Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add skip_grace_period to resource CertificateAuthority #12784

Merged
merged 1 commit into from Oct 13, 2022
Merged

Add skip_grace_period to resource CertificateAuthority #12784

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/6686.txt
View file
Open in desktop
@@ -0,0 +1,3 @@
```release-note:enhancement
privateca: add a new field `skip_grace_period` to skip the grace period when deleting a CertificateAuthority.
```
11 changes: 10 additions & 1 deletion google/resource_privateca_certificate_authority.go
View file
Open in desktop
Expand Up @@ -555,6 +555,15 @@ fractional digits, terminated by 's'. Example: "3.5s".`,
Optional: true,
Description: `The signed CA certificate issued from the subordinated CA's CSR. This is needed when activating the subordiante CA with a third party issuer.`,
},
"skip_grace_period": {
Type: schema.TypeBool,
Optional: true,
Description: `If this flag is set, the Certificate Authority will be deleted as soon as
possible without a 30-day grace period where undeletion would have been
allowed. If you proceed, there will be no way to recover this CA.
Use with care. Defaults to 'false'.`,
Default: false,
},
"subordinate_config": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -1063,7 +1072,7 @@ func resourcePrivatecaCertificateAuthorityDelete(d *schema.ResourceData, meta in
}
billingProject = project

url, err := replaceVars(d, config, "{{PrivatecaBasePath}}projects/{{project}}/locations/{{location}}/caPools/{{pool}}/certificateAuthorities/{{certificate_authority_id}}?ignoreActiveCertificates={{ignore_active_certificates_on_deletion}}")
url, err := replaceVars(d, config, "{{PrivatecaBasePath}}projects/{{project}}/locations/{{location}}/caPools/{{pool}}/certificateAuthorities/{{certificate_authority_id}}?ignoreActiveCertificates={{ignore_active_certificates_on_deletion}}&skipGracePeriod={{skip_grace_period}}")
if err != nil {
return err
}
Expand Down
4 changes: 2 additions & 2 deletions google/resource_privateca_certificate_authority_generated_test.go
View file
Open in desktop
Expand Up @@ -45,7 +45,7 @@ func TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicExam
ResourceName: "google_privateca_certificate_authority.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"pem_ca_certificate", "ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection"},
ImportStateVerifyIgnore: []string{"pem_ca_certificate", "ignore_active_certificates_on_deletion", "skip_grace_period", "location", "certificate_authority_id", "pool", "deletion_protection"},
},
},
})
Expand Down Expand Up @@ -127,7 +127,7 @@ func TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthoritySubordina
ResourceName: "google_privateca_certificate_authority.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"pem_ca_certificate", "ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection"},
ImportStateVerifyIgnore: []string{"pem_ca_certificate", "ignore_active_certificates_on_deletion", "skip_grace_period", "location", "certificate_authority_id", "pool", "deletion_protection"},
},
},
})
Expand Down
9 changes: 6 additions & 3 deletions google/resource_privateca_certificate_authority_test.go
View file
Open in desktop
Expand Up @@ -33,7 +33,7 @@ func TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityUpdate(t
ResourceName: "google_privateca_certificate_authority.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection"},
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection", "skip_grace_period"},
},
{
Config: testAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityEnd(context),
Expand All @@ -42,7 +42,7 @@ func TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityUpdate(t
ResourceName: "google_privateca_certificate_authority.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection"},
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection", "skip_grace_period"},
},
{
Config: testAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityBasicRoot(context),
Expand All @@ -51,7 +51,7 @@ func TestAccPrivatecaCertificateAuthority_privatecaCertificateAuthorityUpdate(t
ResourceName: "google_privateca_certificate_authority.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection"},
ImportStateVerifyIgnore: []string{"ignore_active_certificates_on_deletion", "location", "certificate_authority_id", "pool", "deletion_protection", "skip_grace_period"},
},
},
})
Expand Down Expand Up @@ -128,6 +128,7 @@ resource "google_privateca_certificate_authority" "default" {
certificate_authority_id = "tf-test-my-certificate-authority-%{random_suffix}"
location = "%{pool_location}"
deletion_protection = false
skip_grace_period = true
config {
subject_config {
subject {
Expand Down Expand Up @@ -181,6 +182,7 @@ resource "google_privateca_certificate_authority" "default" {
certificate_authority_id = "tf-test-my-certificate-authority-%{random_suffix}"
location = "%{pool_location}"
deletion_protection = false
skip_grace_period = true
config {
subject_config {
subject {
Expand Down Expand Up @@ -238,6 +240,7 @@ resource "google_privateca_certificate_authority" "default" {
location = "%{pool_location}"
desired_state = "%{desired_state}"
deletion_protection = false
skip_grace_period = true
config {
subject_config {
subject {
Expand Down
2 changes: 2 additions & 0 deletions google/resource_privateca_certificate_test.go
View file
Open in desktop
Expand Up @@ -61,6 +61,7 @@ resource "google_privateca_certificate_authority" "default" {
certificate_authority_id = "tf-test-my-certificate-authority-%{random_suffix}"
location = "%{pool_location}"
deletion_protection = false
skip_grace_period = true
config {
subject_config {
subject {
Expand Down Expand Up @@ -139,6 +140,7 @@ resource "google_privateca_certificate_authority" "default" {
certificate_authority_id = "tf-test-my-certificate-authority-%{random_suffix}"
location = "%{pool_location}"
deletion_protection = false
skip_grace_period = true
config {
subject_config {
subject {
Expand Down
7 changes: 7 additions & 0 deletions website/docs/r/privateca_certificate_authority.html.markdown
View file
Open in desktop
Expand Up @@ -563,6 +563,13 @@ The following arguments are supported:
This field allows the CA to be deleted even if the CA has active certs. Active certs include both unrevoked and unexpired certs.
Use with care. Defaults to `false`.

* `skip_grace_period` -
(Optional)
If this flag is set, the Certificate Authority will be deleted as soon as
possible without a 30-day grace period where undeletion would have been
allowed. If you proceed, there will be no way to recover this CA.
Use with care. Defaults to `false`.

* `type` -
(Optional)
The Type of this CertificateAuthority.
Expand Down