zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #752 from apichick/shared-vpc-host-dependency 

Added dependency on google_compute_shared_vpc_host_project.shared_vpc…
This commit is contained in:
apichick 2022-07-21 14:51:38 +02:00 committed by GitHub
parent 0b721a32d5 4069e42b66
commit 91251d89cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 55 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/project/README.md
View File

@ -404,7 +404,7 @@ output "compute_robot" {
| [name](outputs.tf#L25) | Project name. | | | [name](outputs.tf#L25) | Project name. | |
| [number](outputs.tf#L38) | Project number. | | | [number](outputs.tf#L38) | Project number. | |
| [project_id](outputs.tf#L51) | Project id. | | | [project_id](outputs.tf#L51) | Project id. | |
| [service_accounts](outputs.tf#L68) | Product robot service accounts in project. | | | [service_accounts](outputs.tf#L69) | Product robot service accounts in project. | |
| [sink_writer_identities](outputs.tf#L84) | Writer identities created for each sink. | | | [sink_writer_identities](outputs.tf#L85) | Writer identities created for each sink. | |
<!-- END TFDOC --> <!-- END TFDOC -->

1
modules/project/outputs.tf
View File

@ -57,6 +57,7 @@ output "project_id" {
google_project_organization_policy.boolean, google_project_organization_policy.boolean,
google_project_organization_policy.list, google_project_organization_policy.list,
google_project_service.project_services, google_project_service.project_services,
google_compute_shared_vpc_host_project.shared_vpc_host,
google_compute_shared_vpc_service_project.service_projects, google_compute_shared_vpc_service_project.service_projects,
google_project_iam_member.shared_vpc_host_robots, google_project_iam_member.shared_vpc_host_robots,
google_kms_crypto_key_iam_member.service_identity_cmek, google_kms_crypto_key_iam_member.service_identity_cmek,

6
tests/modules/project/fixture/main.tf
View File

@ -16,8 +16,8 @@
module "test" { module "test" {
source = "../../../../modules/project" source = "../../../../modules/project"
name = "my-project" name = var.name
billing_account = "12345-12345-12345" billing_account = var.billing_account
auto_create_network = var.auto_create_network auto_create_network = var.auto_create_network
custom_roles = var.custom_roles custom_roles = var.custom_roles
iam = var.iam iam = var.iam
@ -36,4 +36,6 @@ module "test" {
services = var.services services = var.services
logging_sinks = var.logging_sinks logging_sinks = var.logging_sinks
logging_exclusions = var.logging_exclusions logging_exclusions = var.logging_exclusions
shared_vpc_host_config = var.shared_vpc_host_config
} }

24
tests/modules/project/fixture/variables.tf
View File

@ -14,6 +14,16 @@
* limitations under the License. * limitations under the License.
*/ */
variable "name" {
type = string
default = "my-project"
}
variable "billing_account" {
type = string
default = "12345-12345-12345"
}
variable "auto_create_network" { variable "auto_create_network" {
type = bool type = bool
default = false default = false
@ -115,3 +125,17 @@ variable "logging_exclusions" {
type = map(string) type = map(string)
default = {} default = {}
} }
variable "shared_vpc_host_config" {
type = object({
enabled = bool
service_projects = list(string)
})
default = {
enabled = true
service_projects = [
"my-service-project-1",
"my-service-project-2"
]
}
}

31
tests/modules/project/test_plan.py
View File

@ -15,31 +15,36 @@
def test_prefix(plan_runner): def test_prefix(plan_runner):
"Test project id prefix." "Test project id prefix."
_, resources = plan_runner() _, resources = plan_runner()
assert len(resources) == 1 assert len(resources) == 4
assert resources[0]['values']['name'] == 'my-project' [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
assert project_resource['values']['name'] == 'my-project'
_, resources = plan_runner(prefix='foo') _, resources = plan_runner(prefix='foo')
assert len(resources) == 1 assert len(resources) == 4
assert resources[0]['values']['name'] == 'foo-my-project' [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
assert project_resource['values']['name'] == 'foo-my-project'
def test_parent(plan_runner): def test_parent(plan_runner):
"Test project parent." "Test project parent."
_, resources = plan_runner(parent='folders/12345678') _, resources = plan_runner(parent='folders/12345678')
assert len(resources) == 1 assert len(resources) == 4
assert resources[0]['values']['folder_id'] == '12345678' [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
assert resources[0]['values'].get('org_id') == None assert project_resource['values']['folder_id'] == '12345678'
assert project_resource['values'].get('org_id') == None
_, resources = plan_runner(parent='organizations/12345678') _, resources = plan_runner(parent='organizations/12345678')
assert len(resources) == 1 assert len(resources) == 4
assert resources[0]['values']['org_id'] == '12345678' [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
assert resources[0]['values'].get('folder_id') == None assert project_resource['values']['org_id'] == '12345678'
assert project_resource['values'].get('folder_id') == None
def test_no_parent(plan_runner): def test_no_parent(plan_runner):
"Test null project parent." "Test null project parent."
_, resources = plan_runner() _, resources = plan_runner()
assert len(resources) == 1 assert len(resources) == 4
assert resources[0]['values'].get('folder_id') == None [project_resource] = [r for r in resources if r['address'] == 'module.test.google_project.project[0]']
assert resources[0]['values'].get('org_id') == None assert project_resource['values'].get('folder_id') == None
assert project_resource['values'].get('org_id') == None
def test_service_encryption_keys(plan_runner): def test_service_encryption_keys(plan_runner):

6
tests/modules/project/test_plan_logging.py
View File

@ -56,7 +56,7 @@ def test_sinks(plan_runner):
} }
""" """
_, resources = plan_runner(logging_sinks=logging_sinks) _, resources = plan_runner(logging_sinks=logging_sinks)
assert len(resources) == 9 assert len(resources) == 12
resource_types = Counter([r["type"] for r in resources]) resource_types = Counter([r["type"] for r in resources])
assert resource_types == { assert resource_types == {
@ -66,6 +66,8 @@ def test_sinks(plan_runner):
"google_project_iam_member": 1, "google_project_iam_member": 1,
"google_pubsub_topic_iam_member": 1, "google_pubsub_topic_iam_member": 1,
"google_storage_bucket_iam_member": 1, "google_storage_bucket_iam_member": 1,
"google_compute_shared_vpc_host_project": 1,
"google_compute_shared_vpc_service_project": 2
} }
sinks = [r for r in resources if r["type"] == "google_logging_project_sink"] sinks = [r for r in resources if r["type"] == "google_logging_project_sink"]
@ -149,7 +151,7 @@ def test_exclusions(plan_runner):
"}" "}"
) )
_, resources = plan_runner(logging_exclusions=logging_exclusions) _, resources = plan_runner(logging_exclusions=logging_exclusions)
assert len(resources) == 3 assert len(resources) == 6
exclusions = [ exclusions = [
r for r in resources if r["type"] == "google_logging_project_exclusion" r for r in resources if r["type"] == "google_logging_project_exclusion"
] ]

4
tests/modules/project/test_plan_org_policies.py
View File

@ -16,7 +16,7 @@ def test_policy_boolean(plan_runner):
"Test boolean org policy." "Test boolean org policy."
policy_boolean = '{policy-a = true, policy-b = false, policy-c = null}' policy_boolean = '{policy-a = true, policy-b = false, policy-c = null}'
_, resources = plan_runner(policy_boolean=policy_boolean) _, resources = plan_runner(policy_boolean=policy_boolean)
assert len(resources) == 4 assert len(resources) == 7
resources = [r for r in resources if r['type'] resources = [r for r in resources if r['type']
== 'google_project_organization_policy'] == 'google_project_organization_policy']
assert sorted([r['index'] for r in resources]) == [ assert sorted([r['index'] for r in resources]) == [
@ -45,7 +45,7 @@ def test_policy_list(plan_runner):
'}' '}'
) )
_, resources = plan_runner(policy_list=policy_list) _, resources = plan_runner(policy_list=policy_list)
assert len(resources) == 4 assert len(resources) == 7
values = [r['values'] for r in resources if r['type'] values = [r['values'] for r in resources if r['type']
== 'google_project_organization_policy'] == 'google_project_organization_policy']
assert [r['constraint'] for r in values] == [ assert [r['constraint'] for r in values] == [