Add support for Network Endpoint Group to use serverlessDeployment for API Gateway (#5434) (#4041)

* initial creation of google-beta file .erb file for network endpoint groups

* Add support for serverless Network Endpoint Groups to use property serverlessDeployment

* Update serverless_deployment fields to accurately represent current state, which only provides support for API Gateway

* Added tests

* update files to autogenerate serverlessDeployment option for Network Endpoint Groups

* Remove manually created resource_compute_network_endpoint_group file so it can be autogenerated

* Add tag to mark serverlessDeployment to be available only via beta client

* Rename test file to allow for embedded ruby

* New tests should be in a resource_compute_region_network_endpoint_group_test.go.erb file, not resource_compute_network_endpoint_group_test.go.erb

* Use Cloud Run resources based off of auto-generated unit tests

* Spin up a new API Gateway resource to connect with Serverless NEG

* Remove requirement to provide resource field, and update url_mask to use <gateway> label to specify >1 endpoints

* Fix url_mask to parse out intended endpoint from gateway

* typo fix

* Conditional imports for beta usage

* Update naming conventions used in test

* update api config name

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/5434.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+compute: Added field `serverless_deployment` to `google_compute_network_endpoint_group` (beta only) for API Gateway resources
+```

google-beta/resource_compute_region_network_endpoint_group.go

@@ -64,7 +64,7 @@ character, which cannot be a dash.`,
 				Optional: true,
 				ForceNew: true,
 				Description: `Only valid when networkEndpointType is "SERVERLESS".
-Only one of cloud_run, app_engine or cloud_function may be set.`,
+Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.`,
 				MaxItems: 1,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
@@ -99,14 +99,14 @@ Example value: "v1", "v2".`,
 						},
 					},
 				},
-				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run"},
+				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run", "serverless_deployment"},
 			},
 			"cloud_function": {
 				Type:     schema.TypeList,
 				Optional: true,
 				ForceNew: true,
 				Description: `Only valid when networkEndpointType is "SERVERLESS".
-Only one of cloud_run, app_engine or cloud_function may be set.`,
+Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.`,
 				MaxItems: 1,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
@@ -134,14 +134,14 @@ will parse them to { function = "function1" } and { function = "function2" } res
 						},
 					},
 				},
-				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run"},
+				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run", "serverless_deployment"},
 			},
 			"cloud_run": {
 				Type:     schema.TypeList,
 				Optional: true,
 				ForceNew: true,
 				Description: `Only valid when networkEndpointType is "SERVERLESS".
-Only one of cloud_run, app_engine or cloud_function may be set.`,
+Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.`,
 				MaxItems: 1,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
@@ -179,7 +179,7 @@ and { service="bar2", tag="foo2" } respectively.`,
 						},
 					},
 				},
-				ExactlyOneOf: []string{"cloud_run", "cloud_function", "app_engine"},
+				ExactlyOneOf: []string{"cloud_run", "cloud_function", "app_engine", "serverless_deployment"},
 			},
 			"description": {
 				Type:     schema.TypeString,
@@ -196,6 +196,50 @@ you create the resource.`,
 				Description:  `Type of network endpoints in this network endpoint group. Defaults to SERVERLESS Default value: "SERVERLESS" Possible values: ["SERVERLESS"]`,
 				Default:      "SERVERLESS",
 			},
+			"serverless_deployment": {
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
+				Description: `Only valid when networkEndpointType is "SERVERLESS".
+Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.`,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"platform": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+							Description: `The platform of the NEG backend target(s). Possible values:
+API Gateway: apigateway.googleapis.com`,
+						},
+						"url_mask": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+							Description: `A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
+on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
+The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
+App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag`,
+						},
+						"resource": {
+							Type:     schema.TypeString,
+							Optional: true,
+							ForceNew: true,
+							Description: `The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask.
+The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name,
+Cloud Functions: The function name, Cloud Run: The service name`,
+						},
+						"version": {
+							Type:     schema.TypeString,
+							Optional: true,
+							ForceNew: true,
+							Description: `The optional resource version. The version identified by this value is platform-specific and is follows:
+API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag`,
+						},
+					},
+				},
+				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run", "serverless_deployment"},
+			},
 			"project": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -255,6 +299,12 @@ func resourceComputeRegionNetworkEndpointGroupCreate(d *schema.ResourceData, met
 	} else if v, ok := d.GetOkExists("cloud_function"); !isEmptyValue(reflect.ValueOf(cloudFunctionProp)) && (ok || !reflect.DeepEqual(v, cloudFunctionProp)) {
 		obj["cloudFunction"] = cloudFunctionProp
 	}
+	serverlessDeploymentProp, err := expandComputeRegionNetworkEndpointGroupServerlessDeployment(d.Get("serverless_deployment"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("serverless_deployment"); !isEmptyValue(reflect.ValueOf(serverlessDeploymentProp)) && (ok || !reflect.DeepEqual(v, serverlessDeploymentProp)) {
+		obj["serverlessDeployment"] = serverlessDeploymentProp
+	}
 	regionProp, err := expandComputeRegionNetworkEndpointGroupRegion(d.Get("region"), d, config)
 	if err != nil {
 		return err
@@ -360,6 +410,9 @@ func resourceComputeRegionNetworkEndpointGroupRead(d *schema.ResourceData, meta
 	if err := d.Set("cloud_function", flattenComputeRegionNetworkEndpointGroupCloudFunction(res["cloudFunction"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
 	}
+	if err := d.Set("serverless_deployment", flattenComputeRegionNetworkEndpointGroupServerlessDeployment(res["serverlessDeployment"], d, config)); err != nil {
+		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
+	}
 	if err := d.Set("region", flattenComputeRegionNetworkEndpointGroupRegion(res["region"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
 	}
@@ -526,6 +579,38 @@ func flattenComputeRegionNetworkEndpointGroupCloudFunctionUrlMask(v interface{},
 	return v
 }
 
+func flattenComputeRegionNetworkEndpointGroupServerlessDeployment(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	if v == nil {
+		return nil
+	}
+	original := v.(map[string]interface{})
+	transformed := make(map[string]interface{})
+	transformed["platform"] =
+		flattenComputeRegionNetworkEndpointGroupServerlessDeploymentPlatform(original["platform"], d, config)
+	transformed["resource"] =
+		flattenComputeRegionNetworkEndpointGroupServerlessDeploymentResource(original["resource"], d, config)
+	transformed["version"] =
+		flattenComputeRegionNetworkEndpointGroupServerlessDeploymentVersion(original["version"], d, config)
+	transformed["url_mask"] =
+		flattenComputeRegionNetworkEndpointGroupServerlessDeploymentUrlMask(original["urlMask"], d, config)
+	return []interface{}{transformed}
+}
+func flattenComputeRegionNetworkEndpointGroupServerlessDeploymentPlatform(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	return v
+}
+
+func flattenComputeRegionNetworkEndpointGroupServerlessDeploymentResource(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	return v
+}
+
+func flattenComputeRegionNetworkEndpointGroupServerlessDeploymentVersion(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	return v
+}
+
+func flattenComputeRegionNetworkEndpointGroupServerlessDeploymentUrlMask(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	return v
+}
+
 func flattenComputeRegionNetworkEndpointGroupRegion(v interface{}, d *schema.ResourceData, config *Config) interface{} {
 	if v == nil {
 		return v
@@ -674,6 +759,67 @@ func expandComputeRegionNetworkEndpointGroupCloudFunctionUrlMask(v interface{},
 	return v, nil
 }
 
+func expandComputeRegionNetworkEndpointGroupServerlessDeployment(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	l := v.([]interface{})
+	if len(l) == 0 {
+		return nil, nil
+	}
+
+	if l[0] == nil {
+		transformed := make(map[string]interface{})
+		return transformed, nil
+	}
+	raw := l[0]
+	original := raw.(map[string]interface{})
+	transformed := make(map[string]interface{})
+
+	transformedPlatform, err := expandComputeRegionNetworkEndpointGroupServerlessDeploymentPlatform(original["platform"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedPlatform); val.IsValid() && !isEmptyValue(val) {
+		transformed["platform"] = transformedPlatform
+	}
+
+	transformedResource, err := expandComputeRegionNetworkEndpointGroupServerlessDeploymentResource(original["resource"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedResource); val.IsValid() && !isEmptyValue(val) {
+		transformed["resource"] = transformedResource
+	}
+
+	transformedVersion, err := expandComputeRegionNetworkEndpointGroupServerlessDeploymentVersion(original["version"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedVersion); val.IsValid() && !isEmptyValue(val) {
+		transformed["version"] = transformedVersion
+	}
+
+	transformedUrlMask, err := expandComputeRegionNetworkEndpointGroupServerlessDeploymentUrlMask(original["url_mask"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedUrlMask); val.IsValid() && !isEmptyValue(val) {
+		transformed["urlMask"] = transformedUrlMask
+	}
+
+	return transformed, nil
+}
+
+func expandComputeRegionNetworkEndpointGroupServerlessDeploymentPlatform(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandComputeRegionNetworkEndpointGroupServerlessDeploymentResource(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandComputeRegionNetworkEndpointGroupServerlessDeploymentVersion(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandComputeRegionNetworkEndpointGroupServerlessDeploymentUrlMask(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandComputeRegionNetworkEndpointGroupRegion(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
 	f, err := parseGlobalFieldValue("regions", v.(string), "project", d, config, true)
 	if err != nil {

google-beta/resource_compute_region_network_endpoint_group_test.go

@@ -0,0 +1,71 @@
+package google
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccComputeRegionNetworkEndpointGroup_negWithServerlessDeployment(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": randString(t, 10),
+	}
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeRegionNetworkEndpointGroupDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeRegionNetworkEndpointGroup_negWithServerlessDeployment(context),
+			},
+			{
+				ResourceName:            "google_compute_region_network_endpoint_group.test_neg",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"region"},
+			},
+		},
+	})
+}
+
+func testAccComputeRegionNetworkEndpointGroup_negWithServerlessDeployment(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_api_gateway_api" "api_gw" {
+	api_id = "tf-test-%{random_suffix}"
+}
+		
+resource "google_api_gateway_api_config" "api_gw" {
+	api = google_api_gateway_api.api_gw.api_id
+	api_config_id = "tf-test-config-%{random_suffix}"
+
+	openapi_documents {
+		document {
+			path = "spec.yaml"
+			contents = filebase64("test-fixtures/apigateway/openapi.yaml")
+		}
+	}
+
+	lifecycle {
+		create_before_destroy = true
+	}
+}
+
+resource "google_api_gateway_gateway" "api_gw" {
+	api_config = google_api_gateway_api_config.api_gw.id
+	gateway_id = "tf-test-%{random_suffix}"
+}
+
+resource "google_compute_region_network_endpoint_group" "test_neg" {
+	name                  = "test-serverless-neg"
+	network_endpoint_type = "SERVERLESS"
+	region                = "us-central1"
+	serverless_deployment {
+		platform = "apigateway.googleapis.com"
+		url_mask = format("<gateway>%s/hello", trimprefix(google_api_gateway_gateway.api_gw.default_hostname, "tf-test-%{random_suffix}"))
+	}
+}
+`, context)
+}

website/docs/r/compute_region_network_endpoint_group.html.markdown

@@ -233,21 +233,27 @@ The following arguments are supported:
 * `cloud_run` -
   (Optional)
   Only valid when networkEndpointType is "SERVERLESS".
-  Only one of cloud_run, app_engine or cloud_function may be set.
+  Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.
   Structure is [documented below](#nested_cloud_run).
 
 * `app_engine` -
   (Optional)
   Only valid when networkEndpointType is "SERVERLESS".
-  Only one of cloud_run, app_engine or cloud_function may be set.
+  Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.
   Structure is [documented below](#nested_app_engine).
 
 * `cloud_function` -
   (Optional)
   Only valid when networkEndpointType is "SERVERLESS".
-  Only one of cloud_run, app_engine or cloud_function may be set.
+  Only one of cloud_run, app_engine, cloud_function or serverless_deployment may be set.
   Structure is [documented below](#nested_cloud_function).
 
+* `serverless_deployment` -
+  (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
+  Only valid when networkEndpointType is "SERVERLESS".
+  Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+  Structure is [documented below](#nested_serverless_deployment).
+
 * `project` - (Optional) The ID of the project in which the resource belongs.
     If it is not provided, the provider project is used.
 
@@ -318,6 +324,31 @@ The following arguments are supported:
   can be backed by the same Serverless NEG with URL mask "/". The URL mask
   will parse them to { function = "function1" } and { function = "function2" } respectively.
 
+<a name="nested_serverless_deployment"></a>The `serverless_deployment` block supports:
+
+* `platform` -
+  (Required)
+  The platform of the NEG backend target(s). Possible values:
+  API Gateway: apigateway.googleapis.com
+
+* `resource` -
+  (Optional)
+  The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask.
+  The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name,
+  Cloud Functions: The function name, Cloud Run: The service name
+
+* `version` -
+  (Optional)
+  The optional resource version. The version identified by this value is platform-specific and is follows:
+  API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag
+
+* `url_mask` -
+  (Required)
+  A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
+  on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
+  The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
+  App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag
+
 ## Attributes Reference
 
 In addition to the arguments listed above, the following computed attributes are exported: