Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added endpoint attachments to Apigee module #1019

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion blueprints/cloud-operations/apigee/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ module "project" {
: null
)
name = var.project_id
project_create = var.project_create == null ? false : true
project_create = var.project_create != null
services = [
"apigee.googleapis.com",
"bigquery.googleapis.com",
Expand Down
41 changes: 35 additions & 6 deletions modules/apigee/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,18 @@ module "apigee" {
psa_ip_cidr_range = "10.0.5.0/22"
}
}
endpoint_attachments = {
endpoint-backend-1 = {
region = "europe-west1"
service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
}
endpoint-backend-2 = {
region = "europe-west1"
service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
}
}
}
# tftest modules=1 resources=12
# tftest modules=1 resources=14
```

### All resources (HYBRID control plane)
Expand Down Expand Up @@ -135,17 +145,36 @@ module "apigee" {
}
# tftest modules=1 resources=2
```

### New endpoint attachment

apichick marked this conversation as resolved.
Show resolved Hide resolved
Endpoint attachments allow to implement [Apigee southbound network patterns](https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#create-the-psc-attachments).

```hcl
module "apigee" {
source = "./fabric/modules/apigee"
project_id = "my-project"
endpoint_attachments = {
endpoint-backend-1 = {
region = "europe-west1"
service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
}
}
}
# tftest modules=1 resources=1
```
<!-- BEGIN TFDOC -->

## Variables

| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [project_id](variables.tf#L68) | Project ID. | <code>string</code> | ✓ | |
| [envgroups](variables.tf#L18) | Environment groups (NAME => [HOSTNAMES]). | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>null</code> |
| [environments](variables.tf#L24) | Environments. | <code title="map&#40;object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; node_config &#61; optional&#40;object&#40;&#123;&#10; min_node_count &#61; optional&#40;number&#41;&#10; max_node_count &#61; optional&#40;number&#41;&#10; current_aggregate_node_count &#61; number&#10; &#125;&#41;&#41;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;&#41;&#10; envgroups &#61; list&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [instances](variables.tf#L40) | Instance. | <code title="map&#40;object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; region &#61; string&#10; environments &#61; list&#40;string&#41;&#10; psa_ip_cidr_range &#61; string&#10; disk_encryption_key &#61; optional&#40;string&#41;&#10; consumer_accept_list &#61; optional&#40;list&#40;string&#41;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [organization](variables.tf#L54) | Apigee organization. If set to null the organization must already exist. | <code title="object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; authorized_network &#61; optional&#40;string&#41;&#10; runtime_type &#61; optional&#40;string, &#34;CLOUD&#34;&#41;&#10; billing_type &#61; optional&#40;string&#41;&#10; database_encryption_key &#61; optional&#40;string&#41;&#10; analytics_region &#61; optional&#40;string, &#34;europe-west1&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [project_id](variables.tf#L76) | Project ID. | <code>string</code> | ✓ | |
| [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | <code title="map&#40;object&#40;&#123;&#10; region &#61; string&#10; service_attachment &#61; string&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>null</code> |
| [environments](variables.tf#L32) | Environments. | <code title="map&#40;object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; node_config &#61; optional&#40;object&#40;&#123;&#10; min_node_count &#61; optional&#40;number&#41;&#10; max_node_count &#61; optional&#40;number&#41;&#10; current_aggregate_node_count &#61; number&#10; &#125;&#41;&#41;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;&#41;&#10; envgroups &#61; list&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [instances](variables.tf#L48) | Instances. | <code title="map&#40;object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; region &#61; string&#10; environments &#61; list&#40;string&#41;&#10; psa_ip_cidr_range &#61; string&#10; disk_encryption_key &#61; optional&#40;string&#41;&#10; consumer_accept_list &#61; optional&#40;list&#40;string&#41;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [organization](variables.tf#L62) | Apigee organization. If set to null the organization must already exist. | <code title="object&#40;&#123;&#10; display_name &#61; optional&#40;string&#41;&#10; description &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10; authorized_network &#61; optional&#40;string&#41;&#10; runtime_type &#61; optional&#40;string, &#34;CLOUD&#34;&#41;&#10; billing_type &#61; optional&#40;string&#41;&#10; database_encryption_key &#61; optional&#40;string&#41;&#10; analytics_region &#61; optional&#40;string, &#34;europe-west1&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |

## Outputs

Expand Down
16 changes: 12 additions & 4 deletions modules/apigee/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,11 @@
*/

locals {
org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
envgroups = coalesce(var.envgroups, {})
environments = coalesce(var.environments, {})
instances = coalesce(var.instances, {})
org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
envgroups = coalesce(var.envgroups, {})
environments = coalesce(var.environments, {})
instances = coalesce(var.instances, {})
endpoint_attachments = coalesce(var.endpoint_attachments, {})
}

resource "google_apigee_organization" "organization" {
Expand Down Expand Up @@ -102,5 +103,12 @@ resource "google_apigee_instance_attachment" "instance_attachments" {
instance_id = google_apigee_instance.instances[each.value.instance].id
environment = try(google_apigee_environment.environments[each.value.environment].name,
"${local.org_id}/environments/${each.value.environment}")
}

resource "google_apigee_endpoint_attachment" "endpoint_attachments" {
for_each = local.endpoint_attachments
org_id = local.org_id
endpoint_attachment_id = each.key
location = each.value.region
service_attachment = each.value.service_attachment
}
12 changes: 10 additions & 2 deletions modules/apigee/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,14 @@
* limitations under the License.
*/

variable "endpoint_attachments" {
description = "Endpoint attachments."
type = map(object({
region = string
service_attachment = string
}))
default = null
}

variable "envgroups" {
description = "Environment groups (NAME => [HOSTNAMES])."
Expand All @@ -38,7 +46,7 @@ variable "environments" {
}

variable "instances" {
description = "Instance."
description = "Instances."
type = map(object({
display_name = optional(string)
description = optional(string, "Terraform-managed")
Expand Down Expand Up @@ -68,4 +76,4 @@ variable "organization" {
variable "project_id" {
description = "Project ID."
type = string
}
}
13 changes: 7 additions & 6 deletions tests/modules/apigee/fixture/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,11 @@
*/

module "test" {
source = "../../../../modules/apigee"
project_id = var.project_id
organization = var.organization
envgroups = var.envgroups
environments = var.environments
instances = var.instances
source = "../../../../modules/apigee"
project_id = var.project_id
organization = var.organization
envgroups = var.envgroups
environments = var.environments
instances = var.instances
endpoint_attachments = var.endpoint_attachments
}
10 changes: 10 additions & 0 deletions tests/modules/apigee/fixture/test.all.tfvars
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,13 @@ instances = {
psa_ip_cidr_range = "10.0.5.0/22"
}
}
endpoint_attachments = {
endpoint-backend-1 = {
region = "europe-west1"
service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
}
endpoint-backend-2 = {
region = "europe-west1"
service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
project_id = "my-project"
endpoint_attachments = {
endpoint-backend-1 = {
region = "europe-west1"
service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
}
}
47 changes: 28 additions & 19 deletions tests/modules/apigee/fixture/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,22 +14,12 @@
* limitations under the License.
*/

variable "project_id" {
description = "Project ID."
type = string
}

variable "organization" {
description = "Apigee organization"
type = object({
display_name = optional(string)
description = optional(string, "Apigee Organization created by tf module")
authorized_network = optional(string)
runtime_type = optional(string, "CLOUD")
billing_type = optional(string)
database_encryption_key = optional(string)
analytics_region = optional(string, "europe-west1")
})
variable "endpoint_attachments" {
description = "Endpoint attachments."
type = map(object({
region = string
service_attachment = string
}))
default = null
}

Expand All @@ -43,7 +33,7 @@ variable "environments" {
description = "Environments."
type = map(object({
display_name = optional(string)
description = optional(string)
description = optional(string, "Terraform-managed")
node_config = optional(object({
min_node_count = optional(number)
max_node_count = optional(number)
Expand All @@ -56,10 +46,10 @@ variable "environments" {
}

variable "instances" {
description = "Instance."
description = "Instances."
type = map(object({
display_name = optional(string)
description = optional(string)
description = optional(string, "Terraform-managed")
region = string
environments = list(string)
psa_ip_cidr_range = string
Expand All @@ -68,3 +58,22 @@ variable "instances" {
}))
default = null
}

variable "organization" {
description = "Apigee organization. If set to null the organization must already exist."
type = object({
display_name = optional(string)
description = optional(string, "Terraform-managed")
authorized_network = optional(string)
runtime_type = optional(string, "CLOUD")
billing_type = optional(string)
database_encryption_key = optional(string)
analytics_region = optional(string, "europe-west1")
})
default = null
}

variable "project_id" {
description = "Project ID."
type = string
}
9 changes: 9 additions & 0 deletions tests/modules/apigee/test_plan.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ def test_all(plan_runner):
'google_apigee_envgroup_attachment.envgroup_attachments': 2,
'google_apigee_instance.instances': 2,
'google_apigee_instance_attachment.instance_attachments': 2,
'google_apigee_endpoint_attachment.endpoint_attachments': 2,
'google_apigee_environment_iam_binding.binding': 1
}

Expand Down Expand Up @@ -62,6 +63,14 @@ def test_instance_only(plan_runner):
'google_apigee_instance_attachment.instance_attachments': 1
}

def test_endpoint_attachment_only(plan_runner):
"Test that creates only an instance."
_, resources = plan_runner(tf_var_file='test.endpoint_attachment_only.tfvars')
counts = collections.Counter(f'{r["type"]}.{r["name"]}' for r in resources)
assert counts == {
'google_apigee_endpoint_attachment.endpoint_attachments': 1,
}

def test_no_instances(plan_runner):
"Test that creates everything but the instances."
_, resources = plan_runner(tf_var_file='test.no_instances.tfvars')
Expand Down