Move VPC factory and route tests to examples.

modules/net-vpc/README.md

@@ -314,11 +314,17 @@ module "vpc" {
   name        = "my-network"
   data_folder = "config/subnets"
 }
-# tftest modules=1 resources=2 files=subnets
+# tftest modules=1 resources=3 files=subnet-simple,subnet-detailed inventory=factory.yaml
 ```
 
 ```yaml
-# tftest-file id=subnets path=config/subnets/subnet-name.yaml
+# tftest-file id=subnet-simple path=config/subnets/subnet-simple.yaml
+region: europe-west4
+ip_cidr_range: 10.0.1.0/24
+```
+
+```yaml
+# tftest-file id=subnet-detailed path=config/subnets/subnet-detailed.yaml
 region: europe-west1
 description: Sample description
 ip_cidr_range: 10.0.0.0/24
@@ -337,6 +343,45 @@ flow_logs:                        # enable, set to empty map to use defaults
 ```
 <!-- BEGIN TFDOC -->
 
+### Custom Routes
+
+VPC routes can be configured through the `routes` variable.
+
+```hcl
+locals {
+  route_types = {
+    gateway    = "global/gateways/default-internet-gateway"
+    instance   = "zones/europe-west1-b/test"
+    ip         = "192.168.0.128"
+    ilb        = "regions/europe-west1/forwardingRules/test"
+    vpn_tunnel = "regions/europe-west1/vpnTunnels/foo"
+  }
+}
+module "vpc" {
+  source     = "./fabric/modules/net-vpc"
+  for_each   = local.route_types
+  project_id = "my-project"
+  name       = "my-network-with-route-${replace(each.key, "_", "-")}"
+  routes = {
+    next-hop = {
+      dest_range    = "192.168.128.0/24"
+      tags          = null
+      next_hop_type = each.key
+      next_hop      = each.value
+    }
+    gateway = {
+      dest_range    = "0.0.0.0/0",
+      priority      = 100
+      tags          = ["tag-a"]
+      next_hop_type = "gateway",
+      next_hop      = "global/gateways/default-internet-gateway"
+    }
+  }
+}
+# tftest modules=5 resources=15 inventory=routes.yaml
+```
+
+
 ## Variables
 
 | name | description | type | required | default |

tests/modules/net_vpc/data/factory-subnet.yaml

@@ -1,23 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-region: europe-west1
-description: Sample description
-ip_cidr_range: 10.128.0.0/24
-enable_private_access: false
-iam_users: ["foobar@example.com"]
-iam_groups: ["lorem@example.com"]
-iam_service_accounts: ["foobar@project-id.iam.gserviceaccount.com"]
-secondary_ip_ranges:
-  secondary-range-a: 192.168.128.0/24

tests/modules/net_vpc/data/factory-subnet2.yaml

@@ -1,17 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-region: europe-west4
-description: Sample description
-ip_cidr_range: 10.129.0.0/24

tests/modules/net_vpc/examples/factory.yaml

@@ -0,0 +1,50 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.vpc.google_compute_network.network[0]:
+    name: my-network
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-detailed"]:
+    description: Sample description
+    ip_cidr_range: 10.0.0.0/24
+    log_config:
+    - aggregation_interval: INTERVAL_5_SEC
+      filter_expr: 'true'
+      flow_sampling: 0.5
+      metadata: INCLUDE_ALL_METADATA
+      metadata_fields: null
+    name: subnet-detailed
+    private_ip_google_access: false
+    project: my-project
+    region: europe-west1
+    role: null
+    secondary_ip_range:
+    - ip_cidr_range: 192.168.0.0/24
+      range_name: secondary-range-a
+  module.vpc.google_compute_subnetwork.subnetwork["europe-west4/subnet-simple"]:
+    description: Terraform-managed.
+    ip_cidr_range: 10.0.1.0/24
+    log_config: []
+    name: subnet-simple
+    private_ip_google_access: true
+    project: my-project
+    region: europe-west4
+    role: null
+    secondary_ip_range: []
+
+counts:
+  google_compute_network: 1
+  google_compute_subnetwork: 2

tests/modules/net_vpc/examples/routes.yaml

@@ -0,0 +1,146 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.vpc["gateway"].google_compute_network.network[0]:
+    name: my-network-with-route-gateway
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc["gateway"].google_compute_route.gateway["gateway"]:
+    dest_range: 0.0.0.0/0
+    name: my-network-with-route-gateway-gateway
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: my-project
+    tags:
+    - tag-a
+  module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
+    dest_range: 192.168.128.0/24
+    name: my-network-with-route-gateway-next-hop
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 1000
+    project: my-project
+    tags: null
+  module.vpc["ilb"].google_compute_network.network[0]:
+    name: my-network-with-route-ilb
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc["ilb"].google_compute_route.gateway["gateway"]:
+    dest_range: 0.0.0.0/0
+    name: my-network-with-route-ilb-gateway
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: my-project
+    tags:
+    - tag-a
+  module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
+    dest_range: 192.168.128.0/24
+    name: my-network-with-route-ilb-next-hop
+    next_hop_gateway: null
+    next_hop_ilb: regions/europe-west1/forwardingRules/test
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 1000
+    project: my-project
+    tags: null
+  module.vpc["instance"].google_compute_network.network[0]:
+    name: my-network-with-route-instance
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc["instance"].google_compute_route.gateway["gateway"]:
+    dest_range: 0.0.0.0/0
+    name: my-network-with-route-instance-gateway
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: my-project
+    tags:
+    - tag-a
+  module.vpc["instance"].google_compute_route.instance["next-hop"]:
+    dest_range: 192.168.128.0/24
+    name: my-network-with-route-instance-next-hop
+    next_hop_gateway: null
+    next_hop_ilb: null
+    next_hop_instance: zones/europe-west1-b/test
+    next_hop_instance_zone: europe-west1-b
+    next_hop_vpn_tunnel: null
+    priority: 1000
+    project: my-project
+    tags: null
+  module.vpc["ip"].google_compute_network.network[0]:
+    name: my-network-with-route-ip
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc["ip"].google_compute_route.gateway["gateway"]:
+    dest_range: 0.0.0.0/0
+    name: my-network-with-route-ip-gateway
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: my-project
+    tags:
+    - tag-a
+  module.vpc["ip"].google_compute_route.ip["next-hop"]:
+    dest_range: 192.168.128.0/24
+    name: my-network-with-route-ip-next-hop
+    next_hop_gateway: null
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_ip: 192.168.0.128
+    next_hop_vpn_tunnel: null
+    priority: 1000
+    project: my-project
+    tags: null
+  module.vpc["vpn_tunnel"].google_compute_network.network[0]:
+    name: my-network-with-route-vpn-tunnel
+    project: my-project
+    routing_mode: GLOBAL
+  module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
+    dest_range: 0.0.0.0/0
+    name: my-network-with-route-vpn-tunnel-gateway
+    next_hop_gateway: global/gateways/default-internet-gateway
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: my-project
+    tags:
+    - tag-a
+  module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
+    dest_range: 192.168.128.0/24
+    name: my-network-with-route-vpn-tunnel-next-hop
+    next_hop_gateway: null
+    next_hop_ilb: null
+    next_hop_instance: null
+    next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo
+    priority: 1000
+    project: my-project
+    tags: null
+
+counts:
+  google_compute_network: 5
+  google_compute_route: 10

tests/modules/net_vpc/factory.tfvars

@@ -1 +0,0 @@
-data_folder = "../../tests/modules/net_vpc/data"

tests/modules/net_vpc/factory.yaml

@@ -1,44 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-values:
-  google_compute_subnetwork.subnetwork["europe-west1/factory-subnet"]:
-    description: 'Sample description'
-    ip_cidr_range: '10.128.0.0/24'
-    ipv6_access_type: null
-    log_config: []
-    name: 'factory-subnet'
-    private_ip_google_access: false
-    project: 'test-project'
-    region: 'europe-west1'
-    role: null
-    secondary_ip_range:
-      - ip_cidr_range: '192.168.128.0/24'
-        range_name: 'secondary-range-a'
-  google_compute_subnetwork.subnetwork["europe-west4/factory-subnet2"]:
-    description: 'Sample description'
-    ip_cidr_range: '10.129.0.0/24'
-    log_config: []
-    name: 'factory-subnet2'
-    private_ip_google_access: true
-    project: 'test-project'
-    region: 'europe-west4'
-    role: null
-    secondary_ip_range: []
-
-  # FIXME: should we have some bindings here?
-
-counts:
-  google_compute_network: 1
-  google_compute_subnetwork: 2

tests/modules/net_vpc/test_routes.py

@@ -1,47 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import pytest
-
-_route_parameters = [('gateway', 'global/gateways/default-internet-gateway'),
-                     ('instance', 'zones/europe-west1-b/test'),
-                     ('ip', '192.168.0.128'),
-                     ('ilb', 'regions/europe-west1/forwardingRules/test'),
-                     ('vpn_tunnel', 'regions/europe-west1/vpnTunnels/foo')]
-
-
-@pytest.mark.parametrize('next_hop_type,next_hop', _route_parameters)
-def test_vpc_routes(plan_summary, next_hop_type, next_hop):
-  'Test vpc routes.'
-
-  var_routes = '''{
-    next-hop = {
-      dest_range    = "192.168.128.0/24"
-      tags          = null
-      next_hop_type = "%s"
-      next_hop      = "%s"
-    }
-    gateway = {
-      dest_range    = "0.0.0.0/0",
-      priority      = 100
-      tags          = ["tag-a"]
-      next_hop_type = "gateway",
-      next_hop      = "global/gateways/default-internet-gateway"
-    }
-  }''' % (next_hop_type, next_hop)
-  summary = plan_summary('modules/net-vpc', tf_var_files=['common.tfvars'],
-                         routes=var_routes)
-  assert len(summary.values) == 3
-  route = summary.values[f'google_compute_route.{next_hop_type}["next-hop"]']
-  assert route[f'next_hop_{next_hop_type}'] == next_hop

tests/modules/net_vpc/tftest.yaml

@@ -18,7 +18,6 @@ common_tfvars:
 
 tests:
   shared_vpc:
-  factory:
   psa_routes_export:
   psa_routes_import:
   psa_routes_import_export: