update regional forwarding rule

gemmahou · Sep 26, 2024 · c6132a4 · c6132a4
1 parent 2c36d9b
commit c6132a4
Show file tree

Hide file tree

Showing 11 changed files with 273 additions and 249 deletions.
diff --git a/mockgcp/mockcompute/globalforwardingrulesv1.go b/mockgcp/mockcompute/globalforwardingrulesv1.go
@@ -118,6 +118,14 @@ func (s *GlobalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertGlob
 		obj.Network = PtrTo(fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", networkName.Project.ID, networkName.Name))
 	}
 
+	if obj.Subnetwork != nil {
+		subnetworkName, err := s.parseSubnetName(obj.GetSubnetwork())
+		if err != nil {
+			return nil, status.Errorf(codes.InvalidArgument, "subnetwork %q is not valid", obj.GetSubnetwork())
+		}
+		obj.Subnetwork = PtrTo(fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/regions/%s/subnetworks/%s", subnetworkName.Project.ID, subnetworkName.Region, subnetworkName.Name))
+	}
+
 	// output only field. This field is only used for internal load balancing.
 	if obj.LoadBalancingScheme != nil && *obj.LoadBalancingScheme == "INTERNAL" {
 		if obj.ServiceLabel != nil {
@@ -147,6 +155,44 @@ func (s *GlobalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertGlob
 	})
 }
 
+func (s *GlobalForwardingRulesV1) Patch(ctx context.Context, req *pb.PatchGlobalForwardingRuleRequest) (*pb.Operation, error) {
+	reqName := "projects/" + req.GetProject() + "/global" + "/forwardingRules/" + req.GetForwardingRule()
+	name, err := s.parseGlobalForwardingRuleName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.ForwardingRule{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		if status.Code(err) == codes.NotFound {
+			return nil, status.Errorf(codes.NotFound, "The resource '%s' was not found", fqn)
+		}
+		return nil, err
+	}
+
+	proto.Merge(obj, req.GetForwardingRuleResource())
+	// checked GCP log, when AllowGlobalAccess is false, the field will be ignored
+	if obj.AllowGlobalAccess != nil && *obj.AllowGlobalAccess == false {
+		obj.AllowGlobalAccess = nil
+	}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("patch"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startGlobalLRO(ctx, name.Project.ID, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
 func (s *GlobalForwardingRulesV1) Delete(ctx context.Context, req *pb.DeleteGlobalForwardingRuleRequest) (*pb.Operation, error) {
 	reqName := "projects/" + req.GetProject() + "/global" + "/forwardingRules/" + req.GetForwardingRule()
 	name, err := s.parseGlobalForwardingRuleName(reqName)

diff --git a/mockgcp/mockcompute/regionalforwardingrulev1.go b/mockgcp/mockcompute/regionalforwardingrulev1.go
@@ -107,7 +107,15 @@ func (s *RegionalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertFo
 		obj.Network = PtrTo(fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", networkName.Project.ID, networkName.Name))
 	}
 
-	// output only field.
+	if obj.Subnetwork != nil {
+		subnetworkName, err := s.parseSubnetName(obj.GetSubnetwork())
+		if err != nil {
+			return nil, status.Errorf(codes.InvalidArgument, "subnetwork %q is not valid", obj.GetSubnetwork())
+		}
+		obj.Subnetwork = PtrTo(fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/regions/%s/subnetworks/%s", subnetworkName.Project.ID, subnetworkName.Region, subnetworkName.Name))
+	}
+
+	// output only fields
 	obj.Region = PtrTo(fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/regions/%s", name.Project.ID, name.Region))
 	// output only field, this field is only used for internal load balancing.
 	if obj.LoadBalancingScheme != nil && *obj.LoadBalancingScheme == "INTERNAL" {
@@ -131,6 +139,45 @@ func (s *RegionalForwardingRulesV1) Insert(ctx context.Context, req *pb.InsertFo
 	})
 }
 
+func (s *RegionalForwardingRulesV1) Patch(ctx context.Context, req *pb.PatchForwardingRuleRequest) (*pb.Operation, error) {
+	reqName := "projects/" + req.GetProject() + "/regions/" + req.GetRegion() + "/forwardingRules/" + req.GetForwardingRule()
+	name, err := s.parseRegionalForwardingRuleName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.ForwardingRule{}
+
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		if status.Code(err) == codes.NotFound {
+			return nil, status.Errorf(codes.NotFound, "The resource '%s' was not found", fqn)
+		}
+		return nil, err
+	}
+
+	proto.Merge(obj, req.GetForwardingRuleResource())
+	// checked GCP log, when AllowGlobalAccess is false, the field will be ignored
+	if obj.AllowGlobalAccess != nil && *obj.AllowGlobalAccess == false {
+		obj.AllowGlobalAccess = nil
+	}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("patch"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startRegionalLRO(ctx, name.Project.ID, name.Region, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
 func (s *RegionalForwardingRulesV1) Delete(ctx context.Context, req *pb.DeleteForwardingRuleRequest) (*pb.Operation, error) {
 	reqName := "projects/" + req.GetProject() + "/regions/" + req.GetRegion() + "/forwardingRules/" + req.GetForwardingRule()
 	name, err := s.parseRegionalForwardingRuleName(reqName)

diff --git a/pkg/controller/direct/compute/forwardingrule_controller.go b/pkg/controller/direct/compute/forwardingrule_controller.go
@@ -323,10 +323,37 @@ func (a *forwardingRuleAdapter) Update(ctx context.Context, updateOp *directbase
 	forwardingRule.Name = direct.LazyPtr(a.id.forwardingRule)
 	forwardingRule.Labels = desired.Labels
 
-	// Patch only support update on networkTier field, which KCC does not support yet.
-	// Use setTarget and setLabels to update target and labels fields.
 	op := &gcp.Operation{}
 	updated := &computepb.ForwardingRule{}
+	if !reflect.DeepEqual(forwardingRule.AllowGlobalAccess, a.actual.AllowGlobalAccess) {
+		// To match the request body in TF-controller log
+		// https://github.com/hashicorp/terraform-provider-google/blob/main/google/services/compute/resource_compute_forwarding_rule.go#L1151
+		reqBody := &computepb.ForwardingRule{AllowGlobalAccess: forwardingRule.AllowGlobalAccess}
+		if a.id.location == "global" {
+			// TF does not support allowGlobalAccess field for global forwarding rule
+			// Underlying API as well, error message: `Field allow-global-access is only supported for regional INTERNAL
+			// forwarding rules with backend service/target instance or regional INTERNAL_MANAGED forwarding rules.`
+			forwardingRule.AllowGlobalAccess = nil
+		} else {
+			patchReq := &computepb.PatchForwardingRuleRequest{
+				ForwardingRule:         a.id.forwardingRule,
+				ForwardingRuleResource: reqBody,
+				Project:                a.id.project,
+				Region:                 a.id.location,
+			}
+			op, err = a.forwardingRulesClient.Patch(ctx, patchReq)
+		}
+		if err != nil {
+			return fmt.Errorf("updating ComputeForwardingRule %s: %w", a.fullyQualifiedName(), err)
+		}
+		err = op.Wait(ctx)
+		if err != nil {
+			return fmt.Errorf("waiting ComputeForwardingRule %s update failed: %w", a.fullyQualifiedName(), err)
+		}
+		log.V(2).Info("successfully updated ComputeForwardingRule", "name", a.fullyQualifiedName())
+	}
+
+	// Use setTarget and setLabels to update target and labels fields.
 	if !reflect.DeepEqual(forwardingRule.Labels, a.actual.Labels) {
 		op, err := a.setLabels(ctx, a.actual.LabelFingerprint, forwardingRule.Labels)
 		if err != nil {

diff --git a/pkg/controller/direct/compute/refs.go b/pkg/controller/direct/compute/refs.go
@@ -73,8 +73,7 @@ func ResolveComputeNetwork(ctx context.Context, reader client.Reader, src client
 		return nil, err
 	}
 
-	// targetField: self_link
-	// See compute servicemappings for details
+	// convert to format `projects/<projectID>/global/networks/<network>`
 	return &refs.ComputeNetworkRef{
 		External: fmt.Sprintf("projects/%s/global/networks/%s", projectID, resourceID)}, nil
 }
@@ -111,14 +110,26 @@ func ResolveComputeSubnetwork(ctx context.Context, reader client.Reader, src cli
 	if err != nil {
 		return nil, err
 	}
-	// targetField: self_link
-	// See compute servicemappings for details
-	selfLink, _, err := unstructured.NestedString(computeSubnetwork.Object, "status", "selfLink")
-	if err != nil || selfLink == "" {
-		return nil, fmt.Errorf("cannot get selfLink for referenced %s %v (status.selfLink is empty)", computeSubnetwork.GetKind(), computeSubnetwork.GetNamespace())
+
+	resourceID, err := refs.GetResourceID(computeSubnetwork)
+	if err != nil {
+		return nil, err
 	}
+
+	projectID, err := refs.ResolveProjectID(ctx, reader, computeSubnetwork)
+	if err != nil {
+		return nil, err
+	}
+
+	region, _, _ := unstructured.NestedString(computeSubnetwork.Object, "spec", "region")
+	if region == "" {
+		return nil, fmt.Errorf("cannot get region from references ComputeSubnetwork %v: %w", key, err)
+	}
+
+	// convert to format `projects/<projectID>/regions/<region>/subnetworks/<subnetwork>`
 	return &refs.ComputeSubnetworkRef{
-		External: selfLink}, nil
+		External: fmt.Sprintf("projects/%s/regions/%s/subnetworks/%s", projectID, region, resourceID),
+	}, nil
 }
 
 func ResolveComputeAddress(ctx context.Context, reader client.Reader, src client.Object, ref *refs.ComputeAddressRef) (*refs.ComputeAddressRef, error) {

diff --git a/...computeforwardingrulefull/_generated_object_regionalcomputeforwardingrulefull.golden.yaml b/...computeforwardingrulefull/_generated_object_regionalcomputeforwardingrulefull.golden.yaml
@@ -7,15 +7,15 @@ metadata:
   finalizers:
   - cnrm.cloud.google.com/finalizer
   - cnrm.cloud.google.com/deletion-defender
-  generation: 1
+  generation: 2
   labels:
     cnrm-test: "true"
-    label-one: value-one
+    label-one: value-two
   name: computeregionalforwardingrule-${uniqueId}
   namespace: ${uniqueId}
 spec:
   allPorts: true
-  allowGlobalAccess: true
+  allowGlobalAccess: false
   backendServiceRef:
     name: computebackendservice-${uniqueId}
   description: A regional forwarding rule
@@ -29,9 +29,6 @@ spec:
   networkRef:
     name: customnetwork
   networkTier: PREMIUM
-  serviceDirectoryRegistrations:
-  - namespace: sd-namespace
-    service: sd-service
   serviceLabel: label
   subnetworkRef:
     name: customsubnetwork
@@ -45,5 +42,5 @@ status:
   creationTimestamp: "1970-01-01T00:00:00Z"
   externalRef: //compute.googleapis.com/projects/${projectId}/regions/us-central1/forwardingrules/computeregionalforwardingrule-${uniqueId}
   labelFingerprint: abcdef0123A=
-  observedGeneration: 1
+  observedGeneration: 2
   selfLink: https://www.googleapis.com/compute/v1/projects/${projectId}/regions/us-central1/forwardingRules/computeregionalforwardingrule-${uniqueId}