDzW5Juyjmm\nzvfsWIlSMdnes0qVVo38N3Jz8/MHCLD79R2veWgA2fbqS3+4h2dRkR7htjaVlJMJ\nt7SwFiG39ic3OZpo+wTkaHlG4CBnbFDueUsOW2wEpQIDAQABo4GXMIGUMB0GA1Ud\nDgQWBBTExgzH2gz9+rJHvlTFPO0AvG88azAfBgNVHSMEGDAWgBTExgzH2gz9+rJH\nvlTFPO0AvG88azAPBgNVHRMBAf8EBTADAQH/MEEGA1UdEQQ6MDiCGWdsZS11cy5n\nbGUtdXMtcHJpdmF0ZS5jb22CGyouZ2xlLXVzLmdsZS11cy1wcml2YXRlLmNvbTAN\nBgkqhkiG9w0BAQsFAAOCAgEAjkd1ZNoekoWrmozD+Ta1OM0zWhv04eqhP8aYzhbd\nXRS+GyF6ifMwfWg9HogkH22ZPT5GszaL5DacSyOUqZgJ905Q6g1EFPnaKmFVHHeC\nzZAhg5oedAzcakZpYwZDSiLuPgsQfwgRnqWIYR8JcIM5bKRZNGyOg8eZ8cKu23A2\nPavL4B3Ra1l93KllKm21rigIhLPIPLoEyxEg9c9oTJF92r0+aRdf2Ln853260Fqf\ncEUWoXhqMGvDv/YEbqDjGQ/Kh7ZWdlIWhcKFOA0gluF7oExjt/MgSitukgg3aaic\n/eXXOrZDNYH7Ve610NUuNlhub1M47Tp7EgjUJVWlsKK84T8ZcZq7Hn4BzioUr95d\nHao6u19HWA/ISM8bwzHaYxscFI4u6phEL0HJzLf4EysEmS0rAnLxyol0apNx6znR\nhXsqxnSexKhXoLqnK1Vuhcg8DsvobXHqg68EGZ7BZ3ycPYaHSWU8Xh3l1gtYkcQ6\nzxXsKIijlpVKuYJvGA3EOMoZu6+2MYF8Tgp3N4sKMvPhqBhsmgxOYF5OkAbGlsUP\nyCYWFDBFHmbhvUu5JpbKuID2CPkBi16EetemvMQ9PGlLq/0fO/BBNkn6TYn9Kvg8\nAyvuONz54uFEAIKPCcZIosa3ml+5/pt+tBhtVzHA6vMxn18IYaNpuTwSxi/+M10K\nRjw=\n-----END CERTIFICATE-----\n" + + + service_directory_config { + service = "projects/devconnect-terraform-creds/locations/us-central1/namespaces/my-namespace/services/terraform-gle" + } + } + +} +`, context) +} + + +func TestAccDeveloperConnectConnection_developerConnectConnectionGitlabEnterpriseUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDeveloperConnectConnection_GitlabEnterprise(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + { + Config: testAccDeveloperConnectConnection_GitlabEnterpriseUpdate(context), + }, + { + ResourceName: "google_developer_connect_connection.my-connection", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"connection_id", "location", "terraform_labels"}, + }, + }, + }) +} + + +func testAccDeveloperConnectConnection_GitlabEnterprise(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + + gitlab_enterprise_config { + host_uri = "https://gle-us-central1.gcb-test.com" + + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-read-cred/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-auth-cred/versions/latest" + } + } +} +`, context) +} + + +func testAccDeveloperConnectConnection_GitlabEnterpriseUpdate(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_developer_connect_connection" "my-connection" { + location = "us-central1" + connection_id = "tf-test-tf-test-connection%{random_suffix}" + annotations = {} + labels = {} + + crypto_key_config { + key_reference = "projects/devconnect-terraform-creds/locations/us-central1/keyRings/tf-keyring/cryptoKeys/tf-crypto-key" + } + + gitlab_enterprise_config { + host_uri = "https://gle-old.gcb-test.com" + + webhook_secret_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-webhook/versions/latest" + + read_authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-read-cred-update/versions/latest" + } + + authorizer_credential { + user_token_secret_version = "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-auth-cred-update/versions/latest" + } + } +} +`, context) +}