From 931d72982d4f3f3568edf1e68d3f5942df80f3a7 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Mon, 28 Jan 2019 10:10:30 -0800 Subject: [PATCH] Add compute global address to InSpec --- products/compute/inspec.yaml | 2 -- .../attributes/google_compute_global_address.erb | 2 ++ .../inspec/examples/google_compute_global_address.erb | 10 ++++++++++ .../examples/google_compute_global_addresses.erb | 7 +++++++ templates/inspec/tests/integration/build/gcp-mm.tf | 10 ++++++++++ .../tests/integration/configuration/mm-attributes.yml | 6 +++++- 6 files changed, 34 insertions(+), 3 deletions(-) create mode 100644 templates/inspec/examples/attributes/google_compute_global_address.erb create mode 100644 templates/inspec/examples/google_compute_global_address.erb create mode 100644 templates/inspec/examples/google_compute_global_addresses.erb diff --git a/products/compute/inspec.yaml b/products/compute/inspec.yaml index b78cd91dfb6b..ffd52882b285 100644 --- a/products/compute/inspec.yaml +++ b/products/compute/inspec.yaml @@ -31,8 +31,6 @@ overrides: !ruby/object:Overrides::ResourceOverrides end ForwardingRule: !ruby/object:Overrides::Inspec::ResourceOverride exclude: true - GlobalAddress: !ruby/object:Overrides::Inspec::ResourceOverride - exclude: true GlobalForwardingRule: !ruby/object:Overrides::Inspec::ResourceOverride exclude: true Image: !ruby/object:Overrides::Inspec::ResourceOverride diff --git a/templates/inspec/examples/attributes/google_compute_global_address.erb b/templates/inspec/examples/attributes/google_compute_global_address.erb new file mode 100644 index 000000000000..6649541bc771 --- /dev/null +++ b/templates/inspec/examples/attributes/google_compute_global_address.erb @@ -0,0 +1,2 @@ +gcp_project_id = attribute(:gcp_project_id, default: '<%= external_attribute('gcp_project_id') -%>', description: 'The GCP project identifier.') +global_address = attribute('global_address', default: <%= JSON.pretty_generate(grab_attributes['global_address']) -%>, description: 'Compute Global Address definition') \ No newline at end of file diff --git a/templates/inspec/examples/google_compute_global_address.erb b/templates/inspec/examples/google_compute_global_address.erb new file mode 100644 index 000000000000..56ed5d7d1ea9 --- /dev/null +++ b/templates/inspec/examples/google_compute_global_address.erb @@ -0,0 +1,10 @@ +<% gcp_project_id = "#{external_attribute('gcp_project_id', doc_generation)}" -%> +<% global_address = grab_attributes['global_address'] -%> +describe google_compute_global_address(project: <%= gcp_project_id -%>, name: <%= doc_generation ? "'#{global_address['name']}'" : "global_address['name']" -%>) do + it { should exist } + its('ip_version') { should eq <%= doc_generation ? "'#{global_address['ip_version']}'" : "global_address['ip_version']" -%> } +end + +describe google_compute_global_address(project: <%= doc_generation ? "#{gcp_project_id}" : "gcp_project_id" -%>, name: 'nonexistent') do + it { should_not exist } +end \ No newline at end of file diff --git a/templates/inspec/examples/google_compute_global_addresses.erb b/templates/inspec/examples/google_compute_global_addresses.erb new file mode 100644 index 000000000000..9d2facd88721 --- /dev/null +++ b/templates/inspec/examples/google_compute_global_addresses.erb @@ -0,0 +1,7 @@ +<% gcp_project_id = "#{external_attribute('gcp_project_id', doc_generation)}" -%> +<% global_address = grab_attributes['global_address'] -%> +describe google_compute_global_addresses(project: <%= gcp_project_id -%>, name: <%= doc_generation ? "'#{global_address['name']}'" : "global_address['name']" -%>) do + its('count') { should be >= 1 } + its('names') { should include <%= doc_generation ? "'#{global_address['name']}'" : "global_address['name']" -%> } + its('ip_versions') { should include <%= doc_generation ? "'#{global_address['ip_version']}'" : "global_address['ip_version']" -%> } +end \ No newline at end of file diff --git a/templates/inspec/tests/integration/build/gcp-mm.tf b/templates/inspec/tests/integration/build/gcp-mm.tf index b5f7f6fa485b..659f5a8fd4eb 100644 --- a/templates/inspec/tests/integration/build/gcp-mm.tf +++ b/templates/inspec/tests/integration/build/gcp-mm.tf @@ -54,6 +54,10 @@ variable "instance_template" { type = "map" } +variable "global_address" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -223,4 +227,10 @@ resource "google_compute_instance_template" "gcp-inspec-instance-template" { service_account { scopes = ["${var.instance_template["service_account_scope"]}"] } +} + +resource "google_compute_global_address" "gcp-inspec-global-address" { + project = "${var.gcp_project_id}" + name = "${var.global_address["name"]}" + ip_version = "${var.global_address["ip_version"]}" } \ No newline at end of file diff --git a/templates/inspec/tests/integration/configuration/mm-attributes.yml b/templates/inspec/tests/integration/configuration/mm-attributes.yml index e4e34dc6d78c..b76e843e73f5 100644 --- a/templates/inspec/tests/integration/configuration/mm-attributes.yml +++ b/templates/inspec/tests/integration/configuration/mm-attributes.yml @@ -88,4 +88,8 @@ instance_template: disk_auto_delete: true disk_boot: true network_interface_network: default - service_account_scope: storage-ro \ No newline at end of file + service_account_scope: storage-ro + +global_address: + name: inspec-gcp-global-address + ip_version: IPV6