Update api-gateway tests

modules/api-gateway/README.md

@@ -1,4 +1,4 @@
-# Api Gateway
+# API Gateway
 This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources.
 
 # Examples
@@ -15,46 +15,46 @@ module "gateway" {
   # ...
   EOT
 }
-# tftest modules=1 resources=4
+# tftest modules=1 resources=4 inventory=basic.yaml
 ```
 
-## Basic example + customer service account
+## Use existing service account
 ```hcl
 module "gateway" {
   source                = "./fabric/modules/api-gateway"
   project_id            = "my-project"
   api_id                = "api"
   region                = "europe-west1"
-  spec                  = <<EOT
-  # The OpenAPI spec contents
-  # ...
-  EOT
   service_account_email = "sa@my-project.iam.gserviceaccount.com"
   iam = {
     "roles/apigateway.admin" = ["user:user@example.com"]
   }
+  spec = <<EOT
+  # The OpenAPI spec contents
+  # ...
+  EOT
 }
-# tftest modules=1 resources=7
+# tftest modules=1 resources=7 inventory=existing-sa.yaml
 ```
 
-## Basic example + service account creation
+## Create service account
 ```hcl
 module "gateway" {
   source                 = "./fabric/modules/api-gateway"
   project_id             = "my-project"
   api_id                 = "api"
   region                 = "europe-west1"
-  spec                   = <<EOT
-  # The OpenAPI spec contents
-  # ...
-  EOT
   service_account_create = true
   iam = {
     "roles/apigateway.admin"  = ["user:mirene@google.com"]
     "roles/apigateway.viewer" = ["user:mirene@google.com"]
   }
+  spec = <<EOT
+  # The OpenAPI spec contents
+  # ...
+  EOT
 }
-# tftest modules=1 resources=11
+# tftest modules=1 resources=11 inventory=create-sa.yaml
 ```
 <!-- BEGIN TFDOC -->
 

tests/modules/api_gateway/examples/basic.yaml

@@ -0,0 +1,42 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.gateway.google_api_gateway_api.api:
+    api_id: api
+    display_name: api
+    project: my-project
+  module.gateway.google_api_gateway_api_config.api_config:
+    api: api
+    gateway_config: []
+    grpc_services: []
+    labels: null
+    managed_service_configs: []
+    project: my-project
+  module.gateway.google_api_gateway_gateway.gateway:
+    display_name: gw-api
+    gateway_id: gw-api
+    labels: null
+    project: my-project
+    region: europe-west1
+  module.gateway.google_project_service.service:
+    disable_dependent_services: true
+    disable_on_destroy: true
+    project: my-project
+
+counts:
+  google_api_gateway_api: 1
+  google_api_gateway_api_config: 1
+  google_api_gateway_gateway: 1
+  google_project_service: 1

tests/modules/api_gateway/examples/create-sa.yaml

@@ -0,0 +1,90 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.gateway.google_api_gateway_api.api:
+    api_id: api
+    display_name: api
+    labels: null
+    project: my-project
+  module.gateway.google_api_gateway_api_config.api_config:
+    api: api
+    grpc_services: []
+    labels: null
+    managed_service_configs: []
+    project: my-project
+  module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
+    api: api
+    condition: []
+    members:
+    - user:mirene@google.com
+    project: my-project
+    role: roles/apigateway.admin
+  module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.viewer"]:
+    api: api
+    condition: []
+    members:
+    - user:mirene@google.com
+    project: my-project
+    role: roles/apigateway.viewer
+  module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
+    api: api
+    condition: []
+    members:
+    - user:mirene@google.com
+    project: my-project
+    role: roles/apigateway.admin
+  module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.viewer"]:
+    api: api
+    condition: []
+    members:
+    - user:mirene@google.com
+    project: my-project
+    role: roles/apigateway.viewer
+  module.gateway.google_api_gateway_gateway.gateway:
+    display_name: gw-api
+    gateway_id: gw-api
+    labels: null
+    project: my-project
+    region: europe-west1
+  module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
+    condition: []
+    gateway: gw-api
+    members:
+    - user:mirene@google.com
+    project: my-project
+    region: europe-west1
+    role: roles/apigateway.admin
+  module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.viewer"]:
+    condition: []
+    gateway: gw-api
+    members:
+    - user:mirene@google.com
+    project: my-project
+    region: europe-west1
+    role: roles/apigateway.viewer
+  module.gateway.google_project_service.service: {}
+  module.gateway.google_service_account.service_account[0]:
+    account_id: sa-api-cfg-api
+    project: my-project
+
+counts:
+  google_api_gateway_api: 1
+  google_api_gateway_api_config: 1
+  google_api_gateway_api_config_iam_binding: 2
+  google_api_gateway_api_iam_binding: 2
+  google_api_gateway_gateway: 1
+  google_api_gateway_gateway_iam_binding: 2
+  google_project_service: 1
+  google_service_account: 1

tests/modules/api_gateway/examples/existing-sa.yaml

@@ -0,0 +1,71 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.gateway.google_api_gateway_api.api:
+    api_id: api
+    display_name: api
+    labels: null
+    project: my-project
+  module.gateway.google_api_gateway_api_config.api_config:
+    api: api
+    gateway_config:
+    - backend_config:
+      - google_service_account: sa@my-project.iam.gserviceaccount.com
+    grpc_services: []
+    labels: null
+    managed_service_configs: []
+    project: my-project
+  module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
+    api: api
+    api_config: api-cfg-api-8656c6040d6d9ba18a8b9b5f3955c223
+    condition: []
+    members:
+    - user:user@example.com
+    project: my-project
+    role: roles/apigateway.admin
+  module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
+    api: api
+    condition: []
+    members:
+    - user:user@example.com
+    project: my-project
+    role: roles/apigateway.admin
+  module.gateway.google_api_gateway_gateway.gateway:
+    display_name: gw-api
+    gateway_id: gw-api
+    labels: null
+    project: my-project
+    region: europe-west1
+  module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
+    condition: []
+    gateway: gw-api
+    members:
+    - user:user@example.com
+    project: my-project
+    region: europe-west1
+    role: roles/apigateway.admin
+  module.gateway.google_project_service.service:
+    disable_dependent_services: true
+    disable_on_destroy: true
+    project: my-project
+
+counts:
+  google_api_gateway_api: 1
+  google_api_gateway_api_config: 1
+  google_api_gateway_api_config_iam_binding: 1
+  google_api_gateway_api_iam_binding: 1
+  google_api_gateway_gateway: 1
+  google_api_gateway_gateway_iam_binding: 1
+  google_project_service: 1

tests/modules/api_gateway/fixture/main.tf

@@ -1,26 +0,0 @@
-/**
- * Copyright 2022 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-module "gateway" {
-  source                 = "../../../../modules/api-gateway"
-  api_id                 = var.api_id
-  project_id             = var.project_id
-  labels                 = var.labels
-  iam                    = var.iam
-  region                 = var.region
-  spec                   = var.spec
-  service_account_create = true
-}

tests/modules/api_gateway/fixture/variables.tf

@@ -1,55 +0,0 @@
-/**
- * Copyright 2022 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-variable "api_id" {
-  type    = string
-  default = "my-api"
-}
-
-variable "iam" {
-  type    = map(list(string))
-  default = null
-}
-
-variable "labels" {
-  type    = map(string)
-  default = null
-}
-
-variable "project_id" {
-  type    = string
-  default = "my-project"
-}
-
-variable "region" {
-  type    = string
-  default = "europe-west1"
-}
-
-variable "service_account_create" {
-  type    = bool
-  default = true
-}
-
-variable "service_account_email" {
-  type    = string
-  default = null
-}
-
-variable "spec" {
-  type    = string
-  default = "Spec contents"
-}

tests/modules/api_gateway/test_plan.py

@@ -1,19 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-def test_resource_count(plan_runner):
-  "Test number of resources created."
-  _, resources = plan_runner()
-  assert len(resources) == 5

tests/modules/organization/examples/basic.yaml

@@ -1,4 +1,4 @@
-# Copyright 2022 Google LLC
+# Copyright 2023 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.