Add storage_control_folder_intelligence_config resource. #13394
Conversation
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
Action takenFound 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
|
|
Hello! I am a robot. Tests will require approval from a repository maintainer to run. Googlers: see go/terraform-auto-test-runs to set up automatic test runs. @ScottSuarez, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look. You can help make sure that review is quick by doing a self-review and by running impacted tests locally. |
kautikdk
changed the title
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
Action takenFound 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
|
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 0 Click here to see the affected service packages
🔴 Tests were added that are skipped in VCR:
View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
🟢 All tests passed! View the build log |
| self_link: 'folders/{{name}}/locations/global/intelligenceConfig' | ||
|
|
||
| custom_code: | ||
| custom_create: templates/terraform/custom_create/storage_control_folder_intelligence.go.tmpl |
There was a problem hiding this comment.
why is custom create needed? pre_create seems sufficient to just alter the url. There is the question of, if we need this to be all on v2 if this is the right way to go about things. Because we will be creating on v2 and reading on v1 with the current implmentation. Open to call to discuss.
There was a problem hiding this comment.
Hi @ScottSuarez,
URL modification code was written a quite some time ago before we decided to create a new service storagecontrol for GCS JSON v2. I forgot to remove it, My bad! Regarding custom_create, The reason is the update_mask and PATCH method in create operation. Storage Intelligence can not be created so we mapped create operation to PATCH method but the concern is related to permanent(optional+computed) and optional fields. edition_config is a permanent field and back-filled by server side so user can change but it is not the field that we can clear but the filter block is optional and not back filled by server side. Now just to simulate the create operation, we can put full update_mask of every fields which are optional but no need to send empty value for the fields which are computed or has server side value.
Why we want put update_mask for optional fields?
The main reason is we are clearly stating that the create operation is actually update operation under the hood so the first create operation diff should represent whatever will be the end state and should not generate diff after apply. That necessitates requirement of update_mask for optional fields and if we don't do it then some diff can be generated after apply operation. That will be just similar to import operation that we already support.
I have removed that URL modification line. Open to discuss any concerns here.
There was a problem hiding this comment.
Also empty value for edition_config will result in server side error so we can not put update_mask for that field until it is specified by the user in create operation.
There was a problem hiding this comment.
+1 to @ScottSuarez's point. This should be possible to do with pre_create custom code rather than replacing the whole create method.
There was a problem hiding this comment.
Opened hashicorp/terraform-provider-google#22033 to track making this easier.
There was a problem hiding this comment.
I'm a little confused what the concern is with O+C fields; in general, sending an empty value for them (triggering server-side default behavior) should be correct. Although it would be possible to persist the values that already exist on the server side that might be more confusing than beneficial.
There was a problem hiding this comment.
Ahh yes, checked how exactly pre-create injects code and realized it adds code snippet just before making an API call. Changed custom_create to pre_create and kept previous update_mask logic as it is while we are still discussing this behavior.
There was a problem hiding this comment.
I'm a little confused what the concern is with O+C fields; in general, sending an empty value for them (triggering server-side default behavior) should be correct. Although it would be possible to persist the values that already exist on the server side that might be more confusing than beneficial.
So just to give an example in the Storage Intelligence resource, edition_config is a property of the resource and all the resources are having this field backfilled by the server. Users can configure this field, has server side value initially, and can not be removed so it should be Optional+Computed. Now since we can not remove it, we can not send empty value and update_mask together as it results in a InvalidValue error so we have to put update_mask only when user specifies it otherwise we will keep server side value in the create operation.
There was a problem hiding this comment.
So to make sure I understand right, edition_config behaves as follows:
- The initial configuration is "empty"
- The first time that a user calls this API, they can choose to supply a value; if they don't, the API will choose a value on the server side
- Either way, once the field has a value, it can never be changed.
Is that correct?
There was a problem hiding this comment.
Umm, Not quite like that.
API behavior is,
- The initial value of
edition_configfield isINHERIT. - User can change the field value but can never remove
edition_configproperty from the resource.
Terraform mapping,
- Marked as O+C. That will allow users to keep server side value if not specified in the config and they can change it if they want.
Regarding the empty value reference, I believe my wordings made some confusion. There is an API side validation which checks if the update_mask is provided for edition_config. if it is provided and field is not present in the API request body then it will throw an InvalidValue error.
In the create operation, we will put update_mask of edition_config only when it is specified by user in the resource config. Just like whatever is being done here for every field: https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/templates/terraform/update_mask.go.tmpl
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
🟢 All tests passed! View the build log |
|
Referring comment from other PR:#13386 (comment) |
There was a problem hiding this comment.
Storage Intelligence Config is a singleton resource which cannot be created or deleted. A single instance of Storage Intelligence Config exist for each GCP Folder. Terraform does not create or destroy this resource.
I'm concerned about this resource not having the ability to be cleared. This is a one way set of resource and doesn't appear to be working within the terraform model. Deletion should clear any set config ideally. Given that it does not, I am not sure this api make sense to support at the terraform level.
Yes, This resource is different than other GCS resources(in terms of singleton behavior). We have guidelines for singleton resources and there is a mention of resources having no delete endpoint and for them, we have exclude_delete: true which basically skips the deletion rather removes it from the Terraform only. I believe that's the standard Terraform singleton pattern that we are following across TPG though I am don't know about any other similar resources outside of GCS. Storage Intelligence is a very important feature for large scale GCS resource management and it should be supported through Terraform as well. We have ask from feature team to provide Terraform support with high priority. I will share reference documentations internally. |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
🟢 All tests passed! View the build log |
kautikdk
force-pushed
the
folder_storage_intelligence
branch
from
773c79d to
6da009e
Compare
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 4 Click here to see the affected service packages
🟢 All tests passed! View the build log |
|
@kautikdk is correct that singletons don't need to unset their configuration; this is how they generally work in the provider. Best practices for singleton resources are documented at https://googlecloudplatform.github.io/magic-modules/best-practices/common-resource-patterns/. |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 6 Click here to see the affected service packages
🟢 All tests passed! View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 6 Click here to see the affected service packages
🟢 All tests passed! View the build log |
d870a5c
This PR adds support for GCS Management Hub on GCP Folder level.
Related Issue(Doesn't fix): hashicorp/terraform-provider-google#20763
Release Note Template for Downstream PRs (will be copied)
See Write release notes for guidance.