diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 33693873..21c0746a 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -37,7 +37,7 @@ jobs: - name: Set up Terraform uses: hashicorp/setup-terraform@v1 with: - terraform_version: 1.3 + terraform_version: 1.3.2 - name: Install dependencies run: | diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a7e427d7..2a903525 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -30,7 +30,7 @@ env: PYTEST_ADDOPTS: "--color=yes" PYTHON_VERSION: "3.10" TF_PLUGIN_CACHE_DIR: "/home/runner/.terraform.d/plugin-cache" - TF_VERSION: 1.3.0 + TF_VERSION: 1.3.2 jobs: doc-examples: @@ -48,10 +48,18 @@ jobs: with: python-version: ${{ env.PYTHON_VERSION }} + - name: Set up Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ env.TF_VERSION }} + terraform_wrapper: false + + # avoid conflicts with user-installed providers on local machines - name: Pin provider versions run: | - sed -i 's/>=\(.*# tftest\)/=\1/g' default-versions.tf - find -name versions.tf -exec cp default-versions.tf {} \; + for f in $(find . -name versions.tf); do + sed -i 's/>=\(.*# tftest\)/=\1/g' $f; + done - name: Run tests on documentation examples id: pytest @@ -76,15 +84,17 @@ jobs: python-version: ${{ env.PYTHON_VERSION }} - name: Set up Terraform - uses: hashicorp/setup-terraform@v1 + uses: hashicorp/setup-terraform@v2 with: terraform_version: ${{ env.TF_VERSION }} terraform_wrapper: false + # avoid conflicts with user-installed providers on local machines - name: Pin provider versions run: | - sed -i 's/>=\(.*# tftest\)/=\1/g' default-versions.tf - find -name versions.tf -exec cp default-versions.tf {} \; + for f in $(find . -name versions.tf); do + sed -i 's/>=\(.*# tftest\)/=\1/g' $f; + done - name: Run tests environments id: pytest @@ -109,15 +119,17 @@ jobs: python-version: ${{ env.PYTHON_VERSION }} - name: Set up Terraform - uses: hashicorp/setup-terraform@v1 + uses: hashicorp/setup-terraform@v2 with: terraform_version: ${{ env.TF_VERSION }} terraform_wrapper: false + # avoid conflicts with user-installed providers on local machines - name: Pin provider versions run: | - sed -i 's/>=\(.*# tftest\)/=\1/g' default-versions.tf - find -name versions.tf -exec cp default-versions.tf {} \; + for f in $(find . -name versions.tf); do + sed -i 's/>=\(.*# tftest\)/=\1/g' $f; + done - name: Run tests modules id: pytest @@ -142,15 +154,17 @@ jobs: python-version: ${{ env.PYTHON_VERSION }} - name: Set up Terraform - uses: hashicorp/setup-terraform@v1 + uses: hashicorp/setup-terraform@v2 with: terraform_version: ${{ env.TF_VERSION }} terraform_wrapper: false + # avoid conflicts with user-installed providers on local machines - name: Pin provider versions run: | - sed -i 's/>=\(.*# tftest\)/=\1/g' default-versions.tf - find -name versions.tf -exec cp default-versions.tf {} \; + for f in $(find . -name versions.tf); do + sed -i 's/>=\(.*# tftest\)/=\1/g' $f; + done - name: Run tests on FAST stages id: pytest diff --git a/FABRIC-AND-CFT.md b/FABRIC-AND-CFT.md new file mode 100644 index 00000000..7ddba3f2 --- /dev/null +++ b/FABRIC-AND-CFT.md @@ -0,0 +1,170 @@ +# Cloud Foundation Fabric and Cloud Foundation Toolkit + +This page highlights the main differences (both technical and philosophical) between Cloud Foundation Fabric and Cloud Foundation Toolkit for end users and guide them in their decision making process for identifying the best suite of modules for their use cases. + +## Cloud Foundation Fabric (a.k.a Fabric, this repo) + +Fabric is a collection of Terraform modules and end to end examples meant to be cloned as a single unit and used as is for fast prototyping or decomposed and modified for usage in organizations. + +## Cloud Foundation Toolkit (a.k.a CFT) + +CFT is a collection of Terraform modules and examples with opinionated GCP best practices implemented as individual modules for gradual adoption and off the shelf usage in organizations. + +## Third-party reviews + +* [Google Cloud Landing Zone Comparison](https://www.meshcloud.io/2022/09/09/gcp-landing-zone-comparison/) by Meshcloud. + +## Key Differences + +
+ | +Fabric + | +CFT + | +
Target User + | +Organizations interested in forking, maintaining and customizing Terraform modules. + | +Organizations interested in using opinionated, prebuilt Terraform modules. + | +
Configuration + | +Less opinionated allowing end users higher flexibility. + | +Opinionated by default, end users may need to fork if it does not meet their use case. + | +
Extensibility + | +Built with extensibility in mind catering to fork and use patterns. Modules are often lightweight and easy to adopt / tailor to specific use cases. + | +Not built with fork and use extensibility, caters to off the shelf consumption. + | +
Config customization + | +Prefer customization using variables via objects, tight variable space. + | +Prefer customization using variables via primitives. + | +
Examples + | +Thorough examples for individual modules, and end to end examples composing multiple modules covering a wide variety of use cases from foundations to solutions. + | +Examples for a module mostly focus on that individual module. \ + \ +Composition is often not shown in examples but in other modules built using smaller modules. + | +
Resources + | +Leaner modules wrapping resources. + | +Heavier root modules that often compose leaner sub modules wrapping resources. + | +
Resource grouping + | +Generally grouped by logical entities. + | +Generally grouped by products/product areas. + | +
Release Cadence + | +Modules versioned and released together. + | +Modules versioned and released individually. + | +
Individual module usage + | +Individual modules consumed directly using Git as a module source.
+ +For production usage, we encourage customers to “fork and own” their own repository. + |
+ Individual repositories consumed via the Terraform registry.
+ +For production/airgapped usage, customers may also mirror modules to a private registry. + |
+
Factories + | +Fabric implements several "factories" in modules, where users can drive or automate Terraform via YAML files (projects, subnetworks, firewalls, etc.). + | ++ | +
Organizational adoption + | +Mono repo cloned into an organizational VCS (or catalog) and separated into individual modules for internal consumption. + | +Individual repos forked (for air gap) or wrapping upstream sources to create individual modules for internal consumption. + | +
Distribution + | +Distributed via Git/GitHub. + | +Distributed via Git/GitHub and Terraform Registry. + | +
Testing + | +Every PR performs unit tests on modules, examples, and documentation snippets by evaluating a Terraform plan via Python tftest library. + | +Every PR performs full end-to-end deployment with integration tests using the blueprint test framework. + | +
list(object({…}))
| ✓ | |
-| [project_id](variables.tf#L209) | Project id. | string
| ✓ | |
-| [zone](variables.tf#L268) | Compute zone. | string
| ✓ | |
-| [attached_disk_defaults](variables.tf#L17) | Defaults for attached disks options. | object({…})
| | {…}
|
-| [attached_disks](variables.tf#L32) | Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null. | list(object({…}))
| | []
|
-| [boot_disk](variables.tf#L58) | Boot disk properties. | object({…})
| | {…}
|
-| [boot_disk_delete](variables.tf#L72) | Auto delete boot disk. | bool
| | true
|
-| [can_ip_forward](variables.tf#L78) | Enable IP forwarding. | bool
| | false
|
-| [confidential_compute](variables.tf#L84) | Enable Confidential Compute for these instances. | bool
| | false
|
-| [create_template](variables.tf#L90) | Create instance template instead of instances. | bool
| | false
|
-| [description](variables.tf#L95) | Description of a Compute Instance. | string
| | "Managed by the compute-vm Terraform module."
|
-| [enable_display](variables.tf#L100) | Enable virtual display on the instances. | bool
| | false
|
-| [encryption](variables.tf#L106) | Encryption options. Only one of kms_key_self_link and disk_encryption_key_raw may be set. If needed, you can specify to encrypt or not the boot disk. | object({…})
| | null
|
-| [group](variables.tf#L116) | Define this variable to create an instance group for instances. Disabled for template use. | object({…})
| | null
|
-| [hostname](variables.tf#L124) | Instance FQDN name. | string
| | null
|
-| [iam](variables.tf#L130) | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string))
| | {}
|
-| [instance_type](variables.tf#L136) | Instance type. | string
| | "f1-micro"
|
-| [labels](variables.tf#L142) | Instance labels. | map(string)
| | {}
|
-| [metadata](variables.tf#L148) | Instance metadata. | map(string)
| | {}
|
-| [min_cpu_platform](variables.tf#L154) | Minimum CPU platform. | string
| | null
|
-| [network_interface_options](variables.tf#L165) | Network interfaces extended options. The key is the index of the inteface to configure. The value is an object with alias_ips and nic_type. Set alias_ips or nic_type to null if you need only one of them. | map(object({…}))
| | {}
|
-| [options](variables.tf#L187) | Instance options. | object({…})
| | {…}
|
-| [scratch_disks](variables.tf#L214) | Scratch disks configuration. | object({…})
| | {…}
|
-| [service_account](variables.tf#L226) | Service account email. Unused if service account is auto-created. | string
| | null
|
-| [service_account_create](variables.tf#L232) | Auto-create service account. | bool
| | false
|
-| [service_account_scopes](variables.tf#L240) | Scopes applied to service account. | list(string)
| | []
|
-| [shielded_config](variables.tf#L246) | Shielded VM configuration of the instances. | object({…})
| | null
|
-| [tag_bindings](variables.tf#L256) | Tag bindings for this instance, in key => tag value id format. | map(string)
| | null
|
-| [tags](variables.tf#L262) | Instance network tags for firewall rule targets. | list(string)
| | []
|
+| [name](variables.tf#L163) | Instance name. | string
| ✓ | |
+| [network_interfaces](variables.tf#L168) | Network interfaces configuration. Use self links for Shared VPC, set addresses to null if not needed. | list(object({…}))
| ✓ | |
+| [project_id](variables.tf#L205) | Project id. | string
| ✓ | |
+| [zone](variables.tf#L264) | Compute zone. | string
| ✓ | |
+| [attached_disk_defaults](variables.tf#L17) | Defaults for attached disks options. | object({…})
| | {…}
|
+| [attached_disks](variables.tf#L31) | Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null. | list(object({…}))
| | []
|
+| [boot_disk](variables.tf#L64) | Boot disk properties. | object({…})
| | {…}
|
+| [can_ip_forward](variables.tf#L80) | Enable IP forwarding. | bool
| | false
|
+| [confidential_compute](variables.tf#L86) | Enable Confidential Compute for these instances. | bool
| | false
|
+| [create_template](variables.tf#L92) | Create instance template instead of instances. | bool
| | false
|
+| [description](variables.tf#L97) | Description of a Compute Instance. | string
| | "Managed by the compute-vm Terraform module."
|
+| [enable_display](variables.tf#L103) | Enable virtual display on the instances. | bool
| | false
|
+| [encryption](variables.tf#L109) | Encryption options. Only one of kms_key_self_link and disk_encryption_key_raw may be set. If needed, you can specify to encrypt or not the boot disk. | object({…})
| | null
|
+| [group](variables.tf#L119) | Define this variable to create an instance group for instances. Disabled for template use. | object({…})
| | null
|
+| [hostname](variables.tf#L127) | Instance FQDN name. | string
| | null
|
+| [iam](variables.tf#L133) | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string))
| | {}
|
+| [instance_type](variables.tf#L139) | Instance type. | string
| | "f1-micro"
|
+| [labels](variables.tf#L145) | Instance labels. | map(string)
| | {}
|
+| [metadata](variables.tf#L151) | Instance metadata. | map(string)
| | {}
|
+| [min_cpu_platform](variables.tf#L157) | Minimum CPU platform. | string
| | null
|
+| [options](variables.tf#L183) | Instance options. | object({…})
| | {…}
|
+| [scratch_disks](variables.tf#L210) | Scratch disks configuration. | object({…})
| | {…}
|
+| [service_account](variables.tf#L222) | Service account email. Unused if service account is auto-created. | string
| | null
|
+| [service_account_create](variables.tf#L228) | Auto-create service account. | bool
| | false
|
+| [service_account_scopes](variables.tf#L236) | Scopes applied to service account. | list(string)
| | []
|
+| [shielded_config](variables.tf#L242) | Shielded VM configuration of the instances. | object({…})
| | null
|
+| [tag_bindings](variables.tf#L252) | Tag bindings for this instance, in key => tag value id format. | map(string)
| | null
|
+| [tags](variables.tf#L258) | Instance network tags for firewall rule targets. | list(string)
| | []
|
## Outputs
diff --git a/modules/compute-vm/main.tf b/modules/compute-vm/main.tf
index 3a588160..567293ab 100644
--- a/modules/compute-vm/main.tf
+++ b/modules/compute-vm/main.tf
@@ -29,12 +29,6 @@ locals {
for k, v in local.attached_disks :
k => v if try(v.options.replica_zone, null) == null
}
- network_interface_options = {
- for i, v in var.network_interfaces : i => lookup(var.network_interface_options, i, {
- alias_ips = null,
- nic_type = null
- })
- }
on_host_maintenance = (
var.options.spot || var.confidential_compute
? "TERMINATE"
@@ -169,7 +163,7 @@ resource "google_compute_instance" "default" {
}
boot_disk {
- auto_delete = var.boot_disk_delete
+ auto_delete = var.boot_disk.auto_delete
initialize_params {
type = var.boot_disk.type
image = var.boot_disk.image
@@ -200,14 +194,14 @@ resource "google_compute_instance" "default" {
}
}
dynamic "alias_ip_range" {
- for_each = local.network_interface_options[config.key].alias_ips != null ? local.network_interface_options[config.key].alias_ips : {}
+ for_each = config.value.alias_ips
iterator = config_alias
content {
subnetwork_range_name = config_alias.key
ip_cidr_range = config_alias.value
}
}
- nic_type = local.network_interface_options[config.key].nic_type
+ nic_type = config.value.nic_type
}
}
@@ -272,7 +266,7 @@ resource "google_compute_instance_template" "default" {
labels = var.labels
disk {
- auto_delete = var.boot_disk_delete
+ auto_delete = var.boot_disk.auto_delete
boot = true
disk_size_gb = var.boot_disk.size
disk_type = var.boot_disk.type
@@ -334,14 +328,14 @@ resource "google_compute_instance_template" "default" {
}
}
dynamic "alias_ip_range" {
- for_each = local.network_interface_options[config.key].alias_ips != null ? local.network_interface_options[config.key].alias_ips : {}
+ for_each = config.value.alias_ips
iterator = config_alias
content {
subnetwork_range_name = config_alias.key
ip_cidr_range = config_alias.value
}
}
- nic_type = local.network_interface_options[config.key].nic_type
+ nic_type = config.value.nic_type
}
}
diff --git a/modules/compute-vm/variables.tf b/modules/compute-vm/variables.tf
index 86719408..791968bb 100644
--- a/modules/compute-vm/variables.tf
+++ b/modules/compute-vm/variables.tf
@@ -22,7 +22,6 @@ variable "attached_disk_defaults" {
type = string
})
default = {
- auto_delete = true
mode = "READ_WRITE"
replica_zone = null
type = "pd-balanced"
@@ -34,13 +33,20 @@ variable "attached_disks" {
type = list(object({
name = string
size = string
- source = string
- source_type = string
- options = object({
- mode = string
- replica_zone = string
- type = string
- })
+ source = optional(string)
+ source_type = optional(string)
+ options = optional(
+ object({
+ mode = optional(string, "READ_WRITE")
+ replica_zone = optional(string)
+ type = optional(string, "pd-balanced")
+ }),
+ {
+ mode = "READ_WRITE"
+ replica_zone = null
+ type = "pd-balanced"
+ }
+ )
}))
default = []
validation {
@@ -58,23 +64,19 @@ variable "attached_disks" {
variable "boot_disk" {
description = "Boot disk properties."
type = object({
- image = string
- size = number
- type = string
+ auto_delete = optional(bool, true)
+ image = optional(string, "projects/debian-cloud/global/images/family/debian-11")
+ size = optional(number, 10)
+ type = optional(string, "pd-balanced")
})
default = {
- image = "projects/debian-cloud/global/images/family/debian-11"
- type = "pd-balanced"
- size = 10
+ auto_delete = true
+ image = "projects/debian-cloud/global/images/family/debian-11"
+ type = "pd-balanced"
+ size = 10
}
}
-variable "boot_disk_delete" {
- description = "Auto delete boot disk."
- type = bool
- default = true
-}
-
variable "can_ip_forward" {
description = "Enable IP forwarding."
type = bool
@@ -97,6 +99,7 @@ variable "description" {
type = string
default = "Managed by the compute-vm Terraform module."
}
+
variable "enable_display" {
description = "Enable virtual display on the instances."
type = bool
@@ -106,9 +109,9 @@ variable "enable_display" {
variable "encryption" {
description = "Encryption options. Only one of kms_key_self_link and disk_encryption_key_raw may be set. If needed, you can specify to encrypt or not the boot disk."
type = object({
- encrypt_boot = bool
- disk_encryption_key_raw = string
- kms_key_self_link = string
+ encrypt_boot = optional(bool, false)
+ disk_encryption_key_raw = optional(string)
+ kms_key_self_link = optional(string)
})
default = null
}
@@ -162,35 +165,28 @@ variable "name" {
type = string
}
-variable "network_interface_options" {
- description = "Network interfaces extended options. The key is the index of the inteface to configure. The value is an object with alias_ips and nic_type. Set alias_ips or nic_type to null if you need only one of them."
- type = map(object({
- alias_ips = map(string)
- nic_type = string
- }))
- default = {}
-}
-
variable "network_interfaces" {
description = "Network interfaces configuration. Use self links for Shared VPC, set addresses to null if not needed."
type = list(object({
- nat = bool
+ nat = optional(bool, false)
network = string
subnetwork = string
- addresses = object({
+ addresses = optional(object({
internal = string
external = string
- })
+ }), null)
+ alias_ips = optional(map(string), {})
+ nic_type = optional(string)
}))
}
variable "options" {
description = "Instance options."
type = object({
- allow_stopping_for_update = bool
- deletion_protection = bool
- spot = bool
- termination_action = string
+ allow_stopping_for_update = optional(bool, true)
+ deletion_protection = optional(bool, false)
+ spot = optional(bool, false)
+ termination_action = optional(string)
})
default = {
allow_stopping_for_update = true
diff --git a/modules/compute-vm/versions.tf b/modules/compute-vm/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/compute-vm/versions.tf
+++ b/modules/compute-vm/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/container-registry/versions.tf b/modules/container-registry/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/container-registry/versions.tf
+++ b/modules/container-registry/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/data-catalog-policy-tag/versions.tf b/modules/data-catalog-policy-tag/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/data-catalog-policy-tag/versions.tf
+++ b/modules/data-catalog-policy-tag/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/datafusion/versions.tf b/modules/datafusion/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/datafusion/versions.tf
+++ b/modules/datafusion/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/dns/versions.tf
+++ b/modules/dns/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/endpoints/versions.tf b/modules/endpoints/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/endpoints/versions.tf
+++ b/modules/endpoints/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/folder/versions.tf b/modules/folder/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/folder/versions.tf
+++ b/modules/folder/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/gcs/versions.tf b/modules/gcs/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/gcs/versions.tf
+++ b/modules/gcs/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/gke-cluster/versions.tf b/modules/gke-cluster/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/gke-cluster/versions.tf
+++ b/modules/gke-cluster/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/gke-hub/versions.tf b/modules/gke-hub/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/gke-hub/versions.tf
+++ b/modules/gke-hub/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/gke-nodepool/versions.tf b/modules/gke-nodepool/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/gke-nodepool/versions.tf
+++ b/modules/gke-nodepool/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/iam-service-account/versions.tf b/modules/iam-service-account/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/iam-service-account/versions.tf
+++ b/modules/iam-service-account/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/kms/versions.tf b/modules/kms/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/kms/versions.tf
+++ b/modules/kms/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/logging-bucket/versions.tf b/modules/logging-bucket/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/logging-bucket/versions.tf
+++ b/modules/logging-bucket/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-address/versions.tf b/modules/net-address/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-address/versions.tf
+++ b/modules/net-address/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-cloudnat/versions.tf b/modules/net-cloudnat/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-cloudnat/versions.tf
+++ b/modules/net-cloudnat/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-glb/versions.tf b/modules/net-glb/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-glb/versions.tf
+++ b/modules/net-glb/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-ilb-l7/versions.tf b/modules/net-ilb-l7/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-ilb-l7/versions.tf
+++ b/modules/net-ilb-l7/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-ilb/versions.tf b/modules/net-ilb/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-ilb/versions.tf
+++ b/modules/net-ilb/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-interconnect-attachment-direct/versions.tf b/modules/net-interconnect-attachment-direct/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-interconnect-attachment-direct/versions.tf
+++ b/modules/net-interconnect-attachment-direct/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpc-firewall/versions.tf b/modules/net-vpc-firewall/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpc-firewall/versions.tf
+++ b/modules/net-vpc-firewall/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpc-peering/versions.tf b/modules/net-vpc-peering/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpc-peering/versions.tf
+++ b/modules/net-vpc-peering/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpc/versions.tf b/modules/net-vpc/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpc/versions.tf
+++ b/modules/net-vpc/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpn-dynamic/versions.tf b/modules/net-vpn-dynamic/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpn-dynamic/versions.tf
+++ b/modules/net-vpn-dynamic/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpn-ha/versions.tf b/modules/net-vpn-ha/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpn-ha/versions.tf
+++ b/modules/net-vpn-ha/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/net-vpn-static/versions.tf b/modules/net-vpn-static/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/net-vpn-static/versions.tf
+++ b/modules/net-vpn-static/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/organization-policy/versions.tf b/modules/organization-policy/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/organization-policy/versions.tf
+++ b/modules/organization-policy/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/organization/versions.tf b/modules/organization/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/organization/versions.tf
+++ b/modules/organization/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/project/versions.tf b/modules/project/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/project/versions.tf
+++ b/modules/project/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/projects-data-source/versions.tf b/modules/projects-data-source/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/projects-data-source/versions.tf
+++ b/modules/projects-data-source/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/pubsub/versions.tf b/modules/pubsub/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/pubsub/versions.tf
+++ b/modules/pubsub/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/secret-manager/versions.tf b/modules/secret-manager/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/secret-manager/versions.tf
+++ b/modules/secret-manager/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/service-directory/versions.tf b/modules/service-directory/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/service-directory/versions.tf
+++ b/modules/service-directory/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/source-repository/versions.tf b/modules/source-repository/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/source-repository/versions.tf
+++ b/modules/source-repository/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/modules/vpc-sc/versions.tf b/modules/vpc-sc/versions.tf
index 8abac788..adb52a93 100644
--- a/modules/vpc-sc/versions.tf
+++ b/modules/vpc-sc/versions.tf
@@ -13,7 +13,7 @@
# limitations under the License.
terraform {
- required_version = ">= 1.3.0"
+ required_version = ">= 1.3.2"
required_providers {
google = {
source = "hashicorp/google"
diff --git a/tests/conftest.py b/tests/conftest.py
index 48498db5..a5ded070 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -145,3 +145,8 @@ def apply_runner():
return apply, output
return run_apply
+
+
+@pytest.fixture
+def basedir():
+ return BASEDIR
diff --git a/tests/fast/stages/s00_cicd/__init__.py b/tests/fast/stages/s00_cicd/__init__.py
new file mode 100644
index 00000000..6d6d1266
--- /dev/null
+++ b/tests/fast/stages/s00_cicd/__init__.py
@@ -0,0 +1,13 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
diff --git a/tests/fast/stages/s00_cicd/test_providers.py b/tests/fast/stages/s00_cicd/test_providers.py
new file mode 100644
index 00000000..e45c869e
--- /dev/null
+++ b/tests/fast/stages/s00_cicd/test_providers.py
@@ -0,0 +1,34 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+'''
+github = {
+ source = "integrations/github"
+ version = "~> 4.0"
+}
+gitlab = {
+ source = "gitlabhq/gitlab"
+ version = ">= 3.16.1"
+}
+'''
+
+
+def test_providers(basedir):
+ "Test providers file."
+ p = os.path.join(basedir, 'fast/stages/00-cicd/versions.tf')
+ with open(p) as f:
+ data = f.read()
+ assert 'integrations/github' in data
+ assert 'gitlabhq/gitlab' in data
diff --git a/tests/modules/compute_vm/fixture/variables.tf b/tests/modules/compute_vm/fixture/variables.tf
index 1c28d2d9..c59199d9 100644
--- a/tests/modules/compute_vm/fixture/variables.tf
+++ b/tests/modules/compute_vm/fixture/variables.tf
@@ -16,27 +16,13 @@
variable "attached_disks" {
description = "Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null."
- type = list(object({
- name = string
- size = string
- source = string
- source_type = string
- options = object({
- mode = string
- replica_zone = string
- type = string
- })
- }))
- default = []
+ type = any
+ default = []
}
variable "attached_disk_defaults" {
description = "Defaults for attached disks options."
- type = object({
- mode = string
- replica_zone = string
- type = string
- })
+ type = any
default = {
mode = "READ_WRITE"
replica_zone = null
@@ -70,31 +56,13 @@ variable "metadata" {
}
variable "network_interfaces" {
- type = list(object({
- nat = bool
- network = string
- subnetwork = string
- addresses = object({
- internal = string
- external = string
- })
- }))
+ type = any
default = [{
network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default",
subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default",
- nat = false,
- addresses = null
}]
}
-variable "network_interface_options" {
- type = map(object({
- alias_ips = map(string)
- nic_type = string
- }))
- default = {}
-}
-
variable "service_account_create" {
type = bool
default = false