zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update DNS tests

This commit is contained in:
Julio Castillo 2023-01-19 12:21:48 +01:00
parent a12089ef8c
commit 1e0d7776e1
16 changed files with 363 additions and 234 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
modules/dns/README.md
View File

@ -21,7 +21,7 @@ module "private-dns" {
"A myhost" = { ttl = 600, records = ["10.0.0.120"] }
}
}
# tftest modules=1 resources=3
# tftest modules=1 resources=3 inventory=private-zone.yaml
```
### Forwarding Zone
@ -36,7 +36,7 @@ module "private-dns" {
client_networks = [var.vpc.self_link]
forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" }
}
# tftest modules=1 resources=1
# tftest modules=1 resources=1 inventory=forwarding-zone.yaml
```
### Peering Zone
@ -47,11 +47,12 @@ module "private-dns" {
project_id = "myproject"
type = "peering"
name = "test-example"
domain = "test.example."
domain = "."
description = "Forwarding zone for ."
client_networks = [var.vpc.self_link]
peer_network = var.vpc2.self_link
}
# tftest modules=1 resources=1
# tftest modules=1 resources=1 inventory=peering-zone.yaml
```
### Routing Policies
@ -84,7 +85,7 @@ module "private-dns" {
}
}
}
# tftest modules=1 resources=4
# tftest modules=1 resources=4 inventory=routing-policies.yaml
```
### Reverse Lookup Zone
@ -98,10 +99,29 @@ module "private-dns" {
domain = "0.0.10.in-addr.arpa."
client_networks = [var.vpc.self_link]
}
# tftest modules=1 resources=1
# tftest modules=1 resources=1 inventory=reverse-zone.yaml
```
<!-- BEGIN TFDOC -->
### Public Zone
```hcl
module "public-dns" {
source = "./fabric/modules/dns"
project_id = "myproject"
type = "public"
name = "example"
domain = "example.com."
recordsets = {
"A myhost" = { ttl = 300, records = ["127.0.0.1"] }
}
}
# tftest modules=1 resources=3 inventory=public-zone.yaml
```
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |

2
modules/dns/main.tf
View File

@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

34
tests/modules/dns/examples/forwarding-zone.yaml Normal file
View File

@ -0,0 +1,34 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.private-dns.google_dns_managed_zone.non-public[0]:
dns_name: test.example.
forwarding_config:
- target_name_servers:
- forwarding_path: ''
ipv4_address: 10.0.1.1
- forwarding_path: private
ipv4_address: 1.2.3.4
name: test-example
private_visibility_config:
- gke_clusters: []
networks:
- network_url: projects/xxx/global/networks/aaa
project: myproject
visibility: private
counts:
google_dns_managed_zone: 1

34
tests/modules/dns/examples/peering-zone.yaml Normal file
View File

@ -0,0 +1,34 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.private-dns.google_dns_managed_zone.non-public[0]:
description: Forwarding zone for .
dns_name: .
forwarding_config: []
name: test-example
peering_config:
- target_network:
- network_url: projects/xxx/global/networks/ccc
private_visibility_config:
- gke_clusters: []
networks:
- network_url: projects/xxx/global/networks/aaa
project: myproject
visibility: private
counts:
google_dns_managed_zone: 1
outputs: {}

50
tests/modules/dns/examples/private-zone.yaml Normal file
View File

@ -0,0 +1,50 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.private-dns.google_dns_managed_zone.non-public[0]:
description: Terraform managed.
dns_name: test.example.
force_destroy: false
forwarding_config: []
name: test-example
peering_config: []
private_visibility_config:
- gke_clusters: []
networks:
- network_url: projects/xxx/global/networks/aaa
project: myproject
visibility: private
module.private-dns.google_dns_record_set.cloud-static-records["A localhost"]:
managed_zone: test-example
name: localhost.test.example.
project: myproject
routing_policy: []
rrdatas:
- 127.0.0.1
ttl: 300
type: A
module.private-dns.google_dns_record_set.cloud-static-records["A myhost"]:
managed_zone: test-example
name: myhost.test.example.
project: myproject
routing_policy: []
rrdatas:
- 10.0.0.120
ttl: 600
type: A
counts:
google_dns_managed_zone: 1
google_dns_record_set: 2

38
tests/modules/dns/examples/public-zone.yaml Normal file
View File

@ -0,0 +1,38 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.public-dns.google_dns_managed_zone.public[0]:
dns_name: example.com.
name: example
project: myproject
visibility: public
module.public-dns.google_dns_record_set.cloud-static-records["A myhost"]:
managed_zone: example
name: myhost.example.com.
project: myproject
routing_policy: []
rrdatas:
- 127.0.0.1
ttl: 300
type: A
counts:
google_dns_keys: 1
google_dns_managed_zone: 1
google_dns_record_set: 1
modules: 1
resources: 3
outputs: {}

27
tests/modules/dns/examples/reverse-zone.yaml Normal file
View File

@ -0,0 +1,27 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.private-dns.google_dns_managed_zone.non-public[0]:
description: Terraform managed.
dns_name: 0.0.10.in-addr.arpa.
name: test-example
project: myproject
reverse_lookup: true
visibility: private
counts:
google_dns_managed_zone: 1
outputs: {}

80
tests/modules/dns/examples/routing-policies.yaml Normal file
View File

@ -0,0 +1,80 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.private-dns.google_dns_managed_zone.non-public[0]:
dns_name: test.example.
name: test-example
project: myproject
module.private-dns.google_dns_record_set.cloud-geo-records["A geo"]:
managed_zone: test-example
name: geo.test.example.
project: myproject
routing_policy:
- enable_geo_fencing: null
geo:
- health_checked_targets: []
location: europe-west1
rrdatas:
- 10.0.0.1
- health_checked_targets: []
location: europe-west2
rrdatas:
- 10.0.0.2
- health_checked_targets: []
location: europe-west3
rrdatas:
- 10.0.0.3
primary_backup: []
wrr: []
rrdatas: null
ttl: 300
type: A
module.private-dns.google_dns_record_set.cloud-static-records["A regular"]:
managed_zone: test-example
name: regular.test.example.
project: myproject
routing_policy: []
rrdatas:
- 10.20.0.1
ttl: 300
type: A
module.private-dns.google_dns_record_set.cloud-wrr-records["A wrr"]:
managed_zone: test-example
name: wrr.test.example.
project: myproject
routing_policy:
- enable_geo_fencing: null
geo: []
primary_backup: []
wrr:
- health_checked_targets: []
rrdatas:
- 10.10.0.1
weight: 0.6
- health_checked_targets: []
rrdatas:
- 10.10.0.2
weight: 0.2
- health_checked_targets: []
rrdatas:
- 10.10.0.3
weight: 0.2
rrdatas: null
ttl: 600
type: A
counts:
google_dns_managed_zone: 1
google_dns_record_set: 3

27
tests/modules/dns/fixture/main.tf
View File

@ -1,27 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "test" {
source = "../../../../modules/dns"
project_id = "my-project"
name = "test"
domain = "test.example."
client_networks = var.client_networks
type = var.type
forwarders = var.forwarders
peer_network = var.peer_network
recordsets = var.recordsets
}

62
tests/modules/dns/fixture/variables.tf
View File

@ -1,62 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "client_networks" {
type = list(string)
default = [
"https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default"
]
}
variable "forwarders" {
type = map(string)
default = {}
}
variable "peer_network" {
type = string
default = null
}
variable "recordsets" {
type = any
default = {
"A localhost" = { ttl = 300, records = ["127.0.0.1"] }
"A local-host.test.example." = { ttl = 300, records = ["127.0.0.2"] }
"CNAME *" = { ttl = 300, records = ["localhost.example.org."] }
"A " = { ttl = 300, records = ["127.0.0.3"] }
"A geo" = {
geo_routing = [
{ location = "europe-west1", records = ["127.0.0.4"] },
{ location = "europe-west2", records = ["127.0.0.5"] },
{ location = "europe-west3", records = ["127.0.0.6"] }
]
}
"A wrr" = {
ttl = 600
wrr_routing = [
{ weight = 0.6, records = ["127.0.0.7"] },
{ weight = 0.2, records = ["127.0.0.8"] },
{ weight = 0.2, records = ["127.0.0.9"] }
]
}
}
}
variable "type" {
type = string
default = "private"
}

5
tests/modules/dns/no_clients.tfvars Normal file
View File

@ -0,0 +1,5 @@
type = "private"
domain = "test.example."
name = "test"
project_id = "my-project"
client_networks = []

25
tests/modules/dns/no_clients.yaml Normal file
View File

@ -0,0 +1,25 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
google_dns_managed_zone.non-public[0]:
dns_name: test.example.
name: test
private_visibility_config: []
visibility: private
counts:
google_dns_managed_zone: 1
modules: 0
resources: 1

4
tests/modules/dns/null_forwarders.tfvars Normal file
View File

@ -0,0 +1,4 @@
type = "forwarding"
domain = "test.example."
name = "test"
project_id = "my-project"

20
tests/modules/dns/null_forwarders.yaml Normal file
View File

@ -0,0 +1,20 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
google_dns_managed_zone.non-public[0]:
forwarding_config: []
counts:
google_dns_managed_zone: 1

138
tests/modules/dns/test_plan.py
View File

@ -1,138 +0,0 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
def test_private(plan_runner):
"Test private zone with three recordsets."
_, resources = plan_runner()
assert len(resources) == 7
assert set(r['type'] for r in resources) == {
'google_dns_record_set', 'google_dns_managed_zone'
}
for r in resources:
if r['type'] != 'google_dns_managed_zone':
continue
assert r['values']['visibility'] == 'private'
assert len(r['values']['private_visibility_config']) == 1
def test_private_recordsets(plan_runner):
"Test recordsets in private zone."
_, resources = plan_runner()
recordsets = [
r['values'] for r in resources if r['type'] == 'google_dns_record_set'
]
assert set(r['name'] for r in recordsets) == {
'localhost.test.example.', 'local-host.test.example.', '*.test.example.',
"test.example.", "geo.test.example.", "wrr.test.example."
}
for r in recordsets:
if r['name'] not in ['wrr.test.example.', 'geo.test.example.']:
assert r['routing_policy'] == []
assert r['rrdatas'] != []
def test_routing_policies(plan_runner):
"Test recordsets with routing policies."
_, resources = plan_runner()
recordsets = [
r['values'] for r in resources if r['type'] == 'google_dns_record_set'
]
geo_zone = [
r['values'] for r in resources if r['address'] ==
'module.test.google_dns_record_set.cloud-geo-records["A geo"]'
][0]
assert geo_zone['name'] == 'geo.test.example.'
assert geo_zone['routing_policy'][0]['wrr'] == []
geo_policy = geo_zone['routing_policy'][0]['geo']
assert geo_policy[0]['location'] == 'europe-west1'
assert geo_policy[0]['rrdatas'] == ['127.0.0.4']
assert geo_policy[1]['location'] == 'europe-west2'
assert geo_policy[1]['rrdatas'] == ['127.0.0.5']
assert geo_policy[2]['location'] == 'europe-west3'
assert geo_policy[2]['rrdatas'] == ['127.0.0.6']
wrr_zone = [
r['values'] for r in resources if r['address'] ==
'module.test.google_dns_record_set.cloud-wrr-records["A wrr"]'
][0]
assert wrr_zone['name'] == 'wrr.test.example.'
wrr_policy = wrr_zone['routing_policy'][0]['wrr']
assert wrr_policy[0]['weight'] == 0.6
assert wrr_policy[0]['rrdatas'] == ['127.0.0.7']
assert wrr_policy[1]['weight'] == 0.2
assert wrr_policy[1]['rrdatas'] == ['127.0.0.8']
assert wrr_policy[2]['weight'] == 0.2
assert wrr_policy[2]['rrdatas'] == ['127.0.0.9']
assert wrr_zone['routing_policy'][0]['geo'] == []
def test_private_no_networks(plan_runner):
"Test private zone not exposed to any network."
_, resources = plan_runner(client_networks='[]')
for r in resources:
if r['type'] != 'google_dns_managed_zone':
continue
assert r['values']['visibility'] == 'private'
assert len(r['values']['private_visibility_config']) == 0
def test_forwarding_recordsets_null_forwarders(plan_runner):
"Test forwarding zone with wrong set of attributes does not break."
_, resources = plan_runner(type='forwarding')
assert len(resources) == 1
resource = resources[0]
assert resource['type'] == 'google_dns_managed_zone'
assert resource['values']['forwarding_config'] == []
def test_forwarding(plan_runner):
"Test forwarding zone with single forwarder."
_, resources = plan_runner(type='forwarding', recordsets='null',
forwarders='{ "1.2.3.4" = null }')
assert len(resources) == 1
resource = resources[0]
assert resource['type'] == 'google_dns_managed_zone'
assert resource['values']['forwarding_config'] == [{
'target_name_servers': [{
'forwarding_path': '',
'ipv4_address': '1.2.3.4'
}]
}]
def test_peering(plan_runner):
"Test peering zone."
_, resources = plan_runner(type='peering', recordsets='null',
peer_network='dummy-vpc-self-link')
assert len(resources) == 1
resource = resources[0]
assert resource['type'] == 'google_dns_managed_zone'
assert resource['values']['peering_config'] == [{
'target_network': [{
'network_url': 'dummy-vpc-self-link'
}]
}]
def test_public(plan_runner):
"Test public zone with two recordsets."
_, resources = plan_runner(type='public')
for r in resources:
if r['type'] != 'google_dns_managed_zone':
continue
assert r['values']['visibility'] == 'public'
assert r['values']['private_visibility_config'] == []

19
tests/modules/dns/tftest.yaml Normal file
View File

@ -0,0 +1,19 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
module: modules/dns
tests:
no_clients:
null_forwarders: