All squash support (#15115) (#10711)

[upstream:13543acf88bc044848337e62f8517b72be115c17]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/15115.txt

@@ -0,0 +1 @@
+unknown: All squash support

google-beta/services/netapp/resource_netapp_volume.go

@@ -154,6 +154,11 @@ Format: 'projects/{{projectId}}/locations/{{location}}/backupVaults/{{backupVaul
 										Optional:    true,
 										Description: `Defines the client ingress specification (allowed clients) as a comma separated list with IPv4 CIDRs or IPv4 host addresses.`,
 									},
+									"anon_uid": {
+										Type:        schema.TypeInt,
+										Optional:    true,
+										Description: `An integer representing the anonymous user ID. Range is 0 to 4294967295. Required when 'squash_mode' is 'ROOT_SQUASH' or 'ALL_SQUASH'.`,
+									},
 									"has_root_access": {
 										Type:        schema.TypeString,
 										Optional:    true,
@@ -199,6 +204,12 @@ Format: 'projects/{{projectId}}/locations/{{location}}/backupVaults/{{backupVaul
 										Optional:    true,
 										Description: `Enable to apply the export rule to NFSV4.1 clients.`,
 									},
+									"squash_mode": {
+										Type:         schema.TypeString,
+										Optional:     true,
+										ValidateFunc: verify.ValidateEnum([]string{"NO_ROOT_SQUASH", "ROOT_SQUASH", "ALL_SQUASH", ""}),
+										Description:  `SquashMode defines how remote user privileges are restricted when accessing an NFS export. It controls how the user identities (like root) are mapped to anonymous users to limit access and enforce security. Possible values: ["NO_ROOT_SQUASH", "ROOT_SQUASH", "ALL_SQUASH"]`,
+									},
 								},
 							},
 						},
@@ -1399,6 +1410,8 @@ func flattenNetappVolumeExportPolicyRules(v interface{}, d *schema.ResourceData,
 			"kerberos5i_read_write": flattenNetappVolumeExportPolicyRulesKerberos5iReadWrite(original["kerberos5iReadWrite"], d, config),
 			"kerberos5p_read_only":  flattenNetappVolumeExportPolicyRulesKerberos5pReadOnly(original["kerberos5pReadOnly"], d, config),
 			"kerberos5p_read_write": flattenNetappVolumeExportPolicyRulesKerberos5pReadWrite(original["kerberos5pReadWrite"], d, config),
+			"squash_mode":           flattenNetappVolumeExportPolicyRulesSquashMode(original["squashMode"], d, config),
+			"anon_uid":              flattenNetappVolumeExportPolicyRulesAnonUid(original["anonUid"], d, config),
 		})
 	}
 	return transformed
@@ -1447,6 +1460,27 @@ func flattenNetappVolumeExportPolicyRulesKerberos5pReadWrite(v interface{}, d *s
 	return v
 }
 
+func flattenNetappVolumeExportPolicyRulesSquashMode(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenNetappVolumeExportPolicyRulesAnonUid(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	// Handles the string fixed64 format
+	if strVal, ok := v.(string); ok {
+		if intVal, err := tpgresource.StringToFixed64(strVal); err == nil {
+			return intVal
+		}
+	}
+
+	// number values are represented as float64
+	if floatVal, ok := v.(float64); ok {
+		intVal := int(floatVal)
+		return intVal
+	}
+
+	return v // let terraform core handle it otherwise
+}
+
 func flattenNetappVolumeProtocols(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -2136,6 +2170,20 @@ func expandNetappVolumeExportPolicyRules(v interface{}, d tpgresource.TerraformR
 			transformed["kerberos5pReadWrite"] = transformedKerberos5pReadWrite
 		}
 
+		transformedSquashMode, err := expandNetappVolumeExportPolicyRulesSquashMode(original["squash_mode"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedSquashMode); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["squashMode"] = transformedSquashMode
+		}
+
+		transformedAnonUid, err := expandNetappVolumeExportPolicyRulesAnonUid(original["anon_uid"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedAnonUid); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["anonUid"] = transformedAnonUid
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -2185,6 +2233,14 @@ func expandNetappVolumeExportPolicyRulesKerberos5pReadWrite(v interface{}, d tpg
 	return v, nil
 }
 
+func expandNetappVolumeExportPolicyRulesSquashMode(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandNetappVolumeExportPolicyRulesAnonUid(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandNetappVolumeProtocols(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }

google-beta/services/netapp/resource_netapp_volume_generated_meta.yaml

@@ -20,6 +20,7 @@ fields:
   - field: 'encryption_type'
   - field: 'export_policy.rules.access_type'
   - field: 'export_policy.rules.allowed_clients'
+  - field: 'export_policy.rules.anon_uid'
   - field: 'export_policy.rules.has_root_access'
   - field: 'export_policy.rules.kerberos5_read_only'
   - field: 'export_policy.rules.kerberos5_read_write'
@@ -29,6 +30,7 @@ fields:
   - field: 'export_policy.rules.kerberos5p_read_write'
   - field: 'export_policy.rules.nfsv3'
   - field: 'export_policy.rules.nfsv4'
+  - field: 'export_policy.rules.squash_mode'
   - field: 'has_replication'
   - field: 'hybrid_replication_parameters.cluster_location'
   - field: 'hybrid_replication_parameters.description'