Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/add google access context manager resources #331

Merged
merged 16 commits into from
Jul 20, 2023
Merged

Feature/add google access context manager resources #331

merged 16 commits into from
Jul 20, 2023

Conversation

bradkwadsworth-mw
Copy link
Contributor

@bradkwadsworth-mw bradkwadsworth-mw commented Jul 6, 2023
edited by turkenf
Loading

Description of your changes

Added accesscontextmanager resources including accesslevel, accesslevelcondition, accesspolicy, accesspolicyiammember, serviceperimeter, and serviceperimeterresource.

Moves 6 out of 7 resources in this issue to the v1beta1 version.

I have:

  • Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

Created the resources inside a GCP org.

  • accesslevel
Conditions:
    Last Transition Time:  2023-07-20T14:05:45Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:05:37Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:05:40Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
    Last Transition Time:  2023-07-20T14:05:40Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
Events:
  Type     Reason                       Age                From                                                                   Message
  ----     ------                       ----               ----                                                                   -------
  Normal   CreatedExternalResource      36m                managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevel  Successfully requested creation of external resource
  Warning  CannotUpdateManagedResource  36m                managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevel  Operation cannot be fulfilled on accesslevels.accesscontextmanager.gcp.upbound.io "access-level": the object has been modified; please apply your changes to the latest version and try again
  Normal   UpdatedExternalResource      16m (x2 over 26m)  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevel  Successfully requested update of external resource
  • accesslevelcondition
Conditions:
    Last Transition Time:  2023-07-20T14:10:40Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:32:23Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:12:28Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
    Last Transition Time:  2023-07-20T14:12:28Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
Events:
  Type     Reason                         Age                 From                                                                            Message
  ----     ------                         ----                ----                                                                            -------
  Warning  CannotObserveExternalResource  32m (x6 over 32m)   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevelcondition  cannot run refresh: refresh failed: Reference to undeclared resource: A managed resource "google_service_account" "created-later" has not been declared in the root module.
  Normal   PendingExternalResource        30m (x15 over 32m)  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevelcondition  Waiting for external resource existence to be confirmed
  Normal   CreatedExternalResource        19m (x5 over 32m)   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevelcondition  Successfully requested creation of external resource
  Normal   CreatedExternalResource        10m                 managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesslevelcondition  Successfully requested creation of external resource
  • accesspolicy
Conditions:
    Last Transition Time:  2023-07-20T13:58:30Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:03:59Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:03:20Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
    Last Transition Time:  2023-07-20T14:03:53Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
Events:
  Type     Reason                   Age                 From                                                                    Message
  ----     ------                   ----                ----                                                                    -------
  Warning  CannotConnectToProvider  46m (x7 over 47m)   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesspolicy  cannot get terraform setup: cannot get referenced ProviderConfig: ProviderConfig.gcp.upbound.io "default" not found
  Normal   CreatedExternalResource  43m (x3 over 44m)   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesspolicy  Successfully requested creation of external resource
  • accesspolicyiammember
Conditions:
    Last Transition Time:  2023-07-20T14:39:17Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:39:03Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:39:10Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
    Last Transition Time:  2023-07-20T14:39:10Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
Events:
  Type     Reason                       Age    From                                                                             Message
  ----     ------                       ----   ----                                                                             -------
  Normal   CreatedExternalResource      5m16s  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesspolicyiammember  Successfully requested creation of external resource
  Warning  CannotUpdateManagedResource  5m7s   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=accesspolicyiammember  Operation cannot be fulfilled on accesspolicyiammembers.accesscontextmanager.gcp.upbound.io "accesspolicy-iam-member": the object has been modified; please apply your changes to the latest version and try again
  • serviceperimeter
Conditions:
    Last Transition Time:  2023-07-20T14:39:12Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:39:02Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:39:06Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
    Last Transition Time:  2023-07-20T14:39:06Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
Events:
  Type     Reason                       Age    From                                                                        Message
  ----     ------                       ----   ----                                                                        -------
  Normal   CreatedExternalResource      5m38s  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=serviceperimeter  Successfully requested creation of external resource
  Warning  CannotUpdateManagedResource  5m32s  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=serviceperimeter  Operation cannot be fulfilled on serviceperimeters.accesscontextmanager.gcp.upbound.io "service-perimeter": the object has been modified; please apply your changes to the latest version and try again
  • serviceperimeterresource
Conditions:
    Last Transition Time:  2023-07-20T14:41:07Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2023-07-20T14:40:59Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2023-07-20T14:41:02Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
    Last Transition Time:  2023-07-20T14:41:02Z
    Reason:                Finished
    Status:                True
    Type:                  AsyncOperation
Events:
  Type     Reason                       Age    From                                                                                Message
  ----     ------                       ----   ----                                                                                -------
  Normal   CreatedExternalResource      4m2s   managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=serviceperimeterresource  Successfully requested creation of external resource
  Warning  CannotUpdateManagedResource  3m57s  managed/accesscontextmanager.gcp.upbound.io/v1beta1, kind=serviceperimeterresource  Operation cannot be fulfilled on serviceperimeterresources.accesscontextmanager.gcp.upbound.io "service-perimeter-resource": the object has been modified; please apply your changes to the latest version and try again

@jeanduplessis
Copy link
Collaborator

/test-examples="examples/accesscontextmanager/accesslevel.yaml,examples/accesscontextmanager/accesslevelcondition.yaml,examples/accesscontextmanager/accesspolicy.yaml,examples/accesscontextmanager/serviceperimeter.yaml,examples/accesscontextmanager/serviceperimeterresource.yaml"

turkenf
turkenf reviewed Jul 7, 2023
View reviewed changes
Copy link
Collaborator

@turkenf turkenf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @bradkwadsworth-mw for this PR, I left a few comments for you to consider.

config/accesscontextmanager/config.go Outdated Show resolved Hide resolved
config/externalname.go Show resolved Hide resolved
examples/accesscontextmanager/accesslevel.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/accesslevelcondition.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/serviceperimeter.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/serviceperimeterresource.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/serviceperimeterresource.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/serviceperimeterresource.yaml Outdated Show resolved Hide resolved
turkenf
turkenf reviewed Jul 8, 2023
View reviewed changes
examples/accesscontextmanager/accesslevel.yaml Outdated Show resolved Hide resolved
config/accesscontextmanager/config.go Outdated Show resolved Hide resolved
config/accesscontextmanager/config.go Outdated Show resolved Hide resolved
config/accesscontextmanager/config.go Outdated Show resolved Hide resolved
config/accesscontextmanager/config.go Outdated Show resolved Hide resolved
config/accesscontextmanager/config.go Show resolved Hide resolved
turkenf
turkenf reviewed Jul 18, 2023
View reviewed changes
Copy link
Collaborator

@turkenf turkenf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bradkwadsworth-mw thank you very much for the quick update, I left two small comments and could you please make sure that the final state of the examples is working?

examples/accesscontextmanager/accesslevelcondition.yaml Outdated Show resolved Hide resolved
examples/accesscontextmanager/serviceperimeter.yaml Outdated Show resolved Hide resolved
@bradkwadsworth-mw
Copy link
Contributor Author

/test-examples="examples/accesscontextmanager/accesslevel.yaml,examples/accesscontextmanager/accesslevelcondition.yaml,examples/accesscontextmanager/accesspolicy.yaml,examples/accesscontextmanager/serviceperimeter.yaml,examples/accesscontextmanager/serviceperimeterresource.yaml"

@turkenf
Copy link
Collaborator

turkenf commented Jul 19, 2023

/test-examples="examples/accesscontextmanager/accesslevel.yaml,examples/accesscontextmanager/accesslevelcondition.yaml,examples/accesscontextmanager/accesspolicy.yaml,examples/accesscontextmanager/serviceperimeter.yaml,examples/accesscontextmanager/serviceperimeterresource.yaml"

FYI: When we add upjet.upbound.io/manual-intervention to the example manifests of the resources, the uptest will automatically skip and the test will show as green, so there is no point in triggering the uptest in the examples containing manual-intervention. We need to test these resources manually.

@turkenf
Copy link
Collaborator

turkenf commented Jul 19, 2023

@bradkwadsworth-mw just to be clear, I do not feel comfortable with the current state of tests because we made a good amount of changes on the PR after you tested. So it would be great if you could do a final round of tests with the latest changes and update the PR description. 🙏

@turkenf
Copy link
Collaborator

turkenf commented Jul 20, 2023

FYI: Next release of provider-gcp is scheduled for Thu, 27 July.

Brad Wadsworth added 15 commits July 20, 2023 08:55
@bradkwadsworth-mw bradkwadsworth-mw force-pushed the feature/add-google_access_context_manager-resources branch from c7a2daa to b943b9e Compare July 20, 2023 14:57
@bradkwadsworth-mw
Copy link
Contributor Author

I updated the description and removed references to Access Policies because they ids were not being generated correctly.

turkenf
turkenf approved these changes Jul 20, 2023
View reviewed changes
Copy link
Collaborator

@turkenf turkenf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution @bradkwadsworth-mw, LGTM.

@turkenf turkenf mentioned this pull request Jul 20, 2023
Closed
7 tasks
@turkenf turkenf merged commit 34eb383 into crossplane-contrib:main Jul 20, 2023
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turkenf turkenf turkenf approved these changes

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

@sergenyalcin sergenyalcin Awaiting requested review from sergenyalcin sergenyalcin is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bradkwadsworth-mw @jeanduplessis @turkenf