Add PSC fields to Filestore instance in ga (#15116) (#24567)

[upstream:250877817a0812a25d8b725d727847887bee14e8]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/15116.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+filestore: added PSC fields to `google_filestore_instance` (ga)
+```

google/services/filestore/resource_filestore_instance.go

@@ -128,6 +128,12 @@ The limit is 64 IP ranges/addresses for each FileShareConfig among all NfsExport
 											Type: schema.TypeString,
 										},
 									},
+									"network": {
+										Type:     schema.TypeString,
+										Optional: true,
+										Description: `The source VPC network for 'ip_ranges'.
+Required for instances using Private Service Connect, optional otherwise.`,
+									},
 									"squash_mode": {
 										Type:         schema.TypeString,
 										Optional:     true,
@@ -193,6 +199,26 @@ If not provided, the connect mode defaults to
 DIRECT_PEERING. Default value: "DIRECT_PEERING" Possible values: ["DIRECT_PEERING", "PRIVATE_SERVICE_ACCESS", "PRIVATE_SERVICE_CONNECT"]`,
 							Default: "DIRECT_PEERING",
 						},
+						"psc_config": {
+							Type:     schema.TypeList,
+							Optional: true,
+							Description: `Private Service Connect configuration.
+Should only be set when connect_mode is PRIVATE_SERVICE_CONNECT.`,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"endpoint_project": {
+										Type:     schema.TypeString,
+										Optional: true,
+										ForceNew: true,
+										Description: `Consumer service project in which the Private Service Connect endpoint
+would be set up. This is optional, and only relevant in case the network
+is a shared VPC. If this is not specified, the endpoint would be set up
+in the VPC host project.`,
+									},
+								},
+							},
+						},
 						"reserved_ip_range": {
 							Type:     schema.TypeString,
 							Computed: true,
@@ -1012,6 +1038,7 @@ func flattenFilestoreInstanceFileSharesNfsExportOptions(v interface{}, d *schema
 			"squash_mode": flattenFilestoreInstanceFileSharesNfsExportOptionsSquashMode(original["squashMode"], d, config),
 			"anon_uid":    flattenFilestoreInstanceFileSharesNfsExportOptionsAnonUid(original["anonUid"], d, config),
 			"anon_gid":    flattenFilestoreInstanceFileSharesNfsExportOptionsAnonGid(original["anonGid"], d, config),
+			"network":     flattenFilestoreInstanceFileSharesNfsExportOptionsNetwork(original["network"], d, config),
 		})
 	}
 	return transformed
@@ -1062,6 +1089,10 @@ func flattenFilestoreInstanceFileSharesNfsExportOptionsAnonGid(v interface{}, d
 	return v // let terraform core handle it otherwise
 }
 
+func flattenFilestoreInstanceFileSharesNfsExportOptionsNetwork(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenFilestoreInstanceNetworks(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -1080,6 +1111,7 @@ func flattenFilestoreInstanceNetworks(v interface{}, d *schema.ResourceData, con
 			"reserved_ip_range": flattenFilestoreInstanceNetworksReservedIpRange(original["reservedIpRange"], d, config),
 			"ip_addresses":      flattenFilestoreInstanceNetworksIpAddresses(original["ipAddresses"], d, config),
 			"connect_mode":      flattenFilestoreInstanceNetworksConnectMode(original["connectMode"], d, config),
+			"psc_config":        flattenFilestoreInstanceNetworksPscConfig(original["pscConfig"], d, config),
 		})
 	}
 	return transformed
@@ -1108,6 +1140,23 @@ func flattenFilestoreInstanceNetworksConnectMode(v interface{}, d *schema.Resour
 	return v
 }
 
+func flattenFilestoreInstanceNetworksPscConfig(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return nil
+	}
+	original := v.(map[string]interface{})
+	if len(original) == 0 {
+		return nil
+	}
+	transformed := make(map[string]interface{})
+	transformed["endpoint_project"] =
+		flattenFilestoreInstanceNetworksPscConfigEndpointProject(original["endpointProject"], d, config)
+	return []interface{}{transformed}
+}
+func flattenFilestoreInstanceNetworksPscConfigEndpointProject(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenFilestoreInstanceEtag(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -1392,6 +1441,13 @@ func expandFilestoreInstanceFileSharesNfsExportOptions(v interface{}, d tpgresou
 			transformed["anonGid"] = transformedAnonGid
 		}
 
+		transformedNetwork, err := expandFilestoreInstanceFileSharesNfsExportOptionsNetwork(original["network"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedNetwork); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["network"] = transformedNetwork
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -1417,6 +1473,10 @@ func expandFilestoreInstanceFileSharesNfsExportOptionsAnonGid(v interface{}, d t
 	return v, nil
 }
 
+func expandFilestoreInstanceFileSharesNfsExportOptionsNetwork(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandFilestoreInstanceNetworks(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	if v == nil {
 		return nil, nil
@@ -1465,6 +1525,13 @@ func expandFilestoreInstanceNetworks(v interface{}, d tpgresource.TerraformResou
 			transformed["connectMode"] = transformedConnectMode
 		}
 
+		transformedPscConfig, err := expandFilestoreInstanceNetworksPscConfig(original["psc_config"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedPscConfig); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["pscConfig"] = transformedPscConfig
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -1490,6 +1557,32 @@ func expandFilestoreInstanceNetworksConnectMode(v interface{}, d tpgresource.Ter
 	return v, nil
 }
 
+func expandFilestoreInstanceNetworksPscConfig(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	if v == nil {
+		return nil, nil
+	}
+	l := v.([]interface{})
+	if len(l) == 0 || l[0] == nil {
+		return nil, nil
+	}
+	raw := l[0]
+	original := raw.(map[string]interface{})
+	transformed := make(map[string]interface{})
+
+	transformedEndpointProject, err := expandFilestoreInstanceNetworksPscConfigEndpointProject(original["endpoint_project"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedEndpointProject); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["endpointProject"] = transformedEndpointProject
+	}
+
+	return transformed, nil
+}
+
+func expandFilestoreInstanceNetworksPscConfigEndpointProject(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandFilestoreInstanceKmsKeyName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }

google/services/filestore/resource_filestore_instance_generated_meta.yaml

@@ -28,6 +28,7 @@ fields:
   - field: 'file_shares.nfs_export_options.anon_gid'
   - field: 'file_shares.nfs_export_options.anon_uid'
   - field: 'file_shares.nfs_export_options.ip_ranges'
+  - field: 'file_shares.nfs_export_options.network'
   - field: 'file_shares.nfs_export_options.squash_mode'
   - field: 'file_shares.source_backup'
   - field: 'initial_replication.replicas.peer_instance'
@@ -44,6 +45,7 @@ fields:
   - field: 'networks.ip_addresses'
   - field: 'networks.modes'
   - field: 'networks.network'
+  - field: 'networks.psc_config.endpoint_project'
   - field: 'networks.reserved_ip_range'
   - field: 'performance_config.fixed_iops.max_iops'
   - field: 'performance_config.iops_per_tb.max_iops_per_tb'

google/services/filestore/resource_filestore_instance_test.go

@@ -556,3 +556,154 @@ resource "google_filestore_instance" "replica_instance" {
 }
 `, context)
 }
+
+func TestAccFilestoreInstance_psc(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"name":     fmt.Sprintf("tf-test-%d", acctest.RandInt(t)),
+		"location": "us-central1",
+		"tier":     "REGIONAL",
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckFilestoreInstanceDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccFilestoreInstance_psc(context),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("google_filestore_instance.instance", "networks.0.connect_mode", "PRIVATE_SERVICE_CONNECT"),
+				),
+			},
+			{
+				ResourceName:            "google_filestore_instance.instance",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"zone"},
+			},
+		},
+	})
+}
+
+func testAccFilestoreInstance_psc(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+data "google_client_config" "current" {}
+
+resource "google_compute_network" "psc_network" {
+  name                    = "%{name}"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "psc_subnet" {
+  name          = "%{name}"
+  ip_cidr_range = "10.2.0.0/16"
+  region        = "%{location}"
+  network       = google_compute_network.psc_network.id
+}
+
+resource "google_network_connectivity_service_connection_policy" "default" {
+  name          = "%{name}"
+  location      = "%{location}"
+  service_class = "google-cloud-filestore"
+  network       = google_compute_network.psc_network.id
+  psc_config {
+    subnetworks = [google_compute_subnetwork.psc_subnet.id]
+  }
+}
+
+resource "google_filestore_instance" "instance" {
+  depends_on = [
+    google_network_connectivity_service_connection_policy.default
+  ]
+  name        = "%{name}"
+  location    = "%{location}"
+  tier        = "%{tier}"
+  description = "An instance created during testing."
+  protocol    = "NFS_V4_1"
+
+  file_shares {
+    capacity_gb = 1024
+    name        = "share"
+
+    nfs_export_options {
+      ip_ranges = ["70.0.0.1/24"]
+      network   = google_compute_network.psc_network.name
+    }
+  }
+
+  networks {
+    network      = google_compute_network.psc_network.name
+    modes        = ["MODE_IPV4"]
+    connect_mode = "PRIVATE_SERVICE_CONNECT"
+    psc_config {
+      endpoint_project = data.google_client_config.current.project
+    }
+  }
+}
+`, context)
+}
+
+func TestAccFilestoreInstance_nfsExportOptionsNetwork_update(t *testing.T) {
+	t.Parallel()
+
+	name := fmt.Sprintf("tf-test-%d", acctest.RandInt(t))
+	location := "us-central1-a"
+	tier := "ZONAL"
+
+	// Currently, we can only alternate between an empty network and the instance network of non-PSC instances.
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckFilestoreInstanceDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccFilestoreInstance_nfsExportOptionsNetwork_update(name, location, tier, ""),
+				Check:  resource.TestCheckResourceAttr("google_filestore_instance.instance", "file_shares.0.nfs_export_options.0.network", ""),
+			},
+			{
+				ResourceName:            "google_filestore_instance.instance",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"zone"},
+			},
+			{
+				Config: testAccFilestoreInstance_nfsExportOptionsNetwork_update(name, location, tier, "default"),
+				Check:  resource.TestCheckResourceAttr("google_filestore_instance.instance", "file_shares.0.nfs_export_options.0.network", "default"),
+			},
+			{
+				ResourceName:            "google_filestore_instance.instance",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"zone"},
+			},
+		},
+	})
+}
+
+func testAccFilestoreInstance_nfsExportOptionsNetwork_update(name, location, tier, network string) string {
+	return fmt.Sprintf(`
+resource "google_filestore_instance" "instance" {
+  name        = "%s"
+  zone        = "%s"
+  tier        = "%s"
+  description = "An instance created during testing."
+
+  file_shares {
+    capacity_gb = 1024
+    name        = "share"
+
+	nfs_export_options {
+      ip_ranges = ["70.0.0.1/24"]
+      network   = "%s"
+    }
+  }
+
+  networks {
+    network = "default"
+	modes   = ["MODE_IPV4"]
+  }
+}
+`, name, location, tier, network)
+}

website/docs/r/filestore_instance.html.markdown

@@ -319,7 +319,7 @@ The following arguments are supported:
   if this field is specified for other squashMode settings.
 
 * `network` -
-  (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
+  (Optional)
   The source VPC network for `ip_ranges`.
   Required for instances using Private Service Connect, optional otherwise.
 
@@ -354,7 +354,7 @@ The following arguments are supported:
   Possible values are: `DIRECT_PEERING`, `PRIVATE_SERVICE_ACCESS`, `PRIVATE_SERVICE_CONNECT`.
 
 * `psc_config` -
-  (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
+  (Optional)
   Private Service Connect configuration.
   Should only be set when connect_mode is PRIVATE_SERVICE_CONNECT.
   Structure is [documented below](#nested_networks_networks_psc_config).