Fix IAP oauth2_client_id perpetual diff in BackendService and RegionBackendService

[178inaba]

Fixes hashicorp/terraform-provider-google#26378

Problem

When using google_compute_backend_service or google_compute_region_backend_service with IAP enabled and then disabling IAP by removing oauth2_client_id and oauth2_client_secret, every terraform plan produces a perpetual diff:

~ iap {
  - oauth2_client_id = "1234-xxxx.apps.googleusercontent.com" -> null
  }

This happens because the provider's expand function skips sending empty values for oauth2ClientId (guarded by IsEmptyValue), so the API retains the old value and the diff reappears on every plan.

Root Cause

There is an asymmetry between oauth2ClientId and oauth2ClientSecret in the resource YAML definitions. oauth2ClientSecret has send_empty_value: true (added during the handwritten-to-generated migration in #7463), but oauth2ClientId does not. This became a problem when #9581 removed required: true from both fields.

Fix

Added send_empty_value: true to oauth2ClientId in both BackendService.yaml and RegionBackendService.yaml, matching the existing oauth2ClientSecret behavior. A unit test is also included to guard against future regressions.

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

compute: fixed perpetual diff for `oauth2_client_id` in `iap` block of `google_compute_backend_service` and `google_compute_region_backend_service` when disabling IAP

[github-actions]

Googlers: For automatic test runs see go/terraform-auto-test-runs.

@trodge, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 2 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 2 files changed, 2 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 3 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Tests analytics

Total tests: 1380
Passed tests: 1288
Skipped tests: 90
Affected tests: 2

Click here to see the affected service packages

• compute

Action taken

Found 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeBackendService_updateIAPEnabled
• TestAccComputeRegionBackendService_updateIAPEnabled

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeBackendService_updateIAPEnabled [Debug log]
TestAccComputeRegionBackendService_updateIAPEnabled [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test