Skip to content

Commit 2e92491

Browse files
owaismawasypandirigoog
owaismawasy
authored and
pandirigoog
committed
Allow setting SSL type on connection profiles (GoogleCloudPlatform#13559)
1 parent a717d19 commit 2e92491

9 files changed

+128
-8
lines changed

mmv1/products/databasemigrationservice/ConnectionProfile.yaml

+33-8
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,32 @@ examples:
7171
- 'postgresql.0.ssl.0.ca_certificate'
7272
- 'postgresql.0.ssl.0.client_certificate'
7373
- 'postgresql.0.ssl.0.client_key'
74+
- name: 'database_migration_service_connection_profile_postgres_no_ssl'
75+
primary_resource_id: 'postgresprofile'
76+
vars:
77+
sqldb: 'my-database'
78+
sqldb_cert: 'my-cert'
79+
sqldb_user: 'my-username'
80+
sqldb_pass: 'my-password'
81+
profile: 'my-profileid'
82+
ignore_read_extra:
83+
- 'postgresql.0.password'
84+
- 'postgresql.0.ssl.0.ca_certificate'
85+
- 'postgresql.0.ssl.0.client_certificate'
86+
- 'postgresql.0.ssl.0.client_key'
87+
- name: 'database_migration_service_connection_profile_postgres_required_ssl'
88+
primary_resource_id: 'postgresprofile'
89+
vars:
90+
sqldb: 'my-database'
91+
sqldb_cert: 'my-cert'
92+
sqldb_user: 'my-username'
93+
sqldb_pass: 'my-password'
94+
profile: 'my-profileid'
95+
ignore_read_extra:
96+
- 'postgresql.0.password'
97+
- 'postgresql.0.ssl.0.ca_certificate'
98+
- 'postgresql.0.ssl.0.client_certificate'
99+
- 'postgresql.0.ssl.0.client_key'
74100
- name: 'database_migration_service_connection_profile_oracle'
75101
primary_resource_id: 'oracleprofile'
76102
vars:
@@ -232,10 +258,11 @@ properties:
232258
type: Enum
233259
description: |
234260
The current connection profile state.
235-
output: true
236261
enum_values:
237262
- 'SERVER_ONLY'
238263
- 'SERVER_CLIENT'
264+
- 'REQUIRED'
265+
- 'NONE'
239266
- name: 'clientKey'
240267
type: String
241268
description: |
@@ -255,9 +282,8 @@ properties:
255282
- name: 'caCertificate'
256283
type: String
257284
description: |
258-
Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
285+
Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
259286
The replica will use this certificate to verify it's connecting to the right host.
260-
required: true
261287
immutable: true
262288
sensitive: true
263289
custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_mysql_ssl_ca_certificate.go.tmpl'
@@ -326,10 +352,11 @@ properties:
326352
type: Enum
327353
description: |
328354
The current connection profile state.
329-
output: true
330355
enum_values:
331356
- 'SERVER_ONLY'
332357
- 'SERVER_CLIENT'
358+
- 'REQUIRED'
359+
- 'NONE'
333360
- name: 'clientKey'
334361
type: String
335362
description: |
@@ -353,9 +380,8 @@ properties:
353380
- name: 'caCertificate'
354381
type: String
355382
description: |
356-
Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
383+
Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
357384
The replica will use this certificate to verify it's connecting to the right host.
358-
required: true
359385
immutable: true
360386
sensitive: true
361387
custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_postgresql_ssl_ca_certificate.go.tmpl'
@@ -456,9 +482,8 @@ properties:
456482
- name: 'caCertificate'
457483
type: String
458484
description: |
459-
Required. Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
485+
Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate.
460486
The replica will use this certificate to verify it's connecting to the right host.
461-
required: true
462487
immutable: true
463488
sensitive: true
464489
custom_flatten: 'templates/terraform/custom_flatten/database_migration_service_connection_profile_oracle_ssl_ca_certificate.go.tmpl'

mmv1/templates/terraform/examples/database_migration_service_connection_profile_cloudsql.tf.tmpl

+1
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ resource "google_database_migration_service_connection_profile" "{{$.PrimaryReso
4444
client_key = google_sql_ssl_cert.sql_client_cert.private_key
4545
client_certificate = google_sql_ssl_cert.sql_client_cert.cert
4646
ca_certificate = google_sql_ssl_cert.sql_client_cert.server_ca_cert
47+
type = "SERVER_CLIENT"
4748
}
4849
cloud_sql_id = "{{index $.Vars "sqldb"}}"
4950
}

mmv1/templates/terraform/examples/database_migration_service_connection_profile_postgres.tf.tmpl

+1
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ resource "google_database_migration_service_connection_profile" "{{$.PrimaryReso
3939
client_key = google_sql_ssl_cert.sql_client_cert.private_key
4040
client_certificate = google_sql_ssl_cert.sql_client_cert.cert
4141
ca_certificate = google_sql_ssl_cert.sql_client_cert.server_ca_cert
42+
type = "SERVER_CLIENT"
4243
}
4344
cloud_sql_id = "{{index $.Vars "sqldb"}}"
4445
}

mmv1/templates/terraform/examples/database_migration_service_connection_profile_postgres_no_ssl.tf.tmpl

+44
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
resource "google_sql_database_instance" "postgresqldb" {
2+
name = "{{index $.Vars "sqldb"}}"
3+
database_version = "POSTGRES_12"
4+
settings {
5+
tier = "db-custom-2-13312"
6+
}
7+
deletion_protection = false
8+
}
9+
10+
resource "google_sql_ssl_cert" "sql_client_cert" {
11+
common_name = "{{index $.Vars "sqldb_cert"}}"
12+
instance = google_sql_database_instance.postgresqldb.name
13+
14+
depends_on = [google_sql_database_instance.postgresqldb]
15+
}
16+
17+
resource "google_sql_user" "sqldb_user" {
18+
name = "{{index $.Vars "sqldb_user"}}"
19+
instance = google_sql_database_instance.postgresqldb.name
20+
password = "{{index $.Vars "sqldb_pass"}}"
21+
22+
23+
depends_on = [google_sql_ssl_cert.sql_client_cert]
24+
}
25+
26+
resource "google_database_migration_service_connection_profile" "{{$.PrimaryResourceId}}" {
27+
location = "us-central1"
28+
connection_profile_id = "{{index $.Vars "profile"}}"
29+
display_name = "{{index $.Vars "profile"}}_display"
30+
labels = {
31+
foo = "bar"
32+
}
33+
postgresql {
34+
host = google_sql_database_instance.postgresqldb.ip_address.0.ip_address
35+
port = 5432
36+
username = google_sql_user.sqldb_user.name
37+
password = google_sql_user.sqldb_user.password
38+
ssl {
39+
type = "NONE"
40+
}
41+
cloud_sql_id = "{{index $.Vars "sqldb"}}"
42+
}
43+
depends_on = [google_sql_user.sqldb_user]
44+
}

mmv1/templates/terraform/examples/database_migration_service_connection_profile_postgres_required_ssl.tf.tmpl

+44
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
resource "google_sql_database_instance" "postgresqldb" {
2+
name = "{{index $.Vars "sqldb"}}"
3+
database_version = "POSTGRES_12"
4+
settings {
5+
tier = "db-custom-2-13312"
6+
}
7+
deletion_protection = false
8+
}
9+
10+
resource "google_sql_ssl_cert" "sql_client_cert" {
11+
common_name = "{{index $.Vars "sqldb_cert"}}"
12+
instance = google_sql_database_instance.postgresqldb.name
13+
14+
depends_on = [google_sql_database_instance.postgresqldb]
15+
}
16+
17+
resource "google_sql_user" "sqldb_user" {
18+
name = "{{index $.Vars "sqldb_user"}}"
19+
instance = google_sql_database_instance.postgresqldb.name
20+
password = "{{index $.Vars "sqldb_pass"}}"
21+
22+
23+
depends_on = [google_sql_ssl_cert.sql_client_cert]
24+
}
25+
26+
resource "google_database_migration_service_connection_profile" "{{$.PrimaryResourceId}}" {
27+
location = "us-central1"
28+
connection_profile_id = "{{index $.Vars "profile"}}"
29+
display_name = "{{index $.Vars "profile"}}_display"
30+
labels = {
31+
foo = "bar"
32+
}
33+
postgresql {
34+
host = google_sql_database_instance.postgresqldb.ip_address.0.ip_address
35+
port = 5432
36+
username = google_sql_user.sqldb_user.name
37+
password = google_sql_user.sqldb_user.password
38+
ssl {
39+
type = "REQUIRED"
40+
}
41+
cloud_sql_id = "{{index $.Vars "sqldb"}}"
42+
}
43+
depends_on = [google_sql_user.sqldb_user]
44+
}

mmv1/templates/terraform/examples/database_migration_service_migration_job_mysql_to_mysql.tf.tmpl

+1
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ resource "google_database_migration_service_connection_profile" "source_cp" {
4242
client_key = google_sql_ssl_cert.source_sql_client_cert.private_key
4343
client_certificate = google_sql_ssl_cert.source_sql_client_cert.cert
4444
ca_certificate = google_sql_ssl_cert.source_sql_client_cert.server_ca_cert
45+
type = "SERVER_CLIENT"
4546
}
4647
cloud_sql_id = "{{index $.Vars "source_csql"}}"
4748
}

mmv1/templates/terraform/examples/database_migration_service_migration_job_postgres_to_alloydb.tf.tmpl

+1
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ resource "google_database_migration_service_connection_profile" "source_cp" {
4242
client_key = google_sql_ssl_cert.source_sql_client_cert.private_key
4343
client_certificate = google_sql_ssl_cert.source_sql_client_cert.cert
4444
ca_certificate = google_sql_ssl_cert.source_sql_client_cert.server_ca_cert
45+
type = "SERVER_CLIENT"
4546
}
4647
cloud_sql_id = "{{index $.Vars "source_csql"}}"
4748
}

mmv1/templates/terraform/examples/database_migration_service_migration_job_postgres_to_postgres.tf.tmpl

+1
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ resource "google_database_migration_service_connection_profile" "source_cp" {
4242
client_key = google_sql_ssl_cert.source_sql_client_cert.private_key
4343
client_certificate = google_sql_ssl_cert.source_sql_client_cert.cert
4444
ca_certificate = google_sql_ssl_cert.source_sql_client_cert.server_ca_cert
45+
type = "SERVER_CLIENT"
4546
}
4647
cloud_sql_id = "{{index $.Vars "source_csql"}}"
4748
}

mmv1/third_party/terraform/services/databasemigrationservice/resource_database_migration_service_migration_job_test.go

+2
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ resource "google_database_migration_service_connection_profile" "source_cp" {
8888
client_key = google_sql_ssl_cert.source_sql_client_cert.private_key
8989
client_certificate = google_sql_ssl_cert.source_sql_client_cert.cert
9090
ca_certificate = google_sql_ssl_cert.source_sql_client_cert.server_ca_cert
91+
type = "SERVER_CLIENT"
9192
}
9293
cloud_sql_id = "tf-test-source-csql%{random_suffix}"
9394
}
@@ -195,6 +196,7 @@ resource "google_database_migration_service_connection_profile" "source_cp" {
195196
client_key = google_sql_ssl_cert.source_sql_client_cert.private_key
196197
client_certificate = google_sql_ssl_cert.source_sql_client_cert.cert
197198
ca_certificate = google_sql_ssl_cert.source_sql_client_cert.server_ca_cert
199+
type = "SERVER_CLIENT"
198200
}
199201
cloud_sql_id = "tf-test-source-csql%{random_suffix}"
200202
}

0 commit comments

Comments
 (0)