Revert "feat: support new field server_certificate_rotation_mode for SQL inst…" (GoogleCloudPlatform#16398)

Author: shuyama1

mmv1/third_party/terraform/services/sql/resource_sql_database_instance.go.tmpl

@@ -88,7 +88,6 @@ var (
 		"settings.0.ip_configuration.0.ssl_mode",
 		"settings.0.ip_configuration.0.server_ca_mode",
 		"settings.0.ip_configuration.0.server_ca_pool",
-		"settings.0.ip_configuration.0.server_certificate_rotation_mode",
 		"settings.0.ip_configuration.0.custom_subject_alternative_names",
 	}
 
@@ -697,14 +696,6 @@ API (for read pools, effective_availability_type may differ from availability_ty
 										Description:  `The resource name of the server CA pool for an instance with "CUSTOMER_MANAGED_CAS_CA" as the "server_ca_mode".`,
 										AtLeastOneOf: ipConfigurationKeys,
 									},
-									"server_certificate_rotation_mode": {
-										Type:            schema.TypeString,
-										Optional:        true,
-										ValidateFunc:    validation.StringInSlice([]string{"NO_AUTOMATIC_ROTATION", "AUTOMATIC_ROTATION_DURING_MAINTENANCE"}, false),
-										Description:     `Settings for how the server certificate gets rotated.`,
-										AtLeastOneOf:     ipConfigurationKeys,
-										DiffSuppressFunc: serverCertificateRotationModeDiffSuppress,
-									},
 									"custom_subject_alternative_names": {
 										Type:         schema.TypeSet,
 										Optional:     true,
@@ -1885,7 +1876,6 @@ func expandIpConfiguration(configured []interface{}, databaseVersion string) *sq
 		SslMode:                                 _ipConfiguration["ssl_mode"].(string),
 		ServerCaMode:                            _ipConfiguration["server_ca_mode"].(string),
 		ServerCaPool:                            _ipConfiguration["server_ca_pool"].(string),
-		ServerCertificateRotationMode:           _ipConfiguration["server_certificate_rotation_mode"].(string),
 		CustomSubjectAlternativeNames:           tpgresource.ConvertStringArr(_ipConfiguration["custom_subject_alternative_names"].(*schema.Set).List()),
 	}
 }
@@ -2728,15 +2718,6 @@ func databaseVersionDiffSuppress(_, oldVersion, newVersion string, _ *schema.Res
 	return false
 }
 
-func serverCertificateRotationModeDiffSuppress(_, oldMode, newMode string, _ *schema.ResourceData) bool {
-	// If the value is not set in the configuration (new is empty)
-   	// and the API returns the default UNSPECIFIED value, suppress the diff.
-	if newMode == "" && oldMode == "SERVER_CERTIFICATE_ROTATION_MODE_UNSPECIFIED" {
-        	return true
-	}
-    	return false
-}
-
 func resourceSqlDatabaseInstanceDelete(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*transport_tpg.Config)
 	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
@@ -3115,7 +3096,6 @@ func flattenIpConfiguration(ipConfiguration *sqladmin.IpConfiguration, d *schema
 		"ssl_mode":                                      ipConfiguration.SslMode,
 		"server_ca_mode":                                ipConfiguration.ServerCaMode,
 		"server_ca_pool":                                ipConfiguration.ServerCaPool,
-		"server_certificate_rotation_mode":              ipConfiguration.ServerCertificateRotationMode,
 		"custom_subject_alternative_names":		 ipConfiguration.CustomSubjectAlternativeNames,
 	}
 

mmv1/third_party/terraform/services/sql/resource_sql_database_instance_meta.yaml.tmpl

@@ -163,7 +163,6 @@ fields:
   - api_field: 'settings.ipConfiguration.pscConfig.pscEnabled'
   - api_field: 'settings.ipConfiguration.serverCaMode'
   - api_field: 'settings.ipConfiguration.serverCaPool'
-  - api_field: 'settings.ipConfiguration.serverCertificateRotationMode'
   - api_field: 'settings.ipConfiguration.sslMode'
   - api_field: 'settings.locationPreference.followGaeApplication'
   - api_field: 'settings.locationPreference.secondaryZone'

mmv1/third_party/terraform/services/sql/resource_sql_database_instance_test.go.tmpl

@@ -3908,7 +3908,6 @@ func TestAccSqlDatabaseInstance_useInternalCaByDefault(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_ca_mode", "GOOGLE_MANAGED_INTERNAL_CA"),
 					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_ca_pool", ""),
-					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_certificate_rotation_mode", "SERVER_CERTIFICATE_ROTATION_MODE_UNSPECIFIED"),
 				),
 			},
 			{
@@ -3938,7 +3937,6 @@ func TestAccSqlDatabaseInstance_useCasBasedServerCa(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_ca_mode", "GOOGLE_MANAGED_CAS_CA"),
 					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_ca_pool", ""),
-					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_certificate_rotation_mode", "SERVER_CERTIFICATE_ROTATION_MODE_UNSPECIFIED"),
 					resource.TestCheckResourceAttr(resourceName, "dns_names.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "dns_names.0.connection_type", "PUBLIC"),
 					resource.TestCheckResourceAttr(resourceName, "dns_names.0.dns_scope", "INSTANCE"),
@@ -3954,37 +3952,6 @@ func TestAccSqlDatabaseInstance_useCasBasedServerCa(t *testing.T) {
 	})
 }
 
-func TestAccSqlDatabaseInstance_setServerCertRotationMode(t *testing.T) {
-	t.Parallel()
-
-	databaseName := "tf-test-" + acctest.RandString(t, 10)
-	resourceName := "google_sql_database_instance.instance"
-	rotationMode := "AUTOMATIC_ROTATION_DURING_MAINTENANCE"
-
-	acctest.VcrTest(t, resource.TestCase{
-		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
-		CheckDestroy:             testAccSqlDatabaseInstanceDestroyProducer(t),
-
-		Steps: []resource.TestStep{
-			{
-				Config: testGoogleSqlDatabaseInstance_setServerCertRotationMode(databaseName, rotationMode),
-				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_certificate_rotation_mode", rotationMode),
-					resource.TestCheckResourceAttr(resourceName, "settings.0.ip_configuration.0.server_ca_mode", "GOOGLE_MANAGED_CAS_CA"),
-				),
-			},
-			{
-				ResourceName:            resourceName,
-				ImportState:             true,
-				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"deletion_protection"},
-			},
-		},
-	})
-}
-
-
 func TestAccSqlDatabaseInstance_useCustomSubjectAlternateName(t *testing.T) {
 	t.Parallel()
 
@@ -4702,7 +4669,6 @@ resource "google_sql_database_instance" "instance" {
 		ipv4_enabled    = "true"
 		server_ca_mode  = "CUSTOMER_MANAGED_CAS_CA"
 		server_ca_pool  = google_privateca_ca_pool.customer_ca_pool.id
-		server_certificate_rotation_mode = "AUTOMATIC_ROTATION_DURING_MAINTENANCE"
 		custom_subject_alternative_names = ["%{customSan}"]
 	}
   }
@@ -4791,10 +4757,9 @@ resource "google_sql_database_instance" "instance" {
   settings {
 	tier = "db-f1-micro"
 	ip_configuration {
-		ipv4_enabled                     = "true"
-		server_ca_mode                   = "CUSTOMER_MANAGED_CAS_CA"
-		server_ca_pool                   = google_privateca_ca_pool.customer_ca_pool.id
-		server_certificate_rotation_mode = "AUTOMATIC_ROTATION_DURING_MAINTENANCE"
+		ipv4_enabled    = "true"
+		server_ca_mode  = "CUSTOMER_MANAGED_CAS_CA"
+		server_ca_pool  = google_privateca_ca_pool.customer_ca_pool.id
 	}
   }
 
@@ -4821,25 +4786,6 @@ resource "google_sql_database_instance" "instance" {
 `, databaseName, serverCaMode)
 }
 
-func testGoogleSqlDatabaseInstance_setServerCertRotationMode(databaseName, rotationMode string) string {
-        return fmt.Sprintf(`
-resource "google_sql_database_instance" "instance" {
-  name                = "%s"
-  region              = "us-central1"
-  database_version    = "POSTGRES_15"
-  deletion_protection = false
-  settings {
-    tier = "db-f1-micro"
-    ip_configuration {
-      ipv4_enabled    = "true"
-      server_ca_mode  = "GOOGLE_MANAGED_CAS_CA"
-      server_certificate_rotation_mode = "%s"
-    }
-  }
-}
-`, databaseName, rotationMode)
-}
-
 func testGoogleSqlDatabaseInstance_setSslOptionsForPostgreSQL(databaseName string, databaseVersion string, sslMode string) string {
 	return fmt.Sprintf(`
 resource "google_sql_database_instance" "instance" {

mmv1/third_party/terraform/website/docs/r/sql_database_instance.html.markdown

@@ -534,8 +534,6 @@ This setting can be updated, but it cannot be removed after it is set.
 
 * `server_ca_pool` - (Optional) The resource name of the server CA pool for an instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`.
 
-* `server_certificate_rotation_mode` - (Optional) Controls the automatic server certificate rotation feature. Supported values are `NO_AUTOMATIC_ROTATION`and `AUTOMATIC_ROTATION_DURING_MAINTENANCE`. `AUTOMATIC_ROTATION_DURING_MAINTENANCE` can only be set if `server_ca_mode` is either `GOOGLE_MANAGED_CAS_CA` or `CUSTOMER_MANAGED_CAS_CA`. See [API reference doc](https://cloud.google.com/sql/docs/postgres/admin-api/rest/v1/instances#ipconfiguration) for details.
-
 * `custom_subject_alternative_names` - (Optional) The custom subject alternative names for an instance with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`.
 
 * `allocated_ip_range` - (Optional) The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?.