Test blueprints from README files

blueprints/apigee/bigquery-analytics/README.md

@@ -76,3 +76,35 @@ Do the following to verify that everything works as expected.
 | [ip_address](outputs.tf#L17) | IP address. |  |
 
 <!-- END TFDOC -->
+## Test
+
+```hcl
+module "test" {
+  source = "./fabric/blueprints/apigee/bigquery-analytics"
+  project_create = {
+    billing_account_id = "12345-12345-12345"
+    parent             = "folders/123456789"
+  }
+  project_id = "my-project"
+  envgroups = {
+    test = ["test.cool-demos.space"]
+  }
+  environments = {
+    apis-test = {
+      envgroups = ["test"]
+    }
+  }
+  instances = {
+    instance-ew1 = {
+      region                        = "europe-west1"
+      environments                  = ["apis-test"]
+      runtime_ip_cidr_range         = "10.0.4.0/22"
+      troubleshooting_ip_cidr_range = "10.1.0.0/28"
+    }
+  }
+  psc_config = {
+    europe-west1 = "10.0.0.0/28"
+  }
+}
+# tftest modules=10 resources=62
+```

blueprints/apigee/hybrid-gke/README.md

@@ -25,11 +25,11 @@ The diagram below depicts the architecture.
     terraform apply
     ```
 
-    Create an A record in your DNS registrar to point the environment group hostname to the public IP address returned after the terraform configuration was applied. You might need to wait some time until the certificate is provisioned.  
- 
+    Create an A record in your DNS registrar to point the environment group hostname to the public IP address returned after the terraform configuration was applied. You might need to wait some time until the certificate is provisioned.
+
 5. Install Apigee hybrid using de ansible playbook that is in the ansible folder by running this command
 
-    ansible-playbook playbook.yaml -vvvß
+    ansible-playbook playbook.yaml -vvv
 
 ## Testing the blueprint
 
@@ -67,3 +67,18 @@ The diagram below depicts the architecture.
 | [ip_address](outputs.tf#L17) | GLB IP address. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source = "./fabric/blueprints/apigee/hybrid-gke"
+  project_create = {
+    billing_account_id = "12345-12345-12345"
+    parent             = "folders/123456789"
+  }
+  project_id = "my-project"
+  hostname   = "test.myorg.org"
+}
+# tftest modules=18 resources=59
+```

blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md

@@ -67,3 +67,17 @@ Do the following to verify that everything works as expected.
 | [ip_address](outputs.tf#L17) | GLB IP address. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source             = "./fabric/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg"
+  billing_account_id = "12345-12345-12345"
+  parent             = "folders/123456789"
+  apigee_project_id  = "my-apigee-project"
+  onprem_project_id  = "my-onprem-project"
+  hostname           = "test.myorg.org"
+}
+# tftest modules=14 resources=73
+```

blueprints/cloud-operations/adfs/README.md

@@ -74,3 +74,20 @@ Once done testing, you can clean up resources by running `terraform destroy`.
 | [ip_address](outputs.tf#L15) | IP address. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source = "./fabric/blueprints/cloud-operations/adfs"
+  prefix = "test"
+  project_create = {
+    billing_account_id = "12345-12345-12345"
+    parent             = "folders/123456789"
+  }
+  project_id           = "project-1"
+  ad_dns_domain_name   = "example.com"
+  adfs_dns_domain_name = "adfs.example.com"
+}
+# tftest modules=5 resources=18
+```

blueprints/cloud-operations/asset-inventory-feed-remediation/README.md

@@ -72,3 +72,15 @@ Run the `subscription_pull` command until it returns nothing, then run the follo
 | [tag_show](outputs.tf#L49) | Instance add tag command. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source         = "./fabric/blueprints/cloud-operations/asset-inventory-feed-remediation"
+  project_create = true
+  project_id     = "project-1"
+}
+
+# tftest modules=7 resources=21
+```

blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright 2022 Google LLC
+ * Copyright 2023 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -82,7 +82,7 @@ module "cf" {
     location = var.region
   }
   bundle_config = {
-    source_dir  = "cf"
+    source_dir  = "${path.module}/cf"
     output_path = var.bundle_path
   }
   service_account = module.service-account.email

blueprints/cloud-operations/dns-fine-grained-iam/README.md

@@ -118,3 +118,15 @@ dig app1.svc.example.org +short
 | [vms](outputs.tf#L25) | VM names. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test1" {
+  source         = "./fabric/blueprints/cloud-operations/dns-fine-grained-iam"
+  name           = "dns-sd-test"
+  project_create = true
+  project_id     = "test"
+}
+# tftest modules=9 resources=25
+```

blueprints/cloud-operations/dns-shared-vpc/README.md

@@ -39,3 +39,17 @@ Note that Terraform 0.13 at least is required due to the use of `for_each` with
 | [teams](outputs.tf#L17) | Team resources. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source             = "./fabric/blueprints/cloud-operations/dns-shared-vpc"
+  billing_account_id = "111111-222222-333333"
+  folder_id          = "folders/1234567890"
+  prefix             = "test"
+  shared_vpc_link    = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default"
+  teams              = ["team1", "team2"]
+}
+# tftest modules=9 resources=12
+```

blueprints/cloud-operations/iam-delegated-role-grants/README.md

@@ -76,3 +76,15 @@ If you get any warnings, check the roles and remove any of them granting any of
 | [restricted_role_grant](variables.tf#L78) | Role grant to which the restrictions will apply. | <code>string</code> |  | <code>&#34;roles&#47;resourcemanager.projectIamAdmin&#34;</code> |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source                 = "./fabric/blueprints/cloud-operations/iam-delegated-role-grants"
+  project_create         = true
+  project_id             = "project-1"
+  project_administrators = ["user:[email protected]"]
+}
+# tftest modules=2 resources=4
+```

blueprints/cloud-operations/onprem-sa-key-management/README.md

@@ -78,3 +78,14 @@ terraform destroy -var project_id=$GOOGLE_CLOUD_PROJECT
 | [sa-credentials](outputs.tf#L17) | SA json key templates. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source         = "./fabric/blueprints/cloud-operations/onprem-sa-key-management"
+  project_create = true
+  project_id     = "test"
+}
+# tftest modules=4 resources=7
+```

blueprints/cloud-operations/packer-image-builder/README.md

@@ -93,3 +93,27 @@ address for security reasons, Internet connectivity is done with [Cloud NAT](htt
 | [compute_zone](outputs.tf#L32) | Name of a compute engine zone for Packer's temporary VM. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```tpl
+# tftest-file id=pkrvars path=packer/build.pkrvars.tpl
+# Packer variables file template.
+# Used by Terraform to generate Packer variable file.
+project_id         = "${PROJECT_ID}"
+compute_zone       = "${COMPUTE_ZONE}"
+builder_sa         = "${BUILDER_SA}"
+compute_sa         = "${COMPUTE_SA}"
+compute_subnetwork = "${COMPUTE_SUBNETWORK}"
+use_iap            = ${USE_IAP}
+```
+
+```hcl
+module "test" {
+  source               = "./fabric/blueprints/cloud-operations/packer-image-builder"
+  project_id           = "test-project"
+  packer_account_users = ["user:[email protected]"]
+  create_packer_vars   = true
+}
+# tftest modules=7 resources=17 files=pkrvars
+```

blueprints/cloud-operations/quota-monitoring/README.md

@@ -52,3 +52,15 @@ Clone this repository or [open it in cloud shell](https://ssh.cloud.google.com/c
 | [schedule_config](variables.tf#L66) | Schedule timer configuration in crontab format. | <code>string</code> |  | <code>&#34;0 &#42; &#42; &#42; &#42;&#34;</code> |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source         = "./fabric/blueprints/cloud-operations/quota-monitoring"
+  name           = "name"
+  project_create = true
+  project_id     = "test"
+}
+# tftest modules=4 resources=14
+```

blueprints/cloud-operations/quota-monitoring/main.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright 2022 Google LLC
+ * Copyright 2023 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,7 +55,7 @@ module "cf" {
     location = var.region
   }
   bundle_config = {
-    source_dir  = "cf"
+    source_dir  = "${path.module}/cf"
     output_path = var.bundle_path
   }
   # https://github.com/hashicorp/terraform-provider-archive/issues/40

blueprints/cloud-operations/scheduled-asset-inventory-export-bq/README.md

@@ -77,3 +77,29 @@ This is an optional part, created if `cai_gcs_export` is set to `true`. The high
 | [cloud-function](outputs.tf#L22) | Cloud Function instance details. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source          = "./fabric/blueprints/cloud-operations/scheduled-asset-inventory-export-bq"
+  billing_account = "1234-ABCD-1234"
+  cai_config = {
+    bq_dataset         = "my-dataset"
+    bq_table           = "my_table"
+    bq_table_overwrite = "true"
+    target_node        = "organization/1234567890"
+  }
+  cai_gcs_export = true
+  file_config = {
+    bucket     = "my-bucket"
+    filename   = "my-folder/myfile.json"
+    format     = "NEWLINE_DELIMITED_JSON"
+    bq_dataset = "my-dataset"
+    bq_table   = "my_table"
+  }
+  project_create = true
+  project_id     = "project-1"
+}
+# tftest modules=8 resources=34
+```

blueprints/cloud-operations/scheduled-asset-inventory-export-bq/main.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright 2022 Google LLC
+ * Copyright 2023 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -94,7 +94,7 @@ module "cf" {
     location = var.region
   }
   bundle_config = {
-    source_dir  = "cf"
+    source_dir  = "${path.module}/cf"
     output_path = var.bundle_path
   }
   service_account = module.service-account.email
@@ -118,7 +118,7 @@ module "cffile" {
     lifecycle_delete_age_days = null
   }
   bundle_config = {
-    source_dir  = "cffile"
+    source_dir  = "${path.module}/cffile"
     output_path = var.bundle_path_cffile
     excludes    = null
   }

blueprints/cloud-operations/terraform-cloud-dynamic-credentials/README.md

@@ -120,3 +120,4 @@ terraform apply
 As a result we have a successfully deployed GCS bucket from Terraform Cloud workflow using Workload Identity Federation.
 
 Once done testing, you can clean up resources by running `terraform destroy` first in the `tfc-workflow-using-wif` and then `gcp-workload-identity-provider` folders. 
+

blueprints/cloud-operations/terraform-cloud-dynamic-credentials/gcp-workload-identity-provider/README.md

@@ -33,3 +33,22 @@ The codebase provisions the following list of resources:
 | [tfc_workspace_wariables](outputs.tf#L20) | Variables to be set on the TFC workspace. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source                             = "./fabric/blueprints/cloud-operations/terraform-cloud-dynamic-credentials/gcp-workload-identity-provider"
+  billing_account                    = "1234-ABCD-1234"
+  project_create                     = true
+  project_id                         = "project-1"
+  parent                             = "folders/12345"
+  tfc_organization_id                = "org-123"
+  tfc_workspace_id                   = "ws-123"
+  workload_identity_pool_id          = "tfe-pool"
+  workload_identity_pool_provider_id = "tf-provider"
+  issuer_uri                         = "https://app.terraform.io/"
+}
+
+# tftest modules=3 resources=12
+```

blueprints/cloud-operations/unmanaged-instances-healthcheck/README.md

@@ -118,3 +118,15 @@ gcloud compute ssh --zone europe-west1-b  nginx-test -- 'uptime'
 | [pubsub-topic](outputs.tf#L26) | Restarter PubSub topic. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source          = "./fabric/blueprints/cloud-operations/unmanaged-instances-healthcheck"
+  project_id      = "project-1"
+  billing_account = "123456-123456-123456"
+  project_create  = true
+}
+# tftest modules=11 resources=35
+```

blueprints/cloud-operations/vm-migration/host-target-projects/README.md

@@ -38,3 +38,30 @@ This sample creates\updates several distinct groups of resources:
 | [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects. |  |
 
 <!-- END TFDOC -->
+
+## Test
+
+```hcl
+module "test" {
+  source = "./fabric/blueprints/cloud-operations/vm-migration/host-target-projects"
+  project_create = {
+    billing_account_id = "1234-ABCD-1234"
+    parent             = "folders/1234563"
+  }
+  migration_admin_users     = ["user:[email protected]"]
+  migration_viewer_users    = ["user:[email protected]"]
+  migration_target_projects = [module.test-target-project.name]
+  depends_on = [
+    module.test-target-project
+  ]
+}
+
+module "test-target-project" {
+  source          = "./fabric/modules/project"
+  billing_account = "1234-ABCD-1234"
+  name            = "test-target-project"
+  project_create  = true
+}
+
+# tftest modules=5 resources=24
+```