Skip to content

Update forward_ssh_connectivity.private_key to be mutable #13307

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 16 commits into from
Mar 31, 2025
Merged

Update forward_ssh_connectivity.private_key to be mutable #13307

merged 16 commits into from
Mar 31, 2025

Conversation

ari-hacks
Copy link
Contributor

@ari-hacks ari-hacks commented Mar 10, 2025
edited
Loading

This prevents the connection profile from failing permanently (needing to be re-created) when the forward ssh connectivity private key is updated.
Fixes hashicorp/terraform-provider-google#18999
Related PR #11930

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

datastream: updated `private_key`to be mutable in `google_datastream_connection_profile` resource.

@ari-hacks ari-hacks changed the title Issue 18999 ds ssh connection profile Update forward_ssh_connectivity.private_key to be mutable Mar 10, 2025
@github-actions GitHub Actions
Copy link

Hello! I am a robot. Tests will require approval from a repository maintainer to run. Googlers: see go/terraform-auto-test-runs to set up automatic test runs.

@SirGitsalot, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

@github-actions github-actions bot requested a review from SirGitsalot March 10, 2025 15:43
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 10, 2025
@SirGitsalot
Copy link
Member

/gcbrun

@modular-magician modular-magician added service/datastream and removed awaiting-approval Pull requests that need reviewer's approval to run presubmit tests labels Mar 11, 2025
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 213 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 213 insertions(+), 1 deletion(-))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_datastream_connection_profile (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_datastream_connection_profile" "primary" {
  forward_ssh_connectivity {
    private_key = # value needed
  }
}

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 13
Passed tests: 4
Skipped tests: 8
Affected tests: 1

Click here to see the affected service packages
  • datastream

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccDatastreamConnectionProfile_sshKey_update

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🔴 Tests failed during RECORDING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@ari-hacks
Copy link
Contributor Author

Hey @SirGitsalot, can you share the error from the VCR test?

@ari-hacks ari-hacks requested a review from SirGitsalot March 12, 2025 23:37
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 12, 2025
@SirGitsalot
Copy link
Member

/gcbrun

@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 13, 2025
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 215 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 215 insertions(+), 1 deletion(-))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_datastream_connection_profile (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_datastream_connection_profile" "primary" {
  forward_ssh_connectivity {
    private_key = # value needed
  }
}

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 13
Passed tests: 4
Skipped tests: 8
Affected tests: 1

Click here to see the affected service packages
  • datastream

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccDatastreamConnectionProfile_sshKey_update

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🔴 Tests failed during RECORDING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@github-actions github-actions bot requested a review from SirGitsalot March 14, 2025 14:44
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 14, 2025
@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 14, 2025
@modular-magician
Copy link
Collaborator

🔴 Tests failed during RECORDING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 233 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 233 insertions(+), 1 deletion(-))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_datastream_connection_profile (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_datastream_connection_profile" "primary" {
  forward_ssh_connectivity {
    private_key = # value needed
  }
}

SirGitsalot
SirGitsalot requested changes Mar 25, 2025
View reviewed changes
Copy link
Member

@SirGitsalot SirGitsalot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My syntax may be a little off, but this should add a 60 second pause after the database and compute instances are done being created.

@github-actions github-actions bot requested a review from SirGitsalot March 26, 2025 20:25
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 26, 2025
@SirGitsalot
Copy link
Member

/gcbrun

@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 27, 2025
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 265 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 265 insertions(+), 1 deletion(-))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_datastream_connection_profile (12 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_datastream_connection_profile" "primary" {
  forward_ssh_connectivity {
    private_key = # value needed
  }
}

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 14
Passed tests: 5
Skipped tests: 8
Affected tests: 1

Click here to see the affected service packages
  • datastream

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccDatastreamConnectionProfile_sshKey_update

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Debug log]

🔴 Tests failed when rerunning REPLAYING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Error message] [Debug log]

Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.

Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.

🟢 All tests passed!

View the build log or the debug log for each test

SirGitsalot
SirGitsalot requested changes Mar 27, 2025
View reviewed changes
Copy link
Member

@SirGitsalot SirGitsalot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test is passing on the CI infrastructure too (well, the integration test is passing; the VCR test is failing but I've added a couple of comments inline for fixing it).

All of our integration tests run nightly and largely in parallel in the same project, and I don't think this test will pass there (or it might pass, but break other tests). The reason is that it's creating firewall rules in the default network, which will end up competing with other tests that are simultaneously using that network.

You can work around that by creating a new network just for the test, which is a common pattern for other tests that need to make similar changes, a la:

resource "google_compute_network" "default" {
  name = "tf-test-datastream-ssh%{random_suffix}"
}

And then change all of the various references to point to that network, or add them where necessary (like the database instance?)

Anyway, I'm glad it's passing and hopefully it's all downhill from here!

@github-actions github-actions bot requested a review from SirGitsalot March 28, 2025 21:14
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 28, 2025
@SirGitsalot
Copy link
Member

/gcbrun

@ari-hacks
Copy link
Contributor Author

The test is passing on the CI infrastructure too (well, the integration test is passing; the VCR test is failing but I've added a couple of comments inline for fixing it).

All of our integration tests run nightly and largely in parallel in the same project, and I don't think this test will pass there (or it might pass, but break other tests). The reason is that it's creating firewall rules in the default network, which will end up competing with other tests that are simultaneously using that network.

You can work around that by creating a new network just for the test, which is a common pattern for other tests that need to make similar changes, a la:

resource "google_compute_network" "default" {
  name = "tf-test-datastream-ssh%{random_suffix}"
}

And then change all of the various references to point to that network, or add them where necessary (like the database instance?)

Anyway, I'm glad it's passing and hopefully it's all downhill from here!

Thanks for all the feedback! I've made those changes. I believe we can keep the db instance as is since the only authorized network is the compute instance, lets see 🤞🏾

@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Mar 28, 2025
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 264 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 264 insertions(+), 1 deletion(-))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_datastream_connection_profile (12 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_datastream_connection_profile" "primary" {
  forward_ssh_connectivity {
    private_key = # value needed
  }
}

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 14
Passed tests: 5
Skipped tests: 8
Affected tests: 1

Click here to see the affected service packages
  • datastream

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccDatastreamConnectionProfile_sshKey_update

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccDatastreamConnectionProfile_sshKey_update [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🟢 All tests passed!

View the build log or the debug log for each test

@SirGitsalot SirGitsalot added this pull request to the merge queue Mar 31, 2025
Merged via the queue into GoogleCloudPlatform:main with commit 7aeae02 Mar 31, 2025
22 checks passed
This was referenced Mar 31, 2025
Merged
Merged
Dawid212 pushed a commit to Dawid212/magic-modules that referenced this pull request Apr 9, 2025
@ari-hacks @Dawid212
Update forward_ssh_connectivity.private_key to be mutable (GoogleClo…
028b899 
…udPlatform#13307)
pandirigoog pushed a commit to pandirigoog/magic-modules that referenced this pull request Apr 14, 2025
@ari-hacks @pandirigoog
Update forward_ssh_connectivity.private_key to be mutable (GoogleClou…
92f17b6 
…dPlatform#13307)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SirGitsalot SirGitsalot SirGitsalot approved these changes

Assignees
No one assigned
Labels
service/datastream
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Updating the private key in forward_ssh_connectivity causes a connection profile replacement
3 participants
@ari-hacks @SirGitsalot @modular-magician