diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index ab75c635fe..0000000000 --- a/.dockerignore +++ /dev/null @@ -1,11 +0,0 @@ -.git -.terraform -.terraform.d -.kitchen -terraform.tfstate.d -test/fixtures/*/.terraform -test/fixtures/*/terraform.tfstate.d -examples/.kitchen -examples/*/.terraform -examples/*/terraform.tfstate.d - diff --git a/.kitchen.yml b/.kitchen.yml index 81603782cd..39faa2e1e3 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -29,15 +29,6 @@ platforms: - name: local suites: -# Disabled due to issue #274 -# (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/274) -# - name: "deploy_service" -# driver: -# root_module_directory: test/fixtures/deploy_service -# verifier: -# systems: -# - name: deploy_service -# backend: local - name: "disable_client_cert" driver: root_module_directory: test/fixtures/disable_client_cert @@ -45,15 +36,8 @@ suites: systems: - name: disable_client_cert backend: local -# Disabled due to issue #274 -# (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/274) -# - name: "node_pool" -# driver: -# root_module_directory: test/fixtures/node_pool -# verifier: -# systems: -# - name: node_pool -# backend: local + controls: + - gcloud - name: "shared_vpc" driver: root_module_directory: test/fixtures/shared_vpc @@ -112,6 +96,8 @@ suites: systems: - name: simple_zonal_private backend: local + controls: + - gcloud - name: "stub_domains" driver: root_module_directory: test/fixtures/stub_domains @@ -119,6 +105,9 @@ suites: systems: - name: stub_domains backend: local + controls: + - gcloud + - kubectl # Disabled due to issue #264 # (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/264) # - name: stub_domains_private @@ -148,6 +137,26 @@ suites: systems: - name: workload_metadata_config backend: local + - name: "deploy_service" + driver: + root_module_directory: test/fixtures/deploy_service + verifier: + systems: + - name: deploy_service + backend: local + controls: + - gcloud + - kubectl + - name: "node_pool" + driver: + root_module_directory: test/fixtures/node_pool + verifier: + systems: + - name: node_pool + backend: local + controls: + - gcloud + - kubectl - name: "sandbox_enabled" driver: root_module_directory: test/fixtures/sandbox_enabled diff --git a/autogen/outputs.tf b/autogen/outputs.tf index 704569d00e..842502ecea 100644 --- a/autogen/outputs.tf +++ b/autogen/outputs.tf @@ -154,4 +154,12 @@ output "release_channel" { description = "The release channel of this cluster" value = var.release_channel } + +output "identity_namespace" { + description = "Workload Identity namespace" + value = var.identity_namespace + depends_on = [ + "google_container_cluster.primary" + ] +} {% endif %} diff --git a/autogen/versions.tf b/autogen/versions.tf index 832ec1df39..387a2e37c8 100644 --- a/autogen/versions.tf +++ b/autogen/versions.tf @@ -16,4 +16,12 @@ terraform { required_version = ">= 0.12" + + required_providers { +{% if beta_cluster %} + google-beta = "~> 2.18.0" +{% else %} + google = "~> 2.18.0" +{% endif %} + } } diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml index 5a52a5889b..09b5d3eb7e 100644 --- a/build/int.cloudbuild.yaml +++ b/build/int.cloudbuild.yaml @@ -241,6 +241,46 @@ steps: - verify workload-metadata-config-local name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy workload-metadata-config-local'] +- id: create deploy-service-local + waitFor: + - prepare + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do create deploy-service-local'] +- id: converge deploy-service-local + waitFor: + - create deploy-service-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge deploy-service-local'] +- id: verify deploy-service-local + waitFor: + - converge deploy-service-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify deploy-service-local'] +- id: destroy deploy-service-local + waitFor: + - verify deploy-service-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy deploy-service-local'] +- id: create node-pool-local + waitFor: + - prepare + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do create node-pool-local'] +- id: converge node-pool-local + waitFor: + - create node-pool-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge node-pool-local'] +- id: verify node-pool-local + waitFor: + - converge node-pool-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify node-pool-local'] +- id: destroy node-pool-local + waitFor: + - verify node-pool-local + name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' + args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy node-pool-local'] - id: create sandbox-enabled-local waitFor: - prepare @@ -267,3 +307,5 @@ tags: substitutions: _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools' _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.4.6' +options: + machineType: 'N1_HIGHCPU_8' diff --git a/examples/deploy_service/main.tf b/examples/deploy_service/main.tf index 3e15164913..a61aa9c9b8 100644 --- a/examples/deploy_service/main.tf +++ b/examples/deploy_service/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/disable_client_cert/README.md b/examples/disable_client_cert/README.md index 2f531b9906..1b75e2b6e0 100644 --- a/examples/disable_client_cert/README.md +++ b/examples/disable_client_cert/README.md @@ -12,7 +12,6 @@ This example illustrates how to create a simple cluster and disable deprecated s |------|-------------|:----:|:-----:|:-----:| | cluster\_name\_suffix | A suffix to append to the default cluster name | string | `""` | no | | compute\_engine\_service\_account | Service account to associate to the nodes in the cluster | string | n/a | yes | -| credentials\_path | The path to the GCP credentials JSON file | string | n/a | yes | | ip\_range\_pods | The secondary ip range to use for pods | string | n/a | yes | | ip\_range\_services | The secondary ip range to use for pods | string | n/a | yes | | network | The VPC network to host the cluster in | string | n/a | yes | diff --git a/examples/disable_client_cert/main.tf b/examples/disable_client_cert/main.tf index 221eb994ce..4d040ffcb7 100644 --- a/examples/disable_client_cert/main.tf +++ b/examples/disable_client_cert/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/disable_client_cert/variables.tf b/examples/disable_client_cert/variables.tf index f1fdb25856..6c918f2344 100644 --- a/examples/disable_client_cert/variables.tf +++ b/examples/disable_client_cert/variables.tf @@ -18,10 +18,6 @@ variable "project_id" { description = "The project ID to host the cluster in" } -variable "credentials_path" { - description = "The path to the GCP credentials JSON file" -} - variable "cluster_name_suffix" { description = "A suffix to append to the default cluster name" default = "" diff --git a/examples/node_pool_update_variant/main.tf b/examples/node_pool_update_variant/main.tf index c10e797511..9b29a5f0fe 100644 --- a/examples/node_pool_update_variant/main.tf +++ b/examples/node_pool_update_variant/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/shared_vpc/main.tf b/examples/shared_vpc/main.tf index 766239ead8..3533130a4e 100644 --- a/examples/shared_vpc/main.tf +++ b/examples/shared_vpc/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/simple_regional/main.tf b/examples/simple_regional/main.tf index 353ae91906..772cf8d0e5 100644 --- a/examples/simple_regional/main.tf +++ b/examples/simple_regional/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/simple_regional_private/main.tf b/examples/simple_regional_private/main.tf index 89568e86ee..f17a3728a6 100644 --- a/examples/simple_regional_private/main.tf +++ b/examples/simple_regional_private/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/simple_regional_private_beta/main.tf b/examples/simple_regional_private_beta/main.tf index db6c8a8204..4e1d405940 100644 --- a/examples/simple_regional_private_beta/main.tf +++ b/examples/simple_regional_private_beta/main.tf @@ -19,9 +19,8 @@ locals { } provider "google-beta" { - version = "~> 2.18.0" - credentials = file(var.credentials_path) - region = var.region + version = "~> 2.18.0" + region = var.region } data "google_compute_subnetwork" "subnetwork" { diff --git a/examples/simple_regional_private_beta/test_outputs.tf b/examples/simple_regional_private_beta/test_outputs.tf index 033c4beac1..53eab4ee12 100644 --- a/examples/simple_regional_private_beta/test_outputs.tf +++ b/examples/simple_regional_private_beta/test_outputs.tf @@ -21,10 +21,6 @@ output "project_id" { value = var.project_id } -output "credentials_path" { - value = var.credentials_path -} - output "region" { value = module.gke.region } diff --git a/examples/simple_regional_private_beta/variables.tf b/examples/simple_regional_private_beta/variables.tf index 3fb7d8bab1..0ba1656629 100644 --- a/examples/simple_regional_private_beta/variables.tf +++ b/examples/simple_regional_private_beta/variables.tf @@ -18,10 +18,6 @@ variable "project_id" { description = "The project ID to host the cluster in" } -variable "credentials_path" { - description = "The path to the GCP credentials JSON file" -} - variable "cluster_name_suffix" { description = "A suffix to append to the default cluster name" default = "" diff --git a/examples/simple_zonal/main.tf b/examples/simple_zonal/main.tf index edd90f7a0d..3490252a4a 100644 --- a/examples/simple_zonal/main.tf +++ b/examples/simple_zonal/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/simple_zonal_private/main.tf b/examples/simple_zonal_private/main.tf index 428218d76a..ae1a90a6cc 100644 --- a/examples/simple_zonal_private/main.tf +++ b/examples/simple_zonal_private/main.tf @@ -15,11 +15,11 @@ */ locals { - cluster_type = "simple-regional-private" + cluster_type = "simple-zonal-private" } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/stub_domains/main.tf b/examples/stub_domains/main.tf index 37264f781b..b81dc0cf8c 100644 --- a/examples/stub_domains/main.tf +++ b/examples/stub_domains/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/stub_domains_private/main.tf b/examples/stub_domains_private/main.tf index 65bc48247d..3f268e75a4 100644 --- a/examples/stub_domains_private/main.tf +++ b/examples/stub_domains_private/main.tf @@ -15,14 +15,10 @@ */ provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } -provider "random" { - version = "~> 2.1" -} - data "google_compute_subnetwork" "subnetwork" { name = var.subnetwork project = var.project_id diff --git a/examples/stub_domains_upstream_nameservers/main.tf b/examples/stub_domains_upstream_nameservers/main.tf index 0da83b95c6..4b7448b7e8 100644 --- a/examples/stub_domains_upstream_nameservers/main.tf +++ b/examples/stub_domains_upstream_nameservers/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/examples/upstream_nameservers/main.tf b/examples/upstream_nameservers/main.tf index ecded7c29c..784e8a0cd3 100644 --- a/examples/upstream_nameservers/main.tf +++ b/examples/upstream_nameservers/main.tf @@ -19,7 +19,7 @@ locals { } provider "google" { - version = "~> 2.12.0" + version = "~> 2.18.0" region = var.region } diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 93daea71ca..e9b13daa59 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -212,6 +212,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | endpoint | Cluster endpoint | | horizontal\_pod\_autoscaling\_enabled | Whether horizontal pod autoscaling enabled | | http\_load\_balancing\_enabled | Whether http load balancing enabled | +| identity\_namespace | Workload Identity namespace | | intranode\_visibility\_enabled | Whether intra-node visibility is enabled | | istio\_enabled | Whether Istio is enabled | | kubernetes\_dashboard\_enabled | Whether kubernetes dashboard enabled | diff --git a/modules/beta-private-cluster-update-variant/outputs.tf b/modules/beta-private-cluster-update-variant/outputs.tf index 956c8c2d5d..fb3f29c401 100644 --- a/modules/beta-private-cluster-update-variant/outputs.tf +++ b/modules/beta-private-cluster-update-variant/outputs.tf @@ -153,3 +153,11 @@ output "release_channel" { description = "The release channel of this cluster" value = var.release_channel } + +output "identity_namespace" { + description = "Workload Identity namespace" + value = var.identity_namespace + depends_on = [ + "google_container_cluster.primary" + ] +} diff --git a/modules/beta-private-cluster-update-variant/versions.tf b/modules/beta-private-cluster-update-variant/versions.tf index 832ec1df39..8e29303fa9 100644 --- a/modules/beta-private-cluster-update-variant/versions.tf +++ b/modules/beta-private-cluster-update-variant/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google-beta = "~> 2.18.0" + } } diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 4096848139..ed98fb6093 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -212,6 +212,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | endpoint | Cluster endpoint | | horizontal\_pod\_autoscaling\_enabled | Whether horizontal pod autoscaling enabled | | http\_load\_balancing\_enabled | Whether http load balancing enabled | +| identity\_namespace | Workload Identity namespace | | intranode\_visibility\_enabled | Whether intra-node visibility is enabled | | istio\_enabled | Whether Istio is enabled | | kubernetes\_dashboard\_enabled | Whether kubernetes dashboard enabled | diff --git a/modules/beta-private-cluster/outputs.tf b/modules/beta-private-cluster/outputs.tf index 956c8c2d5d..fb3f29c401 100644 --- a/modules/beta-private-cluster/outputs.tf +++ b/modules/beta-private-cluster/outputs.tf @@ -153,3 +153,11 @@ output "release_channel" { description = "The release channel of this cluster" value = var.release_channel } + +output "identity_namespace" { + description = "Workload Identity namespace" + value = var.identity_namespace + depends_on = [ + "google_container_cluster.primary" + ] +} diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf index 832ec1df39..8e29303fa9 100644 --- a/modules/beta-private-cluster/versions.tf +++ b/modules/beta-private-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google-beta = "~> 2.18.0" + } } diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 258ea431e4..a9e71538e2 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -203,6 +203,7 @@ In either case, upgrading to module version `v1.0.0` will trigger a recreation o | endpoint | Cluster endpoint | | horizontal\_pod\_autoscaling\_enabled | Whether horizontal pod autoscaling enabled | | http\_load\_balancing\_enabled | Whether http load balancing enabled | +| identity\_namespace | Workload Identity namespace | | intranode\_visibility\_enabled | Whether intra-node visibility is enabled | | istio\_enabled | Whether Istio is enabled | | kubernetes\_dashboard\_enabled | Whether kubernetes dashboard enabled | diff --git a/modules/beta-public-cluster/outputs.tf b/modules/beta-public-cluster/outputs.tf index 956c8c2d5d..fb3f29c401 100644 --- a/modules/beta-public-cluster/outputs.tf +++ b/modules/beta-public-cluster/outputs.tf @@ -153,3 +153,11 @@ output "release_channel" { description = "The release channel of this cluster" value = var.release_channel } + +output "identity_namespace" { + description = "Workload Identity namespace" + value = var.identity_namespace + depends_on = [ + "google_container_cluster.primary" + ] +} diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf index 832ec1df39..8e29303fa9 100644 --- a/modules/beta-public-cluster/versions.tf +++ b/modules/beta-public-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google-beta = "~> 2.18.0" + } } diff --git a/modules/private-cluster-update-variant/versions.tf b/modules/private-cluster-update-variant/versions.tf index 832ec1df39..e4544656fa 100644 --- a/modules/private-cluster-update-variant/versions.tf +++ b/modules/private-cluster-update-variant/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google = "~> 2.18.0" + } } diff --git a/modules/private-cluster/versions.tf b/modules/private-cluster/versions.tf index 832ec1df39..e4544656fa 100644 --- a/modules/private-cluster/versions.tf +++ b/modules/private-cluster/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google = "~> 2.18.0" + } } diff --git a/test/ci/deploy-service.yml b/test/ci/deploy-service.yml deleted file mode 100644 index 60505669b5..0000000000 --- a/test/ci/deploy-service.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "deploy-service-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/node-pool.yml b/test/ci/node-pool.yml deleted file mode 100644 index 2402c32eba..0000000000 --- a/test/ci/node-pool.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "node-pool-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/shared-vpc.yml b/test/ci/shared-vpc.yml deleted file mode 100644 index e209809246..0000000000 --- a/test/ci/shared-vpc.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "shared-vpc-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/simple-regional-private.yml b/test/ci/simple-regional-private.yml deleted file mode 100644 index 36e00041d3..0000000000 --- a/test/ci/simple-regional-private.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "simple-regional-private-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/simple-regional.yml b/test/ci/simple-regional.yml deleted file mode 100644 index a3bec48292..0000000000 --- a/test/ci/simple-regional.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "simple-regional-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/simple-zonal-private.yml b/test/ci/simple-zonal-private.yml deleted file mode 100644 index 45dde32b64..0000000000 --- a/test/ci/simple-zonal-private.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "simple-zonal-private-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/simple-zonal.yml b/test/ci/simple-zonal.yml deleted file mode 100644 index 6fcde7a1c7..0000000000 --- a/test/ci/simple-zonal.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "simple-zonal-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/stub-domains-upstream-nameservers.yml b/test/ci/stub-domains-upstream-nameservers.yml deleted file mode 100644 index 4015338278..0000000000 --- a/test/ci/stub-domains-upstream-nameservers.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "stub-domains-upstream-nameservers-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/stub-domains.yml b/test/ci/stub-domains.yml deleted file mode 100644 index c7130a3328..0000000000 --- a/test/ci/stub-domains.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "stub-domains-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/upstream-nameservers.yml b/test/ci/upstream-nameservers.yml deleted file mode 100644 index 987884010a..0000000000 --- a/test/ci/upstream-nameservers.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "upstream-nameservers-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' diff --git a/test/ci/workload-metadata-config.yml b/test/ci/workload-metadata-config.yml deleted file mode 100644 index 231c8dfc3a..0000000000 --- a/test/ci/workload-metadata-config.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -platform: linux - -inputs: -- name: pull-request - path: terraform-google-kubernetes-engine - -run: - path: make - args: ['test_integration'] - dir: terraform-google-kubernetes-engine - -params: - SUITE: "workload-metadata-config-local" - COMPUTE_ENGINE_SERVICE_ACCOUNT: "" - REGION: "us-east4" - ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]' - diff --git a/test/fixtures/disable_client_cert/example.tf b/test/fixtures/disable_client_cert/example.tf index c1baed7c36..23ea6da936 100644 --- a/test/fixtures/disable_client_cert/example.tf +++ b/test/fixtures/disable_client_cert/example.tf @@ -18,7 +18,6 @@ module "example" { source = "../../../examples/disable_client_cert" project_id = var.project_id - credentials_path = "" cluster_name_suffix = "-${random_string.suffix.result}" region = var.region network = google_compute_network.main.name diff --git a/test/integration/disable_client_cert/inspec.yml b/test/integration/disable_client_cert/inspec.yml index 7959c6bb01..5803767d32 100644 --- a/test/integration/disable_client_cert/inspec.yml +++ b/test/integration/disable_client_cert/inspec.yml @@ -3,9 +3,6 @@ attributes: - name: project_id required: true type: string - - name: credentials_path - required: true - type: string - name: location required: true type: string diff --git a/test/integration/simple_zonal/controls/gcp.rb b/test/integration/simple_zonal/controls/gcp.rb index 6e9ade64ff..ad6ec1a7b2 100644 --- a/test/integration/simple_zonal/controls/gcp.rb +++ b/test/integration/simple_zonal/controls/gcp.rb @@ -24,7 +24,7 @@ service_account_name = "projects/#{project_id}/serviceAccounts/#{service_account}" end - describe google_service_account name: service_account_name do + describe google_service_account(name: service_account_name) do its("display_name") { should eq "Terraform-managed service account for cluster #{attribute("cluster_name")}" } its("project_id") { should eq project_id } end diff --git a/test/integration/simple_zonal/inspec.yml b/test/integration/simple_zonal/inspec.yml index 5cb8ff9e01..3a3bc74145 100644 --- a/test/integration/simple_zonal/inspec.yml +++ b/test/integration/simple_zonal/inspec.yml @@ -2,7 +2,7 @@ name: simple_zonal depends: - name: inspec-gcp git: https://github.com/inspec/inspec-gcp.git - tag: v0.10.0 + tag: v0.16.0 attributes: - name: project_id required: true @@ -25,7 +25,4 @@ attributes: - name: service_account required: true type: string - - name: service_account - required: true - type: string diff --git a/test/integration/simple_zonal_private/inspec.yml b/test/integration/simple_zonal_private/inspec.yml index ebe54e2374..4af03f2087 100644 --- a/test/integration/simple_zonal_private/inspec.yml +++ b/test/integration/simple_zonal_private/inspec.yml @@ -1,4 +1,4 @@ -name: simple_regional_private +name: simple_zonal_private attributes: - name: project_id required: true diff --git a/versions.tf b/versions.tf index 832ec1df39..e4544656fa 100644 --- a/versions.tf +++ b/versions.tf @@ -16,4 +16,8 @@ terraform { required_version = ">= 0.12" + + required_providers { + google = "~> 2.18.0" + } }