Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ephemeral: add google_service_account_id_token #12141

Open
wants to merge 10 commits into
base: FEATURE-BRANCH-ephemeral-resource
Choose a base branch
from
Open

ephemeral: add google_service_account_id_token #12141

wants to merge 10 commits into from
+358 −1

Conversation

BBBmau
Copy link
Collaborator

@BBBmau BBBmau commented Oct 25, 2024
edited by SarahFrench
Loading

An ephemeral resource that mimics the google_service_account_id_token data source

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 172 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 172 insertions(+), 1 deletion(-))

Errors

google provider:

  • The diff processor failed to build. This is usually due to the downstream provider failing to compile.

google-beta provider:

  • The diff processor failed to build. This is usually due to the downstream provider failing to compile.

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 0
Passed tests: 0
Skipped tests: 0
Affected tests: 0

Click here to see the affected service packages

All service packages are affected

$\textcolor{red}{\textsf{Errors occurred during REPLAYING mode. Please fix them to complete your PR.}}$

View the build log

@BBBmau BBBmau force-pushed the support-service-account-id-token branch from e6dfed7 to c92521f Compare November 6, 2024 22:00
@BBBmau
Copy link
Collaborator Author

BBBmau commented Nov 6, 2024

Marking as ready for review with tests passing locally:

=== RUN   TestEphemeralServiceAccountIdToken_basic
=== PAUSE TestEphemeralServiceAccountIdToken_basic
=== RUN   TestEphemeralServiceAccountIdToken_withDelegates
=== PAUSE TestEphemeralServiceAccountIdToken_withDelegates
=== RUN   TestEphemeralServiceAccountIdToken_withIncludeEmail
=== PAUSE TestEphemeralServiceAccountIdToken_withIncludeEmail
=== CONT  TestEphemeralServiceAccountIdToken_basic
=== CONT  TestEphemeralServiceAccountIdToken_withIncludeEmail
=== CONT  TestEphemeralServiceAccountIdToken_withDelegates
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [DEBUG] Waiting for state to become: [success]
2024/11/06 13:57:01 [DEBUG] Waiting for state to become: [success]
2024/11/06 13:57:01 [INFO] Authenticating using configured Google JSON 'credentials'...
2024/11/06 13:57:01 [INFO]   -- Scopes: [https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/userinfo.email]
2024/11/06 13:57:01 [DEBUG] Waiting for state to become: [success]
2024/11/06 13:57:01 [INFO] Terraform is using this identity: mauricio-alvarezleon@hc-terraform-testing.iam.gserviceaccount.com
2024/11/06 13:57:01 [DEBUG] Verifying projects/hc-terraform-testing/serviceAccounts/tf-bootstrap-sa-idtoken@hc-terraform-testing.iam.gserviceaccount.com as bootstrapped service account.
2024/11/06 13:57:01 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:01 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:01 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:01 [INFO] Terraform is using this identity: mauricio-alvarezleon@hc-terraform-testing.iam.gserviceaccount.com
2024/11/06 13:57:01 [DEBUG] Verifying projects/hc-terraform-testing/serviceAccounts/tf-bootstrap-sa-idtoken-email@hc-terraform-testing.iam.gserviceaccount.com as bootstrapped service account.
2024/11/06 13:57:01 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:01 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:01 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:01 [INFO] Terraform is using this identity: mauricio-alvarezleon@hc-terraform-testing.iam.gserviceaccount.com
2024/11/06 13:57:01 [DEBUG] Verifying projects/hc-terraform-testing/serviceAccounts/tf-bootstrap-sa-target@hc-terraform-testing.iam.gserviceaccount.com as bootstrapped service account.
2024/11/06 13:57:01 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:01 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:01 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:02 [DEBUG] Retry Transport: Stopping retries, last request was successful
2024/11/06 13:57:02 [DEBUG] Retry Transport: Returning after 1 attempts
2024/11/06 13:57:02 [DEBUG] Setting service account permissions.
2024/11/06 13:57:02 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:02 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:02 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:02 [DEBUG] Retry Transport: Stopping retries, last request was successful
2024/11/06 13:57:02 [DEBUG] Retry Transport: Returning after 1 attempts
2024/11/06 13:57:02 [DEBUG] Setting service account permissions.
2024/11/06 13:57:02 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:02 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:02 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:02 [DEBUG] Retry Transport: Stopping retries, last request was successful
2024/11/06 13:57:02 [DEBUG] Retry Transport: Returning after 1 attempts
2024/11/06 13:57:02 [DEBUG] Setting service account permissions.
2024/11/06 13:57:02 [INFO] Instantiating Google Cloud IAM client for path https://iam.googleapis.com/
2024/11/06 13:57:02 [DEBUG] Retry Transport: starting RoundTrip retry loop
2024/11/06 13:57:02 [DEBUG] Retry Transport: request attempt 0
2024/11/06 13:57:02 [DEBUG] Retry Transport: Stopping retries, last request was successful
2024/11/06 13:57:02 [DEBUG] Retry Transport: Returning after 1 attempts
--- PASS: TestEphemeralServiceAccountIdToken_basic (22.84s)
--- PASS: TestEphemeralServiceAccountIdToken_withIncludeEmail (23.23s)
--- PASS: TestEphemeralServiceAccountIdToken_withDelegates (23.35s)
PASS
ok      github.com/hashicorp/terraform-provider-google/google/services/resourcemanager  30.963s

@BBBmau BBBmau marked this pull request as ready for review November 6, 2024 22:06
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 3 files changed, 355 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 3 files changed, 355 insertions(+), 1 deletion(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 4267
Passed tests: 3616
Skipped tests: 417
Affected tests: 234

Click here to see the affected service packages

All service packages are affected

Action taken

Found 234 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccBackupDRBackupVault_fullUpdate
  • TestAccComputeFirewallPolicyAssociation_basic
  • TestAccComputeProjectMetadata_basic
  • TestAccContainerClusterCustomServiceAccount_withAutopilot
  • TestAccContainerClusterDatasource_regional
  • TestAccContainerClusterDatasource_zonal
  • TestAccContainerCluster_WithCPAFeatures
  • TestAccContainerCluster_additional_pod_ranges_config_on_create
  • TestAccContainerCluster_additional_pod_ranges_config_on_update
  • TestAccContainerCluster_autopilot_minimal
  • TestAccContainerCluster_autopilot_net_admin
  • TestAccContainerCluster_autoprovisioningDefaultsManagement
  • TestAccContainerCluster_autoprovisioningDefaultsUpgradeSettings
  • TestAccContainerCluster_autoprovisioningLocations
  • TestAccContainerCluster_backend
  • TestAccContainerCluster_basic
  • TestAccContainerCluster_customPlacementPolicy
  • TestAccContainerCluster_deleteExclusionWindow
  • TestAccContainerCluster_deleteMaintenanceExclusionOptions
  • TestAccContainerCluster_enableCiliumPolicies_withAutopilot
  • TestAccContainerCluster_errorAutopilotLocation
  • TestAccContainerCluster_errorNoClusterCreated
  • TestAccContainerCluster_misc
  • TestAccContainerCluster_network
  • TestAccContainerCluster_networkingModeRoutes
  • TestAccContainerCluster_nodeAutoprovisioning
  • TestAccContainerCluster_nodeAutoprovisioningDefaults
  • TestAccContainerCluster_nodeAutoprovisioningDefaultsBootDiskKmsKey
  • TestAccContainerCluster_nodeAutoprovisioningDefaultsDiskSizeGb
  • TestAccContainerCluster_nodeAutoprovisioningDefaultsDiskType
  • TestAccContainerCluster_nodeAutoprovisioningDefaultsImageType
  • TestAccContainerCluster_nodeAutoprovisioningDefaultsShieldedInstance
  • TestAccContainerCluster_nodeAutoprovisioningNetworkTags
  • TestAccContainerCluster_privateRegistry
  • TestAccContainerCluster_regional
  • TestAccContainerCluster_regionalWithNodeLocations
  • TestAccContainerCluster_regionalWithNodePool
  • TestAccContainerCluster_stackType_withDualStack
  • TestAccContainerCluster_stackType_withSingleStack
  • TestAccContainerCluster_storagePoolsWithNodeConfig
  • TestAccContainerCluster_storagePoolsWithNodePool
  • TestAccContainerCluster_updateMaintenanceExclusionOptions
  • TestAccContainerCluster_updateVersion
  • TestAccContainerCluster_withAdditiveVPC
  • TestAccContainerCluster_withAdvancedDatapath
  • TestAccContainerCluster_withAdvancedMachineFeaturesInNodePool
  • TestAccContainerCluster_withAuthenticatorGroupsConfig
  • TestAccContainerCluster_withAutopilot
  • TestAccContainerCluster_withAutopilotGcpFilestoreCsiDriver
  • TestAccContainerCluster_withAutopilotKubeletConfig
  • TestAccContainerCluster_withAutopilotNetworkTags
  • TestAccContainerCluster_withAutopilotResourceManagerTags
  • TestAccContainerCluster_withAutopilot_withNodePoolDefaults
  • TestAccContainerCluster_withAutoscalingProfile
  • TestAccContainerCluster_withBinaryAuthorizationEnabledBool
  • TestAccContainerCluster_withBinaryAuthorizationEvaluationModeAutopilot
  • TestAccContainerCluster_withBinaryAuthorizationEvaluationModeClassic
  • TestAccContainerCluster_withBootDiskKmsKey
  • TestAccContainerCluster_withCidrBlockWithoutPrivateEndpointSubnetwork
  • TestAccContainerCluster_withConfidentialBootDisk
  • TestAccContainerCluster_withConfidentialBootDiskNodeConfig
  • TestAccContainerCluster_withConfidentialNodes
  • TestAccContainerCluster_withCostManagementConfig
  • TestAccContainerCluster_withDNSConfig
  • TestAccContainerCluster_withDatabaseEncryption
  • TestAccContainerCluster_withDeletionProtection
  • TestAccContainerCluster_withEnableKubernetesAlpha
  • TestAccContainerCluster_withEnableKubernetesBetaAPIs
  • TestAccContainerCluster_withEnableKubernetesBetaAPIsOnExistingCluster
  • TestAccContainerCluster_withEnablePrivateEndpointToggle
  • TestAccContainerCluster_withExternalIpsConfig
  • TestAccContainerCluster_withFQDNNetworkPolicy
  • TestAccContainerCluster_withFilteredNotificationConfig
  • TestAccContainerCluster_withFlexiblePodCIDR
  • TestAccContainerCluster_withGatewayApiConfig
  • TestAccContainerCluster_withGcpPublicCidrsAccessEnabledToggle
  • TestAccContainerCluster_withILBSubsetting
  • TestAccContainerCluster_withIPAllocationPolicy_existingSecondaryRanges
  • TestAccContainerCluster_withIPAllocationPolicy_specificIPRanges
  • TestAccContainerCluster_withIPAllocationPolicy_specificSizes
  • TestAccContainerCluster_withIdentityServiceConfig
  • TestAccContainerCluster_withInsecureKubeletReadonlyPortEnabledDefaultsUpdates
  • TestAccContainerCluster_withInsecureKubeletReadonlyPortEnabledInNodePool
  • TestAccContainerCluster_withIntraNodeVisibility
  • TestAccContainerCluster_withLoggingVariantInNodeConfig
  • TestAccContainerCluster_withLoggingVariantInNodePool
  • TestAccContainerCluster_withLoggingVariantUpdates
  • TestAccContainerCluster_withMaintenanceExclusionOptions
  • TestAccContainerCluster_withMaintenanceExclusionWindow
  • TestAccContainerCluster_withMaintenanceWindow
  • TestAccContainerCluster_withMasterAuthConfig_NoCert
  • TestAccContainerCluster_withMasterAuthorizedNetworksConfig
  • TestAccContainerCluster_withMasterAuthorizedNetworksDisabled
  • TestAccContainerCluster_withMeshCertificatesConfig
  • TestAccContainerCluster_withMonitoringConfig
  • TestAccContainerCluster_withMonitoringConfigAdvancedDatapathObservabilityConfig
  • TestAccContainerCluster_withMultiNetworking
  • TestAccContainerCluster_withNetworkPolicyEnabled
  • TestAccContainerCluster_withNodeConfigFastSocket
  • TestAccContainerCluster_withNodeConfigGcfsConfig
  • TestAccContainerCluster_withNodeConfigKubeletConfigSettingsUpdates
  • TestAccContainerCluster_withNodeConfigLinuxNodeConfig
  • TestAccContainerCluster_withNodeConfigReservationAffinity
  • TestAccContainerCluster_withNodeConfigReservationAffinitySpecific
  • TestAccContainerCluster_withNodeConfigScopeAlias
  • TestAccContainerCluster_withNodeConfigShieldedInstanceConfig
  • TestAccContainerCluster_withNodePoolAutoscaling
  • TestAccContainerCluster_withNodePoolBasic
  • TestAccContainerCluster_withNodePoolCIA
  • TestAccContainerCluster_withNodePoolDefaults
  • TestAccContainerCluster_withNodePoolMultiple
  • TestAccContainerCluster_withNodePoolNodeConfig
  • TestAccContainerCluster_withNodePoolResize
  • TestAccContainerCluster_withNodePoolUpdateVersion
  • TestAccContainerCluster_withNotificationConfig
  • TestAccContainerCluster_withPrivateClusterConfigBasic
  • TestAccContainerCluster_withPrivateClusterConfigGlobalAccessEnabledOnly
  • TestAccContainerCluster_withPrivateClusterConfigMissingCidrBlock_withAutopilot
  • TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork
  • TestAccContainerCluster_withPrivateEndpointSubnetwork
  • TestAccContainerCluster_withProtectConfig
  • TestAccContainerCluster_withRecurringMaintenanceWindow
  • TestAccContainerCluster_withReleaseChannelEnabled
  • TestAccContainerCluster_withReleaseChannelEnabledDefaultVersion
  • TestAccContainerCluster_withResourceUsageExportConfig
  • TestAccContainerCluster_withSecurityPostureConfig
  • TestAccContainerCluster_withShieldedNodes
  • TestAccContainerCluster_withSoleTenantGroup
  • TestAccContainerCluster_withTPUConfig
  • TestAccContainerCluster_withTelemetryEnabled
  • TestAccContainerCluster_withTpu
  • TestAccContainerCluster_withVersion
  • TestAccContainerCluster_withWorkloadALTSConfig
  • TestAccContainerCluster_withWorkloadALTSConfigAutopilot
  • TestAccContainerCluster_withWorkloadIdentityConfig
  • TestAccContainerCluster_withWorkloadIdentityConfigAutopilot
  • TestAccContainerCluster_with_PodCIDROverprovisionDisabled
  • TestAccContainerCluster_withoutConfidentialBootDisk
  • TestAccContainerNodePool_EmptyGuestAccelerator
  • TestAccContainerNodePool_autoscaling
  • TestAccContainerNodePool_basic
  • TestAccContainerNodePool_basicWithClusterId
  • TestAccContainerNodePool_compactPlacement
  • TestAccContainerNodePool_concurrent
  • TestAccContainerNodePool_customPlacementPolicy
  • TestAccContainerNodePool_enableQueuedProvisioning
  • TestAccContainerNodePool_ephemeralStorageConfig
  • TestAccContainerNodePool_ephemeralStorageLocalSsdConfig
  • TestAccContainerNodePool_fastSocket
  • TestAccContainerNodePool_gcfsConfig
  • TestAccContainerNodePool_gvnic
  • TestAccContainerNodePool_localNvmeSsdBlockConfig
  • TestAccContainerNodePool_maxPodsPerNode
  • TestAccContainerNodePool_nestedVirtualization
  • TestAccContainerNodePool_nodeLocations
  • TestAccContainerNodePool_regionalAutoscaling
  • TestAccContainerNodePool_regionalClusters
  • TestAccContainerNodePool_resize
  • TestAccContainerNodePool_resourceManagerTags
  • TestAccContainerNodePool_secondaryBootDisks
  • TestAccContainerNodePool_shieldedInstanceConfig
  • TestAccContainerNodePool_storagePools
  • TestAccContainerNodePool_threadsPerCore
  • TestAccContainerNodePool_totalSize
  • TestAccContainerNodePool_version
  • TestAccContainerNodePool_withCgroupMode
  • TestAccContainerNodePool_withConfidentialBootDisk
  • TestAccContainerNodePool_withConfidentialNodes
  • TestAccContainerNodePool_withEnablePrivateNodesToggle
  • TestAccContainerNodePool_withGPU
  • TestAccContainerNodePool_withHostMaintenancePolicy
  • TestAccContainerNodePool_withHugepageConfig
  • TestAccContainerNodePool_withKubeletConfig
  • TestAccContainerNodePool_withLinuxNodeConfig
  • TestAccContainerNodePool_withLoggingVariantUpdates
  • TestAccContainerNodePool_withMachineAndDiskUpdate
  • TestAccContainerNodePool_withMachineDiskStoragePoolsUpdate
  • TestAccContainerNodePool_withManagement
  • TestAccContainerNodePool_withMultiNicNetworkConfig
  • TestAccContainerNodePool_withNetworkConfig
  • TestAccContainerNodePool_withNodeConfig
  • TestAccContainerNodePool_withNodeConfigScopeAlias
  • TestAccContainerNodePool_withReservationAffinity
  • TestAccContainerNodePool_withReservationAffinitySpecific
  • TestAccContainerNodePool_withSandboxConfig
  • TestAccContainerNodePool_withSoleTenantConfig
  • TestAccContainerNodePool_withTaintsUpdate
  • TestAccContainerNodePool_withUpgradeSettings
  • TestAccContainerNodePool_withWorkloadIdentityConfig
  • TestAccContainerNodePool_withoutConfidentialBootDisk
  • TestAccDNSManagedZone_dnsManagedZonePrivateGkeExample
  • TestAccDNSManagedZone_privateUpdate
  • TestAccDNSResponsePolicy_update
  • TestAccDataprocCluster_withNodeGroupAffinity
  • TestAccGKEBackupBackupPlanIamBindingGenerated
  • TestAccGKEBackupBackupPlanIamMemberGenerated
  • TestAccGKEBackupBackupPlanIamPolicyGenerated
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanAutopilotExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanBasicExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanCmekExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanFullExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanPermissiveExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanRpoDailyWindowExample
  • TestAccGKEBackupBackupPlan_gkebackupBackupplanRpoWeeklyWindowExample
  • TestAccGKEBackupBackupPlan_update
  • TestAccGKEBackupRestorePlanIamBindingGenerated
  • TestAccGKEBackupRestorePlanIamMemberGenerated
  • TestAccGKEBackupRestorePlanIamPolicyGenerated
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanAllClusterResourcesExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanAllNamespacesExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanGitopsModeExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanProtectedApplicationExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanRenameNamespaceExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanRestoreOrderExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanRollbackNamespaceExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanSecondTransformationExample
  • TestAccGKEBackupRestorePlan_gkebackupRestoreplanVolumeResExample
  • TestAccGKEBackupRestorePlan_update
  • TestAccGKEHub2MembershipBinding_gkehubMembershipBindingBasicExample
  • TestAccGKEHub2MembershipRBACRoleBinding_gkehubMembershipRbacRoleBindingBasicExample
  • TestAccGKEHubMembershipIamBindingGenerated
  • TestAccGKEHubMembershipIamMemberGenerated
  • TestAccGKEHubMembershipIamPolicyGenerated
  • TestAccGKEHubMembership_gkehubMembershipBasicExample
  • TestAccGKEHubMembership_gkehubMembershipIssuerExample
  • TestAccGKEHubMembership_gkehubMembershipRegionalExample
  • TestAccPubsubSubscriptionBigQuery_serviceAccount
  • TestAccRedisCluster_createClusterWithNodeType
  • TestAccRedisCluster_createUpdateDeletionProtection
  • TestAccRedisCluster_updateRedisConfigs
  • TestAccRedisCluster_updateReplicaCount
  • TestAccRedisCluster_updateShardCount
  • TestAccSpannerInstance_basicWithAutoscalingUsingNodeConfigUpdate
  • TestAccSpannerInstance_basicWithAutoscalingUsingProcessingUnitConfigUpdate

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccBackupDRBackupVault_fullUpdate [Debug log]
TestAccComputeFirewallPolicyAssociation_basic [Debug log]
TestAccComputeProjectMetadata_basic [Debug log]
TestAccContainerClusterCustomServiceAccount_withAutopilot [Debug log]
TestAccContainerClusterDatasource_regional [Debug log]
TestAccContainerClusterDatasource_zonal [Debug log]
TestAccContainerCluster_WithCPAFeatures [Debug log]
TestAccContainerCluster_additional_pod_ranges_config_on_create [Debug log]
TestAccContainerCluster_additional_pod_ranges_config_on_update [Debug log]
TestAccContainerCluster_autopilot_minimal [Debug log]
TestAccContainerCluster_autopilot_net_admin [Debug log]
TestAccContainerCluster_autoprovisioningDefaultsManagement [Debug log]
TestAccContainerCluster_autoprovisioningDefaultsUpgradeSettings [Debug log]
TestAccContainerCluster_autoprovisioningLocations [Debug log]
TestAccContainerCluster_backend [Debug log]
TestAccContainerCluster_basic [Debug log]
TestAccContainerCluster_customPlacementPolicy [Debug log]
TestAccContainerCluster_deleteExclusionWindow [Debug log]
TestAccContainerCluster_deleteMaintenanceExclusionOptions [Debug log]
TestAccContainerCluster_enableCiliumPolicies_withAutopilot [Debug log]
TestAccContainerCluster_errorAutopilotLocation [Debug log]
TestAccContainerCluster_errorNoClusterCreated [Debug log]
TestAccContainerCluster_misc [Debug log]
TestAccContainerCluster_network [Debug log]
TestAccContainerCluster_networkingModeRoutes [Debug log]
TestAccContainerCluster_nodeAutoprovisioning [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaults [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaultsBootDiskKmsKey [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaultsDiskSizeGb [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaultsDiskType [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaultsImageType [Debug log]
TestAccContainerCluster_nodeAutoprovisioningDefaultsShieldedInstance [Debug log]
TestAccContainerCluster_nodeAutoprovisioningNetworkTags [Debug log]
TestAccContainerCluster_privateRegistry [Debug log]
TestAccContainerCluster_regional [Debug log]
TestAccContainerCluster_regionalWithNodeLocations [Debug log]
TestAccContainerCluster_regionalWithNodePool [Debug log]
TestAccContainerCluster_stackType_withDualStack [Debug log]
TestAccContainerCluster_stackType_withSingleStack [Debug log]
TestAccContainerCluster_storagePoolsWithNodeConfig [Debug log]
TestAccContainerCluster_storagePoolsWithNodePool [Debug log]
TestAccContainerCluster_updateMaintenanceExclusionOptions [Debug log]
TestAccContainerCluster_updateVersion [Debug log]
TestAccContainerCluster_withAdditiveVPC [Debug log]
TestAccContainerCluster_withAdvancedDatapath [Debug log]
TestAccContainerCluster_withAdvancedMachineFeaturesInNodePool [Debug log]
TestAccContainerCluster_withAuthenticatorGroupsConfig [Debug log]
TestAccContainerCluster_withAutopilot [Debug log]
TestAccContainerCluster_withAutopilotGcpFilestoreCsiDriver [Debug log]
TestAccContainerCluster_withAutopilotKubeletConfig [Debug log]
TestAccContainerCluster_withAutopilotNetworkTags [Debug log]
TestAccContainerCluster_withAutopilotResourceManagerTags [Debug log]
TestAccContainerCluster_withAutopilot_withNodePoolDefaults [Debug log]
TestAccContainerCluster_withAutoscalingProfile [Debug log]
TestAccContainerCluster_withBinaryAuthorizationEnabledBool [Debug log]
TestAccContainerCluster_withBinaryAuthorizationEvaluationModeAutopilot [Debug log]
TestAccContainerCluster_withBinaryAuthorizationEvaluationModeClassic [Debug log]
TestAccContainerCluster_withBootDiskKmsKey [Debug log]
TestAccContainerCluster_withCidrBlockWithoutPrivateEndpointSubnetwork [Debug log]
TestAccContainerCluster_withConfidentialBootDisk [Debug log]
TestAccContainerCluster_withConfidentialBootDiskNodeConfig [Debug log]
TestAccContainerCluster_withConfidentialNodes [Debug log]
TestAccContainerCluster_withCostManagementConfig [Debug log]
TestAccContainerCluster_withDNSConfig [Debug log]
TestAccContainerCluster_withDatabaseEncryption [Debug log]
TestAccContainerCluster_withDeletionProtection [Debug log]
TestAccContainerCluster_withEnableKubernetesAlpha [Debug log]
TestAccContainerCluster_withEnableKubernetesBetaAPIs [Debug log]
TestAccContainerCluster_withEnableKubernetesBetaAPIsOnExistingCluster [Debug log]
TestAccContainerCluster_withEnablePrivateEndpointToggle [Debug log]
TestAccContainerCluster_withExternalIpsConfig [Debug log]
TestAccContainerCluster_withFQDNNetworkPolicy [Debug log]
TestAccContainerCluster_withFilteredNotificationConfig [Debug log]
TestAccContainerCluster_withFlexiblePodCIDR [Debug log]
TestAccContainerCluster_withGatewayApiConfig [Debug log]
TestAccContainerCluster_withGcpPublicCidrsAccessEnabledToggle [Debug log]
TestAccContainerCluster_withILBSubsetting [Debug log]
TestAccContainerCluster_withIPAllocationPolicy_existingSecondaryRanges [Debug log]
TestAccContainerCluster_withIPAllocationPolicy_specificIPRanges [Debug log]
TestAccContainerCluster_withIPAllocationPolicy_specificSizes [Debug log]
TestAccContainerCluster_withIdentityServiceConfig [Debug log]
TestAccContainerCluster_withInsecureKubeletReadonlyPortEnabledDefaultsUpdates [Debug log]
TestAccContainerCluster_withInsecureKubeletReadonlyPortEnabledInNodePool [Debug log]
TestAccContainerCluster_withIntraNodeVisibility [Debug log]
TestAccContainerCluster_withLoggingVariantInNodeConfig [Debug log]
TestAccContainerCluster_withLoggingVariantInNodePool [Debug log]
TestAccContainerCluster_withLoggingVariantUpdates [Debug log]
TestAccContainerCluster_withMaintenanceExclusionOptions [Debug log]
TestAccContainerCluster_withMaintenanceExclusionWindow [Debug log]
TestAccContainerCluster_withMaintenanceWindow [Debug log]
TestAccContainerCluster_withMasterAuthConfig_NoCert [Debug log]
TestAccContainerCluster_withMasterAuthorizedNetworksConfig [Debug log]
TestAccContainerCluster_withMasterAuthorizedNetworksDisabled [Debug log]
TestAccContainerCluster_withMeshCertificatesConfig [Debug log]
TestAccContainerCluster_withMonitoringConfig [Debug log]
TestAccContainerCluster_withMonitoringConfigAdvancedDatapathObservabilityConfig [Debug log]
TestAccContainerCluster_withMultiNetworking [Debug log]
TestAccContainerCluster_withNetworkPolicyEnabled [Debug log]
TestAccContainerCluster_withNodeConfigFastSocket [Debug log]
TestAccContainerCluster_withNodeConfigGcfsConfig [Debug log]
TestAccContainerCluster_withNodeConfigKubeletConfigSettingsUpdates [Debug log]
TestAccContainerCluster_withNodeConfigLinuxNodeConfig [Debug log]
TestAccContainerCluster_withNodeConfigReservationAffinity [Debug log]
TestAccContainerCluster_withNodeConfigReservationAffinitySpecific [Debug log]
TestAccContainerCluster_withNodeConfigScopeAlias [Debug log]
TestAccContainerCluster_withNodeConfigShieldedInstanceConfig [Debug log]
TestAccContainerCluster_withNodePoolAutoscaling [Debug log]
TestAccContainerCluster_withNodePoolBasic [Debug log]
TestAccContainerCluster_withNodePoolCIA [Debug log]
TestAccContainerCluster_withNodePoolMultiple [Debug log]
TestAccContainerCluster_withNodePoolNodeConfig [Debug log]
TestAccContainerCluster_withNodePoolResize [Debug log]
TestAccContainerCluster_withNodePoolUpdateVersion [Debug log]
TestAccContainerCluster_withNotificationConfig [Debug log]
TestAccContainerCluster_withPrivateClusterConfigBasic [Debug log]
TestAccContainerCluster_withPrivateClusterConfigGlobalAccessEnabledOnly [Debug log]
TestAccContainerCluster_withPrivateClusterConfigMissingCidrBlock_withAutopilot [Debug log]
TestAccContainerCluster_withPrivateClusterConfigPrivateEndpointSubnetwork [Debug log]
TestAccContainerCluster_withPrivateEndpointSubnetwork [Debug log]
TestAccContainerCluster_withProtectConfig [Debug log]
TestAccContainerCluster_withRecurringMaintenanceWindow [Debug log]
TestAccContainerCluster_withReleaseChannelEnabled [Debug log]
TestAccContainerCluster_withReleaseChannelEnabledDefaultVersion [Debug log]
TestAccContainerCluster_withResourceUsageExportConfig [Debug log]
TestAccContainerCluster_withSecurityPostureConfig [Debug log]
TestAccContainerCluster_withShieldedNodes [Debug log]
TestAccContainerCluster_withSoleTenantGroup [Debug log]
TestAccContainerCluster_withTPUConfig [Debug log]
TestAccContainerCluster_withTelemetryEnabled [Debug log]
TestAccContainerCluster_withTpu [Debug log]
TestAccContainerCluster_withVersion [Debug log]
TestAccContainerCluster_withWorkloadALTSConfig [Debug log]
TestAccContainerCluster_withWorkloadALTSConfigAutopilot [Debug log]
TestAccContainerCluster_withWorkloadIdentityConfig [Debug log]
TestAccContainerCluster_withWorkloadIdentityConfigAutopilot [Debug log]
TestAccContainerCluster_with_PodCIDROverprovisionDisabled [Debug log]
TestAccContainerCluster_withoutConfidentialBootDisk [Debug log]
TestAccContainerNodePool_EmptyGuestAccelerator [Debug log]
TestAccContainerNodePool_autoscaling [Debug log]
TestAccContainerNodePool_basic [Debug log]
TestAccContainerNodePool_compactPlacement [Debug log]
TestAccContainerNodePool_concurrent [Debug log]
TestAccContainerNodePool_customPlacementPolicy [Debug log]
TestAccContainerNodePool_enableQueuedProvisioning [Debug log]
TestAccContainerNodePool_ephemeralStorageConfig [Debug log]
TestAccContainerNodePool_ephemeralStorageLocalSsdConfig [Debug log]
TestAccContainerNodePool_fastSocket [Debug log]
TestAccContainerNodePool_gcfsConfig [Debug log]
TestAccContainerNodePool_gvnic [Debug log]
TestAccContainerNodePool_localNvmeSsdBlockConfig [Debug log]
TestAccContainerNodePool_maxPodsPerNode [Debug log]
TestAccContainerNodePool_nestedVirtualization [Debug log]
TestAccContainerNodePool_nodeLocations [Debug log]
TestAccContainerNodePool_regionalAutoscaling [Debug log]
TestAccContainerNodePool_regionalClusters [Debug log]
TestAccContainerNodePool_resourceManagerTags [Debug log]
TestAccContainerNodePool_secondaryBootDisks [Debug log]
TestAccContainerNodePool_shieldedInstanceConfig [Debug log]
TestAccContainerNodePool_storagePools [Debug log]
TestAccContainerNodePool_threadsPerCore [Debug log]
TestAccContainerNodePool_totalSize [Debug log]
TestAccContainerNodePool_version [Debug log]
TestAccContainerNodePool_withCgroupMode [Debug log]
TestAccContainerNodePool_withConfidentialBootDisk [Debug log]
TestAccContainerNodePool_withConfidentialNodes [Debug log]
TestAccContainerNodePool_withEnablePrivateNodesToggle [Debug log]
TestAccContainerNodePool_withGPU [Debug log]
TestAccContainerNodePool_withHostMaintenancePolicy [Debug log]
TestAccContainerNodePool_withHugepageConfig [Debug log]
TestAccContainerNodePool_withKubeletConfig [Debug log]
TestAccContainerNodePool_withLinuxNodeConfig [Debug log]
TestAccContainerNodePool_withLoggingVariantUpdates [Debug log]
TestAccContainerNodePool_withMachineAndDiskUpdate [Debug log]
TestAccContainerNodePool_withMachineDiskStoragePoolsUpdate [Debug log]
TestAccContainerNodePool_withManagement [Debug log]
TestAccContainerNodePool_withMultiNicNetworkConfig [Debug log]
TestAccContainerNodePool_withNetworkConfig [Debug log]
TestAccContainerNodePool_withNodeConfig [Debug log]
TestAccContainerNodePool_withNodeConfigScopeAlias [Debug log]
TestAccContainerNodePool_withReservationAffinity [Debug log]
TestAccContainerNodePool_withReservationAffinitySpecific [Debug log]
TestAccContainerNodePool_withSandboxConfig [Debug log]
TestAccContainerNodePool_withSoleTenantConfig [Debug log]
TestAccContainerNodePool_withTaintsUpdate [Debug log]
TestAccContainerNodePool_withUpgradeSettings [Debug log]
TestAccContainerNodePool_withWorkloadIdentityConfig [Debug log]
TestAccContainerNodePool_withoutConfidentialBootDisk [Debug log]
TestAccDNSManagedZone_dnsManagedZonePrivateGkeExample [Debug log]
TestAccDNSManagedZone_privateUpdate [Debug log]
TestAccDNSResponsePolicy_update [Debug log]
TestAccDataprocCluster_withNodeGroupAffinity [Debug log]
TestAccGKEBackupBackupPlanIamBindingGenerated [Debug log]
TestAccGKEBackupBackupPlanIamMemberGenerated [Debug log]
TestAccGKEBackupBackupPlanIamPolicyGenerated [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanAutopilotExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanBasicExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanCmekExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanFullExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanPermissiveExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanRpoDailyWindowExample [Debug log]
TestAccGKEBackupBackupPlan_gkebackupBackupplanRpoWeeklyWindowExample [Debug log]
TestAccGKEBackupBackupPlan_update [Debug log]
TestAccGKEBackupRestorePlanIamBindingGenerated [Debug log]
TestAccGKEBackupRestorePlanIamMemberGenerated [Debug log]
TestAccGKEBackupRestorePlanIamPolicyGenerated [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanAllClusterResourcesExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanAllNamespacesExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanGitopsModeExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanProtectedApplicationExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanRenameNamespaceExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanRestoreOrderExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanRollbackNamespaceExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanSecondTransformationExample [Debug log]
TestAccGKEBackupRestorePlan_gkebackupRestoreplanVolumeResExample [Debug log]
TestAccGKEBackupRestorePlan_update [Debug log]
TestAccGKEHub2MembershipBinding_gkehubMembershipBindingBasicExample [Debug log]
TestAccGKEHub2MembershipRBACRoleBinding_gkehubMembershipRbacRoleBindingBasicExample [Debug log]
TestAccGKEHubMembershipIamBindingGenerated [Debug log]
TestAccGKEHubMembershipIamMemberGenerated [Debug log]
TestAccGKEHubMembershipIamPolicyGenerated [Debug log]
TestAccGKEHubMembership_gkehubMembershipBasicExample [Debug log]
TestAccGKEHubMembership_gkehubMembershipIssuerExample [Debug log]
TestAccGKEHubMembership_gkehubMembershipRegionalExample [Debug log]
TestAccPubsubSubscriptionBigQuery_serviceAccount [Debug log]
TestAccRedisCluster_createClusterWithNodeType [Debug log]
TestAccRedisCluster_createUpdateDeletionProtection [Debug log]
TestAccRedisCluster_updateRedisConfigs [Debug log]
TestAccRedisCluster_updateReplicaCount [Debug log]
TestAccRedisCluster_updateShardCount [Debug log]
TestAccSpannerInstance_basicWithAutoscalingUsingNodeConfigUpdate [Debug log]
TestAccSpannerInstance_basicWithAutoscalingUsingProcessingUnitConfigUpdate [Debug log]

🔴 Tests failed when rerunning REPLAYING mode:
TestAccBackupDRBackupVault_fullUpdate [Error message] [Debug log]

Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.

Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.

🔴 Tests failed during RECORDING mode:
TestAccContainerCluster_withNodePoolDefaults [Error message] [Debug log]
TestAccContainerNodePool_basicWithClusterId [Error message] [Debug log]
TestAccContainerNodePool_resize [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

SarahFrench
SarahFrench reviewed Nov 7, 2024
View reviewed changes
Copy link
Collaborator

@SarahFrench SarahFrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some initial review, based off the feedback I gave in #12140

...d_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token_test.go Outdated Show resolved Hide resolved
.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go Outdated Show resolved Hide resolved
@BBBmau BBBmau force-pushed the support-service-account-id-token branch from c92521f to f4825f5 Compare November 8, 2024 08:53
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 3 files changed, 458 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 3 files changed, 458 insertions(+), 1 deletion(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 4267
Passed tests: 3846
Skipped tests: 417
Affected tests: 4

Click here to see the affected service packages

All service packages are affected

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccBackupDRBackupVault_fullUpdate
  • TestAccContainerCluster_withSecretManagerConfig
  • TestAccDNSResponsePolicy_dnsResponsePolicyBasicExample
  • TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccBackupDRBackupVault_fullUpdate [Debug log]
TestAccDNSResponsePolicy_dnsResponsePolicyBasicExample [Debug log]
TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🔴 Tests failed during RECORDING mode:
TestAccContainerCluster_withSecretManagerConfig [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@BBBmau BBBmau force-pushed the support-service-account-id-token branch from f4825f5 to a5c6da5 Compare November 12, 2024 23:02
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 3 files changed, 265 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 3 files changed, 265 insertions(+), 1 deletion(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 4267
Passed tests: 3845
Skipped tests: 417
Affected tests: 5

Click here to see the affected service packages

All service packages are affected

Action taken

Found 5 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccBackupDRBackupVault_fullUpdate
  • TestAccCloudRunService_cloudRunServiceMulticontainerExample
  • TestAccCloudbuildv2Connection_GlePrivConnection
  • TestAccCloudbuildv2Connection_GlePrivUpdateConnection
  • TestAccContainerCluster_withSecretManagerConfig

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccBackupDRBackupVault_fullUpdate [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🔴 Tests failed during RECORDING mode:
TestAccCloudRunService_cloudRunServiceMulticontainerExample [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivConnection [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivUpdateConnection [Error message] [Debug log]
TestAccContainerCluster_withSecretManagerConfig [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

@BBBmau BBBmau mentioned this pull request Nov 13, 2024
Draft
SarahFrench
SarahFrench reviewed Nov 14, 2024
View reviewed changes
Copy link
Collaborator

@SarahFrench SarahFrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here's an initial pass of review - as well as the individual comments please make an initial draft of the documentation markdown page for this ephemeral resource

.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go
resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)

targetAudience := data.TargetAudience.ValueString()
creds := fwtransport.GetCredentials(ctx, fwmodels.ProviderModel{}, false, &resp.Diagnostics)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This'll be something that'll need refactoring after the muxing fixes are merged; the GetCredentials on the (SDK) Config struct is different to the version implemented on the FrameworkProviderConfig struct.

.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go Outdated Show resolved Hide resolved
.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go Outdated Show resolved Hide resolved
.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go Show resolved Hide resolved
@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 3 files changed, 268 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 3 files changed, 268 insertions(+), 1 deletion(-))

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 4267
Passed tests: 3844
Skipped tests: 417
Affected tests: 6

Click here to see the affected service packages

All service packages are affected

Action taken

Found 6 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccBackupDRBackupVault_fullUpdate
  • TestAccCloudRunService_cloudRunServiceMulticontainerExample
  • TestAccCloudbuildv2Connection_GlePrivConnection
  • TestAccCloudbuildv2Connection_GlePrivUpdateConnection
  • TestAccContainerCluster_withFleetConfig
  • TestAccContainerCluster_withSecretManagerConfig

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccBackupDRBackupVault_fullUpdate [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🔴 Tests failed during RECORDING mode:
TestAccCloudRunService_cloudRunServiceMulticontainerExample [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivConnection [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivUpdateConnection [Error message] [Debug log]
TestAccContainerCluster_withFleetConfig [Error message] [Debug log]
TestAccContainerCluster_withSecretManagerConfig [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

SarahFrench
SarahFrench reviewed Nov 14, 2024
View reviewed changes
Copy link
Collaborator

@SarahFrench SarahFrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#12141 (comment)

@SarahFrench
Copy link
Collaborator

I've triggered some tests in TeamCity here: https://hashicorp.teamcity.com/buildConfiguration/TerraformProviders_GoogleCloud_FEATUREBRANCHEPHEMERALRESOURCE_MM_GA_GOOGLE_PACKAGE_RESOURCEMANAGER/266487?hideTestsFromDependencies=false&hideProblemsFromDependencies=false&expandBuildChangesSection=true

@BBBmau
Copy link
Collaborator Author

BBBmau commented Nov 15, 2024

I've triggered some tests in TeamCity here: hashicorp.teamcity.com/buildConfiguration/TerraformProviders_GoogleCloud_FEATUREBRANCHEPHEMERALRESOURCE_MM_GA_GOOGLE_PACKAGE_RESOURCEMANAGER/266487?hideTestsFromDependencies=false&hideProblemsFromDependencies=false&expandBuildChangesSection=true

looks like there's an issue with the boostrapping of the service accounts.

@SarahFrench
Copy link
Collaborator

I've triggered some tests in TeamCity here: hashicorp.teamcity.com/buildConfiguration/TerraformProviders_GoogleCloud_FEATUREBRANCHEPHEMERALRESOURCE_MM_GA_GOOGLE_PACKAGE_RESOURCEMANAGER/266487?hideTestsFromDependencies=false&hideProblemsFromDependencies=false&expandBuildChangesSection=true

looks like there's an issue with the boostrapping of the service accounts.

@BBBmau the credentials in the test environment were revoked, it's not a problem with the test

@modular-magician
Copy link
Collaborator

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 4 files changed, 362 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 4 files changed, 362 insertions(+), 1 deletion(-))

SarahFrench
SarahFrench reviewed Nov 15, 2024
View reviewed changes
Copy link
Collaborator

@SarahFrench SarahFrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Quick review - the tests currently fail because the GetCredentials function isn't being passed any information about credentials etc. I've suggested a solution, but it's gross and we're being restricted by the way the framework GetCredentials function is written versus the original SDK version. Note how the SDK version is a method where the receiver is the Config struct (i.e. the meta) and the framework version is just a function 🙃

...hird_party/terraform/website/docs/ephemeral-resources/service_account_id_token.html.markdown
Comment on lines +30 to +50
data "google_service_account_access_token" "impersonated" {
provider = google
target_service_account = "impersonated-account@project.iam.gserviceaccount.com"
delegates = []
scopes = ["userinfo-email", "cloud-platform"]
lifetime = "300s"
}

provider "google" {
alias = "impersonated"
access_token = data.google_service_account_access_token.impersonated.access_token
}

ephemeral "google_service_account_id_token" "oidc" {
provider = google.impersonated
target_service_account = "impersonated-account@project.iam.gserviceaccount.com"
delegates = []
include_email = true
target_audience = "https://foo.bar/"
}

Copy link
Collaborator

@SarahFrench SarahFrench Nov 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to manually check this in future - see TFECO-8280

.../third_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token.go
resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)

targetAudience := data.TargetAudience.ValueString()
creds := fwtransport.GetCredentials(ctx, fwmodels.ProviderModel{}, false, &resp.Diagnostics)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is gross, but necessary to make sure the framework version of GetCredentials receives the data it needs:

Suggested change
creds := fwtransport.GetCredentials(ctx, fwmodels.ProviderModel{}, false, &resp.Diagnostics)
model := fwmodels.ProviderModel{
Credentials: p.providerConfig.Credentials,
AccessToken: p.providerConfig.AccessToken,
ImpersonateServiceAccount: p.providerConfig.ImpersonateServiceAccount,
ImpersonateServiceAccountDelegates: p.providerConfig.ImpersonateServiceAccountDelegates,
Project: p.providerConfig.Project,
BillingProject: p.providerConfig.BillingProject,
Scopes: p.providerConfig.Scopes,
UniverseDomain: p.providerConfig.UniverseDomain,
}
creds := fwtransport.GetCredentials(ctx, model, false, &resp.Diagnostics)

fwmodels.ProviderModel is the struct that is populated with data from the provider block when the provider is being configured. The fwtransport.GetCredentials function is written in a way that makes it very coupled with being used in the context of a provider being configured, whereas the SDK version of GetCredentials is a method on the Config struct and can be run outside the context of a provider being configured.

Just more evidence that the original muxing was poorly-planned and 💩

@SarahFrench
Copy link
Collaborator

SarahFrench commented Nov 15, 2024
edited
Loading

@BBBmau I noticed some failing checks and I realised we need to make a change to allow the new documentation type. If you have time, please make a PR similar to hashicorp/terraform-provider-google#17509 into the FEATURE-BRANCH-ephemeral-resource branches of the TPG and TPGB repos to allow thewebsite/docs/ephemeral-resources folder!

SarahFrench
SarahFrench reviewed Nov 15, 2024
View reviewed changes
...d_party/terraform/services/resourcemanager/ephemeral_google_service_account_id_token_test.go
})
}

func TestAccEphemeralServiceAccountIdToken_withIncludeEmail(t *testing.T) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once the edit to GetCredentials' arguments is included, this test fails due to:

ephemeral_google_service_account_id_token_test.go:62: Step 1/1 error: Error running pre-apply refresh: exit status 1
        
        Error: Error calling iamcredentials.GenerateIdToken
        
          with ephemeral.google_service_account_id_token.token,
          on terraform_plugin_test.tf line 3, in ephemeral "google_service_account_id_token" "token":
           3: ephemeral "google_service_account_id_token" "token" {
        
        googleapi: Error 403: Permission 'iam.serviceAccounts.getOpenIdToken' denied
        on resource (or it may not exist).
        Details:
        [
          {
            "@type": "type.googleapis.com/google.rpc.ErrorInfo",
            "domain": "iam.googleapis.com",
            "metadata": {
              "permission": "iam.serviceAccounts.getOpenIdToken"
            },
            "reason": "IAM_PERMISSION_DENIED"
          }
        ]
        , forbidden

This code bootstraps the existence of both service accounts and makes sure that serviceAccount has permissions to imitate targetServiceAccountEmail via roles/iam.serviceAccountTokenCreator. That's insufficient for this test though, hence the error.

Please add a step in the test where the missing permission is created. Then the ephemeral resource can be added in the second step.

@modular-magician
Copy link
Collaborator

Tests analytics

Total tests: 4270
Passed tests: 3844
Skipped tests: 417
Affected tests: 9

Click here to see the affected service packages

All service packages are affected

Action taken

Found 9 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
  • TestAccBackupDRBackupVault_fullUpdate
  • TestAccCloudRunService_cloudRunServiceMulticontainerExample
  • TestAccCloudbuildv2Connection_GlePrivConnection
  • TestAccCloudbuildv2Connection_GlePrivUpdateConnection
  • TestAccContainerCluster_withFleetConfig
  • TestAccContainerCluster_withSecretManagerConfig
  • TestAccEphemeralServiceAccountIdToken_basic
  • TestAccEphemeralServiceAccountIdToken_withDelegates
  • TestAccEphemeralServiceAccountIdToken_withIncludeEmail

Get to know how VCR tests work

@modular-magician
Copy link
Collaborator

🟢 Tests passed during RECORDING mode:
TestAccBackupDRBackupVault_fullUpdate [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

🔴 Tests failed during RECORDING mode:
TestAccCloudRunService_cloudRunServiceMulticontainerExample [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivConnection [Error message] [Debug log]
TestAccCloudbuildv2Connection_GlePrivUpdateConnection [Error message] [Debug log]
TestAccContainerCluster_withFleetConfig [Error message] [Debug log]
TestAccContainerCluster_withSecretManagerConfig [Error message] [Debug log]
TestAccEphemeralServiceAccountIdToken_basic [Error message] [Debug log]
TestAccEphemeralServiceAccountIdToken_withDelegates [Error message] [Debug log]
TestAccEphemeralServiceAccountIdToken_withIncludeEmail [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SarahFrench SarahFrench SarahFrench left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BBBmau @modular-magician @SarahFrench