Add support for regional secret resource google_secret_manager_regional_secret

[abheda-crest]

Add support for new regional secret resource google_secret_manager_regional_secret. I have also defined the iam_policy field in the RegionalSecret.yaml file to include the IAM resources and IAM datasources as well.

More info about regional secrets: https://cloud.google.com/secret-manager/docs/regional-secrets-overview

Notes:

1. In RegionalSecret.yaml file, the versionAliases field is commented and the respective test cases covered in the resource_secret_manager_regional_secret_test.go.erb file are also commented because this field depends on creating regional_secret_version_resource. We intend to uncomment once this PR is merged and dependent tests can pass.
2. As of now, the API reference of the regional secrets are being documented on GCP docs side. Hence, the link mentioned in the ResourceSecret.yaml file will be updated later.

Release Note Template for Downstream PRs (will be copied)

`google_secret_manager_regional_secret`

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

@hao-nan-li, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[gptSanyam]

Shouldn't there be an opposite condition here:
To remove ttl if expiry_time is introduced in the update.

[abheda-crest]

As the API expects only one of the ttl or expireTime field, I've added this condition for switching between ttl and expireTime field. I've confirmed this behaviour and I've also added respective test case for the same. This test case can be found here: https://github.com/GoogleCloudPlatform/magic-modules/pull/11678/files#diff-11e793af43830f42f81e70d049956097a6df58b14f018cb62e7f1727f2bcd211R407

[gptSanyam]

We should add a test case to prove it.

[abheda-crest]

Yeah I've already added the test case that handles the switching between these fields.

[gptSanyam]

Thanks.

[gptSanyam]

Corresponding Secrets files seems to be doing a bit more than this:
https://github.com/gptSanyam/magic-modules/blob/main/mmv1/templates/terraform/pre_update/secret_manager_secret.go.erb

Let's make a list of things it is doing and then reason about what needs to be removed for regional secrets.

[abheda-crest]

Sure.
The corresponding file does two tasks:

1. To enable the updation of replication field explicitly and updating the updateMask and ultimately the url to incorporate the changes in updateMask.
2. To handle the behaviour of ttl and expireTime as mentioned in the comment (Add support for regional secret resource google_secret_manager_regional_secret #11678 (comment))

In regional secrets, there is no field for replication that requires explicit handling for updation. Hence, I need to only handle the ttl and expireTime scenario

[gptSanyam]

Got it. Thanks.

[gptSanyam]

Why is this needed?
We are setting displayName = Secrets Manager in products.yaml, is this an override.
I think this is the name used in the terrafrom registry to list the products, we want both regional and non-regional resources to be listed under the same listing.
https://github.com/GoogleCloudPlatform/magic-modules/pull/11678/files#diff-c1cff9a2fbc2183ca2638f5cc05943ff90a42751de6dad07cece718f78bf9fe3R16

[gptSanyam]

Verified, existing resources like IAM are also adding this.

[gptSanyam]

Same as beta.

[abheda-crest]

The Action for teamcity was failing regarding this. Before I've added this snippet, the workflow was failing: https://github.com/GoogleCloudPlatform/magic-modules/actions/runs/10806885008/job/29976554704. I am not sure if we need to add this snippet.

[gptSanyam]

Verified, existing resources like IAM are also adding this.

[gptSanyam]

LGTM

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 19 files changed, 4573 insertions(+), 3 deletions(-))
google-beta provider: Diff ( 17 files changed, 4563 insertions(+), 3 deletions(-))
terraform-google-conversion: Diff ( 4 files changed, 603 insertions(+))
Open in Cloud Shell: Diff ( 24 files changed, 715 insertions(+))

[modular-magician]

Tests analytics

Total tests: 4018
Passed tests: 3582
Skipped tests: 411
Affected tests: 25

Click here to see the affected service packages

All service packages are affected

#### Non-exercised tests

Tests were added that are skipped in VCR:

• TestAccSecretManagerRegionalRegionalSecretIamBindingGenerated_withAndWithoutCondition
• TestAccSecretManagerRegionalRegionalSecretIamMemberGenerated_withAndWithoutCondition

Action taken

Found 25 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeInstance_confidentialHyperDiskBootDisk
• TestAccSecretManagerRegionalRegionalSecretIamBindingGenerated
• TestAccSecretManagerRegionalRegionalSecretIamBindingGenerated_withCondition
• TestAccSecretManagerRegionalRegionalSecretIamMemberGenerated
• TestAccSecretManagerRegionalRegionalSecretIamMemberGenerated_withCondition
• TestAccSecretManagerRegionalRegionalSecretIamPolicyGenerated
• TestAccSecretManagerRegionalRegionalSecretIamPolicyGenerated_withCondition
• TestAccSecretManagerRegionalRegionalSecretIam_iamBindingUpdate
• TestAccSecretManagerRegionalRegionalSecretIam_iamPolicyUpdate
• TestAccSecretManagerRegionalRegionalSecret_annotationsUpdate
• TestAccSecretManagerRegionalRegionalSecret_cmekUpdate
• TestAccSecretManagerRegionalRegionalSecret_expireTimeUpdate
• TestAccSecretManagerRegionalRegionalSecret_import
• TestAccSecretManagerRegionalRegionalSecret_labelsUpdate
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretConfigBasicExample
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithCmekExample
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithExpireTimeExample
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithRotationExample
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithTtlExample
• TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithVersionDestroyTtlExample
• TestAccSecretManagerRegionalRegionalSecret_rotationInfoUpdate
• TestAccSecretManagerRegionalRegionalSecret_topicsUpdate
• TestAccSecretManagerRegionalRegionalSecret_ttlUpdate
• TestAccSecretManagerRegionalRegionalSecret_updateBetweenTtlAndExpireTime
• TestAccSecretManagerRegionalRegionalSecret_versionDestroyTtlUpdate

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccComputeInstance_confidentialHyperDiskBootDisk[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamBindingGenerated[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamBindingGenerated_withCondition[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamMemberGenerated[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamMemberGenerated_withCondition[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamPolicyGenerated[Debug log]
TestAccSecretManagerRegionalRegionalSecretIamPolicyGenerated_withCondition[Debug log]
TestAccSecretManagerRegionalRegionalSecretIam_iamBindingUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecretIam_iamPolicyUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_annotationsUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_cmekUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_expireTimeUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_import[Debug log]
TestAccSecretManagerRegionalRegionalSecret_labelsUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretConfigBasicExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithCmekExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithExpireTimeExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithRotationExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithTtlExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_regionalSecretWithVersionDestroyTtlExample[Debug log]
TestAccSecretManagerRegionalRegionalSecret_rotationInfoUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_topicsUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_ttlUpdate[Debug log]
TestAccSecretManagerRegionalRegionalSecret_updateBetweenTtlAndExpireTime[Debug log]
TestAccSecretManagerRegionalRegionalSecret_versionDestroyTtlUpdate[Debug log]
$\textcolor{red}{\textsf{Tests failed when rerunning REPLAYING mode:}}$
TestAccComputeInstance_confidentialHyperDiskBootDisk[Error message] [Debug log]

Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.

Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.

---

$\textcolor{green}{\textsf{All tests passed!}}$

View the build log or the debug log for each test

[abheda-crest]

I think that TestAccComputeInstance_confidentialHyperDiskBootDisk has been fixed very recently as a part of this PR: #11615

[hao-nan-li]

I think that TestAccComputeInstance_confidentialHyperDiskBootDisk has been fixed very recently as a part of this PR: #11615

I don't think that test is affected by your change.

[hao-nan-li]

Thanks for adding the new resource in