From 0030f42aaa63c72dc4448735e6f20b41021401d7 Mon Sep 17 00:00:00 2001
From: Bohdan Yurov <bohdan@yurov.me>
Date: Fri, 26 Jul 2019 19:16:26 +0300
Subject: [PATCH] Fixes #180: Add tests for beta submodules/examples
 https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/180

Updated GKE CI pipeline for beta module
---
 .../terraform-google-kubernetes-engine.yml    |  6 ++++++
 .../terraform-google-kubernetes-engine.tf     | 20 +++++++++++++++----
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/infra/concourse/pipelines/terraform-google-kubernetes-engine.yml b/infra/concourse/pipelines/terraform-google-kubernetes-engine.yml
index 9abe89d5747..095d346ab13 100644
--- a/infra/concourse/pipelines/terraform-google-kubernetes-engine.yml
+++ b/infra/concourse/pipelines/terraform-google-kubernetes-engine.yml
@@ -161,6 +161,12 @@ jobs:
       params:
         <<: *run-tests-params
 
+    - task: run-tests-beta-cluster
+      image: integration-test-image
+      file: pull-request/test/ci/beta-cluster.yml
+      params:
+        <<: *run-tests-params
+
   on_success:
     put: notify-integration-test-success
     resource: pull-request
diff --git a/infra/terraform/test_fixtures/terraform-google-kubernetes-engine.tf b/infra/terraform/test_fixtures/terraform-google-kubernetes-engine.tf
index 00597fdd472..cbe4b7c6c70 100644
--- a/infra/terraform/test_fixtures/terraform-google-kubernetes-engine.tf
+++ b/infra/terraform/test_fixtures/terraform-google-kubernetes-engine.tf
@@ -25,16 +25,17 @@ resource "google_project_services" "ci_kubernetes_engine" {
 
   services = [
     "bigquery-json.googleapis.com",
+    "cloudkms.googleapis.com",
+    "cloudresourcemanager.googleapis.com",
     "compute.googleapis.com",
     "container.googleapis.com",
     "containerregistry.googleapis.com",
+    "iam.googleapis.com",
+    "iamcredentials.googleapis.com",
     "oslogin.googleapis.com",
     "pubsub.googleapis.com",
-    "storage-api.googleapis.com",
-    "iam.googleapis.com",
     "serviceusage.googleapis.com",
-    "iamcredentials.googleapis.com",
-    "cloudresourcemanager.googleapis.com",
+    "storage-api.googleapis.com",
   ]
 }
 
@@ -59,6 +60,17 @@ resource "google_project_iam_binding" "ci_kubernetes_engine" {
   ]
 }
 
+resource "google_project_iam_binding" "ci_kubernetes_engine_kms_access" {
+  provider = "google.phoogle"
+
+  project = "${google_project_services.ci_kubernetes_engine.project}"
+  role    = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+  members = [
+    "serviceAccount:service-${google_project.ci_kubernetes_engine.id}@container-engine-robot.iam.gserviceaccount.com",
+  ]
+}
+
 resource "google_service_account_key" "ci_kubernetes_engine" {
   provider = "google.phoogle"