From 42fb8516ac8d6838b4e7c2168fea72992f9dbe26 Mon Sep 17 00:00:00 2001 From: Bryan Cheng Date: Mon, 7 Apr 2025 21:43:30 +0000 Subject: [PATCH 1/5] Added VCP test for IAP integration in cloudrun v1 --- mmv1/products/cloudrun/Service.yaml | 8 ++ .../examples/cloud_run_service_iap.tf.tmpl | 20 +++++ .../resource_cloud_run_service_test.go.tmpl | 86 +++++++++++++++++++ 3 files changed, 114 insertions(+) create mode 100644 mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl diff --git a/mmv1/products/cloudrun/Service.yaml b/mmv1/products/cloudrun/Service.yaml index 8ba7c0515d2f..e54ab3db759e 100644 --- a/mmv1/products/cloudrun/Service.yaml +++ b/mmv1/products/cloudrun/Service.yaml @@ -145,6 +145,14 @@ examples: cloud_run_service_name: 'cloudrun-srv' test_env_vars: project: 'PROJECT_NAME' + - name: 'cloud_run_service_iap' + primary_resource_id: 'default' + primary_resource_name: 'fmt.Sprintf("tf-test-cloudrun-srv%s", context["random_suffix"])' + min_version: 'beta' + vars: + cloud_run_service_name: 'cloudrun-srv' + test_env_vars: + project: 'PROJECT_NAME' virtual_fields: - name: 'autogenerate_revision_name' description: | diff --git a/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl new file mode 100644 index 000000000000..8d8eac2c2d6a --- /dev/null +++ b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl @@ -0,0 +1,20 @@ +resource "google_cloud_run_service" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "cloud_run_service_name"}}" + location = "us-central1" + + metadata { + annotations = { + "run.googleapis.com/iap-enabled": true + } + } + + template { + spec { + containers { + image = "gcr.io/cloudrun/hello" + } + } + } +} + diff --git a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl index 8cae33a04207..d4d0cdf467cc 100644 --- a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl +++ b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl @@ -1593,3 +1593,89 @@ resource "google_cloud_run_service" "default" { } `, name, project) } + +{{ if ne $.TargetVersionName `ga` -}} +func TestAccCloudRunService_cloudRunServiceIap_update(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t), + CheckDestroy: testAccCheckCloudRunServiceDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccCloudRunService_cloudRunServiceIapEnabled(context), + }, + { + ResourceName: "google_cloud_run_service.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"location", "metadata.0.annotations", "metadata.0.labels", "metadata.0.terraform_labels", "name"}, + }, + { + Config: testAccCloudRunService_cloudRunServiceIapDisabled(context), + }, + { + ResourceName: "google_cloud_run_service.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"location", "metadata.0.annotations", "metadata.0.labels", "metadata.0.terraform_labels", "name"}, + }, + }, + }) +} + +func testAccCloudRunService_cloudRunServiceIapEnabled(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_cloud_run_service" "default" { + provider = google-beta + name = "tf-test-cloudrun-srv%{random_suffix}" + location = "us-central1" + + metadata { + annotations = { + "run.googleapis.com/iap-enabled": true + } + } + + template { + spec { + containers { + image = "gcr.io/cloudrun/hello" + } + } + } +} +`, context) +} + +func testAccCloudRunService_cloudRunServiceIapDisabled(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_cloud_run_service" "default" { + provider = google-beta + name = "tf-test-cloudrun-srv%{random_suffix}" + location = "us-central1" + + metadata { + annotations = { + "run.googleapis.com/iap-enabled": false + } + } + + template { + spec { + containers { + image = "gcr.io/cloudrun/hello" + } + } + } +} +`, context) +} +{{- end }} + From 4d6b13a026a06fab450a51e209d014d0d08bb18e Mon Sep 17 00:00:00 2001 From: Bryan Cheng Date: Mon, 7 Apr 2025 22:43:53 +0000 Subject: [PATCH 2/5] Update launch stages to beta for iap protected cloud run services. --- mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl | 1 + 1 file changed, 1 insertion(+) diff --git a/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl index 8d8eac2c2d6a..9d4d4869454c 100644 --- a/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl +++ b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl @@ -2,6 +2,7 @@ resource "google_cloud_run_service" "{{$.PrimaryResourceId}}" { provider = google-beta name = "{{index $.Vars "cloud_run_service_name"}}" location = "us-central1" + launch_stage = "BETA" metadata { annotations = { From 2da4e527391c7ea90572bbbf84bb71ae758a9c99 Mon Sep 17 00:00:00 2001 From: Bryan Cheng Date: Mon, 7 Apr 2025 23:05:57 +0000 Subject: [PATCH 3/5] Fixed launch stage typo for cloudrunv1 iap tests. --- mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl index 9d4d4869454c..a7c819b19fe3 100644 --- a/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl +++ b/mmv1/templates/terraform/examples/cloud_run_service_iap.tf.tmpl @@ -2,10 +2,10 @@ resource "google_cloud_run_service" "{{$.PrimaryResourceId}}" { provider = google-beta name = "{{index $.Vars "cloud_run_service_name"}}" location = "us-central1" - launch_stage = "BETA" metadata { annotations = { + "run.googleapis.com/launch-stage" = "BETA" "run.googleapis.com/iap-enabled": true } } From a452c9382c940225706b39bc1f27f436b64a7fc8 Mon Sep 17 00:00:00 2001 From: Bryan Cheng Date: Mon, 7 Apr 2025 23:28:40 +0000 Subject: [PATCH 4/5] Added beta launch stage annotation for tests. --- .../services/cloudrun/resource_cloud_run_service_test.go.tmpl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl index d4d0cdf467cc..cdff8d7e3be6 100644 --- a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl +++ b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl @@ -1640,6 +1640,7 @@ resource "google_cloud_run_service" "default" { metadata { annotations = { "run.googleapis.com/iap-enabled": true + "run.googleapis.com/launch-stage" = "BETA" } } @@ -1664,6 +1665,7 @@ resource "google_cloud_run_service" "default" { metadata { annotations = { "run.googleapis.com/iap-enabled": false + "run.googleapis.com/launch-stage" = "BETA" } } From fd0bd9bb057cb8d9952e2c05393fb76a053002f4 Mon Sep 17 00:00:00 2001 From: Bryan Cheng Date: Wed, 9 Apr 2025 23:28:29 +0000 Subject: [PATCH 5/5] Fixed the launch stage assertion for when iap_enabled is false. --- .../services/cloudrun/resource_cloud_run_service_test.go.tmpl | 1 - 1 file changed, 1 deletion(-) diff --git a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl index cdff8d7e3be6..4ba8b05e14da 100644 --- a/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl +++ b/mmv1/third_party/terraform/services/cloudrun/resource_cloud_run_service_test.go.tmpl @@ -1665,7 +1665,6 @@ resource "google_cloud_run_service" "default" { metadata { annotations = { "run.googleapis.com/iap-enabled": false - "run.googleapis.com/launch-stage" = "BETA" } }