Adding support for optional watchlist_id in google_chronicle_watchlist resource (#12673) (#8988)

[upstream:8dbff0637f0876d23eb58ff4634df7406f990d94]

Signed-off-by: Modular Magician <magic-modules@google.com>

Author: modular-magician

.changelog/12673.txt

@@ -0,0 +1,3 @@
+```release-note: note
+chronicle: added support for optional `watchlist_id` in `google_chronicle_watchlist` resource.
+```

google-beta/services/chronicle/resource_chronicle_watchlist.go

@@ -93,15 +93,6 @@ Note that it must be at least one character and less than 63 characters
 				ForceNew:    true,
 				Description: `The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2".`,
 			},
-			"watchlist_id": {
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: true,
-				Description: `Optional. The ID to use for the watchlist,
-which will become the final component of the watchlist's resource name.
-This value should be 4-63 characters, and valid characters
-are /a-z-/.`,
-			},
 			"description": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -113,6 +104,16 @@ are /a-z-/.`,
 				Description: `Optional. Weight applied to the risk score for entities
 in this watchlist.
 The default is 1.0 if it is not specified.`,
+			},
+			"watchlist_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+				Optional: true,
+				ForceNew: true,
+				Description: `Optional. The ID to use for the watchlist,
+which will become the final component of the watchlist's resource name.
+This value should be 4-63 characters, and valid characters
+are /a-z-/.`,
 			},
 			"watchlist_user_preferences": {
 				Type:        schema.TypeList,
@@ -215,6 +216,17 @@ func resourceChronicleWatchlistCreate(d *schema.ResourceData, meta interface{})
 	} else if v, ok := d.GetOkExists("watchlist_user_preferences"); !tpgresource.IsEmptyValue(reflect.ValueOf(watchlistUserPreferencesProp)) && (ok || !reflect.DeepEqual(v, watchlistUserPreferencesProp)) {
 		obj["watchlistUserPreferences"] = watchlistUserPreferencesProp
 	}
+	watchlistIdProp, err := expandChronicleWatchlistWatchlistId(d.Get("watchlist_id"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("watchlist_id"); !tpgresource.IsEmptyValue(reflect.ValueOf(watchlistIdProp)) && (ok || !reflect.DeepEqual(v, watchlistIdProp)) {
+		obj["watchlistId"] = watchlistIdProp
+	}
+
+	obj, err = resourceChronicleWatchlistEncoder(d, meta, obj)
+	if err != nil {
+		return err
+	}
 
 	url, err := tpgresource.ReplaceVars(d, config, "{{ChronicleBasePath}}projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists?watchlistId={{watchlist_id}}")
 	if err != nil {
@@ -260,6 +272,14 @@ func resourceChronicleWatchlistCreate(d *schema.ResourceData, meta interface{})
 	}
 	d.SetId(id)
 
+	if tpgresource.IsEmptyValue(reflect.ValueOf(d.Get("watchlist_id"))) {
+		// watchlist id is set by API when unset and required to GET the connection
+		// it is set by reading the "name" field rather than a field in the response
+		if err := d.Set("watchlist_id", flattenChronicleWatchlistWatchlistId("", d, config)); err != nil {
+			return fmt.Errorf("Error reading Watchlist ID: %s", err)
+		}
+	}
+
 	log.Printf("[DEBUG] Finished creating Watchlist %q: %#v", d.Id(), res)
 
 	return resourceChronicleWatchlistRead(d, meta)
@@ -334,6 +354,9 @@ func resourceChronicleWatchlistRead(d *schema.ResourceData, meta interface{}) er
 	if err := d.Set("watchlist_user_preferences", flattenChronicleWatchlistWatchlistUserPreferences(res["watchlistUserPreferences"], d, config)); err != nil {
 		return fmt.Errorf("Error reading Watchlist: %s", err)
 	}
+	if err := d.Set("watchlist_id", flattenChronicleWatchlistWatchlistId(res["watchlistId"], d, config)); err != nil {
+		return fmt.Errorf("Error reading Watchlist: %s", err)
+	}
 
 	return nil
 }
@@ -385,6 +408,11 @@ func resourceChronicleWatchlistUpdate(d *schema.ResourceData, meta interface{})
 		obj["watchlistUserPreferences"] = watchlistUserPreferencesProp
 	}
 
+	obj, err = resourceChronicleWatchlistEncoder(d, meta, obj)
+	if err != nil {
+		return err
+	}
+
 	url, err := tpgresource.ReplaceVars(d, config, "{{ChronicleBasePath}}projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists/{{watchlist_id}}")
 	if err != nil {
 		return err
@@ -628,6 +656,11 @@ func flattenChronicleWatchlistWatchlistUserPreferencesPinned(v interface{}, d *s
 	return v
 }
 
+func flattenChronicleWatchlistWatchlistId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	parts := strings.Split(d.Get("name").(string), "/")
+	return parts[len(parts)-1]
+}
+
 func expandChronicleWatchlistMultiplyingFactor(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }
@@ -696,3 +729,13 @@ func expandChronicleWatchlistWatchlistUserPreferences(v interface{}, d tpgresour
 func expandChronicleWatchlistWatchlistUserPreferencesPinned(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }
+
+func expandChronicleWatchlistWatchlistId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func resourceChronicleWatchlistEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) {
+	// watchlist_id is needed to qualify the URL but cannot be sent in the body
+	delete(obj, "watchlistId")
+	return obj, nil
+}

google-beta/services/chronicle/resource_chronicle_watchlist_generated_test.go

@@ -51,7 +51,7 @@ func TestAccChronicleWatchlist_chronicleWatchlistBasicExample(t *testing.T) {
 				ResourceName:            "google_chronicle_watchlist.example",
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"instance", "location", "watchlist_id"},
+				ImportStateVerifyIgnore: []string{"instance", "location"},
 			},
 		},
 	})
@@ -63,7 +63,48 @@ resource "google_chronicle_watchlist" "example" {
   provider = "google-beta"
   location = "us"
   instance = "%{chronicle_id}"
-  watchlist_id = "tf-test-watchlist-name%{random_suffix}"
+  watchlist_id = "tf-test-watchlist-id%{random_suffix}"
+  description = "tf-test-watchlist-description%{random_suffix}"
+  display_name = "tf_test_watchlist_name%{random_suffix}"
+  multiplying_factor = 1
+  entity_population_mechanism {
+    manual {
+
+    }
+  }
+  watchlist_user_preferences {
+    pinned = true
+  }
+}
+`, context)
+}
+
+func TestAccChronicleWatchlist_chronicleWatchlistWithoutIdExample(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"chronicle_id":  envvar.GetTestChronicleInstanceIdFromEnv(t),
+		"random_suffix": acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		CheckDestroy:             testAccCheckChronicleWatchlistDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccChronicleWatchlist_chronicleWatchlistWithoutIdExample(context),
+			},
+		},
+	})
+}
+
+func testAccChronicleWatchlist_chronicleWatchlistWithoutIdExample(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_chronicle_watchlist" "example" {
+  provider = "google-beta"
+  location = "us"
+  instance = "%{chronicle_id}"
   description = "tf-test-watchlist-description%{random_suffix}"
   display_name = "tf-test-watchlist-name%{random_suffix}"
   multiplying_factor = 1

website/docs/r/chronicle_watchlist.html.markdown

@@ -38,7 +38,28 @@ resource "google_chronicle_watchlist" "example" {
   provider = "google-beta"
   location = "us"
   instance = "00000000-0000-0000-0000-000000000000"
-  watchlist_id = "watchlist-name"
+  watchlist_id = "watchlist-id"
+  description = "watchlist-description"
+  display_name = "watchlist_name"
+  multiplying_factor = 1
+  entity_population_mechanism {
+    manual {
+
+    }
+  }
+  watchlist_user_preferences {
+    pinned = true
+  }
+}
+```
+## Example Usage - Chronicle Watchlist Without Id
+
+
+```hcl
+resource "google_chronicle_watchlist" "example" {
+  provider = "google-beta"
+  location = "us"
+  instance = "00000000-0000-0000-0000-000000000000"
   description = "watchlist-description"
   display_name = "watchlist-name"
   multiplying_factor = 1
@@ -77,13 +98,6 @@ The following arguments are supported:
   (Required)
   The unique identifier for the Chronicle instance, which is the same as the customer ID.
 
-* `watchlist_id` -
-  (Required)
-  Optional. The ID to use for the watchlist,
-  which will become the final component of the watchlist's resource name.
-  This value should be 4-63 characters, and valid characters
-  are /a-z-/.
-
 
 <a name="nested_entity_population_mechanism"></a>The `entity_population_mechanism` block supports:
 
@@ -109,6 +123,13 @@ The following arguments are supported:
   A collection of user preferences for watchlist UI configuration.
   Structure is [documented below](#nested_watchlist_user_preferences).
 
+* `watchlist_id` -
+  (Optional)
+  Optional. The ID to use for the watchlist,
+  which will become the final component of the watchlist's resource name.
+  This value should be 4-63 characters, and valid characters
+  are /a-z-/.
+
 * `project` - (Optional) The ID of the project in which the resource belongs.
     If it is not provided, the provider project is used.