diff --git a/modules/bigtable-instance/README.md b/modules/bigtable-instance/README.md index 39e0bc5364..06c85ccafb 100644 --- a/modules/bigtable-instance/README.md +++ b/modules/bigtable-instance/README.md @@ -32,7 +32,7 @@ module "bigtable-instance" { "roles/bigtable.user" = ["user:viewer@testdomain.com"] } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=simple.yaml ``` ### Instance with tables and column families @@ -65,7 +65,7 @@ module "bigtable-instance" { } } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=columns.yaml ``` ### Instance with replication enabled @@ -88,7 +88,7 @@ module "bigtable-instance" { } } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=replication.yaml ``` ### Instance with garbage collection policy @@ -118,7 +118,7 @@ module "bigtable-instance" { } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=gc.yaml ``` ### Instance with default garbage collection policy @@ -172,7 +172,7 @@ module "bigtable-instance" { } } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=static.yaml ``` ### Instance with autoscaling (based on CPU only) @@ -198,7 +198,7 @@ module "bigtable-instance" { } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=autoscaling1.yaml ``` ### Instance with autoscaling (based on CPU and/or storage) @@ -222,7 +222,7 @@ module "bigtable-instance" { } } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=autoscaling2.yaml ``` diff --git a/modules/cloud-identity-group/README.md b/modules/cloud-identity-group/README.md index c94aa6d8bf..95e589ab07 100644 --- a/modules/cloud-identity-group/README.md +++ b/modules/cloud-identity-group/README.md @@ -28,7 +28,7 @@ module "group" { "service-account@my-gcp-project.iam.gserviceaccount.com" ] } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=members.yaml ``` ### Group with managers diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index 9e05b0b384..962188d289 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -40,7 +40,7 @@ module "db" { database_version = "POSTGRES_13" tier = "db-g1-small" } -# tftest modules=3 resources=9 +# tftest modules=3 resources=9 inventory=simple.yaml ``` ## Cross-regional read replica @@ -50,6 +50,7 @@ module "db" { source = "./fabric/modules/cloudsql-instance" project_id = var.project_id network = var.vpc.self_link + prefix = "myprefix" name = "db" region = "europe-west1" database_version = "POSTGRES_13" @@ -60,7 +61,7 @@ module "db" { replica2 = { region = "us-central1", encryption_key_name = null } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=replicas.yaml ``` ## Custom flags, databases and users @@ -91,7 +92,7 @@ module "db" { user2 = "mypassword" } } -# tftest modules=1 resources=6 +# tftest modules=1 resources=6 inventory=custom.yaml ``` ### CMEK encryption @@ -140,6 +141,28 @@ module "db" { # tftest modules=3 resources=10 ``` + +### Enable public IP + +Use `ipv_enabled` to create instances with a public IP. + +```hcl +module "db" { + source = "./fabric/modules/cloudsql-instance" + project_id = var.project_id + network = var.vpc.self_link + name = "db" + region = "europe-west1" + tier = "db-g1-small" + database_version = "MYSQL_8_0" + ipv4_enabled = true + replicas = { + replica1 = { region = "europe-west3", encryption_key_name = null } + } +} +# tftest modules=1 resources=2 inventory=public-ip.yaml +``` + ## Variables diff --git a/modules/container-registry/README.md b/modules/container-registry/README.md index bf04997024..7e7f42f4c2 100644 --- a/modules/container-registry/README.md +++ b/modules/container-registry/README.md @@ -13,7 +13,7 @@ module "container_registry" { "roles/storage.admin" = ["group:cicd@example.com"] } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=simple.yaml ``` diff --git a/modules/endpoints/README.md b/modules/endpoints/README.md index 3b9e317db0..e83954f135 100644 --- a/modules/endpoints/README.md +++ b/modules/endpoints/README.md @@ -18,7 +18,7 @@ module "endpoint" { ] } } -# tftest modules=1 resources=2 files=openapi +# tftest modules=1 resources=2 files=openapi inventory=simple.yaml ``` ```yaml diff --git a/modules/logging-bucket/README.md b/modules/logging-bucket/README.md index 7af82ccb39..37fa4c8b10 100644 --- a/modules/logging-bucket/README.md +++ b/modules/logging-bucket/README.md @@ -17,7 +17,7 @@ module "bucket" { parent = var.project_id id = "mybucket" } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=project.yaml ``` @@ -37,7 +37,25 @@ module "bucket-default" { id = "_Default" retention = 10 } -# tftest modules=2 resources=2 +# tftest modules=2 resources=2 inventory=retention.yaml +``` + +### Organization and billing account buckets +```hcl +module "bucket-organization" { + source = "./fabric/modules/logging-bucket" + parent_type = "organization" + parent = "organizations/012345" + id = "mybucket" +} + +module "bucket-billing-account" { + source = "./fabric/modules/logging-bucket" + parent_type = "billing_account" + parent = "012345" + id = "mybucket" +} +# tftest modules=2 resources=2 inventory=org-ba.yaml ``` diff --git a/modules/pubsub/README.md b/modules/pubsub/README.md index 09fa1b3aec..21fb38e4de 100644 --- a/modules/pubsub/README.md +++ b/modules/pubsub/README.md @@ -16,7 +16,7 @@ module "pubsub" { "roles/pubsub.subscriber" = ["user:user1@example.com"] } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=simple.yaml ``` ### Topic with schema @@ -48,7 +48,7 @@ module "topic_with_schema" { }) } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=schema.yaml ``` ### Subscriptions @@ -74,7 +74,7 @@ module "pubsub" { } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=subscriptions.yaml ``` ### Push subscriptions diff --git a/modules/secret-manager/README.md b/modules/secret-manager/README.md index 6816db4d4b..acdfa02d73 100644 --- a/modules/secret-manager/README.md +++ b/modules/secret-manager/README.md @@ -45,7 +45,7 @@ module "secret-manager" { } } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=iam.yaml ``` ### Secret versions @@ -70,7 +70,7 @@ module "secret-manager" { } } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=versions.yaml ``` diff --git a/modules/service-directory/README.md b/modules/service-directory/README.md index d6961b418a..191fa8a35a 100644 --- a/modules/service-directory/README.md +++ b/modules/service-directory/README.md @@ -21,7 +21,7 @@ module "service-directory" { ] } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=simple.yaml ``` ### Services with IAM and endpoints @@ -50,7 +50,7 @@ module "service-directory" { "one/second" = { address = "127.0.0.2", port = 80, metadata = {} } } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=services.yaml ``` ### DNS based zone @@ -85,7 +85,7 @@ module "dns-sd" { client_networks = [var.vpc.self_link] service_directory_namespace = module.service-directory.id } -# tftest modules=2 resources=5 +# tftest modules=2 resources=5 inventory=dns.yaml ``` diff --git a/modules/source-repository/README.md b/modules/source-repository/README.md index 389de9e9d7..b84d4fe218 100644 --- a/modules/source-repository/README.md +++ b/modules/source-repository/README.md @@ -15,7 +15,7 @@ module "repo" { "roles/source.reader" = ["user:foo@example.com"] } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=simple.yaml ``` ### Repository with Cloud Build trigger @@ -41,7 +41,7 @@ module "repo" { } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=trigger.yaml ``` diff --git a/modules/vpc-sc/README.md b/modules/vpc-sc/README.md index 7ad0cba53f..32899912ac 100644 --- a/modules/vpc-sc/README.md +++ b/modules/vpc-sc/README.md @@ -31,7 +31,7 @@ module "test" { title = "vpcsc-policy" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=access-policy.yaml ``` If you need the module to create a scoped policy for you, specify 'scopes' of the policy in the `access_policy_create` variable: @@ -46,7 +46,7 @@ module "test" { scopes = ["folders/456789"] } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=scoped-access-policy.yaml ``` ### Access levels @@ -72,7 +72,7 @@ module "test" { } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=access-levels.yaml ``` ### Service perimeters @@ -103,7 +103,7 @@ module "test" { } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=bridge.yaml ``` #### Regular type @@ -172,7 +172,7 @@ module "test" { } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=regular.yaml ``` ## Notes diff --git a/tests/modules/bigtable_instance/examples/autoscaling1.yaml b/tests/modules/bigtable_instance/examples/autoscaling1.yaml new file mode 100644 index 0000000000..1c0854f7e8 --- /dev/null +++ b/tests/modules/bigtable_instance/examples/autoscaling1.yaml @@ -0,0 +1,29 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_instance.default: + cluster: + - autoscaling_config: + - cpu_target: 70 + max_nodes: 7 + min_nodes: 3 + cluster_id: my-cluster + storage_type: SSD + zone: europe-southwest1-b + name: instance + project: my-project + +counts: + google_bigtable_instance: 1 diff --git a/tests/modules/bigtable_instance/examples/autoscaling2.yaml b/tests/modules/bigtable_instance/examples/autoscaling2.yaml new file mode 100644 index 0000000000..4179e84db9 --- /dev/null +++ b/tests/modules/bigtable_instance/examples/autoscaling2.yaml @@ -0,0 +1,30 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_instance.default: + cluster: + - autoscaling_config: + - cpu_target: 70 + max_nodes: 7 + min_nodes: 3 + storage_target: 4096 + cluster_id: my-cluster + storage_type: SSD + zone: europe-southwest1-a + name: instance + project: my-project + +counts: + google_bigtable_instance: 1 diff --git a/tests/modules/bigtable_instance/examples/columns.yaml b/tests/modules/bigtable_instance/examples/columns.yaml new file mode 100644 index 0000000000..0c9b665547 --- /dev/null +++ b/tests/modules/bigtable_instance/examples/columns.yaml @@ -0,0 +1,38 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_table.default["test2"]: + column_family: + - family: cf1 + - family: cf2 + - family: cf3 + instance_name: instance + name: test2 + project: my-project + split_keys: + - a + - b + - c + module.bigtable-instance.google_bigtable_table.default["test3"]: + column_family: + - family: cf1 + instance_name: instance + name: test3 + project: my-project + split_keys: [] + +counts: + google_bigtable_instance: 1 + google_bigtable_table: 3 diff --git a/tests/modules/bigtable_instance/examples/gc.yaml b/tests/modules/bigtable_instance/examples/gc.yaml new file mode 100644 index 0000000000..47955dcc82 --- /dev/null +++ b/tests/modules/bigtable_instance/examples/gc.yaml @@ -0,0 +1,29 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_gc_policy.default["0"]: + column_family: cf1 + deletion_policy: ABANDON + gc_rules: null + instance_name: instance + max_age: + - duration: 18h + max_version: [] + mode: null + project: my-project + table: test1 + +counts: + google_bigtable_gc_policy: 1 diff --git a/tests/modules/bigtable_instance/examples/replication.yaml b/tests/modules/bigtable_instance/examples/replication.yaml new file mode 100644 index 0000000000..3eeb273745 --- /dev/null +++ b/tests/modules/bigtable_instance/examples/replication.yaml @@ -0,0 +1,36 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_instance.default: + cluster: + - autoscaling_config: [] + cluster_id: first-cluster + storage_type: SSD + zone: europe-west1-b + - autoscaling_config: [] + cluster_id: second-cluster + storage_type: SSD + zone: europe-southwest1-a + - autoscaling_config: [] + cluster_id: third-cluster + storage_type: SSD + zone: us-central1-b + deletion_protection: true + instance_type: PRODUCTION + name: instance + project: my-project + +counts: + google_bigtable_instance: 1 diff --git a/tests/modules/bigtable_instance/examples/simple.yaml b/tests/modules/bigtable_instance/examples/simple.yaml new file mode 100644 index 0000000000..23cc9f8bfb --- /dev/null +++ b/tests/modules/bigtable_instance/examples/simple.yaml @@ -0,0 +1,52 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bigtable-instance.google_bigtable_instance.default: + cluster: + - autoscaling_config: [] + cluster_id: my-cluster + storage_type: SSD + zone: europe-west1-b + deletion_protection: true + instance_type: PRODUCTION + name: instance + project: my-project + module.bigtable-instance.google_bigtable_instance_iam_binding.default["roles/bigtable.user"]: + condition: [] + instance: instance + members: + - user:viewer@testdomain.com + project: my-project + role: roles/bigtable.user + module.bigtable-instance.google_bigtable_table.default["test1"]: + column_family: [] + instance_name: instance + name: test1 + project: my-project + split_keys: [] + module.bigtable-instance.google_bigtable_table.default["test2"]: + column_family: [] + instance_name: instance + name: test2 + project: my-project + split_keys: + - a + - b + - c + +counts: + google_bigtable_instance: 1 + google_bigtable_instance_iam_binding: 1 + google_bigtable_table: 2 diff --git a/tests/modules/container_registry/__init__.py b/tests/modules/bigtable_instance/examples/static.yaml similarity index 63% rename from tests/modules/container_registry/__init__.py rename to tests/modules/bigtable_instance/examples/static.yaml index 6d6d1266c3..21ea0f0cfb 100644 --- a/tests/modules/container_registry/__init__.py +++ b/tests/modules/bigtable_instance/examples/static.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,3 +11,17 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +values: + module.bigtable-instance.google_bigtable_instance.default: + cluster: + - autoscaling_config: [] + cluster_id: my-cluster + num_nodes: 5 + storage_type: SSD + zone: europe-west1-b + name: instance + project: my-project + +counts: + google_bigtable_instance: 1 diff --git a/tests/modules/bigtable_instance/fixture/main.tf b/tests/modules/bigtable_instance/fixture/main.tf deleted file mode 100644 index 4fa83ce2b3..0000000000 --- a/tests/modules/bigtable_instance/fixture/main.tf +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/bigtable-instance" - project_id = "my-project" - name = "test" - iam = { - "roles/bigtable.user" = ["user:me@example.com"] - } - tables = { - test-1 = {}, - test-2 = { - split_keys = ["a", "b", "c"] - } - - } - clusters = { - test = { - zone = var.zone - } - } -} diff --git a/tests/modules/bigtable_instance/fixture/variables.tf b/tests/modules/bigtable_instance/fixture/variables.tf deleted file mode 100644 index c8a4b5daa0..0000000000 --- a/tests/modules/bigtable_instance/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "zone" { - type = string - default = "europe-west1-b" -} diff --git a/tests/modules/bigtable_instance/test_plan.py b/tests/modules/bigtable_instance/test_plan.py deleted file mode 100644 index 95368c019e..0000000000 --- a/tests/modules/bigtable_instance/test_plan.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 4 - - -def test_iam(resources): - "Test IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_bigtable_instance_iam_binding'] - assert len(bindings) == 1 - assert bindings[0]['role'] == 'roles/bigtable.user' - - -def test_tables(resources): - "Test table resources." - subs = [r['values'] for r in resources if r['type'] - == 'google_bigtable_table'] - assert len(subs) == 2 - assert set(s['name'] for s in subs) == set(['test-1', 'test-2']) diff --git a/tests/modules/cloud_identity_group/examples/managers.yaml b/tests/modules/cloud_identity_group/examples/managers.yaml new file mode 100644 index 0000000000..2815e79b70 --- /dev/null +++ b/tests/modules/cloud_identity_group/examples/managers.yaml @@ -0,0 +1,26 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.group.google_cloud_identity_group_membership.managers["user3@example.com"]: + preferred_member_key: + - id: user3@example.com + namespace: null + roles: + - name: MANAGER + - name: MEMBER + +counts: + google_cloud_identity_group: 1 + google_cloud_identity_group_membership: 4 diff --git a/tests/modules/cloud_identity_group/examples/members.yaml b/tests/modules/cloud_identity_group/examples/members.yaml new file mode 100644 index 0000000000..46ea80d4ee --- /dev/null +++ b/tests/modules/cloud_identity_group/examples/members.yaml @@ -0,0 +1,45 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.group.google_cloud_identity_group.group: + description: My group Description + display_name: My group name + group_key: + - id: mygroup@example.com + namespace: null + initial_group_config: EMPTY + parent: customers/C01234567 + module.group.google_cloud_identity_group_membership.members["service-account@my-gcp-project.iam.gserviceaccount.com"]: + preferred_member_key: + - id: service-account@my-gcp-project.iam.gserviceaccount.com + namespace: null + roles: + - name: MEMBER + module.group.google_cloud_identity_group_membership.members["user1@example.com"]: + preferred_member_key: + - id: user1@example.com + namespace: null + roles: + - name: MEMBER + module.group.google_cloud_identity_group_membership.members["user2@example.com"]: + preferred_member_key: + - id: user2@example.com + namespace: null + roles: + - name: MEMBER + +counts: + google_cloud_identity_group: 1 + google_cloud_identity_group_membership: 3 diff --git a/tests/modules/cloud_identity_group/fixture/main.tf b/tests/modules/cloud_identity_group/fixture/main.tf deleted file mode 100644 index 98a2a74721..0000000000 --- a/tests/modules/cloud_identity_group/fixture/main.tf +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/cloud-identity-group" - name = var.name - display_name = var.display_name - description = var.description - customer_id = var.customer_id - managers = var.managers - members = var.members -} diff --git a/tests/modules/cloud_identity_group/fixture/variables.tf b/tests/modules/cloud_identity_group/fixture/variables.tf deleted file mode 100644 index c18b2497a9..0000000000 --- a/tests/modules/cloud_identity_group/fixture/variables.tf +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "display_name" { - type = string - default = "display name" -} - -variable "name" { - type = string - default = "my-group@example.com" -} - -variable "description" { - type = string - default = null -} - -variable "customer_id" { - type = string - default = "customers/C01234567" -} - -variable "managers" { - type = list(string) - default = [] -} - -variable "members" { - type = list(string) - default = [] -} diff --git a/tests/modules/cloud_identity_group/test_plan.py b/tests/modules/cloud_identity_group/test_plan.py deleted file mode 100644 index a571bfc27b..0000000000 --- a/tests/modules/cloud_identity_group/test_plan.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from collections import Counter - - -def test_group(plan_runner): - "Test group." - _, resources = plan_runner() - assert len(resources) == 1 - r = resources[0] - assert r['type'] == 'google_cloud_identity_group' - assert r['values']['display_name'] == 'display name' - assert r['values']['group_key'][0]['id'] == 'my-group@example.com' - assert r['values']['parent'] == 'customers/C01234567' - - -def test_members(plan_runner): - "Test group members." - members = '["member@example.com"]' - _, resources = plan_runner(members=members) - - resource_types = Counter([r['type'] for r in resources]) - assert resource_types == { - 'google_cloud_identity_group': 1, - 'google_cloud_identity_group_membership': 1, - } - - values = next(r['values'] for r in resources if r['name'] == 'members') - assert values['preferred_member_key'][0]['id'] == 'member@example.com' - assert [role['name'] for role in values['roles']] == ['MEMBER'] diff --git a/tests/modules/cloudsql_instance/examples/custom.yaml b/tests/modules/cloudsql_instance/examples/custom.yaml new file mode 100644 index 0000000000..7130fe209b --- /dev/null +++ b/tests/modules/cloudsql_instance/examples/custom.yaml @@ -0,0 +1,59 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.db.google_sql_database.databases["departments"]: + deletion_policy: DELETE + instance: db + name: departments + project: project-id + module.db.google_sql_database.databases["people"]: + deletion_policy: DELETE + instance: db + name: people + project: project-id + module.db.google_sql_database_instance.primary: {} + module.db.google_sql_user.users["user1"]: + deletion_policy: null + instance: db + name: user1 + password_policy: [] + project: project-id + type: null + module.db.google_sql_user.users["user2"]: + deletion_policy: null + instance: db + name: user2 + password_policy: [] + project: project-id + type: null + module.db.random_password.passwords["user1"]: + keepers: null + length: 16 + lower: true + min_lower: 0 + min_numeric: 0 + min_special: 0 + min_upper: 0 + number: true + numeric: true + override_special: null + special: true + upper: true + +counts: + google_sql_database: 2 + google_sql_database_instance: 1 + google_sql_user: 2 + modules: 1 diff --git a/tests/modules/cloudsql_instance/examples/public-ip.yaml b/tests/modules/cloudsql_instance/examples/public-ip.yaml new file mode 100644 index 0000000000..7d832c53d0 --- /dev/null +++ b/tests/modules/cloudsql_instance/examples/public-ip.yaml @@ -0,0 +1,91 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.db.google_sql_database_instance.primary: + database_version: MYSQL_8_0 + name: db + project: project-id + region: europe-west1 + restore_backup_context: [] + settings: + - activation_policy: ALWAYS + active_directory_config: [] + availability_type: ZONAL + backup_configuration: + - backup_retention_settings: + - retained_backups: 7 + retention_unit: COUNT + binary_log_enabled: true + enabled: true + location: null + point_in_time_recovery_enabled: null + start_time: '23:00' + transaction_log_retention_days: 7 + collation: null + database_flags: [] + deletion_protection_enabled: null + deny_maintenance_period: [] + disk_autoresize: true + disk_autoresize_limit: 0 + disk_type: PD_SSD + insights_config: [] + ip_configuration: + - allocated_ip_range: null + authorized_networks: [] + enable_private_path_for_google_cloud_services: null + ipv4_enabled: true + private_network: projects/xxx/global/networks/aaa + require_ssl: null + maintenance_window: [] + password_validation_policy: [] + pricing_plan: PER_USE + sql_server_audit_config: [] + tier: db-g1-small + time_zone: null + module.db.google_sql_database_instance.replicas["replica1"]: + database_version: MYSQL_8_0 + master_instance_name: db + name: replica1 + project: project-id + region: europe-west3 + settings: + - activation_policy: ALWAYS + active_directory_config: [] + availability_type: ZONAL + collation: null + database_flags: [] + deletion_protection_enabled: null + deny_maintenance_period: [] + disk_autoresize: true + disk_autoresize_limit: 0 + disk_type: PD_SSD + insights_config: [] + ip_configuration: + - allocated_ip_range: null + authorized_networks: [] + enable_private_path_for_google_cloud_services: null + ipv4_enabled: true + private_network: projects/xxx/global/networks/aaa + require_ssl: null + maintenance_window: [] + password_validation_policy: [] + pricing_plan: PER_USE + sql_server_audit_config: [] + tier: db-g1-small + time_zone: null + timeouts: null + +counts: + google_sql_database_instance: 2 diff --git a/tests/modules/cloudsql_instance/examples/replicas.yaml b/tests/modules/cloudsql_instance/examples/replicas.yaml new file mode 100644 index 0000000000..1ed30f9bc9 --- /dev/null +++ b/tests/modules/cloudsql_instance/examples/replicas.yaml @@ -0,0 +1,38 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.db.google_sql_database_instance.primary: + clone: [] + database_version: POSTGRES_13 + name: myprefix-db + project: project-id + region: europe-west1 + module.db.google_sql_database_instance.replicas["replica1"]: + clone: [] + database_version: POSTGRES_13 + master_instance_name: myprefix-db + name: myprefix-replica1 + project: project-id + region: europe-west3 + module.db.google_sql_database_instance.replicas["replica2"]: + clone: [] + database_version: POSTGRES_13 + master_instance_name: myprefix-db + name: myprefix-replica2 + project: project-id + region: us-central1 + +counts: + google_sql_database_instance: 3 diff --git a/tests/modules/cloudsql_instance/examples/simple.yaml b/tests/modules/cloudsql_instance/examples/simple.yaml new file mode 100644 index 0000000000..b397408ab3 --- /dev/null +++ b/tests/modules/cloudsql_instance/examples/simple.yaml @@ -0,0 +1,48 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.db.google_sql_database_instance.primary: + clone: [] + database_version: POSTGRES_13 + name: db + project: my-db-project + region: europe-west1 + settings: + - activation_policy: ALWAYS + active_directory_config: [] + availability_type: ZONAL + collation: null + database_flags: [] + deletion_protection_enabled: null + deny_maintenance_period: [] + disk_autoresize: true + disk_autoresize_limit: 0 + disk_type: PD_SSD + insights_config: [] + ip_configuration: + - allocated_ip_range: null + authorized_networks: [] + enable_private_path_for_google_cloud_services: null + ipv4_enabled: false + require_ssl: null + maintenance_window: [] + password_validation_policy: [] + pricing_plan: PER_USE + sql_server_audit_config: [] + tier: db-g1-small + time_zone: null + +counts: + google_sql_database_instance: 1 diff --git a/tests/modules/cloudsql_instance/fixture/main.tf b/tests/modules/cloudsql_instance/fixture/main.tf deleted file mode 100644 index cb5cc02581..0000000000 --- a/tests/modules/cloudsql_instance/fixture/main.tf +++ /dev/null @@ -1,38 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/cloudsql-instance" - project_id = "my-project" - authorized_networks = var.authorized_networks - availability_type = var.availability_type - backup_configuration = var.backup_configuration - database_version = var.database_version - databases = var.databases - disk_size = var.disk_size - disk_type = var.disk_type - flags = var.flags - labels = var.labels - name = var.name - network = var.network - prefix = var.prefix - region = var.region - replicas = var.replicas - users = var.users - tier = var.tier - deletion_protection = var.deletion_protection - ipv4_enabled = var.ipv4_enabled -} diff --git a/tests/modules/cloudsql_instance/fixture/variables.tf b/tests/modules/cloudsql_instance/fixture/variables.tf deleted file mode 100644 index 4f98386559..0000000000 --- a/tests/modules/cloudsql_instance/fixture/variables.tf +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "authorized_networks" { - type = map(string) - default = null -} - -variable "availability_type" { - type = string - default = "ZONAL" -} - -variable "backup_configuration" { - type = object({ - enabled = bool - binary_log_enabled = bool - start_time = string - location = string - log_retention_days = number - retention_count = number - }) - default = { - enabled = false - binary_log_enabled = false - start_time = "23:00" - location = "EU" - log_retention_days = 7 - retention_count = 7 - } -} - -variable "database_version" { - type = string - default = "POSTGRES_13" -} - -variable "databases" { - type = list(string) - default = null -} - -variable "disk_size" { - type = number - default = null -} - -variable "disk_type" { - type = string - default = "PD_SSD" -} - -variable "flags" { - type = map(string) - default = null -} - -variable "labels" { - type = map(string) - default = null -} - -variable "name" { - type = string - default = "db" -} - -variable "network" { - type = string - default = "projects/xxx/global/networks/yyy" -} - -variable "prefix" { - type = string - default = null -} - -variable "region" { - type = string - default = "europe-west1" -} - -variable "replicas" { - type = any - default = null -} - -variable "users" { - type = map(string) - default = null -} - -variable "tier" { - type = string - default = "db-g1-small" -} - -variable "deletion_protection" { - type = bool - default = false -} - -variable "ipv4_enabled" { - type = bool - default = false -} diff --git a/tests/modules/cloudsql_instance/test_plan.py b/tests/modules/cloudsql_instance/test_plan.py deleted file mode 100644 index 72d31daddd..0000000000 --- a/tests/modules/cloudsql_instance/test_plan.py +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from collections import Counter - - -def test_simple_instance(plan_runner): - "Test standalone instance." - - _, resources = plan_runner() - assert len(resources) == 1 - r = resources[0] - assert r['values']['project'] == 'my-project' - assert r['values']['name'] == 'db' - assert r['values']['region'] == 'europe-west1' - - -def test_prefix(plan_runner): - "Test instance prefix." - - _, resources = plan_runner(prefix="prefix") - assert len(resources) == 1 - r = resources[0] - assert r['values']['name'] == 'prefix-db' - - replicas = """{ - replica1 = { region = "europe-west3", encryption_key_name = null } - replica2 = { region = "us-central1", encryption_key_name = null } - }""" - - _, resources = plan_runner(prefix="prefix") - assert len(resources) == 1 - r = resources[0] - assert r['values']['name'] == 'prefix-db' - - -def test_replicas(plan_runner): - "Test replicated instance." - - replicas = """{ - replica1 = { region = "europe-west3", encryption_key_name = null } - replica2 = { region = "us-central1", encryption_key_name = null } - }""" - - _, resources = plan_runner(replicas=replicas, prefix="prefix") - assert len(resources) == 3 - - primary = [r for r in resources if r['name'] == 'primary'][0] - replica1 = [ - r for r in resources - if r['name'] == 'replicas' and r['index'] == 'replica1' - ][0] - replica2 = [ - r for r in resources - if r['name'] == 'replicas' and r['index'] == 'replica2' - ][0] - - assert replica1['values']['name'] == 'prefix-replica1' - assert replica2['values']['name'] == 'prefix-replica2' - - assert replica1['values']['master_instance_name'] == 'prefix-db' - assert replica2['values']['master_instance_name'] == 'prefix-db' - - assert replica1['values']['region'] == 'europe-west3' - assert replica2['values']['region'] == 'us-central1' - - -def test_mysql_replicas_enables_backup(plan_runner): - "Test MySQL backup setup with replicas." - - replicas = """{ - replica1 = { region = "europe-west3", encryption_key_name = null } - }""" - _, resources = plan_runner(replicas=replicas, database_version="MYSQL_8_0") - assert len(resources) == 2 - primary = [r for r in resources if r['name'] == 'primary'][0] - backup_config = primary['values']['settings'][0]['backup_configuration'][0] - assert backup_config['enabled'] - assert backup_config['binary_log_enabled'] - - -def test_mysql_binary_log_for_regional(plan_runner): - "Test that the binary log will be enabled for regional MySQL DBs." - - _, resources = plan_runner(database_version="MYSQL_8_0", availability_type="REGIONAL") - assert len(resources) == 1 - primary = [r for r in resources if r['name'] == 'primary'][0] - backup_config = primary['values']['settings'][0]['backup_configuration'][0] - assert backup_config['enabled'] - assert backup_config['binary_log_enabled'] - - -def test_users(plan_runner): - "Test user creation." - - users = """{ - user1 = "123" - user2 = null - }""" - - _, resources = plan_runner(users=users) - types = Counter(r['type'] for r in resources) - assert types == { - 'google_sql_user': 2, - 'google_sql_database_instance': 1, - 'random_password': 1 - } - - -def test_databases(plan_runner): - "Test database creation." - - databases = '["db1", "db2"]' - _, resources = plan_runner(databases=databases) - - resources = [r for r in resources if r['type'] == 'google_sql_database'] - assert len(resources) == 2 - assert all(r['values']['instance'] == "db" for r in resources) - assert sorted(r['values']['name'] for r in resources) == ["db1", "db2"] - - -def test_simple_instance_ipv4_enable(plan_runner): - "Test instance ipv4_enabled." - - _, resources = plan_runner(ipv4_enabled="true") - assert len(resources) == 1 - assert resources[0]['values']['settings'][0]['ip_configuration'][0]['ipv4_enabled'] - - -def test_replicas_ipv4_enable(plan_runner): - "Test replicas ipv4_enabled." - - replicas = """{ - replica1 = { region = "europe-west3", encryption_key_name = null } - }""" - - _, resources = plan_runner(replicas=replicas, ipv4_enabled="true") - - assert len(resources) == 2 - assert all([r['values']['settings'][0]['ip_configuration'][0]['ipv4_enabled'] for r in resources]) - diff --git a/tests/modules/container_registry/examples/simple.yaml b/tests/modules/container_registry/examples/simple.yaml new file mode 100644 index 0000000000..093584f244 --- /dev/null +++ b/tests/modules/container_registry/examples/simple.yaml @@ -0,0 +1,27 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.container_registry.google_container_registry.registry: + location: EU + project: myproject + module.container_registry.google_storage_bucket_iam_binding.bindings["roles/storage.admin"]: + condition: [] + members: + - group:cicd@example.com + role: roles/storage.admin + +counts: + google_container_registry: 1 + google_storage_bucket_iam_binding: 1 diff --git a/tests/modules/container_registry/fixture/main.tf b/tests/modules/container_registry/fixture/main.tf deleted file mode 100644 index 52866b54eb..0000000000 --- a/tests/modules/container_registry/fixture/main.tf +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/container-registry" - project_id = "my-project" - location = var.location - iam = { - "roles/storage.admin" = ["user:me@example.com"] - } -} diff --git a/tests/modules/container_registry/fixture/variables.tf b/tests/modules/container_registry/fixture/variables.tf deleted file mode 100644 index c76b088984..0000000000 --- a/tests/modules/container_registry/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "location" { - type = string - default = "EU" -} diff --git a/tests/modules/endpoints/__init__.py b/tests/modules/endpoints/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/endpoints/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/endpoints/examples/simple.yaml b/tests/modules/endpoints/examples/simple.yaml new file mode 100644 index 0000000000..52ab844dbc --- /dev/null +++ b/tests/modules/endpoints/examples/simple.yaml @@ -0,0 +1,32 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.endpoint.google_endpoints_service.default: + openapi_config: "# tftest-file id=openapi path=configs/endpoints/openapi.yaml\n\ + swagger: \"2.0\"\ninfo:\n description: \"A simple Google Cloud Endpoints API\ + \ example.\"\n title: \"Endpoints Example\"\n version: \"1.0.0\"\nhost: \"\ + echo-api.endpoints.YOUR-PROJECT-ID.cloud.goog\"\n" + project: my-project + service_name: YOUR-API.endpoints.YOUR-PROJECT-ID.cloud.goog + module.endpoint.google_endpoints_service_iam_binding.default["servicemanagement.serviceController"]: + condition: [] + members: + - serviceAccount:123456890-compute@developer.gserviceaccount.com + role: servicemanagement.serviceController + service_name: YOUR-API.endpoints.YOUR-PROJECT-ID.cloud.goog + +counts: + google_endpoints_service: 1 + google_endpoints_service_iam_binding: 1 diff --git a/tests/modules/endpoints/fixture/main.tf b/tests/modules/endpoints/fixture/main.tf deleted file mode 100644 index 39694298f3..0000000000 --- a/tests/modules/endpoints/fixture/main.tf +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/endpoints" - project_id = "my-project" - service_name = var.service_name - openapi_config = { "yaml_path" = "openapi.yaml" } - iam = { - "roles/servicemanagement.serviceController" = ["user:me@example.com"] - } -} diff --git a/tests/modules/endpoints/fixture/openapi.yaml b/tests/modules/endpoints/fixture/openapi.yaml deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/endpoints/fixture/openapi.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/endpoints/fixture/variables.tf b/tests/modules/endpoints/fixture/variables.tf deleted file mode 100644 index 6efe07c3f8..0000000000 --- a/tests/modules/endpoints/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "service_name" { - type = string - default = "foo.endpoints.test.cloud.goog" -} diff --git a/tests/modules/logging_bucket/__init__.py b/tests/modules/logging_bucket/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/logging_bucket/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/container_registry/test_plan.py b/tests/modules/logging_bucket/examples/org-ba.yaml similarity index 51% rename from tests/modules/container_registry/test_plan.py rename to tests/modules/logging_bucket/examples/org-ba.yaml index abaf45781f..21ef2c4c46 100644 --- a/tests/modules/container_registry/test_plan.py +++ b/tests/modules/logging_bucket/examples/org-ba.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,23 +12,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -import pytest +values: + module.bucket-billing-account.google_logging_billing_account_bucket_config.bucket[0]: + billing_account: '012345' + bucket_id: mybucket + location: global + retention_days: 30 + module.bucket-organization.google_logging_organization_bucket_config.bucket[0]: + bucket_id: mybucket + location: global + organization: organizations/012345 + retention_days: 30 - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 2 - - -def test_iam(resources): - "Test IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_storage_bucket_iam_binding'] - assert len(bindings) == 1 - assert bindings[0]['role'] == 'roles/storage.admin' +counts: + google_logging_billing_account_bucket_config: 1 + google_logging_organization_bucket_config: 1 diff --git a/tests/modules/cloudsql_instance/__init__.py b/tests/modules/logging_bucket/examples/project.yaml similarity index 69% rename from tests/modules/cloudsql_instance/__init__.py rename to tests/modules/logging_bucket/examples/project.yaml index 6d6d1266c3..d7bbcd6c5d 100644 --- a/tests/modules/cloudsql_instance/__init__.py +++ b/tests/modules/logging_bucket/examples/project.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,3 +11,13 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +values: + module.bucket.google_logging_project_bucket_config.bucket[0]: + bucket_id: mybucket + location: global + project: project-id + retention_days: 30 + +counts: + google_logging_project_bucket_config: 1 diff --git a/tests/modules/logging_bucket/examples/retention.yaml b/tests/modules/logging_bucket/examples/retention.yaml new file mode 100644 index 0000000000..97de4b1b34 --- /dev/null +++ b/tests/modules/logging_bucket/examples/retention.yaml @@ -0,0 +1,26 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket-default.google_logging_folder_bucket_config.bucket[0]: + bucket_id: _Default + location: global + retention_days: 10 + module.folder.google_folder.folder[0]: + display_name: my folder + parent: folders/657104291943 + +counts: + google_folder: 1 + google_logging_folder_bucket_config: 1 diff --git a/tests/modules/logging_bucket/fixture/main.tf b/tests/modules/logging_bucket/fixture/main.tf deleted file mode 100644 index 25ddc22993..0000000000 --- a/tests/modules/logging_bucket/fixture/main.tf +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/logging-bucket" - parent_type = var.parent_type - parent = var.parent - id = var.id - retention = var.retention - location = var.location -} diff --git a/tests/modules/logging_bucket/fixture/variables.tf b/tests/modules/logging_bucket/fixture/variables.tf deleted file mode 100644 index bfb80a1881..0000000000 --- a/tests/modules/logging_bucket/fixture/variables.tf +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "parent" { - type = string -} - -variable "parent_type" { - type = string - validation { - condition = contains(["project", "folder", "organization", "billing_account"], var.parent_type) - error_message = "Parent type must be project, folder, organization or billing_account." - } -} - -variable "location" { - type = string - default = "global" -} - -variable "id" { - type = string - default = "mybucket" -} - -variable "retention" { - type = number - default = 30 -} diff --git a/tests/modules/logging_bucket/test_plan.py b/tests/modules/logging_bucket/test_plan.py deleted file mode 100644 index 97e9c8c503..0000000000 --- a/tests/modules/logging_bucket/test_plan.py +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_project_logging_bucket(plan_runner): - "Test project logging bucket." - _, resources = plan_runner(parent_type="project", parent="myproject") - assert len(resources) == 1 - - resource = resources[0] - assert resource["type"] == "google_logging_project_bucket_config" - assert resource["values"] == { - "bucket_id": "mybucket", - "cmek_settings": [], - "enable_analytics": None, - "project": "myproject", - "location": "global", - "retention_days": 30, - } - - -def test_folder_logging_bucket(plan_runner): - "Test project logging bucket." - _, resources = plan_runner(parent_type="folder", parent="folders/0123456789") - assert len(resources) == 1 - - resource = resources[0] - assert resource["type"] == "google_logging_folder_bucket_config" - assert resource["values"] == { - "bucket_id": "mybucket", - "cmek_settings": [], - "folder": "folders/0123456789", - "location": "global", - "retention_days": 30, - } - - -def test_organization_logging_bucket(plan_runner): - "Test project logging bucket." - _, resources = plan_runner(parent_type="organization", - parent="organizations/0123456789") - assert len(resources) == 1 - - resource = resources[0] - assert resource["type"] == "google_logging_organization_bucket_config" - assert resource["values"] == { - "bucket_id": "mybucket", - "cmek_settings": [], - "organization": "organizations/0123456789", - "location": "global", - "retention_days": 30, - } - - -def test_billing_account_logging_bucket(plan_runner): - "Test project logging bucket." - _, resources = plan_runner(parent_type="billing_account", parent="0123456789") - assert len(resources) == 1 - - resource = resources[0] - assert resource["type"] == "google_logging_billing_account_bucket_config" - assert resource["values"] == { - "bucket_id": "mybucket", - "cmek_settings": [], - "billing_account": "0123456789", - "location": "global", - "retention_days": 30, - } diff --git a/tests/modules/pubsub/__init__.py b/tests/modules/pubsub/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/pubsub/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/pubsub/examples/bigquery-subscription.yaml b/tests/modules/pubsub/examples/bigquery-subscription.yaml new file mode 100644 index 0000000000..c0c20e748b --- /dev/null +++ b/tests/modules/pubsub/examples/bigquery-subscription.yaml @@ -0,0 +1,31 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.pubsub.google_pubsub_subscription.default["test-bigquery"]: + bigquery_config: + - drop_unknown_fields: true + table: my_project_id:my_dataset.my_table + use_topic_schema: true + write_metadata: false + name: test-bigquery + project: my-project + topic: my-topic + module.pubsub.google_pubsub_topic.default: + name: my-topic + project: my-project + +counts: + google_pubsub_subscription: 1 + google_pubsub_topic: 1 diff --git a/tests/modules/pubsub/examples/push-subscription.yaml b/tests/modules/pubsub/examples/push-subscription.yaml new file mode 100644 index 0000000000..efa3cc1b2f --- /dev/null +++ b/tests/modules/pubsub/examples/push-subscription.yaml @@ -0,0 +1,30 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.pubsub.google_pubsub_subscription.default["test-push"]: + name: test-push + project: my-project + push_config: + - attributes: null + oidc_token: [] + push_endpoint: https://example.com/foo + topic: my-topic + module.pubsub.google_pubsub_topic.default: + name: my-topic + project: my-project + +counts: + google_pubsub_subscription: 1 + google_pubsub_topic: 1 diff --git a/tests/modules/endpoints/test_plan.py b/tests/modules/pubsub/examples/schema.yaml similarity index 50% rename from tests/modules/endpoints/test_plan.py rename to tests/modules/pubsub/examples/schema.yaml index b62a8317f4..7021d110a0 100644 --- a/tests/modules/endpoints/test_plan.py +++ b/tests/modules/pubsub/examples/schema.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,23 +12,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -import pytest +values: + module.topic_with_schema.google_pubsub_schema.default[0]: + definition: '{"fields":[{"name":"StringField","type":"string"},{"name":"FloatField","type":"float"},{"name":"BooleanField","type":"boolean"}],"name":"Avro","type":"record"}' + name: my-topic-schema + project: my-project + type: AVRO + module.topic_with_schema.google_pubsub_topic.default: + name: my-topic + project: my-project + schema_settings: + - encoding: JSON - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 2 - - -def test_iam(resources): - "Test IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_endpoints_service_iam_binding'] - assert len(bindings) == 1 - assert bindings[0]['role'] == 'roles/servicemanagement.serviceController' +counts: + google_pubsub_schema: 1 + google_pubsub_topic: 1 diff --git a/tests/modules/pubsub/examples/simple.yaml b/tests/modules/pubsub/examples/simple.yaml new file mode 100644 index 0000000000..51094a51e5 --- /dev/null +++ b/tests/modules/pubsub/examples/simple.yaml @@ -0,0 +1,36 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.pubsub.google_pubsub_topic.default: + name: my-topic + project: my-project + module.pubsub.google_pubsub_topic_iam_binding.default["roles/pubsub.subscriber"]: + condition: [] + members: + - user:user1@example.com + project: my-project + role: roles/pubsub.subscriber + topic: my-topic + module.pubsub.google_pubsub_topic_iam_binding.default["roles/pubsub.viewer"]: + condition: [] + members: + - group:foo@example.com + project: my-project + role: roles/pubsub.viewer + topic: my-topic + +counts: + google_pubsub_topic: 1 + google_pubsub_topic_iam_binding: 2 diff --git a/tests/modules/pubsub/examples/subscription-iam.yaml b/tests/modules/pubsub/examples/subscription-iam.yaml new file mode 100644 index 0000000000..d0fa9fb62b --- /dev/null +++ b/tests/modules/pubsub/examples/subscription-iam.yaml @@ -0,0 +1,27 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.pubsub.google_pubsub_subscription_iam_binding.default["test-1.roles/pubsub.subscriber"]: + condition: [] + members: + - user:user1@ludomagno.net + project: my-project + role: roles/pubsub.subscriber + subscription: test-1 + +counts: + google_pubsub_subscription: 1 + google_pubsub_subscription_iam_binding: 1 + google_pubsub_topic: 1 diff --git a/tests/modules/pubsub/examples/subscriptions.yaml b/tests/modules/pubsub/examples/subscriptions.yaml new file mode 100644 index 0000000000..a87a6d4756 --- /dev/null +++ b/tests/modules/pubsub/examples/subscriptions.yaml @@ -0,0 +1,51 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.pubsub.google_pubsub_subscription.default["test-pull"]: + bigquery_config: [] + dead_letter_policy: [] + enable_exactly_once_delivery: null + enable_message_ordering: null + filter: null + labels: null + message_retention_duration: 604800s + name: test-pull + project: my-project + push_config: [] + retain_acked_messages: null + retry_policy: [] + topic: my-topic + module.pubsub.google_pubsub_subscription.default["test-pull-override"]: + bigquery_config: [] + dead_letter_policy: [] + enable_exactly_once_delivery: null + enable_message_ordering: null + filter: null + labels: + test: override + message_retention_duration: 604800s + name: test-pull-override + project: my-project + push_config: [] + retain_acked_messages: true + retry_policy: [] + topic: my-topic + module.pubsub.google_pubsub_topic.default: + name: my-topic + project: my-project + +counts: + google_pubsub_subscription: 2 + google_pubsub_topic: 1 diff --git a/tests/modules/pubsub/fixture/main.tf b/tests/modules/pubsub/fixture/main.tf deleted file mode 100644 index ef06820626..0000000000 --- a/tests/modules/pubsub/fixture/main.tf +++ /dev/null @@ -1,34 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/pubsub" - project_id = "my-project" - regions = ["europe-west1"] - name = "test" - iam = { - "roles/pubsub.publisher" = ["user:me@example.com"] - } - subscriptions = { - test = null - } - subscription_iam = { - test = { - "roles/pubsub.subscriber" = ["user:me@example.com"] - } - } - labels = var.labels -} diff --git a/tests/modules/pubsub/fixture/variables.tf b/tests/modules/pubsub/fixture/variables.tf deleted file mode 100644 index 8371c619f8..0000000000 --- a/tests/modules/pubsub/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "labels" { - type = map(string) - default = {} -} diff --git a/tests/modules/pubsub/test_plan.py b/tests/modules/pubsub/test_plan.py deleted file mode 100644 index 9fc2ac14a4..0000000000 --- a/tests/modules/pubsub/test_plan.py +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 4 - - -def test_iam(resources): - "Test IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_pubsub_topic_iam_binding'] - assert len(bindings) == 1 - assert bindings[0]['role'] == 'roles/pubsub.publisher' - - -def test_subscriptions(resources): - "Test subscription resources." - subs = [r['values'] for r in resources if r['type'] - == 'google_pubsub_subscription'] - assert len(subs) == 1 - assert set(s['name'] for s in subs) == set(['test']) - - -def test_subscription_iam(resources): - "Test subscription IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_pubsub_subscription_iam_binding'] - assert len(bindings) == 1 - assert set(b['role'] for b in bindings) == set(['roles/pubsub.subscriber']) diff --git a/tests/modules/secret_manager/__init__.py b/tests/modules/secret_manager/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/secret_manager/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/secret_manager/examples/iam.yaml b/tests/modules/secret_manager/examples/iam.yaml new file mode 100644 index 0000000000..98fae344ef --- /dev/null +++ b/tests/modules/secret_manager/examples/iam.yaml @@ -0,0 +1,46 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.secret-manager.google_secret_manager_secret.default["test-auto"]: + project: my-project + replication: + - automatic: true + user_managed: [] + secret_id: test-auto + module.secret-manager.google_secret_manager_secret.default["test-manual"]: + project: my-project + replication: + - automatic: null + user_managed: + - replicas: + - customer_managed_encryption: [] + location: europe-west1 + - customer_managed_encryption: [] + location: europe-west4 + secret_id: test-manual + module.secret-manager.google_secret_manager_secret_iam_binding.default["test-auto.roles/secretmanager.secretAccessor"]: + condition: [] + members: + - group:auto-readers@example.com + role: roles/secretmanager.secretAccessor + module.secret-manager.google_secret_manager_secret_iam_binding.default["test-manual.roles/secretmanager.secretAccessor"]: + condition: [] + members: + - group:manual-readers@example.com + role: roles/secretmanager.secretAccessor + +counts: + google_secret_manager_secret: 2 + google_secret_manager_secret_iam_binding: 2 diff --git a/tests/modules/secret_manager/examples/versions.yaml b/tests/modules/secret_manager/examples/versions.yaml new file mode 100644 index 0000000000..6fbf6ad32b --- /dev/null +++ b/tests/modules/secret_manager/examples/versions.yaml @@ -0,0 +1,28 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.secret-manager.google_secret_manager_secret_version.default["test-auto:v1"]: + enabled: false + secret_data: auto foo bar baz + module.secret-manager.google_secret_manager_secret_version.default["test-auto:v2"]: + enabled: true + secret_data: auto foo bar spam + module.secret-manager.google_secret_manager_secret_version.default["test-manual:v1"]: + enabled: true + secret_data: manual foo bar spam + +counts: + google_secret_manager_secret: 2 + google_secret_manager_secret_version: 3 diff --git a/tests/modules/secret_manager/fixture/main.tf b/tests/modules/secret_manager/fixture/main.tf deleted file mode 100644 index 294504c76d..0000000000 --- a/tests/modules/secret_manager/fixture/main.tf +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/secret-manager" - project_id = "my-project" - iam = { - secret-1 = { - "roles/secretmanager.secretAccessor" = [ - "serviceAccount:service-account.example.com" - ] - } - secret-2 = { - "roles/secretmanager.viewer" = [ - "serviceAccount:service-account.example.com" - ] - } - } - secrets = { - secret-1 = ["europe-west1"], - secret-2 = null - } - versions = { - secret-1 = { - foobar = { enabled = true, data = "foobar" } - } - } - labels = var.labels -} diff --git a/tests/modules/secret_manager/fixture/variables.tf b/tests/modules/secret_manager/fixture/variables.tf deleted file mode 100644 index ce6f5559bc..0000000000 --- a/tests/modules/secret_manager/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "labels" { - type = map(map(string)) - default = {} -} diff --git a/tests/modules/secret_manager/test_plan.py b/tests/modules/secret_manager/test_plan.py deleted file mode 100644 index c7d5e4d923..0000000000 --- a/tests/modules/secret_manager/test_plan.py +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 5 - - -def test_secret_iam(resources): - "Test secret IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_secret_manager_secret_iam_binding'] - assert len(bindings) == 2 - assert set(b['role'] for b in bindings) == set([ - 'roles/secretmanager.secretAccessor', 'roles/secretmanager.viewer' - ]) diff --git a/tests/modules/service_directory/__init__.py b/tests/modules/service_directory/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/service_directory/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/service_directory/examples/dns.yaml b/tests/modules/service_directory/examples/dns.yaml new file mode 100644 index 0000000000..57d49fbb33 --- /dev/null +++ b/tests/modules/service_directory/examples/dns.yaml @@ -0,0 +1,35 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.dns-sd.google_dns_managed_zone.non-public[0]: + dns_name: apps.example.org. + visibility: private + module.service-directory.google_service_directory_endpoint.default["app1/one"]: + address: 127.0.0.1 + endpoint_id: one + port: 80 + module.service-directory.google_service_directory_namespace.default: + location: europe-west1 + namespace_id: apps + project: my-project + module.service-directory.google_service_directory_service.default["app1"]: + service_id: app1 + +counts: + google_dns_managed_zone: 1 + google_service_directory_endpoint: 1 + google_service_directory_namespace: 1 + google_service_directory_namespace_iam_binding: 1 + google_service_directory_service: 1 diff --git a/tests/modules/service_directory/examples/services.yaml b/tests/modules/service_directory/examples/services.yaml new file mode 100644 index 0000000000..72b776570b --- /dev/null +++ b/tests/modules/service_directory/examples/services.yaml @@ -0,0 +1,36 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.service-directory.google_service_directory_endpoint.default["one/first"]: + address: 127.0.0.1 + endpoint_id: first + port: 80 + module.service-directory.google_service_directory_endpoint.default["one/second"]: + address: 127.0.0.2 + endpoint_id: second + port: 80 + module.service-directory.google_service_directory_namespace.default: + location: europe-west1 + namespace_id: sd-1 + project: my-project + module.service-directory.google_service_directory_service.default["one"]: + metadata: null + service_id: one + +counts: + google_service_directory_endpoint: 2 + google_service_directory_namespace: 1 + google_service_directory_service: 1 + google_service_directory_service_iam_binding: 1 diff --git a/tests/modules/service_directory/examples/simple.yaml b/tests/modules/service_directory/examples/simple.yaml new file mode 100644 index 0000000000..b14a61ea99 --- /dev/null +++ b/tests/modules/service_directory/examples/simple.yaml @@ -0,0 +1,33 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.service-directory.google_service_directory_namespace.default: + labels: null + location: europe-west1 + namespace_id: sd-1 + project: my-project + module.service-directory.google_service_directory_namespace_iam_binding.default["roles/servicedirectory.editor"]: + condition: [] + members: + - serviceAccount:namespace-editor@example.com + role: roles/servicedirectory.editor + +counts: + google_service_directory_namespace: 1 + google_service_directory_namespace_iam_binding: 1 + modules: 1 + resources: 2 + +outputs: {} diff --git a/tests/modules/service_directory/fixture/main.tf b/tests/modules/service_directory/fixture/main.tf deleted file mode 100644 index 007947789a..0000000000 --- a/tests/modules/service_directory/fixture/main.tf +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/service-directory" - project_id = "my-project" - location = "europe-west1" - name = "ns-test" - iam = { - "roles/servicedirectory.viewer" = [ - "serviceAccount:service-editor.example.com" - ] - } - services = { - srv-one = { - endpoints = ["alpha", "beta"] - metadata = null - } - srv-two = { - endpoints = ["alpha"] - metadata = null - } - } - service_iam = { - srv-one = { - "roles/servicedirectory.editor" = [ - "serviceAccount:service-editor.example.com" - ] - } - srv-two = { - "roles/servicedirectory.admin" = [ - "serviceAccount:service-editor.example.com" - ] - } - } - endpoint_config = { - "srv-one/alpha" = { address = "127.0.0.1", port = 80, metadata = {} } - "srv-one/beta" = { address = "127.0.0.2", port = 80, metadata = {} } - "srv-two/alpha" = { address = "127.0.0.3", port = 80, metadata = {} } - } - labels = var.labels -} diff --git a/tests/modules/service_directory/fixture/variables.tf b/tests/modules/service_directory/fixture/variables.tf deleted file mode 100644 index 8371c619f8..0000000000 --- a/tests/modules/service_directory/fixture/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "labels" { - type = map(string) - default = {} -} diff --git a/tests/modules/service_directory/test_plan.py b/tests/modules/service_directory/test_plan.py deleted file mode 100644 index 7c218dae45..0000000000 --- a/tests/modules/service_directory/test_plan.py +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture -def resources(plan_runner): - _, resources = plan_runner() - return resources - - -def test_resource_count(resources): - "Test number of resources created." - assert len(resources) == 9 - - -def test_iam(resources): - "Test IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_service_directory_namespace_iam_binding'] - assert len(bindings) == 1 - assert bindings[0]['role'] == 'roles/servicedirectory.viewer' - - -def test_services(resources): - "Test service resources." - services = [r['values'] for r in resources if r['type'] - == 'google_service_directory_service'] - assert len(services) == 2 - assert set(s['service_id'] for s in services) == set(['srv-one', 'srv-two']) - - -def test_service_iam(resources): - "Test service IAM binding resources." - bindings = [r['values'] for r in resources if r['type'] - == 'google_service_directory_service_iam_binding'] - assert len(bindings) == 2 - assert set(b['role'] for b in bindings) == set([ - 'roles/servicedirectory.admin', 'roles/servicedirectory.editor' - ]) diff --git a/tests/modules/source_repository/__init__.py b/tests/modules/source_repository/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/source_repository/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/source_repository/examples/simple.yaml b/tests/modules/source_repository/examples/simple.yaml new file mode 100644 index 0000000000..41d6aea640 --- /dev/null +++ b/tests/modules/source_repository/examples/simple.yaml @@ -0,0 +1,30 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.repo.google_sourcerepo_repository.default: + name: my-repo + project: my-project + pubsub_configs: [] + module.repo.google_sourcerepo_repository_iam_binding.authoritative["roles/source.reader"]: + condition: [] + members: + - user:foo@example.com + project: my-project + repository: my-repo + role: roles/source.reader + +counts: + google_sourcerepo_repository: 1 + google_sourcerepo_repository_iam_binding: 1 diff --git a/tests/modules/source_repository/examples/trigger.yaml b/tests/modules/source_repository/examples/trigger.yaml new file mode 100644 index 0000000000..22a1064012 --- /dev/null +++ b/tests/modules/source_repository/examples/trigger.yaml @@ -0,0 +1,40 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.repo.google_cloudbuild_trigger.default["foo"]: + filename: ci/workflow-foo.yaml + included_files: + - '**/*tf' + location: global + name: foo + project: my-project + substitutions: + BAR: '1' + trigger_template: + - branch_name: main + commit_sha: null + dir: null + invert_regex: null + repo_name: my-repo + tag_name: null + webhook_config: [] + module.repo.google_sourcerepo_repository.default: + name: my-repo + project: my-project + pubsub_configs: [] + +counts: + google_cloudbuild_trigger: 1 + google_sourcerepo_repository: 1 diff --git a/tests/modules/source_repository/fixture/main.tf b/tests/modules/source_repository/fixture/main.tf deleted file mode 100644 index 122556bacf..0000000000 --- a/tests/modules/source_repository/fixture/main.tf +++ /dev/null @@ -1,65 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "group_iam" { - type = any - default = {} -} - -variable "iam" { - type = any - default = {} - nullable = false -} - -variable "iam_additive" { - type = any - default = {} - nullable = false -} - -variable "iam_additive_members" { - type = any - default = {} -} - -variable "name" { - description = "Repository name." - type = string - default = "test" -} - -variable "project_id" { - description = "Project used for resources." - type = string - default = "test" -} - -variable "triggers" { - type = any - default = null -} - -module "test" { - source = "../../../../modules/source-repository" - project_id = var.project_id - name = var.name - group_iam = var.group_iam - iam = var.iam - iam_additive = var.iam_additive - iam_additive_members = var.iam_additive_members - triggers = var.triggers -} diff --git a/tests/modules/source_repository/test_plan.py b/tests/modules/source_repository/test_plan.py deleted file mode 100644 index 83b27ee2fb..0000000000 --- a/tests/modules/source_repository/test_plan.py +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_resource_count(plan_runner): - 'Test number of resources created.' - _, resources = plan_runner() - assert len(resources) == 1 - - -def test_iam(plan_runner): - 'Test IAM binding resources.' - group_iam = '{"fooers@example.org"=["roles/owner"]}' - iam = '''{ - "roles/editor" = ["user:a@example.org", "user:b@example.org"] - "roles/owner" = ["user:c@example.org"] - }''' - _, resources = plan_runner(group_iam=group_iam, iam=iam) - bindings = { - r['values']['role']: r['values']['members'] - for r in resources - if r['type'] == 'google_sourcerepo_repository_iam_binding' - } - assert bindings == { - 'roles/editor': ['user:a@example.org', 'user:b@example.org'], - 'roles/owner': ['group:fooers@example.org', 'user:c@example.org'] - } - - -def test_triggers(plan_runner): - 'Test trigger resources.' - triggers = '''{ - foo = { - filename = "ci/foo.yaml" - included_files = ["**/*yaml"] - service_account = null - substitutions = null - template = { - branch_name = null - project_id = null - tag_name = "foo" - } - } - }''' - _, resources = plan_runner(triggers=triggers) - triggers = [ - r['index'] for r in resources if r['type'] == 'google_cloudbuild_trigger' - ] - assert triggers == ['foo'] \ No newline at end of file diff --git a/tests/modules/vpc_sc/__init__.py b/tests/modules/vpc_sc/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/vpc_sc/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/vpc_sc/examples/access-levels.yaml b/tests/modules/vpc_sc/examples/access-levels.yaml new file mode 100644 index 0000000000..50894901e0 --- /dev/null +++ b/tests/modules/vpc_sc/examples/access-levels.yaml @@ -0,0 +1,56 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.test.google_access_context_manager_access_level.basic["a1"]: + basic: + - combining_function: AND + conditions: + - device_policy: [] + ip_subnetworks: [] + members: + - user:user1@example.com + negate: null + regions: [] + required_access_levels: [] + custom: [] + name: accessPolicies/12345678/accessLevels/a1 + parent: accessPolicies/12345678 + title: a1 + module.test.google_access_context_manager_access_level.basic["a2"]: + basic: + - combining_function: OR + conditions: + - device_policy: [] + ip_subnetworks: + - 101.101.101.0/24 + members: [] + negate: null + regions: [] + required_access_levels: [] + - device_policy: [] + ip_subnetworks: [] + members: [] + negate: null + regions: + - IT + - FR + required_access_levels: [] + custom: [] + name: accessPolicies/12345678/accessLevels/a2 + parent: accessPolicies/12345678 + title: a2 + +counts: + google_access_context_manager_access_level: 2 diff --git a/tests/modules/bigtable_instance/__init__.py b/tests/modules/vpc_sc/examples/access-policy.yaml similarity index 69% rename from tests/modules/bigtable_instance/__init__.py rename to tests/modules/vpc_sc/examples/access-policy.yaml index 6d6d1266c3..345edccf76 100644 --- a/tests/modules/bigtable_instance/__init__.py +++ b/tests/modules/vpc_sc/examples/access-policy.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,3 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +values: + module.test.google_access_context_manager_access_policy.default[0]: + parent: organizations/123456 + scopes: null + title: vpcsc-policy + +counts: + google_access_context_manager_access_policy: 1 diff --git a/tests/modules/vpc_sc/examples/bridge.yaml b/tests/modules/vpc_sc/examples/bridge.yaml new file mode 100644 index 0000000000..4ff1246a60 --- /dev/null +++ b/tests/modules/vpc_sc/examples/bridge.yaml @@ -0,0 +1,58 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.test.google_access_context_manager_service_perimeter.bridge["b1"]: + description: null + name: accessPolicies/12345678/servicePerimeters/b1 + parent: accessPolicies/12345678 + perimeter_type: PERIMETER_TYPE_BRIDGE + spec: [] + status: + - access_levels: null + egress_policies: [] + ingress_policies: [] + resources: + - projects/111110 + - projects/111111 + restricted_services: null + vpc_accessible_services: [] + title: b1 + use_explicit_dry_run_spec: false + module.test.google_access_context_manager_service_perimeter.bridge["b2"]: + description: null + name: accessPolicies/12345678/servicePerimeters/b2 + parent: accessPolicies/12345678 + perimeter_type: PERIMETER_TYPE_BRIDGE + spec: + - access_levels: null + egress_policies: [] + ingress_policies: [] + resources: + - projects/222220 + - projects/222221 + restricted_services: null + vpc_accessible_services: [] + status: + - access_levels: null + egress_policies: [] + ingress_policies: [] + resources: [] + restricted_services: null + vpc_accessible_services: [] + title: b2 + use_explicit_dry_run_spec: true + +counts: + google_access_context_manager_service_perimeter: 2 diff --git a/tests/modules/vpc_sc/examples/regular.yaml b/tests/modules/vpc_sc/examples/regular.yaml new file mode 100644 index 0000000000..5f11e9a5c8 --- /dev/null +++ b/tests/modules/vpc_sc/examples/regular.yaml @@ -0,0 +1,93 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.test.google_access_context_manager_access_level.basic["a1"]: + basic: + - combining_function: AND + conditions: + - device_policy: [] + ip_subnetworks: [] + members: + - user:user1@example.com + negate: null + regions: [] + required_access_levels: [] + custom: [] + name: accessPolicies/12345678/accessLevels/a1 + parent: accessPolicies/12345678 + title: a1 + module.test.google_access_context_manager_access_level.basic["a2"]: + basic: + - combining_function: AND + conditions: + - device_policy: [] + ip_subnetworks: [] + members: + - user:user2@example.com + negate: null + regions: [] + required_access_levels: [] + custom: [] + name: accessPolicies/12345678/accessLevels/a2 + parent: accessPolicies/12345678 + title: a2 + module.test.google_access_context_manager_service_perimeter.regular["r1"]: + name: accessPolicies/12345678/servicePerimeters/r1 + parent: accessPolicies/12345678 + perimeter_type: PERIMETER_TYPE_REGULAR + spec: [] + status: + - egress_policies: + - egress_from: + - identities: + - serviceAccount:foo@myproject.iam.gserviceaccount.com + identity_type: ANY_IDENTITY + egress_to: + - external_resources: null + operations: + - method_selectors: + - method: '*' + permission: null + service_name: storage.googleapis.com + resources: + - projects/123456789 + ingress_policies: + - ingress_from: + - identities: + - serviceAccount:test-tf@myproject.iam.gserviceaccount.com + identity_type: null + sources: + - resource: null + ingress_to: + - operations: + - method_selectors: [] + service_name: '*' + resources: + - '*' + resources: + - projects/11111 + - projects/111111 + restricted_services: + - storage.googleapis.com + vpc_accessible_services: + - allowed_services: + - storage.googleapis.com + enable_restriction: true + title: r1 + use_explicit_dry_run_spec: false + +counts: + google_access_context_manager_access_level: 2 + google_access_context_manager_service_perimeter: 1 diff --git a/tests/modules/cloud_identity_group/__init__.py b/tests/modules/vpc_sc/examples/scoped-access-policy.yaml similarity index 68% rename from tests/modules/cloud_identity_group/__init__.py rename to tests/modules/vpc_sc/examples/scoped-access-policy.yaml index 6d6d1266c3..d25882de3f 100644 --- a/tests/modules/cloud_identity_group/__init__.py +++ b/tests/modules/vpc_sc/examples/scoped-access-policy.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,3 +11,13 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +values: + module.test.google_access_context_manager_access_policy.default[0]: + parent: organizations/123456 + scopes: + - folders/456789 + title: vpcsc-policy + +counts: + google_access_context_manager_access_policy: 1 diff --git a/tests/modules/vpc_sc/fixture/main.tf b/tests/modules/vpc_sc/fixture/main.tf deleted file mode 100644 index b6a951e506..0000000000 --- a/tests/modules/vpc_sc/fixture/main.tf +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/vpc-sc" - access_policy = var.access_policy - access_policy_create = var.access_policy_create - access_levels = var.access_levels - egress_policies = var.egress_policies - ingress_policies = var.ingress_policies - service_perimeters_bridge = var.service_perimeters_bridge - service_perimeters_regular = var.service_perimeters_regular -} diff --git a/tests/modules/vpc_sc/fixture/test.regular.tfvars b/tests/modules/vpc_sc/fixture/test.regular.tfvars deleted file mode 100644 index 012e16fb89..0000000000 --- a/tests/modules/vpc_sc/fixture/test.regular.tfvars +++ /dev/null @@ -1,96 +0,0 @@ -access_levels = { - a1 = { - combining_function = null - conditions = [ - { - device_policy = null - ip_subnetworks = null - members = ["user:ludomagno@google.com"] - negate = null - regions = null - required_access_levels = null - } - ] - } - a2 = { - combining_function = "OR" - conditions = [ - { - device_policy = null - ip_subnetworks = null - members = null - negate = null - regions = ["IT", "FR"] - required_access_levels = null - }, - { - device_policy = null - ip_subnetworks = null - members = null - negate = null - regions = ["US"] - required_access_levels = null - } - ] - } -} -egress_policies = { - foo = { - from = { - identities = ["user:foo@example.com"] - } - to = { - resources = ["projects/333330"] - } - } -} -ingress_policies = { - foo = { - from = { - source_access_levels = ["a2"] - source_resources = ["projects/333330"] - } - to = { - operations = [{ - service_name = "compute.googleapis.com" - }] - resources = ["projects/222220"] - } - } -} -service_perimeters_bridge = { - b1 = { - status_resources = ["projects/111110", "projects/111111"] - } - b2 = { - status_resources = ["projects/111110", "projects/222220"] - spec_resources = ["projects/111110", "projects/222220"] - use_explicit_dry_run_spec = true - } -} -service_perimeters_regular = { - r1 = { - status = { - access_levels = ["a1"] - resources = ["projects/11111", "projects/111111"] - restricted_services = ["storage.googleapis.com"] - vpc_accessible_services = { - allowed_services = ["compute.googleapis.com"] - enable_restriction = true - } - } - } - r2 = { - status = { - access_levels = ["a1", "a2"] - resources = ["projects/222220", "projects/222221"] - restricted_services = ["storage.googleapis.com"] - egress_policies = ["foo"] - ingress_policies = ["foo"] - vpc_accessible_services = { - allowed_services = ["compute.googleapis.com"] - enable_restriction = true - } - } - } -} diff --git a/tests/modules/vpc_sc/fixture/variables.tf b/tests/modules/vpc_sc/fixture/variables.tf deleted file mode 100644 index 1b7457f480..0000000000 --- a/tests/modules/vpc_sc/fixture/variables.tf +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "access_levels" { - type = any - default = {} - nullable = false -} - -variable "access_policy" { - type = string -} - -variable "access_policy_create" { - type = any - default = null -} - -variable "egress_policies" { - type = any - default = {} - nullable = false -} - -variable "ingress_policies" { - type = any - default = {} - nullable = false -} - -variable "service_perimeters_bridge" { - type = any - default = {} -} - -variable "service_perimeters_regular" { - type = any - default = {} - nullable = false -} diff --git a/tests/modules/vpc_sc/test_plan.py b/tests/modules/vpc_sc/test_plan.py deleted file mode 100644 index e4f108e7aa..0000000000 --- a/tests/modules/vpc_sc/test_plan.py +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import collections - - -def test_create_policy(plan_runner): - "Test with auto-created policy." - access_policy_create = '''{ - parent = "organizations/123456" - title = "vpcsc-policy" - }''' - _, resources = plan_runner(tf_var_file='test.regular.tfvars', - access_policy='null', - access_policy_create=access_policy_create) - counts = collections.Counter(f'{r["type"]}.{r["name"]}' for r in resources) - assert counts == { - 'google_access_context_manager_access_level.basic': 2, - 'google_access_context_manager_access_policy.default': 1, - 'google_access_context_manager_service_perimeter.bridge': 2, - 'google_access_context_manager_service_perimeter.regular': 2 - } - - -def test_use_policy(plan_runner): - "Test with existing policy." - _, resources = plan_runner(tf_var_file='test.regular.tfvars', - access_policy="accessPolicies/foobar") - counts = collections.Counter(f'{r["type"]}.{r["name"]}' for r in resources) - assert counts == { - 'google_access_context_manager_access_level.basic': 2, - 'google_access_context_manager_service_perimeter.bridge': 2, - 'google_access_context_manager_service_perimeter.regular': 2 - }