zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor net-address variables, add support for internal address purpose 

* add support for internal address purpose
* update gcs module README
* refactor net address module interface and add tests
* add more examples in net-address README
This commit is contained in:
Ludovico Magnocavallo 2020-09-01 18:49:21 +02:00 committed by GitHub
parent daf3dc41e7
commit 0265ba0951
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 225 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/gcs/README.md
View File

@ -93,9 +93,9 @@ module "buckets" {
| *labels* | Labels to be attached to all buckets. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *location* | Bucket location. | <code title="">string</code> | | <code title="">EU</code> |
| *prefix* | Prefix used to generate the bucket name. | <code title="">string</code> | | <code title="">null</code> |
| *retention_policies* | Per-bucket retention policy. | <code title="map&#40;map&#40;string&#41;&#41;">map(map(string))</code> | | <code title="">{}</code> |
| *storage_class* | Bucket storage class. | <code title="">string</code> | | <code title="">MULTI_REGIONAL</code> |
| *versioning* | Optional map to set versioning keyed by name, defaults to false. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *retention_policies* | Optional map to set up retention policy keyed by bucket name. | <code title="map&#40;bool&#41;">map(map(string))</code> | | <code title="">{}</code> |
## Outputs

41
modules/net-address/README.md
View File

@ -1,14 +1,46 @@
# Net Address Reservation Module
## Example
This module allows reserving Compute Engine external, global, and internal addresses.
## Examples
### External and global addresses
```hcl
module "addresses" {
source = "./modules/net-address"
project_id = local.projects.host
external_addresses = {
nat-1 = module.vpc.subnet_regions["default"],
vpn-remote = module.vpc.subnet_regions["default"],
nat-1 = var.region
vpn-remote = var.region
}
global_addresses = ["app-1", "app-2"]
}
```
### Internal addresses
```hcl
module "addresses" {
source = "./modules/net-address"
project_id = local.projects.host
internal_addresses = {
ilb-1 = {
region = var.region
subnetwork = module.vpc.subnet_self_links["${var.region}-test"]
}
ilb-2 = {
region = var.region
subnetwork = module.vpc.subnet_self_links["${var.region}-test"]
}
}
# optional configuration
internal_addresses_config = {
ilb-1 = {
address = null
purpose = "SHARED_LOADBALANCER_VIP"
tier = null
}
}
}
```
@ -21,9 +53,8 @@ module "addresses" {
| project_id | Project where the addresses will be created. | <code title="">string</code> | ✓ | |
| *external_addresses* | Map of external address regions, keyed by name. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *global_addresses* | List of global addresses to create. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *internal_address_addresses* | Optional explicit addresses for internal addresses, keyed by name. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *internal_address_tiers* | Optional network tiers for internal addresses, keyed by name. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *internal_addresses* | Map of internal addresses to create, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;region &#61; string&#10;subnetwork &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">{}</code> |
| *internal_addresses_config* | Optional configuration for internal addresses, keyed by name. Unused options can be set to null. | <code title="map&#40;object&#40;&#123;&#10;address &#61; string&#10;purpose &#61; string&#10;tier &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">{}</code> |
## Outputs

6
modules/net-address/main.tf
View File

@ -31,6 +31,7 @@ resource "google_compute_address" "external" {
}
resource "google_compute_address" "internal" {
provider = google-beta
for_each = var.internal_addresses
project = var.project_id
name = each.key
@ -38,7 +39,8 @@ resource "google_compute_address" "internal" {
address_type = "INTERNAL"
region = each.value.region
subnetwork = each.value.subnetwork
address = lookup(var.internal_address_addresses, each.key, null)
network_tier = lookup(var.internal_address_tiers, each.key, null)
address = try(var.internal_addresses_config[each.key].address, null)
network_tier = try(var.internal_addresses_config[each.key].tier, null)
purpose = try(var.internal_addresses_config[each.key].purpose, null)
# labels = lookup(var.internal_address_labels, each.key, {})
}

1
modules/net-address/outputs.tf
View File

@ -31,7 +31,6 @@ output "global_addresses" {
address.name => {
address = address.address
self_link = address.self_link
status = address.status
}
}
}

18
modules/net-address/variables.tf
View File

@ -41,16 +41,14 @@ variable "internal_addresses" {
default = {}
}
variable "internal_address_addresses" {
description = "Optional explicit addresses for internal addresses, keyed by name."
type = map(string)
default = {}
}
variable "internal_address_tiers" {
description = "Optional network tiers for internal addresses, keyed by name."
type = map(string)
default = {}
variable "internal_addresses_config" {
description = "Optional configuration for internal addresses, keyed by name. Unused options can be set to null."
type = map(object({
address = string
purpose = string
tier = string
}))
default = {}
}
# variable "internal_address_labels" {

3
modules/net-address/versions.tf
View File

@ -16,4 +16,7 @@
terraform {
required_version = ">= 0.12.6"
required_providers {
google-beta = "~> 3.28.0"
}
}

13
tests/modules/net_address/__init__.py Normal file
View File

@ -0,0 +1,13 @@
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

24
tests/modules/net_address/fixture/main.tf Normal file
View File

@ -0,0 +1,24 @@
/**
* Copyright 2020 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "test" {
source = "../../../../modules/net-address"
external_addresses = var.external_addresses
global_addresses = var.global_addresses
internal_addresses = var.internal_addresses
internal_addresses_config = var.internal_addresses_config
project_id = var.project_id
}

19
tests/modules/net_address/fixture/outputs.tf Normal file
View File

@ -0,0 +1,19 @@
/**
* Copyright 2020 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
output "module" {
value = module.test
}

47
tests/modules/net_address/fixture/variables.tf Normal file
View File

@ -0,0 +1,47 @@
/**
* Copyright 2020 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "external_addresses" {
type = map(string)
default = {}
}
variable "global_addresses" {
type = list(string)
default = []
}
variable "internal_addresses" {
type = map(object({
region = string
subnetwork = string
}))
default = {}
}
variable "internal_addresses_config" {
type = map(object({
address = string
purpose = string
tier = string
}))
default = {}
}
variable "project_id" {
type = string
default = "my-project"
}

70
tests/modules/net_address/test_plan.py Normal file
View File

@ -0,0 +1,70 @@
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import pytest
FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture')
def test_external_addresses(plan_runner):
addresses = '{one = "europe-west1", two = "europe-west2"}'
_, resources = plan_runner(FIXTURES_DIR, external_addresses=addresses)
assert [r['values']['name'] for r in resources] == ['one', 'two']
assert set(r['values']['address_type']
for r in resources) == set(['EXTERNAL'])
assert [r['values']['region']
for r in resources] == ['europe-west1', 'europe-west2']
def test_global_addresses(plan_runner):
_, resources = plan_runner(FIXTURES_DIR, global_addresses='["one", "two"]')
assert [r['values']['name'] for r in resources] == ['one', 'two']
assert set(r['values']['address_type'] for r in resources) == set([None])
def test_internal_addresses(plan_runner):
addresses = (
'{one = {region = "europe-west1", subnetwork = "foobar"}, '
'two = {region = "europe-west2", subnetwork = "foobarz"}}'
)
_, resources = plan_runner(FIXTURES_DIR, internal_addresses=addresses)
assert [r['values']['name'] for r in resources] == ['one', 'two']
assert set(r['values']['address_type']
for r in resources) == set(['INTERNAL'])
assert [r['values']['region']
for r in resources] == ['europe-west1', 'europe-west2']
def test_internal_addresses_config(plan_runner):
addresses = (
'{one = {region = "europe-west1", subnetwork = "foobar"}, '
'two = {region = "europe-west2", subnetwork = "foobarz"}}'
)
config = (
'{one = {address = "10.0.0.2", purpose = "SHARED_LOADBALANCER_VIP", '
'tier=null}}'
)
_, resources = plan_runner(FIXTURES_DIR,
internal_addresses=addresses,
internal_addresses_config=config)
assert [r['values']['name'] for r in resources] == ['one', 'two']
assert set(r['values']['address_type']
for r in resources) == set(['INTERNAL'])
assert [r['values'].get('address')
for r in resources] == ['10.0.0.2', None]
assert [r['values'].get('purpose')
for r in resources] == ['SHARED_LOADBALANCER_VIP', None]