Move container cluster binary authorization to ga.

Fixes hashicorp/terraform-provider-google#5072.
GoogleCloudPlatform · Jan 21, 2020 · 4819213 · 4819213
1 parent 4e9cbb2
commit 4819213
Showing 1 changed file with 19 additions and 25 deletions.
diff --git a/third_party/terraform/resources/resource_container_cluster.go.erb b/third_party/terraform/resources/resource_container_cluster.go.erb
@@ -371,15 +371,9 @@ func resourceContainerCluster() *schema.Resource {
 			},
 
 			"enable_binary_authorization": {
-<% if version == 'ga' -%>
-				Removed:  "This field is in beta. Use it in the the google-beta provider instead. See https://terraform.io/docs/providers/google/guides/provider_versions.html for more details.",
-				Computed:  true,
-<% else -%>
 				Default:  false,
-<% end -%>
 				Type:     schema.TypeBool,
 				Optional: true,
-
 			},
 
 			"enable_kubernetes_alpha": {
@@ -1046,17 +1040,17 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
 		IpAllocationPolicy:      expandIPAllocationPolicy(d.Get("ip_allocation_policy")),
 		PodSecurityPolicyConfig: expandPodSecurityPolicyConfig(d.Get("pod_security_policy_config")),
 		Autoscaling:             expandClusterAutoscaling(d.Get("cluster_autoscaling"), d),
+		BinaryAuthorization:     &containerBeta.BinaryAuthorization{
+			Enabled:         d.Get("enable_binary_authorization").(bool),
+			ForceSendFields: []string{"Enabled"},
+		},
 <% unless version == 'ga' -%>
 		ShieldedNodes: &containerBeta.ShieldedNodes{
 			Enabled:         d.Get("enable_shielded_nodes").(bool),
 			ForceSendFields: []string{"Enabled"},
 		},
 		ReleaseChannel:          expandReleaseChannel(d.Get("release_channel")),
 		EnableTpu:               d.Get("enable_tpu").(bool),
-		BinaryAuthorization: &containerBeta.BinaryAuthorization{
-			Enabled:         d.Get("enable_binary_authorization").(bool),
-			ForceSendFields: []string{"Enabled"},
-		},
 		NetworkConfig: &containerBeta.NetworkConfig{
 			EnableIntraNodeVisibility: d.Get("enable_intranode_visibility").(bool),
 		},
@@ -1310,11 +1304,11 @@ func resourceContainerClusterRead(d *schema.ResourceData, meta interface{}) erro
 	if err := d.Set("cluster_autoscaling", flattenClusterAutoscaling(cluster.Autoscaling)); err != nil {
 		return err
 	}
+	d.Set("enable_binary_authorization", cluster.BinaryAuthorization != nil && cluster.BinaryAuthorization.Enabled)
 <% unless version == 'ga' -%>
 	if cluster.ShieldedNodes != nil {
 		d.Set("enable_shielded_nodes", cluster.ShieldedNodes.Enabled)
 	}
-	d.Set("enable_binary_authorization", cluster.BinaryAuthorization != nil && cluster.BinaryAuthorization.Enabled)
 	d.Set("enable_tpu", cluster.EnableTpu)
 	d.Set("tpu_ipv4_cidr_block", cluster.TpuIpv4CidrBlock)
 
@@ -1480,50 +1474,50 @@ func resourceContainerClusterUpdate(d *schema.ResourceData, meta interface{}) er
 
 		d.SetPartial("cluster_autoscaling")
 	}
-
-<% unless version == 'ga' -%>
-	if d.HasChange("enable_shielded_nodes") {
-		enabled := d.Get("enable_shielded_nodes").(bool)
+
+	if d.HasChange("enable_binary_authorization") {
+		enabled := d.Get("enable_binary_authorization").(bool)
 		req := &containerBeta.UpdateClusterRequest{
 			Update: &containerBeta.ClusterUpdate{
-				DesiredShieldedNodes: &containerBeta.ShieldedNodes{
+				DesiredBinaryAuthorization: &containerBeta.BinaryAuthorization{
 					Enabled:         enabled,
 					ForceSendFields: []string{"Enabled"},
 				},
 			},
 		}
 
-		updateF := updateFunc(req, "updating GKE shielded nodes")
+		updateF := updateFunc(req, "updating GKE binary authorization")
 		// Call update serially.
 		if err := lockedCall(lockKey, updateF); err != nil {
 			return err
 		}
 
-		log.Printf("[INFO] GKE cluster %s's shielded nodes has been updated to %v", d.Id(), enabled)
+		log.Printf("[INFO] GKE cluster %s's binary authorization has been updated to %v", d.Id(), enabled)
 
-		d.SetPartial("enable_shielded_nodes")
+		d.SetPartial("enable_binary_authorization")
 	}
 
-	if d.HasChange("enable_binary_authorization") {
-		enabled := d.Get("enable_binary_authorization").(bool)
+<% unless version == 'ga' -%>
+	if d.HasChange("enable_shielded_nodes") {
+		enabled := d.Get("enable_shielded_nodes").(bool)
 		req := &containerBeta.UpdateClusterRequest{
 			Update: &containerBeta.ClusterUpdate{
-				DesiredBinaryAuthorization: &containerBeta.BinaryAuthorization{
+				DesiredShieldedNodes: &containerBeta.ShieldedNodes{
 					Enabled:         enabled,
 					ForceSendFields: []string{"Enabled"},
 				},
 			},
 		}
 
-		updateF := updateFunc(req, "updating GKE binary authorization")
+		updateF := updateFunc(req, "updating GKE shielded nodes")
 		// Call update serially.
 		if err := lockedCall(lockKey, updateF); err != nil {
 			return err
 		}
 
-		log.Printf("[INFO] GKE cluster %s's binary authorization has been updated to %v", d.Id(), enabled)
+		log.Printf("[INFO] GKE cluster %s's shielded nodes has been updated to %v", d.Id(), enabled)
 
-		d.SetPartial("enable_binary_authorization")
+		d.SetPartial("enable_shielded_nodes")
 	}
 
 	if d.HasChange("enable_intranode_visibility") {