mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-01 16:21:06 +00:00
Remove deprecated raw_key convenience property (#2209)
Removing disk_encryption_key_sha256 and disk_encryption_key_raw and removing the custom diff logic associated with them. <!-- This change is generated by MagicModules. --> /cc @chrisst
This commit is contained in:
parent
c58d204c3e
commit
eafe197070
@ -232,26 +232,6 @@ func suppressWindowsFamilyDiff(imageName, familyName string) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func diskEncryptionKeyDiffSuppress(k, old, new string, d *schema.ResourceData) bool {
|
||||
if strings.HasSuffix(k, "#") {
|
||||
if old == "1" && new == "0" {
|
||||
// If we have a disk_encryption_key_raw, we can trust that the diff will be handled there
|
||||
// and we don't need to worry about it here.
|
||||
return d.Get("disk_encryption_key_raw").(string) != ""
|
||||
} else if new == "1" && old == "0" {
|
||||
// This will be handled by diffing the 'raw_key' attribute.
|
||||
return true
|
||||
}
|
||||
} else if strings.HasSuffix(k, "raw_key") {
|
||||
disk_key := d.Get("disk_encryption_key_raw").(string)
|
||||
return disk_key == old && old != "" && new == ""
|
||||
} else if k == "disk_encryption_key_raw" {
|
||||
disk_key := d.Get("disk_encryption_key.0.raw_key").(string)
|
||||
return disk_key == old && old != "" && new == ""
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func resourceComputeDisk() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceComputeDiskCreate,
|
||||
@ -286,7 +266,6 @@ func resourceComputeDisk() *schema.Resource {
|
||||
Type: schema.TypeList,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
DiffSuppressFunc: diskEncryptionKeyDiffSuppress,
|
||||
MaxItems: 1,
|
||||
Elem: &schema.Resource{
|
||||
Schema: map[string]*schema.Schema{
|
||||
@ -408,20 +387,6 @@ func resourceComputeDisk() *schema.Resource {
|
||||
DiffSuppressFunc: compareSelfLinkOrResourceName,
|
||||
},
|
||||
},
|
||||
"disk_encryption_key_raw": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
Sensitive: true,
|
||||
DiffSuppressFunc: diskEncryptionKeyDiffSuppress,
|
||||
Deprecated: "Use disk_encryption_key.raw_key instead.",
|
||||
},
|
||||
|
||||
"disk_encryption_key_sha256": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
Deprecated: "Use disk_encryption_key.sha256 instead.",
|
||||
},
|
||||
"project": {
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
@ -1074,21 +1039,36 @@ func expandComputeDiskSourceImageEncryptionKeySha256(v interface{}, d *schema.Re
|
||||
|
||||
func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||
l := v.([]interface{})
|
||||
req := make([]interface{}, 0, 1)
|
||||
if len(l) == 1 {
|
||||
// There is a value
|
||||
outMap := make(map[string]interface{})
|
||||
outMap["rawKey"] = l[0].(map[string]interface{})["raw_key"]
|
||||
req = append(req, outMap)
|
||||
} else {
|
||||
// Check alternative setting?
|
||||
if altV, ok := d.GetOk("disk_encryption_key_raw"); ok && altV != "" {
|
||||
outMap := make(map[string]interface{})
|
||||
outMap["rawKey"] = altV
|
||||
req = append(req, outMap)
|
||||
if len(l) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
raw := l[0]
|
||||
original := raw.(map[string]interface{})
|
||||
transformed := make(map[string]interface{})
|
||||
|
||||
transformedRawKey, err := expandComputeDiskDiskEncryptionKeyRawKey(original["raw_key"], d, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
} else if val := reflect.ValueOf(transformedRawKey); val.IsValid() && !isEmptyValue(val) {
|
||||
transformed["rawKey"] = transformedRawKey
|
||||
}
|
||||
return req, nil
|
||||
|
||||
transformedSha256, err := expandComputeDiskDiskEncryptionKeySha256(original["sha256"], d, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
} else if val := reflect.ValueOf(transformedSha256); val.IsValid() && !isEmptyValue(val) {
|
||||
transformed["sha256"] = transformedSha256
|
||||
}
|
||||
|
||||
return transformed, nil
|
||||
}
|
||||
|
||||
func expandComputeDiskDiskEncryptionKeyRawKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||
return v, nil
|
||||
}
|
||||
|
||||
func expandComputeDiskDiskEncryptionKeySha256(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||
return v, nil
|
||||
}
|
||||
|
||||
func expandComputeDiskSnapshot(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||
@ -1204,10 +1184,6 @@ func resourceComputeDiskDecoder(d *schema.ResourceData, meta interface{}, res ma
|
||||
// The raw key won't be returned, so we need to use the original.
|
||||
transformed["rawKey"] = d.Get("disk_encryption_key.0.raw_key")
|
||||
transformed["sha256"] = original["sha256"]
|
||||
if v, ok := d.GetOk("disk_encryption_key_raw"); ok {
|
||||
transformed["rawKey"] = v
|
||||
}
|
||||
d.Set("disk_encryption_key_sha256", original["sha256"])
|
||||
res["diskEncryptionKey"] = transformed
|
||||
}
|
||||
|
||||
|
@ -338,26 +338,6 @@ func TestAccComputeDisk_encryption(t *testing.T) {
|
||||
"google_compute_disk.foobar", &disk),
|
||||
),
|
||||
},
|
||||
// Update from top-level attribute to nested.
|
||||
resource.TestStep{
|
||||
Config: testAccComputeDisk_encryptionMigrate(diskName),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeDiskExists(
|
||||
"google_compute_disk.foobar", &disk),
|
||||
testAccCheckEncryptionKey(
|
||||
"google_compute_disk.foobar", &disk),
|
||||
),
|
||||
},
|
||||
// Update from nested attribute back to top-level.
|
||||
resource.TestStep{
|
||||
Config: testAccComputeDisk_encryption(diskName),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeDiskExists(
|
||||
"google_compute_disk.foobar", &disk),
|
||||
testAccCheckEncryptionKey(
|
||||
"google_compute_disk.foobar", &disk),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
@ -571,7 +551,7 @@ func testAccCheckEncryptionKey(n string, disk *compute.Disk) resource.TestCheckF
|
||||
return fmt.Errorf("Not found: %s", n)
|
||||
}
|
||||
|
||||
attr := rs.Primary.Attributes["disk_encryption_key_sha256"]
|
||||
attr := rs.Primary.Attributes["disk_encryption_key.0.sha256"]
|
||||
if disk.DiskEncryptionKey == nil {
|
||||
return fmt.Errorf("Disk %s has mismatched encryption key.\nTF State: %+v\nGCP State: <empty>", n, attr)
|
||||
} else if attr != disk.DiskEncryptionKey.Sha256 {
|
||||
@ -701,23 +681,6 @@ data "google_compute_image" "my_image" {
|
||||
project = "debian-cloud"
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "foobar" {
|
||||
name = "%s"
|
||||
image = "${data.google_compute_image.my_image.self_link}"
|
||||
size = 50
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
disk_encryption_key_raw = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
}`, diskName)
|
||||
}
|
||||
|
||||
func testAccComputeDisk_encryptionMigrate(diskName string) string {
|
||||
return fmt.Sprintf(`
|
||||
data "google_compute_image" "my_image" {
|
||||
family = "debian-9"
|
||||
project = "debian-cloud"
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "foobar" {
|
||||
name = "%s"
|
||||
image = "${data.google_compute_image.my_image.self_link}"
|
||||
|
@ -154,16 +154,16 @@ func TestAccComputeInstanceMigrateState_bootDisk(t *testing.T) {
|
||||
"disk.0.auto_delete": "false",
|
||||
"disk.0.size": "12",
|
||||
"disk.0.device_name": "persistent-disk-0",
|
||||
"disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
"boot_disk.#": "1",
|
||||
"boot_disk.0.auto_delete": "false",
|
||||
"boot_disk.0.device_name": "persistent-disk-0",
|
||||
"boot_disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"boot_disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"boot_disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"boot_disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"boot_disk.0.initialize_params.#": "1",
|
||||
"boot_disk.0.initialize_params.0.size": "12",
|
||||
"boot_disk.0.initialize_params.0.type": "pd-ssd",
|
||||
@ -221,16 +221,16 @@ func TestAccComputeInstanceMigrateState_v4FixBootDisk(t *testing.T) {
|
||||
"disk.0.auto_delete": "false",
|
||||
"disk.0.size": "12",
|
||||
"disk.0.device_name": "persistent-disk-0",
|
||||
"disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
"boot_disk.#": "1",
|
||||
"boot_disk.0.auto_delete": "false",
|
||||
"boot_disk.0.device_name": "persistent-disk-0",
|
||||
"boot_disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"boot_disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"boot_disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"boot_disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"boot_disk.0.initialize_params.#": "1",
|
||||
"boot_disk.0.initialize_params.0.size": "12",
|
||||
"boot_disk.0.initialize_params.0.type": "pd-ssd",
|
||||
@ -303,8 +303,8 @@ func TestAccComputeInstanceMigrateState_attachedDiskFromSource(t *testing.T) {
|
||||
"disk.#": "1",
|
||||
"disk.0.disk": diskName,
|
||||
"disk.0.device_name": "persistent-disk-1",
|
||||
"disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
@ -312,8 +312,8 @@ func TestAccComputeInstanceMigrateState_attachedDiskFromSource(t *testing.T) {
|
||||
"attached_disk.#": "1",
|
||||
"attached_disk.0.source": "https://www.googleapis.com/compute/v1/projects/" + config.Project + "/zones/" + zone + "/disks/" + diskName,
|
||||
"attached_disk.0.device_name": "persistent-disk-1",
|
||||
"attached_disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"attached_disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"attached_disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"attached_disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
"create_timeout": "4",
|
||||
}
|
||||
@ -383,8 +383,8 @@ func TestAccComputeInstanceMigrateState_v4FixAttachedDiskFromSource(t *testing.T
|
||||
"disk.#": "1",
|
||||
"disk.0.disk": diskName,
|
||||
"disk.0.device_name": "persistent-disk-1",
|
||||
"disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
@ -392,8 +392,8 @@ func TestAccComputeInstanceMigrateState_v4FixAttachedDiskFromSource(t *testing.T
|
||||
"attached_disk.#": "1",
|
||||
"attached_disk.0.source": "https://www.googleapis.com/compute/v1/projects/" + config.Project + "/zones/" + zone + "/disks/" + diskName,
|
||||
"attached_disk.0.device_name": "persistent-disk-1",
|
||||
"attached_disk.0.disk_encryption_key_raw": "encrypt-key",
|
||||
"attached_disk.0.disk_encryption_key_sha256": "encrypt-key-sha",
|
||||
"attached_disk.0.disk_encryption_key.0.raw_key": "encrypt-key",
|
||||
"attached_disk.0.disk_encryption_key.0.sha256": "encrypt-key-sha",
|
||||
"zone": zone,
|
||||
}
|
||||
|
||||
@ -450,8 +450,8 @@ func TestAccComputeInstanceMigrateState_attachedDiskFromEncryptionKey(t *testing
|
||||
"boot_disk.#": "1",
|
||||
"disk.#": "1",
|
||||
"disk.0.image": "projects/debian-cloud/global/images/family/debian-9",
|
||||
"disk.0.disk_encryption_key_raw": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"disk.0.disk_encryption_key_sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"disk.0.disk_encryption_key.0.sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
@ -459,8 +459,8 @@ func TestAccComputeInstanceMigrateState_attachedDiskFromEncryptionKey(t *testing
|
||||
"attached_disk.#": "1",
|
||||
"attached_disk.0.source": "https://www.googleapis.com/compute/v1/projects/" + config.Project + "/zones/" + zone + "/disks/" + instanceName + "-1",
|
||||
"attached_disk.0.device_name": "persistent-disk-1",
|
||||
"attached_disk.0.disk_encryption_key_raw": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"attached_disk.0.disk_encryption_key_sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"attached_disk.0.disk_encryption_key.0.raw_key": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"attached_disk.0.disk_encryption_key.0.sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"zone": zone,
|
||||
"create_timeout": "4",
|
||||
}
|
||||
@ -518,8 +518,8 @@ func TestAccComputeInstanceMigrateState_v4FixAttachedDiskFromEncryptionKey(t *te
|
||||
"boot_disk.#": "1",
|
||||
"disk.#": "1",
|
||||
"disk.0.image": "projects/debian-cloud/global/images/family/debian-9",
|
||||
"disk.0.disk_encryption_key_raw": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"disk.0.disk_encryption_key_sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"disk.0.disk_encryption_key.0.raw_key": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"disk.0.disk_encryption_key.0.sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"zone": zone,
|
||||
}
|
||||
expected := map[string]string{
|
||||
@ -527,8 +527,8 @@ func TestAccComputeInstanceMigrateState_v4FixAttachedDiskFromEncryptionKey(t *te
|
||||
"attached_disk.#": "1",
|
||||
"attached_disk.0.source": "https://www.googleapis.com/compute/v1/projects/" + config.Project + "/zones/" + zone + "/disks/" + instanceName + "-1",
|
||||
"attached_disk.0.device_name": "persistent-disk-1",
|
||||
"attached_disk.0.disk_encryption_key_raw": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"attached_disk.0.disk_encryption_key_sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"attached_disk.0.disk_encryption_key.0.raw_key": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=",
|
||||
"attached_disk.0.disk_encryption_key.0.sha256": "esTuF7d4eatX4cnc4JsiEiaI+Rff78JgPhA/v1zxX9E=",
|
||||
"zone": zone,
|
||||
}
|
||||
|
||||
|
@ -1928,7 +1928,9 @@ resource "google_compute_disk" "foobar" {
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
|
||||
disk_encryption_key_raw = "%s"
|
||||
disk_encryption_key {
|
||||
raw_key = "%s"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "foobar2" {
|
||||
@ -1937,7 +1939,9 @@ resource "google_compute_disk" "foobar2" {
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
|
||||
disk_encryption_key_raw = "%s"
|
||||
disk_encryption_key {
|
||||
raw_key = "%s"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "foobar3" {
|
||||
@ -1946,7 +1950,9 @@ resource "google_compute_disk" "foobar3" {
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
|
||||
disk_encryption_key_raw = "%s"
|
||||
disk_encryption_key {
|
||||
raw_key = "%s"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "foobar4" {
|
||||
@ -2214,7 +2220,9 @@ resource "google_compute_disk" "foobar" {
|
||||
size = 10
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
disk_encryption_key_raw = "c2Vjb25kNzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI"
|
||||
disk_encryption_key {
|
||||
raw_key = "c2Vjb25kNzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_instance" "foobar" {
|
||||
|
@ -246,13 +246,19 @@ resource "google_compute_disk" "foobar" {
|
||||
size = 10
|
||||
type = "pd-ssd"
|
||||
zone = "us-central1-a"
|
||||
disk_encryption_key_raw = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
disk_encryption_key {
|
||||
raw_key = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
}
|
||||
}
|
||||
resource "google_compute_snapshot" "foobar" {
|
||||
name = "%s"
|
||||
source_disk = "${google_compute_disk.foobar.name}"
|
||||
zone = "us-central1-a"
|
||||
source_disk_encryption_key_raw = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
snapshot_encryption_key_raw = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
source_disk_encryption_key {
|
||||
raw_key = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
}
|
||||
snapshot_encryption_key {
|
||||
raw_key = "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
|
||||
}
|
||||
}`, diskName, snapshotName)
|
||||
}
|
||||
|
@ -191,11 +191,6 @@ The `source_snapshot_encryption_key` block supports:
|
||||
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
||||
encryption key that protects this resource.
|
||||
|
||||
* (Deprecated) `disk_encryption_key_raw`: This is an alias for
|
||||
`disk_encryption_key.raw_key`. It is deprecated to enhance
|
||||
consistency with `source_image_encryption_key` and
|
||||
`source_snapshot_encryption_key`.
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
In addition to the arguments listed above, the following computed attributes are exported:
|
||||
@ -235,11 +230,6 @@ In addition to the arguments listed above, the following computed attributes are
|
||||
* `self_link` - The URI of the created resource.
|
||||
|
||||
|
||||
* (Deprecated) `disk_encryption_key_sha256`: This is an alias for
|
||||
`disk_encryption_key.sha256`. It is deprecated to enhance
|
||||
consistency with `source_image_encryption_key` and
|
||||
`source_snapshot_encryption_key`.
|
||||
|
||||
## Timeouts
|
||||
|
||||
This resource provides the following
|
||||
|
Loading…
Reference in New Issue
Block a user