Merge pull request #72 from arangodb-managed/OAS-5419

OAS-5428 | Added support for private endpoints on GCP

Author: forgems

go.mod

@@ -1,7 +1,7 @@
 module github.com/arangodb-managed/terraform-provider-oasis
 
 require (
-	github.com/arangodb-managed/apis v0.74.7
+	github.com/arangodb-managed/apis v0.74.13
 	github.com/arangodb-managed/log-helper v0.2.5
 	github.com/gogo/protobuf v1.3.2
 	github.com/hashicorp/terraform-plugin-docs v0.8.1

go.sum

@@ -28,8 +28,8 @@ github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/
 github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec=
 github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw=
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
-github.com/arangodb-managed/apis v0.74.7 h1:dIXemdYb1BjiyHLX/tYhOXwhA/KtL5HC61Yw9Vmtij4=
-github.com/arangodb-managed/apis v0.74.7/go.mod h1:ZlvA803MmUI3m6ijvaAYKKaWgLJq8bBZZuq8uyZo2PY=
+github.com/arangodb-managed/apis v0.74.13 h1:p+XK1d3Nxb2JXDlpFGj3yTWKRmnQwR+0l8NK/wTf3NA=
+github.com/arangodb-managed/apis v0.74.13/go.mod h1:ZlvA803MmUI3m6ijvaAYKKaWgLJq8bBZZuq8uyZo2PY=
 github.com/arangodb-managed/log-helper v0.2.5 h1:Kg3+0bDVFhEgyjMhIbCIj9hejgN2VaD4Cw/JQ4ARsd4=
 github.com/arangodb-managed/log-helper v0.2.5/go.mod h1:G17ASSd3Edday3i1QREGefyLJ2TduHxxFsOaqoigurE=
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310 h1:BUAU3CGlLvorLI26FmByPp2eC2qla6E1Tw+scpcg/to=

internal/resource_private_endpoint.go

@@ -23,6 +23,7 @@ package provider
 import (
 	"context"
 	"fmt"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
@@ -47,6 +48,10 @@ const (
 	privateEndpointAWSPrincipalAccountIdFieldName = "account_id"
 	privateEndpointAWSPrincipalUserNamesFieldName = "user_names"
 	privateEndpointAWSPrincipalRoleNamesFieldName = "role_names"
+
+	// GCP field names
+	privateEndpointGCPFieldName         = "gcp"
+	privateEndpointGCPProjectsFieldName = "projects"
 )
 
 // resourcePrivateEndpoint defines a Private Endpoint Oasis resource.
@@ -143,6 +148,26 @@ func resourcePrivateEndpoint() *schema.Resource {
 					},
 				},
 			},
+			privateEndpointGCPFieldName: {
+				Type:        schema.TypeList,
+				Description: "Private Endpoint Resource Private Endpoint GCP field",
+				Optional:    true,
+				MaxItems:    1,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					return old == "1" && new == "0"
+				},
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						privateEndpointGCPProjectsFieldName: {
+							Type:        schema.TypeList,
+							Description: "Private Endpoint Resource Private Endpoint GCP Projects field (list of project ids)",
+							Required:    true,
+							MaxItems:    1,
+							Elem:        &schema.Schema{Type: schema.TypeString},
+						},
+					},
+				},
+			},
 		},
 	}
 }
@@ -181,6 +206,7 @@ func flattenPrivateEndpointResource(privateEndpoint *network.PrivateEndpointServ
 		privateEndpointDNSNamesFieldName:    privateEndpoint.GetAlternateDnsNames(),
 		privateEndpointAKSFieldName:         flattenAKSResource(privateEndpoint.GetAks()),
 		privateEndpointAWSFieldName:         flattenAWSResource(privateEndpoint.GetAws()),
+		privateEndpointGCPFieldName:         flattenGCPResource(privateEndpoint.GetGcp()),
 	}
 }
 
@@ -202,6 +228,15 @@ func flattenAWSResource(privateEndpointAWS *network.PrivateEndpointService_Aws)
 	}
 }
 
+// flattenGCPResource will take an GCP Resource part of a Private Endpoint and create a sub map for terraform schema.
+func flattenGCPResource(privateEndpointGCP *network.PrivateEndpointService_Gcp) []interface{} {
+	return []interface{}{
+		map[string]interface{}{
+			privateEndpointGCPProjectsFieldName: privateEndpointGCP.GetProjects(),
+		},
+	}
+}
+
 // flattenAWSPrincipals will take an AWS Principal Resource part of a Private Endpoint and create a sub map for terraform schema.
 func flattenAWSPrincipals(privateEndpointAWSPrincipals []*network.PrivateEndpointService_AwsPrincipals) []interface{} {
 	var principals = make(map[string]interface{})
@@ -281,11 +316,11 @@ func expandPrivateEndpointResource(d *schema.ResourceData) (*network.PrivateEndp
 		ret.AlternateDnsNames = dnsNames
 	}
 	if v, ok := d.GetOk(privateEndpointAKSFieldName); ok {
-		subscriptionIds, err := expandAKSResource(v.([]interface{}))
+		aksResource, err := expandAKSResource(v.([]interface{}))
 		if err != nil {
 			return nil, err
 		}
-		ret.Aks = subscriptionIds
+		ret.Aks = aksResource
 	}
 	if v, ok := d.GetOk(privateEndpointAWSFieldName); ok {
 		awsResource, err := expandAWSResource(v.([]interface{}))
@@ -294,6 +329,13 @@ func expandPrivateEndpointResource(d *schema.ResourceData) (*network.PrivateEndp
 		}
 		ret.Aws = awsResource
 	}
+	if v, ok := d.GetOk(privateEndpointGCPFieldName); ok {
+		gcpResource, err := expandGCPResource(v.([]interface{}))
+		if err != nil {
+			return nil, err
+		}
+		ret.Gcp = gcpResource
+	}
 	return ret, nil
 }
 
@@ -365,6 +407,26 @@ func expandAWSPrincipal(s []interface{}) ([]*network.PrivateEndpointService_AwsP
 	return principals, nil
 }
 
+// expandGCPResource gathers GCP Resource data from the terraform store
+func expandGCPResource(s []interface{}) (gcpResource *network.PrivateEndpointService_Gcp, err error) {
+	for _, v := range s {
+		item := v.(map[string]interface{})
+		if projects, ok := item[privateEndpointGCPProjectsFieldName]; ok {
+			projects, ok := projects.([]interface{})
+			if !ok {
+				return nil, fmt.Errorf("failed to parse field %s", privateEndpointGCPProjectsFieldName)
+			}
+			if gcpResource == nil {
+				gcpResource = &network.PrivateEndpointService_Gcp{}
+			}
+			for _, addr := range projects {
+				gcpResource.Projects = append(gcpResource.Projects, addr.(string))
+			}
+		}
+	}
+	return
+}
+
 // resourcePrivateEndpointDelete will delete the Terraform PrivateEndpoint resource
 func resourcePrivateEndpointDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	d.SetId("")
@@ -414,6 +476,13 @@ func resourcePrivateEndpointUpdate(ctx context.Context, d *schema.ResourceData,
 		}
 		privateEndpoint.Aws = awsResource
 	}
+	if d.HasChange(privateEndpointGCPFieldName) {
+		gcpResource, err := expandGCPResource(d.Get(privateEndpointGCPFieldName).([]interface{}))
+		if err != nil {
+			diag.FromErr(err)
+		}
+		privateEndpoint.Gcp = gcpResource
+	}
 
 	_, err = nwc.UpdatePrivateEndpointService(client.ctxWithToken, privateEndpoint)
 	if err != nil {

internal/resource_private_endpoint_test.go

@@ -114,6 +114,10 @@ func TestFlattenPrivateEndpoint(t *testing.T) {
 				map[string]interface{}{},
 			},
 		}}
+		var projects []string
+		expected[privateEndpointGCPFieldName] = []interface{}{map[string]interface{}{
+			privateEndpointGCPProjectsFieldName: projects,
+		}}
 
 		rawAks := &network.PrivateEndpointService_Aks{
 			ClientSubscriptionIds: []string{"ba3f371b-a5e3-47bf-b097-dc3bb0a052a5"},
@@ -142,6 +146,10 @@ func TestFlattenPrivateEndpoint(t *testing.T) {
 				privateEndpointAKSClientSubscriptionIdsFieldName: subIDs,
 			},
 		}
+		var projects []string
+		expected[privateEndpointGCPFieldName] = []interface{}{map[string]interface{}{
+			privateEndpointGCPProjectsFieldName: projects,
+		}}
 
 		rawAws := &network.PrivateEndpointService_Aws{
 			AwsPrincipals: []*network.PrivateEndpointService_AwsPrincipals{
@@ -156,8 +164,34 @@ func TestFlattenPrivateEndpoint(t *testing.T) {
 
 		flattened := flattenPrivateEndpointResource(privateEndpoint)
 		assert.Equal(tt, expected, flattened)
+		privateEndpoint.Aws = nil
 	})
 
+	t.Run("flattening with gcp field", func(tt *testing.T) {
+		expectedGcp := []interface{}{
+			map[string]interface{}{
+				privateEndpointGCPProjectsFieldName: []string{"project1"},
+			},
+		}
+		expected[privateEndpointGCPFieldName] = expectedGcp
+		expected[privateEndpointAWSFieldName] = []interface{}{map[string]interface{}{
+			privateEndpointAWSPrincipalFieldName: []interface{}{
+				map[string]interface{}{},
+			},
+		}}
+		var subIDs []string
+		expected[privateEndpointAKSFieldName] = []interface{}{map[string]interface{}{
+			privateEndpointAKSClientSubscriptionIdsFieldName: subIDs,
+		}}
+		rawGcp := &network.PrivateEndpointService_Gcp{
+			Projects: []string{"project1"},
+		}
+		privateEndpoint.Gcp = rawGcp
+
+		flattened := flattenPrivateEndpointResource(privateEndpoint)
+		assert.Equal(tt, expected, flattened)
+		privateEndpoint.Gcp = nil
+	})
 }
 
 // TestExpandPrivateEndpoint tests the Oasis Private Endpoint expansion for Terraform schema compatibility.