public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-03 08:42:39 +00:00
Code Issues Projects Releases Wiki Activity
73c65e80f0
terraform-provider-google/google/resource_google_project.go

664 lines
20 KiB
Go
Raw Normal View History

WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
package google
import (
"fmt"
"log"
"net/http"
"strconv"
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
"strings"
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
"time"
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
"github.com/hashicorp/terraform/helper/schema"
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
"github.com/hashicorp/terraform/helper/validation"
appengine "google.golang.org/api/appengine/v1"
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
"google.golang.org/api/cloudbilling/v1"
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
"google.golang.org/api/cloudresourcemanager/v1"
"google.golang.org/api/googleapi"
)
providers/google: Add acceptance tests for Project IAM
2016-08-21 07:25:00 +00:00
// resourceGoogleProject returns a *schema.Resource that allows a customer
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
// to declare a Google Cloud Project resource.
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
func resourceGoogleProject() *schema.Resource {
return &schema.Resource{
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
SchemaVersion: 1,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
Create: resourceGoogleProjectCreate,
Read: resourceGoogleProjectRead,
Update: resourceGoogleProjectUpdate,
Delete: resourceGoogleProjectDelete,
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
providers/google: make projects importable. This change doesn't make much sense now, as projects are read-only anyways, so there's not a lot that importing really does for you--you can already reference pre-existing projects just by defining them in your config. But as we discussed #10425, this change made more and more sense. In a world where projects can be created, we can no longer reference pre-existing projects just by defining them in config. We get that ability back by making projects importable.
2016-12-01 18:38:27 +00:00
Importer: &schema.ResourceImporter{
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
State: resourceProjectImportState,
providers/google: make projects importable. This change doesn't make much sense now, as projects are read-only anyways, so there's not a lot that importing really does for you--you can already reference pre-existing projects just by defining them in your config. But as we discussed #10425, this change made more and more sense. In a world where projects can be created, we can no longer reference pre-existing projects just by defining them in config. We get that ability back by making projects importable.
2016-12-01 18:38:27 +00:00
},
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
MigrateState: resourceGoogleProjectMigrateState,
CustomizeDiff: resourceGoogleProjectCustomizeDiff,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
Schema: map[string]*schema.Schema{
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
"project_id": &schema.Schema{
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
Type: schema.TypeString,
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
Required: true,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
ForceNew: true,
},
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
"skip_delete": &schema.Schema{
Type: schema.TypeBool,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
Optional: true,
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
Computed: true,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
},
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
"auto_create_network": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: true,
},
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
"name": &schema.Schema{
Type: schema.TypeString,
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
Required: true,
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
},
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
"org_id": &schema.Schema{
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
Type: schema.TypeString,
Optional: true,
Computed: true,
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
},
"folder_id": &schema.Schema{
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
Type: schema.TypeString,
Optional: true,
Computed: true,
StateFunc: parseFolderId,
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
},
"policy_data": &schema.Schema{
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
Type: schema.TypeString,
Optional: true,
Computed: true,
Removed: "Use the 'google_project_iam_policy' resource to define policies for a Google Project",
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
},
"policy_etag": &schema.Schema{
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
Type: schema.TypeString,
Computed: true,
Removed: "Use the the 'google_project_iam_policy' resource to define policies for a Google Project",
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
},
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
"number": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
"billing_account": &schema.Schema{
Type: schema.TypeString,
Optional: true,
},
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
"labels": &schema.Schema{
Type: schema.TypeMap,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
"app_engine": &schema.Schema{
Type: schema.TypeList,
Optional: true,
Elem: appEngineResource(),
MaxItems: 1,
},
},
}
}
func appEngineResource() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"url_dispatch_rule": &schema.Schema{
Type: schema.TypeList,
Computed: true,
Elem: appEngineURLDispatchRuleResource(),
},
"auth_domain": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Fix suggestions from @ndmckinley.
2018-05-19 00:01:40 +00:00
// We're having trouble with PATCH throwing 400s/500s, so we need this
// to force a new resource until we can get updating working.
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
ForceNew: true,
Computed: true,
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
},
"location_id": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice([]string{
"northamerica-northeast1",
"us-central",
"us-east1",
"us-east4",
"southamerica-east1",
"europe-west",
"europe-west2",
"europe-west3",
"asia-northeast1",
"asia-south1",
"australia-southeast1",
}, false),
},
"code_bucket": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"serving_status": &schema.Schema{
Type: schema.TypeString,
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
Optional: true,
Fix suggestions from @ndmckinley.
2018-05-19 00:01:40 +00:00
// We're having trouble with PATCH throwing 400s/500s, so we need this
// to force a new resource until we can get updating working.
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
ForceNew: true,
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
ValidateFunc: validation.StringInSlice([]string{
"UNSPECIFIED",
"SERVING",
"USER_DISABLED",
"SYSTEM_DISABLED",
}, false),
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
Computed: true,
},
"default_hostname": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"default_bucket": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"gcr_domain": &schema.Schema{
Type: schema.TypeString,
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
Computed: true,
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
},
"feature_settings": &schema.Schema{
Type: schema.TypeList,
Optional: true,
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
Computed: true,
Fix suggestions from @ndmckinley.
2018-05-19 00:01:40 +00:00
// We're having trouble with PATCH throwing 400s/500s, so we need this
// to force a new resource until we can get updating working.
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
ForceNew: true,
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
MaxItems: 1,
Elem: appEngineFeatureSettingsResource(),
},
},
}
}
func appEngineURLDispatchRuleResource() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
"domain": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"path": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"service": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
},
}
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
func appEngineFeatureSettingsResource() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
"split_health_checks": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
},
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
},
}
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
func resourceGoogleProjectCustomizeDiff(diff *schema.ResourceDiff, meta interface{}) error {
// don't need to check if changed, the call is a no-op/error if there's no change
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
diff.ForceNew("app_engine")
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
return nil
}
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
func resourceGoogleProjectCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
var pid string
var err error
pid = d.Get("project_id").(string)
log.Printf("[DEBUG]: Creating new project %q", pid)
project := &cloudresourcemanager.Project{
ProjectId: pid,
Name: d.Get("name").(string),
}
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
if err := getParentResourceId(d, project); err != nil {
return err
}
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
if _, ok := d.GetOk("labels"); ok {
project.Labels = expandLabels(d)
}
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
op, err := config.clientResourceManager.Projects.Create(project).Do()
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
if err != nil {
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
return fmt.Errorf("Error creating project %s (%s): %s.", project.ProjectId, project.Name, err)
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
}
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
d.SetId(pid)
// Wait for the operation to complete
Modify resourcemanager API to be more consistent with compute API. (#1454)
2018-05-08 22:49:57 +00:00
waitErr := resourceManagerOperationWait(config.clientResourceManager, op, "project to create")
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
if waitErr != nil {
provider/google: Unset the id for resource_google_project if the create operation fails (#13644)
2017-04-13 23:16:47 +00:00
// The resource wasn't actually created
d.SetId("")
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
return waitErr
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
}
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
// Set the billing account
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
if _, ok := d.GetOk("billing_account"); ok {
err = updateProjectBillingAccount(d, config)
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
if err != nil {
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
return err
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
}
}
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
// set up App Engine, too
app, err := expandAppEngineApp(d)
if err != nil {
return err
}
if app != nil {
log.Printf("[DEBUG] Enabling App Engine")
// enable the app engine APIs so we can create stuff
if err = enableService("appengine.googleapis.com", project.ProjectId, config); err != nil {
return fmt.Errorf("Error enabling the App Engine Admin API required to configure App Engine applications: %s", err)
}
log.Printf("[DEBUG] Enabled App Engine")
app.Id = pid
log.Printf("[DEBUG] Creating App Engine App")
op, err := config.clientAppEngine.Apps.Create(app).Do()
if err != nil {
return fmt.Errorf("Error creating App Engine application: %s", err.Error())
}
// Wait for the operation to complete
waitErr := appEngineOperationWait(config.clientAppEngine, op, pid, "App Engine app to create")
if waitErr != nil {
return waitErr
}
log.Printf("[DEBUG] Created App Engine App")
}
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
err = resourceGoogleProjectRead(d, meta)
if err != nil {
return err
}
// There's no such thing as "don't auto-create network", only "delete the network
// post-creation" - but that's what it's called in the UI and let's not confuse
// people if we don't have to. The GCP Console is doing the same thing - creating
// a network and deleting it in the background.
if !d.Get("auto_create_network").(bool) {
Fix auto-delete default network in google_project. (#1336) * Use projectId and enable required compute API * Delete firewall rules before deleting default network
2018-04-16 17:25:49 +00:00
// The compute API has to be enabled before we can delete a network.
if err = enableService("compute.googleapis.com", project.ProjectId, config); err != nil {
return fmt.Errorf("Error enabling the Compute Engine API required to delete the default network: %s", err)
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
}
Fix auto-delete default network in google_project. (#1336) * Use projectId and enable required compute API * Delete firewall rules before deleting default network
2018-04-16 17:25:49 +00:00
if err = forceDeleteComputeNetwork(project.ProjectId, "default", config); err != nil {
return fmt.Errorf("Error deleting default network in project %s: %s", project.ProjectId, err)
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
}
}
return nil
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
}
func resourceGoogleProjectRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
pid := d.Id()
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
// Read the project
p, err := config.clientResourceManager.Projects.Get(pid).Do()
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
if err != nil {
provider/google: Handle all 404 checks in read functions via the new function
2017-05-09 23:00:47 +00:00
return handleNotFoundError(err, d, fmt.Sprintf("Project %q", pid))
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
}
Remove project if it has been deleted from outside of Terraform (#466)
2017-09-26 23:55:32 +00:00
// If the project has been deleted from outside Terraform, remove it from state file.
if p.LifecycleState != "ACTIVE" {
log.Printf("[WARN] Removing project '%s' because its state is '%s' (requires 'ACTIVE').", pid, p.LifecycleState)
d.SetId("")
return nil
}
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
d.Set("project_id", pid)
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
d.Set("number", strconv.FormatInt(int64(p.ProjectNumber), 10))
d.Set("name", p.Name)
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
d.Set("labels", p.Labels)
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
if p.Parent != nil {
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
switch p.Parent.Type {
case "organization":
d.Set("org_id", p.Parent.Id)
d.Set("folder_id", "")
case "folder":
d.Set("folder_id", p.Parent.Id)
d.Set("org_id", "")
}
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
}
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
// Read the billing account
ba, err := config.clientBilling.Projects.GetBillingInfo(prefixedProject(pid)).Do()
if err != nil {
return fmt.Errorf("Error reading billing account for project %q: %v", prefixedProject(pid), err)
}
if ba.BillingAccountName != "" {
// BillingAccountName is contains the resource name of the billing account
// associated with the project, if any. For example,
// `billingAccounts/012345-567890-ABCDEF`. We care about the ID and not
// the `billingAccounts/` prefix, so we need to remove that. If the
// prefix ever changes, we'll validate to make sure it's something we
// recognize.
_ba := strings.TrimPrefix(ba.BillingAccountName, "billingAccounts/")
if ba.BillingAccountName == _ba {
return fmt.Errorf("Error parsing billing account for project %q. Expected value to begin with 'billingAccounts/' but got %s", prefixedProject(pid), ba.BillingAccountName)
}
d.Set("billing_account", _ba)
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
// read the App Engine app, if one exists
// we don't have the config available for import, so we can't rely on
// that to read it. And honestly, we want to know if an App exists that
// shouldn't. So this tries to read it, sets it to empty if none exists,
// or sets it in state if one does exist.
app, err := config.clientAppEngine.Apps.Get(pid).Do()
if err != nil && !isGoogleApiErrorWithCode(err, 404) {
return fmt.Errorf("Error retrieving App Engine application %q: %s", pid, err.Error())
} else if isGoogleApiErrorWithCode(err, 404) {
d.Set("app_engine", []map[string]interface{}{})
} else {
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
appBlocks, err := flattenAppEngineApp(app)
if err != nil {
return fmt.Errorf("Error serializing App Engine app: %s", err.Error())
}
err = d.Set("app_engine", appBlocks)
if err != nil {
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
return fmt.Errorf("Error setting App Engine application in state. This is a bug, please report it at https://github.com/terraform-providers/terraform-provider-google/issues. Error is:\n%s", err.Error())
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
}
}
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
return nil
}
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
func prefixedProject(pid string) string {
return "projects/" + pid
}
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
func getParentResourceId(d *schema.ResourceData, p *cloudresourcemanager.Project) error {
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
orgId := d.Get("org_id").(string)
folderId := d.Get("folder_id").(string)
if orgId != "" && folderId != "" {
return fmt.Errorf("'org_id' and 'folder_id' cannot be both set.")
}
if orgId != "" {
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
p.Parent = &cloudresourcemanager.ResourceId{
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
Id: orgId,
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
Type: "organization",
}
}
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
if folderId != "" {
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
p.Parent = &cloudresourcemanager.ResourceId{
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
Id: parseFolderId(folderId),
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
Type: "folder",
}
}
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
return nil
}
func parseFolderId(v interface{}) string {
folderId := v.(string)
if strings.HasPrefix(folderId, "folders/") {
return folderId[8:]
}
return folderId
}
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
func resourceGoogleProjectUpdate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
pid := d.Id()
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
project_name := d.Get("name").(string)
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
// Read the project
// we need the project even though refresh has already been called
// because the API doesn't support patch, so we need the actual object
p, err := config.clientResourceManager.Projects.Get(pid).Do()
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
if err != nil {
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
if v, ok := err.(*googleapi.Error); ok && v.Code == http.StatusNotFound {
return fmt.Errorf("Project %q does not exist.", pid)
}
return fmt.Errorf("Error checking project %q: %s", pid, err)
}
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
d.Partial(true)
// Project display name has changed
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
if ok := d.HasChange("name"); ok {
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
p.Name = project_name
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
// Do update on project
p, err = config.clientResourceManager.Projects.Update(p.ProjectId, p).Do()
if err != nil {
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
return fmt.Errorf("Error updating project %q: %s", project_name, err)
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
}
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
d.SetPartial("name")
}
// Project parent has changed
if d.HasChange("org_id") || d.HasChange("folder_id") {
Allow setting folder_id to empty string on google_project (#1425) * Allow setting folder_id to empty string on google_project * Simplify logic * Update Changelog
2018-05-03 16:53:22 +00:00
if err := getParentResourceId(d, p); err != nil {
return err
}
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
// Do update on project
p, err = config.clientResourceManager.Projects.Update(p.ProjectId, p).Do()
if err != nil {
return fmt.Errorf("Error updating project %q: %s", project_name, err)
}
d.SetPartial("org_id")
d.SetPartial("folder_id")
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
}
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
// Billing account has changed
if ok := d.HasChange("billing_account"); ok {
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
err = updateProjectBillingAccount(d, config)
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
if err != nil {
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
return err
providers/google: google_project supports billing account (#11653) * Vendor google.golang.org/api/cloudbilling/v1 * providers/google: Add cloudbilling client * providers/google: google_project supports billing account This change allows a Terraform user to set and update the billing account associated with their project. * providers/google: Testing project billing account This change adds optional acceptance tests for project billing accounts. GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2 must be set in the environment for the tests to run; otherwise, they will be skipped. Also includes a few code cleanups per review. * providers/google: Improve project billing error message
2017-02-20 17:32:24 +00:00
}
}
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
// Project Labels have changed
if ok := d.HasChange("labels"); ok {
p.Labels = expandLabels(d)
// Do Update on project
p, err = config.clientResourceManager.Projects.Update(p.ProjectId, p).Do()
if err != nil {
Fix nil pointer dereference updating project labels.
2018-01-27 21:55:39 +00:00
return fmt.Errorf("Error updating project %q: %s", project_name, err)
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
d.SetPartial("labels")
Add support for setting labels to google_project (#383)
2017-09-14 17:39:21 +00:00
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
Drop the resources we can't support. IAP has no reasonable support policy, because PATCH is broken, and IAP must be configured with an OAuth2 client ID and secret that belongs to the project the app is associated with. There's no programmatic way to create Clients. But we create the project and the app at the same time, and we can't update because PATCH is broken. So this just drops IAP. It also forces all our updates to ForceNew, because we can't update. Also, adds more test coverage and docs, and fixes import by not relying on the config for setting app engine info in state.
2018-05-17 21:47:34 +00:00
// ignore app_engine changes, they don't work anyways.
Folder support: Assign/Reassign a google project to a folder. (#438) + Make the org_id optional when creating a project. Closes #131 + Mark org_id as computed to allow for GCP automatically assigning the org. + Add an acceptance test for project creation without an organization. + Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set. + Add a folder_id to the google_project resource, optionally specifying the ID of the GCP folder in which the GCP project should live. + Document how one can provision a project into a folder, and added a sample configuration to create a project into an existing folder. * Skip test without org if service account is used * Support folders/* or id only for the folder id field
2017-09-22 18:03:08 +00:00
d.Partial(false)
provider/google: Remove deprecated project fields. Remove the deprecated fields from google_project, and drop all the logic that went into supporting them. Tests still pass after one minor change.
2017-03-13 23:19:53 +00:00
return nil
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
}
func resourceGoogleProjectDelete(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
// Only delete projects if skip_delete isn't set
if !d.Get("skip_delete").(bool) {
pid := d.Id()
_, err := config.clientResourceManager.Projects.Delete(pid).Do()
if err != nil {
return fmt.Errorf("Error deleting project %q: %s", pid, err)
}
WIP: providers/google: Support IAM permissions for GCP projects This change adds a data source to allow declaring IAM policies, as well as a new resource to represent an existing GCP project. The project resource may reference an IAM policy, allowing a user to set project-wide permissions.
2016-08-10 04:44:53 +00:00
}
providers/google: Support managing projects Add support for creating, updating, and deleting projects, as well as their enabled services and their IAM policies. Various concessions were made for backwards compatibility, and will be removed in 0.9 or 0.10.
2016-11-23 06:55:40 +00:00
d.SetId("")
return nil
}
Delete the default network created by the project. (#1316)
2018-04-10 22:23:04 +00:00
func resourceProjectImportState(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
// Explicitly set to default as a workaround for `ImportStateVerify` tests, and so that users
// don't see a diff immediately after import.
d.Set("auto_create_network", true)
return []*schema.ResourceData{d}, nil
}
Fix auto-delete default network in google_project. (#1336) * Use projectId and enable required compute API * Delete firewall rules before deleting default network
2018-04-16 17:25:49 +00:00
// Delete a compute network along with the firewall rules inside it.
func forceDeleteComputeNetwork(projectId, networkName string, config *Config) error {
networkLink := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", projectId, networkName)
token := ""
for paginate := true; paginate; {
filter := fmt.Sprintf("network eq %s", networkLink)
resp, err := config.clientCompute.Firewalls.List(projectId).Filter(filter).Do()
if err != nil {
return fmt.Errorf("Error listing firewall rules in proj: %s", err)
}
log.Printf("[DEBUG] Found %d firewall rules in %q network", len(resp.Items), networkName)
for _, firewall := range resp.Items {
op, err := config.clientCompute.Firewalls.Delete(projectId, firewall.Name).Do()
if err != nil {
return fmt.Errorf("Error deleting firewall: %s", err)
}
err = computeSharedOperationWait(config.clientCompute, op, projectId, "Deleting Firewall")
if err != nil {
return err
}
}
token = resp.NextPageToken
paginate = token != ""
}
return deleteComputeNetwork(projectId, networkName, config)
}
Wait for the billing account to be set up correctly. (#1345)
2018-04-16 21:25:01 +00:00
func updateProjectBillingAccount(d *schema.ResourceData, config *Config) error {
pid := d.Id()
name := d.Get("billing_account").(string)
ba := cloudbilling.ProjectBillingInfo{}
// If we're unlinking an existing billing account, an empty request does that, not an empty-string billing account.
if name != "" {
ba.BillingAccountName = "billingAccounts/" + name
}
_, err := config.clientBilling.Projects.UpdateBillingInfo(prefixedProject(pid), &ba).Do()
if err != nil {
d.Set("billing_account", "")
if _err, ok := err.(*googleapi.Error); ok {
return fmt.Errorf("Error setting billing account %q for project %q: %v", name, prefixedProject(pid), _err)
}
return fmt.Errorf("Error setting billing account %q for project %q: %v", name, prefixedProject(pid), err)
}
for retries := 0; retries < 3; retries++ {
err = resourceGoogleProjectRead(d, config)
if err != nil {
return err
}
if d.Get("billing_account").(string) == name {
break
}
time.Sleep(3)
}
if d.Get("billing_account").(string) != name {
return fmt.Errorf("Timed out waiting for billing account to return correct value. Waiting for %s, got %s.",
d.Get("billding_account").(string), name)
}
return nil
}
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
func expandAppEngineApp(d *schema.ResourceData) (*appengine.Application, error) {
blocks := d.Get("app_engine").([]interface{})
if len(blocks) < 1 {
return nil, nil
}
if len(blocks) > 1 {
return nil, fmt.Errorf("only one app_engine block may be defined per project")
}
result := &appengine.Application{
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
AuthDomain: d.Get("app_engine.0.auth_domain").(string),
LocationId: d.Get("app_engine.0.location_id").(string),
Id: d.Get("project_id").(string),
GcrDomain: d.Get("app_engine.0.gcr_domain").(string),
ServingStatus: d.Get("app_engine.0.serving_status").(string),
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
}
featureSettings, err := expandAppEngineFeatureSettings(d, "app_engine.0.")
if err != nil {
return nil, err
}
result.FeatureSettings = featureSettings
return result, nil
}
func flattenAppEngineApp(app *appengine.Application) ([]map[string]interface{}, error) {
result := map[string]interface{}{
"auth_domain": app.AuthDomain,
"code_bucket": app.CodeBucket,
"default_bucket": app.DefaultBucket,
"default_hostname": app.DefaultHostname,
"location_id": app.LocationId,
"name": app.Name,
"serving_status": app.ServingStatus,
}
dispatchRules, err := flattenAppEngineDispatchRules(app.DispatchRules)
if err != nil {
return nil, err
}
Add basic test and fix bugs. Add a test case that exercises the obvious path, and fix the some of the bugs it exposed.
2018-05-14 05:49:26 +00:00
result["url_dispatch_rule"] = dispatchRules
Beginnings of App Engine app support. This should have all the code, but who really knows if it works or not, tbh.
2018-05-10 22:01:22 +00:00
featureSettings, err := flattenAppEngineFeatureSettings(app.FeatureSettings)
if err != nil {
return nil, err
}
result["feature_settings"] = featureSettings
return []map[string]interface{}{result}, nil
}
func expandAppEngineFeatureSettings(d *schema.ResourceData, prefix string) (*appengine.FeatureSettings, error) {
blocks := d.Get(prefix + "feature_settings").([]interface{})
if len(blocks) < 1 {
return nil, nil
}
if len(blocks) > 1 {
return nil, fmt.Errorf("only one feature_settings block may be defined per app")
}
return &appengine.FeatureSettings{
SplitHealthChecks: d.Get(prefix + "feature_settings.0.split_health_checks").(bool),
// force send SplitHealthChecks, so if it's set to false it still gets disabled
ForceSendFields: []string{"SplitHealthChecks"},
}, nil
}
func flattenAppEngineFeatureSettings(settings *appengine.FeatureSettings) ([]map[string]interface{}, error) {
if settings == nil {
return []map[string]interface{}{}, nil
}
result := map[string]interface{}{
"split_health_checks": settings.SplitHealthChecks,
}
return []map[string]interface{}{result}, nil
}
func flattenAppEngineDispatchRules(rules []*appengine.UrlDispatchRule) ([]map[string]interface{}, error) {
results := make([]map[string]interface{}, 0, len(rules))
for _, rule := range rules {
results = append(results, map[string]interface{}{
"domain": rule.Domain,
"path": rule.Path,
"service": rule.Service,
})
}
return results, nil
}
Reference in New Issue Copy Permalink