Examples and tests

modules/apigee/README.md

@@ -2,7 +2,120 @@
 
 This module simplifies the creation of a Apigee resources (organization, environment groups, environment group attachments, environments, instances and instance attachments).
 
-## Example
+## Examples
+
+<!-- BEGIN TOC -->
+- [Examples](#examples)
+  - [Minimal example (CLOUD)](#minimal-example-cloud)
+  - [Minimal example with existing organization (CLOUD)](#minimal-example-with-existing-organization-cloud)
+  - [Disable VPC Peering (CLOUD)](#disable-vpc-peering-cloud)
+  - [All resources (CLOUD)](#all-resources-cloud)
+  - [All resources (HYBRID control plane)](#all-resources-hybrid-control-plane)
+  - [New environment group](#new-environment-group)
+  - [New environment](#new-environment)
+  - [New instance](#new-instance)
+  - [New endpoint attachment](#new-endpoint-attachment)
+  - [Apigee add-ons](#apigee-add-ons)
+- [Variables](#variables)
+- [Outputs](#outputs)
+<!-- END TOC -->
+
+### Minimal example (CLOUD)
+
+This example shows how to create to create an Apigee organization and deploy instance in it.
+
+```hcl
+module "apigee" {
+  source     = "./fabric/modules/apigee"
+  project_id = var.project_id
+  organization = {
+    display_name       = "Apigee"
+    billing_type       = "PAYG"
+    analytics_region   = "europe-west1"
+    authorized_network = var.vpc.id
+    runtime_type       = "CLOUD"
+  }
+  envgroups = {
+    prod = ["prod.example.com"]
+  }
+  environments = {
+    apis-prod = {
+      display_name = "APIs prod"
+      description  = "APIs Prod"
+      envgroups    = ["prod"]
+    }
+  }
+  instances = {
+    europe-west1 = {
+      environments                  = ["apis-prod"]
+      runtime_ip_cidr_range         = "10.32.0.0/22"
+      troubleshooting_ip_cidr_range = "10.64.0.0/28"
+    }
+  }
+}
+# tftest modules=1 resources=5 inventory=minimal-cloud.yaml
+```
+
+### Minimal example with existing organization (CLOUD)
+
+This example shows how to create to work with an existing organization in the project. Note that in this case we don't specify the IP ranges for the instance, so it requests and allocates an available /22 and /28 CIDR block from Service Networking to deploy the instance.
+
+```hcl
+module "apigee" {
+  source     = "./fabric/modules/apigee"
+  project_id = var.project_id
+  envgroups = {
+    prod = ["prod.example.com"]
+  }
+  environments = {
+    apis-prod = {
+      display_name = "APIs prod"
+      envgroups    = ["prod"]
+    }
+  }
+  instances = {
+    europe-west1 = {
+      environments = ["apis-prod"]
+    }
+  }
+}
+# tftest modules=1 resources=4 inventory=minimal-cloud-no-org.yaml
+```
+
+### Disable VPC Peering (CLOUD)
+
+When a new Apigee organization is created, it is automatically peered to the authorized network. You can prevent this from happening by using the `disable_vpc_peering` key in the `organization` variable, as shown below:
+
+
+```hcl
+module "apigee" {
+  source     = "./fabric/modules/apigee"
+  project_id = var.project_id
+  organization = {
+    display_name        = "Apigee"
+    billing_type        = "PAYG"
+    analytics_region    = "europe-west1"
+    runtime_type        = "CLOUD"
+    disable_vpc_peering = true
+  }
+  envgroups = {
+    prod = ["prod.example.com"]
+  }
+  environments = {
+    apis-prod = {
+      display_name = "APIs prod"
+      envgroups    = ["prod"]
+    }
+  }
+  instances = {
+    europe-west1 = {
+      environments = ["apis-prod"]
+    }
+  }
+}
+# tftest modules=1 resources=5 inventory=no-peering.yaml
+```
+
 
 ### All resources (CLOUD)
 

modules/apigee/main.tf

@@ -93,9 +93,9 @@ resource "google_apigee_instance" "instances" {
   location     = each.key
   org_id       = local.org_id
   ip_range = (
-    compact([each.value.runtime_ip_cidr_range, each.value.troubleshooting_ip_cidr_range]) != []
-    ? join(",", compact([each.value.runtime_ip_cidr_range, each.value.troubleshooting_ip_cidr_range]))
-    : null
+    compact([each.value.runtime_ip_cidr_range, each.value.troubleshooting_ip_cidr_range]) == []
+    ? null
+    : join(",", compact([each.value.runtime_ip_cidr_range, each.value.troubleshooting_ip_cidr_range]))
   )
   disk_encryption_key_name = each.value.disk_encryption_key
   consumer_accept_list     = each.value.consumer_accept_list

tests/examples/variables.tf

@@ -1,4 +1,4 @@
-# Copyright 2022 Google LLC
+# Copyright 2023 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -69,6 +69,7 @@ variable "vpc" {
   default = {
     name      = "vpc_name"
     self_link = "projects/xxx/global/networks/aaa"
+    id        = "projects/xxx/global/networks/aaa"
   }
 }
 

tests/modules/apigee/examples/minimal-cloud-no-org.yaml

@@ -0,0 +1,41 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.apigee.google_apigee_envgroup.envgroups["prod"]:
+    hostnames:
+    - prod.example.com
+    name: prod
+    org_id: organizations/project-id
+  module.apigee.google_apigee_envgroup_attachment.envgroup_attachments["apis-prod-prod"]:
+    environment: apis-prod
+  module.apigee.google_apigee_environment.environments["apis-prod"]:
+    description: Terraform-managed
+    display_name: APIs prod
+    name: apis-prod
+    org_id: organizations/project-id
+  module.apigee.google_apigee_instance.instances["europe-west1"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    ip_range: ''
+    location: europe-west1
+    name: instance-europe-west1
+    org_id: organizations/project-id
+
+counts:
+  google_apigee_envgroup: 1
+  google_apigee_envgroup_attachment: 1
+  google_apigee_environment: 1
+  google_apigee_instance: 1

tests/modules/apigee/examples/minimal-cloud.yaml

@@ -0,0 +1,50 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.apigee.google_apigee_envgroup.envgroups["prod"]:
+    hostnames:
+    - prod.example.com
+    name: prod
+  module.apigee.google_apigee_envgroup_attachment.envgroup_attachments["apis-prod-prod"]:
+    environment: apis-prod
+  module.apigee.google_apigee_environment.environments["apis-prod"]:
+    description: APIs Prod
+    display_name: APIs prod
+    name: apis-prod
+  module.apigee.google_apigee_instance.instances["europe-west1"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    ip_range: 10.32.0.0/22,10.64.0.0/28
+    location: europe-west1
+    name: instance-europe-west1
+  module.apigee.google_apigee_organization.organization[0]:
+    analytics_region: europe-west1
+    authorized_network: projects/xxx/global/networks/aaa
+    billing_type: PAYG
+    description: null
+    disable_vpc_peering: false
+    display_name: null
+    project_id: project-id
+    retention: DELETION_RETENTION_UNSPECIFIED
+    runtime_database_encryption_key_name: null
+    runtime_type: CLOUD
+
+counts:
+  google_apigee_envgroup: 1
+  google_apigee_envgroup_attachment: 1
+  google_apigee_environment: 1
+  google_apigee_instance: 1
+  google_apigee_organization: 1

tests/modules/apigee/examples/no-peering.yaml

@@ -0,0 +1,50 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.apigee.google_apigee_envgroup.envgroups["prod"]:
+    hostnames:
+    - prod.example.com
+    name: prod
+  module.apigee.google_apigee_envgroup_attachment.envgroup_attachments["apis-prod-prod"]:
+    environment: apis-prod
+  module.apigee.google_apigee_environment.environments["apis-prod"]:
+    description: Terraform-managed
+    display_name: APIs prod
+    name: apis-prod
+  module.apigee.google_apigee_instance.instances["europe-west1"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    ip_range: ''
+    location: europe-west1
+    name: instance-europe-west1
+  module.apigee.google_apigee_organization.organization[0]:
+    analytics_region: europe-west1
+    authorized_network: null
+    billing_type: PAYG
+    description: null
+    disable_vpc_peering: true
+    display_name: null
+    project_id: project-id
+    retention: DELETION_RETENTION_UNSPECIFIED
+    runtime_database_encryption_key_name: null
+    runtime_type: CLOUD
+
+counts:
+  google_apigee_envgroup: 1
+  google_apigee_envgroup_attachment: 1
+  google_apigee_environment: 1
+  google_apigee_instance: 1
+  google_apigee_organization: 1