Support container analysis note IAM (#8006) (#1000)

Fixes hashicorp/terraform-provider-google#7745 Signed-off-by: Modular Magician <[email protected]>
GoogleCloudPlatform · May 24, 2023 · 6acb235 · 6acb235
1 parent 336dc6e
commit 6acb235
Show file tree

Hide file tree

Showing 3 changed files with 346 additions and 0 deletions.
diff --git a/tfplan2cai/converters/google/resources/container_analysis_note_iam.go b/tfplan2cai/converters/google/resources/container_analysis_note_iam.go
@@ -0,0 +1,125 @@
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+
+package google
+
+import (
+	"fmt"
+
+	"github.com/GoogleCloudPlatform/terraform-google-conversion/v2/tfplan2cai/converters/google/resources/tpgresource"
+	transport_tpg "github.com/GoogleCloudPlatform/terraform-google-conversion/v2/tfplan2cai/converters/google/resources/transport"
+)
+
+// Provide a separate asset type constant so we don't have to worry about name conflicts between IAM and non-IAM converter files
+const ContainerAnalysisNoteIAMAssetType string = "containeranalysis.googleapis.com/Note"
+
+func resourceConverterContainerAnalysisNoteIamPolicy() ResourceConverter {
+	return ResourceConverter{
+		AssetType:         ContainerAnalysisNoteIAMAssetType,
+		Convert:           GetContainerAnalysisNoteIamPolicyCaiObject,
+		MergeCreateUpdate: MergeContainerAnalysisNoteIamPolicy,
+	}
+}
+
+func resourceConverterContainerAnalysisNoteIamBinding() ResourceConverter {
+	return ResourceConverter{
+		AssetType:         ContainerAnalysisNoteIAMAssetType,
+		Convert:           GetContainerAnalysisNoteIamBindingCaiObject,
+		FetchFullResource: FetchContainerAnalysisNoteIamPolicy,
+		MergeCreateUpdate: MergeContainerAnalysisNoteIamBinding,
+		MergeDelete:       MergeContainerAnalysisNoteIamBindingDelete,
+	}
+}
+
+func resourceConverterContainerAnalysisNoteIamMember() ResourceConverter {
+	return ResourceConverter{
+		AssetType:         ContainerAnalysisNoteIAMAssetType,
+		Convert:           GetContainerAnalysisNoteIamMemberCaiObject,
+		FetchFullResource: FetchContainerAnalysisNoteIamPolicy,
+		MergeCreateUpdate: MergeContainerAnalysisNoteIamMember,
+		MergeDelete:       MergeContainerAnalysisNoteIamMemberDelete,
+	}
+}
+
+func GetContainerAnalysisNoteIamPolicyCaiObject(d tpgresource.TerraformResourceData, config *transport_tpg.Config) ([]Asset, error) {
+	return newContainerAnalysisNoteIamAsset(d, config, expandIamPolicyBindings)
+}
+
+func GetContainerAnalysisNoteIamBindingCaiObject(d tpgresource.TerraformResourceData, config *transport_tpg.Config) ([]Asset, error) {
+	return newContainerAnalysisNoteIamAsset(d, config, expandIamRoleBindings)
+}
+
+func GetContainerAnalysisNoteIamMemberCaiObject(d tpgresource.TerraformResourceData, config *transport_tpg.Config) ([]Asset, error) {
+	return newContainerAnalysisNoteIamAsset(d, config, expandIamMemberBindings)
+}
+
+func MergeContainerAnalysisNoteIamPolicy(existing, incoming Asset) Asset {
+	existing.IAMPolicy = incoming.IAMPolicy
+	return existing
+}
+
+func MergeContainerAnalysisNoteIamBinding(existing, incoming Asset) Asset {
+	return mergeIamAssets(existing, incoming, mergeAuthoritativeBindings)
+}
+
+func MergeContainerAnalysisNoteIamBindingDelete(existing, incoming Asset) Asset {
+	return mergeDeleteIamAssets(existing, incoming, mergeDeleteAuthoritativeBindings)
+}
+
+func MergeContainerAnalysisNoteIamMember(existing, incoming Asset) Asset {
+	return mergeIamAssets(existing, incoming, mergeAdditiveBindings)
+}
+
+func MergeContainerAnalysisNoteIamMemberDelete(existing, incoming Asset) Asset {
+	return mergeDeleteIamAssets(existing, incoming, mergeDeleteAdditiveBindings)
+}
+
+func newContainerAnalysisNoteIamAsset(
+	d tpgresource.TerraformResourceData,
+	config *transport_tpg.Config,
+	expandBindings func(d tpgresource.TerraformResourceData) ([]IAMBinding, error),
+) ([]Asset, error) {
+	bindings, err := expandBindings(d)
+	if err != nil {
+		return []Asset{}, fmt.Errorf("expanding bindings: %v", err)
+	}
+
+	name, err := assetName(d, config, "//containeranalysis.googleapis.com/projects/{{project}}/notes/{{note}}")
+	if err != nil {
+		return []Asset{}, err
+	}
+
+	return []Asset{{
+		Name: name,
+		Type: ContainerAnalysisNoteIAMAssetType,
+		IAMPolicy: &IAMPolicy{
+			Bindings: bindings,
+		},
+	}}, nil
+}
+
+func FetchContainerAnalysisNoteIamPolicy(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (Asset, error) {
+	// Check if the identity field returns a value
+	if _, ok := d.GetOk("note"); !ok {
+		return Asset{}, ErrEmptyIdentityField
+	}
+
+	return fetchIamPolicy(
+		ContainerAnalysisNoteIamUpdaterProducer,
+		d,
+		config,
+		"//containeranalysis.googleapis.com/projects/{{project}}/notes/{{note}}",
+		ContainerAnalysisNoteIAMAssetType,
+	)
+}
diff --git a/tfplan2cai/converters/google/resources/iam_container_analysis_note.go b/tfplan2cai/converters/google/resources/iam_container_analysis_note.go
@@ -0,0 +1,218 @@
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This file is automatically generated by Magic Modules and manual
+//     changes will be clobbered when the file is regenerated.
+//
+//     Please read more about how to change this file in
+//     .github/CONTRIBUTING.md.
+//
+// ----------------------------------------------------------------------------
+
+package google
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/errwrap"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"google.golang.org/api/cloudresourcemanager/v1"
+
+	"github.com/GoogleCloudPlatform/terraform-google-conversion/v2/tfplan2cai/converters/google/resources/tpgiamresource"
+	"github.com/GoogleCloudPlatform/terraform-google-conversion/v2/tfplan2cai/converters/google/resources/tpgresource"
+	transport_tpg "github.com/GoogleCloudPlatform/terraform-google-conversion/v2/tfplan2cai/converters/google/resources/transport"
+)
+
+var ContainerAnalysisNoteIamSchema = map[string]*schema.Schema{
+	"project": {
+		Type:     schema.TypeString,
+		Computed: true,
+		Optional: true,
+		ForceNew: true,
+	},
+	"note": {
+		Type:             schema.TypeString,
+		Required:         true,
+		ForceNew:         true,
+		DiffSuppressFunc: compareSelfLinkOrResourceName,
+	},
+}
+
+type ContainerAnalysisNoteIamUpdater struct {
+	project string
+	note    string
+	d       tpgresource.TerraformResourceData
+	Config  *transport_tpg.Config
+}
+
+func ContainerAnalysisNoteIamUpdaterProducer(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (tpgiamresource.ResourceIamUpdater, error) {
+	values := make(map[string]string)
+
+	project, _ := getProject(d, config)
+	if project != "" {
+		if err := d.Set("project", project); err != nil {
+			return nil, fmt.Errorf("Error setting project: %s", err)
+		}
+	}
+	values["project"] = project
+	if v, ok := d.GetOk("note"); ok {
+		values["note"] = v.(string)
+	}
+
+	// We may have gotten either a long or short name, so attempt to parse long name if possible
+	m, err := tpgresource.GetImportIdQualifiers([]string{"projects/(?P<project>[^/]+)/notes/(?P<note>[^/]+)", "(?P<project>[^/]+)/(?P<note>[^/]+)", "(?P<note>[^/]+)"}, d, config, d.Get("note").(string))
+	if err != nil {
+		return nil, err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &ContainerAnalysisNoteIamUpdater{
+		project: values["project"],
+		note:    values["note"],
+		d:       d,
+		Config:  config,
+	}
+
+	if err := d.Set("project", u.project); err != nil {
+		return nil, fmt.Errorf("Error setting project: %s", err)
+	}
+	if err := d.Set("note", u.GetResourceId()); err != nil {
+		return nil, fmt.Errorf("Error setting note: %s", err)
+	}
+
+	return u, nil
+}
+
+func ContainerAnalysisNoteIdParseFunc(d *schema.ResourceData, config *transport_tpg.Config) error {
+	values := make(map[string]string)
+
+	project, _ := getProject(d, config)
+	if project != "" {
+		values["project"] = project
+	}
+
+	m, err := tpgresource.GetImportIdQualifiers([]string{"projects/(?P<project>[^/]+)/notes/(?P<note>[^/]+)", "(?P<project>[^/]+)/(?P<note>[^/]+)", "(?P<note>[^/]+)"}, d, config, d.Id())
+	if err != nil {
+		return err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &ContainerAnalysisNoteIamUpdater{
+		project: values["project"],
+		note:    values["note"],
+		d:       d,
+		Config:  config,
+	}
+	if err := d.Set("note", u.GetResourceId()); err != nil {
+		return fmt.Errorf("Error setting note: %s", err)
+	}
+	d.SetId(u.GetResourceId())
+	return nil
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) GetResourceIamPolicy() (*cloudresourcemanager.Policy, error) {
+	url, err := u.qualifyNoteUrl("getIamPolicy")
+	if err != nil {
+		return nil, err
+	}
+
+	project, err := tpgresource.GetProject(u.d, u.Config)
+	if err != nil {
+		return nil, err
+	}
+	var obj map[string]interface{}
+
+	userAgent, err := tpgresource.GenerateUserAgentString(u.d, u.Config.UserAgent)
+	if err != nil {
+		return nil, err
+	}
+
+	policy, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    u.Config,
+		Method:    "POST",
+		Project:   project,
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+	})
+	if err != nil {
+		return nil, errwrap.Wrapf(fmt.Sprintf("Error retrieving IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	out := &cloudresourcemanager.Policy{}
+	err = tpgresource.Convert(policy, out)
+	if err != nil {
+		return nil, errwrap.Wrapf("Cannot convert a policy to a resource manager policy: {{err}}", err)
+	}
+
+	return out, nil
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) SetResourceIamPolicy(policy *cloudresourcemanager.Policy) error {
+	json, err := tpgresource.ConvertToMap(policy)
+	if err != nil {
+		return err
+	}
+
+	obj := make(map[string]interface{})
+	obj["policy"] = json
+
+	url, err := u.qualifyNoteUrl("setIamPolicy")
+	if err != nil {
+		return err
+	}
+	project, err := tpgresource.GetProject(u.d, u.Config)
+	if err != nil {
+		return err
+	}
+
+	userAgent, err := tpgresource.GenerateUserAgentString(u.d, u.Config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	_, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    u.Config,
+		Method:    "POST",
+		Project:   project,
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+		Timeout:   u.d.Timeout(schema.TimeoutCreate),
+	})
+	if err != nil {
+		return errwrap.Wrapf(fmt.Sprintf("Error setting IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	return nil
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) qualifyNoteUrl(methodIdentifier string) (string, error) {
+	urlTemplate := fmt.Sprintf("{{ContainerAnalysisBasePath}}%s:%s", fmt.Sprintf("projects/%s/notes/%s", u.project, u.note), methodIdentifier)
+	url, err := tpgresource.ReplaceVars(u.d, u.Config, urlTemplate)
+	if err != nil {
+		return "", err
+	}
+	return url, nil
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) GetResourceId() string {
+	return fmt.Sprintf("projects/%s/notes/%s", u.project, u.note)
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) GetMutexKey() string {
+	return fmt.Sprintf("iam-containeranalysis-note-%s", u.GetResourceId())
+}
+
+func (u *ContainerAnalysisNoteIamUpdater) DescribeResource() string {
+	return fmt.Sprintf("containeranalysis note %q", u.GetResourceId())
+}
diff --git a/tfplan2cai/converters/google/resources/resource_converters.go b/tfplan2cai/converters/google/resources/resource_converters.go
@@ -157,6 +157,9 @@ func ResourceConverters() map[string][]ResourceConverter {
 		"google_compute_subnetwork_iam_policy":                    {resourceConverterComputeSubnetworkIamPolicy()},
 		"google_compute_subnetwork_iam_binding":                   {resourceConverterComputeSubnetworkIamBinding()},
 		"google_compute_subnetwork_iam_member":                    {resourceConverterComputeSubnetworkIamMember()},
+		"google_container_analysis_note_iam_policy":               {resourceConverterContainerAnalysisNoteIamPolicy()},
+		"google_container_analysis_note_iam_binding":              {resourceConverterContainerAnalysisNoteIamBinding()},
+		"google_container_analysis_note_iam_member":               {resourceConverterContainerAnalysisNoteIamMember()},
 		"google_data_catalog_entry_group_iam_policy":              {resourceConverterDataCatalogEntryGroupIamPolicy()},
 		"google_data_catalog_entry_group_iam_binding":             {resourceConverterDataCatalogEntryGroupIamBinding()},
 		"google_data_catalog_entry_group_iam_member":              {resourceConverterDataCatalogEntryGroupIamMember()},