Skip to content

feat(alloydb): add write-only password support to google_alloydb_user wt write_only_legacy#15661

Closed
ppluuums-jp wants to merge 6 commits intoGoogleCloudPlatform:mainfrom
ppluuums-jp:feature/alloydb-user-password-write-only
Closed

feat(alloydb): add write-only password support to google_alloydb_user wt write_only_legacy#15661
ppluuums-jp wants to merge 6 commits intoGoogleCloudPlatform:mainfrom
ppluuums-jp:feature/alloydb-user-password-write-only

Conversation

@ppluuums-jp
Copy link

@ppluuums-jp ppluuums-jp commented Nov 9, 2025
edited
Loading

Release Note Template for Downstream PRs (will be copied)

alloydb: added `password_wo` and `password_wo_version` fields to `google_alloydb_user` resource

hashicorp/terraform-provider-google#25089

@ppluuums-jp
feat(alloydb): add write-only password support to google_alloydb_user
57d96f1 
This change adds write-only password support to the google_alloydb_user resource,
enabling users to manage passwords without storing them in Terraform state.

Changes:
- Added write_only: true to password field in User.yaml
- Added test cases for password_wo and password_wo_version fields
- Automatically generates password_wo and password_wo_version fields via MMv1

This enables secure password management with Secret Manager and ephemeral values.
@ppluuums-jp
update: wt write_only_legacy
3866f4a
@ppluuums-jp
chore: remove comment and update ImportStateVerifyIgnore
ad93aa7
@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Nov 9, 2025
@ppluuums-jp ppluuums-jp changed the title Feature/alloydb user password write only feat(alloydb): add write-only password support to google_alloydb_user wt write_only_legacy Nov 9, 2025
@ppluuums-jp ppluuums-jp mentioned this pull request Nov 9, 2025
Closed
@ppluuums-jp ppluuums-jp marked this pull request as ready for review November 10, 2025 08:07
@github-actions
Copy link

github-actions bot commented Nov 10, 2025

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

Googlers: For automatic test runs see go/terraform-auto-test-runs.

@malhotrasagar2212, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

@modular-magician modular-magician added service/alloydb and removed awaiting-approval Pull requests that need reviewer's approval to run presubmit tests labels Nov 10, 2025
@modular-magician
Copy link
Collaborator

modular-magician commented Nov 10, 2025

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 217 insertions(+), 5 deletions(-))
google-beta provider: Diff ( 5 files changed, 217 insertions(+), 5 deletions(-))
terraform-google-conversion: Diff ( 1 file changed, 16 insertions(+))

Breaking Change(s) Detected

The following breaking change(s) were detected within your pull request.

  • Field password_wo_version added as optional with a default value and force new on pre-existing resource google_alloydb_user. This can be allowed if there is a confirmed API-level default that matches the schema default - reference

If you believe this detection to be incorrect please raise the concern with your reviewer.
If you intend to make this change you will need to wait for a major release window.
An override-breaking-change label can be added to allow merging.

@modular-magician
Copy link
Collaborator

modular-magician commented Nov 10, 2025

Tests analytics

Total tests: 88
Passed tests: 82
Skipped tests: 3
Affected tests: 3

Click here to see the affected service packages
  • alloydb

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo
  • TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo_update
  • TestAccAlloydbUser_updateRoles_IAM

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

modular-magician commented Nov 10, 2025

🟢 Tests passed during RECORDING mode:
TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo [Debug log]
TestAccAlloydbUser_alloydbUserBuiltinWithPasswordWo_update [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🔴 Tests failed during RECORDING mode:
TestAccAlloydbUser_updateRoles_IAM [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@github-actions
Copy link

github-actions bot commented Nov 13, 2025

@malhotrasagar2212 This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Nov 16, 2025
@github-actions
Copy link

github-actions bot commented Nov 17, 2025

@GoogleCloudPlatform/terraform-team @malhotrasagar2212 This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Nov 17, 2025
@modular-magician
Copy link
Collaborator

modular-magician commented Nov 17, 2025

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 216 insertions(+), 5 deletions(-))
google-beta provider: Diff ( 5 files changed, 216 insertions(+), 5 deletions(-))
terraform-google-conversion: Diff ( 1 file changed, 16 insertions(+))

@modular-magician
Copy link
Collaborator

modular-magician commented Nov 17, 2025

Tests analytics

Total tests: 88
Passed tests: 85
Skipped tests: 3
Affected tests: 0

Click here to see the affected service packages
  • alloydb

🟢 All tests passed!

View the build log

@modular-magician modular-magician added the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Nov 18, 2025
ppluuums-jp
ppluuums-jp commented Nov 18, 2025
View reviewed changes
mmv1/templates/terraform/custom_flatten/alloydb_user_password.go.tmpl
@@ -0,0 +1,17 @@
{{/*
Copy link
Author

@ppluuums-jp ppluuums-jp Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • write-only fields (password/password_wo) are not in CAI data so standard code generation fails

@modular-magician modular-magician removed the awaiting-approval Pull requests that need reviewer's approval to run presubmit tests label Nov 19, 2025
@modular-magician
Copy link
Collaborator

modular-magician commented Nov 19, 2025

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 213 insertions(+), 5 deletions(-))
google-beta provider: Diff ( 5 files changed, 213 insertions(+), 5 deletions(-))
terraform-google-conversion: Diff ( 8 files changed, 530 insertions(+), 1 deletion(-))

@modular-magician
Copy link
Collaborator

modular-magician commented Nov 19, 2025

Tests analytics

Total tests: 88
Passed tests: 85
Skipped tests: 3
Affected tests: 0

Click here to see the affected service packages
  • alloydb

🟢 All tests passed!

View the build log

@ppluuums-jp ppluuums-jp mentioned this pull request Nov 20, 2025
Merged
@github-actions
Copy link

github-actions bot commented Nov 24, 2025

@GoogleCloudPlatform/terraform-team @malhotrasagar2212 This PR has been waiting for review for 2 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@malhotrasagar2212 malhotrasagar2212 Awaiting requested review from malhotrasagar2212

Assignees

No one assigned

Labels

service/alloydb

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ppluuums-jp @modular-magician