Changes to support namespace label scoped backups (#15047) (#24427)

[upstream:7134387a0b2b8f034912dc148ac82435e0132946]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/15047.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+gkebackup: added `backup_config.selected_namespace_labels` field to `google_gke_backup_backup_plan` resource
+```

google/services/gkebackup/resource_gke_backup_backup_plan.go

@@ -87,7 +87,7 @@ func ResourceGKEBackupBackupPlan() *schema.Resource {
 							Type:         schema.TypeBool,
 							Optional:     true,
 							Description:  `If True, include all namespaced resources.`,
-							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications"},
+							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications", "backup_config.0.selected_namespace_labels"},
 						},
 						"encryption_key": {
 							Type:     schema.TypeList,
@@ -154,7 +154,37 @@ non-standard or requires additional setup to restore.`,
 									},
 								},
 							},
-							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications"},
+							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications", "backup_config.0.selected_namespace_labels"},
+						},
+						"selected_namespace_labels": {
+							Type:        schema.TypeList,
+							Optional:    true,
+							Description: `If set, include just the resources in the listed namespace Labels.`,
+							MaxItems:    1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"resource_labels": {
+										Type:        schema.TypeList,
+										Required:    true,
+										Description: `A list of Kubernetes Namespace labels.`,
+										Elem: &schema.Resource{
+											Schema: map[string]*schema.Schema{
+												"key": {
+													Type:        schema.TypeString,
+													Required:    true,
+													Description: `The key of the kubernetes label.`,
+												},
+												"value": {
+													Type:        schema.TypeString,
+													Required:    true,
+													Description: `The value of the Label.`,
+												},
+											},
+										},
+									},
+								},
+							},
+							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications", "backup_config.0.selected_namespace_labels"},
 						},
 						"selected_namespaces": {
 							Type:        schema.TypeList,
@@ -173,7 +203,7 @@ non-standard or requires additional setup to restore.`,
 									},
 								},
 							},
-							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications"},
+							ExactlyOneOf: []string{"backup_config.0.all_namespaces", "backup_config.0.selected_namespaces", "backup_config.0.selected_applications", "backup_config.0.selected_namespace_labels"},
 						},
 					},
 				},
@@ -1244,6 +1274,8 @@ func flattenGKEBackupBackupPlanBackupConfig(v interface{}, d *schema.ResourceDat
 		flattenGKEBackupBackupPlanBackupConfigSelectedNamespaces(original["selectedNamespaces"], d, config)
 	transformed["selected_applications"] =
 		flattenGKEBackupBackupPlanBackupConfigSelectedApplications(original["selectedApplications"], d, config)
+	transformed["selected_namespace_labels"] =
+		flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabels(original["selectedNamespaceLabels"], d, config)
 	transformed["permissive_mode"] =
 		flattenGKEBackupBackupPlanBackupConfigPermissiveMode(original["permissiveMode"], d, config)
 	return []interface{}{transformed}
@@ -1334,6 +1366,46 @@ func flattenGKEBackupBackupPlanBackupConfigSelectedApplicationsNamespacedNamesNa
 	return v
 }
 
+func flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return nil
+	}
+	original := v.(map[string]interface{})
+	if len(original) == 0 {
+		return nil
+	}
+	transformed := make(map[string]interface{})
+	transformed["resource_labels"] =
+		flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabels(original["resourceLabels"], d, config)
+	return []interface{}{transformed}
+}
+func flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return v
+	}
+	l := v.([]interface{})
+	transformed := make([]interface{}, 0, len(l))
+	for _, raw := range l {
+		original := raw.(map[string]interface{})
+		if len(original) < 1 {
+			// Do not include empty json objects coming back from the api
+			continue
+		}
+		transformed = append(transformed, map[string]interface{}{
+			"key":   flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsKey(original["key"], d, config),
+			"value": flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsValue(original["value"], d, config),
+		})
+	}
+	return transformed
+}
+func flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsValue(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenGKEBackupBackupPlanBackupConfigPermissiveMode(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -1747,6 +1819,13 @@ func expandGKEBackupBackupPlanBackupConfig(v interface{}, d tpgresource.Terrafor
 		transformed["selectedApplications"] = transformedSelectedApplications
 	}
 
+	transformedSelectedNamespaceLabels, err := expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabels(original["selected_namespace_labels"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedSelectedNamespaceLabels); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["selectedNamespaceLabels"] = transformedSelectedNamespaceLabels
+	}
+
 	transformedPermissiveMode, err := expandGKEBackupBackupPlanBackupConfigPermissiveMode(original["permissive_mode"], d, config)
 	if err != nil {
 		return nil, err
@@ -1871,6 +1950,62 @@ func expandGKEBackupBackupPlanBackupConfigSelectedApplicationsNamespacedNamesNam
 	return v, nil
 }
 
+func expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	l := v.([]interface{})
+	if len(l) == 0 || l[0] == nil {
+		return nil, nil
+	}
+	raw := l[0]
+	original := raw.(map[string]interface{})
+	transformed := make(map[string]interface{})
+
+	transformedResourceLabels, err := expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabels(original["resource_labels"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedResourceLabels); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["resourceLabels"] = transformedResourceLabels
+	}
+
+	return transformed, nil
+}
+
+func expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	l := v.([]interface{})
+	req := make([]interface{}, 0, len(l))
+	for _, raw := range l {
+		if raw == nil {
+			continue
+		}
+		original := raw.(map[string]interface{})
+		transformed := make(map[string]interface{})
+
+		transformedKey, err := expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsKey(original["key"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedKey); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["key"] = transformedKey
+		}
+
+		transformedValue, err := expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsValue(original["value"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedValue); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["value"] = transformedValue
+		}
+
+		req = append(req, transformed)
+	}
+	return req, nil
+}
+
+func expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsKey(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandGKEBackupBackupPlanBackupConfigSelectedNamespaceLabelsResourceLabelsValue(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandGKEBackupBackupPlanBackupConfigPermissiveMode(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }

google/services/gkebackup/resource_gke_backup_backup_plan_generated_meta.yaml

@@ -12,6 +12,8 @@ fields:
   - field: 'backup_config.permissive_mode'
   - field: 'backup_config.selected_applications.namespaced_names.name'
   - field: 'backup_config.selected_applications.namespaced_names.namespace'
+  - field: 'backup_config.selected_namespace_labels.resource_labels.key'
+  - field: 'backup_config.selected_namespace_labels.resource_labels.value'
   - field: 'backup_config.selected_namespaces.namespaces'
   - field: 'backup_schedule.cron_schedule'
   - field: 'backup_schedule.paused'

google/services/gkebackup/resource_gke_backup_backup_plan_generated_test.go

@@ -230,6 +230,72 @@ resource "google_kms_key_ring" "key_ring" {
 `, context)
 }
 
+func TestAccGKEBackupBackupPlan_gkebackupBackupplanNslabelsExample(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"project":             envvar.GetTestProjectFromEnv(),
+		"deletion_protection": false,
+		"network_name":        acctest.BootstrapSharedTestNetwork(t, "gke-cluster"),
+		"subnetwork_name":     acctest.BootstrapSubnet(t, "gke-cluster", acctest.BootstrapSharedTestNetwork(t, "gke-cluster")),
+		"random_suffix":       acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckGKEBackupBackupPlanDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccGKEBackupBackupPlan_gkebackupBackupplanNslabelsExample(context),
+			},
+			{
+				ResourceName:            "google_gke_backup_backup_plan.nslabels",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"labels", "location", "terraform_labels"},
+			},
+		},
+	})
+}
+
+func testAccGKEBackupBackupPlan_gkebackupBackupplanNslabelsExample(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_container_cluster" "primary" {
+  name               = "tf-test-nslabels-cluster%{random_suffix}"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "%{project}.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+  deletion_protection  = %{deletion_protection}
+  network       = "%{network_name}"
+  subnetwork    = "%{subnetwork_name}"
+}
+
+resource "google_gke_backup_backup_plan" "nslabels" {
+  name = "tf-test-nslabels-plan%{random_suffix}"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    selected_namespace_labels {
+      resource_labels {
+        key = "key1"
+        value ="value1"
+     }
+    }
+  }
+}
+`, context)
+}
+
 func TestAccGKEBackupBackupPlan_gkebackupBackupplanFullExample(t *testing.T) {
 	t.Parallel()
 

website/docs/r/gke_backup_backup_plan.html.markdown

@@ -148,6 +148,43 @@ resource "google_kms_key_ring" "key_ring" {
   location = "us-central1"
 }
 ```
+## Example Usage - Gkebackup Backupplan Nslabels
+
+
+```hcl
+resource "google_container_cluster" "primary" {
+  name               = "nslabels-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "my-project-name.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+  deletion_protection  = true
+  network       = "default"
+  subnetwork    = "default"
+}
+
+resource "google_gke_backup_backup_plan" "nslabels" {
+  name = "nslabels-plan"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    selected_namespace_labels {
+      resource_labels {
+        key = "key1"
+        value ="value1"
+     }
+    }
+  }
+}
+```
 ## Example Usage - Gkebackup Backupplan Full
 
 
@@ -624,6 +661,11 @@ The following arguments are supported:
   A list of namespaced Kubernetes Resources.
   Structure is [documented below](#nested_backup_config_selected_applications).
 
+* `selected_namespace_labels` -
+  (Optional)
+  If set, include just the resources in the listed namespace Labels.
+  Structure is [documented below](#nested_backup_config_selected_namespace_labels).
+
 * `permissive_mode` -
   (Optional)
   This flag specifies whether Backups will not fail when
@@ -661,6 +703,24 @@ The following arguments are supported:
   (Required)
   The name of a Kubernetes Resource.
 
+<a name="nested_backup_config_selected_namespace_labels"></a>The `selected_namespace_labels` block supports:
+
+* `resource_labels` -
+  (Required)
+  A list of Kubernetes Namespace labels.
+  Structure is [documented below](#nested_backup_config_selected_namespace_labels_resource_labels).
+
+
+<a name="nested_backup_config_selected_namespace_labels_resource_labels"></a>The `resource_labels` block supports:
+
+* `key` -
+  (Required)
+  The key of the kubernetes label.
+
+* `value` -
+  (Required)
+  The value of the Label.
+
 ## Attributes Reference
 
 In addition to the arguments listed above, the following computed attributes are exported: