update regional forwarding rule

gemmahou · Sep 19, 2024 · 1743d32 · 1743d32
1 parent d3d4707
commit 1743d32
Show file tree

Hide file tree

Showing 8 changed files with 234 additions and 237 deletions.
diff --git a/mockgcp/mockcompute/globalforwardingrulesv1.go b/mockgcp/mockcompute/globalforwardingrulesv1.go
@@ -122,6 +122,44 @@ func (s *GlobalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertGlob
 	})
 }
 
+func (s *GlobalForwardingRulesV1) Patch(ctx context.Context, req *pb.PatchGlobalForwardingRuleRequest) (*pb.Operation, error) {
+	reqName := "projects/" + req.GetProject() + "/global" + "/forwardingRules/" + req.GetForwardingRule()
+	name, err := s.parseGlobalForwardingRuleName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.ForwardingRule{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		if status.Code(err) == codes.NotFound {
+			return nil, status.Errorf(codes.NotFound, "The resource '%s' was not found", fqn)
+		}
+		return nil, err
+	}
+
+	proto.Merge(obj, req.GetForwardingRuleResource())
+	// checked GCP log, when AllowGlobalAccess is false, the field will be ignored
+	if *obj.AllowGlobalAccess == false {
+		obj.AllowGlobalAccess = nil
+	}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("patch"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startGlobalLRO(ctx, name.Project.ID, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
 func (s *GlobalForwardingRulesV1) Delete(ctx context.Context, req *pb.DeleteGlobalForwardingRuleRequest) (*pb.Operation, error) {
 	reqName := "projects/" + req.GetProject() + "/global" + "/forwardingRules/" + req.GetForwardingRule()
 	name, err := s.parseGlobalForwardingRuleName(reqName)

diff --git a/mockgcp/mockcompute/regionalforwardingrulev1.go b/mockgcp/mockcompute/regionalforwardingrulev1.go
@@ -123,6 +123,45 @@ func (s *RegionalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertFo
 	})
 }
 
+func (s *RegionalForwardingRulesV1) Patch(ctx context.Context, req *pb.PatchForwardingRuleRequest) (*pb.Operation, error) {
+	reqName := "projects/" + req.GetProject() + "/regions/" + req.GetRegion() + "/forwardingRules/" + req.GetForwardingRule()
+	name, err := s.parseRegionalForwardingRuleName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.ForwardingRule{}
+
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		if status.Code(err) == codes.NotFound {
+			return nil, status.Errorf(codes.NotFound, "The resource '%s' was not found", fqn)
+		}
+		return nil, err
+	}
+
+	proto.Merge(obj, req.GetForwardingRuleResource())
+	// checked GCP log, when AllowGlobalAccess is false, the field will be ignored
+	if *obj.AllowGlobalAccess == false {
+		obj.AllowGlobalAccess = nil
+	}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("patch"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startRegionalLRO(ctx, name.Project.ID, name.Region, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
 func (s *RegionalForwardingRulesV1) Delete(ctx context.Context, req *pb.DeleteForwardingRuleRequest) (*pb.Operation, error) {
 	reqName := "projects/" + req.GetProject() + "/regions/" + req.GetRegion() + "/forwardingRules/" + req.GetForwardingRule()
 	name, err := s.parseRegionalForwardingRuleName(reqName)

diff --git a/pkg/controller/direct/compute/forwardingrule_controller.go b/pkg/controller/direct/compute/forwardingrule_controller.go
@@ -379,11 +379,38 @@ func (a *forwardingRuleAdapter) Update(ctx context.Context, updateOp *directbase
 	forwardingRule.Name = direct.LazyPtr(a.id.forwardingRule)
 	forwardingRule.Labels = desired.Labels
 
-	// Patch only support update on networkTier field, which KCC does not support yet.
-	// Use setTarget and setLabels to update target and labels fields.
 	var err error
 	op := &gcp.Operation{}
 	updated := &computepb.ForwardingRule{}
+	if !reflect.DeepEqual(forwardingRule.AllowGlobalAccess, a.actual.AllowGlobalAccess) {
+		// To match the request body in TF-controller log
+		// https://github.com/hashicorp/terraform-provider-google/blob/main/google/services/compute/resource_compute_forwarding_rule.go#L1151
+		reqBody := &computepb.ForwardingRule{AllowGlobalAccess: forwardingRule.AllowGlobalAccess}
+		if a.id.location == "global" {
+			// TF does not support allowGlobalAccess field for global forwarding rule
+			// Underlying API as well, error message: `Field allow-global-access is only supported for regional INTERNAL
+			// forwarding rules with backend service/target instance or regional INTERNAL_MANAGED forwarding rules.`
+			forwardingRule.AllowGlobalAccess = nil
+		} else {
+			patchReq := &computepb.PatchForwardingRuleRequest{
+				ForwardingRule:         a.id.forwardingRule,
+				ForwardingRuleResource: reqBody,
+				Project:                a.id.project,
+				Region:                 a.id.location,
+			}
+			op, err = a.forwardingRulesClient.Patch(ctx, patchReq)
+		}
+	}
+	if err != nil {
+		return fmt.Errorf("updating ComputeForwardingRule %s: %w", a.fullyQualifiedName(), err)
+	}
+	err = op.Wait(ctx)
+	if err != nil {
+		return fmt.Errorf("waiting ComputeForwardingRule %s update failed: %w", a.fullyQualifiedName(), err)
+	}
+	log.V(2).Info("successfully updated ComputeForwardingRule", "name", a.fullyQualifiedName())
+
+	// Use setTarget and setLabels to update target and labels fields.
 	if !reflect.DeepEqual(forwardingRule.Labels, a.actual.Labels) {
 		op, err := a.setLabels(ctx, a.actual.LabelFingerprint, forwardingRule.Labels)
 		if err != nil {

diff --git a/...computeforwardingrulefull/_generated_object_regionalcomputeforwardingrulefull.golden.yaml b/...computeforwardingrulefull/_generated_object_regionalcomputeforwardingrulefull.golden.yaml
@@ -7,15 +7,15 @@ metadata:
   finalizers:
   - cnrm.cloud.google.com/finalizer
   - cnrm.cloud.google.com/deletion-defender
-  generation: 1
+  generation: 2
   labels:
     cnrm-test: "true"
-    label-one: value-one
+    label-one: value-two
   name: computeregionalforwardingrule-${uniqueId}
   namespace: ${uniqueId}
 spec:
   allPorts: true
-  allowGlobalAccess: true
+  allowGlobalAccess: false
   backendServiceRef:
     name: computebackendservice-${uniqueId}
   description: A regional forwarding rule
@@ -29,9 +29,6 @@ spec:
   networkRef:
     name: customnetwork
   networkTier: PREMIUM
-  serviceDirectoryRegistrations:
-  - namespace: sd-namespace
-    service: sd-service
   serviceLabel: label
   subnetworkRef:
     name: customsubnetwork
@@ -45,5 +42,5 @@ status:
   creationTimestamp: "1970-01-01T00:00:00Z"
   externalRef: //compute.googleapis.com/projects/${projectId}/regions/us-central1/forwardingrules/computeregionalforwardingrule-${uniqueId}
   labelFingerprint: abcdef0123A=
-  observedGeneration: 1
+  observedGeneration: 2
   selfLink: https://www.googleapis.com/compute/v1/projects/${projectId}/regions/us-central1/forwardingRules/computeregionalforwardingrule-${uniqueId}