Skip to content

Commit

Permalink
Fix tests
Browse files Browse the repository at this point in the history
  • Loading branch information
juliocc committed Sep 14, 2023
1 parent d20da2a commit ff20bf3
Show file tree
Hide file tree
Showing 17 changed files with 155 additions and 128 deletions.
32 changes: 15 additions & 17 deletions blueprints/networking/shared-vpc-gke/main.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright 2022 Google LLC
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -102,6 +102,11 @@ module "vpc-shared" {
ip_cidr_range = var.ip_ranges.gce
name = "gce"
region = var.region
iam = {
"roles/compute.networkUser" = concat(var.owners_gce, [
"serviceAccount:${module.project-svc-gce.service_accounts.cloud_services}",
])
}
},
{
ip_cidr_range = var.ip_ranges.gke
Expand All @@ -111,24 +116,17 @@ module "vpc-shared" {
pods = var.ip_secondary_ranges.gke-pods
services = var.ip_secondary_ranges.gke-services
}
iam = {
"roles/compute.networkUser" = concat(var.owners_gke, [
"serviceAccount:${module.project-svc-gke.service_accounts.cloud_services}",
"serviceAccount:${module.project-svc-gke.service_accounts.robots.container-engine}",
])
"roles/compute.securityAdmin" = [
"serviceAccount:${module.project-svc-gke.service_accounts.robots.container-engine}",
]
}
}
]
subnet_iam = {
"${var.region}/gce" = {
"roles/compute.networkUser" = concat(var.owners_gce, [
"serviceAccount:${module.project-svc-gce.service_accounts.cloud_services}",
])
}
"${var.region}/gke" = {
"roles/compute.networkUser" = concat(var.owners_gke, [
"serviceAccount:${module.project-svc-gke.service_accounts.cloud_services}",
"serviceAccount:${module.project-svc-gke.service_accounts.robots.container-engine}",
])
"roles/compute.securityAdmin" = [
"serviceAccount:${module.project-svc-gke.service_accounts.robots.container-engine}",
]
}
}
}

module "vpc-shared-firewall" {
Expand Down
4 changes: 3 additions & 1 deletion fast/stages/2-networking-a-peering/landing.tf
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,9 @@ module "landing-vpc" {
private = true
restricted = true
}
data_folder = "${var.factories_config.data_dir}/subnets/landing"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing"
}
}

module "landing-firewall" {
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-a-peering/spoke-dev.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,14 @@ module "dev-spoke-project" {
}

module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/dev"
}
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-a-peering/spoke-prod.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,14 @@ module "prod-spoke-project" {
}

module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/prod"
}
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
4 changes: 3 additions & 1 deletion fast/stages/2-networking-b-vpn/landing.tf
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,9 @@ module "landing-vpc" {
private = true
restricted = true
}
data_folder = "${var.factories_config.data_dir}/subnets/landing"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing"
}
}

module "landing-firewall" {
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-b-vpn/spoke-dev.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,14 @@ module "dev-spoke-project" {
}

module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/dev"
}
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-b-vpn/spoke-prod.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,14 @@ module "prod-spoke-project" {
}

module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/prod"
}
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
8 changes: 6 additions & 2 deletions fast/stages/2-networking-c-nva/landing.tf
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,9 @@ module "landing-untrusted-vpc" {
logging = false
}
create_googleapis_routes = null
data_folder = "${var.factories_config.data_dir}/subnets/landing-untrusted"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing-untrusted"
}
}

module "landing-untrusted-firewall" {
Expand Down Expand Up @@ -110,7 +112,9 @@ module "landing-trusted-vpc" {
name = "prod-trusted-landing-0"
delete_default_routes_on_create = true
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/landing-trusted"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing-trusted"
}
dns_policy = {
inbound = true
}
Expand Down
12 changes: 7 additions & 5 deletions fast/stages/2-networking-c-nva/spoke-dev.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,11 +45,13 @@ module "dev-spoke-project" {
}

module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/dev"
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/dev"
}
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.dev, null)
# Set explicit routes for googleapis; send everything else to NVAs
Expand Down
12 changes: 7 additions & 5 deletions fast/stages/2-networking-c-nva/spoke-prod.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,13 @@ module "prod-spoke-project" {
}

module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/prod"
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/prod"
}
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.prod, null)
# Set explicit routes for googleapis; send everything else to NVAs
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-d-separate-envs/spoke-dev.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,14 @@ module "dev-spoke-project" {
}

module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/dev"
}
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
14 changes: 8 additions & 6 deletions fast/stages/2-networking-d-separate-envs/spoke-prod.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,14 @@ module "prod-spoke-project" {
}

module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/prod"
}
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
create_googleapis_routes = {
private = true
Expand Down
8 changes: 6 additions & 2 deletions fast/stages/2-networking-e-nva-bgp/landing.tf
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,9 @@ module "landing-untrusted-vpc" {
logging = false
}
create_googleapis_routes = null
data_folder = "${var.factories_config.data_dir}/subnets/landing-untrusted"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing-untrusted"
}
}

module "landing-untrusted-firewall" {
Expand Down Expand Up @@ -111,7 +113,9 @@ module "landing-trusted-vpc" {
name = "prod-trusted-landing-0"
delete_default_routes_on_create = true
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/landing-trusted"
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/landing-trusted"
}
dns_policy = {
inbound = true
}
Expand Down
12 changes: 7 additions & 5 deletions fast/stages/2-networking-e-nva-bgp/spoke-dev.tf
Original file line number Diff line number Diff line change
Expand Up @@ -45,11 +45,13 @@ module "dev-spoke-project" {
}

module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/dev"
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/dev"
}
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.dev, null)
# Set explicit routes for googleapis; send everything else to NVAs
Expand Down
12 changes: 7 additions & 5 deletions fast/stages/2-networking-e-nva-bgp/spoke-prod.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,13 @@ module "prod-spoke-project" {
}

module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
data_folder = "${var.factories_config.data_dir}/subnets/prod"
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
factories_config = {
subnets_folder = "${var.factories_config.data_dir}/subnets/prod"
}
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.prod, null)
# Set explicit routes for googleapis; send everything else to NVAs
Expand Down
Loading

0 comments on commit ff20bf3

Please sign in to comment.