diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 18a42f59..d34ad2d9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -754,7 +754,7 @@ def test_name(plan_summary, tfvars_to_yaml, tmp_path): assert s.values[address]['project'] == 'my-project' ``` -For more examples on how to write python tests, the tests for [`organization`](./tests/modules/organization/test_plan_org_policies.py) and [`net-vpc`](./tests/modules/net_vpc/test_routes.py) modules. +For more examples on how to write python tests, check the tests for the [`organization`](./tests/modules/organization/test_plan_org_policies.py) module. #### Testing documentation examples diff --git a/modules/api-gateway/README.md b/modules/api-gateway/README.md index 0b5fc928..d3c16d38 100644 --- a/modules/api-gateway/README.md +++ b/modules/api-gateway/README.md @@ -1,4 +1,4 @@ -# Api Gateway +# API Gateway This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources. # Examples @@ -15,46 +15,46 @@ module "gateway" { # ... EOT } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=basic.yaml ``` -## Basic example + customer service account +## Use existing service account ```hcl module "gateway" { source = "./fabric/modules/api-gateway" project_id = "my-project" api_id = "api" region = "europe-west1" - spec = < diff --git a/modules/dns/README.md b/modules/dns/README.md index 9e461f0e..a405ff75 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -21,7 +21,7 @@ module "private-dns" { "A myhost" = { ttl = 600, records = ["10.0.0.120"] } } } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=private-zone.yaml ``` ### Forwarding Zone @@ -36,7 +36,7 @@ module "private-dns" { client_networks = [var.vpc.self_link] forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=forwarding-zone.yaml ``` ### Peering Zone @@ -47,11 +47,12 @@ module "private-dns" { project_id = "myproject" type = "peering" name = "test-example" - domain = "test.example." + domain = "." + description = "Forwarding zone for ." client_networks = [var.vpc.self_link] peer_network = var.vpc2.self_link } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=peering-zone.yaml ``` ### Routing Policies @@ -84,7 +85,7 @@ module "private-dns" { } } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=routing-policies.yaml ``` ### Reverse Lookup Zone @@ -98,7 +99,23 @@ module "private-dns" { domain = "0.0.10.in-addr.arpa." client_networks = [var.vpc.self_link] } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=reverse-zone.yaml +``` + +### Public Zone + +```hcl +module "public-dns" { + source = "./fabric/modules/dns" + project_id = "myproject" + type = "public" + name = "example" + domain = "example.com." + recordsets = { + "A myhost" = { ttl = 300, records = ["127.0.0.1"] } + } +} +# tftest modules=1 resources=3 inventory=public-zone.yaml ``` diff --git a/modules/dns/main.tf b/modules/dns/main.tf index ca30c7d0..edf342ef 100644 --- a/modules/dns/main.tf +++ b/modules/dns/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 439b4522..07c5a6d7 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -8,50 +8,46 @@ module "bucket" { project_id = "myproject" prefix = "test" name = "my-bucket" + versioning = true iam = { "roles/storage.admin" = ["group:storage@example.com"] } + labels = { + cost-center = "devops" + } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=simple.yaml ``` ### Example with Cloud KMS ```hcl module "bucket" { - source = "./fabric/modules/gcs" - project_id = "myproject" - prefix = "test" - name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } + source = "./fabric/modules/gcs" + project_id = "myproject" + name = "my-bucket" encryption_key = "my-encryption-key" } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=cmek.yaml ``` -### Example with retention policy +### Example with retention policy and logging ```hcl module "bucket" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } retention_policy = { retention_period = 100 is_locked = true } logging_config = { - log_bucket = var.bucket + log_bucket = "log-bucket" log_object_prefix = null } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=retention-logging.yaml ``` ### Example with lifecycle rule @@ -60,11 +56,7 @@ module "bucket" { module "bucket" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" - iam = { - "roles/storage.admin" = ["group:storage@example.com"] - } lifecycle_rules = { lr-0 = { action = { @@ -77,7 +69,7 @@ module "bucket" { } } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=lifecycle.yaml ``` ### Minimal example with GCS notifications @@ -86,7 +78,6 @@ module "bucket" { module "bucket-gcs-notification" { source = "./fabric/modules/gcs" project_id = "myproject" - prefix = "test" name = "my-bucket" notification_config = { enabled = true @@ -97,7 +88,7 @@ module "bucket-gcs-notification" { custom_attributes = {} } } -# tftest modules=1 resources=4 +# tftest modules=1 resources=4 inventory=notification.yaml ``` diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index caf1fec9..0ba75cd6 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -33,7 +33,7 @@ module "cluster-1" { environment = "dev" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=basic.yaml ``` ### GKE Cluster with Dataplane V2 enabled @@ -42,7 +42,7 @@ module "cluster-1" { module "cluster-1" { source = "./fabric/modules/gke-cluster" project_id = "myproject" - name = "cluster-1" + name = "cluster-dataplane-v2" location = "europe-west1-b" vpc_config = { network = var.vpc.self_link @@ -68,8 +68,36 @@ module "cluster-1" { environment = "dev" } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=dataplane-v2.yaml ``` +### Autopilot Cluster + +```hcl +module "cluster-autopilot" { + source = "./fabric/modules/gke-cluster" + project_id = "myproject" + name = "cluster-autopilot" + location = "europe-west1-b" + vpc_config = { + network = var.vpc.self_link + subnetwork = var.subnet.self_link + secondary_range_names = { + pods = "pods" + services = "services" + } + master_authorized_ranges = { + internal-vms = "10.0.0.0/8" + } + master_ipv4_cidr_block = "192.168.0.0/28" + } + enable_features = { + autopilot = true + } +} +# tftest modules=1 resources=1 inventory=autopilot.yaml +``` + + ## Variables diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index 50e9d08c..2f632c9c 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -16,7 +16,7 @@ module "cluster-1-nodepool-1" { location = "europe-west1-b" name = "nodepool-1" } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=basic.yaml ``` ### Internally managed service account @@ -27,22 +27,11 @@ If you create a new service account, its resource and email (in both plain and I #### GCE default service account -To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`. - -```hcl -module "cluster-1-nodepool-1" { - source = "./fabric/modules/gke-nodepool" - project_id = "myproject" - cluster_name = "cluster-1" - location = "europe-west1-b" - name = "nodepool-1" -} -# tftest modules=1 resources=1 -``` +To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`. This is what the first example of this document does. #### Externally defined service account -To use an existing service account, pass in just the `email` attribute. +To use an existing service account, pass in just the `email` attribute. If you do this, will most likely want to use the `cloud-platform` scope. ```hcl module "cluster-1-nodepool-1" { @@ -52,10 +41,11 @@ module "cluster-1-nodepool-1" { location = "europe-west1-b" name = "nodepool-1" service_account = { - email = "foo-bar@myproject.iam.gserviceaccount.com" + email = "foo-bar@myproject.iam.gserviceaccount.com" + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] } } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=external-sa.yaml ``` #### Auto-created service account @@ -70,12 +60,48 @@ module "cluster-1-nodepool-1" { location = "europe-west1-b" name = "nodepool-1" service_account = { - create = true - # optional - email = "spam-eggs" + create = true + email = "spam-eggs" # optional + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=create-sa.yaml +``` +### Node & node pool configuration + +```hcl +module "cluster-1-nodepool-1" { + source = "./fabric/modules/gke-nodepool" + project_id = "myproject" + cluster_name = "cluster-1" + location = "europe-west1-b" + name = "nodepool-1" + labels = { environment = "dev" } + service_account = { + create = true + email = "nodepool-1" # optional + oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] + } + node_config = { + machine_type = "n2-standard-2" + disk_size_gb = 50 + disk_type = "pd-ssd" + ephemeral_ssd_count = 1 + gvnic = true + spot = true + } + nodepool_config = { + autoscaling = { + max_node_count = 10 + min_node_count = 1 + } + management = { + auto_repair = true + auto_upgrade = false + } + } +} +# tftest modules=1 resources=2 inventory=config.yaml ``` @@ -97,7 +123,7 @@ module "cluster-1-nodepool-1" { | [nodepool_config](variables.tf#L115) | Nodepool-level configuration. | object({…}) | | null | | [pod_range](variables.tf#L137) | Pod secondary range configuration. | object({…}) | | null | | [reservation_affinity](variables.tf#L154) | Configuration of the desired reservation which instances could take capacity from. | object({…}) | | null | -| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | +| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | object({…}) | | {} | | [sole_tenant_nodegroup](variables.tf#L175) | Sole tenant node group. | string | | null | | [tags](variables.tf#L181) | Network tags applied to nodes. | list(string) | | null | | [taints](variables.tf#L187) | Kubernetes taints applied to all nodes. | list(object({…})) | | null | diff --git a/modules/gke-nodepool/variables.tf b/modules/gke-nodepool/variables.tf index e0d3e967..1166c34f 100644 --- a/modules/gke-nodepool/variables.tf +++ b/modules/gke-nodepool/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -165,8 +165,8 @@ variable "service_account" { description = "Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used." type = object({ create = optional(bool, false) - email = optional(string, null) - oauth_scopes = optional(list(string), null) + email = optional(string) + oauth_scopes = optional(list(string)) }) default = {} nullable = false diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 53361009..dbd85502 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -30,7 +30,88 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=simple.yaml +``` + +### Subnet Options +```hcl +module "vpc" { + source = "./fabric/modules/net-vpc" + project_id = "my-project" + name = "my-network" + subnets = [ + # simple subnet + { + name = "simple" + region = "europe-west1" + ip_cidr_range = "10.0.0.0/24" + }, + # custom description and PGA disabled + { + name = "no-pga" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24", + description = "Subnet b" + enable_private_access = false + }, + # secondary ranges + { + name = "with-secondary-ranges" + region = "europe-west1" + ip_cidr_range = "10.0.2.0/24" + secondary_ip_ranges = { + a = "192.168.0.0/24" + b = "192.168.1.0/24" + } + }, + # enable flow logs + { + name = "with-flow-logs" + region = "europe-west1" + ip_cidr_range = "10.0.3.0/24" + flow_logs_config = { + flow_sampling = 0.5 + aggregation_interval = "INTERVAL_10_MIN" + } + } + ] +} +# tftest modules=1 resources=5 inventory=subnet-options.yaml +``` + +### Subnet IAM + +```hcl +module "vpc" { + source = "./fabric/modules/net-vpc" + project_id = "my-project" + name = "my-network" + subnets = [ + { + name = "subnet-1" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24" + }, + { + name = "subnet-2" + region = "europe-west1" + ip_cidr_range = "10.0.1.0/24" + } + ] + subnet_iam = { + "europe-west1/subnet-1" = { + "roles/compute.networkUser" = [ + "user:user1@example.com", "group:group1@example.com" + ] + } + "europe-west1/subnet-2" = { + "roles/compute.networkUser" = [ + "user:user2@example.com", "group:group2@example.com" + ] + } + } +} +# tftest modules=1 resources=5 inventory=subnet-iam.yaml ``` ### Peering @@ -65,7 +146,7 @@ module "vpc-spoke-1" { import_routes = true } } -# tftest modules=2 resources=6 +# tftest modules=2 resources=6 inventory=peering.yaml ``` ### Shared VPC @@ -116,7 +197,7 @@ module "vpc-host" { } } } -# tftest modules=1 resources=7 +# tftest modules=1 resources=7 inventory=shared-vpc.yaml ``` ### Private Service Networking @@ -137,7 +218,7 @@ module "vpc" { ranges = { myrange = "10.0.1.0/24" } } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=psc.yaml ``` ### Private Service Networking with peering routes @@ -162,7 +243,7 @@ module "vpc" { import_routes = true } } -# tftest modules=1 resources=5 +# tftest modules=1 resources=5 inventory=psc-routes.yaml ``` ### Subnets for Private Service Connect, Proxy-only subnets @@ -194,7 +275,7 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=proxy-only-subnets.yaml ``` ### DNS Policies @@ -219,7 +300,7 @@ module "vpc" { } ] } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=dns-policies.yaml ``` ### Subnet Factory @@ -233,11 +314,17 @@ module "vpc" { name = "my-network" data_folder = "config/subnets" } -# tftest modules=1 resources=2 files=subnets +# tftest modules=1 resources=3 files=subnet-simple,subnet-detailed inventory=factory.yaml ``` ```yaml -# tftest-file id=subnets path=config/subnets/subnet-name.yaml +# tftest-file id=subnet-simple path=config/subnets/subnet-simple.yaml +region: europe-west4 +ip_cidr_range: 10.0.1.0/24 +``` + +```yaml +# tftest-file id=subnet-detailed path=config/subnets/subnet-detailed.yaml region: europe-west1 description: Sample description ip_cidr_range: 10.0.0.0/24 @@ -254,7 +341,45 @@ flow_logs: # enable, set to empty map to use defaults metadata: "INCLUDE_ALL_METADATA" filter_expression: null ``` - + +### Custom Routes + +VPC routes can be configured through the `routes` variable. + +```hcl +locals { + route_types = { + gateway = "global/gateways/default-internet-gateway" + instance = "zones/europe-west1-b/test" + ip = "192.168.0.128" + ilb = "regions/europe-west1/forwardingRules/test" + vpn_tunnel = "regions/europe-west1/vpnTunnels/foo" + } +} +module "vpc" { + source = "./fabric/modules/net-vpc" + for_each = local.route_types + project_id = "my-project" + name = "my-network-with-route-${replace(each.key, "_", "-")}" + routes = { + next-hop = { + dest_range = "192.168.128.0/24" + tags = null + next_hop_type = each.key + next_hop = each.value + } + gateway = { + dest_range = "0.0.0.0/0", + priority = 100 + tags = ["tag-a"] + next_hop_type = "gateway", + next_hop = "global/gateways/default-internet-gateway" + } + } +} +# tftest modules=5 resources=15 inventory=routes.yaml +``` + ## Variables diff --git a/modules/net-vpc/main.tf b/modules/net-vpc/main.tf index 7eedc95a..d1505801 100644 --- a/modules/net-vpc/main.tf +++ b/modules/net-vpc/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -109,7 +109,7 @@ resource "google_dns_policy" "default" { ) iterator = ns content { - ipv4_address = ns.key + ipv4_address = ns.value forwarding_path = "private" } } @@ -121,7 +121,7 @@ resource "google_dns_policy" "default" { ) iterator = ns content { - ipv4_address = ns.key + ipv4_address = ns.value } } } diff --git a/tests/examples/conftest.py b/tests/examples/conftest.py index 16863e26..4d3d85ee 100644 --- a/tests/examples/conftest.py +++ b/tests/examples/conftest.py @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ import marko FABRIC_ROOT = Path(__file__).parents[2] -FILE_TEST_RE = re.compile(r'# tftest-file +id=(\w+) +path=([\S]+)') +FILE_TEST_RE = re.compile(r'# tftest-file +id=([\w_.-]+) +path=([\S]+)') Example = collections.namedtuple('Example', 'name code module files') File = collections.namedtuple('File', 'path content') diff --git a/tests/examples/test_plan.py b/tests/examples/test_plan.py index 5f902cbe..261276f7 100644 --- a/tests/examples/test_plan.py +++ b/tests/examples/test_plan.py @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ from pathlib import Path BASE_PATH = Path(__file__).parent COUNT_TEST_RE = re.compile(r'# tftest +modules=(\d+) +resources=(\d+)' + - r'(?: +files=([\w,-.]+))?' + + r'(?: +files=([\w,_-]+))?' + r'(?: +inventory=([\w\-.]+))?') diff --git a/tests/modules/api_gateway/examples/basic.yaml b/tests/modules/api_gateway/examples/basic.yaml new file mode 100644 index 00000000..a17fc3ca --- /dev/null +++ b/tests/modules/api_gateway/examples/basic.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + gateway_config: [] + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_project_service.service: + disable_dependent_services: true + disable_on_destroy: true + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_gateway: 1 + google_project_service: 1 diff --git a/tests/modules/api_gateway/examples/create-sa.yaml b/tests/modules/api_gateway/examples/create-sa.yaml new file mode 100644 index 00000000..2c8d7c76 --- /dev/null +++ b/tests/modules/api_gateway/examples/create-sa.yaml @@ -0,0 +1,90 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + labels: null + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.viewer"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.viewer + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.viewer"]: + api: api + condition: [] + members: + - user:mirene@google.com + project: my-project + role: roles/apigateway.viewer + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]: + condition: [] + gateway: gw-api + members: + - user:mirene@google.com + project: my-project + region: europe-west1 + role: roles/apigateway.admin + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.viewer"]: + condition: [] + gateway: gw-api + members: + - user:mirene@google.com + project: my-project + region: europe-west1 + role: roles/apigateway.viewer + module.gateway.google_project_service.service: {} + module.gateway.google_service_account.service_account[0]: + account_id: sa-api-cfg-api + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_api_config_iam_binding: 2 + google_api_gateway_api_iam_binding: 2 + google_api_gateway_gateway: 1 + google_api_gateway_gateway_iam_binding: 2 + google_project_service: 1 + google_service_account: 1 diff --git a/tests/modules/api_gateway/examples/existing-sa.yaml b/tests/modules/api_gateway/examples/existing-sa.yaml new file mode 100644 index 00000000..f0befa79 --- /dev/null +++ b/tests/modules/api_gateway/examples/existing-sa.yaml @@ -0,0 +1,71 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.gateway.google_api_gateway_api.api: + api_id: api + display_name: api + labels: null + project: my-project + module.gateway.google_api_gateway_api_config.api_config: + api: api + gateway_config: + - backend_config: + - google_service_account: sa@my-project.iam.gserviceaccount.com + grpc_services: [] + labels: null + managed_service_configs: [] + project: my-project + module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]: + api: api + api_config: api-cfg-api-8656c6040d6d9ba18a8b9b5f3955c223 + condition: [] + members: + - user:user@example.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]: + api: api + condition: [] + members: + - user:user@example.com + project: my-project + role: roles/apigateway.admin + module.gateway.google_api_gateway_gateway.gateway: + display_name: gw-api + gateway_id: gw-api + labels: null + project: my-project + region: europe-west1 + module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]: + condition: [] + gateway: gw-api + members: + - user:user@example.com + project: my-project + region: europe-west1 + role: roles/apigateway.admin + module.gateway.google_project_service.service: + disable_dependent_services: true + disable_on_destroy: true + project: my-project + +counts: + google_api_gateway_api: 1 + google_api_gateway_api_config: 1 + google_api_gateway_api_config_iam_binding: 1 + google_api_gateway_api_iam_binding: 1 + google_api_gateway_gateway: 1 + google_api_gateway_gateway_iam_binding: 1 + google_project_service: 1 diff --git a/tests/modules/api_gateway/fixture/main.tf b/tests/modules/api_gateway/fixture/main.tf deleted file mode 100644 index d4cd134f..00000000 --- a/tests/modules/api_gateway/fixture/main.tf +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "gateway" { - source = "../../../../modules/api-gateway" - api_id = var.api_id - project_id = var.project_id - labels = var.labels - iam = var.iam - region = var.region - spec = var.spec - service_account_create = true -} diff --git a/tests/modules/api_gateway/fixture/variables.tf b/tests/modules/api_gateway/fixture/variables.tf deleted file mode 100644 index 977af921..00000000 --- a/tests/modules/api_gateway/fixture/variables.tf +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "api_id" { - type = string - default = "my-api" -} - -variable "iam" { - type = map(list(string)) - default = null -} - -variable "labels" { - type = map(string) - default = null -} - -variable "project_id" { - type = string - default = "my-project" -} - -variable "region" { - type = string - default = "europe-west1" -} - -variable "service_account_create" { - type = bool - default = true -} - -variable "service_account_email" { - type = string - default = null -} - -variable "spec" { - type = string - default = "Spec contents" -} diff --git a/tests/modules/dns/examples/forwarding-zone.yaml b/tests/modules/dns/examples/forwarding-zone.yaml new file mode 100644 index 00000000..4a09114e --- /dev/null +++ b/tests/modules/dns/examples/forwarding-zone.yaml @@ -0,0 +1,34 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + dns_name: test.example. + forwarding_config: + - target_name_servers: + - forwarding_path: '' + ipv4_address: 10.0.1.1 + - forwarding_path: private + ipv4_address: 1.2.3.4 + name: test-example + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private + +counts: + google_dns_managed_zone: 1 + diff --git a/tests/modules/net_vpc/simple.yaml b/tests/modules/dns/examples/peering-zone.yaml similarity index 53% rename from tests/modules/net_vpc/simple.yaml rename to tests/modules/dns/examples/peering-zone.yaml index 004be7ec..9f16adab 100644 --- a/tests/modules/net_vpc/simple.yaml +++ b/tests/modules/dns/examples/peering-zone.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,24 +13,22 @@ # limitations under the License. values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Forwarding zone for . + dns_name: . + forwarding_config: [] + name: test-example + peering_config: + - target_network: + - network_url: projects/xxx/global/networks/ccc + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private counts: - google_compute_network: 1 + google_dns_managed_zone: 1 -outputs: - bindings: {} - project_id: test-project - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} +outputs: {} diff --git a/tests/modules/dns/examples/private-zone.yaml b/tests/modules/dns/examples/private-zone.yaml new file mode 100644 index 00000000..f6426645 --- /dev/null +++ b/tests/modules/dns/examples/private-zone.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Terraform managed. + dns_name: test.example. + force_destroy: false + forwarding_config: [] + name: test-example + peering_config: [] + private_visibility_config: + - gke_clusters: [] + networks: + - network_url: projects/xxx/global/networks/aaa + project: myproject + visibility: private + module.private-dns.google_dns_record_set.cloud-static-records["A localhost"]: + managed_zone: test-example + name: localhost.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 127.0.0.1 + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-static-records["A myhost"]: + managed_zone: test-example + name: myhost.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 10.0.0.120 + ttl: 600 + type: A + +counts: + google_dns_managed_zone: 1 + google_dns_record_set: 2 diff --git a/tests/modules/dns/examples/public-zone.yaml b/tests/modules/dns/examples/public-zone.yaml new file mode 100644 index 00000000..0f8067a7 --- /dev/null +++ b/tests/modules/dns/examples/public-zone.yaml @@ -0,0 +1,38 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.public-dns.google_dns_managed_zone.public[0]: + dns_name: example.com. + name: example + project: myproject + visibility: public + module.public-dns.google_dns_record_set.cloud-static-records["A myhost"]: + managed_zone: example + name: myhost.example.com. + project: myproject + routing_policy: [] + rrdatas: + - 127.0.0.1 + ttl: 300 + type: A + +counts: + google_dns_keys: 1 + google_dns_managed_zone: 1 + google_dns_record_set: 1 + modules: 1 + resources: 3 + +outputs: {} diff --git a/tests/modules/net_vpc/data/factory-subnet.yaml b/tests/modules/dns/examples/reverse-zone.yaml similarity index 62% rename from tests/modules/net_vpc/data/factory-subnet.yaml rename to tests/modules/dns/examples/reverse-zone.yaml index d0f4bd8f..17e76a12 100644 --- a/tests/modules/net_vpc/data/factory-subnet.yaml +++ b/tests/modules/dns/examples/reverse-zone.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,12 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -region: europe-west1 -description: Sample description -ip_cidr_range: 10.128.0.0/24 -enable_private_access: false -iam_users: ["foobar@example.com"] -iam_groups: ["lorem@example.com"] -iam_service_accounts: ["foobar@project-id.iam.gserviceaccount.com"] -secondary_ip_ranges: - secondary-range-a: 192.168.128.0/24 +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + description: Terraform managed. + dns_name: 0.0.10.in-addr.arpa. + name: test-example + project: myproject + reverse_lookup: true + visibility: private + +counts: + google_dns_managed_zone: 1 + +outputs: {} diff --git a/tests/modules/dns/examples/routing-policies.yaml b/tests/modules/dns/examples/routing-policies.yaml new file mode 100644 index 00000000..45b19276 --- /dev/null +++ b/tests/modules/dns/examples/routing-policies.yaml @@ -0,0 +1,80 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.private-dns.google_dns_managed_zone.non-public[0]: + dns_name: test.example. + name: test-example + project: myproject + module.private-dns.google_dns_record_set.cloud-geo-records["A geo"]: + managed_zone: test-example + name: geo.test.example. + project: myproject + routing_policy: + - enable_geo_fencing: null + geo: + - health_checked_targets: [] + location: europe-west1 + rrdatas: + - 10.0.0.1 + - health_checked_targets: [] + location: europe-west2 + rrdatas: + - 10.0.0.2 + - health_checked_targets: [] + location: europe-west3 + rrdatas: + - 10.0.0.3 + primary_backup: [] + wrr: [] + rrdatas: null + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-static-records["A regular"]: + managed_zone: test-example + name: regular.test.example. + project: myproject + routing_policy: [] + rrdatas: + - 10.20.0.1 + ttl: 300 + type: A + module.private-dns.google_dns_record_set.cloud-wrr-records["A wrr"]: + managed_zone: test-example + name: wrr.test.example. + project: myproject + routing_policy: + - enable_geo_fencing: null + geo: [] + primary_backup: [] + wrr: + - health_checked_targets: [] + rrdatas: + - 10.10.0.1 + weight: 0.6 + - health_checked_targets: [] + rrdatas: + - 10.10.0.2 + weight: 0.2 + - health_checked_targets: [] + rrdatas: + - 10.10.0.3 + weight: 0.2 + rrdatas: null + ttl: 600 + type: A + +counts: + google_dns_managed_zone: 1 + google_dns_record_set: 3 diff --git a/tests/modules/dns/fixture/main.tf b/tests/modules/dns/fixture/main.tf deleted file mode 100644 index bab31920..00000000 --- a/tests/modules/dns/fixture/main.tf +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/dns" - project_id = "my-project" - name = "test" - domain = "test.example." - client_networks = var.client_networks - type = var.type - forwarders = var.forwarders - peer_network = var.peer_network - recordsets = var.recordsets -} diff --git a/tests/modules/dns/fixture/variables.tf b/tests/modules/dns/fixture/variables.tf deleted file mode 100644 index 8e55a287..00000000 --- a/tests/modules/dns/fixture/variables.tf +++ /dev/null @@ -1,62 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "client_networks" { - type = list(string) - default = [ - "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default" - ] -} - -variable "forwarders" { - type = map(string) - default = {} -} - -variable "peer_network" { - type = string - default = null -} - -variable "recordsets" { - type = any - default = { - "A localhost" = { ttl = 300, records = ["127.0.0.1"] } - "A local-host.test.example." = { ttl = 300, records = ["127.0.0.2"] } - "CNAME *" = { ttl = 300, records = ["localhost.example.org."] } - "A " = { ttl = 300, records = ["127.0.0.3"] } - "A geo" = { - geo_routing = [ - { location = "europe-west1", records = ["127.0.0.4"] }, - { location = "europe-west2", records = ["127.0.0.5"] }, - { location = "europe-west3", records = ["127.0.0.6"] } - ] - } - "A wrr" = { - ttl = 600 - wrr_routing = [ - { weight = 0.6, records = ["127.0.0.7"] }, - { weight = 0.2, records = ["127.0.0.8"] }, - { weight = 0.2, records = ["127.0.0.9"] } - ] - } - } -} - -variable "type" { - type = string - default = "private" -} diff --git a/tests/modules/dns/no_clients.tfvars b/tests/modules/dns/no_clients.tfvars new file mode 100644 index 00000000..97b72273 --- /dev/null +++ b/tests/modules/dns/no_clients.tfvars @@ -0,0 +1,5 @@ +type = "private" +domain = "test.example." +name = "test" +project_id = "my-project" +client_networks = [] diff --git a/tests/modules/gcs/iam.yaml b/tests/modules/dns/no_clients.yaml similarity index 65% rename from tests/modules/gcs/iam.yaml rename to tests/modules/dns/no_clients.yaml index 8a85a4bd..42f628c9 100644 --- a/tests/modules/gcs/iam.yaml +++ b/tests/modules/dns/no_clients.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,13 @@ # limitations under the License. values: - google_storage_bucket.bucket: + google_dns_managed_zone.non-public[0]: + dns_name: test.example. name: test - - google_storage_bucket_iam_binding.bindings["roles/storage.admin"]: - bucket: test - condition: [] - members: - - user:a@example.org - role: roles/storage.admin + private_visibility_config: [] + visibility: private counts: - google_storage_bucket: 1 - google_storage_bucket_iam_binding: 1 + google_dns_managed_zone: 1 modules: 0 - resources: 2 + resources: 1 diff --git a/tests/modules/dns/null_forwarders.tfvars b/tests/modules/dns/null_forwarders.tfvars new file mode 100644 index 00000000..4514d639 --- /dev/null +++ b/tests/modules/dns/null_forwarders.tfvars @@ -0,0 +1,4 @@ +type = "forwarding" +domain = "test.example." +name = "test" +project_id = "my-project" diff --git a/tests/modules/net_vpc/data/factory-subnet2.yaml b/tests/modules/dns/null_forwarders.yaml similarity index 79% rename from tests/modules/net_vpc/data/factory-subnet2.yaml rename to tests/modules/dns/null_forwarders.yaml index e110c162..bbe637fc 100644 --- a/tests/modules/net_vpc/data/factory-subnet2.yaml +++ b/tests/modules/dns/null_forwarders.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +12,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -region: europe-west4 -description: Sample description -ip_cidr_range: 10.129.0.0/24 +values: + google_dns_managed_zone.non-public[0]: + forwarding_config: [] + +counts: + google_dns_managed_zone: 1 diff --git a/tests/modules/dns/test_plan.py b/tests/modules/dns/test_plan.py deleted file mode 100644 index 5cc1ba70..00000000 --- a/tests/modules/dns/test_plan.py +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_private(plan_runner): - "Test private zone with three recordsets." - _, resources = plan_runner() - assert len(resources) == 7 - assert set(r['type'] for r in resources) == { - 'google_dns_record_set', 'google_dns_managed_zone' - } - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'private' - assert len(r['values']['private_visibility_config']) == 1 - - -def test_private_recordsets(plan_runner): - "Test recordsets in private zone." - _, resources = plan_runner() - recordsets = [ - r['values'] for r in resources if r['type'] == 'google_dns_record_set' - ] - - assert set(r['name'] for r in recordsets) == { - 'localhost.test.example.', 'local-host.test.example.', '*.test.example.', - "test.example.", "geo.test.example.", "wrr.test.example." - } - - for r in recordsets: - if r['name'] not in ['wrr.test.example.', 'geo.test.example.']: - assert r['routing_policy'] == [] - assert r['rrdatas'] != [] - - -def test_routing_policies(plan_runner): - "Test recordsets with routing policies." - _, resources = plan_runner() - recordsets = [ - r['values'] for r in resources if r['type'] == 'google_dns_record_set' - ] - geo_zone = [ - r['values'] for r in resources if r['address'] == - 'module.test.google_dns_record_set.cloud-geo-records["A geo"]' - ][0] - assert geo_zone['name'] == 'geo.test.example.' - assert geo_zone['routing_policy'][0]['wrr'] == [] - geo_policy = geo_zone['routing_policy'][0]['geo'] - assert geo_policy[0]['location'] == 'europe-west1' - assert geo_policy[0]['rrdatas'] == ['127.0.0.4'] - assert geo_policy[1]['location'] == 'europe-west2' - assert geo_policy[1]['rrdatas'] == ['127.0.0.5'] - assert geo_policy[2]['location'] == 'europe-west3' - assert geo_policy[2]['rrdatas'] == ['127.0.0.6'] - - wrr_zone = [ - r['values'] for r in resources if r['address'] == - 'module.test.google_dns_record_set.cloud-wrr-records["A wrr"]' - ][0] - assert wrr_zone['name'] == 'wrr.test.example.' - wrr_policy = wrr_zone['routing_policy'][0]['wrr'] - assert wrr_policy[0]['weight'] == 0.6 - assert wrr_policy[0]['rrdatas'] == ['127.0.0.7'] - assert wrr_policy[1]['weight'] == 0.2 - assert wrr_policy[1]['rrdatas'] == ['127.0.0.8'] - assert wrr_policy[2]['weight'] == 0.2 - assert wrr_policy[2]['rrdatas'] == ['127.0.0.9'] - assert wrr_zone['routing_policy'][0]['geo'] == [] - - -def test_private_no_networks(plan_runner): - "Test private zone not exposed to any network." - _, resources = plan_runner(client_networks='[]') - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'private' - assert len(r['values']['private_visibility_config']) == 0 - - -def test_forwarding_recordsets_null_forwarders(plan_runner): - "Test forwarding zone with wrong set of attributes does not break." - _, resources = plan_runner(type='forwarding') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['forwarding_config'] == [] - - -def test_forwarding(plan_runner): - "Test forwarding zone with single forwarder." - _, resources = plan_runner(type='forwarding', recordsets='null', - forwarders='{ "1.2.3.4" = null }') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['forwarding_config'] == [{ - 'target_name_servers': [{ - 'forwarding_path': '', - 'ipv4_address': '1.2.3.4' - }] - }] - - -def test_peering(plan_runner): - "Test peering zone." - _, resources = plan_runner(type='peering', recordsets='null', - peer_network='dummy-vpc-self-link') - assert len(resources) == 1 - resource = resources[0] - assert resource['type'] == 'google_dns_managed_zone' - assert resource['values']['peering_config'] == [{ - 'target_network': [{ - 'network_url': 'dummy-vpc-self-link' - }] - }] - - -def test_public(plan_runner): - "Test public zone with two recordsets." - _, resources = plan_runner(type='public') - for r in resources: - if r['type'] != 'google_dns_managed_zone': - continue - assert r['values']['visibility'] == 'public' - assert r['values']['private_visibility_config'] == [] diff --git a/tests/modules/gcs/tftest.yaml b/tests/modules/dns/tftest.yaml similarity index 84% rename from tests/modules/gcs/tftest.yaml rename to tests/modules/dns/tftest.yaml index 22337d18..5172a013 100644 --- a/tests/modules/gcs/tftest.yaml +++ b/tests/modules/dns/tftest.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,9 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -module: modules/gcs -common_tfvars: - - common.tfvars +module: modules/dns + tests: - prefix: - iam: + no_clients: + null_forwarders: diff --git a/tests/modules/gcs/common.tfvars b/tests/modules/gcs/common.tfvars deleted file mode 100644 index 5bab53b2..00000000 --- a/tests/modules/gcs/common.tfvars +++ /dev/null @@ -1,13 +0,0 @@ -force_destroy = true -labels = { environment = "test" } -logging_config = { - log_bucket = "foo" -} -name = "test" -project_id = "test-project" -retention_policy = { - retention_period = 5 - is_locked = false -} -storage_class = "MULTI_REGIONAL" -versioning = true diff --git a/tests/modules/api_gateway/test_plan.py b/tests/modules/gcs/examples/cmek.yaml similarity index 71% rename from tests/modules/api_gateway/test_plan.py rename to tests/modules/gcs/examples/cmek.yaml index 18ecdd32..ee92a5d2 100644 --- a/tests/modules/api_gateway/test_plan.py +++ b/tests/modules/gcs/examples/cmek.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,8 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. +values: + module.bucket.google_storage_bucket.bucket: + encryption: + - default_kms_key_name: my-encryption-key + name: my-bucket + project: myproject -def test_resource_count(plan_runner): - "Test number of resources created." - _, resources = plan_runner() - assert len(resources) == 5 +counts: + google_storage_bucket: 1 diff --git a/tests/modules/gcs/prefix.yaml b/tests/modules/gcs/examples/lifecycle.yaml similarity index 51% rename from tests/modules/gcs/prefix.yaml rename to tests/modules/gcs/examples/lifecycle.yaml index 6baee4a1..69eeea41 100644 --- a/tests/modules/gcs/prefix.yaml +++ b/tests/modules/gcs/examples/lifecycle.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,32 +13,26 @@ # limitations under the License. values: - google_storage_bucket.bucket: - force_destroy: true - labels: - environment: test - location: EU - logging: - - log_bucket: foo - name: foo-test - project: test-project - retention_policy: - - is_locked: false - retention_period: 5 - storage_class: MULTI_REGIONAL - uniform_bucket_level_access: true - versioning: - - enabled: true + module.bucket.google_storage_bucket.bucket: + lifecycle_rule: + - action: + - storage_class: STANDARD + type: SetStorageClass + condition: + - age: 30 + created_before: '' + custom_time_before: '' + days_since_custom_time: null + days_since_noncurrent_time: null + matches_prefix: [] + matches_storage_class: [] + matches_suffix: [] + noncurrent_time_before: '' + num_newer_versions: null + name: my-bucket + project: myproject counts: google_storage_bucket: 1 - modules: 0 - resources: 1 -outputs: - bucket: __missing__ - id: foo-test - name: foo-test - notification: null - topic: null - url: __missing__ +outputs: {} diff --git a/tests/modules/gcs/examples/notification.yaml b/tests/modules/gcs/examples/notification.yaml new file mode 100644 index 00000000..9536e89b --- /dev/null +++ b/tests/modules/gcs/examples/notification.yaml @@ -0,0 +1,31 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket-gcs-notification.google_pubsub_topic.topic[0]: {} + module.bucket-gcs-notification.google_pubsub_topic_iam_binding.binding[0]: {} + module.bucket-gcs-notification.google_storage_bucket.bucket: + name: my-bucket + project: myproject + module.bucket-gcs-notification.google_storage_notification.notification[0]: + bucket: my-bucket + event_types: + - OBJECT_FINALIZE + payload_format: JSON_API_V1 + +counts: + google_pubsub_topic: 1 + google_pubsub_topic_iam_binding: 1 + google_storage_bucket: 1 + google_storage_notification: 1 diff --git a/tests/modules/gcs/examples/retention-logging.yaml b/tests/modules/gcs/examples/retention-logging.yaml new file mode 100644 index 00000000..96241420 --- /dev/null +++ b/tests/modules/gcs/examples/retention-logging.yaml @@ -0,0 +1,26 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket.google_storage_bucket.bucket: + logging: + - log_bucket: log-bucket + name: my-bucket + project: myproject + retention_policy: + - is_locked: true + retention_period: 100 + +counts: + google_storage_bucket: 1 diff --git a/tests/modules/gcs/examples/simple.yaml b/tests/modules/gcs/examples/simple.yaml new file mode 100644 index 00000000..bc2630b8 --- /dev/null +++ b/tests/modules/gcs/examples/simple.yaml @@ -0,0 +1,46 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.bucket.google_storage_bucket.bucket: + autoclass: [] + cors: [] + custom_placement_config: [] + default_event_based_hold: null + encryption: [] + force_destroy: false + labels: + cost-center: devops + lifecycle_rule: [] + location: EU + logging: [] + name: test-my-bucket + project: myproject + requester_pays: null + retention_policy: [] + storage_class: MULTI_REGIONAL + timeouts: null + uniform_bucket_level_access: true + versioning: + - enabled: true + module.bucket.google_storage_bucket_iam_binding.bindings["roles/storage.admin"]: + bucket: test-my-bucket + condition: [] + members: + - group:storage@example.com + role: roles/storage.admin + +counts: + google_storage_bucket: 1 + google_storage_bucket_iam_binding: 1 diff --git a/tests/modules/gcs/iam.tfvars b/tests/modules/gcs/iam.tfvars deleted file mode 100644 index cfb3a014..00000000 --- a/tests/modules/gcs/iam.tfvars +++ /dev/null @@ -1,3 +0,0 @@ -iam = { - "roles/storage.admin" = ["user:a@example.org"] -} diff --git a/tests/modules/gcs/prefix.tfvars b/tests/modules/gcs/prefix.tfvars deleted file mode 100644 index 0031d561..00000000 --- a/tests/modules/gcs/prefix.tfvars +++ /dev/null @@ -1 +0,0 @@ -prefix = "foo" diff --git a/tests/modules/gke_cluster/examples/autopilot.yaml b/tests/modules/gke_cluster/examples/autopilot.yaml new file mode 100644 index 00000000..0a5380db --- /dev/null +++ b/tests/modules/gke_cluster/examples/autopilot.yaml @@ -0,0 +1,32 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-autopilot.google_container_cluster.cluster: + enable_autopilot: true + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + name: cluster-autopilot + network: projects/xxx/global/networks/aaa + project: myproject + subnetwork: subnet_self_link + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/examples/basic.yaml b/tests/modules/gke_cluster/examples/basic.yaml new file mode 100644 index 00000000..fe6648c8 --- /dev/null +++ b/tests/modules/gke_cluster/examples/basic.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1.google_container_cluster.cluster: + default_max_pods_per_node: 32 + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + name: cluster-1 + network: projects/xxx/global/networks/aaa + private_cluster_config: + - enable_private_endpoint: true + enable_private_nodes: true + master_global_access_config: + - enabled: false + master_ipv4_cidr_block: 192.168.0.0/28 + private_endpoint_subnetwork: null + project: myproject + remove_default_node_pool: true + resource_labels: + environment: dev + subnetwork: subnet_self_link + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/examples/dataplane-v2.yaml b/tests/modules/gke_cluster/examples/dataplane-v2.yaml new file mode 100644 index 00000000..ef7ca642 --- /dev/null +++ b/tests/modules/gke_cluster/examples/dataplane-v2.yaml @@ -0,0 +1,45 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1.google_container_cluster.cluster: + datapath_provider: ADVANCED_DATAPATH + ip_allocation_policy: + - cluster_secondary_range_name: pods + services_secondary_range_name: services + location: europe-west1-b + master_authorized_networks_config: + - cidr_blocks: + - cidr_block: 10.0.0.0/8 + display_name: internal-vms + min_master_version: null + name: cluster-dataplane-v2 + network: projects/xxx/global/networks/aaa + private_cluster_config: + - enable_private_endpoint: true + enable_private_nodes: true + master_global_access_config: + - enabled: false + master_ipv4_cidr_block: 192.168.0.0/28 + private_endpoint_subnetwork: null + project: myproject + remove_default_node_pool: true + resource_labels: + environment: dev + subnetwork: subnet_self_link + workload_identity_config: + - workload_pool: myproject.svc.id.goog + +counts: + google_container_cluster: 1 diff --git a/tests/modules/gke_cluster/fixture/main.tf b/tests/modules/gke_cluster/fixture/main.tf deleted file mode 100644 index 5e11fbd7..00000000 --- a/tests/modules/gke_cluster/fixture/main.tf +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/gke-cluster" - project_id = "my-project" - name = "cluster-1" - location = "europe-west1-b" - vpc_config = { - network = "mynetwork" - subnetwork = "mysubnet" - } - enable_addons = var.enable_addons - enable_features = var.enable_features - tags = var.tags -} diff --git a/tests/modules/gke_cluster/fixture/variables.tf b/tests/modules/gke_cluster/fixture/variables.tf deleted file mode 100644 index 2104e452..00000000 --- a/tests/modules/gke_cluster/fixture/variables.tf +++ /dev/null @@ -1,43 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "enable_addons" { - type = any - default = { - horizontal_pod_autoscaling = true - http_load_balancing = true - } -} - -variable "enable_features" { - type = any - default = { - workload_identity = true - } -} - -variable "monitoring_config" { - type = any - default = { - managed_prometheus = true - } -} - -variable "tags" { - description = "Network tags applied to nodes." - type = list(string) - default = null -} diff --git a/tests/modules/gke_cluster/test_plan.py b/tests/modules/gke_cluster/test_plan.py deleted file mode 100644 index acd97bed..00000000 --- a/tests/modules/gke_cluster/test_plan.py +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_standard(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner() - assert len(resources) == 1 - - cluster_config = resources[0]['values'] - assert cluster_config['name'] == "cluster-1" - assert cluster_config['network'] == "mynetwork" - assert cluster_config['subnetwork'] == "mysubnet" - assert cluster_config['enable_autopilot'] is None - # assert 'service_account' not in node_config - - -def test_autopilot(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner(enable_features='{ autopilot=true }') - assert len(resources) == 1 - cluster_config = resources[0]['values'] - assert cluster_config['name'] == "cluster-1" - assert cluster_config['network'] == "mynetwork" - assert cluster_config['subnetwork'] == "mysubnet" - assert cluster_config['enable_autopilot'] == True - # assert 'service_account' not in node_config diff --git a/tests/modules/gke_nodepool/examples/basic.yaml b/tests/modules/gke_nodepool/examples/basic.yaml new file mode 100644 index 00000000..010b98cd --- /dev/null +++ b/tests/modules/gke_nodepool/examples/basic.yaml @@ -0,0 +1,23 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + project: myproject + +counts: + google_container_node_pool: 1 diff --git a/tests/modules/gke_nodepool/examples/config.yaml b/tests/modules/gke_nodepool/examples/config.yaml new file mode 100644 index 00000000..fc1682a8 --- /dev/null +++ b/tests/modules/gke_nodepool/examples/config.yaml @@ -0,0 +1,60 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + autoscaling: + - location_policy: null + max_node_count: 10 + min_node_count: 1 + total_max_node_count: null + total_min_node_count: null + cluster: cluster-1 + initial_node_count: 1 + location: europe-west1-b + management: + - auto_repair: true + auto_upgrade: false + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_size_gb: 50 + disk_type: pd-ssd + ephemeral_storage_config: + - local_ssd_count: 1 + gcfs_config: [] + gvnic: [] + kubelet_config: [] + labels: + environment: dev + linux_node_config: [] + logging_variant: DEFAULT + machine_type: n2-standard-2 + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + spot: true + tags: null + taint: [] + placement_policy: [] + project: myproject + module.cluster-1-nodepool-1.google_service_account.service_account[0]: {} + +counts: + google_container_node_pool: 1 + google_service_account: 1 diff --git a/tests/modules/gke_nodepool/examples/create-sa.yaml b/tests/modules/gke_nodepool/examples/create-sa.yaml new file mode 100644 index 00000000..df1f2f70 --- /dev/null +++ b/tests/modules/gke_nodepool/examples/create-sa.yaml @@ -0,0 +1,52 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_type: pd-balanced + ephemeral_storage_config: [] + gcfs_config: [] + gvnic: [] + kubelet_config: [] + linux_node_config: [] + logging_variant: DEFAULT + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + spot: false + tags: null + taint: [] + placement_policy: [] + project: myproject + timeouts: null + module.cluster-1-nodepool-1.google_service_account.service_account[0]: + account_id: spam-eggs + description: null + disabled: false + display_name: Terraform GKE cluster-1 nodepool-1. + project: myproject + timeouts: null + +counts: + google_container_node_pool: 1 + google_service_account: 1 diff --git a/tests/modules/gke_nodepool/examples/external-sa.yaml b/tests/modules/gke_nodepool/examples/external-sa.yaml new file mode 100644 index 00000000..05959321 --- /dev/null +++ b/tests/modules/gke_nodepool/examples/external-sa.yaml @@ -0,0 +1,43 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cluster-1-nodepool-1.google_container_node_pool.nodepool: + cluster: cluster-1 + location: europe-west1-b + name: nodepool-1 + node_config: + - boot_disk_kms_key: null + disk_type: pd-balanced + ephemeral_storage_config: [] + gcfs_config: [] + gvnic: [] + kubelet_config: [] + linux_node_config: [] + logging_variant: DEFAULT + node_group: null + oauth_scopes: + - https://www.googleapis.com/auth/cloud-platform + preemptible: false + reservation_affinity: [] + resource_labels: null + sandbox_config: [] + service_account: foo-bar@myproject.iam.gserviceaccount.com + spot: false + tags: null + taint: [] + project: myproject + +counts: + google_container_node_pool: 1 diff --git a/tests/modules/gke_nodepool/fixture/main.tf b/tests/modules/gke_nodepool/fixture/main.tf deleted file mode 100644 index 4ee27482..00000000 --- a/tests/modules/gke_nodepool/fixture/main.tf +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -resource "google_service_account" "test" { - project = "my-project" - account_id = "gke-nodepool-test" - display_name = "Test Service Account" -} - -module "test" { - source = "../../../../modules/gke-nodepool" - project_id = "my-project" - cluster_name = "cluster-1" - location = "europe-west1-b" - name = "nodepool-1" - gke_version = var.gke_version - labels = var.labels - max_pods_per_node = var.max_pods_per_node - node_config = var.node_config - node_count = var.node_count - node_locations = var.node_locations - nodepool_config = var.nodepool_config - pod_range = var.pod_range - reservation_affinity = var.reservation_affinity - service_account = { - create = var.service_account_create - email = google_service_account.test.email - } - sole_tenant_nodegroup = var.sole_tenant_nodegroup - tags = var.tags - taints = var.taints -} diff --git a/tests/modules/gke_nodepool/fixture/variables.tf b/tests/modules/gke_nodepool/fixture/variables.tf deleted file mode 100644 index 18376ec5..00000000 --- a/tests/modules/gke_nodepool/fixture/variables.tf +++ /dev/null @@ -1,86 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "gke_version" { - type = string - default = null -} - -variable "labels" { - type = map(string) - default = {} - nullable = false -} - -variable "max_pods_per_node" { - type = number - default = null -} - -variable "node_config" { - type = any - default = { - disk_type = "pd-balanced" - } -} - -variable "node_count" { - type = any - default = { - initial = 1 - } - nullable = false -} - -variable "node_locations" { - type = list(string) - default = null -} - -variable "nodepool_config" { - type = any - default = null -} - -variable "pod_range" { - type = any - default = null -} - -variable "reservation_affinity" { - type = any - default = null -} - -variable "service_account_create" { - type = bool - default = false -} - -variable "sole_tenant_nodegroup" { - type = string - default = null -} - -variable "tags" { - type = list(string) - default = null -} - -variable "taints" { - type = any - default = null -} diff --git a/tests/modules/gke_nodepool/test_plan.py b/tests/modules/gke_nodepool/test_plan.py deleted file mode 100644 index 75d1cc14..00000000 --- a/tests/modules/gke_nodepool/test_plan.py +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_defaults(plan_runner): - "Test resources created with variable defaults." - _, resources = plan_runner() - assert len(resources) == 1 - assert resources[0]['values']['autoscaling'] == [] - - -def test_service_account(plan_runner): - _, resources = plan_runner() - assert len(resources) == 1 - _, resources = plan_runner(service_account_create='true') - assert len(resources) == 2 - assert 'google_service_account' in [r['type'] for r in resources] - - -def test_nodepool_config(plan_runner): - nodepool_config = '''{ - autoscaling = { use_total_nodes = true, max_node_count = 3} - management = {} - upgrade_settings = { max_surge = 3, max_unavailable = 3 } - }''' - _, resources = plan_runner(nodepool_config=nodepool_config) - assert resources[0]['values']['autoscaling'] == [{ - 'location_policy': None, - 'max_node_count': None, - 'min_node_count': None, - 'total_max_node_count': 3, - 'total_min_node_count': None - }] - nodepool_config = '{ autoscaling = { max_node_count = 3} }' - _, resources = plan_runner(nodepool_config=nodepool_config) - assert resources[0]['values']['autoscaling'] == [{ - 'location_policy': None, - 'max_node_count': 3, - 'min_node_count': None, - 'total_max_node_count': None, - 'total_min_node_count': None - }] - - -def test_node_config(plan_runner): - node_config = '''{ - gcfs = true - metadata = { foo = "bar" } - }''' - _, resources = plan_runner(node_config=node_config) - values = resources[0]['values']['node_config'][0] - assert values['gcfs_config'] == [{'enabled': True}] - assert values['metadata'] == { - 'disable-legacy-endpoints': 'true', - 'foo': 'bar' - } diff --git a/tests/modules/net_vpc/examples/dns-policies.yaml b/tests/modules/net_vpc/examples/dns-policies.yaml new file mode 100644 index 00000000..a30d6408 --- /dev/null +++ b/tests/modules/net_vpc/examples/dns-policies.yaml @@ -0,0 +1,42 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: {} + module.vpc.google_dns_policy.default[0]: + alternative_name_server_config: + - target_name_servers: + - forwarding_path: '' + ipv4_address: '8.8.8.8' + - forwarding_path: private + ipv4_address: '10.0.0.1' + description: Managed by Terraform + enable_inbound_forwarding: true + enable_logging: null + name: my-network + networks: + - {} + project: my-project + +counts: + google_compute_network: 1 + google_compute_subnetwork: 1 + google_dns_policy: 1 + modules: 1 + resources: 3 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/factory.yaml b/tests/modules/net_vpc/examples/factory.yaml new file mode 100644 index 00000000..48671c29 --- /dev/null +++ b/tests/modules/net_vpc/examples/factory.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-detailed"]: + description: Sample description + ip_cidr_range: 10.0.0.0/24 + log_config: + - aggregation_interval: INTERVAL_5_SEC + filter_expr: 'true' + flow_sampling: 0.5 + metadata: INCLUDE_ALL_METADATA + metadata_fields: null + name: subnet-detailed + private_ip_google_access: false + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 192.168.0.0/24 + range_name: secondary-range-a + module.vpc.google_compute_subnetwork.subnetwork["europe-west4/subnet-simple"]: + description: Terraform-managed. + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: subnet-simple + private_ip_google_access: true + project: my-project + region: europe-west4 + role: null + secondary_ip_range: [] + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/peering.yaml b/tests/modules/net_vpc/examples/peering.yaml similarity index 50% rename from tests/modules/net_vpc/peering.yaml rename to tests/modules/net_vpc/examples/peering.yaml index 8d0bbed7..937ce144 100644 --- a/tests/modules/net_vpc/peering.yaml +++ b/tests/modules/net_vpc/examples/peering.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,35 +13,22 @@ # limitations under the License. values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL - google_compute_network_peering.local[0]: - export_custom_routes: true - import_custom_routes: false - name: test-peer - peer_network: projects/my-project/global/networks/peer - google_compute_network_peering.remote[0]: + module.vpc-hub.google_compute_network.network[0]: {} + module.vpc-spoke-1.google_compute_network.network[0]: {} + module.vpc-hub.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {} + module.vpc-spoke-1.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]: {} + module.vpc-spoke-1.google_compute_network_peering.local[0]: export_custom_routes: false + export_subnet_routes_with_public_ip: true import_custom_routes: true - name: peer-test - network: projects/my-project/global/networks/peer + import_subnet_routes_with_public_ip: null + module.vpc-spoke-1.google_compute_network_peering.remote[0]: + export_custom_routes: true + export_subnet_routes_with_public_ip: true + import_custom_routes: false + import_subnet_routes_with_public_ip: null counts: - google_compute_network: 1 + google_compute_network: 2 google_compute_network_peering: 2 - -outputs: - bindings: {} - project_id: test-project - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/proxy-only-subnets.yaml b/tests/modules/net_vpc/examples/proxy-only-subnets.yaml new file mode 100644 index 00000000..6e2069aa --- /dev/null +++ b/tests/modules/net_vpc/examples/proxy-only-subnets.yaml @@ -0,0 +1,40 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.proxy_only["europe-west1/regional-proxy"]: + description: Terraform-managed proxy-only subnet for Regional HTTPS or Internal HTTPS LB. + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: regional-proxy + project: my-project + purpose: REGIONAL_MANAGED_PROXY + region: europe-west1 + role: ACTIVE + module.vpc.google_compute_subnetwork.psc["europe-west1/psc"]: + description: Terraform-managed subnet for Private Service Connect (PSC NAT). + ip_cidr_range: 10.0.3.0/24 + log_config: [] + name: psc + project: my-project + purpose: PRIVATE_SERVICE_CONNECT + region: europe-west1 + role: null + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/psc-routes.yaml b/tests/modules/net_vpc/examples/psc-routes.yaml new file mode 100644 index 00000000..6f459f4b --- /dev/null +++ b/tests/modules/net_vpc/examples/psc-routes.yaml @@ -0,0 +1,47 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_global_address.psa_ranges["myrange"]: + address: 10.0.1.0 + address_type: INTERNAL + description: null + ip_version: null + name: myrange + prefix_length: 24 + project: my-project + purpose: VPC_PEERING + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]: + export_custom_routes: true + import_custom_routes: true + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + ip_cidr_range: 10.0.0.0/24 + name: production + project: my-project + module.vpc.google_service_networking_connection.psa_connection["1"]: + reserved_peering_ranges: + - myrange + service: servicenetworking.googleapis.com + +counts: + google_compute_global_address: 1 + google_compute_network: 1 + google_compute_network_peering_routes_config: 1 + google_compute_subnetwork: 1 + google_service_networking_connection: 1 diff --git a/tests/modules/net_vpc/examples/psc.yaml b/tests/modules/net_vpc/examples/psc.yaml new file mode 100644 index 00000000..c08fcb45 --- /dev/null +++ b/tests/modules/net_vpc/examples/psc.yaml @@ -0,0 +1,46 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_global_address.psa_ranges["myrange"]: + address: 10.0.1.0 + address_type: INTERNAL + name: myrange + prefix_length: 24 + project: my-project + purpose: VPC_PEERING + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]: + export_custom_routes: false + import_custom_routes: false + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + ip_cidr_range: 10.0.0.0/24 + name: production + project: my-project + module.vpc.google_service_networking_connection.psa_connection["1"]: + reserved_peering_ranges: + - myrange + service: servicenetworking.googleapis.com + +counts: + google_compute_global_address: 1 + google_compute_network: 1 + google_compute_network_peering_routes_config: 1 + google_compute_subnetwork: 1 + google_service_networking_connection: 1 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/routes.yaml b/tests/modules/net_vpc/examples/routes.yaml new file mode 100644 index 00000000..205197c8 --- /dev/null +++ b/tests/modules/net_vpc/examples/routes.yaml @@ -0,0 +1,146 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc["gateway"].google_compute_network.network[0]: + name: my-network-with-route-gateway + project: my-project + routing_mode: GLOBAL + module.vpc["gateway"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-gateway-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["gateway"].google_compute_route.gateway["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-gateway-next-hop + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["ilb"].google_compute_network.network[0]: + name: my-network-with-route-ilb + project: my-project + routing_mode: GLOBAL + module.vpc["ilb"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-ilb-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["ilb"].google_compute_route.ilb["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-ilb-next-hop + next_hop_gateway: null + next_hop_ilb: regions/europe-west1/forwardingRules/test + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["instance"].google_compute_network.network[0]: + name: my-network-with-route-instance + project: my-project + routing_mode: GLOBAL + module.vpc["instance"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-instance-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["instance"].google_compute_route.instance["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-instance-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: zones/europe-west1-b/test + next_hop_instance_zone: europe-west1-b + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["ip"].google_compute_network.network[0]: + name: my-network-with-route-ip + project: my-project + routing_mode: GLOBAL + module.vpc["ip"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-ip-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["ip"].google_compute_route.ip["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-ip-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: null + next_hop_ip: 192.168.0.128 + next_hop_vpn_tunnel: null + priority: 1000 + project: my-project + tags: null + module.vpc["vpn_tunnel"].google_compute_network.network[0]: + name: my-network-with-route-vpn-tunnel + project: my-project + routing_mode: GLOBAL + module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]: + dest_range: 0.0.0.0/0 + name: my-network-with-route-vpn-tunnel-gateway + next_hop_gateway: global/gateways/default-internet-gateway + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: null + priority: 100 + project: my-project + tags: + - tag-a + module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]: + dest_range: 192.168.128.0/24 + name: my-network-with-route-vpn-tunnel-next-hop + next_hop_gateway: null + next_hop_ilb: null + next_hop_instance: null + next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo + priority: 1000 + project: my-project + tags: null + +counts: + google_compute_network: 5 + google_compute_route: 10 diff --git a/tests/modules/net_vpc/examples/shared-vpc.yaml b/tests/modules/net_vpc/examples/shared-vpc.yaml new file mode 100644 index 00000000..b004e315 --- /dev/null +++ b/tests/modules/net_vpc/examples/shared-vpc.yaml @@ -0,0 +1,51 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc-host.google_compute_network.network[0]: + name: my-host-network + project: my-project + module.vpc-host.google_compute_shared_vpc_host_project.shared_vpc_host[0]: + project: my-project + module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project1"]: + host_project: my-project + service_project: project1 + module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project2"]: + host_project: my-project + service_project: project2 + module.vpc-host.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {} + module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]: + condition: [] + members: + - serviceAccount:cloudsvc + - serviceAccount:gke + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-1 + module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.securityAdmin"]: + condition: [] + members: + - serviceAccount:gke + project: my-project + region: europe-west1 + role: roles/compute.securityAdmin + subnetwork: subnet-1 + +counts: + google_compute_network: 1 + google_compute_shared_vpc_host_project: 1 + google_compute_shared_vpc_service_project: 2 + google_compute_subnetwork: 1 + google_compute_subnetwork_iam_binding: 2 diff --git a/tests/modules/net_vpc/examples/simple.yaml b/tests/modules/net_vpc/examples/simple.yaml new file mode 100644 index 00000000..799852c0 --- /dev/null +++ b/tests/modules/net_vpc/examples/simple.yaml @@ -0,0 +1,50 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + auto_create_subnetworks: false + delete_default_routes_on_create: false + description: Terraform-managed. + name: my-network + project: my-project + routing_mode: GLOBAL + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: + description: Terraform-managed. + ip_cidr_range: 10.0.0.0/24 + log_config: [] + name: production + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 172.16.0.0/20 + range_name: pods + - ip_cidr_range: 192.168.0.0/24 + range_name: services + module.vpc.google_compute_subnetwork.subnetwork["europe-west2/production"]: + description: Terraform-managed. + ip_cidr_range: 10.0.16.0/24 + log_config: [] + name: production + private_ip_google_access: true + project: my-project + region: europe-west2 + role: null + secondary_ip_range: [] + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/examples/subnet-iam.yaml b/tests/modules/net_vpc/examples/subnet-iam.yaml new file mode 100644 index 00000000..cb53ecd8 --- /dev/null +++ b/tests/modules/net_vpc/examples/subnet-iam.yaml @@ -0,0 +1,54 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: + name: subnet-1 + project: my-project + region: europe-west1 + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]: + name: subnet-2 + private_ip_google_access: true + project: my-project + region: europe-west1 + module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]: + condition: [] + members: + - group:group1@example.com + - user:user1@example.com + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-1 + module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-2.roles/compute.networkUser"]: + condition: [] + members: + - group:group2@example.com + - user:user2@example.com + project: my-project + region: europe-west1 + role: roles/compute.networkUser + subnetwork: subnet-2 + +counts: + google_compute_network: 1 + google_compute_subnetwork: 2 + google_compute_subnetwork_iam_binding: 2 + modules: 1 + resources: 5 + +outputs: {} diff --git a/tests/modules/net_vpc/examples/subnet-options.yaml b/tests/modules/net_vpc/examples/subnet-options.yaml new file mode 100644 index 00000000..e3cea5ca --- /dev/null +++ b/tests/modules/net_vpc/examples/subnet-options.yaml @@ -0,0 +1,70 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vpc.google_compute_network.network[0]: + name: my-network + project: my-project + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/no-pga"]: + description: Subnet b + ip_cidr_range: 10.0.1.0/24 + log_config: [] + name: no-pga + private_ip_google_access: false + project: my-project + region: europe-west1 + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/simple"]: + description: Terraform-managed. + ip_cidr_range: 10.0.0.0/24 + log_config: [] + name: simple + private_ip_google_access: true + project: my-project + region: europe-west1 + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-flow-logs"]: + description: Terraform-managed. + ip_cidr_range: 10.0.3.0/24 + ipv6_access_type: null + log_config: + - aggregation_interval: INTERVAL_10_MIN + filter_expr: 'true' + flow_sampling: 0.5 + metadata: INCLUDE_ALL_METADATA + metadata_fields: null + name: with-flow-logs + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: [] + module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-secondary-ranges"]: + description: Terraform-managed. + ip_cidr_range: 10.0.2.0/24 + log_config: [] + name: with-secondary-ranges + private_ip_google_access: true + project: my-project + region: europe-west1 + role: null + secondary_ip_range: + - ip_cidr_range: 192.168.0.0/24 + range_name: a + - ip_cidr_range: 192.168.1.0/24 + range_name: b + +counts: + google_compute_network: 1 + google_compute_subnetwork: 4 diff --git a/tests/modules/net_vpc/factory.tfvars b/tests/modules/net_vpc/factory.tfvars deleted file mode 100644 index 8c4d4a28..00000000 --- a/tests/modules/net_vpc/factory.tfvars +++ /dev/null @@ -1 +0,0 @@ -data_folder = "../../tests/modules/net_vpc/data" diff --git a/tests/modules/net_vpc/factory.yaml b/tests/modules/net_vpc/factory.yaml deleted file mode 100644 index 9cf628d0..00000000 --- a/tests/modules/net_vpc/factory.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_subnetwork.subnetwork["europe-west1/factory-subnet"]: - description: 'Sample description' - ip_cidr_range: '10.128.0.0/24' - ipv6_access_type: null - log_config: [] - name: 'factory-subnet' - private_ip_google_access: false - project: 'test-project' - region: 'europe-west1' - role: null - secondary_ip_range: - - ip_cidr_range: '192.168.128.0/24' - range_name: 'secondary-range-a' - google_compute_subnetwork.subnetwork["europe-west4/factory-subnet2"]: - description: 'Sample description' - ip_cidr_range: '10.129.0.0/24' - log_config: [] - name: 'factory-subnet2' - private_ip_google_access: true - project: 'test-project' - region: 'europe-west4' - role: null - secondary_ip_range: [] - - # FIXME: should we have some bindings here? - -counts: - google_compute_network: 1 - google_compute_subnetwork: 2 diff --git a/tests/modules/net_vpc/fixture/main.tf b/tests/modules/net_vpc/fixture/main.tf deleted file mode 100644 index f0e4696e..00000000 --- a/tests/modules/net_vpc/fixture/main.tf +++ /dev/null @@ -1,30 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/net-vpc" - project_id = "test-project" - name = "test" - peering_config = var.peering_config - routes = var.routes - shared_vpc_host = var.shared_vpc_host - shared_vpc_service_projects = var.shared_vpc_service_projects - subnet_iam = var.subnet_iam - subnets = var.subnets - auto_create_subnetworks = var.auto_create_subnetworks - psa_config = var.psa_config - data_folder = var.data_folder -} diff --git a/tests/modules/net_vpc/fixture/test.subnets.tfvars b/tests/modules/net_vpc/fixture/test.subnets.tfvars deleted file mode 100644 index 499e498f..00000000 --- a/tests/modules/net_vpc/fixture/test.subnets.tfvars +++ /dev/null @@ -1,44 +0,0 @@ -subnet_iam = { - "europe-west1/a" = { - "roles/compute.networkUser" = [ - "user:a@example.com", "group:g-a@example.com" - ] - } - "europe-west1/c" = { - "roles/compute.networkUser" = [ - "user:c@example.com", "group:g-c@example.com" - ] - } -} -subnets = [ - { - name = "a" - region = "europe-west1" - ip_cidr_range = "10.0.0.0/24" - }, - { - name = "b" - region = "europe-west1" - ip_cidr_range = "10.0.1.0/24", - description = "Subnet b" - enable_private_access = false - }, - { - name = "c" - region = "europe-west1" - ip_cidr_range = "10.0.2.0/24" - secondary_ip_ranges = { - a = "192.168.0.0/24" - b = "192.168.1.0/24" - } - }, - { - name = "d" - region = "europe-west1" - ip_cidr_range = "10.0.3.0/24" - flow_logs_config = { - flow_sampling = 0.5 - aggregation_interval = "INTERVAL_10_MIN" - } - } -] diff --git a/tests/modules/net_vpc/fixture/variables.tf b/tests/modules/net_vpc/fixture/variables.tf deleted file mode 100644 index 868966c8..00000000 --- a/tests/modules/net_vpc/fixture/variables.tf +++ /dev/null @@ -1,101 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "auto_create_subnetworks" { - type = bool - default = false -} - -variable "data_folder" { - type = string - default = null -} - -variable "delete_default_routes_on_create" { - type = bool - default = false -} - -variable "description" { - type = string - default = "Terraform-managed." -} - -variable "dns_policy" { - type = any - default = null -} - -variable "mtu" { - type = number - default = null -} - -variable "peering_config" { - type = any - default = null -} - -variable "psa_config" { - type = any - default = null -} - -variable "routes" { - type = any - default = {} - nullable = false -} - -variable "routing_mode" { - type = string - default = "GLOBAL" -} - -variable "shared_vpc_host" { - type = bool - default = false -} - -variable "shared_vpc_service_projects" { - type = list(string) - default = [] -} - -variable "subnets" { - type = any - default = [] -} - -variable "subnet_iam" { - type = map(map(list(string))) - default = {} -} - -variable "subnets_proxy_only" { - type = any - default = [] -} - -variable "subnets_psc" { - type = any - default = [] -} - -variable "vpc_create" { - type = bool - default = true -} diff --git a/tests/modules/net_vpc/peering.tfvars b/tests/modules/net_vpc/peering.tfvars deleted file mode 100644 index eccd7ae7..00000000 --- a/tests/modules/net_vpc/peering.tfvars +++ /dev/null @@ -1,5 +0,0 @@ -peering_config = { - peer_vpc_self_link = "projects/my-project/global/networks/peer" - export_routes = true - import_routes = null -} diff --git a/tests/modules/net_vpc/psa_simple.tfvars b/tests/modules/net_vpc/psa_simple.tfvars deleted file mode 100644 index 51289fe0..00000000 --- a/tests/modules/net_vpc/psa_simple.tfvars +++ /dev/null @@ -1,7 +0,0 @@ -psa_config = { - ranges = { - bar = "172.16.100.0/24" - foo = "172.16.101.0/24" - } - routes = null -} diff --git a/tests/modules/net_vpc/psa_simple.yaml b/tests/modules/net_vpc/psa_simple.yaml deleted file mode 100644 index 019b443f..00000000 --- a/tests/modules/net_vpc/psa_simple.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_global_address.psa_ranges["bar"]: - address: 172.16.100.0 - address_type: INTERNAL - description: null - ip_version: null - name: bar - prefix_length: 24 - project: test-project - purpose: VPC_PEERING - google_compute_global_address.psa_ranges["foo"]: - address: 172.16.101.0 - address_type: INTERNAL - description: null - ip_version: null - name: foo - prefix_length: 24 - project: test-project - purpose: VPC_PEERING - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - enable_ula_internal_ipv6: null - name: test - project: test-project - routing_mode: GLOBAL - google_compute_network_peering_routes_config.psa_routes["1"]: - export_custom_routes: false - import_custom_routes: false - project: test-project - google_service_networking_connection.psa_connection["1"]: - reserved_peering_ranges: - - bar - - foo - service: servicenetworking.googleapis.com - -counts: - google_compute_global_address: 2 - google_compute_network: 1 - google_compute_network_peering_routes_config: 1 - google_service_networking_connection: 1 - -outputs: - bindings: {} - name: __missing__ - network: __missing__ - project_id: test-project - self_link: __missing__ - subnet_ips: {} - subnet_regions: {} - subnet_secondary_ranges: {} - subnet_self_links: {} - subnets: {} - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/simple.tfvars b/tests/modules/net_vpc/simple.tfvars deleted file mode 100644 index 6f848aa9..00000000 --- a/tests/modules/net_vpc/simple.tfvars +++ /dev/null @@ -1 +0,0 @@ -# skip boilerplate check diff --git a/tests/modules/net_vpc/subnets.tfvars b/tests/modules/net_vpc/subnets.tfvars deleted file mode 100644 index 499e498f..00000000 --- a/tests/modules/net_vpc/subnets.tfvars +++ /dev/null @@ -1,44 +0,0 @@ -subnet_iam = { - "europe-west1/a" = { - "roles/compute.networkUser" = [ - "user:a@example.com", "group:g-a@example.com" - ] - } - "europe-west1/c" = { - "roles/compute.networkUser" = [ - "user:c@example.com", "group:g-c@example.com" - ] - } -} -subnets = [ - { - name = "a" - region = "europe-west1" - ip_cidr_range = "10.0.0.0/24" - }, - { - name = "b" - region = "europe-west1" - ip_cidr_range = "10.0.1.0/24", - description = "Subnet b" - enable_private_access = false - }, - { - name = "c" - region = "europe-west1" - ip_cidr_range = "10.0.2.0/24" - secondary_ip_ranges = { - a = "192.168.0.0/24" - b = "192.168.1.0/24" - } - }, - { - name = "d" - region = "europe-west1" - ip_cidr_range = "10.0.3.0/24" - flow_logs_config = { - flow_sampling = 0.5 - aggregation_interval = "INTERVAL_10_MIN" - } - } -] diff --git a/tests/modules/net_vpc/subnets.yaml b/tests/modules/net_vpc/subnets.yaml deleted file mode 100644 index 9ccf31e6..00000000 --- a/tests/modules/net_vpc/subnets.yaml +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -values: - google_compute_network.network[0]: - auto_create_subnetworks: false - delete_default_routes_on_create: false - description: Terraform-managed. - name: test - project: test-project - routing_mode: GLOBAL - google_compute_subnetwork.subnetwork["europe-west1/a"]: - description: Terraform-managed. - ip_cidr_range: 10.0.0.0/24 - log_config: [] - name: a - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork.subnetwork["europe-west1/b"]: - description: Subnet b - ip_cidr_range: 10.0.1.0/24 - log_config: [] - name: b - private_ip_google_access: false - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork.subnetwork["europe-west1/c"]: - description: Terraform-managed. - ip_cidr_range: 10.0.2.0/24 - ipv6_access_type: null - log_config: [] - name: c - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: - - ip_cidr_range: 192.168.0.0/24 - range_name: a - - ip_cidr_range: 192.168.1.0/24 - range_name: b - google_compute_subnetwork.subnetwork["europe-west1/d"]: - description: Terraform-managed. - ip_cidr_range: 10.0.3.0/24 - log_config: - - aggregation_interval: INTERVAL_10_MIN - filter_expr: 'true' - flow_sampling: 0.5 - metadata: INCLUDE_ALL_METADATA - metadata_fields: null - name: d - private_ip_google_access: true - project: test-project - region: europe-west1 - role: null - secondary_ip_range: [] - google_compute_subnetwork_iam_binding.binding["europe-west1/a.roles/compute.networkUser"]: - condition: [] - members: - - group:g-a@example.com - - user:a@example.com - project: test-project - region: europe-west1 - role: roles/compute.networkUser - subnetwork: a - google_compute_subnetwork_iam_binding.binding["europe-west1/c.roles/compute.networkUser"]: - condition: [] - members: - - group:g-c@example.com - - user:c@example.com - project: test-project - region: europe-west1 - role: roles/compute.networkUser - subnetwork: c - -counts: - google_compute_network: 1 - google_compute_subnetwork: 4 - google_compute_subnetwork_iam_binding: 2 - -outputs: - bindings: __missing__ - project_id: test-project - subnet_ips: - europe-west1/a: 10.0.0.0/24 - europe-west1/b: 10.0.1.0/24 - europe-west1/c: 10.0.2.0/24 - europe-west1/d: 10.0.3.0/24 - subnet_regions: - europe-west1/a: europe-west1 - europe-west1/b: europe-west1 - europe-west1/c: europe-west1 - europe-west1/d: europe-west1 - subnet_secondary_ranges: - europe-west1/a: {} - europe-west1/b: {} - europe-west1/c: - a: 192.168.0.0/24 - b: 192.168.1.0/24 - europe-west1/d: {} - subnet_self_links: __missing__ - subnets: __missing__ - subnets_proxy_only: {} - subnets_psc: {} diff --git a/tests/modules/net_vpc/test_routes.py b/tests/modules/net_vpc/test_routes.py deleted file mode 100644 index 01d9673d..00000000 --- a/tests/modules/net_vpc/test_routes.py +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - -_route_parameters = [('gateway', 'global/gateways/default-internet-gateway'), - ('instance', 'zones/europe-west1-b/test'), - ('ip', '192.168.0.128'), - ('ilb', 'regions/europe-west1/forwardingRules/test'), - ('vpn_tunnel', 'regions/europe-west1/vpnTunnels/foo')] - - -@pytest.mark.parametrize('next_hop_type,next_hop', _route_parameters) -def test_vpc_routes(plan_summary, next_hop_type, next_hop): - 'Test vpc routes.' - - var_routes = '''{ - next-hop = { - dest_range = "192.168.128.0/24" - tags = null - next_hop_type = "%s" - next_hop = "%s" - } - gateway = { - dest_range = "0.0.0.0/0", - priority = 100 - tags = ["tag-a"] - next_hop_type = "gateway", - next_hop = "global/gateways/default-internet-gateway" - } - }''' % (next_hop_type, next_hop) - summary = plan_summary('modules/net-vpc', tf_var_files=['common.tfvars'], - routes=var_routes) - assert len(summary.values) == 3 - route = summary.values[f'google_compute_route.{next_hop_type}["next-hop"]'] - assert route[f'next_hop_{next_hop_type}'] == next_hop diff --git a/tests/modules/net_vpc/tftest.yaml b/tests/modules/net_vpc/tftest.yaml index b2b09798..5e9668ea 100644 --- a/tests/modules/net_vpc/tftest.yaml +++ b/tests/modules/net_vpc/tftest.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,12 +17,7 @@ common_tfvars: - common.tfvars tests: - simple: - subnets: - peering: shared_vpc: - factory: - psa_simple: psa_routes_export: psa_routes_import: psa_routes_import_export: diff --git a/tests/modules/organization/examples/basic.yaml b/tests/modules/organization/examples/basic.yaml index 2ba70f40..f7b63a1d 100644 --- a/tests/modules/organization/examples/basic.yaml +++ b/tests/modules/organization/examples/basic.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/tests/requirements.txt b/tests/requirements.txt index a6f82d75..1e0921c1 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,6 +1,6 @@ -pytest>=6.2.5 +pytest>=7.2.1 PyYAML>=6.0 tftest>=1.8.1 -marko>=1.2.0 -deepdiff>=5.7.0 -python-hcl2>=3.0.5 +marko>=1.2.2 +deepdiff>=6.2.3 +python-hcl2>=4.3.0 diff --git a/tools/plan_summary.py b/tools/plan_summary.py index def79adb..78c5f939 100755 --- a/tools/plan_summary.py +++ b/tools/plan_summary.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ import click import sys +import tempfile import yaml from pathlib import Path @@ -27,17 +28,32 @@ import fixtures @click.command() +@click.option('--example', default=False, is_flag=True) @click.argument('module', type=click.Path(), nargs=1) @click.argument('tfvars', type=click.Path(exists=True), nargs=-1) -def main(module, tfvars): - module = BASEDIR / module - summary = fixtures.plan_summary(module, Path(), tfvars) - print(yaml.dump({'values': summary.values})) - print(yaml.dump({'counts': summary.counts})) - outputs = { - k: v.get('value', '__missing__') for k, v in summary.outputs.items() - } - print(yaml.dump({'outputs': outputs})) +def main(example, module, tfvars): + try: + if example: + tmp_dir = tempfile.TemporaryDirectory() + tmp_path = Path(tmp_dir.name) + common_vars = BASEDIR / 'tests' / 'examples' / 'variables.tf' + (tmp_path / 'main.tf').symlink_to(module) + (tmp_path / 'variables.tf').symlink_to(common_vars) + (tmp_path / 'fabric').symlink_to(BASEDIR) + module = tmp_path + else: + module = BASEDIR / module + + summary = fixtures.plan_summary(module, Path(), tfvars) + print(yaml.dump({'values': summary.values})) + print(yaml.dump({'counts': summary.counts})) + outputs = { + k: v.get('value', '__missing__') for k, v in summary.outputs.items() + } + print(yaml.dump({'outputs': outputs})) + finally: + if example: + tmp_dir.cleanup() if __name__ == '__main__':