Fix minor edit suggestions for IAM OAuth Client resource (#13258) (#21726)

[upstream:5662a5b0eb35f2f9e7ceff3dcbb47a9b90ef0df5]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/13258.txt

@@ -0,0 +1,3 @@
+```release-note: none
+Fix minor edit suggestions for IAM OAuth Client resource
+```

google/services/iamworkforcepool/resource_iam_oauth_client.go

@@ -24,7 +24,6 @@ import (
 	"log"
 	"net/http"
 	"reflect"
-	"regexp"
 	"strings"
 	"time"
 
@@ -35,27 +34,6 @@ import (
 	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
 )
 
-const oauthClientIdRegexp = `^[a-z][a-z0-9-]{4,61}[a-z0-9]$`
-
-func ValidateOauthClientId(v interface{}, k string) (ws []string, errors []error) {
-	value := v.(string)
-
-	if strings.HasPrefix(value, "gcp-") {
-		errors = append(errors, fmt.Errorf(
-			"%q (%q) can not start with \"gcp-\". "+
-				"The prefix `gcp-` is reserved for use by Google, and may not be specified.", k, value))
-	}
-
-	if !regexp.MustCompile(oauthClientIdRegexp).MatchString(value) {
-		errors = append(errors, fmt.Errorf(
-			"%q (%q) must contain only lowercase letters [a-z], digits [0-9], and hyphens "+
-				"[-]. The OauthClient ID must be between 6 and 63 characters, begin "+
-				"with a letter, and cannot have a trailing hyphen.", k, value))
-	}
-
-	return
-}
-
 func ResourceIAMWorkforcePoolOauthClient() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceIAMWorkforcePoolOauthClientCreate,
@@ -145,20 +123,20 @@ CONFIDENTIAL_CLIENT`,
 			"description": {
 				Type:     schema.TypeString,
 				Optional: true,
-				Description: `Optional. A user-specified description of the OauthClient.
+				Description: `A user-specified description of the OauthClient.
 
 Cannot exceed 256 characters.`,
 			},
 			"disabled": {
 				Type:     schema.TypeBool,
 				Optional: true,
-				Description: `Optional. Whether the OauthClient is disabled. You cannot use a disabled OAuth
+				Description: `Whether the OauthClient is disabled. You cannot use a disabled OAuth
 client.`,
 			},
 			"display_name": {
 				Type:     schema.TypeString,
 				Optional: true,
-				Description: `Optional. A user-specified display name of the OauthClient.
+				Description: `A user-specified display name of the OauthClient.
 
 Cannot exceed 32 characters.`,
 			},
@@ -170,7 +148,7 @@ Cannot exceed 32 characters.`,
 			"expire_time": {
 				Type:     schema.TypeString,
 				Computed: true,
-				Description: `Output only. Time after which the OauthClient will be permanently purged and cannot
+				Description: `Time after which the OauthClient will be permanently purged and cannot
 be recovered.`,
 			},
 			"name": {
@@ -183,7 +161,7 @@ Format:'projects/{project}/locations/{location}/oauthClients/{oauth_client}'.`,
 			"state": {
 				Type:     schema.TypeString,
 				Computed: true,
-				Description: `Output only. The state of the OauthClient.
+				Description: `The state of the OauthClient.
 Possible values:
 STATE_UNSPECIFIED
 ACTIVE

google/services/iamworkforcepool/resource_iam_oauth_client_generated_test.go

@@ -30,44 +30,6 @@ import (
 	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
 )
 
-func TestAccIAMWorkforcePoolOauthClient_iamOauthClientBasicExample(t *testing.T) {
-	t.Parallel()
-
-	context := map[string]interface{}{
-		"random_suffix": acctest.RandString(t, 10),
-	}
-
-	acctest.VcrTest(t, resource.TestCase{
-		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
-		CheckDestroy:             testAccCheckIAMWorkforcePoolOauthClientDestroyProducer(t),
-		Steps: []resource.TestStep{
-			{
-				Config: testAccIAMWorkforcePoolOauthClient_iamOauthClientBasicExample(context),
-			},
-			{
-				ResourceName:            "google_iam_oauth_client.example",
-				ImportState:             true,
-				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"location", "oauth_client_id"},
-			},
-		},
-	})
-}
-
-func testAccIAMWorkforcePoolOauthClient_iamOauthClientBasicExample(context map[string]interface{}) string {
-	return acctest.Nprintf(`
-resource "google_iam_oauth_client" "example" {
-  oauth_client_id = "tf-test-example-client-id%{random_suffix}"
-  location                  = "global"
-  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
-  allowed_redirect_uris     = ["https://www.example.com"]
-  allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform"]
-  client_type               = "CONFIDENTIAL_CLIENT"
-}
-`, context)
-}
-
 func TestAccIAMWorkforcePoolOauthClient_iamOauthClientFullExample(t *testing.T) {
 	t.Parallel()
 
@@ -121,7 +83,7 @@ func testAccCheckIAMWorkforcePoolOauthClientDestroyProducer(t *testing.T) func(s
 
 			config := acctest.GoogleProviderConfig(t)
 
-			url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{IAMWorkforcePoolBasePath}}projects/{{project}}/locations/global/oauthClients/{{oauth_client_id}}")
+			url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{IAMWorkforcePoolBasePath}}projects/{{project}}/locations/{{location}}/oauthClients/{{oauth_client_id}}")
 			if err != nil {
 				return err
 			}
@@ -140,7 +102,7 @@ func testAccCheckIAMWorkforcePoolOauthClientDestroyProducer(t *testing.T) func(s
 				return nil
 			}
 
-			return fmt.Errorf("IAMOAuthCLient still exists at %s", url)
+			return fmt.Errorf("IAMOAuthClient still exists at %s", url)
 		}
 
 		return nil

google/services/iamworkforcepool/resource_iam_oauth_client_test.go

@@ -6,11 +6,12 @@ import (
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-plugin-testing/plancheck"
 
 	"github.com/hashicorp/terraform-provider-google/google/acctest"
 )
 
-func TestAccIAMWorkforcePoolOauthClient_basic(t *testing.T) {
+func TestAccIAMWorkforcePoolOauthClient_full(t *testing.T) {
 	t.Parallel()
 
 	context := map[string]interface{}{
@@ -23,7 +24,7 @@ func TestAccIAMWorkforcePoolOauthClient_basic(t *testing.T) {
 		CheckDestroy:             testAccCheckIAMWorkforcePoolOauthClientDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
-				Config: testAccIAMWorkforcePoolOauthClient_basic(context),
+				Config: testAccIAMWorkforcePoolOauthClient_full(context),
 			},
 			{
 				ResourceName:            "google_iam_oauth_client.example",
@@ -32,58 +33,12 @@ func TestAccIAMWorkforcePoolOauthClient_basic(t *testing.T) {
 				ImportStateVerifyIgnore: []string{"location", "oauth_client_id"},
 			},
 			{
-				Config: testAccIAMWorkforcePoolOauthClient_basic_update(context),
-			},
-			{
-				ResourceName:            "google_iam_oauth_client.example",
-				ImportState:             true,
-				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"location", "oauth_client_id"},
-			},
-		},
-	})
-}
-
-func testAccIAMWorkforcePoolOauthClient_basic(context map[string]interface{}) string {
-	return acctest.Nprintf(`
-resource "google_iam_oauth_client" "example" {
-  oauth_client_id = "tf-test-example-client-id%{random_suffix}"
-  location                  = "global"
-  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
-  allowed_redirect_uris     = ["https://www.example.com"]
-  allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform"]
-  client_type               = "CONFIDENTIAL_CLIENT"
-}
-`, context)
-}
-
-func testAccIAMWorkforcePoolOauthClient_basic_update(context map[string]interface{}) string {
-	return acctest.Nprintf(`
-resource "google_iam_oauth_client" "example" {
-  oauth_client_id = "tf-test-example-client-id%{random_suffix}"
-  location                  = "global"
-  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
-  allowed_redirect_uris     = ["https://www.update.com"]
-  allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform", "openid"]
-  client_type               = "CONFIDENTIAL_CLIENT"
-}
-`, context)
-}
-
-func TestAccIAMWorkforcePoolOauthClient_full(t *testing.T) {
-	t.Parallel()
-
-	context := map[string]interface{}{
-		"random_suffix": acctest.RandString(t, 10),
-	}
-
-	acctest.VcrTest(t, resource.TestCase{
-		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
-		CheckDestroy:             testAccCheckIAMWorkforcePoolOauthClientDestroyProducer(t),
-		Steps: []resource.TestStep{
-			{
-				Config: testAccIAMWorkforcePoolOauthClient_full(context),
+				Config: testAccIAMWorkforcePoolOauthClient_full_update(context),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_iam_oauth_client.example", plancheck.ResourceActionUpdate),
+					},
+				},
 			},
 			{
 				ResourceName:            "google_iam_oauth_client.example",
@@ -92,7 +47,12 @@ func TestAccIAMWorkforcePoolOauthClient_full(t *testing.T) {
 				ImportStateVerifyIgnore: []string{"location", "oauth_client_id"},
 			},
 			{
-				Config: testAccIAMWorkforcePoolOauthClient_full_update(context),
+				Config: testAccIAMWorkforcePoolOauthClient_full_cleanOptionalFields(context),
+				ConfigPlanChecks: resource.ConfigPlanChecks{
+					PreApply: []plancheck.PlanCheck{
+						plancheck.ExpectResourceAction("google_iam_oauth_client.example", plancheck.ResourceActionUpdate),
+					},
+				},
 			},
 			{
 				ResourceName:            "google_iam_oauth_client.example",
@@ -128,7 +88,21 @@ resource "google_iam_oauth_client" "example" {
   description               = "Updated description"
   location                  = "global"
   disabled                  = true
-  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT", ]
+  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
+  allowed_redirect_uris     = ["https://www.update.com"]
+  allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform", "openid"]
+  client_type               = "CONFIDENTIAL_CLIENT"
+}
+`, context)
+}
+
+func testAccIAMWorkforcePoolOauthClient_full_cleanOptionalFields(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_iam_oauth_client" "example" {
+  oauth_client_id = "tf-test-example-client-id%{random_suffix}"
+  location                  = "global"
+  disabled                  = true
+  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
   allowed_redirect_uris     = ["https://www.update.com"]
   allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform", "openid"]
   client_type               = "CONFIDENTIAL_CLIENT"

website/docs/r/iam_oauth_client.html.markdown

@@ -32,24 +32,6 @@ To get more information about OauthClient, see:
 * How-to Guides
     * [Managing OAuth clients](https://cloud.google.com/iam/docs/workforce-manage-oauth-app#manage-clients)
 
-<div class = "oics-button" style="float: right; margin: 0 0 -15px">
-  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=iam_oauth_client_basic&open_in_editor=main.tf" target="_blank">
-    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
-  </a>
-</div>
-## Example Usage - Iam Oauth Client Basic
-
-
-```hcl
-resource "google_iam_oauth_client" "example" {
-  oauth_client_id = "example-client-id"
-  location                  = "global"
-  allowed_grant_types       = ["AUTHORIZATION_CODE_GRANT"]
-  allowed_redirect_uris     = ["https://www.example.com"]
-  allowed_scopes            = ["https://www.googleapis.com/auth/cloud-platform"]
-  client_type               = "CONFIDENTIAL_CLIENT"
-}
-```
 <div class = "oics-button" style="float: right; margin: 0 0 -15px">
   <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=iam_oauth_client_full&open_in_editor=main.tf" target="_blank">
     <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
@@ -117,17 +99,17 @@ The following arguments are supported:
 
 * `disabled` -
   (Optional)
-  Optional. Whether the OauthClient is disabled. You cannot use a disabled OAuth
+  Whether the OauthClient is disabled. You cannot use a disabled OAuth
   client.
 
 * `display_name` -
   (Optional)
-  Optional. A user-specified display name of the OauthClient.
+  A user-specified display name of the OauthClient.
   Cannot exceed 32 characters.
 
 * `description` -
   (Optional)
-  Optional. A user-specified description of the OauthClient.
+  A user-specified description of the OauthClient.
   Cannot exceed 256 characters.
 
 * `client_type` -
@@ -155,7 +137,7 @@ In addition to the arguments listed above, the following computed attributes are
   Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}`.
 
 * `state` -
-  Output only. The state of the OauthClient.
+  The state of the OauthClient.
   Possible values:
   STATE_UNSPECIFIED
   ACTIVE
@@ -165,7 +147,7 @@ In addition to the arguments listed above, the following computed attributes are
   Output only. The system-generated OauthClient id.
 
 * `expire_time` -
-  Output only. Time after which the OauthClient will be permanently purged and cannot
+  Time after which the OauthClient will be permanently purged and cannot
   be recovered.