From 8d827b692cd9c9106af1575435403877ea32faeb Mon Sep 17 00:00:00 2001 From: Miren Esnaola Date: Tue, 22 Nov 2022 12:51:27 +0100 Subject: [PATCH] Added endpoint attachments to Apigee module --- blueprints/cloud-operations/apigee/main.tf | 2 +- modules/apigee/README.md | 41 +++++++++++++--- modules/apigee/main.tf | 18 +++++-- modules/apigee/variables.tf | 12 ++++- tests/modules/apigee/fixture/main.tf | 13 ++--- tests/modules/apigee/fixture/test.all.tfvars | 10 ++++ .../test.endpoint_attachment_only.tfvars | 7 +++ tests/modules/apigee/fixture/variables.tf | 47 +++++++++++-------- tests/modules/apigee/test_plan.py | 9 ++++ 9 files changed, 120 insertions(+), 39 deletions(-) create mode 100644 tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars diff --git a/blueprints/cloud-operations/apigee/main.tf b/blueprints/cloud-operations/apigee/main.tf index 8ca6f6b2..d6c8e7d1 100644 --- a/blueprints/cloud-operations/apigee/main.tf +++ b/blueprints/cloud-operations/apigee/main.tf @@ -25,7 +25,7 @@ module "project" { : null ) name = var.project_id - project_create = var.project_create == null ? false : true + project_create = var.project_create != null services = [ "apigee.googleapis.com", "bigquery.googleapis.com", diff --git a/modules/apigee/README.md b/modules/apigee/README.md index eb2f9a34..1425c8f9 100644 --- a/modules/apigee/README.md +++ b/modules/apigee/README.md @@ -50,8 +50,18 @@ module "apigee" { psa_ip_cidr_range = "10.0.5.0/22" } } + endpoint_attachments = { + endpoint-backend-1 = { + region = "europe-west1" + service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1" + } + endpoint-backend-2 = { + region = "europe-west1" + service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2" + } + } } -# tftest modules=1 resources=12 +# tftest modules=1 resources=14 ``` ### All resources (HYBRID control plane) @@ -135,17 +145,36 @@ module "apigee" { } # tftest modules=1 resources=2 ``` + +### New endpoint attachment + +Endpoint attachments allow to implement [Apigee southbound network patterns](https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#create-the-psc-attachments). + +```hcl +module "apigee" { + source = "./fabric/modules/apigee" + project_id = "my-project" + endpoint_attachments = { + endpoint-backend-1 = { + region = "europe-west1" + service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1" + } + } +} +# tftest modules=1 resources=1 +``` ## Variables | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L68) | Project ID. | string | ✓ | | -| [envgroups](variables.tf#L18) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | -| [environments](variables.tf#L24) | Environments. | map(object({…})) | | null | -| [instances](variables.tf#L40) | Instance. | map(object({…})) | | null | -| [organization](variables.tf#L54) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | +| [project_id](variables.tf#L76) | Project ID. | string | ✓ | | +| [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…})) | | null | +| [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | +| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | +| [instances](variables.tf#L48) | Instances. | map(object({…})) | | null | +| [organization](variables.tf#L62) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | ## Outputs diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index 8754b458..bc5dab48 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -15,10 +15,11 @@ */ locals { - org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}") - envgroups = coalesce(var.envgroups, {}) - environments = coalesce(var.environments, {}) - instances = coalesce(var.instances, {}) + org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}") + envgroups = coalesce(var.envgroups, {}) + environments = coalesce(var.environments, {}) + instances = coalesce(var.instances, {}) + endpoint_attachments = coalesce(var.endpoint_attachments, {}) } resource "google_apigee_organization" "organization" { @@ -102,5 +103,12 @@ resource "google_apigee_instance_attachment" "instance_attachments" { instance_id = google_apigee_instance.instances[each.value.instance].id environment = try(google_apigee_environment.environments[each.value.environment].name, "${local.org_id}/environments/${each.value.environment}") - +} + +resource "google_apigee_endpoint_attachment" "endpoint_attachments" { + for_each = local.endpoint_attachments + org_id = local.org_id + endpoint_attachment_id = each.key + location = each.value.region + service_attachment = each.value.service_attachment } diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf index c9cae91c..8cddf9a4 100644 --- a/modules/apigee/variables.tf +++ b/modules/apigee/variables.tf @@ -14,6 +14,14 @@ * limitations under the License. */ +variable "endpoint_attachments" { + description = "Endpoint attachments." + type = map(object({ + region = string + service_attachment = string + })) + default = null +} variable "envgroups" { description = "Environment groups (NAME => [HOSTNAMES])." @@ -38,7 +46,7 @@ variable "environments" { } variable "instances" { - description = "Instance." + description = "Instances." type = map(object({ display_name = optional(string) description = optional(string, "Terraform-managed") @@ -68,4 +76,4 @@ variable "organization" { variable "project_id" { description = "Project ID." type = string -} +} \ No newline at end of file diff --git a/tests/modules/apigee/fixture/main.tf b/tests/modules/apigee/fixture/main.tf index 25dd8ca6..7ab25f73 100644 --- a/tests/modules/apigee/fixture/main.tf +++ b/tests/modules/apigee/fixture/main.tf @@ -15,10 +15,11 @@ */ module "test" { - source = "../../../../modules/apigee" - project_id = var.project_id - organization = var.organization - envgroups = var.envgroups - environments = var.environments - instances = var.instances + source = "../../../../modules/apigee" + project_id = var.project_id + organization = var.organization + envgroups = var.envgroups + environments = var.environments + instances = var.instances + endpoint_attachments = var.endpoint_attachments } diff --git a/tests/modules/apigee/fixture/test.all.tfvars b/tests/modules/apigee/fixture/test.all.tfvars index b0e25b92..d0c29921 100644 --- a/tests/modules/apigee/fixture/test.all.tfvars +++ b/tests/modules/apigee/fixture/test.all.tfvars @@ -39,3 +39,13 @@ instances = { psa_ip_cidr_range = "10.0.5.0/22" } } +endpoint_attachments = { + endpoint-backend-1 = { + region = "europe-west1" + service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1" + } + endpoint-backend-2 = { + region = "europe-west1" + service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2" + } +} diff --git a/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars b/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars new file mode 100644 index 00000000..bd6cbcc4 --- /dev/null +++ b/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars @@ -0,0 +1,7 @@ +project_id = "my-project" +endpoint_attachments = { + endpoint-backend-1 = { + region = "europe-west1" + service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1" + } +} diff --git a/tests/modules/apigee/fixture/variables.tf b/tests/modules/apigee/fixture/variables.tf index 687e3b53..8cddf9a4 100644 --- a/tests/modules/apigee/fixture/variables.tf +++ b/tests/modules/apigee/fixture/variables.tf @@ -14,22 +14,12 @@ * limitations under the License. */ -variable "project_id" { - description = "Project ID." - type = string -} - -variable "organization" { - description = "Apigee organization" - type = object({ - display_name = optional(string) - description = optional(string, "Apigee Organization created by tf module") - authorized_network = optional(string) - runtime_type = optional(string, "CLOUD") - billing_type = optional(string) - database_encryption_key = optional(string) - analytics_region = optional(string, "europe-west1") - }) +variable "endpoint_attachments" { + description = "Endpoint attachments." + type = map(object({ + region = string + service_attachment = string + })) default = null } @@ -43,7 +33,7 @@ variable "environments" { description = "Environments." type = map(object({ display_name = optional(string) - description = optional(string) + description = optional(string, "Terraform-managed") node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) @@ -56,10 +46,10 @@ variable "environments" { } variable "instances" { - description = "Instance." + description = "Instances." type = map(object({ display_name = optional(string) - description = optional(string) + description = optional(string, "Terraform-managed") region = string environments = list(string) psa_ip_cidr_range = string @@ -68,3 +58,22 @@ variable "instances" { })) default = null } + +variable "organization" { + description = "Apigee organization. If set to null the organization must already exist." + type = object({ + display_name = optional(string) + description = optional(string, "Terraform-managed") + authorized_network = optional(string) + runtime_type = optional(string, "CLOUD") + billing_type = optional(string) + database_encryption_key = optional(string) + analytics_region = optional(string, "europe-west1") + }) + default = null +} + +variable "project_id" { + description = "Project ID." + type = string +} \ No newline at end of file diff --git a/tests/modules/apigee/test_plan.py b/tests/modules/apigee/test_plan.py index 9804939c..e693ddbb 100644 --- a/tests/modules/apigee/test_plan.py +++ b/tests/modules/apigee/test_plan.py @@ -25,6 +25,7 @@ def test_all(plan_runner): 'google_apigee_envgroup_attachment.envgroup_attachments': 2, 'google_apigee_instance.instances': 2, 'google_apigee_instance_attachment.instance_attachments': 2, + 'google_apigee_endpoint_attachment.endpoint_attachments': 2, 'google_apigee_environment_iam_binding.binding': 1 } @@ -62,6 +63,14 @@ def test_instance_only(plan_runner): 'google_apigee_instance_attachment.instance_attachments': 1 } +def test_endpoint_attachment_only(plan_runner): + "Test that creates only an instance." + _, resources = plan_runner(tf_var_file='test.endpoint_attachment_only.tfvars') + counts = collections.Counter(f'{r["type"]}.{r["name"]}' for r in resources) + assert counts == { + 'google_apigee_endpoint_attachment.endpoint_attachments': 1, + } + def test_no_instances(plan_runner): "Test that creates everything but the instances." _, resources = plan_runner(tf_var_file='test.no_instances.tfvars')