Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

artifactregistry: implement upstream credentials #9439

Merged
merged 4 commits into from
Nov 18, 2023
Merged

artifactregistry: implement upstream credentials #9439

merged 4 commits into from
Nov 18, 2023

Conversation

Subserial
Copy link
Contributor

Release Note Template for Downstream PRs (will be copied)

artifactregistry: added `remote_repository_config.upstream_credentials` field to `google_artifact_registry_repository` resource

@modular-magician
Copy link
Collaborator

Hello! I am a robot. It looks like you are a: Community Contributor Googler Core Contributor. Tests will run automatically.

@melinath, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 3 files changed, 261 insertions(+))
Terraform Beta: Diff ( 3 files changed, 261 insertions(+))
TF Conversion: Diff ( 1 file changed, 60 insertions(+))
TF OiCS: Diff ( 4 files changed, 132 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 3224
Passed tests 2895
Skipped tests: 328
Affected tests: 1

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccArtifactRegistryRepository_artifactRegistryRepositoryRemoteCustomExample

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccArtifactRegistryRepository_artifactRegistryRepositoryRemoteCustomExample[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

melinath
melinath requested changes Nov 10, 2023
View reviewed changes
Copy link
Member

@melinath melinath left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple changes to suggest

mmv1/products/artifactregistry/Repository.yaml Show resolved Hide resolved
mmv1/templates/terraform/examples/artifact_registry_repository_remote_custom.tf.erb
}
}

resource "google_secret_manager_secret_version" "<%= ctx[:vars]['secret_resource_id'] %>_version" {
Copy link
Member

@melinath melinath Nov 10, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests are failing with:

Error: Error creating Repository: googleapi: Error 400: An error occurred while validated upstream credentials: Artifact Registry service account "service-01234567890@gcp-sa-artifactregistry.iam.gserviceaccount.com" does not have permission to access the secret version.

You'll need to add this permission as part of the example

Copy link
Member

@melinath melinath Nov 10, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Example of how to do this

magic-modules/mmv1/templates/terraform/examples/cloud_run_service_secret_environment_variables.tf.erb

Line 16 in 5923d4c

resource "google_secret_manager_secret_iam_member" "secret-access" {

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the reference! I tested without secret access permissions and it worked, so I've pushed the changes for testing on github.

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 3 files changed, 277 insertions(+))
Terraform Beta: Diff ( 3 files changed, 277 insertions(+))
TF Conversion: Diff ( 1 file changed, 60 insertions(+))
TF OiCS: Diff ( 4 files changed, 140 insertions(+))

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Terraform GA: Diff ( 3 files changed, 277 insertions(+))
Terraform Beta: Diff ( 3 files changed, 277 insertions(+))
TF Conversion: Diff ( 1 file changed, 60 insertions(+))
TF OiCS: Diff ( 4 files changed, 140 insertions(+))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 3227
Passed tests 2895
Skipped tests: 329
Affected tests: 3

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
TestAccArtifactRegistryRepository_artifactRegistryRepositoryRemoteCustomExample|TestAccDataprocJobIamPolicy|TestAccDataprocClusterIamPolicy

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccArtifactRegistryRepository_artifactRegistryRepositoryRemoteCustomExample[Debug log]
TestAccDataprocJobIamPolicy[Debug log]
TestAccDataprocClusterIamPolicy[Debug log]

Rerun these tests in REPLAYING mode to catch issues

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

$\textcolor{green}{\textsf{All tests passed!}}$
View the build log or the debug log for each test

@melinath melinath merged commit 7485408 into GoogleCloudPlatform:main Nov 18, 2023
6 checks passed
This was referenced Nov 18, 2023
Merged
Merged
Merged
Merged
BBBmau pushed a commit to BBBmau/magic-modules that referenced this pull request Nov 28, 2023
@Subserial @BBBmau
artifactregistry: implement upstream credentials (GoogleCloudPlatform…
01e9e33 
…#9439)

* implemented remote auth

* add IAM settings to test
jialei-chen pushed a commit to jialei-chen/magic-modules that referenced this pull request Nov 29, 2023
@Subserial @jialei-chen
artifactregistry: implement upstream credentials (GoogleCloudPlatform…
4debe64 
…#9439)

* implemented remote auth

* add IAM settings to test
trodge pushed a commit to trodge/magic-modules that referenced this pull request Dec 8, 2023
@Subserial @trodge
artifactregistry: implement upstream credentials (GoogleCloudPlatform…
fbdac89 
…#9439)

* implemented remote auth

* add IAM settings to test
@Subserial Subserial deleted the AR-remote-auth branch January 10, 2025 00:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@melinath melinath melinath approved these changes

Assignees
No one assigned
Labels
service/artifactregistry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Subserial @modular-magician @melinath