Adds RolloutKind provider for SaasRuntime (#15124)

Author: g-dreva

mmv1/products/saasservicemgmt/RolloutKind.yaml

@@ -0,0 +1,145 @@
+# Copyright 2025 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: RolloutKind
+description: A RolloutKind is a reusable configuration resource that defines the policies, strategies, and targeting for Rollout operations. It acts as a template for repeatable Rollouts, providing guardrails and ensuring that updates are executed in a consistent manner across a fleet of Units.
+base_url: projects/{{project}}/locations/{{location}}/rolloutKinds
+update_mask: true
+self_link: projects/{{project}}/locations/{{location}}/rolloutKinds/{{rollout_kind_id}}
+create_url: projects/{{project}}/locations/{{location}}/rolloutKinds?rolloutKindId={{rollout_kind_id}}
+update_verb: PATCH
+id_format: projects/{{project}}/locations/{{location}}/rolloutKinds/{{rollout_kind_id}}
+import_format:
+  - projects/{{project}}/locations/{{location}}/rolloutKinds/{{rollout_kind_id}}
+min_version: beta
+examples:
+  - name: saas_runtime_rollout_kind_basic
+    primary_resource_id: "example"
+    min_version: "beta"
+    vars:
+      saas_name: example-saas
+      unitkind_name: example-unitkind
+      rolloutkind_name: example-rolloutkind
+    bootstrap_iam:
+      - member: "serviceAccount:service-{project_number}@gcp-sa-saasservicemgmt.iam.gserviceaccount.com"
+        role: "roles/saasservicemgmt.serviceAgent"
+autogen_async: false
+autogen_status: Um9sbG91dEtpbmQ=
+parameters:
+  - name: location
+    type: String
+    description: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: rolloutKindId
+    type: String
+    description: The ID value for the new rollout kind.
+    immutable: true
+    url_param_only: true
+    required: true
+properties:
+  - name: annotations
+    type: KeyValueAnnotations
+    description: |-
+      Annotations is an unstructured key-value map stored with a resource that
+      may be set by external tools to store and retrieve arbitrary metadata.
+      They are not queryable and should be preserved when modifying objects.
+
+      More info: https://kubernetes.io/docs/user-guide/annotations
+  - name: createTime
+    type: String
+    description: The timestamp when the resource was created.
+    output: true
+  - name: errorBudget
+    type: NestedObject
+    description: |-
+      The configuration for error budget. If the number of failed units exceeds
+      max(allowed_count, allowed_ratio * total_units), the rollout will be paused.
+    properties:
+      - name: allowedCount
+        type: Integer
+        description: |-
+          The maximum number of failed units allowed in a location without pausing
+          the rollout.
+      - name: allowedPercentage
+        type: Integer
+        description: |-
+          The maximum percentage of units allowed to fail (0, 100] within a location
+          without pausing the rollout.
+  - name: labels
+    type: KeyValueLabels
+    description: |-
+      The labels on the resource, which can be used for categorization.
+      similar to Kubernetes resource labels.
+  - name: name
+    type: String
+    description: |-
+      Identifier. The resource name (full URI of the resource) following the standard naming
+      scheme:
+
+      "projects/{project}/locations/{location}/rolloutKinds/{rollout_kind_id}"
+    output: true
+  - name: rolloutOrchestrationStrategy
+    type: String
+    description: |-
+      The strategy used for executing a Rollout. This is a required field.
+
+      There are two supported values strategies which are used to control a rollout.
+      - "Google.Cloud.Simple.AllAtOnce"
+      - "Google.Cloud.Simple.OneLocationAtATime"
+
+      A rollout with one of these simple strategies will rollout across
+      all locations defined in the associated UnitKind's Saas Locations.
+  - name: uid
+    type: String
+    description: |-
+      The unique identifier of the resource. UID is unique in the time
+      and space for this resource within the scope of the service. It is
+      typically generated by the server on successful creation of a resource
+      and must not be changed. UID is used to uniquely identify resources
+      with resource name reuses. This should be a UUID4.
+    output: true
+  - name: unitFilter
+    type: String
+    description: |-
+      CEL(https://github.com/google/cel-spec) formatted filter string against
+      Unit. The filter will be applied to determine the eligible unit population.
+      This filter can only reduce, but not expand the scope of the rollout.
+  - name: unitKind
+    type: String
+    description: |-
+      UnitKind that this rollout kind corresponds to. Rollouts stemming from this
+      rollout kind will target the units of this unit kind. In other words, this
+      defines the population of target units to be upgraded by rollouts.
+    immutable: true
+    required: true
+  - name: updateTime
+    type: String
+    description: |-
+      The timestamp when the resource was last updated. Any
+      change to the resource made by users must refresh this value.
+      Changes to a resource made by the service should refresh this value.
+    output: true
+  - name: updateUnitKindStrategy
+    type: Enum
+    description: |-
+      The config for updating the unit kind. By default, the unit kind will be
+      updated on the rollout start.
+      Possible values:
+      UPDATE_UNIT_KIND_STRATEGY_ON_START
+      UPDATE_UNIT_KIND_STRATEGY_NEVER
+    enum_values:
+      - "UPDATE_UNIT_KIND_STRATEGY_ON_START"
+      - "UPDATE_UNIT_KIND_STRATEGY_NEVER"

mmv1/templates/terraform/examples/saas_runtime_rollout_kind_basic.tf.tmpl

@@ -0,0 +1,29 @@
+resource "google_saas_runtime_saas" "example_saas" {
+  provider = google-beta
+  saas_id  = "{{index $.Vars "saas_name"}}"
+  location = "global"
+
+  locations {
+    name = "us-central1"
+  }
+}
+
+resource "google_saas_runtime_unit_kind" "example_unitkind" {
+  provider     = google-beta
+  location     = "global"
+  unit_kind_id = "{{index $.Vars "unitkind_name"}}"
+  saas         = google_saas_runtime_saas.example_saas.id
+}
+
+resource "google_saas_runtime_rollout_kind" "{{$.PrimaryResourceId}}" {
+  provider          = google-beta
+  location          = "global"
+  rollout_kind_id   = "{{index $.Vars "rolloutkind_name"}}"
+  unit_kind         = google_saas_runtime_unit_kind.example_unitkind.id
+
+  rollout_orchestration_strategy = "Google.Cloud.Simple.OneLocationAtATime"
+  error_budget {
+    allowed_count = 1
+  }
+  unit_filter = "unit.labels['key1'] == 'value1'"
+}

mmv1/third_party/terraform/services/saasruntime/resource_saas_runtime_rollout_kind_test.go.tmpl

@@ -0,0 +1,134 @@
+package saasruntime_test
+
+{{ if ne $.TargetVersionName `ga` -}}
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-plugin-testing/plancheck"
+
+	"github.com/hashicorp/terraform-provider-google/google/acctest"
+)
+
+func TestAccSaasRuntimeRolloutKind_update(t *testing.T) {
+	t.Parallel()
+	acctest.BootstrapIamMembers(t, []acctest.IamMember{
+		{
+			Member: "serviceAccount:service-{project_number}@gcp-sa-saasservicemgmt.iam.gserviceaccount.com",
+			Role:   "roles/saasservicemgmt.serviceAgent",
+		},
+	})
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSaasRuntimeRolloutKind_basic(context),
+			},
+			{
+				ResourceName:            "google_saas_runtime_rollout_kind.example",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"annotations", "labels", "location", "rollout_kind_id", "terraform_labels"},
+			},
+			{
+				Config: testAccSaasRuntimeRolloutKind_update(context),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_saas_runtime_rollout_kind.example", plancheck.ResourceActionUpdate),
+					},
+				},
+			},
+			{
+				ResourceName:            "google_saas_runtime_rollout_kind.example",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"annotations", "labels", "location", "rollout_kind_id", "terraform_labels"},
+			},
+		},
+	})
+}
+
+func testAccSaasRuntimeRolloutKind_basic(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_saas_runtime_saas" "example_saas" {
+  provider = google-beta
+  saas_id  = "tf-test-example-saas%{random_suffix}"
+  location = "global"
+
+  locations {
+    name = "us-central1"
+  }
+}
+
+resource "google_saas_runtime_unit_kind" "example_unitkind" {
+  provider     = google-beta
+  location     = "global"
+  unit_kind_id = "tf-test-example-unitkind%{random_suffix}"
+  saas         = google_saas_runtime_saas.example_saas.id
+}
+
+resource "google_saas_runtime_rollout_kind" "example" {
+  provider          = google-beta
+  location          = "global"
+  rollout_kind_id   = "tf-test-example-rolloutkind%{random_suffix}"
+  unit_kind         = google_saas_runtime_unit_kind.example_unitkind.id
+
+  rollout_orchestration_strategy = "Google.Cloud.Simple.OneLocationAtATime"
+  error_budget {
+    allowed_count = 1
+  }
+  update_unit_kind_strategy = "UPDATE_UNIT_KIND_STRATEGY_ON_START"
+  unit_filter = "unit.labels['key1'] == 'value1'"
+}
+`, context)
+}
+
+func testAccSaasRuntimeRolloutKind_update(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_saas_runtime_saas" "example_saas" {
+  provider = google-beta
+  saas_id  = "tf-test-example-saas%{random_suffix}"
+  location = "global"
+
+  locations {
+    name = "us-central1"
+  }
+}
+
+resource "google_saas_runtime_unit_kind" "example_unitkind" {
+  provider     = google-beta
+  location     = "global"
+  unit_kind_id = "tf-test-example-unitkind%{random_suffix}"
+  saas         = google_saas_runtime_saas.example_saas.id
+}
+
+resource "google_saas_runtime_rollout_kind" "example" {
+  provider          = google-beta
+  location          = "global"
+  rollout_kind_id   = "tf-test-example-rolloutkind%{random_suffix}"
+  unit_kind         = google_saas_runtime_unit_kind.example_unitkind.id
+
+  rollout_orchestration_strategy = "Google.Cloud.Simple.AllAtOnce"
+  error_budget {
+    allowed_percentage = 10
+  }
+  unit_filter = "unit.labels['key2'] == 'value2'"
+  update_unit_kind_strategy = "UPDATE_UNIT_KIND_STRATEGY_NEVER"
+  labels = {
+    updated = "true"
+  }
+  annotations = {
+    "annotation-one": "bar"
+  }
+}
+`, context)
+}
+
+{{- end }}