zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed e2e tests for alloydb module (#2321) 

* fixed e2e tests for alloydb module
This commit is contained in:
simonebruzzechesse 2024-05-30 11:41:15 +02:00 committed by GitHub
parent d1ec3b0499
commit 941a35ab69
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 60 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
modules/alloydb/README.md
View File

@ -1,6 +1,6 @@
# AlloyDB module # AlloyDB module
This module manages the creation of an AlloyDB cluster. It also supports cross-region replication scenario by setting up a secondary cluster. This module manages the creation of an AlloyDB cluster. It also supports cross-region replication scenario by setting up a secondary cluster.
It can also create an initial set of users via the `users` variable. It can also create an initial set of users via the `users` variable.
Note that this module assumes that some options are the same for both the primary instance and the secondary one in case of cross regional replication configuration. Note that this module assumes that some options are the same for both the primary instance and the secondary one in case of cross regional replication configuration.
@ -43,8 +43,7 @@ module "vpc" {
name = "my-network" name = "my-network"
# need only one - psa_config or subnets_psc # need only one - psa_config or subnets_psc
psa_configs = [{ psa_configs = [{
ranges = { alloydb = "10.60.0.0/16" } ranges = { alloydb = "10.60.0.0/16" }
deletion_policy = "ABANDON"
}] }]
subnets_psc = [{ subnets_psc = [{
ip_cidr_range = "10.0.3.0/24" ip_cidr_range = "10.0.3.0/24"
@ -86,7 +85,7 @@ module "alloydb" {
# tftest modules=1 resources=4 inventory=cross_region_replication.yaml e2e # tftest modules=1 resources=4 inventory=cross_region_replication.yaml e2e
``` ```
In a cross-region replication scenario (like in the previous example) this module also supports [promoting the secondary instance](https://cloud.google.com/alloydb/docs/cross-region-replication/work-with-cross-region-replication#promote-secondary-cluster) to become a primary instance via the `var.cross_region_replication.promote_secondary` flag. In a cross-region replication scenario (like in the previous example) this module also supports [promoting the secondary instance](https://cloud.google.com/alloydb/docs/cross-region-replication/work-with-cross-region-replication#promote-secondary-cluster) to become a primary instance via the `var.cross_region_replication.promote_secondary` flag.
### Custom flags and users definition ### Custom flags and users definition
@ -137,7 +136,7 @@ module "alloydb" {
} }
} }
# tftest modules=1 resources=2 inventory=cmek.yaml e2e # tftest modules=1 resources=3 fixtures=fixtures/alloydb-kms-iam-grant.tf inventory=cmek.yaml e2e
``` ```
<!-- BEGIN TFDOC --> <!-- BEGIN TFDOC -->
## Variables ## Variables
@ -188,4 +187,8 @@ module "alloydb" {
| [secondary_id](outputs.tf#L68) | Fully qualified primary instance id. | | | [secondary_id](outputs.tf#L68) | Fully qualified primary instance id. | |
| [secondary_ip](outputs.tf#L73) | IP address of the primary instance. | | | [secondary_ip](outputs.tf#L73) | IP address of the primary instance. | |
| [user_passwords](outputs.tf#L78) | Map of containing the password of all users created through terraform. | ✓ | | [user_passwords](outputs.tf#L78) | Map of containing the password of all users created through terraform. | ✓ |
## Fixtures
- [alloydb-kms-iam-grant.tf](../../tests/fixtures/alloydb-kms-iam-grant.tf)
<!-- END TFDOC --> <!-- END TFDOC -->

29
modules/alloydb/main.tf
View File

@ -139,6 +139,12 @@ resource "google_alloydb_cluster" "primary" {
} }
} }
} }
# waiting to fix this issue https://github.com/hashicorp/terraform-provider-google/issues/14944
lifecycle {
ignore_changes = [
display_name
]
}
} }
resource "google_alloydb_instance" "primary" { resource "google_alloydb_instance" "primary" {
@ -194,6 +200,13 @@ resource "google_alloydb_instance" "primary" {
query_plans_per_minute = var.query_insights_config.query_plans_per_minute query_plans_per_minute = var.query_insights_config.query_plans_per_minute
} }
} }
# waiting to fix this issue https://github.com/hashicorp/terraform-provider-google/issues/14944
lifecycle {
ignore_changes = [
network_config
]
}
} }
resource "google_alloydb_cluster" "secondary" { resource "google_alloydb_cluster" "secondary" {
@ -299,13 +312,19 @@ resource "google_alloydb_cluster" "secondary" {
} }
dynamic "secondary_config" { dynamic "secondary_config" {
for_each = var.cross_region_replication.promote_secondary ? [""] : [] for_each = var.cross_region_replication.promote_secondary ? [] : [""]
content { content {
primary_cluster_name = google_alloydb_cluster.primary.id primary_cluster_name = google_alloydb_cluster.primary.id
} }
} }
depends_on = [google_alloydb_instance.primary] depends_on = [google_alloydb_instance.primary]
# waiting to fix this issue https://github.com/hashicorp/terraform-provider-google/issues/14944
lifecycle {
ignore_changes = [
display_name
]
}
} }
resource "google_alloydb_instance" "secondary" { resource "google_alloydb_instance" "secondary" {
@ -362,6 +381,13 @@ resource "google_alloydb_instance" "secondary" {
query_plans_per_minute = var.query_insights_config.query_plans_per_minute query_plans_per_minute = var.query_insights_config.query_plans_per_minute
} }
} }
# waiting to fix this issue https://github.com/hashicorp/terraform-provider-google/issues/14944
lifecycle {
ignore_changes = [
network_config
]
}
} }
resource "random_password" "passwords" { resource "random_password" "passwords" {
@ -381,4 +407,5 @@ resource "google_alloydb_user" "users" {
user_type = each.value.type user_type = each.value.type
password = each.value.password password = each.value.password
database_roles = each.value.roles database_roles = each.value.roles
depends_on = [google_alloydb_instance.primary]
} }

1
tests/examples_e2e/setup_module/main.tf
View File

@ -15,6 +15,7 @@
locals { locals {
prefix = "${var.prefix}-${var.timestamp}${var.suffix}" prefix = "${var.prefix}-${var.timestamp}${var.suffix}"
jit_services = [ jit_services = [
"alloydb.googleapis.com", # no permissions granted by default
"storage.googleapis.com", # no permissions granted by default "storage.googleapis.com", # no permissions granted by default
"sqladmin.googleapis.com", # roles/cloudsql.serviceAgent "sqladmin.googleapis.com", # roles/cloudsql.serviceAgent
] ]

21
tests/fixtures/alloydb-kms-iam-grant.tf vendored Normal file
View File

@ -0,0 +1,21 @@
/**
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
resource "google_kms_crypto_key_iam_member" "alloydb_encrypt_decrypt" {
crypto_key_id = var.kms_key.id
role = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
member = "serviceAccount:service-${var.project_number}@gcp-sa-alloydb.iam.gserviceaccount.com"
}

2
tests/modules/alloydb/examples/cmek.yaml
View File

@ -65,6 +65,6 @@ counts:
google_alloydb_cluster: 1 google_alloydb_cluster: 1
google_alloydb_instance: 1 google_alloydb_instance: 1
modules: 1 modules: 1
resources: 2 resources: 3
outputs: {} outputs: {}

2
tests/modules/alloydb/examples/cross_region_replication.yaml
View File

@ -61,7 +61,7 @@ values:
project: project-id project: project-id
restore_backup_source: [] restore_backup_source: []
restore_continuous_backup_source: [] restore_continuous_backup_source: []
secondary_config: [] secondary_config: [{}]
timeouts: null timeouts: null
module.alloydb.google_alloydb_instance.primary: module.alloydb.google_alloydb_instance.primary:
annotations: null annotations: null

1
tests/modules/alloydb/examples/simple.yaml
View File

@ -152,7 +152,6 @@ values:
role: null role: null
timeouts: null timeouts: null
module.vpc.google_service_networking_connection.psa_connection["servicenetworking.googleapis.com"]: module.vpc.google_service_networking_connection.psa_connection["servicenetworking.googleapis.com"]:
deletion_policy: ABANDON
reserved_peering_ranges: reserved_peering_ranges:
- servicenetworking-googleapis-com-alloydb - servicenetworking-googleapis-com-alloydb
service: servicenetworking.googleapis.com service: servicenetworking.googleapis.com