compute: added write-only arguments for IAP oauth2_client_id and oauth2_client_secret

[ramonvermeulen]

Closes hashicorp/terraform-provider-google#25774

Local Tests

╰─❮ make testacc TEST=./google/services/compute TESTARGS='-run=TestAccComputeBackendService_withWriteOnlyValues'                                                                                                ─╯
sh -c "'/Users/ramon/go/src/github.com/hashicorp/terraform-provider-google/scripts/gofmtcheck.sh'"
==> Checking that code complies with gofmt requirements...
go vet
TF_ACC_REFRESH_AFTER_APPLY=1 TF_ACC=1 TF_SCHEMA_PANIC_ON_ERROR=1 go test ./google/services/compute -v -run=TestAccComputeBackendService_withWriteOnlyValues -timeout 240m -ldflags="-X=github.com/hashicorp/terraform-provider-google/version.ProviderVersion=acc"
=== RUN   TestAccComputeBackendService_withWriteOnlyValues
=== PAUSE TestAccComputeBackendService_withWriteOnlyValues
=== CONT  TestAccComputeBackendService_withWriteOnlyValues
--- PASS: TestAccComputeBackendService_withWriteOnlyValues (116.68s)
PASS
ok      github.com/hashicorp/terraform-provider-google/google/services/compute  117.640s

I didn't run the full test suite to avoid incurring unnecessary costs.

This change requires careful review, to be sure it doesn't introduce a breaking change:

• I modified default_from_api on the iap object to enable write-only arguments. Previously, Computed: true was generated to the entire IAP struct part via the default_from_api field, a write-only argument cannot be within a field that is computed.
• I added ignore_read: true to client_id to prevent a diff on read, since the GET response still returns the value.

An alternative approach would be to implement the write-only argument only for client_secret and not for client_id.

@melinath tagging you for visibility.

compute: added write-only arguments for IAP `oauth2_client_id` and `oauth2_client_secret`

[github-actions]

Googlers: For automatic test runs see go/terraform-auto-test-runs.

@slevenick, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[melinath]

It looks like this isn't changing anything about how write_only fields work, so I'll leave the review to Sam! Thanks for adding these!

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 213 insertions(+), 27 deletions(-))
google-beta provider: Diff ( 5 files changed, 219 insertions(+), 33 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 5 insertions(+), 1 deletion(-))

Breaking Change(s) Detected

The following breaking change(s) were detected within your pull request.

• Field iap transitioned from optional+computed to optional google_compute_backend_service - reference

If you believe this detection to be incorrect please raise the concern with your reviewer.
If you intend to make this change you will need to wait for a major release window.
An override-breaking-change label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 1399
Passed tests: 1308
Skipped tests: 90
Affected tests: 1

Click here to see the affected service packages

• compute

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeBackendService_withWriteOnlyValues

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeBackendService_withWriteOnlyValues [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test

[github-actions]

@slevenick This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 2 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 3 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@ramonvermeulen, this PR is waiting for action from you. If no action is taken, this PR will be closed in 28 days.

Please address any comments or change requests, or re-request review from a core reviewer if no action is required.

This notification can be disabled with the disable-automatic-closure label.

[github-actions]

@ramonvermeulen, this PR is waiting for action from you. If no action is taken, this PR will be closed in 14 days.

Please address any comments or change requests, or re-request review from a core reviewer if no action is required.

This notification can be disabled with the disable-automatic-closure label.

[ramonvermeulen]

@slevenick

Sorry! I've been a bit busy and somehow missed your message about the merge conflicts.
Just resolved the merge conflicts, could you maybe run the test suite to see if everything still works as expected?

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes for commit 396c079:

Diff report

Your PR generated the following diffs in downstream repositories:

Repository	Diff Link	Changes
google provider	View Diff	5 files changed, 210 insertions(+), 24 deletions(-)
google-beta provider	View Diff	5 files changed, 216 insertions(+), 30 deletions(-)
terraform-google-conversion	View Diff	2 files changed, 5 insertions(+), 1 deletion(-)

Breaking Change(s) Detected

The following breaking change(s) were detected within your pull request.

• Field iap transitioned from optional+computed to optional google_compute_backend_service - reference

If you believe this detection to be incorrect please raise the concern with your reviewer.
If you intend to make this change you will need to wait for a major release window.
An override-breaking-change label can be added to allow merging.

Test report

Analytics

Total Tests	Passed	Skipped	Affected
1446	1351	93	2

Affected Service Packages

• compute

Learn how VCR tests work

---

Step 1: Replaying Mode

Action taken

Found 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit.

Click here to see the affected tests

• TestAccComputeInstanceFromTemplate_DiskForceAttach
• TestAccComputeSubnetwork_secondaryIpRanges_sendEmpty

View the replaying VCR build log

---

Step 2: Recording Mode

Recording Mode	Replaying Rerun	Test Name
❌ Error · Log	-	TestAccComputeInstanceFromTemplate_DiskForceAttach
❌ Error · Log	-	TestAccComputeSubnetwork_secondaryIpRanges_sendEmpty

Caution

Issues requiring attention before PR completion

🔴 Initial Recording Failed: Some tests failed during the recording step. See the table above for details.

Please address these issues to complete your PR. If you believe these detections are incorrect or unrelated to your change, please raise the concern with your reviewer.

View the recording VCR build log or the debug logs folder for detailed results.

@ramonvermeulen, @slevenick VCR tests complete for 396c079!

[github-actions]

@slevenick This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 2 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 3 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 4 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[slevenick]

/gcbrun

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes for commit 396c079:

Diff report

Your PR generated the following diffs in downstream repositories:

Repository	Diff Link	Changes
google provider	View Diff	5 files changed, 210 insertions(+), 24 deletions(-)
google-beta provider	View Diff	5 files changed, 216 insertions(+), 30 deletions(-)
terraform-google-conversion	View Diff	2 files changed, 5 insertions(+), 1 deletion(-)

Breaking Change(s) Detected

The following breaking change(s) were detected within your pull request.

• Field iap transitioned from optional+computed to optional google_compute_backend_service - reference

If you believe this detection to be incorrect please raise the concern with your reviewer.
If you intend to make this change you will need to wait for a major release window.
An override-breaking-change label can be added to allow merging.

Test report

Analytics

Total Tests	Passed	Skipped	Affected
1475	1382	93	0

Affected Service Packages

• compute

Learn how VCR tests work

---

Step 1: Replaying Mode

🟢 All tests passed in Replaying mode! No Recording was needed.

View the replaying VCR build log

@ramonvermeulen, @slevenick VCR tests complete for 396c079!