Revert "Add missing fields to compute resources [KMS and disks]" (#13125

) (#21502) [upstream:68ee03a7a4ccf26aa336ef6b20a35fce8942a0ab] Signed-off-by: Modular Magician <[email protected]>
hashicorp · Feb 19, 2025 · 773b763 · 773b763
1 parent 294ee49
commit 773b763
Show file tree

Hide file tree

Showing 20 changed files with 67 additions and 2,218 deletions.
diff --git a/.changelog/13125.txt b/.changelog/13125.txt
@@ -0,0 +1,9 @@
+```release-note:enhancement
+compute: added several `boot_disk`, `attached_disk`, and `instance_encryption_key` fields for improved encryption key support in `google_compute_instance` and template resources (revert)
+```
+```release-note:enhancement
+compute: added support for `image_encryption_key.raw_key` and ` image_encryption_key.rsa_encrypted_key` to `google_compute_image` resource (revert)
+```
+```release-note:enhancement
+compute: added support for `snapshot_encryption_key.rsa_encrypted_key` to `google_compute_snapshot` resource (revert)
+```
diff --git a/google/services/compute/compute_instance_helpers.go b/google/services/compute/compute_instance_helpers.go
@@ -822,89 +822,3 @@ func flattenNetworkPerformanceConfig(c *compute.NetworkPerformanceConfig) []map[
 		},
 	}
 }
-
-func flattenComputeInstanceGuestOsFeatures(v interface{}) []interface{} {
-	if v == nil {
-		return nil
-	}
-	features, ok := v.([]*compute.GuestOsFeature)
-	if !ok {
-		return nil
-	}
-	var result []interface{}
-	for _, feature := range features {
-		if feature != nil && feature.Type != "" {
-			result = append(result, feature.Type)
-		}
-	}
-	return result
-}
-
-func expandComputeInstanceGuestOsFeatures(v interface{}) []*compute.GuestOsFeature {
-	if v == nil {
-		return nil
-	}
-	var result []*compute.GuestOsFeature
-	for _, feature := range v.([]interface{}) {
-		result = append(result, &compute.GuestOsFeature{Type: feature.(string)})
-	}
-	return result
-}
-
-func expandComputeInstanceEncryptionKey(d tpgresource.TerraformResourceData) *compute.CustomerEncryptionKey {
-	iek, ok := d.GetOk("instance_encryption_key")
-	if !ok {
-		return nil
-	}
-
-	iekRes := iek.([]interface{})[0].(map[string]interface{})
-	return &compute.CustomerEncryptionKey{
-		KmsKeyName:           iekRes["kms_key_self_link"].(string),
-		Sha256:               iekRes["sha256"].(string),
-		KmsKeyServiceAccount: iekRes["kms_key_service_account"].(string),
-	}
-}
-
-func flattenComputeInstanceEncryptionKey(v *compute.CustomerEncryptionKey) []map[string]interface{} {
-	if v == nil {
-		return nil
-	}
-	return []map[string]interface{}{
-		{
-			"kms_key_self_link":       v.KmsKeyName,
-			"sha256":                  v.Sha256,
-			"kms_key_service_account": v.KmsKeyServiceAccount,
-		},
-	}
-}
-
-func expandComputeInstanceSourceEncryptionKey(d tpgresource.TerraformResourceData, field string) *compute.CustomerEncryptionKey {
-	cek, ok := d.GetOk(field)
-	if !ok {
-		return nil
-	}
-
-	cekRes := cek.([]interface{})[0].(map[string]interface{})
-	return &compute.CustomerEncryptionKey{
-		RsaEncryptedKey:      cekRes["rsa_encrypted_key"].(string),
-		RawKey:               cekRes["raw_key"].(string),
-		KmsKeyName:           cekRes["kms_key_self_link"].(string),
-		Sha256:               cekRes["sha256"].(string),
-		KmsKeyServiceAccount: cekRes["kms_key_service_account"].(string),
-	}
-}
-
-func flattenComputeInstanceSourceEncryptionKey(v *compute.CustomerEncryptionKey) []map[string]interface{} {
-	if v == nil {
-		return nil
-	}
-	return []map[string]interface{}{
-		{
-			"rsa_encrypted_key":       v.RsaEncryptedKey,
-			"raw_key":                 v.RawKey,
-			"kms_key_self_link":       v.KmsKeyName,
-			"sha256":                  v.Sha256,
-			"kms_key_service_account": v.KmsKeyServiceAccount,
-		},
-	}
-}
diff --git a/google/services/compute/resource_compute_image.go b/google/services/compute/resource_compute_image.go
@@ -132,22 +132,6 @@ KMS.`,
 given KMS key. If absent, the Compute Engine default service
 account is used.`,
 						},
-						"raw_key": {
-							Type:     schema.TypeString,
-							Optional: true,
-							ForceNew: true,
-							Description: `Specifies a 256-bit customer-supplied encryption key, encoded in
-RFC 4648 base64 to either encrypt or decrypt this resource.`,
-							Sensitive: true,
-						},
-						"rsa_encrypted_key": {
-							Type:     schema.TypeString,
-							Optional: true,
-							ForceNew: true,
-							Description: `Specifies a 256-bit customer-supplied encryption key, encoded in
-RFC 4648 base64 to either encrypt or decrypt this resource.`,
-							Sensitive: true,
-						},
 					},
 				},
 			},
@@ -800,10 +784,6 @@ func flattenComputeImageImageEncryptionKey(v interface{}, d *schema.ResourceData
 		flattenComputeImageImageEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d, config)
 	transformed["kms_key_service_account"] =
 		flattenComputeImageImageEncryptionKeyKmsKeyServiceAccount(original["kmsKeyServiceAccount"], d, config)
-	transformed["raw_key"] =
-		flattenComputeImageImageEncryptionKeyRawKey(original["rawKey"], d, config)
-	transformed["rsa_encrypted_key"] =
-		flattenComputeImageImageEncryptionKeyRsaEncryptedKey(original["rsaEncryptedKey"], d, config)
 	return []interface{}{transformed}
 }
 func flattenComputeImageImageEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
@@ -818,14 +798,6 @@ func flattenComputeImageImageEncryptionKeyKmsKeyServiceAccount(v interface{}, d
 	return v
 }
 
-func flattenComputeImageImageEncryptionKeyRawKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
-	return d.Get("image_encryption_key.0.raw_key")
-}
-
-func flattenComputeImageImageEncryptionKeyRsaEncryptedKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
-	return d.Get("image_encryption_key.0.rsa_encrypted_key")
-}
-
 func flattenComputeImageLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -962,20 +934,6 @@ func expandComputeImageImageEncryptionKey(v interface{}, d tpgresource.Terraform
 		transformed["kmsKeyServiceAccount"] = transformedKmsKeyServiceAccount
 	}
 
-	transformedRawKey, err := expandComputeImageImageEncryptionKeyRawKey(original["raw_key"], d, config)
-	if err != nil {
-		return nil, err
-	} else if val := reflect.ValueOf(transformedRawKey); val.IsValid() && !tpgresource.IsEmptyValue(val) {
-		transformed["rawKey"] = transformedRawKey
-	}
-
-	transformedRsaEncryptedKey, err := expandComputeImageImageEncryptionKeyRsaEncryptedKey(original["rsa_encrypted_key"], d, config)
-	if err != nil {
-		return nil, err
-	} else if val := reflect.ValueOf(transformedRsaEncryptedKey); val.IsValid() && !tpgresource.IsEmptyValue(val) {
-		transformed["rsaEncryptedKey"] = transformedRsaEncryptedKey
-	}
-
 	return transformed, nil
 }
 
@@ -987,14 +945,6 @@ func expandComputeImageImageEncryptionKeyKmsKeyServiceAccount(v interface{}, d t
 	return v, nil
 }
 
-func expandComputeImageImageEncryptionKeyRawKey(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
-	return v, nil
-}
-
-func expandComputeImageImageEncryptionKeyRsaEncryptedKey(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
-	return v, nil
-}
-
 func expandComputeImageLabelFingerprint(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }

diff --git a/google/services/compute/resource_compute_image_generated_meta.yaml b/google/services/compute/resource_compute_image_generated_meta.yaml
@@ -16,8 +16,6 @@ fields:
   - field: 'image_encryption_key.kms_key_self_link'
     api_field: 'image_encryption_key.kms_key_name'
   - field: 'image_encryption_key.kms_key_service_account'
-  - field: 'image_encryption_key.raw_key'
-  - field: 'image_encryption_key.rsa_encrypted_key'
   - field: 'label_fingerprint'
   - field: 'labels'
   - field: 'licenses'

diff --git a/google/services/compute/resource_compute_image_generated_test.go b/google/services/compute/resource_compute_image_generated_test.go
@@ -49,7 +49,7 @@ func TestAccComputeImage_imageBasicExample(t *testing.T) {
 				ResourceName:            "google_compute_image.example",
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"image_encryption_key.0.raw_key", "image_encryption_key.0.rsa_encrypted_key", "labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
+				ImportStateVerifyIgnore: []string{"labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
 			},
 		},
 	})
@@ -97,7 +97,7 @@ func TestAccComputeImage_imageGuestOsExample(t *testing.T) {
 				ResourceName:            "google_compute_image.example",
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"image_encryption_key.0.raw_key", "image_encryption_key.0.rsa_encrypted_key", "labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
+				ImportStateVerifyIgnore: []string{"labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
 			},
 		},
 	})
@@ -165,7 +165,7 @@ func TestAccComputeImage_imageBasicStorageLocationExample(t *testing.T) {
 				ResourceName:            "google_compute_image.example",
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"image_encryption_key.0.raw_key", "image_encryption_key.0.rsa_encrypted_key", "labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
+				ImportStateVerifyIgnore: []string{"labels", "raw_disk", "source_disk", "source_image", "source_snapshot", "terraform_labels"},
 			},
 		},
 	})