feat: add support to networkRules on authzPolicy#17777
feat: add support to networkRules on authzPolicy#17777victorsantos-cit wants to merge 2 commits into
Conversation
modular-magician
added
the
awaiting-approval
|
Googlers: For automatic test runs see go/terraform-auto-test-runs. @BBBmau, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look. You can help make sure that review is quick by doing a self-review and by running impacted tests locally. |
modular-magician
removed
the
awaiting-approval
|
Hi there, I'm the Modular magician. I've detected the following information about your changes for commit a0e0336: Diff reportYour PR generated the following diffs in downstream repositories:
Missing test reportYour PR includes resource fields which are not covered by any test. Resource: resource "google_network_security_authz_policy" "primary" {
network_rules {
from {
not_sources {
principals {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
principal {
contains = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
suffix = # value needed
}
resources {
iam_service_account {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
tag_value_id_set {
ids = # value needed
}
}
}
sources {
ip_blocks {
length = # value needed
prefix = # value needed
}
principals {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
principal {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
principal_selector = # value needed
suffix = # value needed
}
resources {
iam_service_account {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
tag_value_id_set {
ids = # value needed
}
}
}
}
to {
not_operations {
header_set {
headers {
name = # value needed
value {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
}
hosts {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
methods = # value needed
paths {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
operations {
header_set {
headers {
name = # value needed
value {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
}
hosts {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
mcp {
base_protocol_methods_option = # value needed
methods {
name = # value needed
params {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
}
methods = # value needed
paths {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
snis {
contains = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
}
when = # value needed
}
}
Test reportAnalytics
Affected Service Packages
Step 1: Replaying Mode Action takenFound 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
View the replaying VCR build log Step 2: Recording Mode
Caution Issues requiring attention before PR completion 🔴 Initial Recording Failed: Some tests failed during the recording step. See the table above for details. Please address these issues to complete your PR. If you believe these detections are incorrect or unrelated to your change, please raise the concern with your reviewer. View the recording VCR build log or the debug logs folder for detailed results. @victorsantos-cit, @BBBmau VCR tests complete for a0e0336! |
BBBmau
left a comment
BBBmau
left a comment
There was a problem hiding this comment.
we get the following error currently:
Error recording tests:
error running go: exit status 1
stdout:
=== RUN TestAccNetworkSecurityAuthzPolicy_networkSecurityAuthzPolicyWithNetworkRulesExample
=== PAUSE TestAccNetworkSecurityAuthzPolicy_networkSecurityAuthzPolicyWithNetworkRulesExample
=== CONT TestAccNetworkSecurityAuthzPolicy_networkSecurityAuthzPolicyWithNetworkRulesExample
resource_network_security_authz_policy_generated_test.go:433: Step 1/3 error: Error running apply: exit status 1
Error: Error waiting to create AuthzPolicy: Error waiting for Creating AuthzPolicy: Error code 13, message: an internal error has occurred
with google_network_security_authz_policy.default,
on terraform_plugin_test.tf line 80, in resource "google_network_security_authz_policy" "default":
80: resource "google_network_security_authz_policy" "default" {
--- FAIL: TestAccNetworkSecurityAuthzPolicy_networkSecurityAuthzPolicyWithNetworkRulesExample (172.11s)
FAIL
FAIL github.com/hashicorp/terraform-provider-google-beta/google-beta/services/networksecurity 172.189s
FAIL
stderr:also we should be extensive with networkRules since it contains a massive amount of new fields
|
@BBBmau do you have any kind of ideia , about this error, because, local is working |
|
@BBBmau Hey bbb, just update you, this feature, its prevent to rollout on this final weekend but broken, in on contact tto discovery more update |
Updated descriptions and properties in AuthzPolicy.yaml to clarify matching criteria for operations, headers, and ports.
modular-magician
added
awaiting-approval
|
Hi there, I'm the Modular magician. I've detected the following information about your changes for commit 1c16a9d: Diff reportYour PR generated the following diffs in downstream repositories:
Missing test reportYour PR includes resource fields which are not covered by any test. Resource: resource "google_network_security_authz_policy" "primary" {
network_rules {
from {
not_sources {
principals {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
principal {
contains = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
suffix = # value needed
}
resources {
iam_service_account {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
tag_value_id_set {
ids = # value needed
}
}
}
sources {
ip_blocks {
length = # value needed
prefix = # value needed
}
principals {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
principal {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
principal_selector = # value needed
suffix = # value needed
}
resources {
iam_service_account {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
tag_value_id_set {
ids = # value needed
}
}
}
}
to {
not_operations {
ports = # value needed
snis {
contains = # value needed
exact = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
operations {
ports = # value needed
snis {
contains = # value needed
ignore_case = # value needed
prefix = # value needed
suffix = # value needed
}
}
}
when = # value needed
}
}
Test reportAnalytics
Affected Service Packages
Step 1: Replaying Mode Action takenFound 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
View the replaying VCR build log Step 2: Recording Mode
Caution Issues requiring attention before PR completion 🔴 Initial Recording Failed: Some tests failed during the recording step. See the table above for details. Please address these issues to complete your PR. If you believe these detections are incorrect or unrelated to your change, please raise the concern with your reviewer. View the recording VCR build log or the debug logs folder for detailed results. @victorsantos-cit, @BBBmau VCR tests complete for 1c16a9d! |
3 participants
Hello Folks, this PR is to add a support to networkRules field on google_network_security_authz_policy resource
Release Note Template for Downstream PRs (will be copied)
See Write release notes for guidance.