Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Beta support & Beta feature deny to google_compute_firewall #282

Merged
merged 6 commits into from
Aug 7, 2017
Merged

Add Beta support & Beta feature deny to google_compute_firewall #282

merged 6 commits into from
Aug 7, 2017

Conversation

rileykarson
Copy link
Collaborator

  • Convert google_compute_firewall to a versioned resource with Beta support.
  • Add support for the Beta field deny to google_compute_firewall

deny is not able to be updated by the API yet.

I'm not sure what to do here docs-wise where a Beta feature makes a GA field no longer Required; one of allow or deny is, so I kept allow required in docs and said deny can replace it. Let me know your thoughts.

Fixes #148.
Related to #93

danawillow
danawillow reviewed Aug 7, 2017
View reviewed changes
google/compute_shared_operation.go
@@ -5,6 +5,25 @@ import (
"google.golang.org/api/compute/v1"
)

func computeSharedOperationWait(config *Config, op interface{}, project string, activity string) error {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't have to do this in this PR, but I'd like to see the beta operations get simplified like the v1 ones did

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For sure - what I'd like to do is convert the Operation object to v1 and call the v1 waits, like in #187

Otherwise, we can just copy compute_operation.go again.

google/resource_compute_firewall.go
if err != nil {
return fmt.Errorf("Error deleting firewall: %s", err)
var op interface{}
switch computeApiVersion {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm I wonder- do deletes actually need to be done with a particular version of the api?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm honestly not sure; for now, for completeness for now, I'd like to perform all operations at the resource's API version; we'll be able to bring deletes of versioned resources either down to v1 or up to v0beta every time later, unless we adopt a multiversioned service generated by #240 which makes this mostly a non-issue.

google/resource_compute_firewall.go
@@ -302,11 +457,12 @@ func resourceFirewall(
}

// Build the firewall parameter
return &compute.Firewall{
return &computeBeta.Firewall{
Name: d.Get("name").(string),
Description: d.Get("description").(string),
Network: network.SelfLink,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this self link need to be converted to v1? Also, do we actually need to read the network at both versions or can we just read it at v1 since all we need is the self link?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This variable never gets stored in state, since we do that in Read.

We can just read at v1; done.

google/resource_compute_firewall_test.go Outdated
resource.TestStep{
Config: testAccComputeFirewall_denied(networkName, firewallName),
Check: resource.ComposeTestCheckFunc(
testAccCheckComputeFirewallExists("google_compute_firewall.foobar", &firewall),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want to check that the firewall also has the deny properties we expect?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

danawillow
danawillow approved these changes Aug 7, 2017
View reviewed changes
Copy link
Contributor

@danawillow danawillow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

make testacc TEST=./google TESTARGS='-run=TestAccComputeFirewall'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./google -v -run=TestAccComputeFirewall -timeout 120m
=== RUN   TestAccComputeFirewall_importBasic
--- PASS: TestAccComputeFirewall_importBasic (53.67s)
=== RUN   TestAccComputeFirewall_basic
--- PASS: TestAccComputeFirewall_basic (50.55s)
=== RUN   TestAccComputeFirewall_update
--- PASS: TestAccComputeFirewall_update (85.31s)
=== RUN   TestAccComputeFirewall_noSource
--- PASS: TestAccComputeFirewall_noSource (58.25s)
=== RUN   TestAccComputeFirewall_denied
--- PASS: TestAccComputeFirewall_denied (50.27s)
PASS
ok  	github.com/terraform-providers/terraform-provider-google/google	298.205s

@rileykarson rileykarson merged commit 2d0d8bd into hashicorp:master Aug 7, 2017
z1nkum pushed a commit to z1nkum/terraform-provider-google that referenced this pull request Aug 15, 2017
@rileykarson
Add Beta support & Beta feature deny to google_compute_firewall (hash…
4d33259 
…icorp#282)

* Add versioned Beta support to google_compute_firewall.

* Add Beta support for deny to google_compute_firewall.

* remove extra line:

* make fmt

* Add missing ForceNew fields.

* Respond to review comments testing functionality + reducing network GET to v1
negz pushed a commit to negz/terraform-provider-google that referenced this pull request Oct 17, 2017
@rileykarson
Add Beta support & Beta feature deny to google_compute_firewall (hash…
2fa9703 
…icorp#282)

* Add versioned Beta support to google_compute_firewall.

* Add Beta support for deny to google_compute_firewall.

* remove extra line:

* make fmt

* Add missing ForceNew fields.

* Respond to review comments testing functionality + reducing network GET to v1
chrisst pushed a commit to chrisst/terraform-provider-google that referenced this pull request Nov 9, 2018
@rileykarson
Add Beta support & Beta feature deny to google_compute_firewall (hash…
4530d98 
…icorp#282)

* Add versioned Beta support to google_compute_firewall.

* Add Beta support for deny to google_compute_firewall.

* remove extra line:

* make fmt

* Add missing ForceNew fields.

* Respond to review comments testing functionality + reducing network GET to v1
luis-silva pushed a commit to luis-silva/terraform-provider-google that referenced this pull request May 21, 2019
@modular-magician @chrisst
Specify that attach_disk can be used multiple times (hashicorp#282)
f5ba299 
<!-- This change is generated by MagicModules. -->
/cc @chrisst
@ghost
Copy link

ghost commented Mar 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@danawillow danawillow danawillow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Firewall deny on match
2 participants
@rileykarson @danawillow