zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update api-gateway tests

This commit is contained in:
Julio Castillo 2023-01-04 09:52:06 +01:00
parent c1d3736b06
commit de704110c9
8 changed files with 218 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/api-gateway/README.md
View File

@ -1,4 +1,4 @@
# Api Gateway # API Gateway
This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources. This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources.
# Examples # Examples
@ -15,46 +15,46 @@ module "gateway" {
# ... # ...
EOT EOT
} }
# tftest modules=1 resources=4 # tftest modules=1 resources=4 inventory=basic.yaml
``` ```
## Basic example + customer service account ## Use existing service account
```hcl ```hcl
module "gateway" { module "gateway" {
source = "./fabric/modules/api-gateway" source = "./fabric/modules/api-gateway"
project_id = "my-project" project_id = "my-project"
api_id = "api" api_id = "api"
region = "europe-west1" region = "europe-west1"
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
service_account_email = "sa@my-project.iam.gserviceaccount.com" service_account_email = "sa@my-project.iam.gserviceaccount.com"
iam = { iam = {
"roles/apigateway.admin" = ["user:user@example.com"] "roles/apigateway.admin" = ["user:user@example.com"]
} }
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
} }
# tftest modules=1 resources=7 # tftest modules=1 resources=7 inventory=existing-sa.yaml
``` ```
## Basic example + service account creation ## Create service account
```hcl ```hcl
module "gateway" { module "gateway" {
source = "./fabric/modules/api-gateway" source = "./fabric/modules/api-gateway"
project_id = "my-project" project_id = "my-project"
api_id = "api" api_id = "api"
region = "europe-west1" region = "europe-west1"
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
service_account_create = true service_account_create = true
iam = { iam = {
"roles/apigateway.admin" = ["user:mirene@google.com"] "roles/apigateway.admin" = ["user:mirene@google.com"]
"roles/apigateway.viewer" = ["user:mirene@google.com"] "roles/apigateway.viewer" = ["user:mirene@google.com"]
} }
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
} }
# tftest modules=1 resources=11 # tftest modules=1 resources=11 inventory=create-sa.yaml
``` ```
<!-- BEGIN TFDOC --> <!-- BEGIN TFDOC -->

42
tests/modules/api_gateway/examples/basic.yaml Normal file
View File

@ -0,0 +1,42 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.gateway.google_api_gateway_api.api:
api_id: api
display_name: api
project: my-project
module.gateway.google_api_gateway_api_config.api_config:
api: api
gateway_config: []
grpc_services: []
labels: null
managed_service_configs: []
project: my-project
module.gateway.google_api_gateway_gateway.gateway:
display_name: gw-api
gateway_id: gw-api
labels: null
project: my-project
region: europe-west1
module.gateway.google_project_service.service:
disable_dependent_services: true
disable_on_destroy: true
project: my-project
counts:
google_api_gateway_api: 1
google_api_gateway_api_config: 1
google_api_gateway_gateway: 1
google_project_service: 1

90
tests/modules/api_gateway/examples/create-sa.yaml Normal file
View File

@ -0,0 +1,90 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.gateway.google_api_gateway_api.api:
api_id: api
display_name: api
labels: null
project: my-project
module.gateway.google_api_gateway_api_config.api_config:
api: api
grpc_services: []
labels: null
managed_service_configs: []
project: my-project
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
api: api
condition: []
members:
- user:mirene@google.com
project: my-project
role: roles/apigateway.admin
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.viewer"]:
api: api
condition: []
members:
- user:mirene@google.com
project: my-project
role: roles/apigateway.viewer
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
api: api
condition: []
members:
- user:mirene@google.com
project: my-project
role: roles/apigateway.admin
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.viewer"]:
api: api
condition: []
members:
- user:mirene@google.com
project: my-project
role: roles/apigateway.viewer
module.gateway.google_api_gateway_gateway.gateway:
display_name: gw-api
gateway_id: gw-api
labels: null
project: my-project
region: europe-west1
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
condition: []
gateway: gw-api
members:
- user:mirene@google.com
project: my-project
region: europe-west1
role: roles/apigateway.admin
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.viewer"]:
condition: []
gateway: gw-api
members:
- user:mirene@google.com
project: my-project
region: europe-west1
role: roles/apigateway.viewer
module.gateway.google_project_service.service: {}
module.gateway.google_service_account.service_account[0]:
account_id: sa-api-cfg-api
project: my-project
counts:
google_api_gateway_api: 1
google_api_gateway_api_config: 1
google_api_gateway_api_config_iam_binding: 2
google_api_gateway_api_iam_binding: 2
google_api_gateway_gateway: 1
google_api_gateway_gateway_iam_binding: 2
google_project_service: 1
google_service_account: 1

71
tests/modules/api_gateway/examples/existing-sa.yaml Normal file
View File

@ -0,0 +1,71 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.gateway.google_api_gateway_api.api:
api_id: api
display_name: api
labels: null
project: my-project
module.gateway.google_api_gateway_api_config.api_config:
api: api
gateway_config:
- backend_config:
- google_service_account: sa@my-project.iam.gserviceaccount.com
grpc_services: []
labels: null
managed_service_configs: []
project: my-project
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
api: api
api_config: api-cfg-api-8656c6040d6d9ba18a8b9b5f3955c223
condition: []
members:
- user:user@example.com
project: my-project
role: roles/apigateway.admin
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
api: api
condition: []
members:
- user:user@example.com
project: my-project
role: roles/apigateway.admin
module.gateway.google_api_gateway_gateway.gateway:
display_name: gw-api
gateway_id: gw-api
labels: null
project: my-project
region: europe-west1
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
condition: []
gateway: gw-api
members:
- user:user@example.com
project: my-project
region: europe-west1
role: roles/apigateway.admin
module.gateway.google_project_service.service:
disable_dependent_services: true
disable_on_destroy: true
project: my-project
counts:
google_api_gateway_api: 1
google_api_gateway_api_config: 1
google_api_gateway_api_config_iam_binding: 1
google_api_gateway_api_iam_binding: 1
google_api_gateway_gateway: 1
google_api_gateway_gateway_iam_binding: 1
google_project_service: 1

26
tests/modules/api_gateway/fixture/main.tf
View File

@ -1,26 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "gateway" {
source = "../../../../modules/api-gateway"
api_id = var.api_id
project_id = var.project_id
labels = var.labels
iam = var.iam
region = var.region
spec = var.spec
service_account_create = true
}

55
tests/modules/api_gateway/fixture/variables.tf
View File

@ -1,55 +0,0 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "api_id" {
type = string
default = "my-api"
}
variable "iam" {
type = map(list(string))
default = null
}
variable "labels" {
type = map(string)
default = null
}
variable "project_id" {
type = string
default = "my-project"
}
variable "region" {
type = string
default = "europe-west1"
}
variable "service_account_create" {
type = bool
default = true
}
variable "service_account_email" {
type = string
default = null
}
variable "spec" {
type = string
default = "Spec contents"
}

19
tests/modules/api_gateway/test_plan.py
View File

@ -1,19 +0,0 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
def test_resource_count(plan_runner):
"Test number of resources created."
_, resources = plan_runner()
assert len(resources) == 5

2
tests/modules/organization/examples/basic.yaml
View File

@ -1,4 +1,4 @@
# Copyright 2022 Google LLC # Copyright 2023 Google LLC
# #
# Licensed under the Apache License, Version 2.0 (the "License"); # Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License. # you may not use this file except in compliance with the License.