add tests and update readme for apigee psc peering

modules/apigee/README.md

@@ -13,7 +13,8 @@ This module simplifies the creation of a Apigee resources (organization, environ
   - [All resources (HYBRID control plane)](#all-resources-hybrid-control-plane)
   - [New environment group](#new-environment-group)
   - [New environment](#new-environment)
-  - [New instance](#new-instance)
+  - [New instance (VPC Peering Provisioning Mode)](#new-instance-vpc-peering-provisioning-mode)
+  - [New instance (Non VPC Peering Provisioning Mode)](#new-instance-non-vpc-peering-provisioning-mode)
   - [New endpoint attachment](#new-endpoint-attachment)
   - [Apigee add-ons](#apigee-add-ons)
 - [Variables](#variables)
@@ -242,7 +243,7 @@ module "apigee" {
 # tftest modules=1 resources=1
 ```
 
-### New instance
+### New instance (VPC Peering Provisioning Mode)
 
 ```hcl
 module "apigee" {
@@ -258,6 +259,28 @@ module "apigee" {
 # tftest modules=1 resources=1
 ```
 
+### New instance (Non VPC Peering Provisioning Mode)
+
+```hcl
+module "apigee" {
+  source     = "./fabric/modules/apigee"
+  project_id = "my-project"
+  organization = {
+    display_name            = "My Organization"
+    description             = "My Organization"
+    runtime_type            = "CLOUD"
+    billing_type            = "Pay-as-you-go"
+    database_encryption_key = "123456789"
+    analytics_region        = "europe-west1"
+    disable_vpc_peering     = true
+  }
+  instances = {
+    europe-west1 = {}
+  }
+}
+# tftest modules=1 resources=2
+```
+
 ### New endpoint attachment
 
 Endpoint attachments allow to implement [Apigee southbound network patterns](https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#create-the-psc-attachments).

tests/modules/apigee/all_psc_mode.tfvars

@@ -0,0 +1,45 @@
+project_id = "my-project"
+organization = {
+  display_name            = "My Organization"
+  description             = "My Organization"
+  runtime_type            = "CLOUD"
+  billing_type            = "Pay-as-you-go"
+  database_encryption_key = "123456789"
+  analytics_region        = "europe-west1"
+  disable_vpc_peering     = true
+}
+envgroups = {
+  test = ["test.example.com"]
+  prod = ["prod.example.com"]
+}
+environments = {
+  apis-test = {
+    display_name = "APIs test"
+    description  = "APIs Test"
+    envgroups    = ["test"]
+    regions      = ["europe-west1"]
+  }
+  apis-prod = {
+    display_name = "APIs prod"
+    description  = "APIs prod"
+    envgroups    = ["prod"]
+    regions      = ["europe-west3"]
+    iam = {
+      "roles/viewer" = ["group:devops@myorg.com"]
+    }
+  }
+}
+instances = {
+  europe-west1 = {}
+  europe-west3 = {}
+}
+endpoint_attachments = {
+  endpoint-backend-1 = {
+    region             = "europe-west1"
+    service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+  }
+  endpoint-backend-2 = {
+    region             = "europe-west1"
+    service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
+  }
+}

tests/modules/apigee/all_psc_mode.yaml

@@ -0,0 +1,82 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  google_apigee_endpoint_attachment.endpoint_attachments["endpoint-backend-1"]:
+    endpoint_attachment_id: endpoint-backend-1
+    location: europe-west1
+    service_attachment: projects/my-project-1/serviceAttachments/gkebackend1
+  google_apigee_endpoint_attachment.endpoint_attachments["endpoint-backend-2"]:
+    endpoint_attachment_id: endpoint-backend-2
+    location: europe-west1
+    service_attachment: projects/my-project-2/serviceAttachments/gkebackend2
+  google_apigee_envgroup.envgroups["prod"]:
+    hostnames:
+    - prod.example.com
+    name: prod
+  google_apigee_envgroup.envgroups["test"]:
+    hostnames:
+    - test.example.com
+    name: test
+  google_apigee_envgroup_attachment.envgroup_attachments["apis-prod-prod"]:
+    environment: apis-prod
+  google_apigee_envgroup_attachment.envgroup_attachments["apis-test-test"]:
+    environment: apis-test
+  google_apigee_environment.environments["apis-prod"]:
+    description: APIs prod
+    display_name: APIs prod
+    name: apis-prod
+  google_apigee_environment.environments["apis-test"]:
+    description: APIs Test
+    display_name: APIs test
+    name: apis-test
+  google_apigee_environment_iam_binding.binding["apis-prod-roles/viewer"]:
+    condition: []
+    env_id: apis-prod
+    members:
+    - group:devops@myorg.com
+    role: roles/viewer
+  google_apigee_instance.instances["europe-west3"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    location: europe-west3
+    name: instance-europe-west3
+  google_apigee_instance.instances["europe-west1"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    location: europe-west1
+    name: instance-europe-west1
+  google_apigee_organization.organization[0]:
+    analytics_region: europe-west1
+    authorized_network: null
+    billing_type: Pay-as-you-go
+    description: null
+    display_name: null
+    project_id: my-project
+    retention: DELETION_RETENTION_UNSPECIFIED
+    runtime_database_encryption_key_name: '123456789'
+    runtime_type: CLOUD
+    disable_vpc_peering: true
+
+counts:
+  google_apigee_endpoint_attachment: 2
+  google_apigee_envgroup: 2
+  google_apigee_envgroup_attachment: 2
+  google_apigee_environment: 2
+  google_apigee_environment_iam_binding: 1
+  google_apigee_instance: 2
+  google_apigee_instance_attachment: 2
+  google_apigee_organization: 1

tests/modules/apigee/all_vpc_mode.tfvars

@@ -7,6 +7,7 @@ organization = {
   billing_type            = "Pay-as-you-go"
   database_encryption_key = "123456789"
   analytics_region        = "europe-west1"
+  disable_vpc_peering     = false
 }
 envgroups = {
   test = ["test.example.com"]
@@ -48,4 +49,4 @@ endpoint_attachments = {
     region             = "europe-west1"
     service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
   }
-}
+}

tests/modules/apigee/all_vpc_mode.yaml

@@ -12,6 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+
 values:
   google_apigee_endpoint_attachment.endpoint_attachments["endpoint-backend-1"]:
     endpoint_attachment_id: endpoint-backend-1
@@ -71,6 +72,7 @@ values:
     retention: DELETION_RETENTION_UNSPECIFIED
     runtime_database_encryption_key_name: '123456789'
     runtime_type: CLOUD
+    disable_vpc_peering: false
 
 counts:
   google_apigee_endpoint_attachment: 2
@@ -80,4 +82,4 @@ counts:
   google_apigee_environment_iam_binding: 1
   google_apigee_instance: 2
   google_apigee_instance_attachment: 2
-  google_apigee_organization: 1
+  google_apigee_organization: 1

tests/modules/apigee/instance_only_psc_mode.tfvars

@@ -0,0 +1,13 @@
+project_id = "my-project"
+organization = {
+  display_name            = "My Organization"
+  description             = "My Organization"
+  runtime_type            = "CLOUD"
+  billing_type            = "Pay-as-you-go"
+  database_encryption_key = "123456789"
+  analytics_region        = "europe-west1"
+  disable_vpc_peering     = true
+}
+instances = {
+  europe-west1 = {}
+}

tests/modules/apigee/instance_only_psc_mode.yaml

@@ -0,0 +1,35 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  google_apigee_instance.instances["europe-west1"]:
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
+    location: europe-west1
+    name: instance-europe-west1
+  google_apigee_organization.organization[0]:
+    analytics_region: europe-west1
+    billing_type: Pay-as-you-go
+    description: null
+    display_name: null
+    project_id: my-project
+    retention: DELETION_RETENTION_UNSPECIFIED
+    runtime_database_encryption_key_name: '123456789'
+    runtime_type: CLOUD
+    disable_vpc_peering: true
+
+counts:
+  google_apigee_instance: 1
+  google_apigee_organization: 1

tests/modules/apigee/instance_only_vpc_mode.tfvars

@@ -2,6 +2,6 @@ project_id = "my-project"
 instances = {
   europe-west1 = {
     runtime_ip_cidr_range         = "10.0.4.0/22"
-    troubleshooting_ip_cidr_range = "10.1.1.0.0/28"
+    troubleshooting_ip_cidr_range = "10.1.1.0/28"
   }
-}
+}

tests/modules/apigee/instance_only_vpc_mode.yaml

@@ -14,7 +14,10 @@
 
 values:
   google_apigee_instance.instances["europe-west1"]:
-    ip_range: 10.0.4.0/22,10.1.1.0.0/28
+    ip_range: 10.0.4.0/22,10.1.1.0/28
+    description: Terraform-managed
+    disk_encryption_key_name: null
+    display_name: null
     location: europe-west1
     name: "instance-europe-west1"
     org_id: organizations/my-project

tests/modules/apigee/organization_only_psc_mode.tfvars

@@ -0,0 +1,10 @@
+project_id = "my-project"
+organization = {
+  display_name            = "My Organization"
+  description             = "My Organization"
+  runtime_type            = "CLOUD"
+  billing_type            = "PAYG"
+  database_encryption_key = "123456789"
+  analytics_region        = "europe-west1"
+  disable_vpc_peering     = true
+}

tests/modules/apigee/organization_only_psc_mode.yaml

@@ -0,0 +1,29 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  google_apigee_organization.organization[0]:
+    analytics_region: europe-west1
+    authorized_network: null
+    billing_type: PAYG
+    description: null
+    display_name: null
+    project_id: my-project
+    retention: DELETION_RETENTION_UNSPECIFIED
+    runtime_database_encryption_key_name: '123456789'
+    runtime_type: CLOUD
+    disable_vpc_peering: true
+
+counts:
+  google_apigee_organization: 1

tests/modules/apigee/tftest.yaml

@@ -15,13 +15,16 @@
 module: modules/apigee
 
 tests:
-  all:
+  all_psc_mode:
+  all_vpc_mode:
   endpoint_attachment_only:
   env_only:
   env_only_with_api_proxy_type:
   env_only_with_deployment_type:
   envgroup_only:
-  instance_only:
+  instance_only_psc_mode:
+  instance_only_vpc_mode:
   no_instances:
-  organization_only:
+  organization_only_psc_mode:
+  organization_only_vpc_mode:
   organization_retention: