From a42463522169e70c293fab76f76b89104319a128 Mon Sep 17 00:00:00 2001 From: Miren Esnaola Date: Fri, 16 Jun 2023 16:39:38 +0200 Subject: [PATCH] Refactored apigee module and adjusted the blueprints accordingly --- .../apigee/bigquery-analytics/README.md | 21 ++++---- blueprints/apigee/bigquery-analytics/main.tf | 4 +- .../terraform.tfvars.sample | 11 ++--- .../apigee/bigquery-analytics/variables.tf | 5 +- .../apigee.tf | 5 +- .../terraform.tfvars.sample | 2 +- modules/apigee/README.md | 49 ++++++++----------- modules/apigee/main.tf | 16 +++--- modules/apigee/variables.tf | 7 ++- tests/modules/apigee/all.tfvars | 10 ++-- tests/modules/apigee/all.yaml | 8 +-- tests/modules/apigee/instance_only.tfvars | 4 +- tests/modules/apigee/instance_only.yaml | 9 ++-- 13 files changed, 65 insertions(+), 86 deletions(-) diff --git a/blueprints/apigee/bigquery-analytics/README.md b/blueprints/apigee/bigquery-analytics/README.md index 64bb966d..5261f72e 100644 --- a/blueprints/apigee/bigquery-analytics/README.md +++ b/blueprints/apigee/bigquery-analytics/README.md @@ -59,15 +59,15 @@ Do the following to verify that everything works as expected. | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [envgroups](variables.tf#L24) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | ✓ | | -| [environments](variables.tf#L30) | Environments. | map(object({…})) | ✓ | | -| [instances](variables.tf#L45) | Instance. | map(object({…})) | ✓ | | -| [project_id](variables.tf#L92) | Project ID. | string | ✓ | | -| [psc_config](variables.tf#L98) | PSC configuration. | map(string) | ✓ | | +| [environments](variables.tf#L30) | Environments. | map(object({…})) | ✓ | | +| [instances](variables.tf#L46) | Instance. | map(object({…})) | ✓ | | +| [project_id](variables.tf#L91) | Project ID. | string | ✓ | | +| [psc_config](variables.tf#L97) | PSC configuration. | map(string) | ✓ | | | [datastore_name](variables.tf#L17) | Datastore. | string | | "gcs" | -| [organization](variables.tf#L60) | Apigee organization. | object({…}) | | {…} | -| [path](variables.tf#L76) | Bucket path. | string | | "/analytics" | -| [project_create](variables.tf#L83) | Parameters for the creation of the new project. | object({…}) | | null | -| [vpc_create](variables.tf#L104) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | +| [organization](variables.tf#L59) | Apigee organization. | object({…}) | | {…} | +| [path](variables.tf#L75) | Bucket path. | string | | "/analytics" | +| [project_create](variables.tf#L82) | Parameters for the creation of the new project. | object({…}) | | null | +| [vpc_create](variables.tf#L103) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | ## Outputs @@ -92,12 +92,11 @@ module "test" { environments = { apis-test = { envgroups = ["test"] + regions = ["europe-west1"] } } instances = { - instance-ew1 = { - region = "europe-west1" - environments = ["apis-test"] + europe-west1 = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.0.0/28" } diff --git a/blueprints/apigee/bigquery-analytics/main.tf b/blueprints/apigee/bigquery-analytics/main.tf index 80f3e1a7..1e1653c3 100644 --- a/blueprints/apigee/bigquery-analytics/main.tf +++ b/blueprints/apigee/bigquery-analytics/main.tf @@ -108,11 +108,11 @@ module "glb" { neg_configs = { for k, v in var.instances : k => { psc = { - region = v.region + region = k target_service = module.apigee.instances[k].service_attachment network = module.vpc.network.self_link subnetwork = ( - module.vpc.subnets_psc["${v.region}/subnet-psc-${v.region}"].self_link + module.vpc.subnets_psc["${k}/subnet-psc-${k}"].self_link ) } } diff --git a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample index 5a25a9f3..3820e236 100644 --- a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample +++ b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample @@ -12,13 +12,12 @@ environments = { } } instances = { - instance-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - runtime_ip_cidr_range = "10.0.4.0/22" - troubleshooting_ip_cidr_range = "10.1.1.0/28" + europe-west1 = { + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0/28" } } psc_config = { europe-west1 = "10.0.0.0/28" -} \ No newline at end of file +} diff --git a/blueprints/apigee/bigquery-analytics/variables.tf b/blueprints/apigee/bigquery-analytics/variables.tf index 1bd6cb0a..53f329b0 100644 --- a/blueprints/apigee/bigquery-analytics/variables.tf +++ b/blueprints/apigee/bigquery-analytics/variables.tf @@ -37,7 +37,8 @@ variable "environments" { max_node_count = optional(number) })) iam = optional(map(list(string))) - envgroups = list(string) + envgroups = optional(list(string)) + regions = optional(list(string)) })) nullable = false } @@ -47,8 +48,6 @@ variable "instances" { type = map(object({ display_name = optional(string) description = optional(string) - region = string - environments = list(string) runtime_ip_cidr_range = string troubleshooting_ip_cidr_range = string disk_encryption_key = optional(string) diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf index 8860e404..2923f1f6 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf @@ -76,12 +76,11 @@ module "apigee" { environments = { (local.environment) = { envgroups = [local.envgroup] + regions = [var.region] } } instances = { - instance-1 = { - region = var.region - environments = [local.environment] + (var.region) = { runtime_ip_cidr_range = var.apigee_runtime_ip_cidr_range troubleshooting_ip_cidr_range = var.apigee_troubleshooting_ip_cidr_range } diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/terraform.tfvars.sample b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/terraform.tfvars.sample index 8c3ff297..30aa37ff 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/terraform.tfvars.sample +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/terraform.tfvars.sample @@ -1,5 +1,5 @@ billing_account_id = "12345-12345-123456" parent = "folders/123456789" apigee_project_id = "my-apigee-project" -onprem_project_id = "my-onprem-project" +onprem_proje◊ct_id = "my-onprem-project" hostname = "test.myorg.org" \ No newline at end of file diff --git a/modules/apigee/README.md b/modules/apigee/README.md index 0f3daa56..bfd8d59d 100644 --- a/modules/apigee/README.md +++ b/modules/apigee/README.md @@ -25,33 +25,27 @@ module "apigee" { } environments = { apis-test = { - display_name = "APIs test" - description = "APIs Test" - deployment_type = "ARCHIVE" - api_proxy_type = "PROGRAMMABLE" - envgroups = ["test"] + display_name = "APIs test" + description = "APIs Test" + envgroups = ["test"] + regions = ["europe-west1"] } apis-prod = { - display_name = "APIs prod" - description = "APIs prod" - deployment_type = "PROXY" - api_proxy_type = "CONFIGURABLE" - envgroups = ["prod"] + display_name = "APIs prod" + description = "APIs prod" + envgroups = ["prod"] + regions = ["europe-west3"] iam = { "roles/viewer" = ["group:devops@myorg.com"] } } } instances = { - instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] + europe-west1 = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } - instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] + europe-west3 = { runtime_ip_cidr_range = "10.0.8.0/22" troubleshooting_ip_cidr_range = "10.1.16.0/28" } @@ -105,7 +99,7 @@ module "apigee" { # tftest modules=1 resources=8 ``` -### New environment group in an existing organization +### New environment group ```hcl module "apigee" { @@ -118,7 +112,7 @@ module "apigee" { # tftest modules=1 resources=1 ``` -### New environment in an existing environment group +### New environment ```hcl module "apigee" { @@ -128,29 +122,26 @@ module "apigee" { apis-test = { display_name = "APIs test" description = "APIs Test" - envgroups = ["test"] } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 ``` -### New instance attached to an existing environment +### New instance ```hcl module "apigee" { source = "./fabric/modules/apigee" project_id = "my-project" instances = { - instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] + europe-west1 = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.1.0/28" } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 ``` ### New endpoint attachment @@ -176,12 +167,12 @@ module "apigee" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L78) | Project ID. | string | ✓ | | +| [project_id](variables.tf#L77) | Project ID. | string | ✓ | | | [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…})) | | null | | [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | -| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | -| [instances](variables.tf#L49) | Instances. | map(object({…})) | | null | -| [organization](variables.tf#L64) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | +| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | +| [instances](variables.tf#L50) | Instances ([REGION] => [INSTANCE]). | map(object({…})) | | null | +| [organization](variables.tf#L63) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | ## Outputs diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index aa2d076a..c6470b95 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -63,7 +63,7 @@ resource "google_apigee_environment" "environments" { resource "google_apigee_envgroup_attachment" "envgroup_attachments" { for_each = merge(concat([for k1, v1 in local.environments : { - for v2 in v1.envgroups : "${k1}-${v2}" => { + for v2 in coalesce(v1.envgroups, []) : "${k1}-${v2}" => { environment = k1 envgroup = v2 } @@ -88,10 +88,10 @@ resource "google_apigee_environment_iam_binding" "binding" { resource "google_apigee_instance" "instances" { for_each = local.instances - name = each.key + name = "instance-${each.key}" display_name = each.value.display_name description = each.value.description - location = each.value.region + location = each.key org_id = local.org_id ip_range = "${each.value.runtime_ip_cidr_range},${each.value.troubleshooting_ip_cidr_range}" disk_encryption_key_name = each.value.disk_encryption_key @@ -99,14 +99,14 @@ resource "google_apigee_instance" "instances" { } resource "google_apigee_instance_attachment" "instance_attachments" { - for_each = merge(concat([for k1, v1 in local.instances : { - for v2 in v1.environments : + for_each = merge(concat([for k1, v1 in local.environments : { + for v2 in coalesce(v1.regions, []) : "${k1}-${v2}" => { - instance = k1 - environment = v2 + environment = k1 + region = v2 } }])...) - instance_id = google_apigee_instance.instances[each.value.instance].id + instance_id = google_apigee_instance.instances[each.value.region].id environment = try(google_apigee_environment.environments[each.value.environment].name, "${local.org_id}/environments/${each.value.environment}") } diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf index 00961aac..310ddc95 100644 --- a/modules/apigee/variables.tf +++ b/modules/apigee/variables.tf @@ -41,18 +41,17 @@ variable "environments" { max_node_count = optional(number) })) iam = optional(map(list(string))) - envgroups = list(string) + envgroups = optional(list(string)) + regions = optional(list(string)) })) default = null } variable "instances" { - description = "Instances." + description = "Instances ([REGION] => [INSTANCE])." type = map(object({ display_name = optional(string) description = optional(string, "Terraform-managed") - region = string - environments = list(string) runtime_ip_cidr_range = string troubleshooting_ip_cidr_range = string disk_encryption_key = optional(string) diff --git a/tests/modules/apigee/all.tfvars b/tests/modules/apigee/all.tfvars index 9eb337b7..69ffb084 100644 --- a/tests/modules/apigee/all.tfvars +++ b/tests/modules/apigee/all.tfvars @@ -17,26 +17,24 @@ environments = { display_name = "APIs test" description = "APIs Test" envgroups = ["test"] + regions = ["europe-west1"] } apis-prod = { display_name = "APIs prod" description = "APIs prod" envgroups = ["prod"] + regions = ["europe-west3"] iam = { "roles/viewer" = ["group:devops@myorg.com"] } } } instances = { - instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] + europe-west1 = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.0.0/28" } - instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] + europe-west3 = { runtime_ip_cidr_range = "10.0.6.0/22" troubleshooting_ip_cidr_range = "10.1.0.16/28" } diff --git a/tests/modules/apigee/all.yaml b/tests/modules/apigee/all.yaml index 587d6ff5..c23eab27 100644 --- a/tests/modules/apigee/all.yaml +++ b/tests/modules/apigee/all.yaml @@ -47,20 +47,20 @@ values: members: - group:devops@myorg.com role: roles/viewer - google_apigee_instance.instances["instance-prod-ew3"]: + google_apigee_instance.instances["europe-west3"]: description: Terraform-managed disk_encryption_key_name: null display_name: null ip_range: 10.0.6.0/22,10.1.0.16/28 location: europe-west3 - name: instance-prod-ew3 - google_apigee_instance.instances["instance-test-ew1"]: + name: instance-europe-west3 + google_apigee_instance.instances["europe-west1"]: description: Terraform-managed disk_encryption_key_name: null display_name: null ip_range: 10.0.4.0/22,10.1.0.0/28 location: europe-west1 - name: instance-test-ew1 + name: instance-europe-west1 google_apigee_organization.organization[0]: analytics_region: europe-west1 authorized_network: my-vpc diff --git a/tests/modules/apigee/instance_only.tfvars b/tests/modules/apigee/instance_only.tfvars index d9399bfa..58074946 100644 --- a/tests/modules/apigee/instance_only.tfvars +++ b/tests/modules/apigee/instance_only.tfvars @@ -1,8 +1,6 @@ project_id = "my-project" instances = { - instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] + europe-west1 = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } diff --git a/tests/modules/apigee/instance_only.yaml b/tests/modules/apigee/instance_only.yaml index 5150e979..bc42a370 100644 --- a/tests/modules/apigee/instance_only.yaml +++ b/tests/modules/apigee/instance_only.yaml @@ -13,14 +13,11 @@ # limitations under the License. values: - google_apigee_instance.instances["instance-test-ew1"]: + google_apigee_instance.instances["europe-west1"]: ip_range: 10.0.4.0/22,10.1.1.0.0/28 location: europe-west1 - name: instance-test-ew1 + name: "instance-europe-west1" org_id: organizations/my-project - google_apigee_instance_attachment.instance_attachments["instance-test-ew1-apis-test"]: - environment: organizations/my-project/environments/apis-test counts: - google_apigee_instance: 1 - google_apigee_instance_attachment: 1 + google_apigee_instance: 1 \ No newline at end of file