From de704110c9519fe52ead9e6a8c5873bf281a05e5 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Wed, 4 Jan 2023 09:52:06 +0100 Subject: [PATCH 01/15] Update api-gateway tests --- modules/api-gateway/README.md | 28 +++--- tests/modules/api_gateway/examples/basic.yaml | 42 +++++++++ .../api_gateway/examples/create-sa.yaml | 90 +++++++++++++++++++ .../api_gateway/examples/existing-sa.yaml | 71 +++++++++++++++ tests/modules/api_gateway/fixture/main.tf | 26 ------ .../modules/api_gateway/fixture/variables.tf | 55 ------------ tests/modules/api_gateway/test_plan.py | 19 ---- .../modules/organization/examples/basic.yaml | 2 +- 8 files changed, 218 insertions(+), 115 deletions(-) create mode 100644 tests/modules/api_gateway/examples/basic.yaml create mode 100644 tests/modules/api_gateway/examples/create-sa.yaml create mode 100644 tests/modules/api_gateway/examples/existing-sa.yaml delete mode 100644 tests/modules/api_gateway/fixture/main.tf delete mode 100644 tests/modules/api_gateway/fixture/variables.tf delete mode 100644 tests/modules/api_gateway/test_plan.py diff --git a/modules/api-gateway/README.md b/modules/api-gateway/README.md index 0b5fc9283d..d3c16d38cb 100644 --- a/modules/api-gateway/README.md +++ b/modules/api-gateway/README.md @@ -1,4 +1,4 @@ -# Api Gateway +# API Gateway This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources. # Examples @@ -15,46 +15,46 @@ module "gateway" { # ... EOT } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=basic.yaml ``` -## Basic example + customer service account +## Use existing service account ```hcl module "gateway" { source = "./fabric/modules/api-gateway" project_id = "my-project" api_id = "api" region = "europe-west1" - spec = < diff --git a/tests/modules/api_gateway/examples/basic.yaml b/tests/modules/api_gateway/examples/basic.yaml new file mode 100644 index 0000000000..a17fc3ca48 --- /dev/null +++ b/tests/modules/api_gateway/examples/basic.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + gateway_config: [] + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_project_service.service: + disable_dependent_services: true + disable_on_destroy: true + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_gateway: 1 + google_project_service: 1 diff --git a/tests/modules/api_gateway/examples/create-sa.yaml b/tests/modules/api_gateway/examples/create-sa.yaml new file mode 100644 index 0000000000..2c8d7c7638 --- /dev/null +++ b/tests/modules/api_gateway/examples/create-sa.yaml @@ -0,0 +1,90 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + labels: null + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.viewer"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.viewer + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.viewer"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.viewer + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]: + condition: [] + gateway: gw-api + members: + - user:mirene@google.com + project: my-project + region: europe-west1 + role: roles/apigateway.admin + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.viewer"]: + condition: [] + gateway: gw-api + members: + - user:mirene@google.com + project: my-project + region: europe-west1 + role: roles/apigateway.viewer + module.gateway.google_project_service.service: {} + module.gateway.google_service_account.service_account[0]: + account_id: sa-api-cfg-api + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_api_config_iam_binding: 2 + google_api_gateway_api_iam_binding: 2 + google_api_gateway_gateway: 1 + google_api_gateway_gateway_iam_binding: 2 + google_project_service: 1 + google_service_account: 1 diff --git a/tests/modules/api_gateway/examples/existing-sa.yaml b/tests/modules/api_gateway/examples/existing-sa.yaml new file mode 100644 index 0000000000..f0befa79a9 --- /dev/null +++ b/tests/modules/api_gateway/examples/existing-sa.yaml @@ -0,0 +1,71 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + labels: null + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + gateway_config: + - backend_config: + - google_service_account: sa@my-project.iam.gserviceaccount.com + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]: + api: api + api_config: api-cfg-api-8656c6040d6d9ba18a8b9b5f3955c223 + condition: [] + members: + - user:user@example.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:user@example.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]: + condition: [] + gateway: gw-api + members: + - user:user@example.com + project: my-project + region: europe-west1 + role: roles/apigateway.admin + module.gateway.google_project_service.service: + disable_dependent_services: true + disable_on_destroy: true + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_api_config_iam_binding: 1 + google_api_gateway_api_iam_binding: 1 + google_api_gateway_gateway: 1 + google_api_gateway_gateway_iam_binding: 1 + google_project_service: 1 diff --git a/tests/modules/api_gateway/fixture/main.tf b/tests/modules/api_gateway/fixture/main.tf deleted file mode 100644 index d4cd134f26..0000000000 --- a/tests/modules/api_gateway/fixture/main.tf +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "gateway" { - source = "../../../../modules/api-gateway" - api_id = var.api_id - project_id = var.project_id - labels = var.labels - iam = var.iam - region = var.region - spec = var.spec - service_account_create = true -} diff --git a/tests/modules/api_gateway/fixture/variables.tf b/tests/modules/api_gateway/fixture/variables.tf deleted file mode 100644 index 977af921d1..0000000000 --- a/tests/modules/api_gateway/fixture/variables.tf +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "api_id" { - type = string - default = "my-api" -} - -variable "iam" { - type = map(list(string)) - default = null -} - -variable "labels" { - type = map(string) - default = null -} - -variable "project_id" { - type = string - default = "my-project" -} - -variable "region" { - type = string - default = "europe-west1" -} - -variable "service_account_create" { - type = bool - default = true -} - -variable "service_account_email" { - type = string - default = null -} - -variable "spec" { - type = string - default = "Spec contents" -} diff --git a/tests/modules/api_gateway/test_plan.py b/tests/modules/api_gateway/test_plan.py deleted file mode 100644 index 18ecdd3292..0000000000 --- a/tests/modules/api_gateway/test_plan.py +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_resource_count(plan_runner): - "Test number of resources created." - _, resources = plan_runner() - assert len(resources) == 5 diff --git a/tests/modules/organization/examples/basic.yaml b/tests/modules/organization/examples/basic.yaml index 2ba70f40aa..f7b63a1d41 100644 --- a/tests/modules/organization/examples/basic.yaml +++ b/tests/modules/organization/examples/basic.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. From 4897aa7109becfd592b5fd9efc6f392379489f69 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Wed, 18 Jan 2023 12:18:41 +0100 Subject: [PATCH 02/15] bump test suite versions --- tests/requirements.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/requirements.txt b/tests/requirements.txt index a6f82d7509..1e0921c195 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,6 +1,6 @@ -pytest>=6.2.5 +pytest>=7.2.1 PyYAML>=6.0 tftest>=1.8.1 -marko>=1.2.0 -deepdiff>=5.7.0 -python-hcl2>=3.0.5 +marko>=1.2.2 +deepdiff>=6.2.3 +python-hcl2>=4.3.0 From 410b7f5ba3c30ac551d90ca9b0ab036f247fde3c Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 00:00:31 +0100 Subject: [PATCH 03/15] Fix typo in net-vpc DNS policies --- modules/net-vpc/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/net-vpc/main.tf b/modules/net-vpc/main.tf index 7eedc95ac3..d150580174 100644 --- a/modules/net-vpc/main.tf +++ b/modules/net-vpc/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -109,7 +109,7 @@ resource "google_dns_policy" "default" { ) iterator = ns content { - ipv4_address = ns.key + ipv4_address = ns.value forwarding_path = "private" } } @@ -121,7 +121,7 @@ resource "google_dns_policy" "default" { ) iterator = ns content { - ipv4_address = ns.key + ipv4_address = ns.value } } } From fd19e4a923205deff9775494c7c8b96d799b3878 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 00:00:58 +0100 Subject: [PATCH 04/15] add inventories net-vpc examples --- modules/net-vpc/README.md | 14 ++--- .../net_vpc/examples/dns-policies.yaml | 42 +++++++++++++++ tests/modules/net_vpc/examples/peering.yaml | 34 +++++++++++++ .../net_vpc/examples/proxy-only-subnets.yaml | 40 +++++++++++++++ .../modules/net_vpc/examples/psc-routes.yaml | 47 +++++++++++++++++ tests/modules/net_vpc/examples/psc.yaml | 46 +++++++++++++++++ .../modules/net_vpc/examples/shared-vpc.yaml | 51 +++++++++++++++++++ tests/modules/net_vpc/examples/simple.yaml | 50 ++++++++++++++++++ 8 files changed, 317 insertions(+), 7 deletions(-) create mode 100644 tests/modules/net_vpc/examples/dns-policies.yaml create mode 100644 tests/modules/net_vpc/examples/peering.yaml create mode 100644 tests/modules/net_vpc/examples/proxy-only-subnets.yaml create mode 100644 tests/modules/net_vpc/examples/psc-routes.yaml create mode 100644 tests/modules/net_vpc/examples/psc.yaml create mode 100644 tests/modules/net_vpc/examples/shared-vpc.yaml create mode 100644 tests/modules/net_vpc/examples/simple.yaml diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 53361009ee..71884671e1 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -30,7 +30,7 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=simple.yaml ``` ### Peering @@ -65,7 +65,7 @@ module "vpc-spoke-1" { import_routes = true } } -# tftest modules=2 resources=6 +# tftest modules=2 resources=6 inventory=peering.yaml ``` ### Shared VPC @@ -116,7 +116,7 @@ module "vpc-host" { } } } -# tftest modules=1 resources=7 +# tftest modules=1 resources=7 inventory=shared-vpc.yaml ``` ### Private Service Networking @@ -137,7 +137,7 @@ module "vpc" { ranges = { myrange = "10.0.1.0/24" } } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=psc.yaml ``` ### Private Service Networking with peering routes @@ -162,7 +162,7 @@ module "vpc" { import_routes = true } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=psc-routes.yaml ``` ### Subnets for Private Service Connect, Proxy-only subnets @@ -194,7 +194,7 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=proxy-only-subnets.yaml ``` ### DNS Policies @@ -219,7 +219,7 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=dns-policies.yaml ``` ### Subnet Factory diff --git a/tests/modules/net_vpc/examples/dns-policies.yaml b/tests/modules/net_vpc/examples/dns-policies.yaml new file mode 100644 index 0000000000..a30d6408a4 --- /dev/null +++ b/tests/modules/net_vpc/examples/dns-policies.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: {} + module.vpc.google_dns_policy.default[0]: + alternative_name_server_config: + - target_name_servers: + - forwarding_path: '' + ipv4_address: '8.8.8.8' + - forwarding_path: private + ipv4_address: '10.0.0.1' + description: Managed by Terraform + enable_inbound_forwarding: true + enable_logging: null + name: my-network + networks: + - {} + project: my-project + +counts: + google_compute_network: 1 + google_compute_subnetwork: 1 + google_dns_policy: 1 + modules: 1 + resources: 3 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/peering.yaml b/tests/modules/net_vpc/examples/peering.yaml new file mode 100644 index 0000000000..937ce1445e --- /dev/null +++ b/tests/modules/net_vpc/examples/peering.yaml @@ -0,0 +1,34 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc-hub.google_compute_network.network[0]: {} + module.vpc-spoke-1.google_compute_network.network[0]: {} + module.vpc-hub.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {} + module.vpc-spoke-1.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]: {} + module.vpc-spoke-1.google_compute_network_peering.local[0]: + export_custom_routes: false + export_subnet_routes_with_public_ip: true + import_custom_routes: true + import_subnet_routes_with_public_ip: null + module.vpc-spoke-1.google_compute_network_peering.remote[0]: + export_custom_routes: true + export_subnet_routes_with_public_ip: true + import_custom_routes: false + import_subnet_routes_with_public_ip: null + +counts: + google_compute_network: 2 + google_compute_network_peering: 2 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/proxy-only-subnets.yaml b/tests/modules/net_vpc/examples/proxy-only-subnets.yaml new file mode 100644 index 0000000000..6e2069aaa3 --- /dev/null +++ b/tests/modules/net_vpc/examples/proxy-only-subnets.yaml @@ -0,0 +1,40 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.proxy_only["europe-west1/regional-proxy"]: + description: Terraform-managed proxy-only subnet for Regional HTTPS or Internal HTTPS LB. + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: regional-proxy + project: my-project + purpose: REGIONAL_MANAGED_PROXY + region: europe-west1 + role: ACTIVE + module.vpc.google_compute_subnetwork.psc["europe-west1/psc"]: + description: Terraform-managed subnet for Private Service Connect (PSC NAT). + ip_cidr_range: 10.0.3.0/24 + log_config: [] + name: psc + project: my-project + purpose: PRIVATE_SERVICE_CONNECT + region: europe-west1 + role: null + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/psc-routes.yaml b/tests/modules/net_vpc/examples/psc-routes.yaml new file mode 100644 index 0000000000..6f459f4b72 --- /dev/null +++ b/tests/modules/net_vpc/examples/psc-routes.yaml @@ -0,0 +1,47 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_global_address.psa_ranges["myrange"]: + address: 10.0.1.0 + address_type: INTERNAL + description: null + ip_version: null + name: myrange + prefix_length: 24 + project: my-project + purpose: VPC_PEERING + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]: + export_custom_routes: true + import_custom_routes: true + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + ip_cidr_range: 10.0.0.0/24 + name: production + project: my-project + module.vpc.google_service_networking_connection.psa_connection["1"]: + reserved_peering_ranges: + - myrange + service: servicenetworking.googleapis.com + +counts: + google_compute_global_address: 1 + google_compute_network: 1 + google_compute_network_peering_routes_config: 1 + google_compute_subnetwork: 1 + google_service_networking_connection: 1 diff --git a/tests/modules/net_vpc/examples/psc.yaml b/tests/modules/net_vpc/examples/psc.yaml new file mode 100644 index 0000000000..c08fcb453f --- /dev/null +++ b/tests/modules/net_vpc/examples/psc.yaml @@ -0,0 +1,46 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_global_address.psa_ranges["myrange"]: + address: 10.0.1.0 + address_type: INTERNAL + name: myrange + prefix_length: 24 + project: my-project + purpose: VPC_PEERING + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]: + export_custom_routes: false + import_custom_routes: false + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + ip_cidr_range: 10.0.0.0/24 + name: production + project: my-project + module.vpc.google_service_networking_connection.psa_connection["1"]: + reserved_peering_ranges: + - myrange + service: servicenetworking.googleapis.com + +counts: + google_compute_global_address: 1 + google_compute_network: 1 + google_compute_network_peering_routes_config: 1 + google_compute_subnetwork: 1 + google_service_networking_connection: 1 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/shared-vpc.yaml b/tests/modules/net_vpc/examples/shared-vpc.yaml new file mode 100644 index 0000000000..b004e31511 --- /dev/null +++ b/tests/modules/net_vpc/examples/shared-vpc.yaml @@ -0,0 +1,51 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc-host.google_compute_network.network[0]: + name: my-host-network + project: my-project + module.vpc-host.google_compute_shared_vpc_host_project.shared_vpc_host[0]: + project: my-project + module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project1"]: + host_project: my-project + service_project: project1 + module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project2"]: + host_project: my-project + service_project: project2 + module.vpc-host.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {} + module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]: + condition: [] + members: + - serviceAccount:cloudsvc + - serviceAccount:gke + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-1 + module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.securityAdmin"]: + condition: [] + members: + - serviceAccount:gke + project: my-project + region: europe-west1 + role: roles/compute.securityAdmin + subnetwork: subnet-1 + +counts: + google_compute_network: 1 + google_compute_shared_vpc_host_project: 1 + google_compute_shared_vpc_service_project: 2 + google_compute_subnetwork: 1 + google_compute_subnetwork_iam_binding: 2 diff --git a/tests/modules/net_vpc/examples/simple.yaml b/tests/modules/net_vpc/examples/simple.yaml new file mode 100644 index 0000000000..799852c02f --- /dev/null +++ b/tests/modules/net_vpc/examples/simple.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + auto_create_subnetworks: false + delete_default_routes_on_create: false + description: Terraform-managed. + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + description: Terraform-managed. + ip_cidr_range: 10.0.0.0/24 + log_config: [] + name: production + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 172.16.0.0/20 + range_name: pods + - ip_cidr_range: 192.168.0.0/24 + range_name: services + module.vpc.google_compute_subnetwork.subnetwork["europe-west2/production"]: + description: Terraform-managed. + ip_cidr_range: 10.0.16.0/24 + log_config: [] + name: production + private_ip_google_access: true + project: my-project + region: europe-west2 + role: null + secondary_ip_range: [] + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 From 12f07ebeac446e618e5696664556daf0eb4b2392 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 00:29:16 +0100 Subject: [PATCH 05/15] Extend net-vpc README with more tested examples --- modules/net-vpc/README.md | 81 ++++++++++++ tests/examples/test_plan.py | 10 +- .../modules/net_vpc/examples/subnet-iam.yaml | 54 ++++++++ .../net_vpc/examples/subnet-options.yaml | 70 ++++++++++ tests/modules/net_vpc/fixture/main.tf | 30 ----- .../net_vpc/fixture/test.subnets.tfvars | 44 ------- tests/modules/net_vpc/fixture/variables.tf | 101 --------------- tests/modules/net_vpc/peering.tfvars | 5 - tests/modules/net_vpc/peering.yaml | 47 ------- tests/modules/net_vpc/psa_simple.tfvars | 7 - tests/modules/net_vpc/psa_simple.yaml | 70 ---------- tests/modules/net_vpc/simple.tfvars | 1 - tests/modules/net_vpc/simple.yaml | 36 ------ tests/modules/net_vpc/subnets.tfvars | 44 ------- tests/modules/net_vpc/subnets.yaml | 120 ------------------ tests/modules/net_vpc/tftest.yaml | 6 +- 16 files changed, 211 insertions(+), 515 deletions(-) create mode 100644 tests/modules/net_vpc/examples/subnet-iam.yaml create mode 100644 tests/modules/net_vpc/examples/subnet-options.yaml delete mode 100644 tests/modules/net_vpc/fixture/main.tf delete mode 100644 tests/modules/net_vpc/fixture/test.subnets.tfvars delete mode 100644 tests/modules/net_vpc/fixture/variables.tf delete mode 100644 tests/modules/net_vpc/peering.tfvars delete mode 100644 tests/modules/net_vpc/peering.yaml delete mode 100644 tests/modules/net_vpc/psa_simple.tfvars delete mode 100644 tests/modules/net_vpc/psa_simple.yaml delete mode 100644 tests/modules/net_vpc/simple.tfvars delete mode 100644 tests/modules/net_vpc/simple.yaml delete mode 100644 tests/modules/net_vpc/subnets.tfvars delete mode 100644 tests/modules/net_vpc/subnets.yaml diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 71884671e1..5a9013780d 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -33,6 +33,87 @@ module "vpc" { # tftest modules=1 resources=3 inventory=simple.yaml ``` +### Subnet Options +```hcl +module "vpc" { + source = "./fabric/modules/net-vpc" + project_id = "my-project" + name = "my-network" + subnets = [ + # simple subnet + { + name = "simple" + region = "europe-west1" + ip_cidr_range = "10.0.0.0/24" + }, + # custom description and PGA disabled + { + name = "no-pga" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24", + description = "Subnet b" + enable_private_access = false + }, + # secondary ranges + { + name = "with-secondary-ranges" + region = "europe-west1" + ip_cidr_range = "10.0.2.0/24" + secondary_ip_ranges = { + a = "192.168.0.0/24" + b = "192.168.1.0/24" + } + }, + # enable flow logs + { + name = "with-flow-logs" + region = "europe-west1" + ip_cidr_range = "10.0.3.0/24" + flow_logs_config = { + flow_sampling = 0.5 + aggregation_interval = "INTERVAL_10_MIN" + } + } + ] +} +# tftest modules=1 resources=5 inventory=subnet-options.yaml +``` + +### Subnet IAM + +```hcl +module "vpc" { + source = "./fabric/modules/net-vpc" + project_id = "my-project" + name = "my-network" + subnets = [ + { + name = "subnet-1" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24" + }, + { + name = "subnet-2" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24" + } + ] + subnet_iam = { + "europe-west1/subnet-1" = { + "roles/compute.networkUser" = [ + "user:user1@example.com", "group:group1@example.com" + ] + } + "europe-west1/subnet-2" = { + "roles/compute.networkUser" = [ + "user:user2@example.com", "group:group2@example.com" + ] + } + } +} +# tftest modules=1 resources=5 inventory=subnet-iam.yaml +``` + ### Peering A single peering can be configured for the VPC, so as to allow management of simple scenarios, and more complex configurations like hub and spoke by defining the peering configuration on the spoke VPCs. Care must be taken so as a single peering is created/changed/destroyed at a time, due to the specific behaviour of the peering API calls. diff --git a/tests/examples/test_plan.py b/tests/examples/test_plan.py index 5f902cbe7e..2dd42a7ad6 100644 --- a/tests/examples/test_plan.py +++ b/tests/examples/test_plan.py @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -49,10 +49,10 @@ def test_example(plan_validator, tmp_path, example): summary = plan_validator(module_path=tmp_path, inventory_paths=inventory, tf_var_files=[]) - import yaml - print(yaml.dump({"values": summary.values})) - print(yaml.dump({"counts": summary.counts})) - print(yaml.dump({"outputs": summary.outputs})) + # import yaml + # print(yaml.dump({"values": summary.values})) + # print(yaml.dump({"counts": summary.counts})) + # print(yaml.dump({"outputs": summary.outputs})) counts = summary.counts num_modules, num_resources = counts['modules'], counts['resources'] diff --git a/tests/modules/net_vpc/examples/subnet-iam.yaml b/tests/modules/net_vpc/examples/subnet-iam.yaml new file mode 100644 index 0000000000..cb53ecd80a --- /dev/null +++ b/tests/modules/net_vpc/examples/subnet-iam.yaml @@ -0,0 +1,54 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: + name: subnet-1 + project: my-project + region: europe-west1 + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]: + name: subnet-2 + private_ip_google_access: true + project: my-project + region: europe-west1 + module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]: + condition: [] + members: + - group:group1@example.com + - user:user1@example.com + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-1 + module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-2.roles/compute.networkUser"]: + condition: [] + members: + - group:group2@example.com + - user:user2@example.com + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-2 + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 + google_compute_subnetwork_iam_binding: 2 + modules: 1 + resources: 5 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/subnet-options.yaml b/tests/modules/net_vpc/examples/subnet-options.yaml new file mode 100644 index 0000000000..e3cea5ca64 --- /dev/null +++ b/tests/modules/net_vpc/examples/subnet-options.yaml @@ -0,0 +1,70 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/no-pga"]: + description: Subnet b + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: no-pga + private_ip_google_access: false + project: my-project + region: europe-west1 + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/simple"]: + description: Terraform-managed. + ip_cidr_range: 10.0.0.0/24 + log_config: [] + name: simple + private_ip_google_access: true + project: my-project + region: europe-west1 + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-flow-logs"]: + description: Terraform-managed. + ip_cidr_range: 10.0.3.0/24 + ipv6_access_type: null + log_config: + - aggregation_interval: INTERVAL_10_MIN + filter_expr: 'true' + flow_sampling: 0.5 + metadata: INCLUDE_ALL_METADATA + metadata_fields: null + name: with-flow-logs + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-secondary-ranges"]: + description: Terraform-managed. + ip_cidr_range: 10.0.2.0/24 + log_config: [] + name: with-secondary-ranges + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 192.168.0.0/24 + range_name: a + - ip_cidr_range: 192.168.1.0/24 + range_name: b + +counts: + google_compute_network: 1 + google_compute_subnetwork: 4 diff --git a/tests/modules/net_vpc/fixture/main.tf b/tests/modules/net_vpc/fixture/main.tf deleted file mode 100644 index f0e4696e0c..0000000000 --- a/tests/modules/net_vpc/fixture/main.tf +++ /dev/null @@ -1,30 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/net-vpc" - project_id = "test-project" - name = "test" - peering_config = var.peering_config - routes = var.routes - shared_vpc_host = var.shared_vpc_host - shared_vpc_service_projects = var.shared_vpc_service_projects - subnet_iam = var.subnet_iam - subnets = var.subnets - auto_create_subnetworks = var.auto_create_subnetworks - psa_config = var.psa_config - data_folder = var.data_folder -} diff --git a/tests/modules/net_vpc/fixture/test.subnets.tfvars b/tests/modules/net_vpc/fixture/test.subnets.tfvars deleted file mode 100644 index 499e498f4e..0000000000 --- a/tests/modules/net_vpc/fixture/test.subnets.tfvars +++ /dev/null @@ -1,44 +0,0 @@ -subnet_iam = { - "europe-west1/a" = { - "roles/compute.networkUser" = [ - "user:a@example.com", "group:g-a@example.com" - ] - } - "europe-west1/c" = { - "roles/compute.networkUser" = [ - "user:c@example.com", "group:g-c@example.com" - ] - } -} -subnets = [ - { - name = "a" - region = "europe-west1" - ip_cidr_range = "10.0.0.0/24" - }, - { - name = "b" - region = "europe-west1" - ip_cidr_range = "10.0.1.0/24", - description = "Subnet b" - enable_private_access = false - }, - { - name = "c" - region = "europe-west1" - ip_cidr_range = "10.0.2.0/24" - secondary_ip_ranges = { - a = "192.168.0.0/24" - b = "192.168.1.0/24" - } - }, - { - name = "d" - region = "europe-west1" - ip_cidr_range = "10.0.3.0/24" - flow_logs_config = { - flow_sampling = 0.5 - aggregation_interval = "INTERVAL_10_MIN" - } - } -] diff --git a/tests/modules/net_vpc/fixture/variables.tf b/tests/modules/net_vpc/fixture/variables.tf deleted file mode 100644 index 868966c8b1..0000000000 --- a/tests/modules/net_vpc/fixture/variables.tf +++ /dev/null @@ -1,101 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "auto_create_subnetworks" { - type = bool - default = false -} - -variable "data_folder" { - type = string - default = null -} - -variable "delete_default_routes_on_create" { - type = bool - default = false -} - -variable "description" { - type = string - default = "Terraform-managed." -} - -variable "dns_policy" { - type = any - default = null -} - -variable "mtu" { - type = number - default = null -} - -variable "peering_config" { - type = any - default = null -} - -variable "psa_config" { - type = any - default = null -} - -variable "routes" { - type = any - default = {} - nullable = false -} - -variable "routing_mode" { - type = string - default = "GLOBAL" -} - -variable "shared_vpc_host" { - type = bool - default = false -} - -variable "shared_vpc_service_projects" { - type = list(string) - default = [] -} - -variable "subnets" { - type = any - default = [] -} - -variable "subnet_iam" { - type = map(map(list(string))) - default = {} -} - -variable "subnets_proxy_only" { - type = any - default = [] -} - -variable "subnets_psc" { - type = any - default = [] -} - -variable "vpc_create" { - type = bool - default = true -} diff --git a/tests/modules/net_vpc/peering.tfvars b/tests/modules/net_vpc/peering.tfvars deleted file mode 100644 index eccd7ae719..0000000000 --- a/tests/modules/net_vpc/peering.tfvars +++ /dev/null @@ -1,5 +0,0 @@ -peering_config = { - peer_vpc_self_link = "projects/my-project/global/networks/peer" - export_routes = true - import_routes = null -} diff --git a/tests/modules/net_vpc/peering.yaml b/tests/modules/net_vpc/peering.yaml deleted file mode 100644 index 8d0bbed717..0000000000 --- a/tests/modules/net_vpc/peering.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL - google_compute_network_peering.local[0]: - export_custom_routes: true - import_custom_routes: false - name: test-peer - peer_network: projects/my-project/global/networks/peer - google_compute_network_peering.remote[0]: - export_custom_routes: false - import_custom_routes: true - name: peer-test - network: projects/my-project/global/networks/peer - -counts: - google_compute_network: 1 - google_compute_network_peering: 2 - -outputs: - bindings: {} - project_id: test-project - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/psa_simple.tfvars b/tests/modules/net_vpc/psa_simple.tfvars deleted file mode 100644 index 51289fe04d..0000000000 --- a/tests/modules/net_vpc/psa_simple.tfvars +++ /dev/null @@ -1,7 +0,0 @@ -psa_config = { - ranges = { - bar = "172.16.100.0/24" - foo = "172.16.101.0/24" - } - routes = null -} diff --git a/tests/modules/net_vpc/psa_simple.yaml b/tests/modules/net_vpc/psa_simple.yaml deleted file mode 100644 index 019b443fa1..0000000000 --- a/tests/modules/net_vpc/psa_simple.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_global_address.psa_ranges["bar"]: - address: 172.16.100.0 - address_type: INTERNAL - description: null - ip_version: null - name: bar - prefix_length: 24 - project: test-project - purpose: VPC_PEERING - google_compute_global_address.psa_ranges["foo"]: - address: 172.16.101.0 - address_type: INTERNAL - description: null - ip_version: null - name: foo - prefix_length: 24 - project: test-project - purpose: VPC_PEERING - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - enable_ula_internal_ipv6: null - name: test - project: test-project - routing_mode: GLOBAL - google_compute_network_peering_routes_config.psa_routes["1"]: - export_custom_routes: false - import_custom_routes: false - project: test-project - google_service_networking_connection.psa_connection["1"]: - reserved_peering_ranges: - - bar - - foo - service: servicenetworking.googleapis.com - -counts: - google_compute_global_address: 2 - google_compute_network: 1 - google_compute_network_peering_routes_config: 1 - google_service_networking_connection: 1 - -outputs: - bindings: {} - name: __missing__ - network: __missing__ - project_id: test-project - self_link: __missing__ - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/simple.tfvars b/tests/modules/net_vpc/simple.tfvars deleted file mode 100644 index 6f848aa990..0000000000 --- a/tests/modules/net_vpc/simple.tfvars +++ /dev/null @@ -1 +0,0 @@ -# skip boilerplate check diff --git a/tests/modules/net_vpc/simple.yaml b/tests/modules/net_vpc/simple.yaml deleted file mode 100644 index 004be7ecf7..0000000000 --- a/tests/modules/net_vpc/simple.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL - -counts: - google_compute_network: 1 - -outputs: - bindings: {} - project_id: test-project - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/subnets.tfvars b/tests/modules/net_vpc/subnets.tfvars deleted file mode 100644 index 499e498f4e..0000000000 --- a/tests/modules/net_vpc/subnets.tfvars +++ /dev/null @@ -1,44 +0,0 @@ -subnet_iam = { - "europe-west1/a" = { - "roles/compute.networkUser" = [ - "user:a@example.com", "group:g-a@example.com" - ] - } - "europe-west1/c" = { - "roles/compute.networkUser" = [ - "user:c@example.com", "group:g-c@example.com" - ] - } -} -subnets = [ - { - name = "a" - region = "europe-west1" - ip_cidr_range = "10.0.0.0/24" - }, - { - name = "b" - region = "europe-west1" - ip_cidr_range = "10.0.1.0/24", - description = "Subnet b" - enable_private_access = false - }, - { - name = "c" - region = "europe-west1" - ip_cidr_range = "10.0.2.0/24" - secondary_ip_ranges = { - a = "192.168.0.0/24" - b = "192.168.1.0/24" - } - }, - { - name = "d" - region = "europe-west1" - ip_cidr_range = "10.0.3.0/24" - flow_logs_config = { - flow_sampling = 0.5 - aggregation_interval = "INTERVAL_10_MIN" - } - } -] diff --git a/tests/modules/net_vpc/subnets.yaml b/tests/modules/net_vpc/subnets.yaml deleted file mode 100644 index 9ccf31e601..0000000000 --- a/tests/modules/net_vpc/subnets.yaml +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL - google_compute_subnetwork.subnetwork["europe-west1/a"]: - description: Terraform-managed. - ip_cidr_range: 10.0.0.0/24 - log_config: [] - name: a - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork.subnetwork["europe-west1/b"]: - description: Subnet b - ip_cidr_range: 10.0.1.0/24 - log_config: [] - name: b - private_ip_google_access: false - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork.subnetwork["europe-west1/c"]: - description: Terraform-managed. - ip_cidr_range: 10.0.2.0/24 - ipv6_access_type: null - log_config: [] - name: c - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: - - ip_cidr_range: 192.168.0.0/24 - range_name: a - - ip_cidr_range: 192.168.1.0/24 - range_name: b - google_compute_subnetwork.subnetwork["europe-west1/d"]: - description: Terraform-managed. - ip_cidr_range: 10.0.3.0/24 - log_config: - - aggregation_interval: INTERVAL_10_MIN - filter_expr: 'true' - flow_sampling: 0.5 - metadata: INCLUDE_ALL_METADATA - metadata_fields: null - name: d - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork_iam_binding.binding["europe-west1/a.roles/compute.networkUser"]: - condition: [] - members: - - group:g-a@example.com - - user:a@example.com - project: test-project - region: europe-west1 - role: roles/compute.networkUser - subnetwork: a - google_compute_subnetwork_iam_binding.binding["europe-west1/c.roles/compute.networkUser"]: - condition: [] - members: - - group:g-c@example.com - - user:c@example.com - project: test-project - region: europe-west1 - role: roles/compute.networkUser - subnetwork: c - -counts: - google_compute_network: 1 - google_compute_subnetwork: 4 - google_compute_subnetwork_iam_binding: 2 - -outputs: - bindings: __missing__ - project_id: test-project - subnet_ips: - europe-west1/a: 10.0.0.0/24 - europe-west1/b: 10.0.1.0/24 - europe-west1/c: 10.0.2.0/24 - europe-west1/d: 10.0.3.0/24 - subnet_regions: - europe-west1/a: europe-west1 - europe-west1/b: europe-west1 - europe-west1/c: europe-west1 - europe-west1/d: europe-west1 - subnet_secondary_ranges: - europe-west1/a: {} - europe-west1/b: {} - europe-west1/c: - a: 192.168.0.0/24 - b: 192.168.1.0/24 - europe-west1/d: {} - subnet_self_links: __missing__ - subnets: __missing__ - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/tftest.yaml b/tests/modules/net_vpc/tftest.yaml index b2b09798ba..c0dfa0adb6 100644 --- a/tests/modules/net_vpc/tftest.yaml +++ b/tests/modules/net_vpc/tftest.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,12 +17,8 @@ common_tfvars: - common.tfvars tests: - simple: - subnets: - peering: shared_vpc: factory: - psa_simple: psa_routes_export: psa_routes_import: psa_routes_import_export: From a0cb67e1f4498d42198fa5a64c43c7d2c9fc5e5e Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 00:44:30 +0100 Subject: [PATCH 06/15] Add inventories to gcs examples --- modules/gcs/README.md | 37 ++++++--------- tests/modules/gcs/common.tfvars | 13 ------ .../gcs/{tftest.yaml => examples/cmek.yaml} | 17 ++++--- .../{prefix.yaml => examples/lifecycle.yaml} | 46 ++++++++----------- tests/modules/gcs/examples/notification.yaml | 31 +++++++++++++ .../retention-logging.yaml} | 22 ++++----- tests/modules/gcs/examples/simple.yaml | 46 +++++++++++++++++++ tests/modules/gcs/iam.tfvars | 3 -- tests/modules/gcs/prefix.tfvars | 1 - 9 files changed, 130 insertions(+), 86 deletions(-) delete mode 100644 tests/modules/gcs/common.tfvars rename tests/modules/gcs/{tftest.yaml => examples/cmek.yaml} (71%) rename tests/modules/gcs/{prefix.yaml => examples/lifecycle.yaml} (51%) create mode 100644 tests/modules/gcs/examples/notification.yaml rename tests/modules/gcs/{iam.yaml => examples/retention-logging.yaml} (65%) create mode 100644 tests/modules/gcs/examples/simple.yaml delete mode 100644 tests/modules/gcs/iam.tfvars delete mode 100644 tests/modules/gcs/prefix.tfvars diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 439b4522d9..07c5a6d7bf 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -8,50 +8,46 @@ module "bucket" { project_id = "myproject" prefix = "test" name = "my-bucket" + versioning = true iam = { "roles/storage.admin" = ["group:storage@example.com"] } + labels = { + cost-center = "devops" + } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=simple.yaml ``` ### Example with Cloud KMS ```hcl module "bucket" { - source = "./fabric/modules/gcs" - project_id = "myproject" - prefix = "test" - name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } + source = "./fabric/modules/gcs" + project_id = "myproject" + name = "my-bucket" encryption_key = "my-encryption-key" } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=cmek.yaml ``` -### Example with retention policy +### Example with retention policy and logging ```hcl module "bucket" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } retention_policy = { retention_period = 100 is_locked = true } logging_config = { - log_bucket = var.bucket + log_bucket = "log-bucket" log_object_prefix = null } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=retention-logging.yaml ``` ### Example with lifecycle rule @@ -60,11 +56,7 @@ module "bucket" { module "bucket" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } lifecycle_rules = { lr-0 = { action = { @@ -77,7 +69,7 @@ module "bucket" { } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=lifecycle.yaml ``` ### Minimal example with GCS notifications @@ -86,7 +78,6 @@ module "bucket" { module "bucket-gcs-notification" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" notification_config = { enabled = true @@ -97,7 +88,7 @@ module "bucket-gcs-notification" { custom_attributes = {} } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=notification.yaml ``` diff --git a/tests/modules/gcs/common.tfvars b/tests/modules/gcs/common.tfvars deleted file mode 100644 index 5bab53b250..0000000000 --- a/tests/modules/gcs/common.tfvars +++ /dev/null @@ -1,13 +0,0 @@ -force_destroy = true -labels = { environment = "test" } -logging_config = { - log_bucket = "foo" -} -name = "test" -project_id = "test-project" -retention_policy = { - retention_period = 5 - is_locked = false -} -storage_class = "MULTI_REGIONAL" -versioning = true diff --git a/tests/modules/gcs/tftest.yaml b/tests/modules/gcs/examples/cmek.yaml similarity index 71% rename from tests/modules/gcs/tftest.yaml rename to tests/modules/gcs/examples/cmek.yaml index 22337d18db..ee92a5d22c 100644 --- a/tests/modules/gcs/tftest.yaml +++ b/tests/modules/gcs/examples/cmek.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,9 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -module: modules/gcs -common_tfvars: - - common.tfvars -tests: - prefix: - iam: +values: + module.bucket.google_storage_bucket.bucket: + encryption: + - default_kms_key_name: my-encryption-key + name: my-bucket + project: myproject + +counts: + google_storage_bucket: 1 diff --git a/tests/modules/gcs/prefix.yaml b/tests/modules/gcs/examples/lifecycle.yaml similarity index 51% rename from tests/modules/gcs/prefix.yaml rename to tests/modules/gcs/examples/lifecycle.yaml index 6baee4a153..69eeea41f3 100644 --- a/tests/modules/gcs/prefix.yaml +++ b/tests/modules/gcs/examples/lifecycle.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,32 +13,26 @@ # limitations under the License. values: - google_storage_bucket.bucket: - force_destroy: true - labels: - environment: test - location: EU - logging: - - log_bucket: foo - name: foo-test - project: test-project - retention_policy: - - is_locked: false - retention_period: 5 - storage_class: MULTI_REGIONAL - uniform_bucket_level_access: true - versioning: - - enabled: true + module.bucket.google_storage_bucket.bucket: + lifecycle_rule: + - action: + - storage_class: STANDARD + type: SetStorageClass + condition: + - age: 30 + created_before: '' + custom_time_before: '' + days_since_custom_time: null + days_since_noncurrent_time: null + matches_prefix: [] + matches_storage_class: [] + matches_suffix: [] + noncurrent_time_before: '' + num_newer_versions: null + name: my-bucket + project: myproject counts: google_storage_bucket: 1 - modules: 0 - resources: 1 -outputs: - bucket: __missing__ - id: foo-test - name: foo-test - notification: null - topic: null - url: __missing__ +outputs: {} diff --git a/tests/modules/gcs/examples/notification.yaml b/tests/modules/gcs/examples/notification.yaml new file mode 100644 index 0000000000..9536e89b4b --- /dev/null +++ b/tests/modules/gcs/examples/notification.yaml @@ -0,0 +1,31 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket-gcs-notification.google_pubsub_topic.topic[0]: {} + module.bucket-gcs-notification.google_pubsub_topic_iam_binding.binding[0]: {} + module.bucket-gcs-notification.google_storage_bucket.bucket: + name: my-bucket + project: myproject + module.bucket-gcs-notification.google_storage_notification.notification[0]: + bucket: my-bucket + event_types: + - OBJECT_FINALIZE + payload_format: JSON_API_V1 + +counts: + google_pubsub_topic: 1 + google_pubsub_topic_iam_binding: 1 + google_storage_bucket: 1 + google_storage_notification: 1 diff --git a/tests/modules/gcs/iam.yaml b/tests/modules/gcs/examples/retention-logging.yaml similarity index 65% rename from tests/modules/gcs/iam.yaml rename to tests/modules/gcs/examples/retention-logging.yaml index 8a85a4bd64..962414207a 100644 --- a/tests/modules/gcs/iam.yaml +++ b/tests/modules/gcs/examples/retention-logging.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,14 @@ # limitations under the License. values: - google_storage_bucket.bucket: - name: test - - google_storage_bucket_iam_binding.bindings["roles/storage.admin"]: - bucket: test - condition: [] - members: - - user:a@example.org - role: roles/storage.admin + module.bucket.google_storage_bucket.bucket: + logging: + - log_bucket: log-bucket + name: my-bucket + project: myproject + retention_policy: + - is_locked: true + retention_period: 100 counts: google_storage_bucket: 1 - google_storage_bucket_iam_binding: 1 - modules: 0 - resources: 2 diff --git a/tests/modules/gcs/examples/simple.yaml b/tests/modules/gcs/examples/simple.yaml new file mode 100644 index 0000000000..bc2630b872 --- /dev/null +++ b/tests/modules/gcs/examples/simple.yaml @@ -0,0 +1,46 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket.google_storage_bucket.bucket: + autoclass: [] + cors: [] + custom_placement_config: [] + default_event_based_hold: null + encryption: [] + force_destroy: false + labels: + cost-center: devops + lifecycle_rule: [] + location: EU + logging: [] + name: test-my-bucket + project: myproject + requester_pays: null + retention_policy: [] + storage_class: MULTI_REGIONAL + timeouts: null + uniform_bucket_level_access: true + versioning: + - enabled: true + module.bucket.google_storage_bucket_iam_binding.bindings["roles/storage.admin"]: + bucket: test-my-bucket + condition: [] + members: + - group:storage@example.com + role: roles/storage.admin + +counts: + google_storage_bucket: 1 + google_storage_bucket_iam_binding: 1 diff --git a/tests/modules/gcs/iam.tfvars b/tests/modules/gcs/iam.tfvars deleted file mode 100644 index cfb3a01485..0000000000 --- a/tests/modules/gcs/iam.tfvars +++ /dev/null @@ -1,3 +0,0 @@ -iam = { - "roles/storage.admin" = ["user:a@example.org"] -} diff --git a/tests/modules/gcs/prefix.tfvars b/tests/modules/gcs/prefix.tfvars deleted file mode 100644 index 0031d561d4..0000000000 --- a/tests/modules/gcs/prefix.tfvars +++ /dev/null @@ -1 +0,0 @@ -prefix = "foo" From 2aad7845a4f868bdee1b5d55a2f82e5f74e04515 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 11:20:00 +0100 Subject: [PATCH 07/15] Allow dashes and underscores in tftest file ids --- tests/examples/conftest.py | 4 ++-- tests/examples/test_plan.py | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/examples/conftest.py b/tests/examples/conftest.py index 16863e26de..4d3d85ee69 100644 --- a/tests/examples/conftest.py +++ b/tests/examples/conftest.py @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ FABRIC_ROOT = Path(__file__).parents[2] -FILE_TEST_RE = re.compile(r'# tftest-file +id=(\w+) +path=([\S]+)') +FILE_TEST_RE = re.compile(r'# tftest-file +id=([\w_.-]+) +path=([\S]+)') Example = collections.namedtuple('Example', 'name code module files') File = collections.namedtuple('File', 'path content') diff --git a/tests/examples/test_plan.py b/tests/examples/test_plan.py index 2dd42a7ad6..261276f737 100644 --- a/tests/examples/test_plan.py +++ b/tests/examples/test_plan.py @@ -18,7 +18,7 @@ BASE_PATH = Path(__file__).parent COUNT_TEST_RE = re.compile(r'# tftest +modules=(\d+) +resources=(\d+)' + - r'(?: +files=([\w,-.]+))?' + + r'(?: +files=([\w,_-]+))?' + r'(?: +inventory=([\w\-.]+))?') @@ -49,10 +49,10 @@ def test_example(plan_validator, tmp_path, example): summary = plan_validator(module_path=tmp_path, inventory_paths=inventory, tf_var_files=[]) - # import yaml - # print(yaml.dump({"values": summary.values})) - # print(yaml.dump({"counts": summary.counts})) - # print(yaml.dump({"outputs": summary.outputs})) + import yaml + print(yaml.dump({"values": summary.values})) + print(yaml.dump({"counts": summary.counts})) + print(yaml.dump({"outputs": summary.outputs})) counts = summary.counts num_modules, num_resources = counts['modules'], counts['resources'] From a12089ef8cc68b9e0dce58114c3befafe019e942 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 11:20:38 +0100 Subject: [PATCH 08/15] Move VPC factory and route tests to examples. --- modules/net-vpc/README.md | 49 +++++- .../modules/net_vpc/data/factory-subnet.yaml | 23 --- .../modules/net_vpc/data/factory-subnet2.yaml | 17 -- tests/modules/net_vpc/examples/factory.yaml | 50 ++++++ tests/modules/net_vpc/examples/routes.yaml | 146 ++++++++++++++++++ tests/modules/net_vpc/factory.tfvars | 1 - tests/modules/net_vpc/factory.yaml | 44 ------ tests/modules/net_vpc/test_routes.py | 47 ------ tests/modules/net_vpc/tftest.yaml | 1 - 9 files changed, 243 insertions(+), 135 deletions(-) delete mode 100644 tests/modules/net_vpc/data/factory-subnet.yaml delete mode 100644 tests/modules/net_vpc/data/factory-subnet2.yaml create mode 100644 tests/modules/net_vpc/examples/factory.yaml create mode 100644 tests/modules/net_vpc/examples/routes.yaml delete mode 100644 tests/modules/net_vpc/factory.tfvars delete mode 100644 tests/modules/net_vpc/factory.yaml delete mode 100644 tests/modules/net_vpc/test_routes.py diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 5a9013780d..002c738d82 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -314,11 +314,17 @@ module "vpc" { name = "my-network" data_folder = "config/subnets" } -# tftest modules=1 resources=2 files=subnets +# tftest modules=1 resources=3 files=subnet-simple,subnet-detailed inventory=factory.yaml ``` ```yaml -# tftest-file id=subnets path=config/subnets/subnet-name.yaml +# tftest-file id=subnet-simple path=config/subnets/subnet-simple.yaml +region: europe-west4 +ip_cidr_range: 10.0.1.0/24 +``` + +```yaml +# tftest-file id=subnet-detailed path=config/subnets/subnet-detailed.yaml region: europe-west1 description: Sample description ip_cidr_range: 10.0.0.0/24 @@ -337,6 +343,45 @@ flow_logs: # enable, set to empty map to use defaults ``` +### Custom Routes + +VPC routes can be configured through the `routes` variable. + +```hcl +locals { + route_types = { + gateway = "global/gateways/default-internet-gateway" + instance = "zones/europe-west1-b/test" + ip = "192.168.0.128" + ilb = "regions/europe-west1/forwardingRules/test" + vpn_tunnel = "regions/europe-west1/vpnTunnels/foo" + } +} +module "vpc" { + source = "./fabric/modules/net-vpc" + for_each = local.route_types + project_id = "my-project" + name = "my-network-with-route-${replace(each.key, "_", "-")}" + routes = { + next-hop = { + dest_range = "192.168.128.0/24" + tags = null + next_hop_type = each.key + next_hop = each.value + } + gateway = { + dest_range = "0.0.0.0/0", + priority = 100 + tags = ["tag-a"] + next_hop_type = "gateway", + next_hop = "global/gateways/default-internet-gateway" + } + } +} +# tftest modules=5 resources=15 inventory=routes.yaml +``` + + ## Variables | name | description | type | required | default | diff --git a/tests/modules/net_vpc/data/factory-subnet.yaml b/tests/modules/net_vpc/data/factory-subnet.yaml deleted file mode 100644 index d0f4bd8f1e..0000000000 --- a/tests/modules/net_vpc/data/factory-subnet.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -region: europe-west1 -description: Sample description -ip_cidr_range: 10.128.0.0/24 -enable_private_access: false -iam_users: ["foobar@example.com"] -iam_groups: ["lorem@example.com"] -iam_service_accounts: ["foobar@project-id.iam.gserviceaccount.com"] -secondary_ip_ranges: - secondary-range-a: 192.168.128.0/24 diff --git a/tests/modules/net_vpc/data/factory-subnet2.yaml b/tests/modules/net_vpc/data/factory-subnet2.yaml deleted file mode 100644 index e110c16251..0000000000 --- a/tests/modules/net_vpc/data/factory-subnet2.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -region: europe-west4 -description: Sample description -ip_cidr_range: 10.129.0.0/24 diff --git a/tests/modules/net_vpc/examples/factory.yaml b/tests/modules/net_vpc/examples/factory.yaml new file mode 100644 index 0000000000..48671c2922 --- /dev/null +++ b/tests/modules/net_vpc/examples/factory.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-detailed"]: + description: Sample description + ip_cidr_range: 10.0.0.0/24 + log_config: + - aggregation_interval: INTERVAL_5_SEC + filter_expr: 'true' + flow_sampling: 0.5 + metadata: INCLUDE_ALL_METADATA + metadata_fields: null + name: subnet-detailed + private_ip_google_access: false + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 192.168.0.0/24 + range_name: secondary-range-a + module.vpc.google_compute_subnetwork.subnetwork["europe-west4/subnet-simple"]: + description: Terraform-managed. + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: subnet-simple + private_ip_google_access: true + project: my-project + region: europe-west4 + role: null + secondary_ip_range: [] + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/routes.yaml b/tests/modules/net_vpc/examples/routes.yaml new file mode 100644 index 0000000000..205197c825 --- /dev/null +++ b/tests/modules/net_vpc/examples/routes.yaml @@ -0,0 +1,146 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc["gateway"].google_compute_network.network[0]: + name: my-network-with-route-gateway + project: my-project + routing_mode: GLOBAL + module.vpc["gateway"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-gateway-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["gateway"].google_compute_route.gateway["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-gateway-next-hop + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["ilb"].google_compute_network.network[0]: + name: my-network-with-route-ilb + project: my-project + routing_mode: GLOBAL + module.vpc["ilb"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-ilb-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["ilb"].google_compute_route.ilb["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-ilb-next-hop + next_hop_gateway: null + next_hop_ilb: regions/europe-west1/forwardingRules/test + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["instance"].google_compute_network.network[0]: + name: my-network-with-route-instance + project: my-project + routing_mode: GLOBAL + module.vpc["instance"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-instance-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["instance"].google_compute_route.instance["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-instance-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: zones/europe-west1-b/test + next_hop_instance_zone: europe-west1-b + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["ip"].google_compute_network.network[0]: + name: my-network-with-route-ip + project: my-project + routing_mode: GLOBAL + module.vpc["ip"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-ip-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["ip"].google_compute_route.ip["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-ip-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: null + next_hop_ip: 192.168.0.128 + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["vpn_tunnel"].google_compute_network.network[0]: + name: my-network-with-route-vpn-tunnel + project: my-project + routing_mode: GLOBAL + module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-vpn-tunnel-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-vpn-tunnel-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo + priority: 1000 + project: my-project + tags: null + +counts: + google_compute_network: 5 + google_compute_route: 10 diff --git a/tests/modules/net_vpc/factory.tfvars b/tests/modules/net_vpc/factory.tfvars deleted file mode 100644 index 8c4d4a28ca..0000000000 --- a/tests/modules/net_vpc/factory.tfvars +++ /dev/null @@ -1 +0,0 @@ -data_folder = "../../tests/modules/net_vpc/data" diff --git a/tests/modules/net_vpc/factory.yaml b/tests/modules/net_vpc/factory.yaml deleted file mode 100644 index 9cf628d090..0000000000 --- a/tests/modules/net_vpc/factory.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_subnetwork.subnetwork["europe-west1/factory-subnet"]: - description: 'Sample description' - ip_cidr_range: '10.128.0.0/24' - ipv6_access_type: null - log_config: [] - name: 'factory-subnet' - private_ip_google_access: false - project: 'test-project' - region: 'europe-west1' - role: null - secondary_ip_range: - - ip_cidr_range: '192.168.128.0/24' - range_name: 'secondary-range-a' - google_compute_subnetwork.subnetwork["europe-west4/factory-subnet2"]: - description: 'Sample description' - ip_cidr_range: '10.129.0.0/24' - log_config: [] - name: 'factory-subnet2' - private_ip_google_access: true - project: 'test-project' - region: 'europe-west4' - role: null - secondary_ip_range: [] - - # FIXME: should we have some bindings here? - -counts: - google_compute_network: 1 - google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/test_routes.py b/tests/modules/net_vpc/test_routes.py deleted file mode 100644 index 01d9673dde..0000000000 --- a/tests/modules/net_vpc/test_routes.py +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - -_route_parameters = [('gateway', 'global/gateways/default-internet-gateway'), - ('instance', 'zones/europe-west1-b/test'), - ('ip', '192.168.0.128'), - ('ilb', 'regions/europe-west1/forwardingRules/test'), - ('vpn_tunnel', 'regions/europe-west1/vpnTunnels/foo')] - - -@pytest.mark.parametrize('next_hop_type,next_hop', _route_parameters) -def test_vpc_routes(plan_summary, next_hop_type, next_hop): - 'Test vpc routes.' - - var_routes = '''{ - next-hop = { - dest_range = "192.168.128.0/24" - tags = null - next_hop_type = "%s" - next_hop = "%s" - } - gateway = { - dest_range = "0.0.0.0/0", - priority = 100 - tags = ["tag-a"] - next_hop_type = "gateway", - next_hop = "global/gateways/default-internet-gateway" - } - }''' % (next_hop_type, next_hop) - summary = plan_summary('modules/net-vpc', tf_var_files=['common.tfvars'], - routes=var_routes) - assert len(summary.values) == 3 - route = summary.values[f'google_compute_route.{next_hop_type}["next-hop"]'] - assert route[f'next_hop_{next_hop_type}'] == next_hop diff --git a/tests/modules/net_vpc/tftest.yaml b/tests/modules/net_vpc/tftest.yaml index c0dfa0adb6..5e9668ea4a 100644 --- a/tests/modules/net_vpc/tftest.yaml +++ b/tests/modules/net_vpc/tftest.yaml @@ -18,7 +18,6 @@ common_tfvars: tests: shared_vpc: - factory: psa_routes_export: psa_routes_import: psa_routes_import_export: From 1e0d7776e18a7f11497161a4a68d9fdd9bbdd12e Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 12:21:48 +0100 Subject: [PATCH 09/15] Update DNS tests --- modules/dns/README.md | 32 +++- modules/dns/main.tf | 2 +- .../modules/dns/examples/forwarding-zone.yaml | 34 +++++ tests/modules/dns/examples/peering-zone.yaml | 34 +++++ tests/modules/dns/examples/private-zone.yaml | 50 +++++++ tests/modules/dns/examples/public-zone.yaml | 38 +++++ tests/modules/dns/examples/reverse-zone.yaml | 27 ++++ .../dns/examples/routing-policies.yaml | 80 ++++++++++ tests/modules/dns/fixture/main.tf | 27 ---- tests/modules/dns/fixture/variables.tf | 62 -------- tests/modules/dns/no_clients.tfvars | 5 + tests/modules/dns/no_clients.yaml | 25 ++++ tests/modules/dns/null_forwarders.tfvars | 4 + tests/modules/dns/null_forwarders.yaml | 20 +++ tests/modules/dns/test_plan.py | 138 ------------------ tests/modules/dns/tftest.yaml | 19 +++ 16 files changed, 363 insertions(+), 234 deletions(-) create mode 100644 tests/modules/dns/examples/forwarding-zone.yaml create mode 100644 tests/modules/dns/examples/peering-zone.yaml create mode 100644 tests/modules/dns/examples/private-zone.yaml create mode 100644 tests/modules/dns/examples/public-zone.yaml create mode 100644 tests/modules/dns/examples/reverse-zone.yaml create mode 100644 tests/modules/dns/examples/routing-policies.yaml delete mode 100644 tests/modules/dns/fixture/main.tf delete mode 100644 tests/modules/dns/fixture/variables.tf create mode 100644 tests/modules/dns/no_clients.tfvars create mode 100644 tests/modules/dns/no_clients.yaml create mode 100644 tests/modules/dns/null_forwarders.tfvars create mode 100644 tests/modules/dns/null_forwarders.yaml delete mode 100644 tests/modules/dns/test_plan.py create mode 100644 tests/modules/dns/tftest.yaml diff --git a/modules/dns/README.md b/modules/dns/README.md index 9e461f0e51..4803a13ce3 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -21,7 +21,7 @@ module "private-dns" { "A myhost" = { ttl = 600, records = ["10.0.0.120"] } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=private-zone.yaml ``` ### Forwarding Zone @@ -36,7 +36,7 @@ module "private-dns" { client_networks = [var.vpc.self_link] forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=forwarding-zone.yaml ``` ### Peering Zone @@ -47,11 +47,12 @@ module "private-dns" { project_id = "myproject" type = "peering" name = "test-example" - domain = "test.example." + domain = "." + description = "Forwarding zone for ." client_networks = [var.vpc.self_link] peer_network = var.vpc2.self_link } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=peering-zone.yaml ``` ### Routing Policies @@ -84,7 +85,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=routing-policies.yaml ``` ### Reverse Lookup Zone @@ -98,10 +99,29 @@ module "private-dns" { domain = "0.0.10.in-addr.arpa." client_networks = [var.vpc.self_link] } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=reverse-zone.yaml ``` +### Public Zone + +```hcl +module "public-dns" { + source = "./fabric/modules/dns" + project_id = "myproject" + type = "public" + name = "example" + domain = "example.com." + recordsets = { + "A myhost" = { ttl = 300, records = ["127.0.0.1"] } + } +} +# tftest modules=1 resources=3 inventory=public-zone.yaml +``` + + + + ## Variables | name | description | type | required | default | diff --git a/modules/dns/main.tf b/modules/dns/main.tf index ca30c7d0c7..edf342ef66 100644 --- a/modules/dns/main.tf +++ b/modules/dns/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/tests/modules/dns/examples/forwarding-zone.yaml b/tests/modules/dns/examples/forwarding-zone.yaml new file mode 100644 index 0000000000..4a09114ee4 --- /dev/null +++ b/tests/modules/dns/examples/forwarding-zone.yaml @@ -0,0 +1,34 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + dns_name: test.example. + forwarding_config: + - target_name_servers: + - forwarding_path: '' + ipv4_address: 10.0.1.1 + - forwarding_path: private + ipv4_address: 1.2.3.4 + name: test-example + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private + +counts: + google_dns_managed_zone: 1 + diff --git a/tests/modules/dns/examples/peering-zone.yaml b/tests/modules/dns/examples/peering-zone.yaml new file mode 100644 index 0000000000..9f16adab61 --- /dev/null +++ b/tests/modules/dns/examples/peering-zone.yaml @@ -0,0 +1,34 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Forwarding zone for . + dns_name: . + forwarding_config: [] + name: test-example + peering_config: + - target_network: + - network_url: projects/xxx/global/networks/ccc + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private + +counts: + google_dns_managed_zone: 1 + +outputs: {} diff --git a/tests/modules/dns/examples/private-zone.yaml b/tests/modules/dns/examples/private-zone.yaml new file mode 100644 index 0000000000..f642664506 --- /dev/null +++ b/tests/modules/dns/examples/private-zone.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Terraform managed. + dns_name: test.example. + force_destroy: false + forwarding_config: [] + name: test-example + peering_config: [] + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private + module.private-dns.google_dns_record_set.cloud-static-records["A localhost"]: + managed_zone: test-example + name: localhost.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 127.0.0.1 + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-static-records["A myhost"]: + managed_zone: test-example + name: myhost.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 10.0.0.120 + ttl: 600 + type: A + +counts: + google_dns_managed_zone: 1 + google_dns_record_set: 2 diff --git a/tests/modules/dns/examples/public-zone.yaml b/tests/modules/dns/examples/public-zone.yaml new file mode 100644 index 0000000000..0f8067a764 --- /dev/null +++ b/tests/modules/dns/examples/public-zone.yaml @@ -0,0 +1,38 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.public-dns.google_dns_managed_zone.public[0]: + dns_name: example.com. + name: example + project: myproject + visibility: public + module.public-dns.google_dns_record_set.cloud-static-records["A myhost"]: + managed_zone: example + name: myhost.example.com. + project: myproject + routing_policy: [] + rrdatas: + - 127.0.0.1 + ttl: 300 + type: A + +counts: + google_dns_keys: 1 + google_dns_managed_zone: 1 + google_dns_record_set: 1 + modules: 1 + resources: 3 + +outputs: {} diff --git a/tests/modules/dns/examples/reverse-zone.yaml b/tests/modules/dns/examples/reverse-zone.yaml new file mode 100644 index 0000000000..17e76a12c2 --- /dev/null +++ b/tests/modules/dns/examples/reverse-zone.yaml @@ -0,0 +1,27 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Terraform managed. + dns_name: 0.0.10.in-addr.arpa. + name: test-example + project: myproject + reverse_lookup: true + visibility: private + +counts: + google_dns_managed_zone: 1 + +outputs: {} diff --git a/tests/modules/dns/examples/routing-policies.yaml b/tests/modules/dns/examples/routing-policies.yaml new file mode 100644 index 0000000000..45b19276c5 --- /dev/null +++ b/tests/modules/dns/examples/routing-policies.yaml @@ -0,0 +1,80 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + dns_name: test.example. + name: test-example + project: myproject + module.private-dns.google_dns_record_set.cloud-geo-records["A geo"]: + managed_zone: test-example + name: geo.test.example. + project: myproject + routing_policy: + - enable_geo_fencing: null + geo: + - health_checked_targets: [] + location: europe-west1 + rrdatas: + - 10.0.0.1 + - health_checked_targets: [] + location: europe-west2 + rrdatas: + - 10.0.0.2 + - health_checked_targets: [] + location: europe-west3 + rrdatas: + - 10.0.0.3 + primary_backup: [] + wrr: [] + rrdatas: null + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-static-records["A regular"]: + managed_zone: test-example + name: regular.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 10.20.0.1 + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-wrr-records["A wrr"]: + managed_zone: test-example + name: wrr.test.example. + project: myproject + routing_policy: + - enable_geo_fencing: null + geo: [] + primary_backup: [] + wrr: + - health_checked_targets: [] + rrdatas: + - 10.10.0.1 + weight: 0.6 + - health_checked_targets: [] + rrdatas: + - 10.10.0.2 + weight: 0.2 + - health_checked_targets: [] + rrdatas: + - 10.10.0.3 + weight: 0.2 + rrdatas: null + ttl: 600 + type: A + +counts: + google_dns_managed_zone: 1 + google_dns_record_set: 3 diff --git a/tests/modules/dns/fixture/main.tf b/tests/modules/dns/fixture/main.tf deleted file mode 100644 index bab3192048..0000000000 --- a/tests/modules/dns/fixture/main.tf +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/dns" - project_id = "my-project" - name = "test" - domain = "test.example." - client_networks = var.client_networks - type = var.type - forwarders = var.forwarders - peer_network = var.peer_network - recordsets = var.recordsets -} diff --git a/tests/modules/dns/fixture/variables.tf b/tests/modules/dns/fixture/variables.tf deleted file mode 100644 index 8e55a287a1..0000000000 --- a/tests/modules/dns/fixture/variables.tf +++ /dev/null @@ -1,62 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "client_networks" { - type = list(string) - default = [ - "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default" - ] -} - -variable "forwarders" { - type = map(string) - default = {} -} - -variable "peer_network" { - type = string - default = null -} - -variable "recordsets" { - type = any - default = { - "A localhost" = { ttl = 300, records = ["127.0.0.1"] } - "A local-host.test.example." = { ttl = 300, records = ["127.0.0.2"] } - "CNAME *" = { ttl = 300, records = ["localhost.example.org."] } - "A " = { ttl = 300, records = ["127.0.0.3"] } - "A geo" = { - geo_routing = [ - { location = "europe-west1", records = ["127.0.0.4"] }, - { location = "europe-west2", records = ["127.0.0.5"] }, - { location = "europe-west3", records = ["127.0.0.6"] } - ] - } - "A wrr" = { - ttl = 600 - wrr_routing = [ - { weight = 0.6, records = ["127.0.0.7"] }, - { weight = 0.2, records = ["127.0.0.8"] }, - { weight = 0.2, records = ["127.0.0.9"] } - ] - } - } -} - -variable "type" { - type = string - default = "private" -} diff --git a/tests/modules/dns/no_clients.tfvars b/tests/modules/dns/no_clients.tfvars new file mode 100644 index 0000000000..97b722734b --- /dev/null +++ b/tests/modules/dns/no_clients.tfvars @@ -0,0 +1,5 @@ +type = "private" +domain = "test.example." +name = "test" +project_id = "my-project" +client_networks = [] diff --git a/tests/modules/dns/no_clients.yaml b/tests/modules/dns/no_clients.yaml new file mode 100644 index 0000000000..42f628c9ce --- /dev/null +++ b/tests/modules/dns/no_clients.yaml @@ -0,0 +1,25 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_dns_managed_zone.non-public[0]: + dns_name: test.example. + name: test + private_visibility_config: [] + visibility: private + +counts: + google_dns_managed_zone: 1 + modules: 0 + resources: 1 diff --git a/tests/modules/dns/null_forwarders.tfvars b/tests/modules/dns/null_forwarders.tfvars new file mode 100644 index 0000000000..4514d63951 --- /dev/null +++ b/tests/modules/dns/null_forwarders.tfvars @@ -0,0 +1,4 @@ +type = "forwarding" +domain = "test.example." +name = "test" +project_id = "my-project" diff --git a/tests/modules/dns/null_forwarders.yaml b/tests/modules/dns/null_forwarders.yaml new file mode 100644 index 0000000000..bbe637fc22 --- /dev/null +++ b/tests/modules/dns/null_forwarders.yaml @@ -0,0 +1,20 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_dns_managed_zone.non-public[0]: + forwarding_config: [] + +counts: + google_dns_managed_zone: 1 diff --git a/tests/modules/dns/test_plan.py b/tests/modules/dns/test_plan.py deleted file mode 100644 index 5cc1ba7093..0000000000 --- a/tests/modules/dns/test_plan.py +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_private(plan_runner): - "Test private zone with three recordsets." - _, resources = plan_runner() - assert len(resources) == 7 - assert set(r['type'] for r in resources) == { - 'google_dns_record_set', 'google_dns_managed_zone' - } - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'private' - assert len(r['values']['private_visibility_config']) == 1 - - -def test_private_recordsets(plan_runner): - "Test recordsets in private zone." - _, resources = plan_runner() - recordsets = [ - r['values'] for r in resources if r['type'] == 'google_dns_record_set' - ] - - assert set(r['name'] for r in recordsets) == { - 'localhost.test.example.', 'local-host.test.example.', '*.test.example.', - "test.example.", "geo.test.example.", "wrr.test.example." - } - - for r in recordsets: - if r['name'] not in ['wrr.test.example.', 'geo.test.example.']: - assert r['routing_policy'] == [] - assert r['rrdatas'] != [] - - -def test_routing_policies(plan_runner): - "Test recordsets with routing policies." - _, resources = plan_runner() - recordsets = [ - r['values'] for r in resources if r['type'] == 'google_dns_record_set' - ] - geo_zone = [ - r['values'] for r in resources if r['address'] == - 'module.test.google_dns_record_set.cloud-geo-records["A geo"]' - ][0] - assert geo_zone['name'] == 'geo.test.example.' - assert geo_zone['routing_policy'][0]['wrr'] == [] - geo_policy = geo_zone['routing_policy'][0]['geo'] - assert geo_policy[0]['location'] == 'europe-west1' - assert geo_policy[0]['rrdatas'] == ['127.0.0.4'] - assert geo_policy[1]['location'] == 'europe-west2' - assert geo_policy[1]['rrdatas'] == ['127.0.0.5'] - assert geo_policy[2]['location'] == 'europe-west3' - assert geo_policy[2]['rrdatas'] == ['127.0.0.6'] - - wrr_zone = [ - r['values'] for r in resources if r['address'] == - 'module.test.google_dns_record_set.cloud-wrr-records["A wrr"]' - ][0] - assert wrr_zone['name'] == 'wrr.test.example.' - wrr_policy = wrr_zone['routing_policy'][0]['wrr'] - assert wrr_policy[0]['weight'] == 0.6 - assert wrr_policy[0]['rrdatas'] == ['127.0.0.7'] - assert wrr_policy[1]['weight'] == 0.2 - assert wrr_policy[1]['rrdatas'] == ['127.0.0.8'] - assert wrr_policy[2]['weight'] == 0.2 - assert wrr_policy[2]['rrdatas'] == ['127.0.0.9'] - assert wrr_zone['routing_policy'][0]['geo'] == [] - - -def test_private_no_networks(plan_runner): - "Test private zone not exposed to any network." - _, resources = plan_runner(client_networks='[]') - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'private' - assert len(r['values']['private_visibility_config']) == 0 - - -def test_forwarding_recordsets_null_forwarders(plan_runner): - "Test forwarding zone with wrong set of attributes does not break." - _, resources = plan_runner(type='forwarding') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['forwarding_config'] == [] - - -def test_forwarding(plan_runner): - "Test forwarding zone with single forwarder." - _, resources = plan_runner(type='forwarding', recordsets='null', - forwarders='{ "1.2.3.4" = null }') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['forwarding_config'] == [{ - 'target_name_servers': [{ - 'forwarding_path': '', - 'ipv4_address': '1.2.3.4' - }] - }] - - -def test_peering(plan_runner): - "Test peering zone." - _, resources = plan_runner(type='peering', recordsets='null', - peer_network='dummy-vpc-self-link') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['peering_config'] == [{ - 'target_network': [{ - 'network_url': 'dummy-vpc-self-link' - }] - }] - - -def test_public(plan_runner): - "Test public zone with two recordsets." - _, resources = plan_runner(type='public') - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'public' - assert r['values']['private_visibility_config'] == [] diff --git a/tests/modules/dns/tftest.yaml b/tests/modules/dns/tftest.yaml new file mode 100644 index 0000000000..5172a013be --- /dev/null +++ b/tests/modules/dns/tftest.yaml @@ -0,0 +1,19 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +module: modules/dns + +tests: + no_clients: + null_forwarders: From 9c9aafb3f1a23e224c1ca85bf2375abad689ff67 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 13:03:30 +0100 Subject: [PATCH 10/15] Update gke-cluster tests --- modules/gke-cluster/README.md | 34 ++++++++++++-- .../gke_cluster/examples/autopilot.yaml | 32 +++++++++++++ tests/modules/gke_cluster/examples/basic.yaml | 42 +++++++++++++++++ .../gke_cluster/examples/dataplane-v2.yaml | 45 +++++++++++++++++++ tests/modules/gke_cluster/fixture/main.tf | 29 ------------ .../modules/gke_cluster/fixture/variables.tf | 43 ------------------ tests/modules/gke_cluster/test_plan.py | 38 ---------------- 7 files changed, 150 insertions(+), 113 deletions(-) create mode 100644 tests/modules/gke_cluster/examples/autopilot.yaml create mode 100644 tests/modules/gke_cluster/examples/basic.yaml create mode 100644 tests/modules/gke_cluster/examples/dataplane-v2.yaml delete mode 100644 tests/modules/gke_cluster/fixture/main.tf delete mode 100644 tests/modules/gke_cluster/fixture/variables.tf delete mode 100644 tests/modules/gke_cluster/test_plan.py diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index caf1fec939..0ba75cd617 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -33,7 +33,7 @@ module "cluster-1" { environment = "dev" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=basic.yaml ``` ### GKE Cluster with Dataplane V2 enabled @@ -42,7 +42,7 @@ module "cluster-1" { module "cluster-1" { source = "./fabric/modules/gke-cluster" project_id = "myproject" - name = "cluster-1" + name = "cluster-dataplane-v2" location = "europe-west1-b" vpc_config = { network = var.vpc.self_link @@ -68,8 +68,36 @@ module "cluster-1" { environment = "dev" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=dataplane-v2.yaml +``` +### Autopilot Cluster + +```hcl +module "cluster-autopilot" { + source = "./fabric/modules/gke-cluster" + project_id = "myproject" + name = "cluster-autopilot" + location = "europe-west1-b" + vpc_config = { + network = var.vpc.self_link + subnetwork = var.subnet.self_link + secondary_range_names = { + pods = "pods" + services = "services" + } + master_authorized_ranges = { + internal-vms = "10.0.0.0/8" + } + master_ipv4_cidr_block = "192.168.0.0/28" + } + enable_features = { + autopilot = true + } +} +# tftest modules=1 resources=1 inventory=autopilot.yaml ``` + + ## Variables diff --git a/tests/modules/gke_cluster/examples/autopilot.yaml b/tests/modules/gke_cluster/examples/autopilot.yaml new file mode 100644 index 0000000000..0a5380dbb7 --- /dev/null +++ b/tests/modules/gke_cluster/examples/autopilot.yaml @@ -0,0 +1,32 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-autopilot.google_container_cluster.cluster: + enable_autopilot: true + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + name: cluster-autopilot + network: projects/xxx/global/networks/aaa + project: myproject + subnetwork: subnet_self_link + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/examples/basic.yaml b/tests/modules/gke_cluster/examples/basic.yaml new file mode 100644 index 0000000000..fe6648c8d6 --- /dev/null +++ b/tests/modules/gke_cluster/examples/basic.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1.google_container_cluster.cluster: + default_max_pods_per_node: 32 + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + name: cluster-1 + network: projects/xxx/global/networks/aaa + private_cluster_config: + - enable_private_endpoint: true + enable_private_nodes: true + master_global_access_config: + - enabled: false + master_ipv4_cidr_block: 192.168.0.0/28 + private_endpoint_subnetwork: null + project: myproject + remove_default_node_pool: true + resource_labels: + environment: dev + subnetwork: subnet_self_link + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/examples/dataplane-v2.yaml b/tests/modules/gke_cluster/examples/dataplane-v2.yaml new file mode 100644 index 0000000000..ef7ca642fd --- /dev/null +++ b/tests/modules/gke_cluster/examples/dataplane-v2.yaml @@ -0,0 +1,45 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1.google_container_cluster.cluster: + datapath_provider: ADVANCED_DATAPATH + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + min_master_version: null + name: cluster-dataplane-v2 + network: projects/xxx/global/networks/aaa + private_cluster_config: + - enable_private_endpoint: true + enable_private_nodes: true + master_global_access_config: + - enabled: false + master_ipv4_cidr_block: 192.168.0.0/28 + private_endpoint_subnetwork: null + project: myproject + remove_default_node_pool: true + resource_labels: + environment: dev + subnetwork: subnet_self_link + workload_identity_config: + - workload_pool: myproject.svc.id.goog + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/fixture/main.tf b/tests/modules/gke_cluster/fixture/main.tf deleted file mode 100644 index 5e11fbd779..0000000000 --- a/tests/modules/gke_cluster/fixture/main.tf +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/gke-cluster" - project_id = "my-project" - name = "cluster-1" - location = "europe-west1-b" - vpc_config = { - network = "mynetwork" - subnetwork = "mysubnet" - } - enable_addons = var.enable_addons - enable_features = var.enable_features - tags = var.tags -} diff --git a/tests/modules/gke_cluster/fixture/variables.tf b/tests/modules/gke_cluster/fixture/variables.tf deleted file mode 100644 index 2104e452bb..0000000000 --- a/tests/modules/gke_cluster/fixture/variables.tf +++ /dev/null @@ -1,43 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "enable_addons" { - type = any - default = { - horizontal_pod_autoscaling = true - http_load_balancing = true - } -} - -variable "enable_features" { - type = any - default = { - workload_identity = true - } -} - -variable "monitoring_config" { - type = any - default = { - managed_prometheus = true - } -} - -variable "tags" { - description = "Network tags applied to nodes." - type = list(string) - default = null -} diff --git a/tests/modules/gke_cluster/test_plan.py b/tests/modules/gke_cluster/test_plan.py deleted file mode 100644 index acd97bede3..0000000000 --- a/tests/modules/gke_cluster/test_plan.py +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_standard(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner() - assert len(resources) == 1 - - cluster_config = resources[0]['values'] - assert cluster_config['name'] == "cluster-1" - assert cluster_config['network'] == "mynetwork" - assert cluster_config['subnetwork'] == "mysubnet" - assert cluster_config['enable_autopilot'] is None - # assert 'service_account' not in node_config - - -def test_autopilot(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner(enable_features='{ autopilot=true }') - assert len(resources) == 1 - cluster_config = resources[0]['values'] - assert cluster_config['name'] == "cluster-1" - assert cluster_config['network'] == "mynetwork" - assert cluster_config['subnetwork'] == "mysubnet" - assert cluster_config['enable_autopilot'] == True - # assert 'service_account' not in node_config From 44724f3839e118c8676978b7b62153f64d716067 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 17:46:06 +0100 Subject: [PATCH 11/15] Update plan_summary to support running documentation examples --- tools/plan_summary.py | 36 ++++++++++++++++++++++++++---------- 1 file changed, 26 insertions(+), 10 deletions(-) diff --git a/tools/plan_summary.py b/tools/plan_summary.py index def79adb42..78c5f939f6 100755 --- a/tools/plan_summary.py +++ b/tools/plan_summary.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ import click import sys +import tempfile import yaml from pathlib import Path @@ -27,17 +28,32 @@ @click.command() +@click.option('--example', default=False, is_flag=True) @click.argument('module', type=click.Path(), nargs=1) @click.argument('tfvars', type=click.Path(exists=True), nargs=-1) -def main(module, tfvars): - module = BASEDIR / module - summary = fixtures.plan_summary(module, Path(), tfvars) - print(yaml.dump({'values': summary.values})) - print(yaml.dump({'counts': summary.counts})) - outputs = { - k: v.get('value', '__missing__') for k, v in summary.outputs.items() - } - print(yaml.dump({'outputs': outputs})) +def main(example, module, tfvars): + try: + if example: + tmp_dir = tempfile.TemporaryDirectory() + tmp_path = Path(tmp_dir.name) + common_vars = BASEDIR / 'tests' / 'examples' / 'variables.tf' + (tmp_path / 'main.tf').symlink_to(module) + (tmp_path / 'variables.tf').symlink_to(common_vars) + (tmp_path / 'fabric').symlink_to(BASEDIR) + module = tmp_path + else: + module = BASEDIR / module + + summary = fixtures.plan_summary(module, Path(), tfvars) + print(yaml.dump({'values': summary.values})) + print(yaml.dump({'counts': summary.counts})) + outputs = { + k: v.get('value', '__missing__') for k, v in summary.outputs.items() + } + print(yaml.dump({'outputs': outputs})) + finally: + if example: + tmp_dir.cleanup() if __name__ == '__main__': From 1820269680b8847ca1241dfa34b377c7940af844 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 18:19:34 +0100 Subject: [PATCH 12/15] Add inventories to gke-nodepool examples --- modules/gke-nodepool/README.md | 57 ++++++++---- modules/gke-nodepool/variables.tf | 6 +- .../modules/gke_nodepool/examples/basic.yaml | 23 +++++ .../modules/gke_nodepool/examples/config.yaml | 59 +++++++++++++ .../gke_nodepool/examples/create-sa.yaml | 52 +++++++++++ .../gke_nodepool/examples/external-sa.yaml | 43 ++++++++++ tests/modules/gke_nodepool/fixture/main.tf | 45 ---------- .../modules/gke_nodepool/fixture/variables.tf | 86 ------------------- tests/modules/gke_nodepool/test_plan.py | 67 --------------- 9 files changed, 222 insertions(+), 216 deletions(-) create mode 100644 tests/modules/gke_nodepool/examples/basic.yaml create mode 100644 tests/modules/gke_nodepool/examples/config.yaml create mode 100644 tests/modules/gke_nodepool/examples/create-sa.yaml create mode 100644 tests/modules/gke_nodepool/examples/external-sa.yaml delete mode 100644 tests/modules/gke_nodepool/fixture/main.tf delete mode 100644 tests/modules/gke_nodepool/fixture/variables.tf delete mode 100644 tests/modules/gke_nodepool/test_plan.py diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index 50e9d08cb1..9b42c9b938 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -16,7 +16,7 @@ module "cluster-1-nodepool-1" { location = "europe-west1-b" name = "nodepool-1" } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=basic.yaml ``` ### Internally managed service account @@ -27,7 +27,11 @@ If you create a new service account, its resource and email (in both plain and I #### GCE default service account -To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`. +To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`. This is what the first example of this document does. + +#### Externally defined service account + +To use an existing service account, pass in just the `email` attribute. If you do this, will most likely want to use the `cloud-platform` scope. ```hcl module "cluster-1-nodepool-1" { @@ -36,13 +40,17 @@ module "cluster-1-nodepool-1" { cluster_name = "cluster-1" location = "europe-west1-b" name = "nodepool-1" + service_account = { + email = "foo-bar@myproject.iam.gserviceaccount.com" + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] + } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=external-sa.yaml ``` -#### Externally defined service account +#### Auto-created service account -To use an existing service account, pass in just the `email` attribute. +To have the module create a service account, set the `create` attribute to `true` and optionally pass the desired account id in `email`. ```hcl module "cluster-1-nodepool-1" { @@ -52,15 +60,14 @@ module "cluster-1-nodepool-1" { location = "europe-west1-b" name = "nodepool-1" service_account = { - email = "foo-bar@myproject.iam.gserviceaccount.com" + create = true + email = "spam-eggs" # optional + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=2 inventory=create-sa.yaml ``` - -#### Auto-created service account - -To have the module create a service account, set the `create` attribute to `true` and optionally pass the desired account id in `email`. +### Node & node pool configuration ```hcl module "cluster-1-nodepool-1" { @@ -69,14 +76,34 @@ module "cluster-1-nodepool-1" { cluster_name = "cluster-1" location = "europe-west1-b" name = "nodepool-1" + labels = { environment = "dev" } service_account = { - create = true - # optional - email = "spam-eggs" + create = true + email = "nodepool-1" # optional + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] + } + node_config = { + machine_type = "n2-standard-2" + disk_size_gb = 50 + disk_type = "pd-ssd" + ephemeral_ssd_count = 1 + gvnic = true + spot = true + } + nodepool_config = { + autoscaling = { + max_node_count = 10 + min_node_count = 1 + } + management = { + auto_repair = true + auto_upgrade = false + } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=config.yaml ``` + ## Variables diff --git a/modules/gke-nodepool/variables.tf b/modules/gke-nodepool/variables.tf index e0d3e967a5..1166c34f48 100644 --- a/modules/gke-nodepool/variables.tf +++ b/modules/gke-nodepool/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -165,8 +165,8 @@ variable "service_account" { description = "Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used." type = object({ create = optional(bool, false) - email = optional(string, null) - oauth_scopes = optional(list(string), null) + email = optional(string) + oauth_scopes = optional(list(string)) }) default = {} nullable = false diff --git a/tests/modules/gke_nodepool/examples/basic.yaml b/tests/modules/gke_nodepool/examples/basic.yaml new file mode 100644 index 0000000000..010b98cdae --- /dev/null +++ b/tests/modules/gke_nodepool/examples/basic.yaml @@ -0,0 +1,23 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + project: myproject + +counts: + google_container_node_pool: 1 diff --git a/tests/modules/gke_nodepool/examples/config.yaml b/tests/modules/gke_nodepool/examples/config.yaml new file mode 100644 index 0000000000..858e5ca58c --- /dev/null +++ b/tests/modules/gke_nodepool/examples/config.yaml @@ -0,0 +1,59 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + autoscaling: + - max_node_count: 10 + min_node_count: 1 + total_max_node_count: null + total_min_node_count: null + cluster: cluster-1 + initial_node_count: 1 + location: europe-west1-b + management: + - auto_repair: true + auto_upgrade: false + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_size_gb: 50 + disk_type: pd-ssd + ephemeral_storage_config: + - local_ssd_count: 1 + gcfs_config: [] + gvnic: [] + kubelet_config: [] + labels: + environment: dev + linux_node_config: [] + logging_variant: DEFAULT + machine_type: n2-standard-2 + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + spot: true + tags: null + taint: [] + placement_policy: [] + project: myproject + module.cluster-1-nodepool-1.google_service_account.service_account[0]: {} + +counts: + google_container_node_pool: 1 + google_service_account: 1 diff --git a/tests/modules/gke_nodepool/examples/create-sa.yaml b/tests/modules/gke_nodepool/examples/create-sa.yaml new file mode 100644 index 0000000000..df1f2f7080 --- /dev/null +++ b/tests/modules/gke_nodepool/examples/create-sa.yaml @@ -0,0 +1,52 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_type: pd-balanced + ephemeral_storage_config: [] + gcfs_config: [] + gvnic: [] + kubelet_config: [] + linux_node_config: [] + logging_variant: DEFAULT + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + spot: false + tags: null + taint: [] + placement_policy: [] + project: myproject + timeouts: null + module.cluster-1-nodepool-1.google_service_account.service_account[0]: + account_id: spam-eggs + description: null + disabled: false + display_name: Terraform GKE cluster-1 nodepool-1. + project: myproject + timeouts: null + +counts: + google_container_node_pool: 1 + google_service_account: 1 diff --git a/tests/modules/gke_nodepool/examples/external-sa.yaml b/tests/modules/gke_nodepool/examples/external-sa.yaml new file mode 100644 index 0000000000..0595932152 --- /dev/null +++ b/tests/modules/gke_nodepool/examples/external-sa.yaml @@ -0,0 +1,43 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_type: pd-balanced + ephemeral_storage_config: [] + gcfs_config: [] + gvnic: [] + kubelet_config: [] + linux_node_config: [] + logging_variant: DEFAULT + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + service_account: foo-bar@myproject.iam.gserviceaccount.com + spot: false + tags: null + taint: [] + project: myproject + +counts: + google_container_node_pool: 1 diff --git a/tests/modules/gke_nodepool/fixture/main.tf b/tests/modules/gke_nodepool/fixture/main.tf deleted file mode 100644 index 4ee274828c..0000000000 --- a/tests/modules/gke_nodepool/fixture/main.tf +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -resource "google_service_account" "test" { - project = "my-project" - account_id = "gke-nodepool-test" - display_name = "Test Service Account" -} - -module "test" { - source = "../../../../modules/gke-nodepool" - project_id = "my-project" - cluster_name = "cluster-1" - location = "europe-west1-b" - name = "nodepool-1" - gke_version = var.gke_version - labels = var.labels - max_pods_per_node = var.max_pods_per_node - node_config = var.node_config - node_count = var.node_count - node_locations = var.node_locations - nodepool_config = var.nodepool_config - pod_range = var.pod_range - reservation_affinity = var.reservation_affinity - service_account = { - create = var.service_account_create - email = google_service_account.test.email - } - sole_tenant_nodegroup = var.sole_tenant_nodegroup - tags = var.tags - taints = var.taints -} diff --git a/tests/modules/gke_nodepool/fixture/variables.tf b/tests/modules/gke_nodepool/fixture/variables.tf deleted file mode 100644 index 18376ec532..0000000000 --- a/tests/modules/gke_nodepool/fixture/variables.tf +++ /dev/null @@ -1,86 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "gke_version" { - type = string - default = null -} - -variable "labels" { - type = map(string) - default = {} - nullable = false -} - -variable "max_pods_per_node" { - type = number - default = null -} - -variable "node_config" { - type = any - default = { - disk_type = "pd-balanced" - } -} - -variable "node_count" { - type = any - default = { - initial = 1 - } - nullable = false -} - -variable "node_locations" { - type = list(string) - default = null -} - -variable "nodepool_config" { - type = any - default = null -} - -variable "pod_range" { - type = any - default = null -} - -variable "reservation_affinity" { - type = any - default = null -} - -variable "service_account_create" { - type = bool - default = false -} - -variable "sole_tenant_nodegroup" { - type = string - default = null -} - -variable "tags" { - type = list(string) - default = null -} - -variable "taints" { - type = any - default = null -} diff --git a/tests/modules/gke_nodepool/test_plan.py b/tests/modules/gke_nodepool/test_plan.py deleted file mode 100644 index 75d1cc14bc..0000000000 --- a/tests/modules/gke_nodepool/test_plan.py +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_defaults(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner() - assert len(resources) == 1 - assert resources[0]['values']['autoscaling'] == [] - - -def test_service_account(plan_runner): - _, resources = plan_runner() - assert len(resources) == 1 - _, resources = plan_runner(service_account_create='true') - assert len(resources) == 2 - assert 'google_service_account' in [r['type'] for r in resources] - - -def test_nodepool_config(plan_runner): - nodepool_config = '''{ - autoscaling = { use_total_nodes = true, max_node_count = 3} - management = {} - upgrade_settings = { max_surge = 3, max_unavailable = 3 } - }''' - _, resources = plan_runner(nodepool_config=nodepool_config) - assert resources[0]['values']['autoscaling'] == [{ - 'location_policy': None, - 'max_node_count': None, - 'min_node_count': None, - 'total_max_node_count': 3, - 'total_min_node_count': None - }] - nodepool_config = '{ autoscaling = { max_node_count = 3} }' - _, resources = plan_runner(nodepool_config=nodepool_config) - assert resources[0]['values']['autoscaling'] == [{ - 'location_policy': None, - 'max_node_count': 3, - 'min_node_count': None, - 'total_max_node_count': None, - 'total_min_node_count': None - }] - - -def test_node_config(plan_runner): - node_config = '''{ - gcfs = true - metadata = { foo = "bar" } - }''' - _, resources = plan_runner(node_config=node_config) - values = resources[0]['values']['node_config'][0] - assert values['gcfs_config'] == [{'enabled': True}] - assert values['metadata'] == { - 'disable-legacy-endpoints': 'true', - 'foo': 'bar' - } From f014ee57948f5651ee5d3dbb65925860952dc757 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 18:35:00 +0100 Subject: [PATCH 13/15] Fix linting --- modules/dns/README.md | 3 --- modules/gke-nodepool/README.md | 3 +-- modules/net-vpc/README.md | 1 - 3 files changed, 1 insertion(+), 6 deletions(-) diff --git a/modules/dns/README.md b/modules/dns/README.md index 4803a13ce3..a405ff7535 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -101,7 +101,6 @@ module "private-dns" { } # tftest modules=1 resources=1 inventory=reverse-zone.yaml ``` - ### Public Zone @@ -120,8 +119,6 @@ module "public-dns" { ``` - - ## Variables | name | description | type | required | default | diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index 9b42c9b938..2f632c9c78 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -103,7 +103,6 @@ module "cluster-1-nodepool-1" { } # tftest modules=1 resources=2 inventory=config.yaml ``` - ## Variables @@ -124,7 +123,7 @@ module "cluster-1-nodepool-1" { | [nodepool_config](variables.tf#L115) | Nodepool-level configuration. | object({…}) | | null | | [pod_range](variables.tf#L137) | Pod secondary range configuration. | object({…}) | | null | | [reservation_affinity](variables.tf#L154) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null | -| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | +| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | | [sole_tenant_nodegroup](variables.tf#L175) | Sole tenant node group. | string | | null | | [tags](variables.tf#L181) | Network tags applied to nodes. | list(string) | | null | | [taints](variables.tf#L187) | Kubernetes taints applied to all nodes. | list(object({…})) | | null | diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 002c738d82..dbd8550221 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -341,7 +341,6 @@ flow_logs: # enable, set to empty map to use defaults metadata: "INCLUDE_ALL_METADATA" filter_expression: null ``` - ### Custom Routes From 2aee1dd1c70387cb480d58dcb1d002a6d9a1eafb Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 18:43:13 +0100 Subject: [PATCH 14/15] Fix broken link --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 18a42f59dd..d34ad2d99b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -754,7 +754,7 @@ def test_name(plan_summary, tfvars_to_yaml, tmp_path): assert s.values[address]['project'] == 'my-project' ``` -For more examples on how to write python tests, the tests for [`organization`](./tests/modules/organization/test_plan_org_policies.py) and [`net-vpc`](./tests/modules/net_vpc/test_routes.py) modules. +For more examples on how to write python tests, check the tests for the [`organization`](./tests/modules/organization/test_plan_org_policies.py) module. #### Testing documentation examples From 13352779acfb5333972f1e57353b021aabaa8ec6 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 19 Jan 2023 18:55:30 +0100 Subject: [PATCH 15/15] Fix nodepool test --- tests/modules/gke_nodepool/examples/config.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/modules/gke_nodepool/examples/config.yaml b/tests/modules/gke_nodepool/examples/config.yaml index 858e5ca58c..fc1682a826 100644 --- a/tests/modules/gke_nodepool/examples/config.yaml +++ b/tests/modules/gke_nodepool/examples/config.yaml @@ -15,7 +15,8 @@ values: module.cluster-1-nodepool-1.google_container_node_pool.nodepool: autoscaling: - - max_node_count: 10 + - location_policy: null + max_node_count: 10 min_node_count: 1 total_max_node_count: null total_min_node_count: null