Adding ServiceConnectionPolicies resource in NetworkConnectivity. (#8273) (#15381)

* adding both resources, basic test for serviceClass it's working, need to fix the test scenario for policy

* fix the test scenario and the service class resource properties

* adding a testing update, just adding the labels for the resource

* added the resource service connection map, and it's basic test, need to evaluate

* Revert "added the resource service connection map, and it's basic test, need to evaluate"

This reverts commit 4240e1d81e5901221cee1f1db7c03c8fbc58e3a6.

* removing the service class in one test scenario and using a static value

* fix a typo

* removing serviceClass and fix the tests

* removing ga tag and updatinga etag for fingerprint type

* updating the code, to remove the static value from the docs, need to test

* adding a file to tpgtools override at product level

* adding function to help with env var, but the patch on tests it's failing

* adding the variable to be used in the docs

* fixing the test, the network field cannot be immutable

* removing the env_var service class and adding a static value

* updating the value used from tests and documentation

* removing unused resources for docs and tests

* fix typos, not used variables and run the fmt

* adding description to the basic test

* fixed yaml variable override

* removing unused resources for tests, and making the test fails with network as immutable

* adding encoder to help network field be immutable and be sent on patch method

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/8273.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+google_network_connectivity_service_connection_policy
+```

google/config_test_utils.go

@@ -90,6 +90,7 @@ func configureTestBasePaths(c *transport_tpg.Config, url string) {
 	c.MemcacheBasePath = url
 	c.MLEngineBasePath = url
 	c.MonitoringBasePath = url
+	c.NetworkConnectivityBasePath = url
 	c.NetworkManagementBasePath = url
 	c.NetworkSecurityBasePath = url
 	c.NetworkServicesBasePath = url

google/fwmodels/provider_model.go

@@ -91,6 +91,7 @@ type ProviderModel struct {
 	MemcacheCustomEndpoint                 types.String `tfsdk:"memcache_custom_endpoint"`
 	MLEngineCustomEndpoint                 types.String `tfsdk:"ml_engine_custom_endpoint"`
 	MonitoringCustomEndpoint               types.String `tfsdk:"monitoring_custom_endpoint"`
+	NetworkConnectivityCustomEndpoint      types.String `tfsdk:"network_connectivity_custom_endpoint"`
 	NetworkManagementCustomEndpoint        types.String `tfsdk:"network_management_custom_endpoint"`
 	NetworkSecurityCustomEndpoint          types.String `tfsdk:"network_security_custom_endpoint"`
 	NetworkServicesCustomEndpoint          types.String `tfsdk:"network_services_custom_endpoint"`
@@ -141,7 +142,6 @@ type ProviderModel struct {
 	CloudResourceManagerCustomEndpoint types.String `tfsdk:"cloud_resource_manager_custom_endpoint"`
 	EventarcCustomEndpoint             types.String `tfsdk:"eventarc_custom_endpoint"`
 	FirebaserulesCustomEndpoint        types.String `tfsdk:"firebaserules_custom_endpoint"`
-	NetworkConnectivityCustomEndpoint  types.String `tfsdk:"network_connectivity_custom_endpoint"`
 	OrgPolicyCustomEndpoint            types.String `tfsdk:"org_policy_custom_endpoint"`
 	RecaptchaEnterpriseCustomEndpoint  types.String `tfsdk:"recaptcha_enterprise_custom_endpoint"`
 }

google/fwprovider/framework_provider.go

@@ -515,6 +515,12 @@ func (p *FrameworkProvider) Schema(_ context.Context, _ provider.SchemaRequest,
 					transport_tpg.CustomEndpointValidator(),
 				},
 			},
+			"network_connectivity_custom_endpoint": &schema.StringAttribute{
+				Optional: true,
+				Validators: []validator.String{
+					transport_tpg.CustomEndpointValidator(),
+				},
+			},
 			"network_management_custom_endpoint": &schema.StringAttribute{
 				Optional: true,
 				Validators: []validator.String{

google/fwtransport/framework_config.go

@@ -115,6 +115,7 @@ type FrameworkProviderConfig struct {
 	MemcacheBasePath                 string
 	MLEngineBasePath                 string
 	MonitoringBasePath               string
+	NetworkConnectivityBasePath      string
 	NetworkManagementBasePath        string
 	NetworkSecurityBasePath          string
 	NetworkServicesBasePath          string
@@ -251,6 +252,7 @@ func (p *FrameworkProviderConfig) LoadAndValidateFramework(ctx context.Context,
 	p.MemcacheBasePath = data.MemcacheCustomEndpoint.ValueString()
 	p.MLEngineBasePath = data.MLEngineCustomEndpoint.ValueString()
 	p.MonitoringBasePath = data.MonitoringCustomEndpoint.ValueString()
+	p.NetworkConnectivityBasePath = data.NetworkConnectivityCustomEndpoint.ValueString()
 	p.NetworkManagementBasePath = data.NetworkManagementCustomEndpoint.ValueString()
 	p.NetworkSecurityBasePath = data.NetworkSecurityCustomEndpoint.ValueString()
 	p.NetworkServicesBasePath = data.NetworkServicesCustomEndpoint.ValueString()
@@ -935,6 +937,14 @@ func (p *FrameworkProviderConfig) HandleDefaults(ctx context.Context, data *fwmo
 			data.MonitoringCustomEndpoint = types.StringValue(customEndpoint.(string))
 		}
 	}
+	if data.NetworkConnectivityCustomEndpoint.IsNull() {
+		customEndpoint := transport_tpg.MultiEnvDefault([]string{
+			"GOOGLE_NETWORK_CONNECTIVITY_CUSTOM_ENDPOINT",
+		}, transport_tpg.DefaultBasePaths[transport_tpg.NetworkConnectivityBasePathKey])
+		if customEndpoint != nil {
+			data.NetworkConnectivityCustomEndpoint = types.StringValue(customEndpoint.(string))
+		}
+	}
 	if data.NetworkManagementCustomEndpoint.IsNull() {
 		customEndpoint := transport_tpg.MultiEnvDefault([]string{
 			"GOOGLE_NETWORK_MANAGEMENT_CUSTOM_ENDPOINT",

google/gcp_sweeper_test.go

@@ -74,6 +74,7 @@ import (
 	_ "github.com/hashicorp/terraform-provider-google/google/services/memcache"
 	_ "github.com/hashicorp/terraform-provider-google/google/services/mlengine"
 	_ "github.com/hashicorp/terraform-provider-google/google/services/monitoring"
+	_ "github.com/hashicorp/terraform-provider-google/google/services/networkconnectivity"
 	_ "github.com/hashicorp/terraform-provider-google/google/services/networkmanagement"
 	_ "github.com/hashicorp/terraform-provider-google/google/services/networksecurity"
 	_ "github.com/hashicorp/terraform-provider-google/google/services/networkservices"

google/provider/provider.go

@@ -79,6 +79,7 @@ import (
 	"github.com/hashicorp/terraform-provider-google/google/services/memcache"
 	"github.com/hashicorp/terraform-provider-google/google/services/mlengine"
 	"github.com/hashicorp/terraform-provider-google/google/services/monitoring"
+	"github.com/hashicorp/terraform-provider-google/google/services/networkconnectivity"
 	"github.com/hashicorp/terraform-provider-google/google/services/networkmanagement"
 	"github.com/hashicorp/terraform-provider-google/google/services/networksecurity"
 	"github.com/hashicorp/terraform-provider-google/google/services/networkservices"
@@ -554,6 +555,11 @@ func Provider() *schema.Provider {
 				Optional:     true,
 				ValidateFunc: transport_tpg.ValidateCustomEndpoint,
 			},
+			"network_connectivity_custom_endpoint": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: transport_tpg.ValidateCustomEndpoint,
+			},
 			"network_management_custom_endpoint": {
 				Type:         schema.TypeString,
 				Optional:     true,
@@ -953,9 +959,9 @@ func DatasourceMapWithErrors() (map[string]*schema.Resource, error) {
 		})
 }
 
-// Generated resources: 305
+// Generated resources: 306
 // Generated IAM resources: 204
-// Total generated resources: 509
+// Total generated resources: 510
 func ResourceMap() map[string]*schema.Resource {
 	resourceMap, _ := ResourceMapWithErrors()
 	return resourceMap
@@ -1363,6 +1369,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
 			"google_monitoring_custom_service":                               monitoring.ResourceMonitoringService(),
 			"google_monitoring_slo":                                          monitoring.ResourceMonitoringSlo(),
 			"google_monitoring_uptime_check_config":                          monitoring.ResourceMonitoringUptimeCheckConfig(),
+			"google_network_connectivity_service_connection_policy":          networkconnectivity.ResourceNetworkConnectivityServiceConnectionPolicy(),
 			"google_network_management_connectivity_test":                    networkmanagement.ResourceNetworkManagementConnectivityTest(),
 			"google_network_security_address_group":                          networksecurity.ResourceNetworkSecurityAddressGroup(),
 			"google_network_security_gateway_security_policy":                networksecurity.ResourceNetworkSecurityGatewaySecurityPolicy(),
@@ -1764,6 +1771,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr
 	config.MemcacheBasePath = d.Get("memcache_custom_endpoint").(string)
 	config.MLEngineBasePath = d.Get("ml_engine_custom_endpoint").(string)
 	config.MonitoringBasePath = d.Get("monitoring_custom_endpoint").(string)
+	config.NetworkConnectivityBasePath = d.Get("network_connectivity_custom_endpoint").(string)
 	config.NetworkManagementBasePath = d.Get("network_management_custom_endpoint").(string)
 	config.NetworkSecurityBasePath = d.Get("network_security_custom_endpoint").(string)
 	config.NetworkServicesBasePath = d.Get("network_services_custom_endpoint").(string)

google/resource_network_connectivity_service_connection_policies_test.go

@@ -0,0 +1,111 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package google
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-provider-google/google/acctest"
+)
+
+func TestAccNetworkConnectivityServiceConnectionPolicy_update(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"networkProducerName":         fmt.Sprintf("tf-test-network-%s", RandString(t, 10)),
+		"subnetworkProducerName1":     fmt.Sprintf("tf-test-subnet-producer-%s", RandString(t, 10)),
+		"subnetworkProducerName2":     fmt.Sprintf("tf-test-subnet-producer-%s", RandString(t, 10)),
+		"serviceConnectionPolicyName": fmt.Sprintf("tf-test-service-connection-policy-%s", RandString(t, 10)),
+	}
+
+	VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckNetworkConnectivityServiceConnectionPolicyDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccNetworkConnectivityServiceConnectionPolicy_basic(context),
+			},
+			{
+				ResourceName:      "google_network_connectivity_service_connection_policy.default",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccNetworkConnectivityServiceConnectionPolicy_update(context),
+			},
+			{
+				ResourceName:      "google_network_connectivity_service_connection_policy.default",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccNetworkConnectivityServiceConnectionPolicy_basic(context),
+			},
+			{
+				ResourceName:      "google_network_connectivity_service_connection_policy.default",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccNetworkConnectivityServiceConnectionPolicy_basic(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+  resource "google_compute_network" "producer_net" {
+    name                    = "%{networkProducerName}"
+    auto_create_subnetworks = false
+  }
+  
+  resource "google_compute_subnetwork" "producer_subnet" {
+    name          = "%{subnetworkProducerName1}"
+    ip_cidr_range = "10.0.0.0/16"
+    region        = "us-central1"
+    network       = google_compute_network.producer_net.id
+  }
+  
+  resource "google_network_connectivity_service_connection_policy" "default" {
+    name = "%{serviceConnectionPolicyName}"
+    location = "us-central1"
+    service_class = "gcp-memorystore-redis"
+    network = google_compute_network.producer_net.id
+    psc_config {
+      subnetworks = [google_compute_subnetwork.producer_subnet.id]
+      limit = 2
+    }
+  }
+`, context)
+}
+
+func testAccNetworkConnectivityServiceConnectionPolicy_update(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_compute_network" "producer_net" {
+  name                    = "%{networkProducerName}"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "producer_subnet1" {
+  name          = "%{subnetworkProducerName2}"
+  ip_cidr_range = "10.1.0.0/16"
+  region        = "us-central1"
+  network       = google_compute_network.producer_net.id
+}
+
+resource "google_network_connectivity_service_connection_policy" "default" {
+  name = "%{serviceConnectionPolicyName}"
+  location = "us-central1"
+  service_class = "gcp-memorystore-redis"
+  network = google_compute_network.producer_net.id
+  psc_config {
+    subnetworks = [google_compute_subnetwork.producer_subnet1.id]
+    limit = 4
+  }
+  labels      = {
+    foo = "bar"
+  }
+}
+`, context)
+}

google/resource_network_connectivity_service_connection_policy_generated_test.go

@@ -0,0 +1,124 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+
+package google
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+
+	"github.com/hashicorp/terraform-provider-google/google/acctest"
+	"github.com/hashicorp/terraform-provider-google/google/tpgresource"
+	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
+)
+
+func TestAccNetworkConnectivityServiceConnectionPolicy_networkConnectivityPolicyBasicExample(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"service_class_name": "gcp-memorystore-redis",
+		"random_suffix":      acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckNetworkConnectivityServiceConnectionPolicyDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccNetworkConnectivityServiceConnectionPolicy_networkConnectivityPolicyBasicExample(context),
+			},
+			{
+				ResourceName:            "google_network_connectivity_service_connection_policy.default",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"name", "location"},
+			},
+		},
+	})
+}
+
+func testAccNetworkConnectivityServiceConnectionPolicy_networkConnectivityPolicyBasicExample(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_compute_network" "producer_net" {
+  name                    = "tf-test-producer-net%{random_suffix}"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "producer_subnet" {
+  name          = "tf-test-producer-subnet%{random_suffix}"
+  ip_cidr_range = "10.0.0.0/16"
+  region        = "us-central1"
+  network       = google_compute_network.producer_net.id
+}
+
+resource "google_network_connectivity_service_connection_policy" "default" {
+  name = "tf-test-my-network-connectivity-policy%{random_suffix}"
+  location = "us-central1"
+  service_class = "%{service_class_name}"
+  description   = "my basic service connection policy"
+  network = google_compute_network.producer_net.id
+  psc_config {
+    subnetworks = [google_compute_subnetwork.producer_subnet.id]
+    limit = 2
+  }
+}
+`, context)
+}
+
+func testAccCheckNetworkConnectivityServiceConnectionPolicyDestroyProducer(t *testing.T) func(s *terraform.State) error {
+	return func(s *terraform.State) error {
+		for name, rs := range s.RootModule().Resources {
+			if rs.Type != "google_network_connectivity_service_connection_policy" {
+				continue
+			}
+			if strings.HasPrefix(name, "data.") {
+				continue
+			}
+
+			config := acctest.GoogleProviderConfig(t)
+
+			url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{NetworkConnectivityBasePath}}projects/{{project}}/locations/{{location}}/serviceConnectionPolicies/{{name}}")
+			if err != nil {
+				return err
+			}
+
+			billingProject := ""
+
+			if config.BillingProject != "" {
+				billingProject = config.BillingProject
+			}
+
+			_, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+				Config:    config,
+				Method:    "GET",
+				Project:   billingProject,
+				RawURL:    url,
+				UserAgent: config.UserAgent,
+			})
+			if err == nil {
+				return fmt.Errorf("NetworkConnectivityServiceConnectionPolicy still exists at %s", url)
+			}
+		}
+
+		return nil
+	}
+}