Made nested query resources replace the whole resource instead of merging new over old (#13234)

modular-magician · modular-magician · commit 22c7cdb9e9f5 · 2025-03-05T21:14:25.000Z
[upstream:2ba1acd7e865dce04fe3d0b4c1b136cbdb2f93e2]

Signed-off-by: Modular Magician &lt;magic-modules@google.com&gt;
diff --git a/.changelog/13234.txt b/.changelog/13234.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+compute: fixed bug in `google_compute_router_nat` where `max_ports_per_vm` couldn't be unset once set.
+```
diff --git a/google-beta/services/compute/resource_compute_router_nat.go b/google-beta/services/compute/resource_compute_router_nat.go
@@ -2009,11 +2009,40 @@ func resourceComputeRouterNatPatchUpdateEncoder(d *schema.ResourceData, meta int
 		return nil, fmt.Errorf("Unable to update RouterNat %q - not found in list", d.Id())
 	}
 
-	// Merge new object into old.
-	for k, v := range obj {
-		item[k] = v
+	// Copy over values for immutable fields
+	obj["name"] = item["name"]
+	obj["initialNatIps"] = item["initialNatIps"]
+	obj["endpointTypes"] = item["endpointTypes"]
+	obj["type"] = item["type"]
+	// Merge any fields in item that aren't managed by this resource into obj
+	// This is necessary because item might be managed by multiple resources.
+	settableFields := map[string]struct{}{
+		"natIpAllocateOption":              struct{}{},
+		"natIps":                           struct{}{},
+		"drainNatIps":                      struct{}{},
+		"sourceSubnetworkIpRangesToNat":    struct{}{},
+		"subnetworks":                      struct{}{},
+		"minPortsPerVm":                    struct{}{},
+		"maxPortsPerVm":                    struct{}{},
+		"enableDynamicPortAllocation":      struct{}{},
+		"udpIdleTimeoutSec":                struct{}{},
+		"icmpIdleTimeoutSec":               struct{}{},
+		"tcpEstablishedIdleTimeoutSec":     struct{}{},
+		"tcpTransitoryIdleTimeoutSec":      struct{}{},
+		"tcpTimeWaitTimeoutSec":            struct{}{},
+		"logConfig":                        struct{}{},
+		"rules":                            struct{}{},
+		"enableEndpointIndependentMapping": struct{}{},
+		"autoNetworkTier":                  struct{}{},
+	}
+	for k, v := range item {
+		if _, ok := settableFields[k]; !ok {
+			obj[k] = v
+		}
 	}
-	items[idx] = item
+
+	// Override old object with new
+	items[idx] = obj
 
 	// Return list with new item added
 	res := map[string]interface{}{
diff --git a/google-beta/services/compute/resource_compute_router_nat_address.go b/google-beta/services/compute/resource_compute_router_nat_address.go
@@ -733,11 +733,22 @@ func resourceComputeRouterNatAddressPatchUpdateEncoder(d *schema.ResourceData, m
 		return nil, fmt.Errorf("Unable to update RouterNatAddress %q - not found in list", d.Id())
 	}
 
-	// Merge new object into old.
-	for k, v := range obj {
-		item[k] = v
+	// Copy over values for immutable fields
+	obj["name"] = item["name"]
+	// Merge any fields in item that aren't managed by this resource into obj
+	// This is necessary because item might be managed by multiple resources.
+	settableFields := map[string]struct{}{
+		"natIps":      struct{}{},
+		"drainNatIps": struct{}{},
+	}
+	for k, v := range item {
+		if _, ok := settableFields[k]; !ok {
+			obj[k] = v
+		}
 	}
-	items[idx] = item
+
+	// Override old object with new
+	items[idx] = obj
 
 	// Return list with new item added
 	res := map[string]interface{}{
diff --git a/google-beta/services/compute/resource_compute_router_nat_test.go b/google-beta/services/compute/resource_compute_router_nat_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-plugin-testing/plancheck"
 	"github.com/hashicorp/terraform-plugin-testing/terraform"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/envvar"
@@ -84,6 +85,11 @@ func TestAccComputeRouterNat_update(t *testing.T) {
 			},
 			{
 				Config: testAccComputeRouterNatUpdated(routerName),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_compute_router_nat.foobar", plancheck.ResourceActionUpdate),
+					},
+				},
 			},
 			{
 				ResourceName:      "google_compute_router_nat.foobar",
@@ -92,6 +98,11 @@ func TestAccComputeRouterNat_update(t *testing.T) {
 			},
 			{
 				Config: testAccComputeRouterNatUpdateToNatIPsId(routerName),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_compute_router_nat.foobar", plancheck.ResourceActionNoop),
+					},
+				},
 			},
 			{
 				ResourceName:      "google_compute_router_nat.foobar",
@@ -100,6 +111,11 @@ func TestAccComputeRouterNat_update(t *testing.T) {
 			},
 			{
 				Config: testAccComputeRouterNatUpdateToNatIPsName(routerName),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_compute_router_nat.foobar", plancheck.ResourceActionNoop),
+					},
+				},
 			},
 			{
 				ResourceName:      "google_compute_router_nat.foobar",
@@ -108,37 +124,11 @@ func TestAccComputeRouterNat_update(t *testing.T) {
 			},
 			{
 				Config: testAccComputeRouterNatBasicBeforeUpdate(routerName),
-			},
-			{
-				ResourceName:      "google_compute_router_nat.foobar",
-				ImportState:       true,
-				ImportStateVerify: true,
-			},
-		},
-	})
-}
-
-func TestAccComputeRouterNat_removeLogConfig(t *testing.T) {
-	t.Parallel()
-
-	testId := acctest.RandString(t, 10)
-	routerName := fmt.Sprintf("tf-test-router-nat-%s", testId)
-
-	acctest.VcrTest(t, resource.TestCase{
-		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
-		CheckDestroy:             testAccCheckComputeRouterNatDestroyProducer(t),
-		Steps: []resource.TestStep{
-			{
-				Config: testAccComputeRouterNatLogConfig(routerName),
-			},
-			{
-				ResourceName:      "google_compute_router_nat.foobar",
-				ImportState:       true,
-				ImportStateVerify: true,
-			},
-			{
-				Config: testAccComputeRouterNatLogConfigRemoved(routerName),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_compute_router_nat.foobar", plancheck.ResourceActionUpdate),
+					},
+				},
 			},
 			{
 				ResourceName:      "google_compute_router_nat.foobar",
@@ -1011,6 +1001,7 @@ resource "google_compute_router" "foobar" {
 
 resource "google_compute_network" "foobar" {
   name = "%s-net"
+  auto_create_subnetworks = false
 }
 
 resource "google_compute_subnetwork" "foobar" {
@@ -1032,11 +1023,6 @@ resource "google_compute_router_nat" "foobar" {
   nat_ip_allocate_option             = "AUTO_ONLY"
   nat_ips                            = []
   source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
-
-  log_config {
-    enable = true
-    filter = "ERRORS_ONLY"
-  }
 }
 `, routerName, routerName, routerName, routerName, routerName)
 }
@@ -1051,6 +1037,7 @@ resource "google_compute_router" "foobar" {
 
 resource "google_compute_network" "foobar" {
   name = "%s-net"
+  auto_create_subnetworks = false
 }
 
 resource "google_compute_subnetwork" "foobar" {
@@ -1085,6 +1072,7 @@ resource "google_compute_router_nat" "foobar" {
   tcp_established_idle_timeout_sec = 1600
   tcp_transitory_idle_timeout_sec  = 60
   tcp_time_wait_timeout_sec        = 60
+  max_ports_per_vm                 = 128
 
   log_config {
     enable = true
@@ -1137,7 +1125,8 @@ network = google_compute_network.foobar.self_link
 }
 
 resource "google_compute_network" "foobar" {
-name = "%s-net"
+  name = "%s-net"
+  auto_create_subnetworks = false
 }
 resource "google_compute_subnetwork" "foobar" {
 name          = "%s-subnet"
@@ -1171,6 +1160,7 @@ resource "google_compute_router_nat" "foobar" {
   tcp_established_idle_timeout_sec = 1600
   tcp_transitory_idle_timeout_sec  = 60
   tcp_time_wait_timeout_sec        = 60
+  max_ports_per_vm                 = 128
 
   log_config {
     enable = true
@@ -1189,7 +1179,8 @@ network = google_compute_network.foobar.self_link
 }
 
 resource "google_compute_network" "foobar" {
-name = "%s-net"
+  name = "%s-net"
+  auto_create_subnetworks = false
 }
 resource "google_compute_subnetwork" "foobar" {
 name          = "%s-subnet"
@@ -1223,6 +1214,7 @@ resource "google_compute_router_nat" "foobar" {
   tcp_established_idle_timeout_sec = 1600
   tcp_transitory_idle_timeout_sec  = 60
   tcp_time_wait_timeout_sec        = 60
+  max_ports_per_vm                 = 128
 
   log_config {
     enable = true
@@ -1826,68 +1818,6 @@ resource "google_compute_router" "foobar" {
 `, routerName, routerName, routerName)
 }
 
-func testAccComputeRouterNatLogConfig(routerName string) string {
-	return fmt.Sprintf(`
-resource "google_compute_network" "foobar" {
-  name = "%s-net"
-}
-
-resource "google_compute_subnetwork" "foobar" {
-  name          = "%s-subnet"
-  network       = google_compute_network.foobar.self_link
-  ip_cidr_range = "10.0.0.0/16"
-  region        = "us-central1"
-}
-
-resource "google_compute_router" "foobar" {
-  name    = "%s"
-  region  = google_compute_subnetwork.foobar.region
-  network = google_compute_network.foobar.self_link
-}
-
-resource "google_compute_router_nat" "foobar" {
-  name                               = "%s"
-  router                             = google_compute_router.foobar.name
-  region                             = google_compute_router.foobar.region
-  nat_ip_allocate_option             = "AUTO_ONLY"
-  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
-  log_config {
-    enable = false
-    filter = "ALL"
-  }
-}
-`, routerName, routerName, routerName, routerName)
-}
-
-func testAccComputeRouterNatLogConfigRemoved(routerName string) string {
-	return fmt.Sprintf(`
-resource "google_compute_network" "foobar" {
-  name = "%s-net"
-}
-
-resource "google_compute_subnetwork" "foobar" {
-  name          = "%s-subnet"
-  network       = google_compute_network.foobar.self_link
-  ip_cidr_range = "10.0.0.0/16"
-  region        = "us-central1"
-}
-
-resource "google_compute_router" "foobar" {
-  name    = "%s"
-  region  = google_compute_subnetwork.foobar.region
-  network = google_compute_network.foobar.self_link
-}
-
-resource "google_compute_router_nat" "foobar" {
-  name                               = "%s"
-  router                             = google_compute_router.foobar.name
-  region                             = google_compute_router.foobar.region
-  nat_ip_allocate_option             = "AUTO_ONLY"
-  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
-}
-`, routerName, routerName, routerName, routerName)
-}
-
 func testAccComputeRouterNatBaseResourcesWithPrivateNatSubnetworks(routerName, hubName string) string {
 	return fmt.Sprintf(`
 resource "google_compute_network" "foobar" {

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:bug
	`2`	+compute: fixed bug in `google_compute_router_nat` where `max_ports_per_vm` couldn't be unset once set.
	`3`	+```