Adding Eventarc GoogleChannelConfig Resource support for TPG

mmv1/third_party/terraform/go.mod.erb

@@ -5,7 +5,7 @@ go 1.18
 
 require (
 	cloud.google.com/go/bigtable v1.16.0
-	github.com/GoogleCloudPlatform/declarative-resource-client-library v1.19.0
+	github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/client9/misspell v0.3.4
 	github.com/davecgh/go-spew v1.1.1

mmv1/third_party/terraform/go.sum

@@ -1515,3 +1515,5 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1 h1:3/A97+HDHSK35yPKsg7hEUe9wYGPM91LppirAE+Xv6M=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1/go.mod h1:i6Pmzp7aolLmJY86RaJ9wjqm/HFleMeN7Vl5uIWLwE8=

mmv1/third_party/terraform/tests/resource_eventarc_google_channel_config_test.go.erb

@@ -0,0 +1,197 @@
+<% autogen_exception -%>
+package google
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"testing"
+
+	dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl"
+	<% if version == "ga" -%>
+	eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc"
+	<% else -%>
+    eventarc "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/eventarc/beta"
+    <% end %>
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAccEventarcGoogleChannelConfig_basic(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"project_name":  getTestProjectFromEnv(),
+		"region":        getTestRegionFromEnv(),
+		"random_suffix": randString(t, 10),
+	}
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckEventarcGoogleChannelConfigDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEventarcGoogleChannelConfig_basic(context),
+			},
+			{
+				ResourceName:      "google_eventarc_google_channel_config.primary",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccEventarcGoogleChannelConfig_cryptoKeyUpdate(t *testing.T) {
+	t.Parallel()
+
+	region := getTestRegionFromEnv()
+	key1 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key1")
+	key2 := BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", region, "tf-bootstrap-key2")
+
+	context := map[string]interface{}{
+		"project_name":  getTestProjectFromEnv(),
+		"region":        getTestRegionFromEnv(),
+		"random_suffix": randString(t, 10),
+		"key_ring":      GetResourceNameFromSelfLink(key1.KeyRing.Name),
+		"key1":          GetResourceNameFromSelfLink(key1.CryptoKey.Name),
+		"key2":          GetResourceNameFromSelfLink(key2.CryptoKey.Name),
+	}
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckEventarcGoogleChannelConfigDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEventarcGoogleChannelConfig_setCryptoKey(context),
+			},
+			{
+				ResourceName:      "google_eventarc_google_channel_config.primary",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccEventarcGoogleChannelConfig_cryptoKeyUpdate(context),
+			},
+			{
+				ResourceName:      "google_eventarc_google_channel_config.primary",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccEventarcGoogleChannelConfig_basic(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_eventarc_google_channel_config" "primary" {
+	location = "%{region}"
+	name     = "projects/%{project_name}/locations/%{region}/googleChannelConfig"
+}
+	`, context)
+}
+
+func testAccEventarcGoogleChannelConfig_setCryptoKey(context map[string]interface{}) string {
+	return Nprintf(`
+data "google_project" "test_project" {
+	project_id  = "%{project_name}"
+}
+
+data "google_kms_key_ring" "test_key_ring" {
+	name     = "%{key_ring}"
+	location = "us-central1"
+}
+
+data "google_kms_crypto_key" "key1" {
+	name     = "%{key1}"
+	key_ring = data.google_kms_key_ring.test_key_ring.id
+}
+
+resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+	crypto_key_id = data.google_kms_crypto_key.key1.id
+	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+	members = [
+	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
+	]
+}
+
+resource "google_eventarc_google_channel_config" "primary" {
+	location = "%{region}"
+	name     = "projects/%{project_name}/locations/%{region}/googleChannelConfig"
+	crypto_key_name =  data.google_kms_crypto_key.key1.id
+	depends_on =[google_kms_crypto_key_iam_binding.key1_binding]
+}
+	`, context)
+}
+
+func testAccEventarcGoogleChannelConfig_cryptoKeyUpdate(context map[string]interface{}) string {
+	return Nprintf(`
+data "google_project" "test_project" {
+	project_id  = "%{project_name}"
+}
+
+data "google_kms_key_ring" "test_key_ring" {
+	name     = "%{key_ring}"
+	location = "us-central1"
+}
+
+data "google_kms_crypto_key" "key2" {
+	name     = "%{key2}"
+	key_ring = data.google_kms_key_ring.test_key_ring.id
+}
+
+resource "google_kms_crypto_key_iam_binding" "key2_binding" {
+	crypto_key_id = data.google_kms_crypto_key.key2.id
+	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+	members = [
+	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
+	]
+}
+
+resource "google_eventarc_google_channel_config" "primary" {
+	location = "%{region}"
+	name     = "projects/%{project_name}/locations/%{region}/googleChannelConfig"
+	crypto_key_name =  data.google_kms_crypto_key.key2.id
+	depends_on =[google_kms_crypto_key_iam_binding.key2_binding]
+}
+	`, context)
+}
+
+func testAccCheckEventarcGoogleChannelConfigDestroyProducer(t *testing.T) func(s *terraform.State) error {
+	return func(s *terraform.State) error {
+		for name, rs := range s.RootModule().Resources {
+			if rs.Type != "rs.google_eventarc_google_channel_config" {
+				continue
+			}
+			if strings.HasPrefix(name, "data.") {
+				continue
+			}
+
+			config := googleProviderConfig(t)
+
+			billingProject := ""
+			if config.BillingProject != "" {
+				billingProject = config.BillingProject
+			}
+
+			obj := &eventarc.GoogleChannelConfig{
+				Location:      dcl.String(rs.Primary.Attributes["location"]),
+				Name:          dcl.String(rs.Primary.Attributes["name"]),
+				CryptoKeyName: dcl.String(rs.Primary.Attributes["crypto_key_name"]),
+				Project:       dcl.StringOrNil(rs.Primary.Attributes["project"]),
+				UpdateTime:    dcl.StringOrNil(rs.Primary.Attributes["update_time"]),
+			}
+
+			client := NewDCLEventarcClient(config, config.userAgent, billingProject, 0)
+			_, err := client.GetGoogleChannelConfig(context.Background(), obj)
+			if err == nil {
+				return fmt.Errorf("google_eventarc_google_channel_config still exists %v", obj)
+			}
+		}
+		return nil
+	}
+}

tpgtools/api/eventarc/samples/copy.py

@@ -0,0 +1,24 @@
+import os
+import shutil
+import sys
+import yaml
+
+
+def main():
+  file_name = sys.argv[1]
+  shutil.copy(file_name, os.getcwd())
+  samples_dir = os.path.split(file_name)[0]
+  sample = yaml.safe_load(open(file_name))
+  print(yaml.dump(sample))
+  all_deps = [sample['resource']]
+  updates = sample.get('updates')
+  if updates:
+    all_deps.append(updates[0]['resource'])
+  all_deps += sample.get('dependencies', [])
+  for dep in all_deps:
+    dep_file_name = f'{samples_dir}/{os.path.split(dep)[1]}'
+    shutil.copy(dep_file_name, os.getcwd())
+
+
+if __name__ == '__main__':
+  main()

tpgtools/go.mod

@@ -4,7 +4,7 @@ go 1.18
 
 require (
 	bitbucket.org/creachadair/stringset v0.0.9
-	github.com/GoogleCloudPlatform/declarative-resource-client-library v1.19.0
+	github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1
 	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
 	github.com/hashicorp/errwrap v1.0.0
 	github.com/hashicorp/hcl v1.0.0
@@ -23,7 +23,6 @@ require (
 	github.com/golang/protobuf v1.4.2 // indirect
 	github.com/google/go-cmp v0.5.8 // indirect
 	github.com/google/go-cpy v0.0.0-20211218193943-a9c933c06932 // indirect
-
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect
 	github.com/hashicorp/go-multierror v1.0.0 // indirect
 	github.com/hashicorp/go-uuid v1.0.1 // indirect

tpgtools/go.sum

@@ -36,8 +36,8 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/GoogleCloudPlatform/declarative-resource-client-library v1.19.0 h1:4YAtk4xuOCxUSkGdwlDhkX7DTP4VwLZCoebGGEsU+U4=
-github.com/GoogleCloudPlatform/declarative-resource-client-library v1.19.0/go.mod h1:i6Pmzp7aolLmJY86RaJ9wjqm/HFleMeN7Vl5uIWLwE8=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1 h1:3/A97+HDHSK35yPKsg7hEUe9wYGPM91LppirAE+Xv6M=
+github.com/GoogleCloudPlatform/declarative-resource-client-library v1.20.1/go.mod h1:i6Pmzp7aolLmJY86RaJ9wjqm/HFleMeN7Vl5uIWLwE8=
 github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
 github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE=
 github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=

tpgtools/overrides/eventarc/samples/googlechannelconfig/basic.tf.tmpl

@@ -0,0 +1,31 @@
+data "google_project" "test_project" {
+	project_id  = "{{project-id}}"
+}
+
+data "google_kms_key_ring" "test_key_ring" {
+	name     = "{{keyring}}"
+	location = "{{region}}"
+}
+
+data "google_kms_crypto_key" "key" {
+	name     = "{{key}}"
+	key_ring = data.google_kms_key_ring.test_key_ring.id
+}
+
+resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+    crypto_key_id = data.google_kms_crypto_key.key1.id
+    role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+    members = [
+    "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
+    ]
+}
+
+resource "google_eventarc_google_channel_config" "primary" {
+  location = "{{region}}"
+  name     = "{{channel}}"
+  project  = "${data.google_project.test_project.project_id}"
+  crypto_key_name =  "${data.google_kms_crypto_key.key1.id}"
+  third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/{{region}}/providers/datadog"
+  depends_on = [google_kms_crypto_key_iam_binding.key1_binding]
+}

tpgtools/overrides/eventarc/samples/googlechannelconfig/basic.yaml

@@ -0,0 +1,11 @@
+variables:
+  - name: "project-id"
+    type: "project"
+  - name: "region"
+    type: "region"
+  - name: "keyring"
+    type: "resource_name"
+  - name: "key"
+    type: "resource_name"
+  - name: "channel"
+    type: "resource_name"

tpgtools/overrides/eventarc/samples/googlechannelconfig/meta.yaml

@@ -0,0 +1,6 @@
+# meta.yaml
+#
+# We are hiding the terraform template because the test's for an Eventarc GoogleChannelConfig are handwritten in mmv1. However we want to 
+# generate the docs for a channel on the registry. We make tpgtools do this without it generating a test 
+test_hide:
+  - basic.tf.tmpl