Adding new integration test

This commit adds a new integration test, which tests the beta public module.
terraform-google-modules · Jun 27, 2019 · 3ca42a5 · 3ca42a5
1 parent 87bdc01
commit 3ca42a5
Show file tree

Hide file tree

Showing 9 changed files with 298 additions and 0 deletions.
diff --git a/.kitchen.yml b/.kitchen.yml
@@ -104,3 +104,16 @@ suites:
       systems:
         - name: stub_domains_private
           backend: local
+  - name: "beta_public_cluster"
+    driver:
+      root_module_directory: test/fixtures/beta_public_cluster
+    verifier:
+      systems:
+        - name: gcloud
+          backend: local
+          controls:
+            - gcloud
+        - name: gcp
+          backend: gcp
+          controls:
+            - gcp
diff --git a/test/ci/beta-public-cluster.yml b/test/ci/beta-public-cluster.yml
@@ -0,0 +1,18 @@
+---
+
+platform: linux
+
+inputs:
+- name: pull-request
+  path: terraform-google-kubernetes-engine
+
+run:
+  path: make
+  args: ['test_integration']
+  dir: terraform-google-kubernetes-engine
+
+params:
+  SUITE: "beta-public-cluster"
+  COMPUTE_ENGINE_SERVICE_ACCOUNT: ""
+  REGION: "us-east4"
+  ZONES: '["us-east4-a", "us-east4-b", "us-east4-c"]'
diff --git a/test/fixtures/beta_public_cluster/example.tf b/test/fixtures/beta_public_cluster/example.tf
@@ -0,0 +1,28 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "example" {
+  source = "../../../examples/beta-public-cluster"
+
+  project_id                     = "${var.project_id}"
+  cluster_name_suffix            = "-${random_string.suffix.result}"
+  region                         = "${var.region}"
+  network                        = "${google_compute_network.main.name}"
+  subnetwork                     = "${google_compute_subnetwork.main.name}"
+  ip_range_pods                  = "${google_compute_subnetwork.main.secondary_ip_range.0.range_name}"
+  ip_range_services              = "${google_compute_subnetwork.main.secondary_ip_range.1.range_name}"
+  compute_engine_service_account = "${var.compute_engine_service_account}"
+}
diff --git a/test/fixtures/beta_public_cluster/network.tf b/test/fixtures/beta_public_cluster/network.tf
@@ -0,0 +1,47 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+resource "random_string" "suffix" {
+  length  = 4
+  special = false
+  upper   = false
+}
+
+provider "google" {
+  project     = "${var.project_id}"
+}
+
+resource "google_compute_network" "main" {
+  name                    = "cft-gke-test-${random_string.suffix.result}"
+  auto_create_subnetworks = "false"
+}
+
+resource "google_compute_subnetwork" "main" {
+  name          = "cft-gke-test-${random_string.suffix.result}"
+  ip_cidr_range = "10.0.0.0/17"
+  region        = "${var.region}"
+  network       = "${google_compute_network.main.self_link}"
+
+  secondary_ip_range {
+    range_name    = "cft-gke-test-pods-${random_string.suffix.result}"
+    ip_cidr_range = "192.168.0.0/18"
+  }
+
+  secondary_ip_range {
+    range_name    = "cft-gke-test-services-${random_string.suffix.result}"
+    ip_cidr_range = "192.168.64.0/18"
+  }
+}
diff --git a/test/fixtures/beta_public_cluster/outputs.tf b/test/fixtures/beta_public_cluster/outputs.tf
@@ -0,0 +1 @@
+../shared/outputs.tf
diff --git a/test/fixtures/beta_public_cluster/terraform.tfvars b/test/fixtures/beta_public_cluster/terraform.tfvars
@@ -0,0 +1 @@
+../shared/terraform.tfvars
diff --git a/test/fixtures/beta_public_cluster/variables.tf b/test/fixtures/beta_public_cluster/variables.tf
@@ -0,0 +1 @@
+../shared/variables.tf
diff --git a/test/integration/beta_public_cluster/controls/gcloud.rb b/test/integration/beta_public_cluster/controls/gcloud.rb
@@ -0,0 +1,172 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+project_id = attribute('project_id')
+location = attribute('location')
+cluster_name = attribute('cluster_name')
+
+control "gcloud" do
+  title "Google Compute Engine GKE configuration"
+  describe command("gcloud --project=#{project_id} container clusters --zone=#{location} describe #{cluster_name} --format=json") do
+    its(:exit_status) { should eq 0 }
+    its(:stderr) { should eq '' }
+
+    let!(:data) do
+      if subject.exit_status == 0
+        JSON.parse(subject.stdout)
+      else
+        {}
+      end
+    end
+
+    describe "cluster" do
+      it "is running" do
+        expect(data['status']).to eq 'RUNNING'
+      end
+
+      it "is regional" do
+        expect(data['location']).to match(/^.*[1-9]$/)
+      end
+
+      it "uses public nodes and master endpoint" do
+        expect(data['privateClusterConfig']).to eq nil
+      end
+
+      it "has the expected addon settings" do
+        expect(data['addonsConfig']).to eq({
+          "horizontalPodAutoscaling" => {},
+          "httpLoadBalancing" => {},
+          "kubernetesDashboard" => {
+            "disabled" => true,
+          },
+          "networkPolicyConfig" => {
+            "disabled" => true,
+          },
+        })
+      end
+    end
+
+    describe "default node pool" do
+      let(:default_node_pool) { data['nodePools'].select { |p| p['name'] == "default-pool" }.first }
+
+      it "exists" do
+        expect(data['nodePools']).to include(
+          including(
+            "name" => "default-pool",
+          )
+        )
+      end
+    end
+
+    describe "node pool" do
+      let(:node_pools) { data['nodePools'].reject { |p| p['name'] == "default-pool" } }
+
+      it "has autoscaling enabled" do
+        expect(node_pools).to include(
+          including(
+            "autoscaling" => including(
+              "enabled" => true,
+            ),
+          )
+        )
+      end
+
+      it "has the expected minimum node count" do
+        expect(node_pools).to include(
+          including(
+            "autoscaling" => including(
+              "minNodeCount" => 1,
+            ),
+          )
+        )
+      end
+
+      it "has the expected maximum node count" do
+        expect(node_pools).to include(
+          including(
+            "autoscaling" => including(
+              "maxNodeCount" => 100,
+            ),
+          )
+        )
+      end
+
+      it "is the expected machine type" do
+        expect(node_pools).to include(
+          including(
+            "config" => including(
+              "machineType" => "n1-standard-2",
+            ),
+          )
+        )
+      end
+
+      it "has the expected disk size" do
+        expect(node_pools).to include(
+          including(
+            "config" => including(
+              "diskSizeGb" => 100,
+            ),
+          )
+        )
+      end
+
+      it "has the expected labels" do
+        expect(node_pools).to include(
+          including(
+            "config" => including(
+              "labels" => including(
+                "cluster_name" => cluster_name,
+                "node_pool" => "default-node-pool",
+              ),
+            ),
+          )
+        )
+      end
+
+      it "has the expected network tags" do
+        expect(node_pools).to include(
+          including(
+            "config" => including(
+              "tags" => match_array([
+                "gke-#{cluster_name}",
+                "gke-#{cluster_name}-default-node-pool",
+              ]),
+            ),
+          )
+        )
+      end
+
+      it "has autorepair enabled" do
+        expect(node_pools).to include(
+          including(
+            "management" => including(
+              "autoRepair" => true,
+            ),
+          )
+        )
+      end
+
+      it "has autoupgrade enabled" do
+        expect(node_pools).to include(
+          including(
+            "management" => including(
+              "autoUpgrade" => true,
+            ),
+          )
+        )
+      end
+    end
+  end
+end
diff --git a/test/integration/beta_public_cluster/inspec.yml b/test/integration/beta_public_cluster/inspec.yml
@@ -0,0 +1,17 @@
+name: beta_public_cluster
+attributes:
+  - name: project_id
+    required: true
+    type: string
+  - name: location
+    required: true
+    type: string
+  - name: cluster_name
+    required: true
+    type: string
+  - name: kubernetes_endpoint
+    required: true
+    type: string
+  - name: client_token
+    required: true
+    type: string