From 7f1ee10792a2424cd2bfd51fe41e7fcef50936e7 Mon Sep 17 00:00:00 2001
From: Taylor Thornton <thornton.tn@gmail.com>
Date: Tue, 8 Mar 2022 18:23:25 -0800
Subject: [PATCH 1/3] Update google_sql_database_instance config to output
 connection details

Signed-off-by: Taylor Thornton <thornton.tn@gmail.com>
---
 config/sql/config.go | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/config/sql/config.go b/config/sql/config.go
index 72b5b2e4..f3c01a96 100644
--- a/config/sql/config.go
+++ b/config/sql/config.go
@@ -23,6 +23,49 @@ func Configure(p *config.Provider) { //nolint:gocyclo
 			}
 			return fmt.Sprintf("projects/%s/instances/%s", project, externalName), nil
 		}
+
+		// NOTE(@tnthornton) most of the connection details that were exported
+		// to the connection details secret are marked as non-sensitive for tf.
+		// We need to manually construct the secret details for those items.
+		r.Sensitive = config.Sensitive{
+			AdditionalConnectionDetailsFn: func(attr map[string]interface{}) (map[string][]byte, error) {
+				conn := map[string][]byte{}
+				if a, ok := attr["connection_name"].(string); ok {
+					conn["connectionName"] = []byte(a)
+				}
+				if a, ok := attr["private_ip_address"].(string); ok {
+					conn["privateIpAddress"] = []byte(a)
+				}
+				if a, ok := attr["public_ip_address"].(string); ok {
+					conn["publicIpAddress"] = []byte(a)
+				}
+				if a, ok := attr["root_password"].(string); ok {
+					conn["rootPassword"] = []byte(a)
+				}
+				// map
+				if certSlice, ok := attr["server_ca_cert"].([]interface{}); ok {
+					if certattrs, ok := certSlice[0].(map[string]interface{}); ok {
+						if a, ok := certattrs["cert"].(string); ok {
+							conn["cert"] = []byte(a)
+						}
+						if a, ok := certattrs["common_name"].(string); ok {
+							conn["commonName"] = []byte(a)
+						}
+						if a, ok := certattrs["create_time"].(string); ok {
+							conn["createTime"] = []byte(a)
+						}
+						if a, ok := certattrs["expiration_time"].(string); ok {
+							conn["expirationTime"] = []byte(a)
+						}
+						if a, ok := certattrs["sha1_fingerprint"].(string); ok {
+							conn["sha1Fingerprint"] = []byte(a)
+						}
+					}
+				}
+				return conn, nil
+			},
+		}
+
 		r.UseAsync = true
 	})
 	p.AddResourceConfigurator("google_sql_database", func(r *config.Resource) {

From 585c3763f40019b9a4d2017e7e8e1cfa88e9287e Mon Sep 17 00:00:00 2001
From: Taylor Thornton <thornton.tn@gmail.com>
Date: Wed, 9 Mar 2022 09:13:01 -0800
Subject: [PATCH 2/3] remove config.Sensitive initialization update cert key
 name to serverCaCert

Signed-off-by: Taylor Thornton <thornton.tn@gmail.com>
---
 config/sql/config.go | 68 +++++++++++++++++++++-----------------------
 1 file changed, 33 insertions(+), 35 deletions(-)

diff --git a/config/sql/config.go b/config/sql/config.go
index f3c01a96..9105ac2b 100644
--- a/config/sql/config.go
+++ b/config/sql/config.go
@@ -27,43 +27,41 @@ func Configure(p *config.Provider) { //nolint:gocyclo
 		// NOTE(@tnthornton) most of the connection details that were exported
 		// to the connection details secret are marked as non-sensitive for tf.
 		// We need to manually construct the secret details for those items.
-		r.Sensitive = config.Sensitive{
-			AdditionalConnectionDetailsFn: func(attr map[string]interface{}) (map[string][]byte, error) {
-				conn := map[string][]byte{}
-				if a, ok := attr["connection_name"].(string); ok {
-					conn["connectionName"] = []byte(a)
-				}
-				if a, ok := attr["private_ip_address"].(string); ok {
-					conn["privateIpAddress"] = []byte(a)
-				}
-				if a, ok := attr["public_ip_address"].(string); ok {
-					conn["publicIpAddress"] = []byte(a)
-				}
-				if a, ok := attr["root_password"].(string); ok {
-					conn["rootPassword"] = []byte(a)
-				}
-				// map
-				if certSlice, ok := attr["server_ca_cert"].([]interface{}); ok {
-					if certattrs, ok := certSlice[0].(map[string]interface{}); ok {
-						if a, ok := certattrs["cert"].(string); ok {
-							conn["cert"] = []byte(a)
-						}
-						if a, ok := certattrs["common_name"].(string); ok {
-							conn["commonName"] = []byte(a)
-						}
-						if a, ok := certattrs["create_time"].(string); ok {
-							conn["createTime"] = []byte(a)
-						}
-						if a, ok := certattrs["expiration_time"].(string); ok {
-							conn["expirationTime"] = []byte(a)
-						}
-						if a, ok := certattrs["sha1_fingerprint"].(string); ok {
-							conn["sha1Fingerprint"] = []byte(a)
-						}
+		r.Sensitive.AdditionalConnectionDetailsFn = func(attr map[string]interface{}) (map[string][]byte, error) {
+			conn := map[string][]byte{}
+			if a, ok := attr["connection_name"].(string); ok {
+				conn["connectionName"] = []byte(a)
+			}
+			if a, ok := attr["private_ip_address"].(string); ok {
+				conn["privateIpAddress"] = []byte(a)
+			}
+			if a, ok := attr["public_ip_address"].(string); ok {
+				conn["publicIpAddress"] = []byte(a)
+			}
+			if a, ok := attr["root_password"].(string); ok {
+				conn["rootPassword"] = []byte(a)
+			}
+			// map
+			if certSlice, ok := attr["server_ca_cert"].([]interface{}); ok {
+				if certattrs, ok := certSlice[0].(map[string]interface{}); ok {
+					if a, ok := certattrs["cert"].(string); ok {
+						conn["serverCaCert"] = []byte(a)
+					}
+					if a, ok := certattrs["common_name"].(string); ok {
+						conn["commonName"] = []byte(a)
+					}
+					if a, ok := certattrs["create_time"].(string); ok {
+						conn["createTime"] = []byte(a)
+					}
+					if a, ok := certattrs["expiration_time"].(string); ok {
+						conn["expirationTime"] = []byte(a)
+					}
+					if a, ok := certattrs["sha1_fingerprint"].(string); ok {
+						conn["sha1Fingerprint"] = []byte(a)
 					}
 				}
-				return conn, nil
-			},
+			}
+			return conn, nil
 		}
 
 		r.UseAsync = true

From d2b2cc220de409beba3bc6182e54073175e20f21 Mon Sep 17 00:00:00 2001
From: Taylor Thornton <thornton.tn@gmail.com>
Date: Thu, 10 Mar 2022 13:27:18 -0800
Subject: [PATCH 3/3] use keys consistent with provider-gcp's naming
 conventions

Signed-off-by: Taylor Thornton <thornton.tn@gmail.com>
---
 config/sql/config.go | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/config/sql/config.go b/config/sql/config.go
index 9105ac2b..9981854a 100644
--- a/config/sql/config.go
+++ b/config/sql/config.go
@@ -6,9 +6,25 @@ import (
 
 	"github.com/crossplane/terrajet/pkg/config"
 
+	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
+
 	"github.com/crossplane-contrib/provider-jet-gcp/config/common"
 )
 
+// CloudSQL connection detail keys
+const (
+	CloudSQLSecretServerCACertificateCertKey            = "serverCACertificateCert"
+	CloudSQLSecretServerCACertificateCommonNameKey      = "serverCACertificateCommonName"
+	CloudSQLSecretServerCACertificateCreateTimeKey      = "serverCACertificateCreateTime"
+	CloudSQLSecretServerCACertificateExpirationTimeKey  = "serverCACertificateExpirationTime"
+	CloudSQLSecretServerCACertificateSha1FingerprintKey = "serverCACertificateSha1Fingerprint"
+
+	CloudSQLSecretConnectionName = "connectionName"
+
+	PrivateIPKey = "privateIP"
+	PublicIPKey  = "publicIP"
+)
+
 // Configure configures individual resources by adding custom
 // ResourceConfigurators.
 func Configure(p *config.Provider) { //nolint:gocyclo
@@ -30,34 +46,34 @@ func Configure(p *config.Provider) { //nolint:gocyclo
 		r.Sensitive.AdditionalConnectionDetailsFn = func(attr map[string]interface{}) (map[string][]byte, error) {
 			conn := map[string][]byte{}
 			if a, ok := attr["connection_name"].(string); ok {
-				conn["connectionName"] = []byte(a)
+				conn[CloudSQLSecretConnectionName] = []byte(a)
 			}
 			if a, ok := attr["private_ip_address"].(string); ok {
-				conn["privateIpAddress"] = []byte(a)
+				conn[PrivateIPKey] = []byte(a)
 			}
 			if a, ok := attr["public_ip_address"].(string); ok {
-				conn["publicIpAddress"] = []byte(a)
+				conn[PublicIPKey] = []byte(a)
 			}
 			if a, ok := attr["root_password"].(string); ok {
-				conn["rootPassword"] = []byte(a)
+				conn[xpv1.ResourceCredentialsSecretPasswordKey] = []byte(a)
 			}
 			// map
 			if certSlice, ok := attr["server_ca_cert"].([]interface{}); ok {
 				if certattrs, ok := certSlice[0].(map[string]interface{}); ok {
 					if a, ok := certattrs["cert"].(string); ok {
-						conn["serverCaCert"] = []byte(a)
+						conn[CloudSQLSecretServerCACertificateCertKey] = []byte(a)
 					}
 					if a, ok := certattrs["common_name"].(string); ok {
-						conn["commonName"] = []byte(a)
+						conn[CloudSQLSecretServerCACertificateCommonNameKey] = []byte(a)
 					}
 					if a, ok := certattrs["create_time"].(string); ok {
-						conn["createTime"] = []byte(a)
+						conn[CloudSQLSecretServerCACertificateCreateTimeKey] = []byte(a)
 					}
 					if a, ok := certattrs["expiration_time"].(string); ok {
-						conn["expirationTime"] = []byte(a)
+						conn[CloudSQLSecretServerCACertificateExpirationTimeKey] = []byte(a)
 					}
 					if a, ok := certattrs["sha1_fingerprint"].(string); ok {
-						conn["sha1Fingerprint"] = []byte(a)
+						conn[CloudSQLSecretServerCACertificateSha1FingerprintKey] = []byte(a)
 					}
 				}
 			}