Merge branch 'GoogleCloudPlatform:master' into configToBeta

apis/bigquery/v1beta1/dataset_reference.go

@@ -98,8 +98,7 @@ func NewBigQueryDatasetRef(ctx context.Context, reader client.Reader, obj *BigQu
 	if projectID == "" {
 		return nil, fmt.Errorf("cannot resolve project")
 	}
-	location := obj.Spec.Location
-	id.parent = &BigQueryDatasetParent{ProjectID: projectID, Location: valueOf(location)}
+	id.parent = &BigQueryDatasetParent{ProjectID: projectID}
 
 	// Get desired ID
 	resourceID := valueOf(obj.Spec.ResourceID)
@@ -125,15 +124,12 @@ func NewBigQueryDatasetRef(ctx context.Context, reader client.Reader, obj *BigQu
 	if actualParent.ProjectID != projectID {
 		return nil, fmt.Errorf("spec.projectRef changed, expect %s, got %s", actualParent.ProjectID, projectID)
 	}
-	if actualParent.Location != valueOf(location) {
-		return nil, fmt.Errorf("spec.location changed, expect %s, got %s", actualParent.Location, valueOf(location))
-	}
 	if actualResourceID != resourceID {
 		return nil, fmt.Errorf("cannot reset `metadata.name` or `spec.resourceID` to %s, since it has already assigned to %s",
 			resourceID, actualResourceID)
 	}
 	id.External = externalRef
-	id.parent = &BigQueryDatasetParent{ProjectID: projectID, Location: valueOf(location)}
+	id.parent = &BigQueryDatasetParent{ProjectID: projectID}
 	return id, nil
 }
 
@@ -153,28 +149,27 @@ func (r *BigQueryDatasetRef) Parent() (*BigQueryDatasetParent, error) {
 
 type BigQueryDatasetParent struct {
 	ProjectID string
-	Location  string
 }
 
 func (p *BigQueryDatasetParent) String() string {
-	return "projects/" + p.ProjectID + "/locations/" + p.Location
+	return "projects/" + p.ProjectID
 }
 
 func asBigQueryDatasetExternal(parent *BigQueryDatasetParent, resourceID string) (external string) {
+	// Link Reference https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets/get
 	return parent.String() + "/datasets/" + resourceID
 }
 
 func ParseBigQueryDatasetExternal(external string) (parent *BigQueryDatasetParent, resourceID string, err error) {
 	external = strings.TrimPrefix(external, "/")
 	tokens := strings.Split(external, "/")
-	if len(tokens) != 6 || tokens[0] != "projects" || tokens[2] != "locations" || tokens[4] != "datasets" {
-		return nil, "", fmt.Errorf("format of BigQueryDataset external=%q was not known (use projects/<projectId>/locations/<location>/datasets/<datasetID>)", external)
+	if len(tokens) != 4 || tokens[0] != "projects" || tokens[2] != "datasets" {
+		return nil, "", fmt.Errorf("format of BigQueryDataset external=%q was not known (use projects/<projectId>/datasets/<datasetID>)", external)
 	}
 	parent = &BigQueryDatasetParent{
 		ProjectID: tokens[1],
-		Location:  tokens[3],
 	}
-	resourceID = tokens[5]
+	resourceID = tokens[3]
 	return parent, resourceID, nil
 }
 

apis/bigquery/v1beta1/dataset_types.go

@@ -91,11 +91,10 @@ type BigQueryDatasetSpec struct {
 	//  references.
 	IsCaseInsensitive *bool `json:"isCaseInsensitive,omitempty"`
 
-	// The geographic location where the dataset should reside. See
+	// Optional. The geographic location where the dataset should reside. See
 	//  https://cloud.google.com/bigquery/docs/locations for supported
 	//  locations.
-	// +required
-	Location *string `json:"location"`
+	Location *string `json:"location,omitempty"`
 
 	// Optional. Defines the time travel window in hours. The value can be from 48
 	//  to 168 hours (2 to 7 days). The default value is 168 hours if this is not
@@ -136,11 +135,17 @@ type BigQueryDatasetStatus struct {
 	// Output only. A URL that can be used to access the resource again. You can
 	//  use this URL in Get or Update requests to the resource.
 	SelfLink *string `json:"selfLink,omitempty"`
+
+	// ObservedState is the state of the resource as most recently observed in GCP.
+	ObservedState *BigQueryDatasetObservedState `json:"observedState,omitempty"`
 }
 
-// BigQueryDatasetSpec defines the desired state of BigQueryDataset
+// BigQueryDatasetObservedState defines the desired state of BigQueryDataset
 // +kcc:proto=google.cloud.bigquery.v2.dataset
 type BigQueryDatasetObservedState struct {
+
+	// Optional. If the location is not specified in the spec, the GCP server defaults to a location and will be captured here.
+	Location *string `json:"location,omitempty"`
 }
 
 // +genclient

apis/compute/v1beta1/computefirewallpolicyrule_reference.go

@@ -102,7 +102,7 @@ func NewComputeFirewallPolicyRuleRef(ctx context.Context, reader client.Reader,
 	id.parent = &ComputeFirewallPolicyRuleParent{FirewallPolicy: firewallPolicy}
 
 	// Get priority. Priority is a required field
-	priority := strconv.Itoa(int(obj.Spec.Priority))
+	priority := obj.Spec.Priority
 
 	// Use approved External
 	externalRef := valueOf(obj.Status.ExternalRef)
@@ -120,7 +120,7 @@ func NewComputeFirewallPolicyRuleRef(ctx context.Context, reader client.Reader,
 		return nil, fmt.Errorf("spec.firewallPolicyRef changed, expect %s, got %s", actualParent.FirewallPolicy, firewallPolicy)
 	}
 	if actualPriority != priority {
-		return nil, fmt.Errorf("cannot reset `spec.priority` to %s, since it has already assigned to %s",
+		return nil, fmt.Errorf("cannot reset `spec.priority` to %d, since it has already assigned to %d",
 			priority, actualPriority)
 	}
 	id.External = externalRef
@@ -150,18 +150,23 @@ func (p *ComputeFirewallPolicyRuleParent) String() string {
 	return "locations/global/firewallPolicies/" + p.FirewallPolicy
 }
 
-func asComputeFirewallPolicyRuleExternal(parent *ComputeFirewallPolicyRuleParent, priority string) (external string) {
-	return parent.String() + "/rules/" + priority
+func asComputeFirewallPolicyRuleExternal(parent *ComputeFirewallPolicyRuleParent, priority int64) (external string) {
+	p := strconv.Itoa(int(priority))
+	return parent.String() + "/rules/" + p
 }
 
-func parseComputeFirewallPolicyRuleExternal(external string) (parent *ComputeFirewallPolicyRuleParent, priority string, err error) {
+func parseComputeFirewallPolicyRuleExternal(external string) (parent *ComputeFirewallPolicyRuleParent, priority int64, err error) {
 	tokens := strings.Split(external, "/")
 	if len(tokens) != 6 || tokens[0] != "locations" || tokens[2] != "firewallPolicies" || tokens[4] != "rules" {
-		return nil, "", fmt.Errorf("format of ComputeFirewallPolicyRule external=%q was not known (use firewallPolicies/<firewallPolicy>/rules/<priority>)", external)
+		return nil, -1, fmt.Errorf("format of ComputeFirewallPolicyRule external=%q was not known (use firewallPolicies/<firewallPolicy>/rules/<priority>)", external)
 	}
 	parent = &ComputeFirewallPolicyRuleParent{
 		FirewallPolicy: tokens[3],
 	}
-	priority = tokens[5]
+	p, err := strconv.ParseInt(tokens[5], 10, 32)
+	if err != nil {
+		return nil, -1, fmt.Errorf("error convert priority %s of ComputeFirewallPolicyRule external=%q to an integer: %w", tokens[5], external, err)
+	}
+	priority = p
 	return parent, priority, nil
 }

apis/securesourcemanager/v1alpha1/instance_types.go

@@ -30,6 +30,7 @@ type SecureSourceManagerInstanceSpec struct {
 	ProjectRef *refs.ProjectRef `json:"projectRef"`
 
 	/* Immutable. Location of the instance. */
+	// +required
 	Location string `json:"location"`
 
 	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */

apis/securesourcemanager/v1alpha1/repository_reference.go

@@ -0,0 +1,191 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v1alpha1
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1"
+	"github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/types"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+var _ refsv1beta1.ExternalNormalizer = &SecureSourceManagerRepositoryRef{}
+
+// SecureSourceManagerRepositoryRef defines the resource reference to SecureSourceManagerRepository, which "External" field
+// holds the GCP identifier for the KRM object.
+type SecureSourceManagerRepositoryRef struct {
+	// A reference to an externally managed SecureSourceManagerRepository resource.
+	// Should be in the format "projects/<projectID>/locations/<location>/repositories/<repositoryID>".
+	External string `json:"external,omitempty"`
+
+	// The name of a SecureSourceManagerRepository resource.
+	Name string `json:"name,omitempty"`
+
+	// The namespace of a SecureSourceManagerRepository resource.
+	Namespace string `json:"namespace,omitempty"`
+
+	parent *SecureSourceManagerRepositoryParent
+}
+
+// NormalizedExternal provision the "External" value for other resource that depends on SecureSourceManagerRepository.
+// If the "External" is given in the other resource's spec.SecureSourceManagerRepositoryRef, the given value will be used.
+// Otherwise, the "Name" and "Namespace" will be used to query the actual SecureSourceManagerRepository object from the cluster.
+func (r *SecureSourceManagerRepositoryRef) NormalizedExternal(ctx context.Context, reader client.Reader, otherNamespace string) (string, error) {
+	if r.External != "" && r.Name != "" {
+		return "", fmt.Errorf("cannot specify both name and external on %s reference", SecureSourceManagerRepositoryGVK.Kind)
+	}
+	// From given External
+	if r.External != "" {
+		if _, _, err := parseSecureSourceManagerRepositoryExternal(r.External); err != nil {
+			return "", err
+		}
+		return r.External, nil
+	}
+
+	// From the Config Connector object
+	if r.Namespace == "" {
+		r.Namespace = otherNamespace
+	}
+	key := types.NamespacedName{Name: r.Name, Namespace: r.Namespace}
+	u := &unstructured.Unstructured{}
+	u.SetGroupVersionKind(SecureSourceManagerRepositoryGVK)
+	if err := reader.Get(ctx, key, u); err != nil {
+		if apierrors.IsNotFound(err) {
+			return "", k8s.NewReferenceNotFoundError(u.GroupVersionKind(), key)
+		}
+		return "", fmt.Errorf("reading referenced %s %s: %w", SecureSourceManagerRepositoryGVK, key, err)
+	}
+	// Get external from status.externalRef. This is the most trustworthy place.
+	actualExternalRef, _, err := unstructured.NestedString(u.Object, "status", "externalRef")
+	if err != nil {
+		return "", fmt.Errorf("reading status.externalRef: %w", err)
+	}
+	if actualExternalRef == "" {
+		return "", k8s.NewReferenceNotReadyError(u.GroupVersionKind(), key)
+	}
+	r.External = actualExternalRef
+	return r.External, nil
+}
+
+// New builds a SecureSourceManagerRepositoryRef from the Config Connector SecureSourceManagerRepository object.
+func NewSecureSourceManagerRepositoryRef(ctx context.Context, reader client.Reader, obj *SecureSourceManagerRepository) (*SecureSourceManagerRepositoryRef, error) {
+	id := &SecureSourceManagerRepositoryRef{}
+
+	// Get Parent
+	projectRef, err := refsv1beta1.ResolveProject(ctx, reader, obj, obj.Spec.ProjectRef)
+	if err != nil {
+		return nil, err
+	}
+	projectID := projectRef.ProjectID
+	if projectID == "" {
+		return nil, fmt.Errorf("cannot resolve project")
+	}
+	location := obj.Spec.Location
+	id.parent = &SecureSourceManagerRepositoryParent{ProjectID: projectID, Location: location}
+
+	// Get desired ID
+	resourceID := valueOf(obj.Spec.ResourceID)
+	if resourceID == "" {
+		resourceID = obj.GetName()
+	}
+	if resourceID == "" {
+		return nil, fmt.Errorf("cannot resolve resource ID")
+	}
+
+	// Use approved External
+	externalRef := valueOf(obj.Status.ExternalRef)
+	if externalRef == "" {
+		id.External = asSecureSourceManagerRepositoryExternal(id.parent, resourceID)
+		return id, nil
+	}
+
+	// Validate desired with actual
+	actualParent, actualResourceID, err := parseSecureSourceManagerRepositoryExternal(externalRef)
+	if err != nil {
+		return nil, err
+	}
+	if actualParent.ProjectID != projectID {
+		return nil, fmt.Errorf("spec.projectRef changed, expect %s, got %s", actualParent.ProjectID, projectID)
+	}
+	if actualParent.Location != location {
+		return nil, fmt.Errorf("spec.location changed, expect %s, got %s", actualParent.Location, location)
+	}
+	if actualResourceID != resourceID {
+		return nil, fmt.Errorf("cannot reset `metadata.name` or `spec.resourceID` to %s, since it has already assigned to %s",
+			resourceID, actualResourceID)
+	}
+	id.External = externalRef
+	id.parent = &SecureSourceManagerRepositoryParent{ProjectID: projectID, Location: location}
+	return id, nil
+}
+
+func (r *SecureSourceManagerRepositoryRef) Parent() (*SecureSourceManagerRepositoryParent, error) {
+	if r.parent != nil {
+		return r.parent, nil
+	}
+	if r.External != "" {
+		parent, _, err := parseSecureSourceManagerRepositoryExternal(r.External)
+		if err != nil {
+			return nil, err
+		}
+		return parent, nil
+	}
+	return nil, fmt.Errorf("SecureSourceManagerRepositoryRef not initialized from `NewSecureSourceManagerRepositoryRef` or `NormalizedExternal`")
+}
+
+func (r *SecureSourceManagerRepositoryRef) ResourceID() (string, error) {
+	if r.External == "" {
+		return "", fmt.Errorf("reference has not been normalized (external is empty)")
+	}
+
+	_, resourceID, err := parseSecureSourceManagerRepositoryExternal(r.External)
+	if err != nil {
+		return "", err
+	}
+	return resourceID, nil
+}
+
+type SecureSourceManagerRepositoryParent struct {
+	ProjectID string
+	Location  string
+}
+
+func (p *SecureSourceManagerRepositoryParent) String() string {
+	return "projects/" + p.ProjectID + "/locations/" + p.Location
+}
+
+func asSecureSourceManagerRepositoryExternal(parent *SecureSourceManagerRepositoryParent, resourceID string) (external string) {
+	return parent.String() + "/repositories/" + resourceID
+}
+
+func parseSecureSourceManagerRepositoryExternal(external string) (parent *SecureSourceManagerRepositoryParent, resourceID string, err error) {
+	external = strings.TrimPrefix(external, "/")
+	tokens := strings.Split(external, "/")
+	if len(tokens) != 6 || tokens[0] != "projects" || tokens[2] != "locations" || tokens[4] != "repositories" {
+		return nil, "", fmt.Errorf("format of SecureSourceManagerRepository external=%q was not known (use projects/<projectId>/locations/<location>/repositories/<repositoryID>)", external)
+	}
+	parent = &SecureSourceManagerRepositoryParent{
+		ProjectID: tokens[1],
+		Location:  tokens[3],
+	}
+	resourceID = tokens[5]
+	return parent, resourceID, nil
+}