Merge pull request #554 from apichick/api-gateway
API gateway module and example that creates a multi-region deployment
This commit is contained in:
commit
1f342edc0c
|
@ -26,3 +26,4 @@ fast/stages/**/terraform.tfvars
|
|||
fast/stages/**/terraform.tfvars.json
|
||||
fast/stages/**/terraform-*.auto.tfvars.json
|
||||
fast/stages/**/0*.auto.tfvars*
|
||||
**/node_modules
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
# Creating multi-region deployments for API Gateway
|
||||
|
||||
This tutorial shows you how to configure an HTTP(S) load balancer to enable multi-region deployments for API Gateway. For more details on how this set up work have a look at the article [here](https://cloud.google.com/api-gateway/docs/multi-region-deployment).
|
||||
|
||||
The diagram below depicts the architecture that this example sets up.
|
||||
|
||||
![Architecture](architecture.png)
|
||||
|
||||
# Running the example
|
||||
|
||||
Clone this repository or [open it in cloud shell](https://ssh.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fcloud-foundation-fabric&cloudshell_print=cloud-shell-readme.txt&cloudshell_working_dir=examples%2Fserverless%2Fapi-gateway), then go through the following steps to create resources:
|
||||
|
||||
* `terraform init`
|
||||
* `terraform apply -var project_id=my-project-id`
|
||||
|
||||
## Testing the example
|
||||
|
||||
1. Copy the IP address returned as output
|
||||
|
||||
2. Execute the following command
|
||||
|
||||
curl -v http://<IP_ADDRESS>/hello
|
||||
|
||||
Once done testing, you can clean up resources by running `terraform destroy`.
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L26) | Identifier of the project. | <code>string</code> | ✓ | |
|
||||
| [regions](variables.tf#L31) | List of regions to deploy the proxy in. | <code>list(string)</code> | ✓ | |
|
||||
| [project_create](variables.tf#L17) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [ip_address](outputs.tf#L17) | The reserved global IP address. | |
|
||||
|
||||
<!-- END TFDOC -->
|
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
|
@ -0,0 +1,7 @@
|
|||
const functions = require('@google-cloud/functions-framework');
|
||||
|
||||
// Register an HTTP function with the Functions Framework that will be executed
|
||||
// when you make an HTTP request to the deployed function's endpoint.
|
||||
functions.http('helloGET', (req, res) => {
|
||||
res.send('Hello World!');
|
||||
});
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
"name": "function",
|
||||
"version": "1.0.0",
|
||||
"description": "",
|
||||
"main": "index.js",
|
||||
"scripts": {
|
||||
"test": "echo \"Error: no test specified\" && exit 1"
|
||||
},
|
||||
"author": "",
|
||||
"license": "ISC",
|
||||
"engines": {
|
||||
"node": ">=16.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"@google-cloud/functions-framework": "^3.0.0",
|
||||
"express": "^4.17.3"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,145 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
locals {
|
||||
api_id_prefix = "api"
|
||||
function_name_prefix = "cf-hello"
|
||||
specs = { for region in var.regions : region =>
|
||||
templatefile("${path.module}/spec.yaml", {
|
||||
api_id = "${local.api_id_prefix}-${region}"
|
||||
function_name = "${local.function_name_prefix}-${region}"
|
||||
region = region
|
||||
project_id = var.project_id
|
||||
})
|
||||
}
|
||||
backends = [for region in var.regions : {
|
||||
group = google_compute_region_network_endpoint_group.serverless-negs[region].id
|
||||
options = null
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
module "project" {
|
||||
source = "../../../modules/project"
|
||||
billing_account = (var.project_create != null
|
||||
? var.project_create.billing_account_id
|
||||
: null
|
||||
)
|
||||
parent = (var.project_create != null
|
||||
? var.project_create.parent
|
||||
: null
|
||||
)
|
||||
name = var.project_id
|
||||
services = [
|
||||
"apigateway.googleapis.com",
|
||||
"cloudbuild.googleapis.com",
|
||||
"cloudfunctions.googleapis.com",
|
||||
"compute.googleapis.com",
|
||||
"servicemanagement.googleapis.com",
|
||||
"servicecontrol.googleapis.com"
|
||||
]
|
||||
project_create = var.project_create != null
|
||||
}
|
||||
|
||||
module "sa" {
|
||||
source = "../../../modules/iam-service-account"
|
||||
project_id = module.project.project_id
|
||||
name = "sa-api"
|
||||
}
|
||||
|
||||
|
||||
module "functions" {
|
||||
for_each = toset(var.regions)
|
||||
source = "../../../modules/cloud-function"
|
||||
project_id = module.project.project_id
|
||||
name = "${local.function_name_prefix}-${each.value}"
|
||||
bucket_name = "bkt-${module.project.project_id}-${each.value}"
|
||||
region = each.value
|
||||
ingress_settings = "ALLOW_ALL"
|
||||
bucket_config = {
|
||||
location = null
|
||||
lifecycle_delete_age = 1
|
||||
}
|
||||
bundle_config = {
|
||||
source_dir = "${path.module}/function"
|
||||
output_path = "${path.module}/bundle.zip"
|
||||
excludes = null
|
||||
}
|
||||
function_config = {
|
||||
entry_point = "helloGET"
|
||||
instances = null
|
||||
memory = null
|
||||
runtime = "nodejs16"
|
||||
timeout = null
|
||||
}
|
||||
service_account_create = true
|
||||
iam = {
|
||||
"roles/cloudfunctions.invoker" = [module.sa.iam_email]
|
||||
}
|
||||
}
|
||||
|
||||
module "gateways" {
|
||||
for_each = toset(var.regions)
|
||||
source = "../../../modules/api-gateway"
|
||||
project_id = module.project.project_id
|
||||
api_id = "${local.api_id_prefix}-${each.value}"
|
||||
region = each.value
|
||||
spec = local.specs[each.value]
|
||||
service_account_email = module.sa.email
|
||||
}
|
||||
|
||||
module "glb" {
|
||||
source = "../../../modules/net-glb"
|
||||
name = "glb"
|
||||
project_id = module.project.project_id
|
||||
# This is important as serverless backends require no HCs
|
||||
health_checks_config_defaults = null
|
||||
reserve_ip_address = true
|
||||
backend_services_config = {
|
||||
serverless-backend = {
|
||||
bucket_config = null
|
||||
enable_cdn = false
|
||||
cdn_config = null
|
||||
group_config = {
|
||||
backends = [for region in var.regions : {
|
||||
group = google_compute_region_network_endpoint_group.serverless-negs[region].id
|
||||
options = null
|
||||
}
|
||||
],
|
||||
health_checks = []
|
||||
log_config = null
|
||||
options = null
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_region_network_endpoint_group" "serverless-negs" {
|
||||
for_each = toset(var.regions)
|
||||
provider = google-beta
|
||||
name = "serverless-neg-${module.gateways[each.value].gateway_id}"
|
||||
project = module.project.project_id
|
||||
network_endpoint_type = "SERVERLESS"
|
||||
region = each.value
|
||||
serverless_deployment {
|
||||
platform = "apigateway.googleapis.com"
|
||||
resource = module.gateways[each.value].gateway_id
|
||||
url_mask = ""
|
||||
}
|
||||
lifecycle {
|
||||
create_before_destroy = true
|
||||
}
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
output "ip_address" {
|
||||
description = "The reserved global IP address."
|
||||
value = module.glb.ip_address
|
||||
}
|
|
@ -0,0 +1,35 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
swagger: '2.0'
|
||||
info:
|
||||
title: ${api_id} Sample API
|
||||
description: Sample API on API Gateway with a Google Cloud Functions backend
|
||||
version: 1.0.0
|
||||
schemes:
|
||||
- https
|
||||
produces:
|
||||
- application/json
|
||||
paths:
|
||||
/hello:
|
||||
get:
|
||||
summary: Greet a user
|
||||
operationId: hello
|
||||
x-google-backend:
|
||||
address: https://${region}-${project_id}.cloudfunctions.net/${function_name}
|
||||
responses:
|
||||
'200':
|
||||
description: A successful response
|
||||
schema:
|
||||
type: string
|
|
@ -0,0 +1,34 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "project_create" {
|
||||
description = "Parameters for the creation of the new project."
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "Identifier of the project."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "regions" {
|
||||
description = "List of regions to deploy the proxy in."
|
||||
type = list(string)
|
||||
}
|
|
@ -0,0 +1,89 @@
|
|||
# Api Gateway
|
||||
This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources.
|
||||
|
||||
# Examples
|
||||
|
||||
## Basic example
|
||||
```hcl
|
||||
module "gateway" {
|
||||
source = "./modules/api-gateway"
|
||||
project_id = "my-project"
|
||||
api_id = "api"
|
||||
region = "europe-west1"
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
}
|
||||
# tftest modules=1 resources=4
|
||||
```
|
||||
|
||||
## Basic example + customer service account
|
||||
```hcl
|
||||
module "gateway" {
|
||||
source = "./modules/api-gateway"
|
||||
project_id = "my-project"
|
||||
api_id = "api"
|
||||
region = "europe-west1"
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
service_account_email = "sa@my-project.iam.gserviceaccount.com"
|
||||
iam = {
|
||||
"roles/apigateway.admin" = [ "user:user@example.com" ]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=7
|
||||
```
|
||||
|
||||
## Basic example + service account creation
|
||||
```hcl
|
||||
module "gateway" {
|
||||
source = "./modules/api-gateway"
|
||||
project_id = "my-project"
|
||||
api_id = "api"
|
||||
region = "europe-west1"
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
service_account_create = true
|
||||
iam = {
|
||||
"roles/apigateway.admin" = [ "user:mirene@google.com" ]
|
||||
"roles/apigateway.viewer" = [ "user:mirene@google.com" ]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=11
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [api_id](variables.tf#L17) | API identifier. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L34) | Project identifier. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L39) | Region | <code>string</code> | ✓ | |
|
||||
| [spec](variables.tf#L56) | String with the contents of the OpenAPI spec. | <code>string</code> | ✓ | |
|
||||
| [iam](variables.tf#L22) | IAM bindings for the API in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L28) | Map of labels. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L44) | Flag indicating whether a service account needs to be created | <code>bool</code> | | <code>false</code> |
|
||||
| [service_account_email](variables.tf#L50) | Service account for creating API configs | <code>string</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [api](outputs.tf#L17) | API. | |
|
||||
| [api_config](outputs.tf#L28) | API configs. | |
|
||||
| [api_config_id](outputs.tf#L39) | The identifiers of the API configs. | |
|
||||
| [api_id](outputs.tf#L50) | API identifier. | |
|
||||
| [default_hostname](outputs.tf#L61) | The default host names of the API gateway. | |
|
||||
| [gateway](outputs.tf#L72) | API gateways. | |
|
||||
| [gateway_id](outputs.tf#L83) | The identifiers of the API gateways. | |
|
||||
| [service_account](outputs.tf#L94) | Service account resource. | |
|
||||
| [service_account_email](outputs.tf#L99) | The service account for creating API configs. | |
|
||||
| [service_account_iam_email](outputs.tf#L104) | The service account for creating API configs. | |
|
||||
|
||||
<!-- END TFDOC -->
|
|
@ -0,0 +1,115 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
locals {
|
||||
service_account_email = (
|
||||
var.service_account_create
|
||||
? (
|
||||
length(google_service_account.service_account) > 0
|
||||
? google_service_account.service_account[0].email
|
||||
: null
|
||||
)
|
||||
: var.service_account_email
|
||||
)
|
||||
}
|
||||
|
||||
resource "google_api_gateway_api" "api" {
|
||||
provider = google-beta
|
||||
project = var.project_id
|
||||
api_id = var.api_id
|
||||
display_name = var.api_id
|
||||
labels = var.labels
|
||||
}
|
||||
|
||||
resource "google_service_account" "service_account" {
|
||||
count = var.service_account_create ? 1 : 0
|
||||
project = var.project_id
|
||||
account_id = "sa-api-cfg-${google_api_gateway_api.api.api_id}"
|
||||
display_name = "Service account to create API configs for ${google_api_gateway_api.api.api_id} API"
|
||||
}
|
||||
|
||||
resource "google_api_gateway_api_config" "api_config" {
|
||||
provider = google-beta
|
||||
project = google_api_gateway_api.api.project
|
||||
api = google_api_gateway_api.api.api_id
|
||||
api_config_id = "api-cfg-${google_api_gateway_api.api.api_id}-${md5(var.spec)}"
|
||||
display_name = "api-cfg-${google_api_gateway_api.api.api_id}-${md5(var.spec)}"
|
||||
openapi_documents {
|
||||
document {
|
||||
path = "spec.yaml"
|
||||
contents = base64encode(var.spec)
|
||||
}
|
||||
}
|
||||
dynamic "gateway_config" {
|
||||
for_each = local.service_account_email == null ? [] : [""]
|
||||
content {
|
||||
backend_config {
|
||||
google_service_account = local.service_account_email
|
||||
}
|
||||
}
|
||||
}
|
||||
lifecycle {
|
||||
create_before_destroy = true
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_api_gateway_gateway" "gateway" {
|
||||
provider = google-beta
|
||||
project = google_api_gateway_api_config.api_config.project
|
||||
api_config = google_api_gateway_api_config.api_config.id
|
||||
gateway_id = "gw-${google_api_gateway_api.api.api_id}"
|
||||
display_name = "gw-${google_api_gateway_api.api.api_id}"
|
||||
region = var.region
|
||||
lifecycle {
|
||||
create_before_destroy = true
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_project_service" "service" {
|
||||
project = google_api_gateway_gateway.gateway.project
|
||||
service = google_api_gateway_api.api.managed_service
|
||||
disable_on_destroy = true
|
||||
disable_dependent_services = true
|
||||
}
|
||||
|
||||
resource "google_api_gateway_api_iam_binding" "api_iam_bindings" {
|
||||
for_each = coalesce(var.iam, {})
|
||||
provider = google-beta
|
||||
project = google_api_gateway_api.api.project
|
||||
api = google_api_gateway_api.api.api_id
|
||||
role = each.key
|
||||
members = each.value
|
||||
}
|
||||
|
||||
resource "google_api_gateway_api_config_iam_binding" "api_config_iam_bindings" {
|
||||
for_each = coalesce(var.iam, {})
|
||||
provider = google-beta
|
||||
project = google_api_gateway_api_config.api_config.project
|
||||
api = google_api_gateway_api.api.api_id
|
||||
api_config = google_api_gateway_api_config.api_config.api_config_id
|
||||
role = each.key
|
||||
members = each.value
|
||||
}
|
||||
|
||||
resource "google_api_gateway_gateway_iam_binding" "gateway_iam_bindings" {
|
||||
for_each = coalesce(var.iam, {})
|
||||
provider = google-beta
|
||||
project = google_api_gateway_gateway.gateway.project
|
||||
gateway = google_api_gateway_gateway.gateway.gateway_id
|
||||
region = var.region
|
||||
role = each.key
|
||||
members = each.value
|
||||
}
|
|
@ -0,0 +1,107 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
output "api" {
|
||||
description = "API."
|
||||
value = google_api_gateway_api.api
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "api_config" {
|
||||
description = "API configs."
|
||||
value = google_api_gateway_api_config.api_config
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "api_config_id" {
|
||||
description = "The identifiers of the API configs."
|
||||
value = google_api_gateway_api_config.api_config.api_config_id
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "api_id" {
|
||||
description = "API identifier."
|
||||
value = google_api_gateway_api.api.api_id
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "default_hostname" {
|
||||
description = "The default host names of the API gateway."
|
||||
value = google_api_gateway_gateway.gateway.default_hostname
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "gateway" {
|
||||
description = "API gateways."
|
||||
value = google_api_gateway_gateway.gateway
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "gateway_id" {
|
||||
description = "The identifiers of the API gateways."
|
||||
value = google_api_gateway_gateway.gateway.gateway_id
|
||||
depends_on = [
|
||||
google_project_service.service,
|
||||
google_api_gateway_api_iam_binding.api_iam_bindings,
|
||||
google_api_gateway_api_config_iam_binding.api_config_iam_bindings,
|
||||
google_api_gateway_gateway_iam_binding.gateway_iam_bindings
|
||||
]
|
||||
}
|
||||
|
||||
output "service_account" {
|
||||
description = "Service account resource."
|
||||
value = try(google_service_account.service_account[0], null)
|
||||
}
|
||||
|
||||
output "service_account_email" {
|
||||
description = "The service account for creating API configs."
|
||||
value = local.service_account_email
|
||||
}
|
||||
|
||||
output "service_account_iam_email" {
|
||||
description = "The service account for creating API configs."
|
||||
value = local.service_account_email == null ? null : "serviceAccount:${local.service_account_email}"
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "api_id" {
|
||||
description = "API identifier."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "iam" {
|
||||
description = "IAM bindings for the API in {ROLE => [MEMBERS]} format."
|
||||
type = map(list(string))
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
description = "Map of labels."
|
||||
type = map(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "Project identifier."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "region" {
|
||||
description = "Region"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "service_account_create" {
|
||||
description = "Flag indicating whether a service account needs to be created"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "service_account_email" {
|
||||
description = "Service account for creating API configs"
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "spec" {
|
||||
description = "String with the contents of the OpenAPI spec."
|
||||
type = string
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
terraform {
|
||||
required_version = ">= 1.0.0"
|
||||
required_providers {
|
||||
google = {
|
||||
source = "hashicorp/google"
|
||||
version = ">= 4.0.0"
|
||||
}
|
||||
google-beta = {
|
||||
source = "hashicorp/google-beta"
|
||||
version = ">= 4.0.0"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
|
@ -0,0 +1,22 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "test" {
|
||||
source = "../../../../../examples/serverless/api-gateway"
|
||||
project_create = var.project_create
|
||||
project_id = var.project_id
|
||||
regions = var.regions
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "project_create" {
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
})
|
||||
default = {
|
||||
billing_account_id = "123456789"
|
||||
parent = "organizations/123456789"
|
||||
}
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
type = string
|
||||
default = "project-1"
|
||||
}
|
||||
|
||||
variable "regions" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"europe-west1",
|
||||
"europe-west2"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
def test_resources(e2e_plan_runner):
|
||||
"Test that plan works and the numbers of resources is as expected."
|
||||
modules, resources = e2e_plan_runner()
|
||||
assert len(modules) == 7
|
||||
assert len(resources) == 31
|
|
@ -0,0 +1,13 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
|
@ -0,0 +1,26 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "gateway" {
|
||||
source = "../../../../modules/api-gateway"
|
||||
api_id = var.api_id
|
||||
project_id = var.project_id
|
||||
labels = var.labels
|
||||
iam = var.iam
|
||||
region = var.region
|
||||
spec = var.spec
|
||||
service_account_create = true
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "api_id" {
|
||||
type = string
|
||||
default = "my-api"
|
||||
}
|
||||
|
||||
variable "iam" {
|
||||
type = map(list(string))
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
type = map(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
type = string
|
||||
default = "my-project"
|
||||
}
|
||||
|
||||
variable "region" {
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "service_account_create" {
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "service_account_email" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "spec" {
|
||||
type = string
|
||||
default = "Spec contents"
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import pytest
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def resources(plan_runner):
|
||||
_, resources = plan_runner()
|
||||
return resources
|
||||
|
||||
|
||||
def test_resource_count(resources):
|
||||
"Test number of resources created."
|
||||
assert len(resources) == 5
|
Loading…
Reference in New Issue