Merge pull request openshift#8213 from bharath-b-rh/cors-3254

CORS-3254: Update google.golang.org/api/cloudresourcemanager library version

Author: openshift-merge-bot[bot]

pkg/asset/cluster/tfvars/tfvars.go

@@ -554,8 +554,7 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error {
 			return fmt.Errorf("%s: No GCP build found", st.FormatPrefix(archName))
 		}
 
-		tags, err := gcpconfig.GetUserTags(ctx,
-			gcpconfig.NewTagManager(client),
+		tags, err := gcpconfig.NewTagManager(client).GetUserTags(ctx,
 			installConfig.Config.Platform.GCP.ProjectID,
 			installConfig.Config.Platform.GCP.UserTags)
 		if err != nil {

pkg/asset/ignition/bootstrap/gcp/storage.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/openshift/installer/pkg/asset/installconfig"
 	gcpic "github.com/openshift/installer/pkg/asset/installconfig/gcp"
+	gcpconsts "github.com/openshift/installer/pkg/constants/gcp"
 )
 
 const (
@@ -53,7 +54,7 @@ func CreateBucketHandle(ctx context.Context, bucketName string) (*storage.Bucket
 // the data stored inside the object can be set at a later time.
 func CreateStorage(ctx context.Context, ic *installconfig.InstallConfig, bucketHandle *storage.BucketHandle, clusterID string) error {
 	labels := map[string]string{}
-	labels[fmt.Sprintf("kubernetes-io-cluster-%s", clusterID)] = "owned"
+	labels[fmt.Sprintf(gcpconsts.ClusterIDLabelFmt, clusterID)] = "owned"
 	for _, label := range ic.Config.GCP.UserLabels {
 		labels[label.Key] = label.Value
 	}

pkg/asset/installconfig/gcp/client.go

@@ -8,14 +8,16 @@ import (
 
 	"github.com/pkg/errors"
 	googleoauth "golang.org/x/oauth2/google"
-	"google.golang.org/api/cloudresourcemanager/v1"
+	"google.golang.org/api/cloudresourcemanager/v3"
 	compute "google.golang.org/api/compute/v1"
 	dns "google.golang.org/api/dns/v1"
 	"google.golang.org/api/googleapi"
 	iam "google.golang.org/api/iam/v1"
 	"google.golang.org/api/option"
 	"google.golang.org/api/serviceusage/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
+
+	gcpconsts "github.com/openshift/installer/pkg/constants/gcp"
 )
 
 //go:generate mockgen -source=./client.go -destination=./mock/gcpclient_generated.go -package=mock
@@ -48,6 +50,8 @@ type API interface {
 	GetProjectPermissions(ctx context.Context, project string, permissions []string) (sets.Set[string], error)
 	GetProjectByID(ctx context.Context, project string) (*cloudresourcemanager.Project, error)
 	ValidateServiceAccountHasPermissions(ctx context.Context, project string, permissions []string) (bool, error)
+	GetProjectTags(ctx context.Context, projectID string) (sets.Set[string], error)
+	GetNamespacedTagValue(ctx context.Context, tagNamespacedName string) (*cloudresourcemanager.TagValue, error)
 }
 
 // Client makes calls to the GCP API.
@@ -317,9 +321,9 @@ func (c *Client) GetProjects(ctx context.Context) (map[string]string, error) {
 		return nil, err
 	}
 
-	req := svc.Projects.List()
+	req := svc.Projects.Search()
 	projects := make(map[string]string)
-	if err := req.Pages(ctx, func(page *cloudresourcemanager.ListProjectsResponse) error {
+	if err := req.Pages(ctx, func(page *cloudresourcemanager.SearchProjectsResponse) error {
 		for _, project := range page.Projects {
 			projects[project.ProjectId] = project.Name
 		}
@@ -340,7 +344,7 @@ func (c *Client) GetProjectByID(ctx context.Context, project string) (*cloudreso
 		return nil, err
 	}
 
-	return svc.Projects.Get(project).Context(ctx).Do()
+	return svc.Projects.Get(fmt.Sprintf(gcpconsts.ProjectNameFmt, project)).Context(ctx).Do()
 }
 
 // GetRegions gets the regions that are valid for the project. An error is returned when unsuccessful
@@ -485,7 +489,7 @@ func (c *Client) getPermissions(ctx context.Context, project string, permissions
 
 	projectsService := cloudresourcemanager.NewProjectsService(service)
 	rb := &cloudresourcemanager.TestIamPermissionsRequest{Permissions: permissions}
-	response, err := projectsService.TestIamPermissions(project, rb).Context(ctx).Do()
+	response, err := projectsService.TestIamPermissions(fmt.Sprintf(gcpconsts.ProjectNameFmt, project), rb).Context(ctx).Do()
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to get Iam permissions")
 	}
@@ -513,3 +517,49 @@ func (c *Client) ValidateServiceAccountHasPermissions(ctx context.Context, proje
 	}
 	return validPermissions.Len() == len(permissions), nil
 }
+
+// GetProjectTags returns the list of effective tags attached to the provided project resource.
+func (c *Client) GetProjectTags(ctx context.Context, projectID string) (sets.Set[string], error) {
+	service, err := c.getCloudResourceService(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create cloud resource service: %w", err)
+	}
+
+	effectiveTags := sets.New[string]()
+	effectiveTagsService := cloudresourcemanager.NewEffectiveTagsService(service)
+	effectiveTagsRequest := effectiveTagsService.List().
+		Context(ctx).
+		Parent(fmt.Sprintf(gcpconsts.ProjectParentPathFmt, projectID))
+
+	if err := effectiveTagsRequest.Pages(ctx, func(page *cloudresourcemanager.ListEffectiveTagsResponse) error {
+		for _, effectiveTag := range page.EffectiveTags {
+			effectiveTags.Insert(effectiveTag.NamespacedTagValue)
+		}
+		return nil
+	}); err != nil {
+		return nil, fmt.Errorf("failed to fetch tags attached to %s project: %w", projectID, err)
+	}
+
+	return effectiveTags, nil
+}
+
+// GetNamespacedTagValue returns the Tag Value metadata fetched using the tag's NamespacedName.
+func (c *Client) GetNamespacedTagValue(ctx context.Context, tagNamespacedName string) (*cloudresourcemanager.TagValue, error) {
+	service, err := c.getCloudResourceService(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create cloud resource service: %w", err)
+	}
+
+	tagValuesService := cloudresourcemanager.NewTagValuesService(service)
+
+	tagValue, err := tagValuesService.GetNamespaced().
+		Context(ctx).
+		Name(tagNamespacedName).
+		Do()
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to fetch %s tag value: %w", tagNamespacedName, err)
+	}
+
+	return tagValue, nil
+}