Skip to content

Commit 9a9e5ea

Browse files
modular-magicianmodular-magician
authored
Move regional SSL policies to GA (#8443) (#15299)
Signed-off-by: Modular Magician <[email protected]>
1 parent 6dc7f0d commit 9a9e5ea

6 files changed

+953
-5
lines changed

.changelog/8443.txt

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
```release-note:new-resource
2+
`google_compute_region_ssl_policy` (GA)
3+
4+
```

google/provider/provider.go

+3-2
Original file line numberDiff line numberDiff line change
@@ -947,9 +947,9 @@ func DatasourceMapWithErrors() (map[string]*schema.Resource, error) {
947947
})
948948
}
949949

950-
// Generated resources: 302
950+
// Generated resources: 303
951951
// Generated IAM resources: 204
952-
// Total generated resources: 506
952+
// Total generated resources: 507
953953
func ResourceMap() map[string]*schema.Resource {
954954
resourceMap, _ := ResourceMapWithErrors()
955955
return resourceMap
@@ -1146,6 +1146,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
11461146
"google_compute_region_network_endpoint_group": compute.ResourceComputeRegionNetworkEndpointGroup(),
11471147
"google_compute_region_per_instance_config": compute.ResourceComputeRegionPerInstanceConfig(),
11481148
"google_compute_region_ssl_certificate": compute.ResourceComputeRegionSslCertificate(),
1149+
"google_compute_region_ssl_policy": compute.ResourceComputeRegionSslPolicy(),
11491150
"google_compute_region_target_http_proxy": compute.ResourceComputeRegionTargetHttpProxy(),
11501151
"google_compute_region_target_https_proxy": compute.ResourceComputeRegionTargetHttpsProxy(),
11511152
"google_compute_region_target_tcp_proxy": compute.ResourceComputeRegionTargetTcpProxy(),

google/resource_compute_region_ssl_policy_test.go

+225
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,228 @@
11
// Copyright (c) HashiCorp, Inc.
22
// SPDX-License-Identifier: MPL-2.0
33
package google
4+
5+
import (
6+
"fmt"
7+
"testing"
8+
9+
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
10+
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
11+
"github.com/hashicorp/terraform-provider-google/google/acctest"
12+
13+
"google.golang.org/api/compute/v1"
14+
)
15+
16+
func TestAccComputeRegionSslPolicy_update(t *testing.T) {
17+
t.Parallel()
18+
19+
var sslPolicy compute.SslPolicy
20+
sslPolicyName := fmt.Sprintf("test-ssl-policy-%s", acctest.RandString(t, 10))
21+
22+
acctest.VcrTest(t, resource.TestCase{
23+
PreCheck: func() { acctest.AccTestPreCheck(t) },
24+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
25+
CheckDestroy: testAccCheckComputeSslPolicyDestroyProducer(t),
26+
Steps: []resource.TestStep{
27+
{
28+
Config: testAccComputeRegionSslUpdate1(sslPolicyName),
29+
Check: resource.ComposeTestCheckFunc(
30+
testAccCheckComputeRegionSslPolicyExists(
31+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
32+
resource.TestCheckResourceAttr(
33+
"google_compute_region_ssl_policy.update", "profile", "MODERN"),
34+
resource.TestCheckResourceAttr(
35+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_0"),
36+
),
37+
},
38+
{
39+
ResourceName: "google_compute_region_ssl_policy.update",
40+
ImportState: true,
41+
ImportStateVerify: true,
42+
},
43+
{
44+
Config: testAccComputeRegionSslUpdate2(sslPolicyName),
45+
Check: resource.ComposeTestCheckFunc(
46+
testAccCheckComputeRegionSslPolicyExists(
47+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
48+
resource.TestCheckResourceAttr(
49+
"google_compute_region_ssl_policy.update", "profile", "RESTRICTED"),
50+
resource.TestCheckResourceAttr(
51+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_2"),
52+
),
53+
},
54+
{
55+
ResourceName: "google_compute_region_ssl_policy.update",
56+
ImportState: true,
57+
ImportStateVerify: true,
58+
},
59+
},
60+
})
61+
}
62+
63+
func TestAccComputeRegionSslPolicy_update_to_custom(t *testing.T) {
64+
t.Parallel()
65+
66+
var sslPolicy compute.SslPolicy
67+
sslPolicyName := fmt.Sprintf("test-ssl-policy-%s", acctest.RandString(t, 10))
68+
69+
acctest.VcrTest(t, resource.TestCase{
70+
PreCheck: func() { acctest.AccTestPreCheck(t) },
71+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
72+
CheckDestroy: testAccCheckComputeSslPolicyDestroyProducer(t),
73+
Steps: []resource.TestStep{
74+
{
75+
Config: testAccComputeRegionSslUpdate1(sslPolicyName),
76+
Check: resource.ComposeTestCheckFunc(
77+
testAccCheckComputeRegionSslPolicyExists(
78+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
79+
resource.TestCheckResourceAttr(
80+
"google_compute_region_ssl_policy.update", "profile", "MODERN"),
81+
resource.TestCheckResourceAttr(
82+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_0"),
83+
),
84+
},
85+
{
86+
ResourceName: "google_compute_region_ssl_policy.update",
87+
ImportState: true,
88+
ImportStateVerify: true,
89+
},
90+
{
91+
Config: testAccComputeRegionSslUpdate3(sslPolicyName),
92+
Check: resource.ComposeTestCheckFunc(
93+
testAccCheckComputeRegionSslPolicyExists(
94+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
95+
resource.TestCheckResourceAttr(
96+
"google_compute_region_ssl_policy.update", "profile", "CUSTOM"),
97+
resource.TestCheckResourceAttr(
98+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_1"),
99+
),
100+
},
101+
{
102+
ResourceName: "google_compute_region_ssl_policy.update",
103+
ImportState: true,
104+
ImportStateVerify: true,
105+
},
106+
},
107+
})
108+
}
109+
110+
func TestAccComputeRegionSslPolicy_update_from_custom(t *testing.T) {
111+
t.Parallel()
112+
113+
var sslPolicy compute.SslPolicy
114+
sslPolicyName := fmt.Sprintf("test-ssl-policy-%s", acctest.RandString(t, 10))
115+
116+
acctest.VcrTest(t, resource.TestCase{
117+
PreCheck: func() { acctest.AccTestPreCheck(t) },
118+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
119+
CheckDestroy: testAccCheckComputeSslPolicyDestroyProducer(t),
120+
Steps: []resource.TestStep{
121+
{
122+
Config: testAccComputeRegionSslUpdate3(sslPolicyName),
123+
Check: resource.ComposeTestCheckFunc(
124+
testAccCheckComputeRegionSslPolicyExists(
125+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
126+
resource.TestCheckResourceAttr(
127+
"google_compute_region_ssl_policy.update", "profile", "CUSTOM"),
128+
resource.TestCheckResourceAttr(
129+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_1"),
130+
),
131+
},
132+
{
133+
ResourceName: "google_compute_region_ssl_policy.update",
134+
ImportState: true,
135+
ImportStateVerify: true,
136+
},
137+
{
138+
Config: testAccComputeRegionSslUpdate1(sslPolicyName),
139+
Check: resource.ComposeTestCheckFunc(
140+
testAccCheckComputeRegionSslPolicyExists(
141+
t, "google_compute_region_ssl_policy.update", &sslPolicy),
142+
resource.TestCheckResourceAttr(
143+
"google_compute_region_ssl_policy.update", "profile", "MODERN"),
144+
resource.TestCheckResourceAttr(
145+
"google_compute_region_ssl_policy.update", "min_tls_version", "TLS_1_0"),
146+
),
147+
},
148+
{
149+
ResourceName: "google_compute_region_ssl_policy.update",
150+
ImportState: true,
151+
ImportStateVerify: true,
152+
},
153+
},
154+
})
155+
}
156+
157+
func testAccCheckComputeRegionSslPolicyExists(t *testing.T, n string, sslPolicy *compute.SslPolicy) resource.TestCheckFunc {
158+
return func(s *terraform.State) error {
159+
rs, ok := s.RootModule().Resources[n]
160+
if !ok {
161+
return fmt.Errorf("Not found: %s", n)
162+
}
163+
164+
if rs.Primary.ID == "" {
165+
return fmt.Errorf("No ID is set")
166+
}
167+
168+
config := acctest.GoogleProviderConfig(t)
169+
170+
project, err := acctest.GetTestProject(rs.Primary, config)
171+
if err != nil {
172+
return err
173+
}
174+
175+
name := rs.Primary.Attributes["name"]
176+
177+
found, err := config.NewComputeClient(config.UserAgent).RegionSslPolicies.Get(
178+
project, "us-central1", name).Do()
179+
if err != nil {
180+
return fmt.Errorf("Error Reading SSL Policy %s: %s", name, err)
181+
}
182+
183+
if found.Name != name {
184+
return fmt.Errorf("SSL Policy not found")
185+
}
186+
187+
*sslPolicy = *found
188+
189+
return nil
190+
}
191+
}
192+
193+
func testAccComputeRegionSslUpdate1(resourceName string) string {
194+
return fmt.Sprintf(`
195+
resource "google_compute_region_ssl_policy" "update" {
196+
name = "%s"
197+
description = "Generated by TF provider acceptance test"
198+
min_tls_version = "TLS_1_0"
199+
profile = "MODERN"
200+
region = "us-central1"
201+
}
202+
`, resourceName)
203+
}
204+
205+
func testAccComputeRegionSslUpdate2(resourceName string) string {
206+
return fmt.Sprintf(`
207+
resource "google_compute_region_ssl_policy" "update" {
208+
name = "%s"
209+
description = "Generated by TF provider acceptance test"
210+
min_tls_version = "TLS_1_2"
211+
profile = "RESTRICTED"
212+
region = "us-central1"
213+
}
214+
`, resourceName)
215+
}
216+
217+
func testAccComputeRegionSslUpdate3(resourceName string) string {
218+
return fmt.Sprintf(`
219+
resource "google_compute_region_ssl_policy" "update" {
220+
name = "%s"
221+
description = "Generated by TF provider acceptance test"
222+
min_tls_version = "TLS_1_1"
223+
profile = "CUSTOM"
224+
region = "us-central1"
225+
custom_features = ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
226+
}
227+
`, resourceName)
228+
}

0 commit comments

Comments
 (0)