From 20699e91cbe213362e848243b293457dfdab5654 Mon Sep 17 00:00:00 2001 From: The Magician Date: Tue, 5 Sep 2023 19:25:55 -0400 Subject: [PATCH] Adding labels field to the GKEHub Scope RBAC RoleBinding resource (#8869) (#15729) * Adding Terraform resources for Tenancy APIs in GKEHub * Segregating MembershipBinding and MembershipRBACRoleBinding to keep things simpler in the review * Fixing the docu URIs * Adding TF support for Tenancy API for Membership Binding * Adding dependent membership binding to the same commit chain * Making Scope un-updatable and replacing hard coded project number with the one from test env * Making Scope RRBAC updatable * Making Namespace immutable * Adding update test cases * Removing all memberships field from Scope since it is no longer supported * Removing all_memberships field for Scope from all test cases * Adding labels to the Scope RBAC Role Binding resource Signed-off-by: Modular Magician --- .changelog/8869.txt | 3 ++ ...esource_gke_hub_scope_rbac_role_binding.go | 40 +++++++++++++++++++ ..._scope_rbac_role_binding_generated_test.go | 3 ++ ...ce_gke_hub_scope_rbac_role_binding_test.go | 6 +++ ..._hub_scope_rbac_role_binding.html.markdown | 7 ++++ 5 files changed, 59 insertions(+) create mode 100644 .changelog/8869.txt diff --git a/.changelog/8869.txt b/.changelog/8869.txt new file mode 100644 index 00000000000..74e27d6b780 --- /dev/null +++ b/.changelog/8869.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +GKEHUB: added `labels` fields to `google_gke_hub_scope_rbac_role_binding` resource +``` diff --git a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding.go b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding.go index 6420793596d..993de4b1415 100644 --- a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding.go +++ b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding.go @@ -85,6 +85,12 @@ is required). Updating one will unset the other automatically. group is the group, as seen by the kubernetes cluster.`, ExactlyOneOf: []string{"user", "group"}, }, + "labels": { + Type: schema.TypeMap, + Optional: true, + Description: `Labels for this ScopeRBACRoleBinding.`, + Elem: &schema.Schema{Type: schema.TypeString}, + }, "user": { Type: schema.TypeString, Optional: true, @@ -170,6 +176,12 @@ func resourceGKEHub2ScopeRBACRoleBindingCreate(d *schema.ResourceData, meta inte } else if v, ok := d.GetOkExists("role"); !tpgresource.IsEmptyValue(reflect.ValueOf(roleProp)) && (ok || !reflect.DeepEqual(v, roleProp)) { obj["role"] = roleProp } + labelsProp, err := expandGKEHub2ScopeRBACRoleBindingLabels(d.Get("labels"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("labels"); !tpgresource.IsEmptyValue(reflect.ValueOf(labelsProp)) && (ok || !reflect.DeepEqual(v, labelsProp)) { + obj["labels"] = labelsProp + } url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/global/scopes/{{scope_id}}/rbacrolebindings/?rbacrolebinding_id={{scope_rbac_role_binding_id}}") if err != nil { @@ -306,6 +318,9 @@ func resourceGKEHub2ScopeRBACRoleBindingRead(d *schema.ResourceData, meta interf if err := d.Set("role", flattenGKEHub2ScopeRBACRoleBindingRole(res["role"], d, config)); err != nil { return fmt.Errorf("Error reading ScopeRBACRoleBinding: %s", err) } + if err := d.Set("labels", flattenGKEHub2ScopeRBACRoleBindingLabels(res["labels"], d, config)); err != nil { + return fmt.Errorf("Error reading ScopeRBACRoleBinding: %s", err) + } return nil } @@ -344,6 +359,12 @@ func resourceGKEHub2ScopeRBACRoleBindingUpdate(d *schema.ResourceData, meta inte } else if v, ok := d.GetOkExists("role"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, roleProp)) { obj["role"] = roleProp } + labelsProp, err := expandGKEHub2ScopeRBACRoleBindingLabels(d.Get("labels"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("labels"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, labelsProp)) { + obj["labels"] = labelsProp + } url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/global/scopes/{{scope_id}}/rbacrolebindings/{{scope_rbac_role_binding_id}}") if err != nil { @@ -364,6 +385,10 @@ func resourceGKEHub2ScopeRBACRoleBindingUpdate(d *schema.ResourceData, meta inte if d.HasChange("role") { updateMask = append(updateMask, "role") } + + if d.HasChange("labels") { + updateMask = append(updateMask, "labels") + } // updateMask is a URL parameter but not present in the schema, so ReplaceVars // won't set it url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) @@ -538,6 +563,10 @@ func flattenGKEHub2ScopeRBACRoleBindingRolePredefinedRole(v interface{}, d *sche return v } +func flattenGKEHub2ScopeRBACRoleBindingLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + func expandGKEHub2ScopeRBACRoleBindingUser(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { return v, nil } @@ -568,3 +597,14 @@ func expandGKEHub2ScopeRBACRoleBindingRole(v interface{}, d tpgresource.Terrafor func expandGKEHub2ScopeRBACRoleBindingRolePredefinedRole(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { return v, nil } + +func expandGKEHub2ScopeRBACRoleBindingLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) { + if v == nil { + return map[string]string{}, nil + } + m := make(map[string]string) + for k, val := range v.(map[string]interface{}) { + m[k] = val.(string) + } + return m, nil +} diff --git a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_generated_test.go b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_generated_test.go index 99612114fd8..b377f60e614 100644 --- a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_generated_test.go +++ b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_generated_test.go @@ -70,6 +70,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" { role { predefined_role = "ADMIN" } + labels = { + key = "value" + } depends_on = [google_gke_hub_scope.scoperbacrolebinding] } `, context) diff --git a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_test.go b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_test.go index 94d0f2fd4e0..fa4aa066601 100644 --- a/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_test.go +++ b/google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_test.go @@ -58,6 +58,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" { role { predefined_role = "ADMIN" } + labels = { + key = "value" + } depends_on = [google_gke_hub_scope.scoperbacrolebinding] } `, context) @@ -76,6 +79,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" { role { predefined_role = "VIEW" } + labels = { + key = "updated_value" + } depends_on = [google_gke_hub_scope.scoperbacrolebinding] } `, context) diff --git a/website/docs/r/gke_hub_scope_rbac_role_binding.html.markdown b/website/docs/r/gke_hub_scope_rbac_role_binding.html.markdown index 170fb7f97cf..819d7c81817 100644 --- a/website/docs/r/gke_hub_scope_rbac_role_binding.html.markdown +++ b/website/docs/r/gke_hub_scope_rbac_role_binding.html.markdown @@ -43,6 +43,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" { role { predefined_role = "ADMIN" } + labels = { + key = "value" + } depends_on = [google_gke_hub_scope.scoperbacrolebinding] } ``` @@ -89,6 +92,10 @@ The following arguments are supported: is required). Updating one will unset the other automatically. group is the group, as seen by the kubernetes cluster. +* `labels` - + (Optional) + Labels for this ScopeRBACRoleBinding. + * `project` - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.