Changes to ancestrymanager logic to parse "parent" field for project, folder and organization asset types.

ancestrymanager/ancestrymanager.go

@@ -146,10 +146,13 @@ func (m *manager) fetchAncestors(config *resources.Config, tfData resources.Terr
 
 	switch cai.Type {
 	case "cloudresourcemanager.googleapis.com/Folder":
-		if !folderOK {
+		if folderOK {
+			key = folderKey
+		} else if orgOK {
+			key = orgKey
+		} else {
 			return []string{"organizations/unknown"}, nil
 		}
-		key = folderKey
 	case "cloudresourcemanager.googleapis.com/Organization":
 		if !orgOK {
 			return nil, fmt.Errorf("organization id not found in terraform data")

ancestrymanager/ancestrymanager_test.go

@@ -395,6 +395,109 @@ func TestGetAncestors(t *testing.T) {
 			wantOnlineError:  true,
 			wantOfflineError: true,
 		},
+		{
+			name: "Org policy v2 on Project",
+			data: tfdata.NewFakeResourceData(
+				"google_org_policy_policy",
+				p.ResourcesMap["google_org_policy_policy"].Schema,
+				map[string]interface{}{
+					"parent": "projects/foo",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Project",
+			},
+			want:       []string{"projects/foo", "folders/bar", "organizations/qux"},
+			wantParent: "//cloudresourcemanager.googleapis.com/folders/bar",
+		},
+		{
+			name: "Org policy v2 on Folder",
+			data: tfdata.NewFakeResourceData(
+				"google_org_policy_policy",
+				p.ResourcesMap["google_org_policy_policy"].Schema,
+				map[string]interface{}{
+					"parent": "folders/bar",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Folder",
+			},
+			want:       []string{"folders/bar", "organizations/qux"},
+			wantParent: "//cloudresourcemanager.googleapis.com/organizations/qux",
+		},
+		{
+			name: "Org policy v2 on Organization",
+			data: tfdata.NewFakeResourceData(
+				"google_org_policy_policy",
+				p.ResourcesMap["google_org_policy_policy"].Schema,
+				map[string]interface{}{
+					"parent": "organizations/qux",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Organization",
+			},
+			want: []string{"organizations/qux"},
+		},
+		{
+			name: "Google folder with organizations/ as {parent}",
+			data: tfdata.NewFakeResourceData(
+				"google_folder",
+				p.ResourcesMap["google_folder"].Schema,
+				map[string]interface{}{
+					"parent": "organizations/qux",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Folder",
+			},
+			want:       []string{"organizations/qux"},
+			wantParent: "//cloudresourcemanager.googleapis.com/organizations/qux",
+		},
+		{
+			name: "Google folder with folders/ as {parent}",
+			data: tfdata.NewFakeResourceData(
+				"google_folder",
+				p.ResourcesMap["google_folder"].Schema,
+				map[string]interface{}{
+					"parent": "folders/bar",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Folder",
+			},
+			want:       []string{"folders/bar", "organizations/qux"},
+			wantParent: "//cloudresourcemanager.googleapis.com/organizations/qux",
+		},
+		{
+			name: "Google folder with both folder_id and parent fields present",
+			data: tfdata.NewFakeResourceData(
+				"google_folder",
+				p.ResourcesMap["google_folder"].Schema,
+				map[string]interface{}{
+					"folder_id": "bar",
+					"parent":    "organizations/qux",
+				},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Folder",
+			},
+			want:       []string{"folders/bar", "organizations/qux"},
+			wantParent: "//cloudresourcemanager.googleapis.com/organizations/qux",
+		},
+		{
+			name: "Google folder with missing parent field",
+			data: tfdata.NewFakeResourceData(
+				"google_folder",
+				p.ResourcesMap["google_folder"].Schema,
+				map[string]interface{}{},
+			),
+			asset: &resources.Asset{
+				Type: "cloudresourcemanager.googleapis.com/Folder",
+			},
+			want:       []string{"organizations/unknown"},
+			wantParent: "//cloudresourcemanager.googleapis.com/organizations/unknown",
+		},
 	}
 	for _, c := range cases {
 		for _, offline := range []bool{true, false} {

ancestrymanager/ancestryutil.go

@@ -79,6 +79,10 @@ func getProjectFromSchema(projectSchemaField string, d resources.TerraformResour
 	if ok && projectSchemaField != "" {
 		return res.(string), nil
 	}
+	res, ok = d.GetOk("parent")
+	if ok && strings.HasPrefix(res.(string), "projects/") {
+		return res.(string), nil
+	}
 	if config.Project != "" {
 		return config.Project, nil
 	}
@@ -91,10 +95,14 @@ func getOrganizationFromResource(tfData resources.TerraformResourceData) (string
 	if ok {
 		return orgID.(string), ok
 	}
+	orgID, ok = tfData.GetOk("parent")
+	if ok && strings.HasPrefix(orgID.(string), "organizations/") {
+		return orgID.(string), ok
+	}
 	return "", false
 }
 
-// getFolderFromResource reads folder_id or folder field from terraform data.
+// getFolderFromResource reads folder_id, folder, parent field from terraform data.
 func getFolderFromResource(tfData resources.TerraformResourceData) (string, bool) {
 	folderID, ok := tfData.GetOk("folder_id")
 	if ok {
@@ -104,6 +112,11 @@ func getFolderFromResource(tfData resources.TerraformResourceData) (string, bool
 	if ok {
 		return folderID.(string), ok
 	}
+
+	folderID, ok = tfData.GetOk("parent")
+	if ok && strings.HasPrefix(folderID.(string), "folders/") {
+		return folderID.(string), ok
+	}
 	return "", false
 }