diff --git a/blueprints/cloud-operations/dns-fine-grained-iam/README.md b/blueprints/cloud-operations/dns-fine-grained-iam/README.md index db88b37b..6379495d 100644 --- a/blueprints/cloud-operations/dns-fine-grained-iam/README.md +++ b/blueprints/cloud-operations/dns-fine-grained-iam/README.md @@ -128,5 +128,5 @@ module "test1" { project_create = true project_id = "test" } -# tftest modules=9 resources=28 +# tftest modules=9 resources=27 ``` diff --git a/blueprints/cloud-operations/dns-shared-vpc/README.md b/blueprints/cloud-operations/dns-shared-vpc/README.md index ad8d6125..ed64d1de 100644 --- a/blueprints/cloud-operations/dns-shared-vpc/README.md +++ b/blueprints/cloud-operations/dns-shared-vpc/README.md @@ -51,5 +51,5 @@ module "test" { shared_vpc_link = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default" teams = ["team1", "team2"] } -# tftest modules=9 resources=20 +# tftest modules=9 resources=16 ``` diff --git a/blueprints/networking/decentralized-firewall/README.md b/blueprints/networking/decentralized-firewall/README.md index a4eea93f..2fd89640 100644 --- a/blueprints/networking/decentralized-firewall/README.md +++ b/blueprints/networking/decentralized-firewall/README.md @@ -51,5 +51,5 @@ module "test" { root_node = "organizations/0123456789" } -# tftest modules=9 resources=56 +# tftest modules=9 resources=54 ``` diff --git a/blueprints/networking/filtering-proxy-psc/README.md b/blueprints/networking/filtering-proxy-psc/README.md index b3d90cef..dd9f0585 100644 --- a/blueprints/networking/filtering-proxy-psc/README.md +++ b/blueprints/networking/filtering-proxy-psc/README.md @@ -40,5 +40,5 @@ module "test" { } project_id = "test-project" } -# tftest modules=13 resources=42 +# tftest modules=13 resources=41 ``` diff --git a/blueprints/networking/filtering-proxy/README.md b/blueprints/networking/filtering-proxy/README.md index 5ed64067..70dcf6df 100644 --- a/blueprints/networking/filtering-proxy/README.md +++ b/blueprints/networking/filtering-proxy/README.md @@ -47,7 +47,7 @@ module "test1" { prefix = "fabric" root_node = "folders/123456789" } -# tftest modules=14 resources=39 +# tftest modules=14 resources=38 ``` ```hcl @@ -58,5 +58,5 @@ module "test2" { prefix = "fabric" root_node = "folders/123456789" } -# tftest modules=12 resources=33 +# tftest modules=12 resources=32 ``` diff --git a/blueprints/networking/hub-and-spoke-vpn/README.md b/blueprints/networking/hub-and-spoke-vpn/README.md index d16a53fb..d0f2d1f0 100644 --- a/blueprints/networking/hub-and-spoke-vpn/README.md +++ b/blueprints/networking/hub-and-spoke-vpn/README.md @@ -114,5 +114,5 @@ module "test" { project_id = "project-1" } -# tftest modules=20 resources=84 +# tftest modules=20 resources=79 ``` diff --git a/blueprints/networking/private-cloud-function-from-onprem/README.md b/blueprints/networking/private-cloud-function-from-onprem/README.md index 4bb9d4d9..4951454f 100644 --- a/blueprints/networking/private-cloud-function-from-onprem/README.md +++ b/blueprints/networking/private-cloud-function-from-onprem/README.md @@ -45,5 +45,5 @@ module "test" { } project_id = "test-project" } -# tftest modules=11 resources=45 +# tftest modules=11 resources=44 ``` diff --git a/blueprints/networking/shared-vpc-gke/README.md b/blueprints/networking/shared-vpc-gke/README.md index 6aac2855..a60dea0c 100644 --- a/blueprints/networking/shared-vpc-gke/README.md +++ b/blueprints/networking/shared-vpc-gke/README.md @@ -80,5 +80,5 @@ module "test" { prefix = "test" root_node = "organizations/0123456789" } -# tftest modules=11 resources=46 +# tftest modules=11 resources=45 ``` diff --git a/blueprints/serverless/cloud-run-corporate/README.md b/blueprints/serverless/cloud-run-corporate/README.md index 5fabf182..93f98c54 100644 --- a/blueprints/serverless/cloud-run-corporate/README.md +++ b/blueprints/serverless/cloud-run-corporate/README.md @@ -252,7 +252,7 @@ module "test" { prj_onprem_id = "onprem-project-id" } -# tftest modules=15 resources=52 +# tftest modules=15 resources=50 ``` ```hcl @@ -276,7 +276,7 @@ module "test" { tf_identity = "user@example.org" } -# tftest modules=15 resources=38 +# tftest modules=15 resources=36 ``` ```hcl @@ -295,5 +295,5 @@ module "test" { custom_domain = "cloud-run-corporate.example.org" } -# tftest modules=14 resources=47 +# tftest modules=14 resources=45 ``` diff --git a/modules/dns/README.md b/modules/dns/README.md index 5b293768..11499326 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -27,7 +27,7 @@ module "private-dns" { "roles/dns.admin" = ["group:dns-administrators@myorg.com"] } } -# tftest modules=1 resources=5 inventory=private-zone.yaml +# tftest modules=1 resources=4 inventory=private-zone.yaml ``` ### Forwarding Zone @@ -45,7 +45,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=2 inventory=forwarding-zone.yaml +# tftest modules=1 resources=1 inventory=forwarding-zone.yaml ``` ### Peering Zone @@ -63,7 +63,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=2 inventory=peering-zone.yaml +# tftest modules=1 resources=1 inventory=peering-zone.yaml ``` ### Routing Policies @@ -99,7 +99,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=5 inventory=routing-policies.yaml +# tftest modules=1 resources=4 inventory=routing-policies.yaml ``` ### Reverse Lookup Zone @@ -116,7 +116,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=2 inventory=reverse-zone.yaml +# tftest modules=1 resources=1 inventory=reverse-zone.yaml ``` ### Public Zone @@ -137,7 +137,7 @@ module "public-dns" { "roles/dns.admin" = ["group:dns-administrators@myorg.com"] } } -# tftest modules=1 resources=4 inventory=public-zone.yaml +# tftest modules=1 resources=3 inventory=public-zone.yaml ``` ## Variables diff --git a/modules/dns/main.tf b/modules/dns/main.tf index 2c4c8230..5fec4f84 100644 --- a/modules/dns/main.tf +++ b/modules/dns/main.tf @@ -158,7 +158,9 @@ resource "google_dns_managed_zone_iam_binding" "iam_bindings" { } data "google_dns_keys" "dns_keys" { + count = try(var.zone_config.public.dnssec_config, null) != null ? 1 : 0 managed_zone = local.managed_zone.id + project = var.project_id } resource "google_dns_record_set" "dns_record_set" { @@ -193,4 +195,4 @@ resource "google_dns_record_set" "dns_record_set" { depends_on = [ google_dns_managed_zone.dns_managed_zone ] -} \ No newline at end of file +} diff --git a/modules/dns/outputs.tf b/modules/dns/outputs.tf index f8297d8b..7493b4cf 100644 --- a/modules/dns/outputs.tf +++ b/modules/dns/outputs.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ output "dns_keys" { description = "DNSKEY and DS records of DNSSEC-signed managed zones." - value = data.google_dns_keys.dns_keys + value = try(data.google_dns_keys.dns_keys, null) } output "domain" { diff --git a/modules/service-directory/README.md b/modules/service-directory/README.md index d79c5304..3b16cbeb 100644 --- a/modules/service-directory/README.md +++ b/modules/service-directory/README.md @@ -88,7 +88,7 @@ module "dns-sd" { } } } -# tftest modules=2 resources=6 inventory=dns.yaml +# tftest modules=2 resources=5 inventory=dns.yaml ``` diff --git a/tests/fast/stages/s2_networking_a_peering/stage.yaml b/tests/fast/stages/s2_networking_a_peering/stage.yaml index 85b123af..7c9212b6 100644 --- a/tests/fast/stages/s2_networking_a_peering/stage.yaml +++ b/tests/fast/stages/s2_networking_a_peering/stage.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,4 +14,4 @@ counts: modules: 28 - resources: 154 + resources: 145 diff --git a/tests/fast/stages/s2_networking_b_vpn/stage.yaml b/tests/fast/stages/s2_networking_b_vpn/stage.yaml index 831bcd50..3c65fddf 100644 --- a/tests/fast/stages/s2_networking_b_vpn/stage.yaml +++ b/tests/fast/stages/s2_networking_b_vpn/stage.yaml @@ -14,4 +14,4 @@ counts: modules: 30 - resources: 191 + resources: 182 diff --git a/tests/fast/stages/s2_networking_c_nva/stage.yaml b/tests/fast/stages/s2_networking_c_nva/stage.yaml index ff699bf9..43136448 100644 --- a/tests/fast/stages/s2_networking_c_nva/stage.yaml +++ b/tests/fast/stages/s2_networking_c_nva/stage.yaml @@ -14,4 +14,4 @@ counts: modules: 42 - resources: 201 + resources: 192 diff --git a/tests/fast/stages/s2_networking_d_separate_envs/stage.yaml b/tests/fast/stages/s2_networking_d_separate_envs/stage.yaml index fe8ab2d6..701e186a 100644 --- a/tests/fast/stages/s2_networking_d_separate_envs/stage.yaml +++ b/tests/fast/stages/s2_networking_d_separate_envs/stage.yaml @@ -14,4 +14,4 @@ counts: modules: 21 - resources: 171 + resources: 165 diff --git a/tests/fast/stages/s2_networking_e_nva_bgp/stage.yaml b/tests/fast/stages/s2_networking_e_nva_bgp/stage.yaml index 2c1d072e..66338505 100644 --- a/tests/fast/stages/s2_networking_e_nva_bgp/stage.yaml +++ b/tests/fast/stages/s2_networking_e_nva_bgp/stage.yaml @@ -14,4 +14,4 @@ counts: modules: 36 - resources: 212 + resources: 203 diff --git a/tests/modules/dns/examples/peering-zone.yaml b/tests/modules/dns/examples/peering-zone.yaml index ea3996ed..f9ab8494 100644 --- a/tests/modules/dns/examples/peering-zone.yaml +++ b/tests/modules/dns/examples/peering-zone.yaml @@ -30,5 +30,3 @@ values: counts: google_dns_managed_zone: 1 - -outputs: {} diff --git a/tests/modules/dns/examples/public-zone.yaml b/tests/modules/dns/examples/public-zone.yaml index 69f27599..e4766084 100644 --- a/tests/modules/dns/examples/public-zone.yaml +++ b/tests/modules/dns/examples/public-zone.yaml @@ -29,11 +29,6 @@ values: type: A counts: - google_dns_keys: 1 google_dns_managed_zone: 1 google_dns_record_set: 1 google_dns_managed_zone_iam_binding: 1 - modules: 1 - resources: 4 - -outputs: {} diff --git a/tests/modules/dns/examples/reverse-zone.yaml b/tests/modules/dns/examples/reverse-zone.yaml index 9798ced9..8d0b2465 100644 --- a/tests/modules/dns/examples/reverse-zone.yaml +++ b/tests/modules/dns/examples/reverse-zone.yaml @@ -23,5 +23,3 @@ values: counts: google_dns_managed_zone: 1 - -outputs: {}