Skip to content

Commit

Permalink
Gkehub Membership Resource [updated again] (#4600)
Browse files Browse the repository at this point in the history 
* GKE Hub Membership resource.

* Update api.yaml

* Update to remove fields, add update capabilities

* Add issuer to test

* Add issuer, authority to test

* Add additional test

Co-authored-by: Nathan Mckinley <nmckinley@google.com>
Co-authored-by: Nathan McKinley <nath@nmckinley.com>
  • Loading branch information
@slevenick @nat-henderson
3 people authored Mar 23, 2021
1 parent d73a9c9 commit 9d0a00f
Show file tree
Hide file tree
Showing 4 changed files with 201 additions and 0 deletions.
117 changes: 117 additions & 0 deletions mmv1/products/gkehub/api.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
# Copyright 2020 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

--- !ruby/object:Api::Product
name: GKEHub
display_name: GKEHub
versions:
- !ruby/object:Api::Product::Version
name: beta
base_url: https://gkehub.googleapis.com/v1beta1/
scopes:
- https://www.googleapis.com/auth/cloud-platform
apis_required:
- !ruby/object:Api::Product::ApiReference
name: GKEHub API
url: https://console.cloud.google.com/apis/library/gkehub.googleapis.com
objects:
- !ruby/object:Api::Resource
min_version: beta
name: 'Membership'
base_url: "projects/{{project}}/locations/global/memberships"
create_url: "projects/{{project}}/locations/global/memberships?membershipId={{membership_id}}"
update_url: "projects/{{project}}/locations/global/memberships/{{membership_id}}"
self_link: "{{name}}"
update_verb: :PATCH
update_mask: true
description: |
Membership contains information about a member cluster.
references: !ruby/object:Api::Resource::ReferenceLinks
guides:
'Registering a Cluster':
'https://cloud.google.com/anthos/multicluster-management/connect/registering-a-cluster#register_cluster'
api: 'https://cloud.google.com/gkehub/docs/reference/rest/v1beta1/projects.locations.memberships'
async: !ruby/object:Api::OpAsync
operation: !ruby/object:Api::OpAsync::Operation
kind: 'gkehub#operation'
path: 'name'
base_url: '{{op_id}}'
wait_ms: 1000
result: !ruby/object:Api::OpAsync::Result
path: 'response'
resource_inside_response: true
status: !ruby/object:Api::OpAsync::Status
path: 'done'
complete: 'true'
allowed:
- 'true'
- 'false'
error: !ruby/object:Api::OpAsync::Error
path: 'error/errors'
message: 'message'

properties:
- !ruby/object:Api::Type::String
name: 'membershipId'
description: |
The client-provided identifier of the membership.
required: true
input: true
url_param_only: true
- !ruby/object:Api::Type::String
name: 'name'
output: true
description: |
The unique identifier of the membership.
- !ruby/object:Api::Type::String
name: 'description'
description: |
The name of this entity type to be displayed on the console.
- !ruby/object:Api::Type::KeyValuePairs
name: 'labels'
description: |
Labels to apply to this membership.
- !ruby/object:Api::Type::NestedObject
name: 'endpoint'
input: true
description: |
If this Membership is a Kubernetes API server hosted on GKE, this is a self link to its GCP resource.
properties:
- !ruby/object:Api::Type::NestedObject
name: 'gkeCluster'
input: true
description: |
If this Membership is a Kubernetes API server hosted on GKE, this is a self link to its GCP resource.
properties:
- !ruby/object:Api::Type::String
name: 'resourceLink'
description: |
Self-link of the GCP resource for the GKE cluster.
For example: `//container.googleapis.com/projects/my-project/zones/us-west1-a/clusters/my-cluster`.
It can be at the most 1000 characters in length. If the cluster is provisioned with Terraform,
this is `"//container.googleapis.com/${google_container_cluster.my-cluster.id}"`.
input: true
required: true
- !ruby/object:Api::Type::NestedObject
name: 'authority'
description: |
Authority encodes how Google will recognize identities from this Membership.
See the workload identity documentation for more details:
https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
properties:
- !ruby/object:Api::Type::String
name: 'issuer'
required: true
description: |
A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and // be a valid
with length <2000 characters.
44 changes: 44 additions & 0 deletions mmv1/products/gkehub/terraform.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# Copyright 2020 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

--- !ruby/object:Provider::Terraform::Config
overrides: !ruby/object:Overrides::ResourceOverrides
Membership: !ruby/object:Overrides::Terraform::ResourceOverride
autogen_async: true
examples:
- !ruby/object:Provider::Terraform::Examples
min_version: beta
name: "gkehub_membership_basic"
primary_resource_id: "basic_membership"
vars:
name: "basic"
cluster_name: "basiccluster"
- !ruby/object:Provider::Terraform::Examples
min_version: beta
name: "gkehub_membership_issuer"
primary_resource_id: "issuer_membership"
vars:
name: "basic"
cluster_name: "basiccluster"
test_env_vars:
project: :PROJECT_NAME
# Skip sweeper gen since this is a child resource.
skip_sweeper: true
id_format: "{{name}}"
import_format: ["{{name}}"]
# This is for copying files over
files: !ruby/object:Provider::Config::Files
# These files have templating (ERB) code that will be run.
# This is usually to add licensing info, autogeneration notices, etc.
compile:
<%= lines(indent(compile('provider/terraform/product~compile.yaml'), 4)) -%>
17 changes: 17 additions & 0 deletions mmv1/templates/terraform/examples/gkehub_membership_basic.tf.erb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
resource "google_container_cluster" "primary" {
name = "<%= ctx[:vars]['cluster_name'] %>"
location = "us-central1-a"
initial_node_count = 1
provider = google-beta
}

resource "google_gke_hub_membership" "membership" {
membership_id = "<%= ctx[:vars]['name'] %>"
endpoint {
gke_cluster {
resource_link = "//container.googleapis.com/${google_container_cluster.primary.id}"
}
}
description = "test resource."
provider = google-beta
}
23 changes: 23 additions & 0 deletions mmv1/templates/terraform/examples/gkehub_membership_issuer.tf.erb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
resource "google_container_cluster" "primary" {
name = "<%= ctx[:vars]['cluster_name'] %>"
location = "us-central1-a"
initial_node_count = 1
workload_identity_config {
identity_namespace = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
}
provider = google-beta
}

resource "google_gke_hub_membership" "membership" {
membership_id = "<%= ctx[:vars]['name'] %>"
endpoint {
gke_cluster {
resource_link = "//container.googleapis.com/${google_container_cluster.primary.id}"
}
}
authority {
issuer = "https://container.googleapis.com/v1/${google_container_cluster.primary.id}"
}
description = "test resource."
provider = google-beta
}

0 comments on commit 9d0a00f

Please sign in to comment.