feat: add cmr update

Author: gene-redpanda

redpanda/resources/cluster/model_to_proto.go

@@ -387,9 +387,45 @@ func getMtlsSpec(ctx context.Context, mtls types.Object, diags diag.Diagnostics)
 	}, diags
 }
 
-func generateClusterCMRUpdate(_ context.Context, _ models.Cluster, diags diag.Diagnostics) (*controlplanev1beta2.CustomerManagedResourcesUpdate, diag.Diagnostics) {
-	// TODO implement for GCP BYOVPC
-	return nil, diags
+func generateClusterCMRUpdate(ctx context.Context, cluster models.Cluster, diags diag.Diagnostics) (*controlplanev1beta2.CustomerManagedResourcesUpdate, diag.Diagnostics) {
+	// Early returns if not applicable
+	if cluster.CustomerManagedResources.IsNull() {
+		return nil, diags
+	}
+
+	// Only supports GCP in the API so no point going past here if not gcp
+	if cluster.CloudProvider.ValueString() != utils.CloudProviderStringGcp {
+		return nil, diags
+	}
+
+	// Get the CMR object
+	var cmrObj types.Object
+	if d := cluster.CustomerManagedResources.As(ctx, &cmrObj, basetypes.ObjectAsOptions{
+		UnhandledNullAsEmpty:    true,
+		UnhandledUnknownAsEmpty: true,
+	}); d.HasError() {
+		return nil, d
+	}
+
+	// Get the GCP object from CustomerManagedResources
+	gcp, d := getObjectFromAttributes(ctx, "gcp", gcpType, cmrObj.Attributes(), diags)
+	if d.HasError() {
+		if !utils.IsNotFoundSpec(d) {
+			return nil, d
+		}
+	}
+
+	gcpUpdate := &controlplanev1beta2.CustomerManagedResourcesUpdate_GCP{}
+	if pscNatSubnetName, ok := gcp.Attributes()["psc_nat_subnet_name"].(types.String); ok && !pscNatSubnetName.IsNull() {
+		gcpUpdate.PscNatSubnetName = pscNatSubnetName.ValueString()
+	}
+
+	// Create and return the update object
+	return &controlplanev1beta2.CustomerManagedResourcesUpdate{
+		CloudProvider: &controlplanev1beta2.CustomerManagedResourcesUpdate_Gcp{
+			Gcp: gcpUpdate,
+		},
+	}, diags
 }
 
 func getAzurePrivateLinkSpec(_ context.Context, azure types.Object, diags diag.Diagnostics) (*controlplanev1beta2.AzurePrivateLinkSpec, diag.Diagnostics) {

redpanda/resources/cluster/model_to_proto_test.go

@@ -8,9 +8,242 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/redpanda-data/terraform-provider-redpanda/redpanda/models"
+	"github.com/redpanda-data/terraform-provider-redpanda/redpanda/utils"
 	"github.com/stretchr/testify/assert"
 )
 
+func TestGenerateClusterCMRUpdate(t *testing.T) {
+	// Create a basic GCP cluster proto object
+	gcpCluster := &controlplanev1beta2.Cluster{
+		CloudProvider: mustCloudProvider("gcp"),
+		Type:          controlplanev1beta2.Cluster_TYPE_BYOC,
+		CustomerManagedResources: &controlplanev1beta2.CustomerManagedResources{
+			CloudProvider: &controlplanev1beta2.CustomerManagedResources_Gcp{
+				Gcp: &controlplanev1beta2.CustomerManagedResources_GCP{
+					Subnet: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet{
+						Name: "subnet-name",
+						SecondaryIpv4RangePods: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet_SecondaryIPv4Range{
+							Name: "pods-range",
+						},
+						SecondaryIpv4RangeServices: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet_SecondaryIPv4Range{
+							Name: "services-range",
+						},
+						K8SMasterIpv4Range: "10.0.0.0/24",
+					},
+					AgentServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					ConsoleServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					ConnectorServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					RedpandaClusterServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					GkeServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					TieredStorageBucket: &controlplanev1beta2.CustomerManagedGoogleCloudStorageBucket{
+						Name: "test-bucket",
+					},
+				},
+			},
+		},
+	}
+
+	// Create a GCP cluster with PSC NAT subnet name
+	gcpClusterWithSubnet := &controlplanev1beta2.Cluster{
+		CloudProvider: mustCloudProvider("gcp"),
+		Type:          controlplanev1beta2.Cluster_TYPE_BYOC,
+		CustomerManagedResources: &controlplanev1beta2.CustomerManagedResources{
+			CloudProvider: &controlplanev1beta2.CustomerManagedResources_Gcp{
+				Gcp: &controlplanev1beta2.CustomerManagedResources_GCP{
+					Subnet: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet{
+						Name: "subnet-name",
+						SecondaryIpv4RangePods: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet_SecondaryIPv4Range{
+							Name: "pods-range",
+						},
+						SecondaryIpv4RangeServices: &controlplanev1beta2.CustomerManagedResources_GCP_Subnet_SecondaryIPv4Range{
+							Name: "services-range",
+						},
+						K8SMasterIpv4Range: "10.0.0.0/24",
+					},
+					AgentServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					ConsoleServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					ConnectorServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					RedpandaClusterServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					GkeServiceAccount: &controlplanev1beta2.CustomerManagedResources_GCP_ServiceAccount{
+						Email: "[email protected]",
+					},
+					TieredStorageBucket: &controlplanev1beta2.CustomerManagedGoogleCloudStorageBucket{
+						Name: "test-bucket",
+					},
+					PscNatSubnetName: "test-subnet",
+				},
+			},
+		},
+	}
+
+	// Create an AWS cluster
+	awsCluster := &controlplanev1beta2.Cluster{
+		CloudProvider: mustCloudProvider("aws"),
+		Type:          controlplanev1beta2.Cluster_TYPE_BYOC,
+		CustomerManagedResources: &controlplanev1beta2.CustomerManagedResources{
+			CloudProvider: &controlplanev1beta2.CustomerManagedResources_Aws{
+				Aws: &controlplanev1beta2.CustomerManagedResources_AWS{
+					AgentInstanceProfile: &controlplanev1beta2.CustomerManagedResources_AWS_InstanceProfile{
+						Arn: "arn:aws:iam::123456789012:instance-profile/agent",
+					},
+					ConnectorsNodeGroupInstanceProfile: &controlplanev1beta2.CustomerManagedResources_AWS_InstanceProfile{
+						Arn: "arn:aws:iam::123456789012:instance-profile/connectors",
+					},
+					UtilityNodeGroupInstanceProfile: &controlplanev1beta2.CustomerManagedResources_AWS_InstanceProfile{
+						Arn: "arn:aws:iam::123456789012:instance-profile/utility",
+					},
+					RedpandaNodeGroupInstanceProfile: &controlplanev1beta2.CustomerManagedResources_AWS_InstanceProfile{
+						Arn: "arn:aws:iam::123456789012:instance-profile/redpanda",
+					},
+					K8SClusterRole: &controlplanev1beta2.CustomerManagedResources_AWS_Role{
+						Arn: "arn:aws:iam::123456789012:role/k8s",
+					},
+					RedpandaAgentSecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/agent",
+					},
+					ConnectorsSecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/connectors",
+					},
+					RedpandaNodeGroupSecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/redpanda",
+					},
+					UtilitySecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/utility",
+					},
+					ClusterSecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/cluster",
+					},
+					NodeSecurityGroup: &controlplanev1beta2.CustomerManagedResources_AWS_SecurityGroup{
+						Arn: "arn:aws:ec2:region:123456789012:security-group/node",
+					},
+					CloudStorageBucket: &controlplanev1beta2.CustomerManagedAWSCloudStorageBucket{
+						Arn: "arn:aws:s3:::my-bucket",
+					},
+					PermissionsBoundaryPolicy: &controlplanev1beta2.CustomerManagedResources_AWS_Policy{
+						Arn: "arn:aws:iam::123456789012:policy/boundary",
+					},
+				},
+			},
+		},
+	}
+
+	// Generate model objects using generateModelCMR function
+	diagContext := diag.Diagnostics{}
+	gcpCMR, diagGcp := generateModelCMR(gcpCluster, diagContext)
+	gcpCMRWithSubnet, diagGcpWithSubnet := generateModelCMR(gcpClusterWithSubnet, diagContext)
+	awsCMR, diagAws := generateModelCMR(awsCluster, diagContext)
+
+	// Make sure all the generations worked correctly
+	if diagGcp.HasError() || diagGcpWithSubnet.HasError() || diagAws.HasError() {
+		t.Fatalf("Error generating CMR models for test setup: %v, %v, %v", diagGcp, diagGcpWithSubnet, diagAws)
+	}
+
+	tests := []struct {
+		name           string
+		cluster        models.Cluster
+		expectNil      bool
+		expectedUpdate *controlplanev1beta2.CustomerManagedResourcesUpdate
+		expectError    bool
+	}{
+		{
+			name: "null customer managed resources",
+			cluster: models.Cluster{
+				CustomerManagedResources: types.ObjectNull(cmrType),
+				CloudProvider:            types.StringValue(utils.CloudProviderStringGcp),
+			},
+			expectNil: true,
+		},
+		{
+			name: "non-GCP cloud provider",
+			cluster: models.Cluster{
+				CustomerManagedResources: awsCMR,
+				CloudProvider:            types.StringValue(utils.CloudProviderStringAws),
+			},
+			expectNil: true,
+		},
+		{
+			name: "GCP with no PSC NAT subnet name",
+			cluster: models.Cluster{
+				CustomerManagedResources: gcpCMR,
+				CloudProvider:            types.StringValue(utils.CloudProviderStringGcp),
+			},
+			expectedUpdate: &controlplanev1beta2.CustomerManagedResourcesUpdate{
+				CloudProvider: &controlplanev1beta2.CustomerManagedResourcesUpdate_Gcp{
+					Gcp: &controlplanev1beta2.CustomerManagedResourcesUpdate_GCP{},
+				},
+			},
+		},
+		{
+			name: "GCP with PSC NAT subnet name",
+			cluster: models.Cluster{
+				CustomerManagedResources: gcpCMRWithSubnet,
+				CloudProvider:            types.StringValue(utils.CloudProviderStringGcp),
+			},
+			expectedUpdate: &controlplanev1beta2.CustomerManagedResourcesUpdate{
+				CloudProvider: &controlplanev1beta2.CustomerManagedResourcesUpdate_Gcp{
+					Gcp: &controlplanev1beta2.CustomerManagedResourcesUpdate_GCP{
+						PscNatSubnetName: "test-subnet",
+					},
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			ctxTest := context.Background()
+			diags := diag.Diagnostics{}
+
+			result, resultDiags := generateClusterCMRUpdate(ctxTest, tt.cluster, diags)
+
+			// Check for expected errors
+			if tt.expectError {
+				assert.True(t, resultDiags.HasError())
+			} else {
+				assert.False(t, resultDiags.HasError())
+			}
+
+			// Check if nil result expected
+			if tt.expectNil {
+				assert.Nil(t, result)
+				return
+			}
+
+			// Verify the result
+			assert.NotNil(t, result)
+
+			// Check the GCP provider type
+			assert.NotNil(t, result.GetGcp())
+
+			// Check PSC NAT subnet name if provided
+			if tt.expectedUpdate != nil && tt.expectedUpdate.GetGcp() != nil {
+				expectedSubnet := tt.expectedUpdate.GetGcp().PscNatSubnetName
+				actualSubnet := result.GetGcp().PscNatSubnetName
+				assert.Equal(t, expectedSubnet, actualSubnet)
+			}
+		})
+	}
+}
+
 func TestGetGcpPrivateServiceConnect(t *testing.T) {
 	tests := []struct {
 		name        string