Add new google_compute_shared_vpc resource (#396)

* Revendor compute apis * Add new resource for shared VPC host * add test for disabled * add docs for shared vpc host resource * make project required * Add new resource google_compute_shared_vpc * Remove google_compute_shared_vpc_host * Add docs for shared vpc resource * Remove docs for shared vpc host resource * fix typos in shared vpc docs * move helper fn to utils.go
2024-07-03 08:42:39 +00:00 · 2017-09-13 10:36:07 +08:00 · 2017-09-13 10:36:07 +08:00 · 2d733a1600
commit 2d733a1600
parent 204201a5be
9 changed files with 4521 additions and 401 deletions
--- a/google/provider.go
+++ b/google/provider.go
@ -93,6 +93,7 @@ func Provider() terraform.ResourceProvider {
 			"google_compute_router":                        resourceComputeRouter(),
 			"google_compute_router_interface":              resourceComputeRouterInterface(),
 			"google_compute_router_peer":                   resourceComputeRouterPeer(),
+			"google_compute_shared_vpc":                    resourceComputeSharedVpc(),
 			"google_compute_ssl_certificate":               resourceComputeSslCertificate(),
 			"google_compute_subnetwork":                    resourceComputeSubnetwork(),
 			"google_compute_target_http_proxy":             resourceComputeTargetHttpProxy(),
--- a/google/resource_compute_shared_vpc.go
+++ b/google/resource_compute_shared_vpc.go
@ -0,0 +1,185 @@
+package google
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"google.golang.org/api/compute/v1"
+
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func resourceComputeSharedVpc() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceComputeSharedVpcCreate,
+		Read:   resourceComputeSharedVpcRead,
+		Update: resourceComputeSharedVpcUpdate,
+		Delete: resourceComputeSharedVpcDelete,
+
+		Schema: map[string]*schema.Schema{
+			"host_project": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"service_projects": &schema.Schema{
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+		},
+	}
+}
+
+func resourceComputeSharedVpcCreate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	hostProject := d.Get("host_project").(string)
+	op, err := config.clientCompute.Projects.EnableXpnHost(hostProject).Do()
+	if err != nil {
+		return fmt.Errorf("Error enabling Shared VPC Host %q: %s", hostProject, err)
+	}
+
+	d.SetId(hostProject)
+
+	err = computeOperationWait(config, op, hostProject, "Enabling Shared VPC Host")
+	if err != nil {
+		d.SetId("")
+		return err
+	}
+
+	if v, ok := d.GetOk("service_projects"); ok {
+		serviceProjects := convertStringArr(v.(*schema.Set).List())
+		for _, project := range serviceProjects {
+			if err = enableResource(config, hostProject, project); err != nil {
+				return fmt.Errorf("Error enabling Shared VPC service project %q: %s", project, err)
+			}
+		}
+	}
+
+	return resourceComputeSharedVpcRead(d, meta)
+}
+
+func resourceComputeSharedVpcRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	hostProject := d.Get("host_project").(string)
+
+	project, err := config.clientCompute.Projects.Get(hostProject).Do()
+	if err != nil {
+		return handleNotFoundError(err, d, fmt.Sprintf("Project data for project %q", hostProject))
+	}
+
+	if project.XpnProjectStatus != "HOST" {
+		log.Printf("[WARN] Removing Shared VPC host resource %q because it's not enabled server-side", hostProject)
+		d.SetId("")
+	}
+
+	serviceProjects := []string{}
+	req := config.clientCompute.Projects.GetXpnResources(hostProject)
+	if err := req.Pages(context.Background(), func(page *compute.ProjectsGetXpnResources) error {
+		for _, xpnResourceId := range page.Resources {
+			if xpnResourceId.Type == "PROJECT" {
+				serviceProjects = append(serviceProjects, xpnResourceId.Id)
+			}
+		}
+		return nil
+	}); err != nil {
+		return fmt.Errorf("Error reading Shared VPC service projects for host %q: %s", hostProject, err)
+	}
+
+	d.Set("service_projects", serviceProjects)
+
+	return nil
+}
+
+func resourceComputeSharedVpcUpdate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	hostProject := d.Get("host_project").(string)
+
+	if d.HasChange("service_projects") {
+		old, new := d.GetChange("service_projects")
+		oldMap := convertArrToMap(old.(*schema.Set).List())
+		newMap := convertArrToMap(new.(*schema.Set).List())
+
+		for project, _ := range oldMap {
+			if _, ok := newMap[project]; !ok {
+				// The project is in the old config but not the new one, disable it
+				if err := disableResource(config, hostProject, project); err != nil {
+					return fmt.Errorf("Error disabling Shared VPC service project %q: %s", project, err)
+				}
+			}
+		}
+
+		for project, _ := range newMap {
+			if _, ok := oldMap[project]; !ok {
+				// The project is in the new config but not the old one, enable it
+				if err := enableResource(config, hostProject, project); err != nil {
+					return fmt.Errorf("Error enabling Shared VPC service project %q: %s", project, err)
+				}
+			}
+		}
+	}
+
+	return resourceComputeSharedVpcRead(d, meta)
+}
+
+func resourceComputeSharedVpcDelete(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	hostProject := d.Get("host_project").(string)
+
+	serviceProjects := convertStringArr(d.Get("service_projects").(*schema.Set).List())
+	for _, project := range serviceProjects {
+		if err := disableResource(config, hostProject, project); err != nil {
+			return fmt.Errorf("Error disabling Shared VPC Resource %q: %s", project, err)
+		}
+	}
+
+	op, err := config.clientCompute.Projects.DisableXpnHost(hostProject).Do()
+	if err != nil {
+		return fmt.Errorf("Error disabling Shared VPC Host %q: %s", hostProject, err)
+	}
+
+	err = computeOperationWait(config, op, hostProject, "Disabling Shared VPC Host")
+	if err != nil {
+		return err
+	}
+
+	d.SetId("")
+	return nil
+}
+
+func enableResource(config *Config, hostProject, project string) error {
+	req := &compute.ProjectsEnableXpnResourceRequest{
+		XpnResource: &compute.XpnResourceId{
+			Id:   project,
+			Type: "PROJECT",
+		},
+	}
+	op, err := config.clientCompute.Projects.EnableXpnResource(hostProject, req).Do()
+	if err != nil {
+		return err
+	}
+	if err = computeOperationWait(config, op, hostProject, "Enabling Shared VPC Resource"); err != nil {
+		return err
+	}
+	return nil
+}
+
+func disableResource(config *Config, hostProject, project string) error {
+	req := &compute.ProjectsDisableXpnResourceRequest{
+		XpnResource: &compute.XpnResourceId{
+			Id:   project,
+			Type: "PROJECT",
+		},
+	}
+	op, err := config.clientCompute.Projects.DisableXpnResource(hostProject, req).Do()
+	if err != nil {
+		return err
+	}
+	if err = computeOperationWait(config, op, hostProject, "Disabling Shared VPC Resource"); err != nil {
+		return err
+	}
+	return nil
+}
--- a/google/resource_compute_shared_vpc_test.go
+++ b/google/resource_compute_shared_vpc_test.go
@ -0,0 +1,275 @@
+package google
+
+import (
+	"fmt"
+	"os"
+	"reflect"
+	"sort"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/acctest"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccComputeSharedVpc_basic(t *testing.T) {
+	skipIfEnvNotSet(t,
+		[]string{
+			"GOOGLE_ORG",
+			"GOOGLE_BILLING_ACCOUNT",
+		}...,
+	)
+
+	billingId := os.Getenv("GOOGLE_BILLING_ACCOUNT")
+	pid := "terraform-" + acctest.RandString(10)
+	pid2 := "terraform-" + acctest.RandString(10)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccComputeSharedVpc_basic(pid, pid2, pname, org, billingId),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeSharedVpcHost("google_compute_shared_vpc.vpc", true),
+					testAccCheckComputeSharedVpcResources("google_compute_shared_vpc.vpc", []string{pid2})),
+			},
+			// Use a separate TestStep rather than a CheckDestroy because we need the project to still exist
+			// in order to check the XPN status.
+			resource.TestStep{
+				Config: testAccComputeSharedVpc_disabled(pid, pid2, pname, org, billingId),
+				// Use the project ID since the google_compute_shared_vpc_host resource no longer exists
+				Check: testAccCheckComputeSharedVpcHost("google_project.host", false),
+			},
+		},
+	})
+}
+
+func TestAccComputeSharedVpc_update(t *testing.T) {
+	skipIfEnvNotSet(t,
+		[]string{
+			"GOOGLE_ORG",
+			"GOOGLE_BILLING_ACCOUNT",
+		}...,
+	)
+
+	billingId := os.Getenv("GOOGLE_BILLING_ACCOUNT")
+	pid := "terraform-" + acctest.RandString(10)
+	pid2 := "terraform-" + acctest.RandString(10)
+	pid3 := "terraform-" + acctest.RandString(10)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccComputeSharedVpc_basic(pid, pid2, pname, org, billingId),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeSharedVpcHost("google_compute_shared_vpc.vpc", true),
+					testAccCheckComputeSharedVpcResources("google_compute_shared_vpc.vpc", []string{pid2})),
+			},
+			resource.TestStep{
+				Config: testAccComputeSharedVpc_addServiceProjects(pid, pid2, pid3, pname, org, billingId),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeSharedVpcHost("google_compute_shared_vpc.vpc", true),
+					testAccCheckComputeSharedVpcResources("google_compute_shared_vpc.vpc", []string{pid2, pid3})),
+			},
+			resource.TestStep{
+				Config: testAccComputeSharedVpc_removeServiceProjects(pid, pname, org, billingId),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeSharedVpcHost("google_compute_shared_vpc.vpc", true),
+					testAccCheckComputeSharedVpcResources("google_compute_shared_vpc.vpc", []string{})),
+			},
+		},
+	})
+}
+
+func testAccCheckComputeSharedVpcHost(n string, enabled bool) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No ID is set")
+		}
+
+		config := testAccProvider.Meta().(*Config)
+
+		found, err := config.clientCompute.Projects.Get(rs.Primary.ID).Do()
+		if err != nil {
+			return fmt.Errorf("Error reading project %s: %s", rs.Primary.ID, err)
+		}
+
+		if found.Name != rs.Primary.ID {
+			return fmt.Errorf("Project %s not found", rs.Primary.ID)
+		}
+
+		if enabled != (found.XpnProjectStatus == "HOST") {
+			return fmt.Errorf("Project %q Shared VPC status was not expected, got %q", rs.Primary.ID, found.XpnProjectStatus)
+		}
+
+		return nil
+	}
+}
+
+func testAccCheckComputeSharedVpcResources(n string, expected []string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No ID is set")
+		}
+
+		tfServiceProjects := []string{}
+		// We don't know the exact keys of the elements, so go through the whole list looking for matching ones
+		for k, v := range rs.Primary.Attributes {
+			if strings.HasPrefix(k, "service_projects") && k != "service_projects.#" {
+				tfServiceProjects = append(tfServiceProjects, v)
+			}
+		}
+
+		sort.Strings(tfServiceProjects)
+		sort.Strings(expected)
+
+		if !reflect.DeepEqual(expected, tfServiceProjects) {
+			return fmt.Errorf("Service projects mismatch. Expected: %v, Actual: %v", expected, tfServiceProjects)
+		}
+		return nil
+	}
+}
+
+func testAccComputeSharedVpc_basic(pid, pid2, name, org, billing string) string {
+	return fmt.Sprintf(`
+resource "google_project" "host" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project" "service" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project_services" "host" {
+	project = "${google_project.host.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_project_services" "service" {
+	project = "${google_project.service.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_compute_shared_vpc" "vpc" {
+	host_project     = "${google_project.host.project_id}"
+	service_projects = ["${google_project.service.project_id}"]
+
+	depends_on = ["google_project_services.host", "google_project_services.service"]
+}`, pid, name, org, billing, pid2, name, org, billing)
+}
+
+func testAccComputeSharedVpc_disabled(pid, pid2, name, org, billing string) string {
+	return fmt.Sprintf(`
+resource "google_project" "host" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project" "service" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project_services" "host" {
+	project = "${google_project.host.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_project_services" "service" {
+	project = "${google_project.service.project_id}"
+	services = ["compute.googleapis.com"]
+}`, pid, name, org, billing, pid2, name, org, billing)
+}
+
+func testAccComputeSharedVpc_addServiceProjects(pid, pid2, pid3, name, org, billing string) string {
+	return fmt.Sprintf(`
+resource "google_project" "host" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project" "service" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project" "service2" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project_services" "host" {
+	project = "${google_project.host.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_project_services" "service" {
+	project = "${google_project.service.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_project_services" "service2" {
+	project = "${google_project.service2.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_compute_shared_vpc" "vpc" {
+	host_project     = "${google_project.host.project_id}"
+	service_projects = ["${google_project.service.project_id}", "${google_project.service2.project_id}"]
+
+	depends_on = ["google_project_services.host", "google_project_services.service", "google_project_services.service2"]
+}`, pid, name, org, billing,
+		pid2, name, org, billing,
+		pid3, name, org, billing)
+}
+
+func testAccComputeSharedVpc_removeServiceProjects(pid, name, org, billing string) string {
+	return fmt.Sprintf(`
+resource "google_project" "host" {
+	project_id      = "%s"
+	name            = "%s"
+	org_id          = "%s"
+	billing_account = "%s"
+}
+
+resource "google_project_services" "host" {
+	project = "${google_project.host.project_id}"
+	services = ["compute.googleapis.com"]
+}
+
+resource "google_compute_shared_vpc" "vpc" {
+	host_project     = "${google_project.host.project_id}"
+
+	depends_on = ["google_project_services.host"]
+}`, pid, name, org, billing)
+}
--- a/google/utils.go
+++ b/google/utils.go
@ -317,3 +317,11 @@ func convertStringSet(set *schema.Set) []string {
 	}
 	return s
 }
+
+func convertArrToMap(ifaceArr []interface{}) map[string]struct{} {
+	sm := make(map[string]struct{})
+	for _, s := range ifaceArr {
+		sm[s.(string)] = struct{}{}
+	}
+	return sm
+}
--- a/vendor/google.golang.org/api/compute/v1/compute-api.json
+++ b/vendor/google.golang.org/api/compute/v1/compute-api.json
--- a/vendor/google.golang.org/api/compute/v1/compute-gen.go
+++ b/vendor/google.golang.org/api/compute/v1/compute-gen.go
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@ -876,10 +876,10 @@
 			"revisionTime": "2017-08-10T01:39:55Z"
 		},
 		{
-			"checksumSHA1": "OL1a45TdWBqDK1BO167p5Tlkgkc=",
+			"checksumSHA1": "j1Bo+jzAhcbBiPj3u2R0jPsVPVM=",
 			"path": "google.golang.org/api/compute/v1",
-			"revision": "324744a33f1f37e63dd1695cfb3ec9a3e4a1cb05",
-			"revisionTime": "2017-06-08T21:27:40Z"
+			"revision": "ed10e890a8366167a7ce33fac2b12447987bcb1c",
+			"revisionTime": "2017-08-17T17:08:30Z"
 		},
 		{
 			"checksumSHA1": "Ny63yO2/yvMFQltnIXU3gzim69M=",
--- a/website/docs/r/compute_shared_vpc.html.markdown
+++ b/website/docs/r/compute_shared_vpc.html.markdown
@ -0,0 +1,33 @@
+---
+layout: "google"
+page_title: "Google: google_compute_shared_vpc"
+sidebar_current: "docs-google-compute-shared-vpc"
+description: |-
+ Allows setting up Shared VPC in a Google Cloud Platform project.
+---
+
+# google\_compute\_shared\_vpc
+
+Allows setting up Shared VPC in a Google Cloud Platform project. For more information see
+[the official documentation](https://cloud.google.com/compute/docs/shared-vpc)
+and
+[API](https://cloud.google.com/compute/docs/reference/latest/projects).
+
+## Example Usage
+
+```hcl
+resource "google_compute_shared_vpc" "vpc" {
+  host_project     = "your-project-id"
+  service_projects = ["service-project-1", "service-project-2"]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `host_project` - (Required) The host project ID.
+
+- - -
+
+* `service_projects` - (Optional) List of IDs of service projects to enable as Shared VPC resources for this host.
--- a/website/google.erb
+++ b/website/google.erb
@ -200,6 +200,10 @@
      <a href="/docs/providers/google/r/compute_router_peer.html">google_compute_router_peer</a>
      </li>

+      <li<%= sidebar_current("docs-google-compute-shared-vpc") %>>
+      <a href="/docs/providers/google/r/compute_shared_vpc.html">google_compute_shared_vpc</a>
+      </li>
+
      <li<%= sidebar_current("docs-google-compute-snapshot") %>>
 			<a href="/docs/providers/google/r/compute_snapshot.html">google_compute_snapshot</a>
 			</li>