diff --git a/config/tests/samples/create/harness.go b/config/tests/samples/create/harness.go index 3eb253b3a6..195f741829 100644 --- a/config/tests/samples/create/harness.go +++ b/config/tests/samples/create/harness.go @@ -652,6 +652,7 @@ func MaybeSkip(t *testing.T, name string, resources []*unstructured.Unstructured case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeNetwork"}: case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeNodeGroup"}: case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeNodeTemplate"}: + case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeManagedSSLCertificate"}: case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeSubnetwork"}: // ok diff --git a/mockgcp/mockcompute/globalsslcertificatesv1.go b/mockgcp/mockcompute/globalsslcertificatesv1.go new file mode 100644 index 0000000000..0aa74b8b25 --- /dev/null +++ b/mockgcp/mockcompute/globalsslcertificatesv1.go @@ -0,0 +1,142 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mockcompute + +import ( + "context" + "strings" + + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + "google.golang.org/protobuf/proto" + apierrors "k8s.io/apimachinery/pkg/api/errors" + + "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/common/projects" + pb "github.com/GoogleCloudPlatform/k8s-config-connector/mockgcp/generated/mockgcp/cloud/compute/v1" +) + +type GlobalSSLCertificatesV1 struct { + *MockService + pb.UnimplementedSslCertificatesServer +} + +func (s *GlobalSSLCertificatesV1) Get(ctx context.Context, req *pb.GetSslCertificateRequest) (*pb.SslCertificate, error) { + reqName := "projects/" + req.GetProject() + "/global" + "/sslCertificates/" + req.GetSslCertificate() + name, err := s.parseGlobalSslCertificateName(reqName) + if err != nil { + return nil, err + } + + fqn := name.String() + + obj := &pb.SslCertificate{} + if err := s.storage.Get(ctx, fqn, obj); err != nil { + return nil, err + } + + return obj, nil +} + +func (s *GlobalSSLCertificatesV1) Insert(ctx context.Context, req *pb.InsertSslCertificateRequest) (*pb.Operation, error) { + reqName := "projects/" + req.GetProject() + "/global" + "/sslCertificates/" + req.GetSslCertificateResource().GetName() + name, err := s.parseGlobalSslCertificateName(reqName) + if err != nil { + return nil, err + } + + fqn := name.String() + + id := s.generateID() + + obj := proto.Clone(req.GetSslCertificateResource()).(*pb.SslCertificate) + obj.SelfLink = PtrTo("https://compute.googleapis.com/compute/v1/" + name.String()) + obj.CreationTimestamp = PtrTo(s.nowString()) + obj.Id = &id + obj.Kind = PtrTo("compute#sslCertificate") + + if err := s.storage.Create(ctx, fqn, obj); err != nil { + return nil, status.Errorf(codes.Internal, "error creating sslCertificate: %v", err) + } + + op := &pb.Operation{ + TargetId: obj.Id, + TargetLink: obj.SelfLink, + OperationType: PtrTo("insert"), + User: PtrTo("user@example.com"), + } + return s.startGlobalLRO(ctx, name.Project.ID, op, func() (proto.Message, error) { + return obj, nil + }) +} + +func (s *GlobalSSLCertificatesV1) Delete(ctx context.Context, req *pb.DeleteSslCertificateRequest) (*pb.Operation, error) { + reqName := "projects/" + req.GetProject() + "/global" + "/sslCertificates/" + req.GetSslCertificate() + name, err := s.parseGlobalSslCertificateName(reqName) + if err != nil { + return nil, err + } + + fqn := name.String() + + deleted := &pb.SslCertificate{} + if err := s.storage.Delete(ctx, fqn, deleted); err != nil { + if apierrors.IsNotFound(err) { + return nil, status.Errorf(codes.NotFound, "sslCertificate %q not found", name) + } + + return nil, status.Errorf(codes.Internal, "error deleting sslCertificate: %v", err) + } + + op := &pb.Operation{ + TargetId: deleted.Id, + TargetLink: deleted.SelfLink, + OperationType: PtrTo("delete"), + User: PtrTo("user@example.com"), + } + return s.startGlobalLRO(ctx, name.Project.ID, op, func() (proto.Message, error) { + return deleted, nil + }) +} + +type globalSSLCertificateName struct { + Project *projects.ProjectData + Name string +} + +func (n *globalSSLCertificateName) String() string { + return "projects/" + n.Project.ID + "/global" + "/sslCertificates/" + n.Name +} + +// parseGlobalSslCertificateName parses a string into a globalSslCertificateName. +// The expected form is `projects/*/regions/*/sslcertificate/*`. +func (s *MockService) parseGlobalSslCertificateName(name string) (*globalSSLCertificateName, error) { + tokens := strings.Split(name, "/") + + if len(tokens) == 5 && tokens[0] == "projects" && tokens[2] == "global" && tokens[3] == "sslCertificates" { + project, err := s.Projects.GetProjectByID(tokens[1]) + if err != nil { + return nil, err + } + + name := &globalSSLCertificateName{ + Project: project, + Name: tokens[4], + } + + return name, nil + } + + return nil, status.Errorf(codes.InvalidArgument, "name %q is not valid", name) +} diff --git a/mockgcp/mockcompute/service.go b/mockgcp/mockcompute/service.go index 2752fb17be..778c52a1a7 100644 --- a/mockgcp/mockcompute/service.go +++ b/mockgcp/mockcompute/service.go @@ -51,7 +51,6 @@ func (s *MockService) ExpectedHost() string { func (s *MockService) Register(grpcServer *grpc.Server) { pb.RegisterNetworksServer(grpcServer, &NetworksV1{MockService: s}) - pb.RegisterSubnetworksServer(grpcServer, &SubnetsV1{MockService: s}) pb.RegisterRegionHealthChecksServer(grpcServer, &RegionalHealthCheckV1{MockService: s}) @@ -68,6 +67,7 @@ func (s *MockService) Register(grpcServer *grpc.Server) { pb.RegisterAddressesServer(grpcServer, &RegionalAddressesV1{MockService: s}) pb.RegisterGlobalAddressesServer(grpcServer, &GlobalAddressesV1{MockService: s}) + pb.RegisterSslCertificatesServer(grpcServer, &GlobalSSLCertificatesV1{MockService: s}) } func (s *MockService) NewHTTPMux(ctx context.Context, conn *grpc.ClientConn) (http.Handler, error) { @@ -119,6 +119,11 @@ func (s *MockService) NewHTTPMux(ctx context.Context, conn *grpc.ClientConn) (ht return nil, err } + // for global ssl certs and the managedsslcerts + if err := pb.RegisterSslCertificatesHandler(ctx, mux.ServeMux, conn); err != nil { + return nil, err + } + // Returns slightly non-standard errors mux.RewriteError = func(ctx context.Context, error *httpmux.ErrorResponse) { // Does not return status (at least for 404) diff --git a/pkg/test/resourcefixture/testdata/basic/cloudbuild/v1alpha1/cloudbuildworkerpool/_http.log b/pkg/test/resourcefixture/testdata/basic/cloudbuild/v1alpha1/cloudbuildworkerpool/_http.log index 48cd99d676..b17d7a1620 100644 --- a/pkg/test/resourcefixture/testdata/basic/cloudbuild/v1alpha1/cloudbuildworkerpool/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/cloudbuild/v1alpha1/cloudbuildworkerpool/_http.log @@ -113,7 +113,7 @@ X-Xss-Protection: 0 "selfLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/operations/${operationID}", "startTime": "2024-04-01T12:34:56.123456Z", "status": "RUNNING", - "targetId": "${networkID}", + "targetId": "7780111738275460050", "targetLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/networks/computenetwork-${uniqueId}", "user": "user@example.com" } @@ -1023,7 +1023,7 @@ X-Xss-Protection: 0 "selfLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/operations/${operationID}", "startTime": "2024-04-01T12:34:56.123456Z", "status": "RUNNING", - "targetId": "${networkID}", + "targetId": "7780111738275460050", "targetLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/networks/computenetwork-${uniqueId}", "user": "user@example.com" } diff --git a/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/_http.log b/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/_http.log new file mode 100644 index 0000000000..64bcce3316 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/_http.log @@ -0,0 +1,133 @@ +GET https://compute.googleapis.com/compute/beta/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "errors": [ + { + "domain": "global", + "message": "sslCertificate \"projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}\" not found", + "reason": "notFound" + } + ], + "message": "sslCertificate \"projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}\" not found" + } +} + +--- + +POST https://compute.googleapis.com/compute/beta/projects/${projectId}/global/sslCertificates?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "managed": { + "domains": [ + "sslcert.kcc-test.club." + ] + }, + "name": "computemanagedsslcertificate-${uniqueId}", + "type": "MANAGED" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "id": "000000000000000000000", + "insertTime": "2024-04-01T12:34:56.123456Z", + "kind": "compute#operation", + "name": "${operationID}", + "operationType": "insert", + "progress": 0, + "selfLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/operations/${operationID}", + "startTime": "2024-04-01T12:34:56.123456Z", + "status": "RUNNING", + "targetId": "7780111738275460050", + "targetLink": "https://compute.googleapis.com/compute/v1/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}", + "user": "user@example.com" +} + +--- + +GET https://compute.googleapis.com/compute/beta/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "creationTimestamp": "2024-04-01T12:34:56.123456Z", + "id": "000000000000000000000", + "kind": "compute#sslCertificate", + "managed": { + "domains": [ + "sslcert.kcc-test.club." + ] + }, + "name": "computemanagedsslcertificate-${uniqueId}", + "selfLink": "https://compute.googleapis.com/compute/v1/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}", + "type": "MANAGED" +} + +--- + +DELETE https://compute.googleapis.com/compute/beta/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "id": "000000000000000000000", + "insertTime": "2024-04-01T12:34:56.123456Z", + "kind": "compute#operation", + "name": "${operationID}", + "operationType": "delete", + "progress": 0, + "selfLink": "https://www.googleapis.com/compute/beta/projects/${projectId}/global/operations/${operationID}", + "startTime": "2024-04-01T12:34:56.123456Z", + "status": "RUNNING", + "targetId": "7780111738275460050", + "targetLink": "https://compute.googleapis.com/compute/v1/projects/${projectId}/global/sslCertificates/computemanagedsslcertificate-${uniqueId}", + "user": "user@example.com" +} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/create.yaml b/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/create.yaml index f8fd1b5f69..dc2ab1a279 100644 --- a/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/compute/v1alpha1/computemanagedsslcertificate/managedsslcertificate/create.yaml @@ -14,11 +14,11 @@ apiVersion: compute.cnrm.cloud.google.com/v1alpha1 kind: ComputeManagedSSLCertificate metadata: - name: computemanagedsslcertificate${uniqueId} + name: computemanagedsslcertificate-${uniqueId} spec: managed: domains: - sslcert.kcc-test.club. projectRef: external: ${projectId} - resourceID: computemanagedsslcertificate${uniqueId} \ No newline at end of file + resourceID: computemanagedsslcertificate-${uniqueId} \ No newline at end of file diff --git a/tests/e2e/unified_test.go b/tests/e2e/unified_test.go index 9f2e1af8ab..28ee6d6fc3 100644 --- a/tests/e2e/unified_test.go +++ b/tests/e2e/unified_test.go @@ -546,6 +546,7 @@ func runScenario(ctx context.Context, t *testing.T, testPause bool, fixture reso addReplacement("insertTime", "2024-04-01T12:34:56.123456Z") addReplacement("startTime", "2024-04-01T12:34:56.123456Z") addReplacement("user", "user@example.com") + addReplacement("targetId", "7780111738275460050") // Specific to vertexai addReplacement("blobStoragePathPrefix", "cloud-ai-platform-00000000-1111-2222-3333-444444444444")