zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove recursive_e2e_plan_runner

This commit is contained in:
Julio Castillo 2022-12-16 17:57:32 +01:00
parent b2232e4f00
commit 09ad53000e
34 changed files with 399 additions and 676 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tests/blueprints/cloud_operations/apigee/fixture/test.regular.tfvars → tests/blueprints/cloud_operations/apigee/basic.tfvars
View File

@ -20,4 +20,4 @@ instances = {
}
psc_config = {
europe-west1 = "10.0.0.0/28"
}
}

17
tests/blueprints/cloud_operations/apigee/basic.yaml Normal file
View File

@ -0,0 +1,17 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
counts:
modules: 9
resources: 59

28
tests/blueprints/cloud_operations/apigee/fixture/main.tf
View File

@ -1,28 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "test" {
source = "../../../../../blueprints/cloud-operations/apigee"
project_create = var.project_create
project_id = var.project_id
organization = var.organization
envgroups = var.envgroups
environments = var.environments
instances = var.instances
path = var.path
datastore_name = var.datastore_name
psc_config = var.psc_config
}

123
tests/blueprints/cloud_operations/apigee/fixture/variables.tf
View File

@ -1,123 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "project_create" {
description = "Parameters for the creation of the new project."
type = object({
billing_account_id = string
parent = string
})
default = null
}
variable "vpc_create" {
description = "Boolean flag indicating whether the VPC should be created or not."
type = bool
default = true
}
variable "project_id" {
description = "Project ID."
type = string
nullable = false
}
variable "organization" {
description = "Apigee organization."
type = object({
display_name = optional(string, "Apigee organization created by tf module")
description = optional(string, "Apigee organization created by tf module")
authorized_network = optional(string, "vpc")
runtime_type = optional(string, "CLOUD")
billing_type = optional(string)
database_encryption_key = optional(string)
analytics_region = optional(string, "europe-west1")
})
nullable = false
default = {
}
}
variable "envgroups" {
description = "Environment groups (NAME => [HOSTNAMES])."
type = map(list(string))
nullable = false
}
variable "environments" {
description = "Environments."
type = map(object({
display_name = optional(string)
description = optional(string)
node_config = optional(object({
min_node_count = optional(number)
max_node_count = optional(number)
}))
iam = optional(map(list(string)))
envgroups = list(string)
}))
nullable = false
}
variable "instances" {
description = "Instance."
type = map(object({
display_name = optional(string)
description = optional(string)
region = string
environments = list(string)
psa_ip_cidr_range = string
disk_encryption_key = optional(string)
consumer_accept_list = optional(list(string))
}))
nullable = false
}
variable "path" {
description = "Bucket path."
type = string
default = "/analytics"
nullable = false
}
variable "datastore_name" {
description = "Datastore"
type = string
nullable = false
default = "gcs"
}
variable "psc_config" {
description = "PSC configuration."
type = map(string)
nullable = false
}

9
tests/blueprints/cloud_operations/apigee/test_plan.py → tests/blueprints/cloud_operations/apigee/tftest.yaml
View File

@ -12,10 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
import collections
module: blueprints/cloud-operations/apigee
def test_blueprint(recursive_e2e_plan_runner):
"Test that all blueprint resources are created."
count_modules, count_resources = recursive_e2e_plan_runner(tf_var_file='test.regular.tfvars')
assert count_modules == 10
assert count_resources == 59
tests:
basic:

29
tests/fast/stages/s01_resman/common.tfvars Normal file
View File

@ -0,0 +1,29 @@
automation = {
federated_identity_pool = null
federated_identity_providers = null
project_id = "fast-prod-automation"
project_number = 123456
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
# organization_iam_admin = "organizations/123456789012/roles/organizationIamAdmin",
service_project_network_admin = "organizations/123456789012/roles/xpnServiceAdmin"
}
groups = {
gcp-billing-admins = "gcp-billing-admins",
gcp-devops = "gcp-devops",
gcp-network-admins = "gcp-network-admins",
gcp-organization-admins = "gcp-organization-admins",
gcp-security-admins = "gcp-security-admins",
gcp-support = "gcp-support"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"

48
tests/fast/stages/s01_resman/fixture/main.tf
View File

@ -1,48 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "stage" {
source = "../../../../../fast/stages/01-resman"
automation = {
federated_identity_pool = null
federated_identity_providers = null
project_id = "fast-prod-automation"
project_number = 123456
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
# organization_iam_admin = "organizations/123456789012/roles/organizationIamAdmin",
service_project_network_admin = "organizations/123456789012/roles/xpnServiceAdmin"
}
groups = {
gcp-billing-admins = "gcp-billing-admins",
gcp-devops = "gcp-devops",
gcp-network-admins = "gcp-network-admins",
gcp-organization-admins = "gcp-organization-admins",
gcp-security-admins = "gcp-security-admins",
gcp-support = "gcp-support"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"
}

9
tests/fast/stages/s01_resman/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/01-resman",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

30
tests/fast/stages/s02_networking_nva/common.tfvars Normal file
View File

@ -0,0 +1,30 @@
data_dir = "../../../fast/stages/02-networking-nva/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
gke-dev = "string"
gke-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"

49
tests/fast/stages/s02_networking_nva/fixture/main.tf
View File

@ -1,49 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "stage" {
source = "../../../../../fast/stages/02-networking-nva"
data_dir = "../../../../../fast/stages/02-networking-nva/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
gke-dev = "string"
gke-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"
}

9
tests/fast/stages/s02_networking_nva/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/02-networking-nva",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

35
tests/fast/stages/s02_networking_peering/common.tfvars Normal file
View File

@ -0,0 +1,35 @@
data_dir = "../../../fast/stages/02-networking-peering/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
region_trigram = {
europe-west1 = "ew1"
europe-west3 = "ew3"
europe-west8 = "ew8"
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
gke-dev = "string"
gke-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"

54
tests/fast/stages/s02_networking_peering/fixture/main.tf
View File

@ -1,54 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "stage" {
source = "../../../../../fast/stages/02-networking-peering"
data_dir = "../../../../../fast/stages/02-networking-peering/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
region_trigram = {
europe-west1 = "ew1"
europe-west3 = "ew3"
europe-west8 = "ew8"
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
gke-dev = "string"
gke-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"
}

27
tests/fast/stages/s02_networking_peering/test_plan.py
View File

@ -27,24 +27,27 @@ STAGE_PEERING = STAGES / '02-networking-peering'
STAGE_VPN = STAGES / '02-networking-vpn'
def test_counts(recursive_e2e_plan_runner):
'Test stage.'
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
def test_counts(plan_summary):
"Test stage."
summary = plan_summary("fast/stages/02-networking-peering",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0
def test_vpn_peering_parity(e2e_plan_runner):
def test_vpn_peering_parity(plan_summary):
'''Ensure VPN- and peering-based networking stages are identical except
for VPN and VPC peering resources'''
_, plan_peering = e2e_plan_runner(fixture_path=FIXTURE_PEERING)
_, plan_vpn = e2e_plan_runner(fixture_path=FIXTURE_VPN)
summary_peering = plan_summary("fast/stages/02-networking-peering",
tf_var_files=["common.tfvars"])
summary_vpn = plan_summary("fast/stages/02-networking-vpn",
tf_var_files=["common.tfvars"])
ddiff = DeepDiff(plan_vpn, plan_peering, ignore_order=True,
group_by='address', view='tree')
ddiff = DeepDiff(summary_vpn.values, summary_peering.values,
ignore_order=True)
removed_types = {x.t1['type'] for x in ddiff['dictionary_item_removed']}
added_types = {x.t2['type'] for x in ddiff['dictionary_item_added']}
removed_types = {x.split('.')[-2] for x in ddiff['dictionary_item_removed']}
added_types = {x.split('.')[-2] for x in ddiff['dictionary_item_added']}
assert added_types == {'google_compute_network_peering'}
assert removed_types == {

28
tests/fast/stages/s02_networking_separate_envs/common.tfvars Normal file
View File

@ -0,0 +1,28 @@
data_dir = "../../../../../fast/stages/02-networking-separate-envs/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"

47
tests/fast/stages/s02_networking_separate_envs/fixture/main.tf
View File

@ -1,47 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "stage" {
source = "../../../../../fast/stages/02-networking-separate-envs"
data_dir = "../../../../../fast/stages/02-networking-separate-envs/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"
}

9
tests/fast/stages/s02_networking_separate_envs/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/02-networking-separate-envs",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

35
tests/fast/stages/s02_networking_vpn/common.tfvars Normal file
View File

@ -0,0 +1,35 @@
data_dir = "../../../../../fast/stages/02-networking-vpn/data/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
custom_roles = {
service_project_network_admin = "organizations/123456789012/roles/foo"
}
folder_ids = {
networking = null
networking-dev = null
networking-prod = null
}
region_trigram = {
europe-west1 = "ew1"
europe-west3 = "ew3"
europe-west8 = "ew8"
}
service_accounts = {
data-platform-dev = "string"
data-platform-prod = "string"
gke-dev = "string"
gke-prod = "string"
project-factory-dev = "string"
project-factory-prod = "string"
}
organization = {
domain = "fast.example.com"
id = 123456789012
customer_id = "C00000000"
}
prefix = "fast2"

9
tests/fast/stages/s02_networking_vpn/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/02-networking-vpn",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

88
tests/fast/stages/s02_security/common.tfvars Normal file
View File

@ -0,0 +1,88 @@
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
folder_ids = {
security = null
}
organization = {
domain = "gcp-pso-italy.net"
id = 856933387836
customer_id = "C01lmug8b"
}
prefix = "fast"
kms_keys = {
compute = {
iam = {
"roles/cloudkms.admin" = ["user:user1@example.com"]
}
labels = { service = "compute" }
locations = null
rotation_period = null
}
}
service_accounts = {
security = "foobar@iam.gserviceaccount.com"
data-platform-dev = "foobar@iam.gserviceaccount.com"
data-platform-prod = "foobar@iam.gserviceaccount.com"
project-factory-dev = "foobar@iam.gserviceaccount.com"
project-factory-prod = "foobar@iam.gserviceaccount.com"
}
vpc_sc_access_levels = {
onprem = {
conditions = [{
ip_subnetworks = ["101.101.101.0/24"]
}]
}
}
vpc_sc_egress_policies = {
iac-gcs = {
from = {
identities = [
"serviceAccount:xxx-prod-resman-security-0@xxx-prod-iac-core-0.iam.gserviceaccount.com"
]
}
to = {
operations = [{
method_selectors = ["*"]
service_name = "storage.googleapis.com"
}]
resources = ["projects/123456782"]
}
}
}
vpc_sc_ingress_policies = {
iac = {
from = {
identities = [
"serviceAccount:xxx-prod-resman-security-0@xxx-prod-iac-core-0.iam.gserviceaccount.com"
]
access_levels = ["*"]
}
to = {
operations = [{ method_selectors = [], service_name = "*" }]
resources = ["*"]
}
}
}
vpc_sc_perimeters = {
dev = {
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/1111111111"]
}
dev = {
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/0000000000"]
}
dev = {
access_levels = ["onprem"]
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/2222222222"]
}
}

107
tests/fast/stages/s02_security/fixture/main.tf
View File

@ -1,107 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "stage" {
source = "../../../../../fast/stages/02-security"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
folder_ids = {
security = null
}
organization = {
domain = "gcp-pso-italy.net"
id = 856933387836
customer_id = "C01lmug8b"
}
prefix = "fast"
kms_keys = {
compute = {
iam = {
"roles/cloudkms.admin" = ["user:user1@example.com"]
}
labels = { service = "compute" }
locations = null
rotation_period = null
}
}
service_accounts = {
security = "foobar@iam.gserviceaccount.com"
data-platform-dev = "foobar@iam.gserviceaccount.com"
data-platform-prod = "foobar@iam.gserviceaccount.com"
project-factory-dev = "foobar@iam.gserviceaccount.com"
project-factory-prod = "foobar@iam.gserviceaccount.com"
}
vpc_sc_access_levels = {
onprem = {
conditions = [{
ip_subnetworks = ["101.101.101.0/24"]
}]
}
}
vpc_sc_egress_policies = {
iac-gcs = {
from = {
identities = [
"serviceAccount:xxx-prod-resman-security-0@xxx-prod-iac-core-0.iam.gserviceaccount.com"
]
}
to = {
operations = [{
method_selectors = ["*"]
service_name = "storage.googleapis.com"
}]
resources = ["projects/123456782"]
}
}
}
vpc_sc_ingress_policies = {
iac = {
from = {
identities = [
"serviceAccount:xxx-prod-resman-security-0@xxx-prod-iac-core-0.iam.gserviceaccount.com"
]
access_levels = ["*"]
}
to = {
operations = [{ method_selectors = [], service_name = "*" }]
resources = ["*"]
}
}
}
vpc_sc_perimeters = {
dev = {
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/1111111111"]
}
dev = {
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/0000000000"]
}
dev = {
access_levels = ["onprem"]
egress_policies = ["iac-gcs"]
ingress_policies = ["iac"]
resources = ["projects/2222222222"]
}
}
}

9
tests/fast/stages/s02_security/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/02-security",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

26
tests/fast/stages/s03_data_platform/common.tfvars Normal file
View File

@ -0,0 +1,26 @@
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "012345-67890A-BCDEF0",
organization_id = 123456
}
folder_ids = {
data-platform-dev = "folders/12345678"
}
host_project_ids = {
dev-spoke-0 = "fast-dev-net-spoke-0"
}
organization = {
domain = "example.com"
id = 123456789012
customer_id = "A11aaaaa1"
}
prefix = "fast"
subnet_self_links = {
dev-spoke-0 = {
"europe-west1/dev-dataplatform-ew1" : "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-dataplatform-ew1",
"europe-west1/dev-default-ew1" : "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-default-ew1"
}
}
vpc_self_links = { dev-spoke-0 = "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/global/networks/dev-spoke-0" }

47
tests/fast/stages/s03_data_platform/fixture/main.tf
View File

@ -1,47 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
# tfdoc: Data platform stage test
module "stage" {
source = "../../../../../fast/stages/03-data-platform/dev/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "012345-67890A-BCDEF0",
organization_id = 123456
}
folder_ids = {
data-platform-dev = "folders/12345678"
}
host_project_ids = {
dev-spoke-0 = "fast-dev-net-spoke-0"
}
organization = {
domain = "example.com"
id = 123456789012
customer_id = "A11aaaaa1"
}
prefix = "fast"
subnet_self_links = {
dev-spoke-0 = {
"europe-west1/dev-dataplatform-ew1" : "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-dataplatform-ew1",
"europe-west1/dev-default-ew1" : "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-default-ew1"
}
}
vpc_self_links = { dev-spoke-0 = "https://www.googleapis.com/compute/v1/projects/fast-dev-net-spoke-0/global/networks/dev-spoke-0" }
}

9
tests/fast/stages/s03_data_platform/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/03-data-platform/dev/",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

41
tests/fast/stages/s03_gke_multitenant/common.tfvars Normal file
View File

@ -0,0 +1,41 @@
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "012345-67890A-BCDEF0",
organization_id = 123456
}
clusters = {
mycluster = {
cluster_autoscaling = null
description = "my cluster"
dns_domain = null
location = "europe-west1"
labels = {}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = true
}
vpc_config = {
subnetwork = "projects/prj-host/regions/europe-west1/subnetworks/gke-0"
master_ipv4_cidr_block = "172.16.20.0/28"
}
}
}
nodepools = {
mycluster = {
mynodepool = {
node_count = { initial = 1 }
}
}
}
folder_ids = {
gke-dev = "folders/12345678"
}
host_project_ids = {
dev-spoke-0 = "fast-dev-net-spoke-0"
}
prefix = "fast"
vpc_self_links = {
dev-spoke-0 = "projects/fast-dev-net-spoke-0/global/networks/dev-spoke-0"
}

62
tests/fast/stages/s03_gke_multitenant/fixture/main.tf
View File

@ -1,62 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
# tfdoc: Data platform stage test
module "stage" {
source = "../../../../../fast/stages/03-gke-multitenant/dev/"
automation = {
outputs_bucket = "test"
}
billing_account = {
id = "012345-67890A-BCDEF0",
organization_id = 123456
}
clusters = {
mycluster = {
cluster_autoscaling = null
description = "my cluster"
dns_domain = null
location = "europe-west1"
labels = {}
private_cluster_config = {
enable_private_endpoint = true
master_global_access = true
}
vpc_config = {
subnetwork = "projects/prj-host/regions/europe-west1/subnetworks/gke-0"
master_ipv4_cidr_block = "172.16.20.0/28"
}
}
}
nodepools = {
mycluster = {
mynodepool = {
node_count = { initial = 1 }
}
}
}
folder_ids = {
gke-dev = "folders/12345678"
}
host_project_ids = {
dev-spoke-0 = "fast-dev-net-spoke-0"
}
prefix = "fast"
vpc_self_links = {
dev-spoke-0 = "projects/fast-dev-net-spoke-0/global/networks/dev-spoke-0"
}
}

9
tests/fast/stages/s03_gke_multitenant/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/03-gke-multitenant/dev/",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

11
tests/fast/stages/s03_project_factory/common.tfvars Normal file
View File

@ -0,0 +1,11 @@
data_dir = "../../../../tests/fast/stages/s03_project_factory/data/projects/"
defaults_file = "../../../../tests/fast/stages/s03_project_factory/data/defaults.yaml"
prefix = "test"
environment_dns_zone = "dev"
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
vpc_self_links = {
dev-spoke-0 = "link"
}

0
tests/fast/stages/s03_project_factory/fixture/data/defaults.yaml → tests/fast/stages/s03_project_factory/data/defaults.yaml
View File

0
tests/fast/stages/s03_project_factory/fixture/data/projects/project.yaml → tests/fast/stages/s03_project_factory/data/projects/project.yaml
View File

32
tests/fast/stages/s03_project_factory/fixture/main.tf
View File

@ -1,32 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "projects" {
source = "../../../../../fast/stages/03-project-factory/dev"
data_dir = "./data/projects/"
defaults_file = "./data/defaults.yaml"
prefix = "test"
environment_dns_zone = "dev"
billing_account = {
id = "000000-111111-222222"
organization_id = 123456789012
}
vpc_self_links = {
dev-spoke-0 = "link"
}
}

9
tests/fast/stages/s03_project_factory/test_plan.py
View File

@ -13,8 +13,9 @@
# limitations under the License.
def test_counts(recursive_e2e_plan_runner):
def test_counts(plan_summary):
"Test stage."
num_modules, num_resources = recursive_e2e_plan_runner()
# TODO: to re-enable per-module resource count check print _, then test
assert num_modules > 0 and num_resources > 0
summary = plan_summary("fast/stages/03-project-factory/dev",
tf_var_files=["common.tfvars"])
assert summary.counts["modules"] > 0
assert summary.counts["resources"] > 0

28
tests/legacy_fixtures.py
View File

@ -96,34 +96,6 @@ def e2e_plan_runner(_plan_runner):
return run_plan
@pytest.fixture(scope='session')
def recursive_e2e_plan_runner(_plan_runner):
"""
Plan runner for end-to-end root module, returns total number of
(nested) modules and resources
"""
def walk_plan(node, modules, resources):
new_modules = node.get('child_modules', [])
resources += node.get('resources', [])
modules += new_modules
for module in new_modules:
walk_plan(module, modules, resources)
def run_plan(fixture_path=None, tf_var_file=None, targets=None, refresh=True,
include_bare_resources=False, compute_sums=True, tmpdir=True,
**tf_vars):
'Run Terraform plan on a root module using defaults, returns data.'
plan = _plan_runner(fixture_path, tf_var_file=tf_var_file, targets=targets,
refresh=refresh, tmpdir=tmpdir, **tf_vars)
modules = []
resources = []
walk_plan(plan.root_module, modules, resources)
return len(modules), len(resources)
return run_plan
@pytest.fixture(scope='session')
def apply_runner():
'Return a function to run Terraform apply on a fixture.'