Merge branch 'GoogleCloudPlatform:master' into master
This commit is contained in:
commit
7cd0600dfc
|
@ -71,6 +71,8 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
### MODULES
|
||||
|
||||
- [[#926](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/926)] Fix backwards compatibility for vpc subnet descriptions ([ludoo](https://github.com/ludoo)) <!-- 2022-10-28 06:13:04+00:00 -->
|
||||
- [[#927](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/927)] Add support for deployment type and api proxy type for Apigee org ([kmucha555](https://github.com/kmucha555)) <!-- 2022-10-27 19:56:41+00:00 -->
|
||||
- [[#923](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/923)] Fix service account creation error in gke nodepool module ([ludoo](https://github.com/ludoo)) <!-- 2022-10-27 15:12:05+00:00 -->
|
||||
- [[#908](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/908)] GKE module: autopilot fixes ([ludoo](https://github.com/ludoo)) <!-- 2022-10-25 21:33:49+00:00 -->
|
||||
- [[#906](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/906)] GKE module: add managed_prometheus to features ([apichick](https://github.com/apichick)) <!-- 2022-10-25 21:18:50+00:00 -->
|
||||
|
|
|
@ -13,10 +13,16 @@ module "apigee-organization" {
|
|||
analytics_region = "us-central1"
|
||||
runtime_type = "CLOUD"
|
||||
authorized_network = "my-vpc"
|
||||
apigee_environments = [
|
||||
"eval1",
|
||||
"eval2"
|
||||
]
|
||||
apigee_environments = {
|
||||
eval1 = {
|
||||
api_proxy_type = "PROGRAMMABLE"
|
||||
deployment_type = "PROXY"
|
||||
}
|
||||
eval2 = {
|
||||
api_proxy_type = "CONFIGURABLE"
|
||||
deployment_type = "ARCHIVE"
|
||||
}
|
||||
}
|
||||
apigee_envgroups = {
|
||||
eval = {
|
||||
environments = [
|
||||
|
@ -42,12 +48,18 @@ module "apigee-organization" {
|
|||
runtime_type = "CLOUD"
|
||||
authorized_network = "my-vpc"
|
||||
database_encryption_key = "my-data-key"
|
||||
apigee_environments = [
|
||||
"dev1",
|
||||
"dev2",
|
||||
"test1",
|
||||
"test2"
|
||||
]
|
||||
apigee_environments = {
|
||||
dev1 = {
|
||||
api_proxy_type = "PROGRAMMABLE"
|
||||
deployment_type = "PROXY"
|
||||
}
|
||||
dev2 = {
|
||||
api_proxy_type = "CONFIGURABLE"
|
||||
deployment_type = "ARCHIVE"
|
||||
}
|
||||
test1 = {}
|
||||
test2 = {}
|
||||
}
|
||||
apigee_envgroups = {
|
||||
dev = {
|
||||
environments = [
|
||||
|
@ -80,10 +92,13 @@ module "apigee-organization" {
|
|||
project_id = "my-project"
|
||||
analytics_region = "us-central1"
|
||||
runtime_type = "HYBRID"
|
||||
apigee_environments = [
|
||||
"eval1",
|
||||
"eval2"
|
||||
]
|
||||
apigee_environments = {
|
||||
eval1 = {
|
||||
api_proxy_type = "PROGRAMMABLE"
|
||||
deployment_type = "PROXY"
|
||||
}
|
||||
eval2 = {}
|
||||
}
|
||||
apigee_envgroups = {
|
||||
eval = {
|
||||
environments = [
|
||||
|
@ -105,15 +120,15 @@ module "apigee-organization" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [analytics_region](variables.tf#L17) | Analytics Region for the Apigee Organization (immutable). See https://cloud.google.com/apigee/docs/api-platform/get-started/install-cli. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L61) | Project ID to host this Apigee organization (will also become the Apigee Org name). | <code>string</code> | ✓ | |
|
||||
| [runtime_type](variables.tf#L66) | Apigee runtime type. Must be `CLOUD` or `HYBRID`. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L72) | Project ID to host this Apigee organization (will also become the Apigee Org name). | <code>string</code> | ✓ | |
|
||||
| [runtime_type](variables.tf#L77) | Apigee runtime type. Must be `CLOUD` or `HYBRID`. | <code>string</code> | ✓ | |
|
||||
| [apigee_envgroups](variables.tf#L22) | Apigee Environment Groups. | <code title="map(object({ environments = list(string) hostnames = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [apigee_environments](variables.tf#L31) | Apigee Environment Names. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [authorized_network](variables.tf#L37) | VPC network self link (requires service network peering enabled (Used in Apigee X only). | <code>string</code> | | <code>null</code> |
|
||||
| [billing_type](variables.tf#L75) | Billing type of the Apigee organization. | <code>string</code> | | <code>null</code> |
|
||||
| [database_encryption_key](variables.tf#L43) | Cloud KMS key self link (e.g. `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`) used for encrypting the data that is stored and replicated across runtime instances (immutable, used in Apigee X only). | <code>string</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L49) | Description of the Apigee Organization. | <code>string</code> | | <code>"Apigee Organization created by tf module"</code> |
|
||||
| [display_name](variables.tf#L55) | Display Name of the Apigee Organization. | <code>string</code> | | <code>null</code> |
|
||||
| [apigee_environments](variables.tf#L31) | Apigee Environment Names. | <code title="map(object({ api_proxy_type = optional(string, "API_PROXY_TYPE_UNSPECIFIED") deployment_type = optional(string, "DEPLOYMENT_TYPE_UNSPECIFIED") }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [authorized_network](variables.tf#L48) | VPC network self link (requires service network peering enabled (Used in Apigee X only). | <code>string</code> | | <code>null</code> |
|
||||
| [billing_type](variables.tf#L86) | Billing type of the Apigee organization. | <code>string</code> | | <code>null</code> |
|
||||
| [database_encryption_key](variables.tf#L54) | Cloud KMS key self link (e.g. `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`) used for encrypting the data that is stored and replicated across runtime instances (immutable, used in Apigee X only). | <code>string</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L60) | Description of the Apigee Organization. | <code>string</code> | | <code>"Apigee Organization created by tf module"</code> |
|
||||
| [display_name](variables.tf#L66) | Display Name of the Apigee Organization. | <code>string</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
@ -15,6 +15,14 @@
|
|||
*/
|
||||
|
||||
locals {
|
||||
env_pairs = flatten([
|
||||
for env_name, env in var.apigee_environments : {
|
||||
api_proxy_type = env.api_proxy_type
|
||||
deployment_type = env.deployment_type
|
||||
env_name = env_name
|
||||
}
|
||||
])
|
||||
|
||||
env_envgroup_pairs = flatten([
|
||||
for eg_name, eg in var.apigee_envgroups : [
|
||||
for e in eg.environments : {
|
||||
|
@ -37,9 +45,11 @@ resource "google_apigee_organization" "apigee_org" {
|
|||
}
|
||||
|
||||
resource "google_apigee_environment" "apigee_env" {
|
||||
for_each = toset(var.apigee_environments)
|
||||
org_id = google_apigee_organization.apigee_org.id
|
||||
name = each.key
|
||||
for_each = { for env in local.env_pairs : env.env_name => env }
|
||||
api_proxy_type = each.value.api_proxy_type
|
||||
deployment_type = each.value.deployment_type
|
||||
name = each.key
|
||||
org_id = google_apigee_organization.apigee_org.id
|
||||
}
|
||||
|
||||
resource "google_apigee_envgroup" "apigee_envgroup" {
|
||||
|
|
|
@ -30,8 +30,19 @@ variable "apigee_envgroups" {
|
|||
|
||||
variable "apigee_environments" {
|
||||
description = "Apigee Environment Names."
|
||||
type = list(string)
|
||||
default = []
|
||||
type = map(object({
|
||||
api_proxy_type = optional(string, "API_PROXY_TYPE_UNSPECIFIED")
|
||||
deployment_type = optional(string, "DEPLOYMENT_TYPE_UNSPECIFIED")
|
||||
}))
|
||||
default = {}
|
||||
validation {
|
||||
condition = alltrue([for k, v in var.apigee_environments : contains(["API_PROXY_TYPE_UNSPECIFIED", "PROGRAMMABLE", "CONFIGURABLE"], v.api_proxy_type)])
|
||||
error_message = "Allowed values for api_proxy_type \"API_PROXY_TYPE_UNSPECIFIED\", \"PROGRAMMABLE\" or \"CONFIGURABLE\"."
|
||||
}
|
||||
validation {
|
||||
condition = alltrue([for k, v in var.apigee_environments : contains(["DEPLOYMENT_TYPE_UNSPECIFIED", "PROXY", "ARCHIVE"], v.deployment_type)])
|
||||
error_message = "Allowed values for deployment_type \"DEPLOYMENT_TYPE_UNSPECIFIED\", \"PROXY\" or \"ARCHIVE\"."
|
||||
}
|
||||
}
|
||||
|
||||
variable "authorized_network" {
|
||||
|
|
|
@ -276,8 +276,8 @@ flow_logs: # enable, set to empty map to use defaults
|
|||
| [subnet_iam](variables.tf#L133) | Subnet IAM bindings in {REGION/NAME => {ROLE => [MEMBERS]} format. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
||||
| [subnets](variables.tf#L139) | Subnet configuration. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) enable_private_access = optional(bool, true) flow_logs_config = optional(object({ aggregation_interval = optional(string) filter_expression = optional(string) flow_sampling = optional(number) metadata = optional(string) metadata_fields = optional(list(string)) })) ipv6 = optional(object({ access_type = optional(string) enable_private_access = optional(bool, true) })) secondary_ip_ranges = optional(map(string)) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [subnets_proxy_only](variables.tf#L164) | List of proxy-only subnets for Regional HTTPS or Internal HTTPS load balancers. Note: Only one proxy-only subnet for each VPC network in each region can be active. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) active = bool }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [subnets_psc](variables.tf#L176) | List of subnets for Private Service Connect service producers. | <code title="list(object({ name = string ip_cidr_range = string region = string }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [vpc_create](variables.tf#L186) | Create VPC. When set to false, uses a data source to reference existing VPC. | <code>bool</code> | | <code>true</code> |
|
||||
| [subnets_psc](variables.tf#L176) | List of subnets for Private Service Connect service producers. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [vpc_create](variables.tf#L187) | Create VPC. When set to false, uses a data source to reference existing VPC. | <code>bool</code> | | <code>true</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
@ -72,13 +72,17 @@ locals {
|
|||
}
|
||||
|
||||
resource "google_compute_subnetwork" "subnetwork" {
|
||||
for_each = local.subnets
|
||||
project = var.project_id
|
||||
network = local.network.name
|
||||
name = each.value.name
|
||||
region = each.value.region
|
||||
ip_cidr_range = each.value.ip_cidr_range
|
||||
description = try(each.value.description, "Terraform-managed.")
|
||||
for_each = local.subnets
|
||||
project = var.project_id
|
||||
network = local.network.name
|
||||
name = each.value.name
|
||||
region = each.value.region
|
||||
ip_cidr_range = each.value.ip_cidr_range
|
||||
description = (
|
||||
each.value.description == null
|
||||
? "Terraform-managed."
|
||||
: each.value.description
|
||||
)
|
||||
private_ip_google_access = each.value.enable_private_access
|
||||
secondary_ip_range = each.value.secondary_ip_ranges == null ? [] : [
|
||||
for name, range in each.value.secondary_ip_ranges :
|
||||
|
@ -107,9 +111,10 @@ resource "google_compute_subnetwork" "proxy_only" {
|
|||
name = each.value.name
|
||||
region = each.value.region
|
||||
ip_cidr_range = each.value.ip_cidr_range
|
||||
description = try(
|
||||
each.value.description,
|
||||
"Terraform-managed proxy-only subnet for Regional HTTPS or Internal HTTPS LB."
|
||||
description = (
|
||||
each.value.description == null
|
||||
? "Terraform-managed proxy-only subnet for Regional HTTPS or Internal HTTPS LB."
|
||||
: each.value.description
|
||||
)
|
||||
purpose = "REGIONAL_MANAGED_PROXY"
|
||||
role = (
|
||||
|
@ -124,9 +129,10 @@ resource "google_compute_subnetwork" "psc" {
|
|||
name = each.value.name
|
||||
region = each.value.region
|
||||
ip_cidr_range = each.value.ip_cidr_range
|
||||
description = try(
|
||||
each.value.description,
|
||||
"Terraform-managed subnet for Private Service Connect (PSC NAT)."
|
||||
description = (
|
||||
each.value.description == null
|
||||
? "Terraform-managed subnet for Private Service Connect (PSC NAT)."
|
||||
: each.value.description
|
||||
)
|
||||
purpose = "PRIVATE_SERVICE_CONNECT"
|
||||
}
|
||||
|
|
|
@ -179,6 +179,7 @@ variable "subnets_psc" {
|
|||
name = string
|
||||
ip_cidr_range = string
|
||||
region = string
|
||||
description = optional(string)
|
||||
}))
|
||||
default = []
|
||||
}
|
||||
|
|
|
@ -21,10 +21,17 @@ module "test" {
|
|||
runtime_type = "CLOUD"
|
||||
billing_type = "EVALUATION"
|
||||
authorized_network = var.network
|
||||
apigee_environments = [
|
||||
"eval1",
|
||||
"eval2"
|
||||
]
|
||||
apigee_environments = {
|
||||
eval1 = {
|
||||
api_proxy_type = "PROGRAMMABLE"
|
||||
deployment_type = "PROXY"
|
||||
}
|
||||
eval2 = {
|
||||
api_proxy_type = "CONFIGURABLE"
|
||||
deployment_type = "ARCHIVE"
|
||||
}
|
||||
eval3 = {}
|
||||
}
|
||||
apigee_envgroups = {
|
||||
eval = {
|
||||
environments = [
|
||||
|
|
|
@ -23,7 +23,7 @@ def resources(plan_runner):
|
|||
|
||||
def test_resource_count(resources):
|
||||
"Test number of resources created."
|
||||
assert len(resources) == 6
|
||||
assert len(resources) == 7
|
||||
|
||||
|
||||
def test_envgroup_attachment(resources):
|
||||
|
@ -42,3 +42,19 @@ def test_envgroup(resources):
|
|||
assert envgroups[0]['name'] == 'eval'
|
||||
assert len(envgroups[0]['hostnames']) == 1
|
||||
assert envgroups[0]['hostnames'][0] == 'eval.api.example.com'
|
||||
|
||||
|
||||
def test_env(resources):
|
||||
"Test environments."
|
||||
envs = [r['values'] for r in resources if r['type']
|
||||
== 'google_apigee_environment']
|
||||
assert len(envs) == 3
|
||||
assert envs[0]['name'] == 'eval1'
|
||||
assert envs[0]['api_proxy_type'] == 'PROGRAMMABLE'
|
||||
assert envs[0]['deployment_type'] == 'PROXY'
|
||||
assert envs[1]['name'] == 'eval2'
|
||||
assert envs[1]['api_proxy_type'] == 'CONFIGURABLE'
|
||||
assert envs[1]['deployment_type'] == 'ARCHIVE'
|
||||
assert envs[2]['name'] == 'eval3'
|
||||
assert envs[2]['api_proxy_type'] == 'API_PROXY_TYPE_UNSPECIFIED'
|
||||
assert envs[2]['deployment_type'] == 'DEPLOYMENT_TYPE_UNSPECIFIED'
|
||||
|
|
Loading…
Reference in New Issue