KMS: add plural data source for resource_google_kms_key_ring (#11061) (#18611)

[upstream:b03e72f5f5f54fcfed067ed3e4fc8afa51a8f9e1]

Signed-off-by: Modular Magician <magic-modules@google.com>

Author: modular-magician

.changelog/11061.txt

@@ -0,0 +1,3 @@
+```release-note:new-datasource
+`google_kms_key_rings`
+```

google/provider/provider_mmv1_resources.go

@@ -235,6 +235,7 @@ var handwrittenDatasources = map[string]*schema.Resource{
 	"google_kms_crypto_keys":                              kms.DataSourceGoogleKmsCryptoKeys(),
 	"google_kms_crypto_key_version":                       kms.DataSourceGoogleKmsCryptoKeyVersion(),
 	"google_kms_key_ring":                                 kms.DataSourceGoogleKmsKeyRing(),
+	"google_kms_key_rings":                                kms.DataSourceGoogleKmsKeyRings(),
 	"google_kms_secret":                                   kms.DataSourceGoogleKmsSecret(),
 	"google_kms_secret_ciphertext":                        kms.DataSourceGoogleKmsSecretCiphertext(),
 	"google_folder":                                       resourcemanager.DataSourceGoogleFolder(),

google/services/kms/data_source_google_kms_key_rings.go

@@ -0,0 +1,175 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package kms
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-google/google/tpgresource"
+	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
+)
+
+func DataSourceGoogleKmsKeyRings() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGoogleKmsKeyRingsRead,
+		Schema: map[string]*schema.Schema{
+			"project": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: `Project ID of the project.`,
+			},
+			"location": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: `The canonical id for the location. For example: "us-east1".`,
+			},
+			"filter": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Description: `
+					The filter argument is used to add a filter query parameter that limits which keys are retrieved by the data source: ?filter={{filter}}.
+					Example values:
+					
+					* "name:my-key-" will retrieve key rings that contain "my-key-" anywhere in their name. Note: names take the form projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}.
+					* "name=projects/my-project/locations/global/keyRings/my-key-ring" will only retrieve a key ring with that exact name.
+					
+					[See the documentation about using filters](https://cloud.google.com/kms/docs/sorting-and-filtering)
+				`,
+			},
+			"key_rings": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: "A list of all the retrieved key rings",
+				Elem: &schema.Resource{
+					// schema isn't used from resource_kms_key_ring due to having project and location fields which are empty when grabbed in a list.
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceGoogleKmsKeyRingsRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*transport_tpg.Config)
+
+	id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/keyRings")
+	if err != nil {
+		return err
+	}
+	if filter, ok := d.GetOk("filter"); ok {
+		id += "/filter=" + filter.(string)
+	}
+	d.SetId(id)
+
+	log.Printf("[DEBUG] Searching for keyrings")
+	userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for keyRings: %s", err)
+	}
+	billingProject = project
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	var keyRings []interface{}
+
+	params := make(map[string]string)
+	if filter, ok := d.GetOk("filter"); ok {
+		log.Printf("[DEBUG] Search for key rings using filter ?filter=%s", filter.(string))
+		params["filter"] = filter.(string)
+		if err != nil {
+			return err
+		}
+	}
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{KMSBasePath}}projects/{{project}}/locations/{{location}}/keyRings")
+	if err != nil {
+		return err
+	}
+
+	for {
+		url, err = transport_tpg.AddQueryParams(url, params)
+		if err != nil {
+			return err
+		}
+
+		res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+			Config:               config,
+			Method:               "GET",
+			Project:              billingProject,
+			RawURL:               url,
+			UserAgent:            userAgent,
+			ErrorRetryPredicates: []transport_tpg.RetryErrorPredicateFunc{transport_tpg.Is429RetryableQuotaError},
+		})
+		if err != nil {
+			return fmt.Errorf("Error retrieving buckets: %s", err)
+		}
+
+		if res["keyRings"] == nil {
+			break
+		}
+		pageKeyRings, err := flattenKMSKeyRingsList(config, res["keyRings"])
+		if err != nil {
+			return fmt.Errorf("error flattening key rings list: %s", err)
+		}
+		keyRings = append(keyRings, pageKeyRings...)
+
+		pToken, ok := res["nextPageToken"]
+		if ok && pToken != nil && pToken.(string) != "" {
+			params["pageToken"] = pToken.(string)
+		} else {
+			break
+		}
+	}
+
+	log.Printf("[DEBUG] Found %d key rings", len(keyRings))
+	if err := d.Set("key_rings", keyRings); err != nil {
+		return fmt.Errorf("error setting key rings: %s", err)
+	}
+
+	return nil
+}
+
+// flattenKMSKeyRingsList flattens a list of key rings
+func flattenKMSKeyRingsList(config *transport_tpg.Config, keyRingsList interface{}) ([]interface{}, error) {
+	var keyRings []interface{}
+	for _, k := range keyRingsList.([]interface{}) {
+		keyRing := k.(map[string]interface{})
+
+		parsedId, err := parseKmsKeyRingId(keyRing["name"].(string), config)
+		if err != nil {
+			return nil, err
+		}
+
+		data := map[string]interface{}{}
+		// The google_kms_key_rings resource and dataset set
+		// id as the value of name (projects/{{project}}/locations/{{location}}/keyRings/{{name}})
+		// and set name is set as just {{name}}.
+		data["id"] = keyRing["name"]
+		data["name"] = parsedId.Name
+
+		keyRings = append(keyRings, data)
+	}
+
+	return keyRings, nil
+}

google/services/kms/data_source_google_kms_key_rings_test.go

@@ -0,0 +1,72 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package kms_test
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-provider-google/google/acctest"
+)
+
+func TestAccDataSourceGoogleKmsKeyRings_basic(t *testing.T) {
+	kms := acctest.BootstrapKMSKey(t)
+	idPath := strings.Split(kms.KeyRing.Name, "/")
+	location := idPath[3]
+	randomString := acctest.RandString(t, 10)
+	filterNameFindSharedKeys := "name:tftest-shared-"
+	filterNameFindsNoKeys := fmt.Sprintf("name:%s", randomString)
+
+	keyRingsID := fmt.Sprintf("projects/%s/locations/%s/keyRings", idPath[1], location)
+	findSharedKeysId := fmt.Sprintf("%s/filter=%s", keyRingsID, filterNameFindSharedKeys)
+	findsNoKeysId := fmt.Sprintf("%s/filter=%s", keyRingsID, filterNameFindsNoKeys)
+
+	context := map[string]interface{}{
+		"filter":   "", // Can be overridden using 2nd argument to config funcs
+		"location": location,
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceGoogleKmsKeyRings_basic(context, ""),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.google_kms_key_rings.all_key_rings", "id", keyRingsID),
+					resource.TestMatchResourceAttr("data.google_kms_key_rings.all_key_rings", "key_rings.#", regexp.MustCompile("[1-9]+[0-9]*")),
+				),
+			},
+			{
+				Config: testAccDataSourceGoogleKmsKeyRings_basic(context, fmt.Sprintf("filter = \"%s\"", filterNameFindSharedKeys)),
+				Check: resource.ComposeTestCheckFunc(
+					// This filter should retrieve the bootstrapped KMS key rings used by the test
+					resource.TestCheckResourceAttr("data.google_kms_key_rings.all_key_rings", "id", findSharedKeysId),
+					resource.TestMatchResourceAttr("data.google_kms_key_rings.all_key_rings", "key_rings.#", regexp.MustCompile("[1-9]+[0-9]*")),
+				),
+			},
+			{
+				Config: testAccDataSourceGoogleKmsKeyRings_basic(context, fmt.Sprintf("filter = \"%s\"", filterNameFindsNoKeys)),
+				Check: resource.ComposeTestCheckFunc(
+					// This filter should retrieve no keys
+					resource.TestCheckResourceAttr("data.google_kms_key_rings.all_key_rings", "id", findsNoKeysId),
+					resource.TestCheckResourceAttr("data.google_kms_key_rings.all_key_rings", "key_rings.#", "0"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceGoogleKmsKeyRings_basic(context map[string]interface{}, filter string) string {
+	context["filter"] = filter
+
+	return acctest.Nprintf(`
+data "google_kms_key_rings" "all_key_rings" {
+  location = "%{location}"
+  %{filter}
+}
+`, context)
+}