From 938338fecb993ce0b06e99d50cd329e0c708c561 Mon Sep 17 00:00:00 2001 From: Ziyue Yan Date: Thu, 11 Jul 2024 23:58:58 +0000 Subject: [PATCH] fix gkehub test cases --- mockgcp/mockgkehub/gkehubfeature.go | 11 ++ mockgcp/mockiam/serviceaccounts.go | 3 + ...asicacmgkehubfeaturemembership.golden.yaml | 2 +- .../basicacmgkehubfeaturemembership/_http.log | 122 ++++-------------- .../create.yaml | 2 + .../dependencies.yaml | 5 +- .../update.yaml | 2 +- ...fullacmgkehubfeaturemembership.golden.yaml | 2 +- .../fullacmgkehubfeaturemembership/_http.log | 119 +++-------------- .../create.yaml | 2 +- .../dependencies.yaml | 5 +- .../update.yaml | 2 +- 12 files changed, 69 insertions(+), 208 deletions(-) diff --git a/mockgcp/mockgkehub/gkehubfeature.go b/mockgcp/mockgkehub/gkehubfeature.go index fbf8090f9b..4664a1059b 100644 --- a/mockgcp/mockgkehub/gkehubfeature.go +++ b/mockgcp/mockgkehub/gkehubfeature.go @@ -16,6 +16,7 @@ package mockgkehub import ( "context" + "fmt" "cloud.google.com/go/longrunning/autogen/longrunningpb" "google.golang.org/genproto/googleapis/longrunning" @@ -61,6 +62,16 @@ func (s *GKEHubFeature) CreateFeature(ctx context.Context, req *pb.CreateFeature obj := proto.Clone(req.Resource).(*pb.Feature) obj.Name = fqn + // Mimic the GCP API validation logic. + for id, spec := range obj.MembershipSpecs { + acmSpec := spec.GetConfigmanagement() + if acmSpec != nil { + if acmSpec.GetConfigSync() == nil && acmSpec.GetHierarchyController() == nil && acmSpec.GetPolicyController() == nil { + return nil, fmt.Errorf("none of configsync or hierachycontroller or policycontroller is specified under configmanagement for memebership %s", id) + } + } + } + if err := s.storage.Create(ctx, fqn, obj); err != nil { return nil, err } diff --git a/mockgcp/mockiam/serviceaccounts.go b/mockgcp/mockiam/serviceaccounts.go index 399cce77fa..ab26137145 100644 --- a/mockgcp/mockiam/serviceaccounts.go +++ b/mockgcp/mockiam/serviceaccounts.go @@ -89,6 +89,9 @@ func (s *ServerV1) CreateServiceAccount(ctx context.Context, req *pb.CreateServi if accountID == "" { return nil, status.Errorf(codes.InvalidArgument, "AccountId is required") } + if len(accountID) < 6 || len(accountID) > 30 { + return nil, status.Errorf(codes.InvalidArgument, "AccountId must be 6-30 characters long") + } projectName, err := projects.ParseProjectName(req.Name) if err != nil { diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml index 1d1e77e24e..40ab00c3be 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml @@ -17,7 +17,7 @@ spec: configSync: git: gcpServiceAccountRef: - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} httpsProxy: https://github.com policyDir: config-connector secretType: none diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log index f464188bf8..92ff2108ff 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log @@ -673,7 +673,7 @@ Grpc-Metadata-Content-Type: application/grpc --- -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 404 Not Found @@ -709,7 +709,7 @@ Content-Type: application/json User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager { - "accountId": "iamserviceaccount-${uniqueId}", + "accountId": "sa-${uniqueId}", "serviceAccount": { "displayName": "A Test Service Account" } @@ -728,9 +728,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -738,7 +738,7 @@ X-Xss-Protection: 0 --- -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK @@ -754,9 +754,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -1091,6 +1091,9 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 "membershipSpecs": { "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": { "configmanagement": { + "configSync": { + "sourceFormat": "unstructured" + }, "version": "1.18.1" } } @@ -1153,6 +1156,9 @@ X-Xss-Protection: 0 "membershipSpecs": { "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": { "configmanagement": { + "configSync": { + "sourceFormat": "unstructured" + }, "version": "1.18.1" } } @@ -1190,6 +1196,9 @@ X-Xss-Protection: 0 "membershipSpecs": { "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": { "configmanagement": { + "configSync": { + "sourceFormat": "unstructured" + }, "version": "1.18.1" } } @@ -1210,7 +1219,7 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1290,7 +1299,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1345,7 +1354,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1547,92 +1556,7 @@ X-Xss-Protection: 0 --- -GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -200 OK -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "labels": { - "cnrm-test": "true", - "managed-by-cnrm": "true" - }, - "membershipSpecs": { - "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": {} - }, - "name": "projects/example-project-01/locations/global/features/configmanagement", - "updateTime": "2024-04-01T12:34:56.123456Z" -} - ---- - -DELETE https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -200 OK -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "done": true, - "metadata": { - "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.OperationMetadata", - "createTime": "2024-04-01T12:34:56.123456Z", - "endTime": "2024-04-01T12:34:56.123456Z", - "target": "projects/example-project-01/locations/global/features/configmanagement" - }, - "name": "projects/example-project-01/locations/global/features/configmanagement/operations/${operationID}", - "response": { - "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.Feature" - } -} - ---- - -GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -404 Not Found -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "error": { - "code": 404, - "message": "feature \"projects/example-project-01/locations/global/features/configmanagement\" not found", - "status": "NOT_FOUND" - } -} - ---- - -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK @@ -1648,9 +1572,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -1658,7 +1582,7 @@ X-Xss-Protection: 0 --- -DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml index ac9142b907..02204bc536 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml @@ -25,4 +25,6 @@ spec: featureRef: name: gkehubfeature-basic-acm-${uniqueId} configmanagement: + configSync: + sourceFormat: unstructured version: "1.18.1" diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml index 402ea3a526..5563e83cbd 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml @@ -70,7 +70,7 @@ kind: IAMServiceAccount metadata: annotations: cnrm.cloud.google.com/project-id: ${TEST_DEPENDENT_ORG_PROJECT_ID} - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} spec: displayName: A Test Service Account --- @@ -78,6 +78,9 @@ apiVersion: gkehub.cnrm.cloud.google.com/v1beta1 kind: GKEHubFeature metadata: name: gkehubfeature-basic-acm-${uniqueId} + annotations: + # Abondon the feature resource as it is global within a project and we would hit issues when running two tests in parallel. + cnrm.cloud.google.com/deletion-policy: "abandon" spec: projectRef: name: gkehubfm-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml index 7b860ae17a..3d4799e5c0 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml @@ -30,7 +30,7 @@ spec: sourceFormat: hierarchy git: gcpServiceAccountRef: - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} httpsProxy: "https://github.com" syncRepo: "https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit" syncBranch: "master" diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml index 994890246c..2180e968d1 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml @@ -17,7 +17,7 @@ spec: configSync: git: gcpServiceAccountRef: - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} httpsProxy: https://github.com policyDir: config-sync-quickstart/multirepo/root secretType: none diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_http.log b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_http.log index 26ae86dc36..26a4383283 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/_http.log @@ -673,7 +673,7 @@ Grpc-Metadata-Content-Type: application/grpc --- -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 404 Not Found @@ -709,7 +709,7 @@ Content-Type: application/json User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager { - "accountId": "iamserviceaccount-${uniqueId}", + "accountId": "sa-${uniqueId}", "serviceAccount": { "displayName": "A Test Service Account" } @@ -728,9 +728,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -738,7 +738,7 @@ X-Xss-Protection: 0 --- -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK @@ -754,9 +754,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -1093,7 +1093,7 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1173,7 +1173,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1228,7 +1228,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-connector", "secretType": "none", @@ -1264,7 +1264,7 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-sync-quickstart/multirepo/root", "secretType": "none", @@ -1344,7 +1344,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-sync-quickstart/multirepo/root", "secretType": "none", @@ -1395,7 +1395,7 @@ X-Xss-Protection: 0 "configmanagement": { "configSync": { "git": { - "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "httpsProxy": "https://github.com", "policyDir": "config-sync-quickstart/multirepo/root", "secretType": "none", @@ -1593,92 +1593,7 @@ X-Xss-Protection: 0 --- -GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -200 OK -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "labels": { - "cnrm-test": "true", - "managed-by-cnrm": "true" - }, - "membershipSpecs": { - "projects/example-project-01/locations/global/memberships/gkehubmembership-full-acm-${uniqueId}": {} - }, - "name": "projects/example-project-01/locations/global/features/configmanagement", - "updateTime": "2024-04-01T12:34:56.123456Z" -} - ---- - -DELETE https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -200 OK -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "done": true, - "metadata": { - "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.OperationMetadata", - "createTime": "2024-04-01T12:34:56.123456Z", - "endTime": "2024-04-01T12:34:56.123456Z", - "target": "projects/example-project-01/locations/global/features/configmanagement" - }, - "name": "projects/example-project-01/locations/global/features/configmanagement/operations/${operationID}", - "response": { - "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.Feature" - } -} - ---- - -GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json -Content-Type: application/json -User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1 - -404 Not Found -Cache-Control: private -Content-Type: application/json; charset=UTF-8 -Server: ESF -Vary: Origin -Vary: X-Origin -Vary: Referer -X-Content-Type-Options: nosniff -X-Frame-Options: SAMEORIGIN -X-Xss-Protection: 0 - -{ - "error": { - "code": 404, - "message": "feature \"projects/example-project-01/locations/global/features/configmanagement\" not found", - "status": "NOT_FOUND" - } -} - ---- - -GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK @@ -1694,9 +1609,9 @@ X-Xss-Protection: 0 { "displayName": "A Test Service Account", - "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "etag": "abcdef0123A=", - "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com", + "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com", "oauth2ClientId": "888888888888888888888", "projectId": "example-project-01", "uniqueId": "111111111111111111111" @@ -1704,7 +1619,7 @@ X-Xss-Protection: 0 --- -DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false +DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/create.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/create.yaml index fcae48c7fa..2f91ebcc01 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/create.yaml @@ -30,7 +30,7 @@ spec: sourceFormat: hierarchy git: gcpServiceAccountRef: - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} httpsProxy: "https://github.com" syncRepo: "https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit" syncBranch: "master" diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/dependencies.yaml index abd9273c64..88adb0d00a 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/dependencies.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/dependencies.yaml @@ -70,7 +70,7 @@ kind: IAMServiceAccount metadata: annotations: cnrm.cloud.google.com/project-id: ${TEST_DEPENDENT_ORG_PROJECT_ID} - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} spec: displayName: A Test Service Account --- @@ -78,6 +78,9 @@ apiVersion: gkehub.cnrm.cloud.google.com/v1beta1 kind: GKEHubFeature metadata: name: gkehubfeature-full-acm-${uniqueId} + annotations: + # Abondon the feature resource as it is global within a project and we would hit issues when running two tests in parallel. + cnrm.cloud.google.com/deletion-policy: "abandon" spec: projectRef: name: gkehubfm-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/update.yaml b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/update.yaml index 3c148cc47d..86f8cf5d4c 100644 --- a/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/gkehub/v1beta1/gkehubfeaturemembership/fullacmgkehubfeaturemembership/update.yaml @@ -30,7 +30,7 @@ spec: sourceFormat: hierarchy git: gcpServiceAccountRef: - name: iamserviceaccount-${uniqueId} + name: sa-${uniqueId} httpsProxy: "https://github.com" syncRepo: "https://github.com/GoogleCloudPlatform/anthos-config-management-samples" syncBranch: "main"