Add update support to serverTlsPolicy field in region_target_https_proxy (GoogleCloudPlatform#11184)

gservat · rainshen49 · commit 73b85fbba871 · 2024-08-12T13:52:25.000-04:00
diff --git a/mmv1/products/compute/RegionTargetHttpsProxy.yaml b/mmv1/products/compute/RegionTargetHttpsProxy.yaml
@@ -204,3 +204,13 @@ properties:
       INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
       loadBalancingScheme consult ServerTlsPolicy documentation.
       If left blank, communications are not encrypted.
+
+      If you remove this field from your configuration at the same time as
+      deleting or recreating a referenced ServerTlsPolicy resource, you will
+      receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+      within the ServerTlsPolicy resource to avoid this.
+    update_id: 'serverTlsPolicy'
+    fingerprint_name: 'fingerprint'
+    update_verb: :PATCH
+    update_url:
+      'projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}'
diff --git a/mmv1/templates/terraform/encoders/compute_region_target_https_proxy.go.erb b/mmv1/templates/terraform/encoders/compute_region_target_https_proxy.go.erb
@@ -7,4 +7,12 @@ if _, ok := obj["certificateManagerCertificates"]; ok {
 	obj["sslCertificates"] = obj["certificateManagerCertificates"]
 	delete(obj, "certificateManagerCertificates")
 }
-return obj, nil
+
+// Send null if serverTlsPolicy is not set. Without this, Terraform would not send any value for `serverTlsPolicy`
+// in the "PATCH" payload so if you were to remove a server TLS policy from a target HTTPS proxy, it would NOT remove
+// the association.
+if _, ok := obj["serverTlsPolicy"]; !ok {
+	obj["serverTlsPolicy"] = nil
+}
+
+return obj, nil
diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_region_target_https_proxy_test.go.erb b/mmv1/third_party/terraform/services/compute/resource_compute_region_target_https_proxy_test.go.erb
