Skip to content

Commit 20699e9

Browse files
modular-magicianmodular-magician
authored
Adding labels field to the GKEHub Scope RBAC RoleBinding resource (#8869) (#15729)
* Adding Terraform resources for Tenancy APIs in GKEHub * Segregating MembershipBinding and MembershipRBACRoleBinding to keep things simpler in the review * Fixing the docu URIs * Adding TF support for Tenancy API for Membership Binding * Adding dependent membership binding to the same commit chain * Making Scope un-updatable and replacing hard coded project number with the one from test env * Making Scope RRBAC updatable * Making Namespace immutable * Adding update test cases * Removing all memberships field from Scope since it is no longer supported * Removing all_memberships field for Scope from all test cases * Adding labels to the Scope RBAC Role Binding resource Signed-off-by: Modular Magician <[email protected]>
1 parent c3817ef commit 20699e9

5 files changed

+59
-0
lines changed

.changelog/8869.txt

+3
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
```release-note:enhancement
2+
GKEHUB: added `labels` fields to `google_gke_hub_scope_rbac_role_binding` resource
3+
```

google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding.go

+40
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,12 @@ is required). Updating one will unset the other automatically.
8585
group is the group, as seen by the kubernetes cluster.`,
8686
ExactlyOneOf: []string{"user", "group"},
8787
},
88+
"labels": {
89+
Type: schema.TypeMap,
90+
Optional: true,
91+
Description: `Labels for this ScopeRBACRoleBinding.`,
92+
Elem: &schema.Schema{Type: schema.TypeString},
93+
},
8894
"user": {
8995
Type: schema.TypeString,
9096
Optional: true,
@@ -170,6 +176,12 @@ func resourceGKEHub2ScopeRBACRoleBindingCreate(d *schema.ResourceData, meta inte
170176
} else if v, ok := d.GetOkExists("role"); !tpgresource.IsEmptyValue(reflect.ValueOf(roleProp)) && (ok || !reflect.DeepEqual(v, roleProp)) {
171177
obj["role"] = roleProp
172178
}
179+
labelsProp, err := expandGKEHub2ScopeRBACRoleBindingLabels(d.Get("labels"), d, config)
180+
if err != nil {
181+
return err
182+
} else if v, ok := d.GetOkExists("labels"); !tpgresource.IsEmptyValue(reflect.ValueOf(labelsProp)) && (ok || !reflect.DeepEqual(v, labelsProp)) {
183+
obj["labels"] = labelsProp
184+
}
173185

174186
url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/global/scopes/{{scope_id}}/rbacrolebindings/?rbacrolebinding_id={{scope_rbac_role_binding_id}}")
175187
if err != nil {
@@ -306,6 +318,9 @@ func resourceGKEHub2ScopeRBACRoleBindingRead(d *schema.ResourceData, meta interf
306318
if err := d.Set("role", flattenGKEHub2ScopeRBACRoleBindingRole(res["role"], d, config)); err != nil {
307319
return fmt.Errorf("Error reading ScopeRBACRoleBinding: %s", err)
308320
}
321+
if err := d.Set("labels", flattenGKEHub2ScopeRBACRoleBindingLabels(res["labels"], d, config)); err != nil {
322+
return fmt.Errorf("Error reading ScopeRBACRoleBinding: %s", err)
323+
}
309324

310325
return nil
311326
}
@@ -344,6 +359,12 @@ func resourceGKEHub2ScopeRBACRoleBindingUpdate(d *schema.ResourceData, meta inte
344359
} else if v, ok := d.GetOkExists("role"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, roleProp)) {
345360
obj["role"] = roleProp
346361
}
362+
labelsProp, err := expandGKEHub2ScopeRBACRoleBindingLabels(d.Get("labels"), d, config)
363+
if err != nil {
364+
return err
365+
} else if v, ok := d.GetOkExists("labels"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, labelsProp)) {
366+
obj["labels"] = labelsProp
367+
}
347368

348369
url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/global/scopes/{{scope_id}}/rbacrolebindings/{{scope_rbac_role_binding_id}}")
349370
if err != nil {
@@ -364,6 +385,10 @@ func resourceGKEHub2ScopeRBACRoleBindingUpdate(d *schema.ResourceData, meta inte
364385
if d.HasChange("role") {
365386
updateMask = append(updateMask, "role")
366387
}
388+
389+
if d.HasChange("labels") {
390+
updateMask = append(updateMask, "labels")
391+
}
367392
// updateMask is a URL parameter but not present in the schema, so ReplaceVars
368393
// won't set it
369394
url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
@@ -538,6 +563,10 @@ func flattenGKEHub2ScopeRBACRoleBindingRolePredefinedRole(v interface{}, d *sche
538563
return v
539564
}
540565

566+
func flattenGKEHub2ScopeRBACRoleBindingLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
567+
return v
568+
}
569+
541570
func expandGKEHub2ScopeRBACRoleBindingUser(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
542571
return v, nil
543572
}
@@ -568,3 +597,14 @@ func expandGKEHub2ScopeRBACRoleBindingRole(v interface{}, d tpgresource.Terrafor
568597
func expandGKEHub2ScopeRBACRoleBindingRolePredefinedRole(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
569598
return v, nil
570599
}
600+
601+
func expandGKEHub2ScopeRBACRoleBindingLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) {
602+
if v == nil {
603+
return map[string]string{}, nil
604+
}
605+
m := make(map[string]string)
606+
for k, val := range v.(map[string]interface{}) {
607+
m[k] = val.(string)
608+
}
609+
return m, nil
610+
}

google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_generated_test.go

+3
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" {
7070
role {
7171
predefined_role = "ADMIN"
7272
}
73+
labels = {
74+
key = "value"
75+
}
7376
depends_on = [google_gke_hub_scope.scoperbacrolebinding]
7477
}
7578
`, context)

google/services/gkehub2/resource_gke_hub_scope_rbac_role_binding_test.go

+6
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" {
5858
role {
5959
predefined_role = "ADMIN"
6060
}
61+
labels = {
62+
key = "value"
63+
}
6164
depends_on = [google_gke_hub_scope.scoperbacrolebinding]
6265
}
6366
`, context)
@@ -76,6 +79,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" {
7679
role {
7780
predefined_role = "VIEW"
7881
}
82+
labels = {
83+
key = "updated_value"
84+
}
7985
depends_on = [google_gke_hub_scope.scoperbacrolebinding]
8086
}
8187
`, context)

website/docs/r/gke_hub_scope_rbac_role_binding.html.markdown

+7
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,9 @@ resource "google_gke_hub_scope_rbac_role_binding" "scoperbacrolebinding" {
4343
role {
4444
predefined_role = "ADMIN"
4545
}
46+
labels = {
47+
key = "value"
48+
}
4649
depends_on = [google_gke_hub_scope.scoperbacrolebinding]
4750
}
4851
```
@@ -89,6 +92,10 @@ The following arguments are supported:
8992
is required). Updating one will unset the other automatically.
9093
group is the group, as seen by the kubernetes cluster.
9194

95+
* `labels` -
96+
(Optional)
97+
Labels for this ScopeRBACRoleBinding.
98+
9299
* `project` - (Optional) The ID of the project in which the resource belongs.
93100
If it is not provided, the provider project is used.
94101

0 commit comments

Comments
 (0)