When specifying a single port in port_range, the API would accept it as
input, but would return it as {PORT}-{PORT}. Terraform would then see
this as different, even though (semantically) it's the same.
This commit adds a test that exposes the diff cycle created by this, and
an inline DiffSuppressFunc to resolve it.
Fixes#9051.
* Make our regexes more permissive (though still separated out for
readability, despite being identical)
* Add a helper that will improve readability while sanity testing our
regex results.
* WIP: added a new resource type : google_compute_snapshot
* [WIP]: added a test acceptance for google_compute_snapshot
* Cleanup
* Minor correction : "Deleting disk" message in Delete method
* Error in merge action
* Error in merge action
Google Container Engine's cluster API returned instance group manager
URLs when it meant to return instance group URLs. See #4336 for details
about the bug.
While this is undeniably an upstream problem, this PR:
* detects the error, meaning it will work as expected when the API is
fixed.
* corrects the error by requesting the instance group manager, then
retrieving its instance group URL, and using that instead.
* adds a test that exercises the error and the solution, to ensure it is
functioning properly.
To aid in tracking down the error that's causing
TestAccGoogleSqlDatabaseInstance_basic to fail (it's claiming an op
can't be found?) I've added the op name (which is unique) to the error
output for op errors.
Our GCP storage tests are really flaky right now due to rate limiting.
In theory, this could also impact Terraform users that are
deleting/creating large numbers of Google Cloud Storage buckets at once.
To fix, I'm detecting the specific error code that GCP returns when it's
a rate limit error, and using that with resource.Retry to try the
request again.
When comparing the config and state for google_project_iam_policy,
always merge the bindings down to a common representation, to avoid a
perpetual diff.
Fixes#11763.
Add tests that ensure that image syntax resolves to API input the way we
want it to.
Add a lot of different input forms for images, to more closely map to
what the API accepts, so anything that's valid input to the API should
also be valid input in a config.
Stop resolving image families to specific image URLs, allowing things
like instance templates to evolve over time as new images are pushed.
* Vendor google.golang.org/api/cloudbilling/v1
* providers/google: Add cloudbilling client
* providers/google: google_project supports billing account
This change allows a Terraform user to set and update the billing
account associated with their project.
* providers/google: Testing project billing account
This change adds optional acceptance tests for project billing accounts.
GOOGLE_PROJECT_BILLING_ACCOUNT and GOOGLE_PROJECT_BILLING_ACCOUNT_2
must be set in the environment for the tests to run; otherwise, they
will be skipped.
Also includes a few code cleanups per review.
* providers/google: Improve project billing error message
* provider/google-cloud: Add maintenance window
Allows specification of the `maintenance_window` within the `settings`
block. This controls when Google will restart a database in order to
apply updates. It is also possible to select an `update_track` to
relatively control updating between instances in the same project.
* Adjustments as suggested in code review.
Our delete operation for google_compute_project_metadata didn't check an
error when making the call to delete metadata, which led to a panic in
our tests. This is also probably indicative of why our tests
failed/metadata got left dangling.
Our DNS tests were using terraform.test as a DNS name, which GCP was
erroring on, as we haven't proven we own the domain (and can't, as we
don't). To solve this, I updated the tests to use hashicorptest.com,
which we _do_ own, and which we have proven ownership of. The tests now
pass.
This changes removes read of the deprecated `policy_data` attr in
the `google_project` resource.
0.8.5 introduced new behavior that incorrectly read the `policy_data`
field during the read lifecycle event. This caused Terraform to
assume it owned not just policy defined in the data source, but
everything that was associated with the project. Migrating from 0.8.4
to 0.8.5, this would cause the config (partial) to be compared to the
state (complete, as it was read from the API) and assume some
policies had been explicitly deleted. Terraform would then delete them.
Fixes#11556
Cloud SQL Gen 2 instances come with a default 'root'@'%' user on
creation. This change automatically deletes that user after creation. A
Terraform user must use the google_sql_user to create a user with
appropriate host and password.
Add support for creating, updating, and deleting projects, as well as
their enabled services and their IAM policies.
Various concessions were made for backwards compatibility, and will be
removed in 0.9 or 0.10.
* removes region param from backend_service
- this param was not being used in this service
- you need a regional_backend_service if you want to pass this
* deprecated region instead of outright removing
* put session affinity formatting back
* providers/google: add support for encrypting a disk
* providers/google: Add docs for encrypting disks
* providers/google: CSEK small fixes: sensitive params and mismatched state files
* Add subnetwork_project field to allow for XPN in GCE instance templates
* Missing os import
* Removing unneeded check
* fix formatting
* Add subnetwork_project to read
As brought up in #10174, our update_strategy property for instance group
managers in GCP would always be set to "RESTART" on read, even if the
user asked for them to be "NONE" in the config.
This adds a test to ensure that the user wishes were respected, which
fails until we check for update_strategy in the ResourceData before we
update it within the Read function. Because the update_strategy property
doesn't map to anything in the API, we never need to read it from
anywhere but the config, which means the ResourceData should be
considered authoritative by the time we get to the Read function.
The fix for this was provided by @JDiPierro in #10198 originally, but
was missing tests, so it got squashed into this.
A new create_timeout attribute was added that had some backwards
incompatibilities, and as per discussion in #10823, it was determined we
could make upgrading to 0.8.x easier by fixing them, without really
losing any functionality.
Because create_timeout is not something stored or transmitted to the
API, it's not something we need a ForceNew on. Also, because an update
wouldn't result in an API call, we can add a state migration to avoid a
false positive diff that requires people to plan and apply but doesn't
actually make an API call.
Update our instance template to include metadata_startup_script, to
match our instance resource. Also, we've resolved the diff errors around
metadata.startup-script, and people want to use that to create startup
scripts that don't force a restart when they're changed, so let's stop
disallowing it.
Also, we had a bunch of calls to `schema.ResourceData.Set` that ignored
the errors, so I added error handling for those calls. It's mostly
bundled with this code because I couldn't be sure whether it was the
root of bugs or not, so I took care of it while addressing the startup
script issue.
This change doesn't make much sense now, as projects are read-only
anyways, so there's not a lot that importing really does for you--you
can already reference pre-existing projects just by defining them in
your config.
But as we discussed #10425, this change made more and more sense. In a
world where projects can be created, we can no longer reference
pre-existing projects just by defining them in config. We get that
ability back by making projects importable.
Google's Backend Services gives users control over the session affinity modes.
Let's allow Terraform users to leverage this option.
We don't change the default value ("NONE", as provided by Google).
When configuring an instance's attached disk, if the attached disk has
both the disk and type attributes set, it would previously cause
terraform to crash with a nil pointer exception. The root cause was that
we only instantiate the InitializeParams property of the disk if its
disk attribute isn't set, and we try to write to the InitializeParams
property when the type attribute is set. So setting both caused the
InitializeParams property to not be initialized, then written to.
Now we throw an error explaining that the configuration can't have both
the disk and the type set.
Fixes#6495.
* provider/google Document MySQL versions for second generation instances
Google Cloud SQL has first-gen and second-gen instances with different
supported versions of MySQL.
* provider/google Increase SQL Admin operation timeout to 10 minutes
Creating SQL instances for MySQL 5.7 can take over 7 minutes,
so the timeout needs to be increased to allow the
google_sql_database_instance resource to successfully create.
This commit tests whether an interface is nil before type asserting it
to string - this should fix the panic reported in #8609.
We also clean up the schema definition to the newer style without
redundant type declarations.
This change adds a data source to allow declaring IAM policies, as well as a
new resource to represent an existing GCP project. The project resource may
reference an IAM policy, allowing a user to set project-wide permissions.
This fix changes acceptance tests for VPN tunnel to use the correct ports (UDP
500 and 4500). It also changes the documentation to demonstrate using these
port single ports in a `port_range` field.
Some google resources required network be refernced by resource URL (aka self_link), while others required network name.
This change allows either to be supplied.
DRY it out, and add a fix for #5552.
This commit cleans up the google_compute_firewall resource to the Go
1.5+ style of not requiring map values to declare their type if they can
be inferred.
As part of Terraform 0.7.1 it was observed in issue #8345 that the state
migration for google_compute_firewall did not appear to be running,
causing a panic when an uninitialized member was read. This commit hooks
up the state migration function (which _was_ independently unit tested
but was not actually in place).
There is currently no good test framework for this, I will address this
issue in a future RFC.
* providers/google: Add google_compute_image resource
This change introduces the google_compute_image resource, which allows
Terraform users to create a bootable VM image from a raw disk tarball
stored in Google Cloud Storage. The google_compute_image resource
may be referenced as a boot image for a google_compute_instance.
* providers/google: Support family property in google_compute_image
* provider/google: Idiomatic checking for presence of config val
* vendor: Update Google client libraries