Remove all instances of GOOGLE_XPN_HOST_PROJECT environment variable.
Instead of GOOGLE_XPN_HOST_PROJECT being required to run some tests, I added the ability to create and tear down the necessary project structure.
This allows us to remove one environment variable, and use two others which are already widely-required: org and billing ID.
Add consistency for for IAM imports.
- Adds imports for projects, folders, crypto keys, organizations, and key rings.
- Anything else with IAM can implement a simple method and begin working immediately.
- Add tests for all the IAM imports.
- Import documentation for IAM resources.
Previously, provider credentials were _supposed_ to be able to be
specified as the file contents or the path to the file. We even had a
test for the code for this!
Then we updated the validation for the provider, and forgot to validate
filepaths as ok. So provider validation failed. And because our test
only tested the config validation, and not the provider validation, our
tests thought this was just fine still.
This fixes that oversight, accepting filepaths as valid. It also adds
tests to ensure that provider validation allows both file paths and
contents.
- Fetch Zone attribute any place where it *was* being fetched from the schema by
combination schema / provider-level attribute.
- Allow region to be unspecified if zone is specified.
- Switch one example to using provider-level zone as an example.
- Make provider-level zone optional. (Individual resources will fail if they can't find a zone.)
- Add tests for getZone and getRegion.
It's getting hung up on a database replica instance that's not running,
so it can't stop it.
To resolve, we're only trying to stop replica instances that are in a
running state. Also, I noticed a bug that we'd try to delete replicas
twice, so I fixed that, as well.
We introduced special handling for NS records in 1.2.0 under the
assumption that ALL NS records can't be deleted. This isn't actually
true. Only NS records for the naked domain of the managed zone can't be
removed; all other NS records can be. Because of this, 1.2.0 contains a
bug where all NS records are removed.
This update fixes the situation to only use special handling on NS
records that are for the naked root domain of the managed zone, and
treat all subdomain NS records as normal records. It also adds a test to
ensure this functionality.
Fixes#729.
We removed ipv4_range, but the API still exists, it's just deprecated.
This breaks configs for users that haven't migrated off yet. I added it
back, added some tests to use it, included it in the docs, and basically
tried to put things back the way they were. The main difference now is
that the auto_create_subnetworks field defaults to true, and we want to
keep that behaviour to avoid a breaking change. So now if users want to
use the lagacy API, they need to set auto_create_subnetworks to false
explicitly.
* Detect changes to local file or changes made outside of Terraform to the file stored on the server.
* Add comment about why the detect_md5hash field is optional and not computed
* Move AliasIpRange helpers into utils
To reflect the fact they'll be used by multiple resources.
* Pass Config to build helpers, not meta
It's the only thing meta is used for.
* Refactor getNetwork util methods to return early for the happy path.
* Update compute APIs
compute.Instance.MinCpuPlatform is now GA.
* Fix panic in TestComputeInstanceMigrateState
This seemed to be a pre-existing issue, i.e. I could repro it in master.
--- FAIL: TestComputeInstanceMigrateState (0.00s)
panic: interface conversion: interface {} is nil, not *google.Config [recovered]
panic: interface conversion: interface {} is nil, not *google.Config
goroutine 85 [running]:
testing.tRunner.func1(0xc4205d60f0)
/usr/local/Cellar/go/1.9.1/libexec/src/testing/testing.go:711 +0x2d2
panic(0x203acc0, 0xc4205d2080)
/usr/local/Cellar/go/1.9.1/libexec/src/runtime/panic.go:491 +0x283
github.com/terraform-providers/terraform-provider-google/google.migrateStateV3toV4(0xc4205f2000, 0x0, 0x0, 0x0, 0x48, 0xc4205f2000)
/Users/negz/control/go/src/github.com/terraform-providers/terraform-provider-google/google/resource_compute_instance_migrate.go:182 +0x2405
github.com/terraform-providers/terraform-provider-google/google.resourceComputeInstanceMigrateState(0x2, 0xc4205f2000, 0x0, 0x0, 0x0, 0x0, 0xe0000000000)
/Users/negz/control/go/src/github.com/terraform-providers/terraform-provider-google/google/resource_compute_instance_migrate.go:48 +0x21a
github.com/terraform-providers/terraform-provider-google/google.runInstanceMigrateTest(0xc4205d60f0, 0x2260816, 0x8, 0x227d23a, 0x20, 0x2, 0xc4205ec0f0, 0xc4205ec120, 0x0,
0x0)
/Users/negz/control/go/src/github.com/terraform-providers/terraform-provider-google/google/resource_compute_instance_migrate_test.go:803 +0xc1
github.com/terraform-providers/terraform-provider-google/google.TestComputeInstanceMigrateState(0xc4205d60f0)
/Users/negz/control/go/src/github.com/terraform-providers/terraform-provider-google/google/resource_compute_instance_migrate_test.go:71 +0xc84
testing.tRunner(0xc4205d60f0, 0x22d81c0)
/usr/local/Cellar/go/1.9.1/libexec/src/testing/testing.go:746 +0xd0
created by testing.(*T).Run
/usr/local/Cellar/go/1.9.1/libexec/src/testing/testing.go:789 +0x2de
FAIL github.com/terraform-providers/terraform-provider-google/google 0.035s
* Use only the v1 API for resource_compute_instance
Alias IP ranges, Accelerators, and min CPU platform are now GA.
* Move common instance code into utils.go
Methods used by both resource_compute_instance and
resource_compute_instance_template are currently spread between their respective
files, and utils.go.
This commit moves them all into utils.go for the sake of consistency. It may be
worth considering an instance_common.go file or similar.
* Unify compute_instance and compute_instance_template network_interface and service_account code
This has the side effect of enabling Alias IP range support for
compute_instance_templates.
* Add tests for compute instance template Alias IP ranges
* Mark instance template region as computed
We compute it from the subnet its network interfaces are in. Note this
is not new behaviour - I believe it was erroneously missing the computed
flag.
* Support guest accelerators for instance templates
Since most of the code is already there.
* Add a test for using 'address' rather than 'network_ip' for instance templates
* Don't mark assigned_nat_ip as deprecated
* Remove network_interface schema fields that don't make sense for a compute instance template
* Add newline after count in instance template docs
* Don't try to dedupe guest accelerator expansion code
The API calls to Google to create guest accelerators take different values
for instances and instance templates. Instance templates don't have a zone
and can thus *only* be passed a guest accelerator name.
* Use ParseNetworkFieldValue instead of getNetworkLink
* Add support for parsing regional fields, and subnetworks specifically
Currently unused because subnetworks may have a separate project from that
of the instance using them, which complicates looking up the project field.
* Fall back to provider region when parsing regional field values
Also slightly refactors getXFromSchema field helper functions for readability.
* Revert to assigned_nat_ip in compute instance docs
* Add beta scaffolding to compute instance and compute instance template
Note these resources don't currently use beta features - this is futureproofing.
* Fix indentation in comment about instance template alias IP ranges
* Consolidate metadata helper functions in metadata.go
* Move compute instance (and template) related helpers into their own file
* add support for ip aliasing in `google_container_cluster`
* [review] cleanup galore, infer feature enablement from `ip_allocation_policy`
* [review] cleanup, round 2
* add nil check back (when reading ip allocation policy from API)
* Add IAM bindings and member resources for KMS KeyRings
* Add IAM bindings and member resources for KMS CryptoKeys
* Docs for key ring and crypto key IAM resources
* Exctract KMS policy conversions to helper functions
* Split iam_binding and iam_member tests for KMS
* Docs for kms IAM member resources
* Run KMS IAM tests in own project
* add support for `google_container_node_pool` management (sans-tests)
* [review] add tests, docs, general cleanup
* add docs
* [review] amend test to check updates and terraform fmt
* test updates, make nested management fields non-computed
* Refactor project iam binding and member resources to improve reusability
* Use default mask when updating project iam policy
* Add a doc comment for the ResourceIamUpdater interface
* Add the "compute_global_address" datasource
* Add a basic test for the "compute_global_address" datasource
* Include the "compute_global_address" in the provider
* Add docs for the "compute_global_address" datasource
Since this variable is only used for 3 tests, it doesn't make sense
to declare it as mandatory in the test config. Therefore, concerned tests
are now skipped if the variable is absent.
* Remove import support for org policy
* Add ForceNew to org_id field
* Revert "Remove import support for org policy"
This reverts commit f65d9fb347d6b0998be55ef823c5726e876c53ae.
* Add import documentation for google_organization_policy
* Add the "compute_address" datasource
* Add a basic test for the "compute_address" datasource
* Include the "compute_address" datasource in the provider
* Add the documentation for the "compute_address" datasource
* Adds support for creating KMS CryptoKeys resources
* Destroy extant CryptoKeyVersions on CryptoKey destroy
* Inherit project, location etc from KeyRing in CryptoKey
* Add function to calculate next rotation
* Implement RotationPeriod parameter on CryptoKey
* Import CryptoKey state
* Uncommit my local acceptance test hacks
* Docs for google_kms_crypto_key
* Clear id at the end of CryptoKey deletion
Also add more detail to warning message.
* Fix parseCryptoKeyId error messages
* Use correct naming in CryptoKeyIdParsing test
* Check RotationPeriod is present in acceptance test
* Rename variable in test function for consistency
* Fix wrong resource name in cryptokey docs
* Add KeyRing to CryptoKey doc example
* Run test CryptoKey configs through terraform fmt
* Don't set CryptoKey purpose in terraform state on import
* Fix indentation in CryptoKey test
* Parallelise CryptoKey tests
* Set rotation_key on CryptoKey read
* Move RotationPeriod validation to planning phase
* Use import state passthrough for CryptoKey
* Correct casing issues in test case names
* Remove redundant CheckDestroy calls in CryptoKey tests
* Add explanatory comment about extra test steps
* More explicit error handling in CryptoKey tests
* Explicit dependency on project services in test keyring configs
* Clean up comments in cryptokey resource
* Do not repeat in cryptokey id regexes
* Relax diff on maintenance_policy.daily_maintenance_window.start_time
If the maintenance window has been set outside of Terraform to a time with a
single-digit hour (such as 1:00), and the terraform definition is set to the
same hour but with a leading zero as per validation (i.e. 01:00), do not
consider the time to be changed (as we currently don't support update on this
property).
Fixes#719
* Generalise rfc3339TimeDiffSuppress and add more test cases
Because of weirdness in our test runner, our CI tries to run every test
that matches the TestAcc* prefix, _even if it's commented out_. This
leads to failed tests in CI for tests that aren't even running, which is
annoying.
This PR just lowercases the first letter of the test so it doesn't match
the prefix anymore and the CI won't try to run it.
- Accepts self_link in addition of health check name
- Removes the need for an API call to generate the self link
- Improves the documentation to mention that only the legacy google_compute_http_health_check is supported. This will prevent our user from being stuck like mentioned here: #300.
- Adds a MaxItems:1 in the schema. You can't have more than one. The API will fail. The official docs also says so.
- Adds a check to the acceptance test to ensure the health checks are properly setup.
* Add support for maintenance window on google_container_cluster (#526)
* Address review comments
- Set ForceNew: true on the schema element daily_maintenance_window
- Correct resource name in acceptance test
- Correct documentation of resource attribute maintenance_policy.0.daily_maintenance_window.0.duration
* Add support for Kubernetes alpha features
* Add tests for support of Kubernetes alpha features
* Fix dodgy copy and paste operations
* Add documentation
* initial work on adding IAP support for backend services
* readback of IAP
* flatten IAP + static set id
* expandIap function
* removed enabled flag/state rework
Removed the enabled flag for IAP
IAP is now enabled when the client id and secret are set
IAP now correctly disables when IAP stanza is removed
Client secret is now correctly hashed against the secret hash stored on the server
* Tests for IAP
* added comments, fixed tabs.
* testing for IAP disabled
Rename all ID fields to {resource_noun}_id instead of removing them
outright. This means people can still get at the info.
Leave project's id deleted. It has been marked as Removed for months.
I'm fine with cleaning it up before 1.0.0.
Also, update website docs.