provider-gcp
provider-gcp copied to clipboard
Add support for configuring public access prevention on Buckets
Description of your changes
This PR updates the storage api dependency (and what it cascades to also update) and adds support for configuring the PublicAccessPrevention
field on Bucket
s (see https://cloud.google.com/storage/docs/public-access-prevention)
I removed some potential support for enabling/disabling autopilot on clusters, but I cannot find that this setting is possible to update in newer versions of the libraries, nor any mention of that in the docs (via https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview).
If there is a better way to handle this please let me know.
I was a bit unsure how to best handle the permissible string values whilst avoiding larger refactoring. I figured exposing the raw int enum from the google storage API was undesirable, but I can't see e.g a webhook where the allowed values can be verified early.
I have:
- [x] Read and followed Crossplane's [contribution process].
- [x] Run
make reviewable test
to ensure this PR is ready for review.
How has this code been tested
Running locally, creating and updating Bucket resource with setting publicAccessPrevention
to inherited
/enforced
and seeing it update similarly in the GCP console. Also removing the field reflects the current value from the GCP console.