From 9e650e179666e4bfda1b53c1abe95aa9719df143 Mon Sep 17 00:00:00 2001
From: Karol Lassak <ingwar@kentik.com>
Date: Wed, 31 May 2023 13:41:42 +0200
Subject: [PATCH] Add support for resource policies

---
 README.md                                 |  2 +-
 lib/vagrant-google/action/run_instance.rb | 15 +++++++++++++--
 lib/vagrant-google/config.rb              |  6 ++++++
 3 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 05c12e9..e6038f4 100644
--- a/README.md
+++ b/README.md
@@ -252,7 +252,7 @@ will pull the most recent CentOS 7 image. For more info, refer to
 * `enable_secure_boot` - For [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm), whether to enable Secure Boot.
 * `enable_vtpm` - For [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm), whether to enable vTPM.
 * `enable_integrity_monitoring` - For [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm), whether to enable Integrity monitoring.
-
+* `resource_policies` - Adds [Resource Policies](https://cloud.google.com/compute/docs/reference/rest/v1/resourcePolicies) to given instance.
 These can be set like typical provider-specific configuration:
 
 ```ruby
diff --git a/lib/vagrant-google/action/run_instance.rb b/lib/vagrant-google/action/run_instance.rb
index 0053ecf..d837c10 100644
--- a/lib/vagrant-google/action/run_instance.rb
+++ b/lib/vagrant-google/action/run_instance.rb
@@ -40,6 +40,7 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
 
           # Get the zone we're going to booting up in
           zone = env[:machine].provider_config.zone
+          region = zone.split('-')[0..1].join('-')
 
           # Get the configs
           zone_config                 = env[:machine].provider_config.get_zone_config(zone)
@@ -75,6 +76,7 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
           enable_display              = zone_config.enable_display
           enable_vtpm                 = zone_config.enable_vtpm
           enable_integrity_monitoring = zone_config.enable_integrity_monitoring
+          resource_policies           = zone_config.resource_policies
 
           # Launch!
           env[:ui].info(I18n.t("vagrant_google.launching_instance"))
@@ -111,6 +113,8 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
           env[:ui].info(" -- Display Device:       #{enable_display}") if enable_display
           env[:ui].info(" -- vTPM:                 #{enable_vtpm}") if enable_vtpm
           env[:ui].info(" -- Integrity Monitoring: #{enable_integrity_monitoring}") if enable_integrity_monitoring
+          env[:ui].info(" -- Resource policies:    #{resource_policies}") if resource_policies != []
+
 
           # Munge image config
           if image_family
@@ -128,7 +132,7 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
           # Munge network configs
           if network != 'default'
             network = "projects/#{network_project_id}/global/networks/#{network}"
-            subnetwork  = "projects/#{network_project_id}/regions/#{zone.split('-')[0..1].join('-')}/subnetworks/#{subnetwork}"
+            subnetwork  = "projects/#{network_project_id}/regions/#{region}/subnetworks/#{subnetwork}"
           else
             network = "global/networks/default"
           end
@@ -164,6 +168,12 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
           # Munge displayDevice config
           display_device = { :enable_display => enable_display }
 
+          resource_policies_urls = []
+          resource_policies.each do |policy|
+            resource_policies_url = "https://compute.googleapis.com/compute/v1/projects/#{project_id}/regions/#{region}/resourcePolicies/#{policy}"
+            resource_policies_urls.push(resource_policies_url)
+          end
+
           begin
             request_start_time = Time.now.to_i
             disk = nil
@@ -295,7 +305,8 @@ def call(env) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
               :disks              => disks,
               :scheduling         => scheduling,
               :service_accounts   => service_accounts,
-              :guest_accelerators => accelerators_url
+              :guest_accelerators => accelerators_url,
+              :resource_policies  => resource_policies_urls
             }
 
             # XXX HACK - only add  of the parameters are set in :shielded_instance_config we need to drop the field from
diff --git a/lib/vagrant-google/config.rb b/lib/vagrant-google/config.rb
index d0bb8bc..4bfd376 100644
--- a/lib/vagrant-google/config.rb
+++ b/lib/vagrant-google/config.rb
@@ -208,6 +208,11 @@ class Config < Vagrant.plugin("2", :config) # rubocop:disable Metrics/ClassLengt
       # @return Boolean
       attr_accessor :enable_integrity_monitoring
 
+      # The list of resource policies for instance.
+      #
+      # @return [Array]
+      attr_accessor :resource_policies
+
       def initialize(zone_specific=false)
         @google_json_key_location    = UNSET_VALUE
         @google_project_id           = UNSET_VALUE
@@ -246,6 +251,7 @@ def initialize(zone_specific=false)
         @enable_display              = UNSET_VALUE
         @enable_vtpm                 = UNSET_VALUE
         @enable_integrity_monitoring = UNSET_VALUE
+        @resource_policies           = []
 
         # Internal state (prefix with __ so they aren't automatically
         # merged)