From 9f4b771b208ae71cc8c42607ad513a319391b7f8 Mon Sep 17 00:00:00 2001
From: Modular Magician <magic-modules@google.com>
Date: Wed, 5 Jun 2024 15:49:40 +0000
Subject: [PATCH] Add support for preventDrift field in ConfigManagement
 Fleet-level default config (#10809)

Co-authored-by: Stephen Lewis (Burrows) <stephen.r.burrows@gmail.com>

[upstream:cc013404d5b6ccce53491e1d3e807df55855846b]

Signed-off-by: Modular Magician <magic-modules@google.com>
---
 .../gkehub2/resource_gke_hub_feature.go       | 22 +++++++++++++++++++
 .../gkehub2/resource_gke_hub_feature_test.go  |  3 ++-
 website/docs/r/gke_hub_feature.html.markdown  |  4 ++++
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/google/services/gkehub2/resource_gke_hub_feature.go b/google/services/gkehub2/resource_gke_hub_feature.go
index 8fe7f0e3dfd..17a328df4b1 100644
--- a/google/services/gkehub2/resource_gke_hub_feature.go
+++ b/google/services/gkehub2/resource_gke_hub_feature.go
@@ -174,6 +174,11 @@ func ResourceGKEHub2Feature() *schema.Resource {
 														},
 													},
 												},
+												"prevent_drift": {
+													Type:        schema.TypeBool,
+													Optional:    true,
+													Description: `Set to true to enable the Config Sync admission webhook to prevent drifts. If set to 'false', disables the Config Sync admission webhook and does not prevent drifts.`,
+												},
 												"source_format": {
 													Type:        schema.TypeString,
 													Optional:    true,
@@ -1349,6 +1354,8 @@ func flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSync(v i
 	transformed := make(map[string]interface{})
 	transformed["source_format"] =
 		flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncSourceFormat(original["sourceFormat"], d, config)
+	transformed["prevent_drift"] =
+		flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncPreventDrift(original["preventDrift"], d, config)
 	transformed["git"] =
 		flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncGit(original["git"], d, config)
 	transformed["oci"] =
@@ -1359,6 +1366,10 @@ func flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncSour
 	return v
 }
 
+func flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncPreventDrift(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncGit(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return nil
@@ -2242,6 +2253,13 @@ func expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSync(v in
 		transformed["sourceFormat"] = transformedSourceFormat
 	}
 
+	transformedPreventDrift, err := expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncPreventDrift(original["prevent_drift"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedPreventDrift); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["preventDrift"] = transformedPreventDrift
+	}
+
 	transformedGit, err := expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncGit(original["git"], d, config)
 	if err != nil {
 		return nil, err
@@ -2263,6 +2281,10 @@ func expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncSourc
 	return v, nil
 }
 
+func expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncPreventDrift(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandGKEHub2FeatureFleetDefaultMemberConfigConfigmanagementConfigSyncGit(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	l := v.([]interface{})
 	if len(l) == 0 || l[0] == nil {
diff --git a/google/services/gkehub2/resource_gke_hub_feature_test.go b/google/services/gkehub2/resource_gke_hub_feature_test.go
index 6039f2347a0..800a2f52225 100644
--- a/google/services/gkehub2/resource_gke_hub_feature_test.go
+++ b/google/services/gkehub2/resource_gke_hub_feature_test.go
@@ -430,7 +430,8 @@ resource "google_gke_hub_feature" "feature" {
   fleet_default_member_config {
     configmanagement {
       version = "1.16.1"
-      config_sync {
+     config_sync {
+       prevent_drift = true
         source_format = "unstructured"
         oci {
           sync_repo = "us-central1-docker.pkg.dev/corp-gke-build-artifacts/acm/configs:latest"
diff --git a/website/docs/r/gke_hub_feature.html.markdown b/website/docs/r/gke_hub_feature.html.markdown
index 9989edcdf08..59b0df27229 100644
--- a/website/docs/r/gke_hub_feature.html.markdown
+++ b/website/docs/r/gke_hub_feature.html.markdown
@@ -492,6 +492,10 @@ The following arguments are supported:
   (Optional)
   Specifies whether the Config Sync Repo is in hierarchical or unstructured mode
 
+* `prevent_drift` -
+  (Optional)
+  Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
+
 * `git` -
   (Optional)
   Git repo configuration for the cluster