magic-modules icon indicating copy to clipboard operation
magic-modules copied to clipboard

Published 20 hours ago verified publisher icon GoogleCloudPlatform

Support serviceAccount field for AppEngine flex

Open ranjithkumar-glean opened this issue 2 years ago • 18 comments

Fixes https://github.com/hashicorp/terraform-provider-google/issues/11813

If this PR is for Terraform, I acknowledge that I have:

  • [x] Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
  • [x] Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
  • [x] Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
  • [ ] Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
  • [x] Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

appengine: Added field `serviceAccount` to `app_engine_flexible_app_version`

ranjithkumar-glean avatar Aug 08 '22 17:08 ranjithkumar-glean

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

google-cla[bot] avatar Aug 08 '22 17:08 google-cla[bot]

Hello! I am a robot who works on Magic Modules PRs.

I've detected that you're a community contributor. @melinath, a repository maintainer, has been assigned to assist you and help review your changes.

:question: First time contributing? Click here for more details

Your assigned reviewer will help review your code by:

  • Ensuring it's backwards compatible, covers common error cases, etc.
  • Summarizing the change into a user-facing changelog note.
  • Passes tests, either our "VCR" suite, a set of presubmit tests, or with manual test runs.

You can help make sure that review is quick by running local tests and ensuring they're passing in between each push you make to your PR's branch. Also, try to leave a comment with each push you make, as pushes generally don't generate emails.

If your reviewer doesn't get back to you within a week after your most recent change, please feel free to leave a comment on the issue asking them to take a look! In the absence of a dedicated review dashboard most maintainers manage their pending reviews through email, and those will sometimes get lost in their inbox.

modular-magician avatar Aug 08 '22 17:08 modular-magician

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 34 insertions(+)) Terraform Beta: Diff ( 2 files changed, 34 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 08 '22 17:08 modular-magician

Tests analytics

Total tests: 2125 Passed tests 1889 Skipped tests: 227 Failed tests: 9

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests TestAccAccessApprovalSettings|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccCloudFunctions2Function_fullUpdate

modular-magician avatar Aug 08 '22 18:08 modular-magician

Tests passed during RECORDING mode: TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view] TestAccAccessApprovalSettings[view]

Tests failed during RECORDING mode: TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 08 '22 18:08 modular-magician

Thanks for your contribution! Please complete the third checkbox by adding this field to an example or (if that's not possible) to a handwritten test in the third_party folder

Added field to existing example

ranjithkumar-glean avatar Aug 09 '22 07:08 ranjithkumar-glean

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 46 insertions(+)) Terraform Beta: Diff ( 3 files changed, 46 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 09 '22 07:08 modular-magician

Tests analytics

Total tests: 2128 Passed tests 1891 Skipped tests: 227 Failed tests: 10

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudFunctions2Function_fullUpdate|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccSqlUser_mysqlDisabled

modular-magician avatar Aug 09 '22 08:08 modular-magician

Tests passed during RECORDING mode: TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view] TestAccSqlUser_mysqlDisabled[view]

Tests failed during RECORDING mode: TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 09 '22 08:08 modular-magician

@melinath i added an example, but unable to view failed test cases and logs. It says I don't have access to Google cloud bucket.

ranjithkumar-glean avatar Aug 09 '22 11:08 ranjithkumar-glean

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 46 insertions(+)) Terraform Beta: Diff ( 3 files changed, 46 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 10 '22 08:08 modular-magician

Tests analytics

Total tests: 2128 Passed tests 1892 Skipped tests: 227 Failed tests: 9

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudFunctions2Function_fullUpdate|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample

modular-magician avatar Aug 10 '22 09:08 modular-magician

Tests passed during RECORDING mode: TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view] TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view]

Tests failed during RECORDING mode: TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 10 '22 09:08 modular-magician

I think this feature could be easily added the google_app_engine_standard_app_version resource

edwardsPaul421 avatar Aug 11 '22 09:08 edwardsPaul421

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 37 insertions(+)) Terraform Beta: Diff ( 3 files changed, 37 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 11 '22 18:08 modular-magician

Tests analytics

Total tests: 2128 Passed tests 1892 Skipped tests: 227 Failed tests: 9

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudFunctions2Function_fullUpdate|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample

modular-magician avatar Aug 11 '22 18:08 modular-magician

Tests passed during RECORDING mode: TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view]

Tests failed during RECORDING mode: TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 11 '22 19:08 modular-magician

It looks like still the same failure - I'm out until next Tuesday but I can take a deeper look next week unless you figure it out in the meantime.

melinath avatar Aug 11 '22 22:08 melinath

Looking at this again - it looks like the error message did change slightly, actually - I think this is a configuration issue in our CI/CD environment. I'll take a look tomorrow.

melinath avatar Aug 18 '22 22:08 melinath

okay, I see what's happening here: because this test creates a new project, the cloudservices default service account for that project doesn't have permissions on the service account running the tests overall.

Sorry for getting this wrong previously. I recommend the following:

Go back to creating a new service account in this test (like in 2adaef1) but with a few changes:

  1. set a custom account name like my-account that has a hyphen
  2. using the vars map (not test_env_vars)
  3. make sure you set the project field so that the service account is created inside the project for this test (so that the cloudservices service account will have correct access to it by default)

I think that should do it!

Thanks, I will update PR by EOD today.

ranjithkumar-glean avatar Aug 22 '22 07:08 ranjithkumar-glean

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 48 insertions(+)) Terraform Beta: Diff ( 3 files changed, 48 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 23 '22 16:08 modular-magician

Tests analytics

Total tests: 2140 Passed tests 1898 Skipped tests: 228 Failed tests: 14

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccFirebaserulesRelease_BasicRelease|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudFunctions2Function_fullUpdate|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCGCSnippet_eventarcWorkflowsExample|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange|TestAccSqlUser_mysqlDisabled|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccSqlDatabaseInstance_SqlServerAuditConfig

modular-magician avatar Aug 23 '22 17:08 modular-magician

Tests passed during RECORDING mode: TestAccFirebaserulesRelease_BasicRelease[view] TestAccCloudFunctions2Function_fullUpdate[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCGCSnippet_eventarcWorkflowsExample[view] TestAccSqlUser_mysqlDisabled[view]

Tests failed during RECORDING mode: TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view] TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[view] TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view] TestAccSqlDatabaseInstance_SqlServerAuditConfig[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 23 '22 17:08 modular-magician

okay, I see what's happening here: because this test creates a new project, the cloudservices default service account for that project doesn't have permissions on the service account running the tests overall.

Sorry for getting this wrong previously. I recommend the following:

Go back to creating a new service account in this test (like in 2adaef1) but with a few changes:

  1. set a custom account name like my-account that has a hyphen
  2. using the vars map (not test_env_vars)
  3. make sure you set the project field so that the service account is created inside the project for this test (so that the cloudservices service account will have correct access to it by default)

I think that should do it!

@melinath i fixed the PR as suggested, but the test is still failing.

ranjithkumar-glean avatar Aug 23 '22 18:08 ranjithkumar-glean

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 48 insertions(+)) Terraform Beta: Diff ( 3 files changed, 48 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 24 '22 17:08 modular-magician

Tests analytics

Total tests: 2144 Passed tests 1904 Skipped tests: 228 Failed tests: 12

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccSqlDatabaseInstance_SqlServerAuditConfig|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange|TestAccFirebaserulesRelease_BasicRelease|TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeInstance_networkPerformanceConfig|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudFunctions2Function_fullUpdate|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample

modular-magician avatar Aug 24 '22 18:08 modular-magician

Tests passed during RECORDING mode: TestAccFirebaserulesRelease_BasicRelease[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view]

Tests failed during RECORDING mode: TestAccSqlDatabaseInstance_SqlServerAuditConfig[view] TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[view] TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeInstance_networkPerformanceConfig[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view] TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 24 '22 18:08 modular-magician

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 48 insertions(+)) Terraform Beta: Diff ( 3 files changed, 48 insertions(+)) TF Validator: Diff ( 3 files changed, 13 insertions(+), 3 deletions(-))

modular-magician avatar Aug 25 '22 19:08 modular-magician

Tests analytics

Total tests: 2144 Passed tests 1902 Skipped tests: 230 Failed tests: 12

Action taken

Triggering VCR tests in RECORDING mode for the tests that failed during VCR. Click here to see the failed tests
TestAccComputeInstance_soleTenantNodeAffinities|TestAccComputeGlobalForwardingRule_internalLoadBalancing|TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample|TestAccCloudFunctions2Function_fullUpdate|TestAccCloudRunService_cloudRunServiceStaticOutboundExample|TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample|TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample|TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample|TestAccSqlUser_mysqlDisabled|TestAccSqlDatabaseInstance_SqlServerAuditConfig|TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample|TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange

modular-magician avatar Aug 25 '22 20:08 modular-magician

Tests passed during RECORDING mode: TestAccCloudfunctions2function_cloudfunctions2BasicGcsExample[view] TestAccCloudFunctions2Function_fullUpdate[view] TestAccCloudfunctions2function_cloudfunctions2BasicAuditlogsExample[view] TestAccBigtableAppProfile_bigtableAppProfileMulticlusterExample[view] TestAccSqlUser_mysqlDisabled[view] TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordinateExample[view]

Tests failed during RECORDING mode: TestAccComputeInstance_soleTenantNodeAffinities[view] TestAccComputeGlobalForwardingRule_internalLoadBalancing[view] TestAccCloudRunService_cloudRunServiceStaticOutboundExample[view] TestAccAppEngineFlexibleAppVersion_appEngineFlexibleAppVersionExample[view] TestAccSqlDatabaseInstance_SqlServerAuditConfig[view] TestAccSqlDatabaseInstance_withPrivateNetwork_withAllocatedIpRange[view]

Please fix these to complete your PR View the build log or the debug log for each test

modular-magician avatar Aug 25 '22 20:08 modular-magician