From f10392b5015c78724bdecd8d7364987c73714406 Mon Sep 17 00:00:00 2001
From: Sam Levenick <slevenick@google.com>
Date: Wed, 9 Oct 2019 14:01:04 -0700
Subject: [PATCH] Inspec dataproc firewalls IT fix (#2448)

Merged PR #2448.
---
 build/inspec                                  |  2 +-
 .../inspec/tests/integration/build/gcp-mm.tf  | 24 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/build/inspec b/build/inspec
index 307ff3b726e4..b6d584fcfec8 160000
--- a/build/inspec
+++ b/build/inspec
@@ -1 +1 @@
-Subproject commit 307ff3b726e4d2fb6372f325f6045b7d7a22f5ea
+Subproject commit b6d584fcfec8dd523ed4e67fe3eeb4b7fabb9662
diff --git a/templates/inspec/tests/integration/build/gcp-mm.tf b/templates/inspec/tests/integration/build/gcp-mm.tf
index b25f9bd7185d..73c6e6791755 100644
--- a/templates/inspec/tests/integration/build/gcp-mm.tf
+++ b/templates/inspec/tests/integration/build/gcp-mm.tf
@@ -668,6 +668,29 @@ resource "google_ml_engine_model" "inspec-gcp-model" {
   online_prediction_console_logging = var.ml_model["online_prediction_console_logging"]
 }
 
+resource "google_compute_firewall" "dataproc" {
+  name    = "dataproc-firewall"
+  network = "${google_compute_network.dataproc.name}"
+
+  source_ranges = ["10.128.0.0/9"]
+  allow {
+    protocol = "icmp"
+  }
+
+  allow {
+    protocol = "tcp"
+    ports    = ["0-65535"]
+  }
+  allow {
+    protocol = "udp"
+    ports    = ["0-65535"]
+  }
+}
+
+resource "google_compute_network" "dataproc" {
+  name = "dataproc-network"
+}
+
 resource "google_dataproc_cluster" "mycluster" {
   project = var.gcp_project_id
   region  = var.gcp_location
@@ -704,6 +727,7 @@ resource "google_dataproc_cluster" "mycluster" {
     }
 
     gce_cluster_config {
+      network = google_compute_network.dataproc.self_link
       tags    = [var.dataproc_cluster["config"]["gce_cluster_config"]["tag"]]
     }
   }