Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(bigquery): add data_policy resource #668

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(bigquery): add data_policy resource #668

wants to merge 5 commits into from

Conversation

nilan3
Copy link
Contributor

@nilan3 nilan3 commented Dec 9, 2024
edited by mergenci
Loading

Description of your changes

Add resources for the following terraform resources:

Fixes #

I have:

  • Read and followed Crossplane's [contribution process].
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR if necessary.

How has this code been tested

image

--- PASS: kuttl (47.06s)
    --- PASS: kuttl/harness (0.00s)
        --- PASS: kuttl/harness/case (45.68s)
PASS
14:36:28 [ OK ] running automated tests

nilan3 added 3 commits December 9, 2024 11:30
@nilan3
enable bigquery data policy
70d3877 
Signed-off-by: nilan3 <[email protected]>
@nilan3
rebase
aa3706f 
Signed-off-by: nilan3 <[email protected]>
@nilan3
update example
069d60e 
Signed-off-by: nilan3 <[email protected]>
@jeanduplessis
Copy link
Collaborator

/test-examples="examples/bigquery/v1beta1/datapolicydatapolicy.yaml"

@nilan3
Copy link
Contributor Author

nilan3 commented Dec 9, 2024

/test-examples="examples/bigquery/v1beta1/datapolicydatapolicyiambinding.yaml"

@nilan3 nilan3 marked this pull request as ready for review December 9, 2024 15:10
@jeanduplessis
Copy link
Collaborator

/test-examples="examples/bigquery/v1beta1/datapolicydatapolicy.yaml"

@nilan3
Copy link
Contributor Author

nilan3 commented Dec 10, 2024

/test-examples="examples/bigquery/v1beta1/datapolicydatapolicyiambinding.yaml"

@nilan3
Copy link
Contributor Author

nilan3 commented Dec 10, 2024

/test-examples="examples/bigquery/v1beta1/datapolicydatapolicy.yaml"

@nilan3
Copy link
Contributor Author

nilan3 commented Dec 13, 2024

@turkenf, could you help with reviewing this pls?

turkenf
turkenf reviewed Dec 26, 2024
View reviewed changes
Copy link
Collaborator

@turkenf turkenf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your efforts in this PR @nilan3, I left a few comments for you to consider.

config/bigquery/config.go
Comment on lines +93 to +96
p.AddResourceConfigurator("google_bigquery_datapolicy_data_policy_iam_binding", func(r *config.Resource) {
r.References["data_policy_id"] = config.Reference{
TerraformName: "google_bigquery_datapolicy_data_policy",
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since it is in the example in the terraform registry, the reference definition for data_policy_id should come automatically. If so, please remove the above configurations.

config/bigquery/config.go
r.References["data_policy_id"] = config.Reference{
TerraformName: "google_bigquery_datapolicy_data_policy",
}
r.MarkAsRequired("location")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there is no need to mark the location field as required here since it comes from the data policy id.

config/externalname.go
@@ -827,6 +827,10 @@ var terraformPluginSDKExternalNameConfigs = map[string]config.ExternalName{
"google_bigquery_table_iam_member": config.TemplatedStringAsIdentifier("", "projects/{{ .parameters.project }}/datasets/{{ .parameters.dataset_id }}/tables/{{ .parameters.table_id }} {{ .parameters.member }}"),
// IAM policy imports use the identifier of the resource: projects/{{project}}/datasets/{{dataset_id}}/tables/{{table_id}}
"google_bigquery_table_iam_policy": config.IdentifierFromProvider,
// Imported with the following format: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}
"google_bigquery_datapolicy_data_policy": config.TemplatedStringAsIdentifier("data_policy_id", "projects/{{ .parameters.project }}/locations/{{ .parameters.location }}/dataPolicies/{{ .external_name }}"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the project field is optional and to handle the cases where it is not given, it may be better to use the configuration below.

Suggested change
"google_bigquery_datapolicy_data_policy": config.TemplatedStringAsIdentifier("data_policy_id", "projects/{{ .parameters.project }}/locations/{{ .parameters.location }}/dataPolicies/{{ .external_name }}"),
"google_bigquery_datapolicy_data_policy": config.TemplatedStringAsIdentifier("data_policy_id", "projects/{{ if .parameters.project }}{{ .parameters.project }}{{ else }}{{ .setup.configuration.project }}{{ end }}/locations/{{ .parameters.location }}/dataPolicies/{{ .external_name }}"),

config/externalname.go
// Imported with the following format: projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}
"google_bigquery_datapolicy_data_policy": config.TemplatedStringAsIdentifier("data_policy_id", "projects/{{ .parameters.project }}/locations/{{ .parameters.location }}/dataPolicies/{{ .external_name }}"),
// Binding resource can be imported using the data_policy_id and role: "projects/your-project-id/dataPolicies/data-policy-id roles/viewer"
"google_bigquery_datapolicy_data_policy_iam_binding": config.TemplatedStringAsIdentifier("", "{{ .parameters.data_policy_id }} {{ .parameters.role }}"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see manual intervention in the resource's example. Could you please test this resource manually and provide logs/screenshots in the PR description showing that the create, delete, and import steps were successful?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turkenf turkenf turkenf left review comments

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

@sergenyalcin sergenyalcin Awaiting requested review from sergenyalcin sergenyalcin is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nilan3 @jeanduplessis @turkenf