net-address: Added support for PSA ranges

2021-12-16 17:47:25 +01:00 · 2021-12-16 17:47:25 +01:00 · eeaca4023d
parent 6a42929df3
commit eeaca4023d
7 changed files with 75 additions and 1 deletions
--- a/modules/net-address/README.md
+++ b/modules/net-address/README.md
@ -47,6 +47,23 @@ module "addresses" {
 # tftest:modules=1:resources=2
 ```

+### PSA addresses
+
+```hcl
+module "addresses" {
+  source     = "./modules/net-address"
+  project_id = var.project_id
+  psa_addresses = {
+    cloudsql-mysql = {
+      address       = "10.10.10.0"
+      network       = var.vpc.self_link
+      prefix_length = 24
+    }
+  }
+}
+# tftest:modules=1:resources=1
+```
+
 ### PSC addresses

 ```hcl
@ -77,6 +94,7 @@ module "addresses" {
 | *global_addresses* | List of global addresses to create. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
 | *internal_addresses* | Map of internal addresses to create, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;region     &#61; string&#10;subnetwork &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
 | *internal_addresses_config* | Optional configuration for internal addresses, keyed by name. Unused options can be set to null. | <code title="map&#40;object&#40;&#123;&#10;address &#61; string&#10;purpose &#61; string&#10;tier    &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
+| *psa_addresses* | Map of internal addresses used for Private Service Access. | <code title="map&#40;object&#40;&#123;&#10;address       &#61; string&#10;network       &#61; string&#10;prefix_length &#61; number&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
 | *psc_addresses* | Map of internal addresses used for Private Service Connect. | <code title="map&#40;object&#40;&#123;&#10;address &#61; string&#10;network &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |

 ## Outputs
@ -86,5 +104,6 @@ module "addresses" {
 | external_addresses | Allocated external addresses. |  |
 | global_addresses | Allocated global external addresses. |  |
 | internal_addresses | Allocated internal addresses. |  |
+| psa_addresses | Allocated internal addresses for PSC endpoints. |  |
 | psc_addresses | Allocated internal addresses for PSC endpoints. |  |
 <!-- END TFDOC -->
--- a/modules/net-address/main.tf
+++ b/modules/net-address/main.tf
@ -50,9 +50,22 @@ resource "google_compute_global_address" "psc" {
  project      = var.project_id
  name         = each.key
  description  = "Terraform managed."
+  address      = try(each.value.address, null)
  address_type = "INTERNAL"
  network      = each.value.network
-  address      = try(each.value.address, null)
  purpose      = "PRIVATE_SERVICE_CONNECT"
  # labels       = lookup(var.internal_address_labels, each.key, {})
 }
+
+resource "google_compute_global_address" "psa" {
+  for_each      = var.psa_addresses
+  project       = var.project_id
+  name          = each.key
+  description   = "Terraform managed."
+  address       = each.value.address
+  address_type  = "INTERNAL"
+  network       = each.value.network
+  prefix_length = each.value.prefix_length
+  purpose       = "VPC_PEERING"
+  # labels       = lookup(var.internal_address_labels, each.key, {})
+}
--- a/modules/net-address/outputs.tf
+++ b/modules/net-address/outputs.tf
@ -47,6 +47,18 @@ output "internal_addresses" {
  }
 }

+output "psa_addresses" {
+  description = "Allocated internal addresses for PSC endpoints."
+  value = {
+    for address in google_compute_global_address.psa :
+    address.name => {
+      address       = address.address
+      prefix_length = address.prefix_length
+      self_link     = address.self_link
+    }
+  }
+}
+
 output "psc_addresses" {
  description = "Allocated internal addresses for PSC endpoints."
  value = {
--- a/modules/net-address/variables.tf
+++ b/modules/net-address/variables.tf
@ -62,6 +62,16 @@ variable "project_id" {
  type        = string
 }

+variable "psa_addresses" {
+  description = "Map of internal addresses used for Private Service Access."
+  type = map(object({
+    address       = string
+    network       = string
+    prefix_length = number
+  }))
+  default = {}
+}
+
 variable "psc_addresses" {
  description = "Map of internal addresses used for Private Service Connect."
  type = map(object({
--- a/tests/modules/net_address/fixture/main.tf
+++ b/tests/modules/net_address/fixture/main.tf
@ -20,5 +20,6 @@ module "test" {
  global_addresses          = var.global_addresses
  internal_addresses        = var.internal_addresses
  internal_addresses_config = var.internal_addresses_config
+  psa_addresses             = var.psa_addresses
  project_id                = var.project_id
 }
--- a/tests/modules/net_address/fixture/variables.tf
+++ b/tests/modules/net_address/fixture/variables.tf
@ -45,3 +45,12 @@ variable "project_id" {
  type    = string
  default = "my-project"
 }
+
+variable "psa_addresses" {
+  type = map(object({
+    address       = string
+    network       = string
+    prefix_length = number
+  }))
+  default = {}
+}
--- a/tests/modules/net_address/test_plan.py
+++ b/tests/modules/net_address/test_plan.py
@ -68,3 +68,13 @@ def test_internal_addresses_config(plan_runner):
          for r in resources] == ['10.0.0.2', None]
  assert [r['values'].get('purpose')
          for r in resources] == ['SHARED_LOADBALANCER_VIP', None]
+
+
+def test_psa_config(plan_runner):
+  psa_addresses = '{cloudsql-mysql={address="10.199.0.0", network="foobar", prefix_length = 24}}'
+  _, resources = plan_runner(FIXTURES_DIR,
+                             psa_addresses=psa_addresses)
+  assert set(r['values']['purpose']
+             for r in resources) == set(['VPC_PEERING'])
+  assert set(r['values']['address']
+             for r in resources) == set(['10.199.0.0'])