Merge pull request #752 from apichick/shared-vpc-host-dependency

Added dependency on google_compute_shared_vpc_host_project.shared_vpc…
GoogleCloudPlatform · Jul 21, 2022 · 91251d8 · 91251d8
2 parents 0b721a3 + 4069e42
commit 91251d8
Show file tree

Hide file tree

Showing 7 changed files with 55 additions and 21 deletions.
diff --git a/modules/project/README.md b/modules/project/README.md
@@ -404,7 +404,7 @@ output "compute_robot" {
 | [name](outputs.tf#L25) | Project name. |  |
 | [number](outputs.tf#L38) | Project number. |  |
 | [project_id](outputs.tf#L51) | Project id. |  |
-| [service_accounts](outputs.tf#L68) | Product robot service accounts in project. |  |
-| [sink_writer_identities](outputs.tf#L84) | Writer identities created for each sink. |  |
+| [service_accounts](outputs.tf#L69) | Product robot service accounts in project. |  |
+| [sink_writer_identities](outputs.tf#L85) | Writer identities created for each sink. |  |
 
 <!-- END TFDOC -->
diff --git a/modules/project/outputs.tf b/modules/project/outputs.tf
@@ -57,6 +57,7 @@ output "project_id" {
     google_project_organization_policy.boolean,
     google_project_organization_policy.list,
     google_project_service.project_services,
+    google_compute_shared_vpc_host_project.shared_vpc_host,
     google_compute_shared_vpc_service_project.service_projects,
     google_project_iam_member.shared_vpc_host_robots,
     google_kms_crypto_key_iam_member.service_identity_cmek,

diff --git a/tests/modules/project/fixture/main.tf b/tests/modules/project/fixture/main.tf
@@ -16,8 +16,8 @@
 
 module "test" {
   source                     = "../../../../modules/project"
-  name                       = "my-project"
-  billing_account            = "12345-12345-12345"
+  name                       = var.name
+  billing_account            = var.billing_account
   auto_create_network        = var.auto_create_network
   custom_roles               = var.custom_roles
   iam                        = var.iam
@@ -36,4 +36,6 @@ module "test" {
   services                   = var.services
   logging_sinks              = var.logging_sinks
   logging_exclusions         = var.logging_exclusions
+  shared_vpc_host_config     = var.shared_vpc_host_config
 }
+
diff --git a/tests/modules/project/fixture/variables.tf b/tests/modules/project/fixture/variables.tf
@@ -14,6 +14,16 @@
  * limitations under the License.
  */
 
+variable "name" {
+  type    = string
+  default = "my-project"
+}
+
+variable "billing_account" {
+  type    = string
+  default = "12345-12345-12345"
+}
+
 variable "auto_create_network" {
   type    = bool
   default = false
@@ -115,3 +125,17 @@ variable "logging_exclusions" {
   type    = map(string)
   default = {}
 }
+
+variable "shared_vpc_host_config" {
+  type = object({
+    enabled          = bool
+    service_projects = list(string)
+  })
+  default = {
+    enabled = true
+    service_projects = [
+      "my-service-project-1",
+      "my-service-project-2"
+    ]
+  }
+}
diff --git a/tests/modules/project/test_plan.py b/tests/modules/project/test_plan.py
@@ -15,31 +15,36 @@
 def test_prefix(plan_runner):
   "Test project id prefix."
   _, resources = plan_runner()
-  assert len(resources) == 1
-  assert resources[0]['values']['name'] == 'my-project'
+  assert len(resources) == 4
+  [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
+  assert project_resource['values']['name'] == 'my-project'
   _, resources = plan_runner(prefix='foo')
-  assert len(resources) == 1
-  assert resources[0]['values']['name'] == 'foo-my-project'
+  assert len(resources) == 4
+  [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
+  assert project_resource['values']['name'] == 'foo-my-project'
 
 
 def test_parent(plan_runner):
   "Test project parent."
   _, resources = plan_runner(parent='folders/12345678')
-  assert len(resources) == 1
-  assert resources[0]['values']['folder_id'] == '12345678'
-  assert resources[0]['values'].get('org_id') == None
+  assert len(resources) == 4
+  [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
+  assert project_resource['values']['folder_id'] == '12345678'
+  assert project_resource['values'].get('org_id') == None
   _, resources = plan_runner(parent='organizations/12345678')
-  assert len(resources) == 1
-  assert resources[0]['values']['org_id'] == '12345678'
-  assert resources[0]['values'].get('folder_id') == None
+  assert len(resources) == 4
+  [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
+  assert project_resource['values']['org_id'] == '12345678'
+  assert project_resource['values'].get('folder_id') == None
 
 
 def test_no_parent(plan_runner):
   "Test null project parent."
   _, resources = plan_runner()
-  assert len(resources) == 1
-  assert resources[0]['values'].get('folder_id') == None
-  assert resources[0]['values'].get('org_id') == None
+  assert len(resources) == 4
+  [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
+  assert project_resource['values'].get('folder_id') == None
+  assert project_resource['values'].get('org_id') == None
 
 
 def test_service_encryption_keys(plan_runner):

diff --git a/tests/modules/project/test_plan_logging.py b/tests/modules/project/test_plan_logging.py
@@ -56,7 +56,7 @@ def test_sinks(plan_runner):
   }
   """
   _, resources = plan_runner(logging_sinks=logging_sinks)
-  assert len(resources) == 9
+  assert len(resources) == 12
 
   resource_types = Counter([r["type"] for r in resources])
   assert resource_types == {
@@ -66,6 +66,8 @@ def test_sinks(plan_runner):
       "google_project_iam_member": 1,
       "google_pubsub_topic_iam_member": 1,
       "google_storage_bucket_iam_member": 1,
+      "google_compute_shared_vpc_host_project": 1,
+      "google_compute_shared_vpc_service_project": 2
   }
 
   sinks = [r for r in resources if r["type"] == "google_logging_project_sink"]
@@ -149,7 +151,7 @@ def test_exclusions(plan_runner):
       "}"
   )
   _, resources = plan_runner(logging_exclusions=logging_exclusions)
-  assert len(resources) == 3
+  assert len(resources) == 6
   exclusions = [
       r for r in resources if r["type"] == "google_logging_project_exclusion"
   ]

diff --git a/tests/modules/project/test_plan_org_policies.py b/tests/modules/project/test_plan_org_policies.py
@@ -16,7 +16,7 @@ def test_policy_boolean(plan_runner):
   "Test boolean org policy."
   policy_boolean = '{policy-a = true, policy-b = false, policy-c = null}'
   _, resources = plan_runner(policy_boolean=policy_boolean)
-  assert len(resources) == 4
+  assert len(resources) == 7
   resources = [r for r in resources if r['type']
                == 'google_project_organization_policy']
   assert sorted([r['index'] for r in resources]) == [
@@ -45,7 +45,7 @@ def test_policy_list(plan_runner):
       '}'
   )
   _, resources = plan_runner(policy_list=policy_list)
-  assert len(resources) == 4
+  assert len(resources) == 7
   values = [r['values'] for r in resources if r['type']
             == 'google_project_organization_policy']
   assert [r['constraint'] for r in values] == [