Skip to content

Commit c22a85e

Browse files
ramonvermeulenramonvermeulen
authored
alloydb: added password_wo and password_wo_version fields to google_alloydb_user resource (#15743)
1 parent 6c38c14 commit c22a85e

File tree

3 files changed

+138
-2
lines changed

3 files changed

+138
-2
lines changed

mmv1/api/resource.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -713,6 +713,10 @@ func (r Resource) SettableProperties() []*Type {
713713
return v.UrlParamOnly
714714
})
715715

716+
props = google.Reject(props, func(v *Type) bool {
717+
return v.ClientSide
718+
})
719+
716720
props = google.Reject(props, func(v *Type) bool {
717721
return v.IsA("KeyValueLabels") || v.IsA("KeyValueAnnotations")
718722
})
@@ -884,13 +888,17 @@ func buildWriteOnlyField(name string, versionFieldName string, originalField *Ty
884888
}
885889
options = append(options, propertyWithExactlyOneOfPointer(originalField.ExactlyOneOfGroup))
886890
} else {
891+
newConflicts := deduplicateSliceOfStrings(append([]string{originalFieldLineage}, originalField.Conflicts...))
892+
newConflicts = slices.DeleteFunc(newConflicts, func(s string) bool {
893+
return s == newFieldLineage
894+
})
895+
options = append(options, propertyWithConflicts(newConflicts))
896+
887897
if originalField.ConflictsGroup != nil {
888898
*originalField.ConflictsGroup = deduplicateSliceOfStrings(append(*originalField.ConflictsGroup, newFieldLineage))
889899
} else {
890900
originalField.Conflicts = deduplicateSliceOfStrings(append(originalField.Conflicts, newFieldLineage))
891901
}
892-
newConflicts := deduplicateSliceOfStrings(append([]string{originalFieldLineage}, originalField.Conflicts...))
893-
options = append(options, propertyWithConflicts(newConflicts))
894902
}
895903

896904
if originalField.AtLeastOneOfGroup != nil {

mmv1/products/alloydb/User.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,7 @@ properties:
121121
Password for this database user.
122122
sensitive: true
123123
ignore_read: true
124+
write_only: true
124125
- name: 'databaseRoles'
125126
type: Array
126127
description: |

mmv1/third_party/terraform/services/alloydb/resource_alloydb_user_test.go

Lines changed: 127 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -221,3 +221,130 @@ resource "google_alloydb_user" "user2" {
221221
depends_on = [google_alloydb_instance.default]
222222
}`, context)
223223
}
224+
225+
func TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo(t *testing.T) {
226+
t.Parallel()
227+
228+
context := map[string]interface{}{
229+
"network_name": acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydb-1"),
230+
"random_suffix": acctest.RandString(t, 10),
231+
}
232+
233+
acctest.VcrTest(t, resource.TestCase{
234+
PreCheck: func() { acctest.AccTestPreCheck(t) },
235+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
236+
CheckDestroy: testAccCheckAlloydbUserDestroyProducer(t),
237+
Steps: []resource.TestStep{
238+
{
239+
Config: testAccAlloydbUser_alloydbUserBuiltinWithPasswordWo(context),
240+
Check: resource.ComposeTestCheckFunc(
241+
resource.TestCheckNoResourceAttr("google_alloydb_user.user1", "password_wo"),
242+
resource.TestCheckResourceAttr("google_alloydb_user.user1", "password_wo_version", "1"),
243+
),
244+
},
245+
{
246+
ResourceName: "google_alloydb_user.user1",
247+
ImportState: true,
248+
ImportStateVerify: true,
249+
ImportStateVerifyIgnore: []string{"password"},
250+
},
251+
},
252+
})
253+
}
254+
255+
func testAccAlloydbUser_alloydbUserBuiltinWithPasswordWo(context map[string]interface{}) string {
256+
return acctest.Nprintf(`
257+
resource "google_alloydb_instance" "default" {
258+
cluster = google_alloydb_cluster.default.name
259+
instance_id = "tf-test-alloydb-instance%{random_suffix}"
260+
instance_type = "PRIMARY"
261+
}
262+
resource "google_alloydb_cluster" "default" {
263+
cluster_id = "tf-test-alloydb-cluster%{random_suffix}"
264+
location = "us-central1"
265+
network_config {
266+
network = data.google_compute_network.default.id
267+
}
268+
initial_user {
269+
password = "tf_test_cluster_secret%{random_suffix}"
270+
}
271+
deletion_protection = false
272+
}
273+
data "google_project" "project" {}
274+
data "google_compute_network" "default" {
275+
name = "%{network_name}"
276+
}
277+
resource "google_alloydb_user" "user1" {
278+
cluster = google_alloydb_cluster.default.name
279+
user_id = "user1%{random_suffix}"
280+
user_type = "ALLOYDB_BUILT_IN"
281+
password_wo = "tf_test_user_secret%{random_suffix}"
282+
password_wo_version = 1
283+
database_roles = ["alloydbsuperuser"]
284+
depends_on = [google_alloydb_instance.default]
285+
}`, context)
286+
}
287+
288+
func TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo_update(t *testing.T) {
289+
t.Parallel()
290+
291+
context := map[string]interface{}{
292+
"network_name": acctest.BootstrapSharedServiceNetworkingConnection(t, "alloydb-1"),
293+
"random_suffix": acctest.RandString(t, 10),
294+
}
295+
296+
acctest.VcrTest(t, resource.TestCase{
297+
PreCheck: func() { acctest.AccTestPreCheck(t) },
298+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
299+
CheckDestroy: testAccCheckAlloydbUserDestroyProducer(t),
300+
Steps: []resource.TestStep{
301+
{
302+
Config: testAccAlloydbUser_alloydbUserBuiltinWithPasswordWo(context),
303+
Check: resource.ComposeTestCheckFunc(
304+
resource.TestCheckNoResourceAttr("google_alloydb_user.user1", "password_wo"),
305+
resource.TestCheckResourceAttr("google_alloydb_user.user1", "password_wo_version", "1"),
306+
),
307+
},
308+
{
309+
Config: testAccAlloydbUser_alloydbUserBuiltinWithPasswordWo_update(context),
310+
Check: resource.ComposeTestCheckFunc(
311+
resource.TestCheckNoResourceAttr("google_alloydb_user.user1", "password_wo"),
312+
resource.TestCheckResourceAttr("google_alloydb_user.user1", "password_wo_version", "2"),
313+
),
314+
},
315+
},
316+
})
317+
}
318+
319+
func testAccAlloydbUser_alloydbUserBuiltinWithPasswordWo_update(context map[string]interface{}) string {
320+
return acctest.Nprintf(`
321+
resource "google_alloydb_instance" "default" {
322+
cluster = google_alloydb_cluster.default.name
323+
instance_id = "tf-test-alloydb-instance%{random_suffix}"
324+
instance_type = "PRIMARY"
325+
}
326+
resource "google_alloydb_cluster" "default" {
327+
cluster_id = "tf-test-alloydb-cluster%{random_suffix}"
328+
location = "us-central1"
329+
network_config {
330+
network = data.google_compute_network.default.id
331+
}
332+
initial_user {
333+
password = "tf_test_cluster_secret%{random_suffix}"
334+
}
335+
deletion_protection = false
336+
}
337+
data "google_project" "project" {}
338+
data "google_compute_network" "default" {
339+
name = "%{network_name}"
340+
}
341+
resource "google_alloydb_user" "user1" {
342+
cluster = google_alloydb_cluster.default.name
343+
user_id = "user1%{random_suffix}"
344+
user_type = "ALLOYDB_BUILT_IN"
345+
password_wo = "tf_test_user_updated_secret%{random_suffix}"
346+
password_wo_version = 2
347+
database_roles = ["alloydbsuperuser"]
348+
depends_on = [google_alloydb_instance.default]
349+
}`, context)
350+
}

0 commit comments

Comments
 (0)