Merge pull request #1101 from GoogleCloudPlatform/jccb/test-updates
First batch of testing updates to core modules
This commit is contained in:
commit
fef45ed460
|
@ -754,7 +754,7 @@ def test_name(plan_summary, tfvars_to_yaml, tmp_path):
|
|||
assert s.values[address]['project'] == 'my-project'
|
||||
```
|
||||
|
||||
For more examples on how to write python tests, the tests for [`organization`](./tests/modules/organization/test_plan_org_policies.py) and [`net-vpc`](./tests/modules/net_vpc/test_routes.py) modules.
|
||||
For more examples on how to write python tests, check the tests for the [`organization`](./tests/modules/organization/test_plan_org_policies.py) module.
|
||||
|
||||
#### Testing documentation examples
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Api Gateway
|
||||
# API Gateway
|
||||
This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources.
|
||||
|
||||
# Examples
|
||||
|
@ -15,46 +15,46 @@ module "gateway" {
|
|||
# ...
|
||||
EOT
|
||||
}
|
||||
# tftest modules=1 resources=4
|
||||
# tftest modules=1 resources=4 inventory=basic.yaml
|
||||
```
|
||||
|
||||
## Basic example + customer service account
|
||||
## Use existing service account
|
||||
```hcl
|
||||
module "gateway" {
|
||||
source = "./fabric/modules/api-gateway"
|
||||
project_id = "my-project"
|
||||
api_id = "api"
|
||||
region = "europe-west1"
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
service_account_email = "sa@my-project.iam.gserviceaccount.com"
|
||||
iam = {
|
||||
"roles/apigateway.admin" = ["user:user@example.com"]
|
||||
}
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
}
|
||||
# tftest modules=1 resources=7
|
||||
# tftest modules=1 resources=7 inventory=existing-sa.yaml
|
||||
```
|
||||
|
||||
## Basic example + service account creation
|
||||
## Create service account
|
||||
```hcl
|
||||
module "gateway" {
|
||||
source = "./fabric/modules/api-gateway"
|
||||
project_id = "my-project"
|
||||
api_id = "api"
|
||||
region = "europe-west1"
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
service_account_create = true
|
||||
iam = {
|
||||
"roles/apigateway.admin" = ["user:mirene@google.com"]
|
||||
"roles/apigateway.viewer" = ["user:mirene@google.com"]
|
||||
}
|
||||
spec = <<EOT
|
||||
# The OpenAPI spec contents
|
||||
# ...
|
||||
EOT
|
||||
}
|
||||
# tftest modules=1 resources=11
|
||||
# tftest modules=1 resources=11 inventory=create-sa.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ module "private-dns" {
|
|||
"A myhost" = { ttl = 600, records = ["10.0.0.120"] }
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=3
|
||||
# tftest modules=1 resources=3 inventory=private-zone.yaml
|
||||
```
|
||||
|
||||
### Forwarding Zone
|
||||
|
@ -36,7 +36,7 @@ module "private-dns" {
|
|||
client_networks = [var.vpc.self_link]
|
||||
forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" }
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=forwarding-zone.yaml
|
||||
```
|
||||
|
||||
### Peering Zone
|
||||
|
@ -47,11 +47,12 @@ module "private-dns" {
|
|||
project_id = "myproject"
|
||||
type = "peering"
|
||||
name = "test-example"
|
||||
domain = "test.example."
|
||||
domain = "."
|
||||
description = "Forwarding zone for ."
|
||||
client_networks = [var.vpc.self_link]
|
||||
peer_network = var.vpc2.self_link
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=peering-zone.yaml
|
||||
```
|
||||
|
||||
### Routing Policies
|
||||
|
@ -84,7 +85,7 @@ module "private-dns" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=4
|
||||
# tftest modules=1 resources=4 inventory=routing-policies.yaml
|
||||
```
|
||||
|
||||
### Reverse Lookup Zone
|
||||
|
@ -98,7 +99,23 @@ module "private-dns" {
|
|||
domain = "0.0.10.in-addr.arpa."
|
||||
client_networks = [var.vpc.self_link]
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=reverse-zone.yaml
|
||||
```
|
||||
|
||||
### Public Zone
|
||||
|
||||
```hcl
|
||||
module "public-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "public"
|
||||
name = "example"
|
||||
domain = "example.com."
|
||||
recordsets = {
|
||||
"A myhost" = { ttl = 300, records = ["127.0.0.1"] }
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=3 inventory=public-zone.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
* Copyright 2023 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
|
@ -8,50 +8,46 @@ module "bucket" {
|
|||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
versioning = true
|
||||
iam = {
|
||||
"roles/storage.admin" = ["group:storage@example.com"]
|
||||
}
|
||||
labels = {
|
||||
cost-center = "devops"
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2
|
||||
# tftest modules=1 resources=2 inventory=simple.yaml
|
||||
```
|
||||
|
||||
### Example with Cloud KMS
|
||||
|
||||
```hcl
|
||||
module "bucket" {
|
||||
source = "./fabric/modules/gcs"
|
||||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
iam = {
|
||||
"roles/storage.admin" = ["group:storage@example.com"]
|
||||
}
|
||||
source = "./fabric/modules/gcs"
|
||||
project_id = "myproject"
|
||||
name = "my-bucket"
|
||||
encryption_key = "my-encryption-key"
|
||||
}
|
||||
# tftest modules=1 resources=2
|
||||
# tftest modules=1 resources=1 inventory=cmek.yaml
|
||||
```
|
||||
|
||||
### Example with retention policy
|
||||
### Example with retention policy and logging
|
||||
|
||||
```hcl
|
||||
module "bucket" {
|
||||
source = "./fabric/modules/gcs"
|
||||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
iam = {
|
||||
"roles/storage.admin" = ["group:storage@example.com"]
|
||||
}
|
||||
retention_policy = {
|
||||
retention_period = 100
|
||||
is_locked = true
|
||||
}
|
||||
logging_config = {
|
||||
log_bucket = var.bucket
|
||||
log_bucket = "log-bucket"
|
||||
log_object_prefix = null
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2
|
||||
# tftest modules=1 resources=1 inventory=retention-logging.yaml
|
||||
```
|
||||
|
||||
### Example with lifecycle rule
|
||||
|
@ -60,11 +56,7 @@ module "bucket" {
|
|||
module "bucket" {
|
||||
source = "./fabric/modules/gcs"
|
||||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
iam = {
|
||||
"roles/storage.admin" = ["group:storage@example.com"]
|
||||
}
|
||||
lifecycle_rules = {
|
||||
lr-0 = {
|
||||
action = {
|
||||
|
@ -77,7 +69,7 @@ module "bucket" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2
|
||||
# tftest modules=1 resources=1 inventory=lifecycle.yaml
|
||||
```
|
||||
|
||||
### Minimal example with GCS notifications
|
||||
|
@ -86,7 +78,6 @@ module "bucket" {
|
|||
module "bucket-gcs-notification" {
|
||||
source = "./fabric/modules/gcs"
|
||||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
notification_config = {
|
||||
enabled = true
|
||||
|
@ -97,7 +88,7 @@ module "bucket-gcs-notification" {
|
|||
custom_attributes = {}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=4
|
||||
# tftest modules=1 resources=4 inventory=notification.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ module "cluster-1" {
|
|||
environment = "dev"
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=basic.yaml
|
||||
```
|
||||
|
||||
### GKE Cluster with Dataplane V2 enabled
|
||||
|
@ -42,7 +42,7 @@ module "cluster-1" {
|
|||
module "cluster-1" {
|
||||
source = "./fabric/modules/gke-cluster"
|
||||
project_id = "myproject"
|
||||
name = "cluster-1"
|
||||
name = "cluster-dataplane-v2"
|
||||
location = "europe-west1-b"
|
||||
vpc_config = {
|
||||
network = var.vpc.self_link
|
||||
|
@ -68,8 +68,36 @@ module "cluster-1" {
|
|||
environment = "dev"
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=dataplane-v2.yaml
|
||||
```
|
||||
### Autopilot Cluster
|
||||
|
||||
```hcl
|
||||
module "cluster-autopilot" {
|
||||
source = "./fabric/modules/gke-cluster"
|
||||
project_id = "myproject"
|
||||
name = "cluster-autopilot"
|
||||
location = "europe-west1-b"
|
||||
vpc_config = {
|
||||
network = var.vpc.self_link
|
||||
subnetwork = var.subnet.self_link
|
||||
secondary_range_names = {
|
||||
pods = "pods"
|
||||
services = "services"
|
||||
}
|
||||
master_authorized_ranges = {
|
||||
internal-vms = "10.0.0.0/8"
|
||||
}
|
||||
master_ipv4_cidr_block = "192.168.0.0/28"
|
||||
}
|
||||
enable_features = {
|
||||
autopilot = true
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1 inventory=autopilot.yaml
|
||||
```
|
||||
|
||||
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
|
|
@ -16,7 +16,7 @@ module "cluster-1-nodepool-1" {
|
|||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=basic.yaml
|
||||
```
|
||||
|
||||
### Internally managed service account
|
||||
|
@ -27,22 +27,11 @@ If you create a new service account, its resource and email (in both plain and I
|
|||
|
||||
#### GCE default service account
|
||||
|
||||
To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`.
|
||||
|
||||
```hcl
|
||||
module "cluster-1-nodepool-1" {
|
||||
source = "./fabric/modules/gke-nodepool"
|
||||
project_id = "myproject"
|
||||
cluster_name = "cluster-1"
|
||||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
```
|
||||
To use the GCE default service account, you can ignore the variable which is equivalent to `{ create = null, email = null }`. This is what the first example of this document does.
|
||||
|
||||
#### Externally defined service account
|
||||
|
||||
To use an existing service account, pass in just the `email` attribute.
|
||||
To use an existing service account, pass in just the `email` attribute. If you do this, will most likely want to use the `cloud-platform` scope.
|
||||
|
||||
```hcl
|
||||
module "cluster-1-nodepool-1" {
|
||||
|
@ -52,10 +41,11 @@ module "cluster-1-nodepool-1" {
|
|||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
service_account = {
|
||||
email = "foo-bar@myproject.iam.gserviceaccount.com"
|
||||
email = "foo-bar@myproject.iam.gserviceaccount.com"
|
||||
oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1
|
||||
# tftest modules=1 resources=1 inventory=external-sa.yaml
|
||||
```
|
||||
|
||||
#### Auto-created service account
|
||||
|
@ -70,12 +60,48 @@ module "cluster-1-nodepool-1" {
|
|||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
service_account = {
|
||||
create = true
|
||||
# optional
|
||||
email = "spam-eggs"
|
||||
create = true
|
||||
email = "spam-eggs" # optional
|
||||
oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2
|
||||
# tftest modules=1 resources=2 inventory=create-sa.yaml
|
||||
```
|
||||
### Node & node pool configuration
|
||||
|
||||
```hcl
|
||||
module "cluster-1-nodepool-1" {
|
||||
source = "./fabric/modules/gke-nodepool"
|
||||
project_id = "myproject"
|
||||
cluster_name = "cluster-1"
|
||||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
labels = { environment = "dev" }
|
||||
service_account = {
|
||||
create = true
|
||||
email = "nodepool-1" # optional
|
||||
oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
|
||||
}
|
||||
node_config = {
|
||||
machine_type = "n2-standard-2"
|
||||
disk_size_gb = 50
|
||||
disk_type = "pd-ssd"
|
||||
ephemeral_ssd_count = 1
|
||||
gvnic = true
|
||||
spot = true
|
||||
}
|
||||
nodepool_config = {
|
||||
autoscaling = {
|
||||
max_node_count = 10
|
||||
min_node_count = 1
|
||||
}
|
||||
management = {
|
||||
auto_repair = true
|
||||
auto_upgrade = false
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=config.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
@ -97,7 +123,7 @@ module "cluster-1-nodepool-1" {
|
|||
| [nodepool_config](variables.tf#L115) | Nodepool-level configuration. | <code title="object({ autoscaling = optional(object({ location_policy = optional(string) max_node_count = optional(number) min_node_count = optional(number) use_total_nodes = optional(bool, false) })) management = optional(object({ auto_repair = optional(bool) auto_upgrade = optional(bool) })) upgrade_settings = optional(object({ max_surge = number max_unavailable = number })) })">object({…})</code> | | <code>null</code> |
|
||||
| [pod_range](variables.tf#L137) | Pod secondary range configuration. | <code title="object({ secondary_pod_range = object({ cidr = optional(string) create = optional(bool) name = string }) })">object({…})</code> | | <code>null</code> |
|
||||
| [reservation_affinity](variables.tf#L154) | Configuration of the desired reservation which instances could take capacity from. | <code title="object({ consume_reservation_type = string key = optional(string) values = optional(list(string)) })">object({…})</code> | | <code>null</code> |
|
||||
| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | <code title="object({ create = optional(bool, false) email = optional(string, null) oauth_scopes = optional(list(string), null) })">object({…})</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L164) | Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used. | <code title="object({ create = optional(bool, false) email = optional(string) oauth_scopes = optional(list(string)) })">object({…})</code> | | <code>{}</code> |
|
||||
| [sole_tenant_nodegroup](variables.tf#L175) | Sole tenant node group. | <code>string</code> | | <code>null</code> |
|
||||
| [tags](variables.tf#L181) | Network tags applied to nodes. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [taints](variables.tf#L187) | Kubernetes taints applied to all nodes. | <code title="list(object({ key = string value = string effect = string }))">list(object({…}))</code> | | <code>null</code> |
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
* Copyright 2023 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -165,8 +165,8 @@ variable "service_account" {
|
|||
description = "Nodepool service account. If this variable is set to null, the default GCE service account will be used. If set and email is null, a service account will be created. If scopes are null a default will be used."
|
||||
type = object({
|
||||
create = optional(bool, false)
|
||||
email = optional(string, null)
|
||||
oauth_scopes = optional(list(string), null)
|
||||
email = optional(string)
|
||||
oauth_scopes = optional(list(string))
|
||||
})
|
||||
default = {}
|
||||
nullable = false
|
||||
|
|
|
@ -30,7 +30,88 @@ module "vpc" {
|
|||
}
|
||||
]
|
||||
}
|
||||
# tftest modules=1 resources=3
|
||||
# tftest modules=1 resources=3 inventory=simple.yaml
|
||||
```
|
||||
|
||||
### Subnet Options
|
||||
```hcl
|
||||
module "vpc" {
|
||||
source = "./fabric/modules/net-vpc"
|
||||
project_id = "my-project"
|
||||
name = "my-network"
|
||||
subnets = [
|
||||
# simple subnet
|
||||
{
|
||||
name = "simple"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.0.0/24"
|
||||
},
|
||||
# custom description and PGA disabled
|
||||
{
|
||||
name = "no-pga"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.1.0/24",
|
||||
description = "Subnet b"
|
||||
enable_private_access = false
|
||||
},
|
||||
# secondary ranges
|
||||
{
|
||||
name = "with-secondary-ranges"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.2.0/24"
|
||||
secondary_ip_ranges = {
|
||||
a = "192.168.0.0/24"
|
||||
b = "192.168.1.0/24"
|
||||
}
|
||||
},
|
||||
# enable flow logs
|
||||
{
|
||||
name = "with-flow-logs"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.3.0/24"
|
||||
flow_logs_config = {
|
||||
flow_sampling = 0.5
|
||||
aggregation_interval = "INTERVAL_10_MIN"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
# tftest modules=1 resources=5 inventory=subnet-options.yaml
|
||||
```
|
||||
|
||||
### Subnet IAM
|
||||
|
||||
```hcl
|
||||
module "vpc" {
|
||||
source = "./fabric/modules/net-vpc"
|
||||
project_id = "my-project"
|
||||
name = "my-network"
|
||||
subnets = [
|
||||
{
|
||||
name = "subnet-1"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.1.0/24"
|
||||
},
|
||||
{
|
||||
name = "subnet-2"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.1.0/24"
|
||||
}
|
||||
]
|
||||
subnet_iam = {
|
||||
"europe-west1/subnet-1" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:user1@example.com", "group:group1@example.com"
|
||||
]
|
||||
}
|
||||
"europe-west1/subnet-2" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:user2@example.com", "group:group2@example.com"
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=5 inventory=subnet-iam.yaml
|
||||
```
|
||||
|
||||
### Peering
|
||||
|
@ -65,7 +146,7 @@ module "vpc-spoke-1" {
|
|||
import_routes = true
|
||||
}
|
||||
}
|
||||
# tftest modules=2 resources=6
|
||||
# tftest modules=2 resources=6 inventory=peering.yaml
|
||||
```
|
||||
|
||||
### Shared VPC
|
||||
|
@ -116,7 +197,7 @@ module "vpc-host" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=7
|
||||
# tftest modules=1 resources=7 inventory=shared-vpc.yaml
|
||||
```
|
||||
|
||||
### Private Service Networking
|
||||
|
@ -137,7 +218,7 @@ module "vpc" {
|
|||
ranges = { myrange = "10.0.1.0/24" }
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=5
|
||||
# tftest modules=1 resources=5 inventory=psc.yaml
|
||||
```
|
||||
|
||||
### Private Service Networking with peering routes
|
||||
|
@ -162,7 +243,7 @@ module "vpc" {
|
|||
import_routes = true
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=5
|
||||
# tftest modules=1 resources=5 inventory=psc-routes.yaml
|
||||
```
|
||||
|
||||
### Subnets for Private Service Connect, Proxy-only subnets
|
||||
|
@ -194,7 +275,7 @@ module "vpc" {
|
|||
}
|
||||
]
|
||||
}
|
||||
# tftest modules=1 resources=3
|
||||
# tftest modules=1 resources=3 inventory=proxy-only-subnets.yaml
|
||||
```
|
||||
|
||||
### DNS Policies
|
||||
|
@ -219,7 +300,7 @@ module "vpc" {
|
|||
}
|
||||
]
|
||||
}
|
||||
# tftest modules=1 resources=3
|
||||
# tftest modules=1 resources=3 inventory=dns-policies.yaml
|
||||
```
|
||||
|
||||
### Subnet Factory
|
||||
|
@ -233,11 +314,17 @@ module "vpc" {
|
|||
name = "my-network"
|
||||
data_folder = "config/subnets"
|
||||
}
|
||||
# tftest modules=1 resources=2 files=subnets
|
||||
# tftest modules=1 resources=3 files=subnet-simple,subnet-detailed inventory=factory.yaml
|
||||
```
|
||||
|
||||
```yaml
|
||||
# tftest-file id=subnets path=config/subnets/subnet-name.yaml
|
||||
# tftest-file id=subnet-simple path=config/subnets/subnet-simple.yaml
|
||||
region: europe-west4
|
||||
ip_cidr_range: 10.0.1.0/24
|
||||
```
|
||||
|
||||
```yaml
|
||||
# tftest-file id=subnet-detailed path=config/subnets/subnet-detailed.yaml
|
||||
region: europe-west1
|
||||
description: Sample description
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
|
@ -254,7 +341,45 @@ flow_logs: # enable, set to empty map to use defaults
|
|||
metadata: "INCLUDE_ALL_METADATA"
|
||||
filter_expression: null
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
### Custom Routes
|
||||
|
||||
VPC routes can be configured through the `routes` variable.
|
||||
|
||||
```hcl
|
||||
locals {
|
||||
route_types = {
|
||||
gateway = "global/gateways/default-internet-gateway"
|
||||
instance = "zones/europe-west1-b/test"
|
||||
ip = "192.168.0.128"
|
||||
ilb = "regions/europe-west1/forwardingRules/test"
|
||||
vpn_tunnel = "regions/europe-west1/vpnTunnels/foo"
|
||||
}
|
||||
}
|
||||
module "vpc" {
|
||||
source = "./fabric/modules/net-vpc"
|
||||
for_each = local.route_types
|
||||
project_id = "my-project"
|
||||
name = "my-network-with-route-${replace(each.key, "_", "-")}"
|
||||
routes = {
|
||||
next-hop = {
|
||||
dest_range = "192.168.128.0/24"
|
||||
tags = null
|
||||
next_hop_type = each.key
|
||||
next_hop = each.value
|
||||
}
|
||||
gateway = {
|
||||
dest_range = "0.0.0.0/0",
|
||||
priority = 100
|
||||
tags = ["tag-a"]
|
||||
next_hop_type = "gateway",
|
||||
next_hop = "global/gateways/default-internet-gateway"
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=5 resources=15 inventory=routes.yaml
|
||||
```
|
||||
|
||||
|
||||
## Variables
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
* Copyright 2023 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -109,7 +109,7 @@ resource "google_dns_policy" "default" {
|
|||
)
|
||||
iterator = ns
|
||||
content {
|
||||
ipv4_address = ns.key
|
||||
ipv4_address = ns.value
|
||||
forwarding_path = "private"
|
||||
}
|
||||
}
|
||||
|
@ -121,7 +121,7 @@ resource "google_dns_policy" "default" {
|
|||
)
|
||||
iterator = ns
|
||||
content {
|
||||
ipv4_address = ns.key
|
||||
ipv4_address = ns.value
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -21,7 +21,7 @@ import marko
|
|||
|
||||
FABRIC_ROOT = Path(__file__).parents[2]
|
||||
|
||||
FILE_TEST_RE = re.compile(r'# tftest-file +id=(\w+) +path=([\S]+)')
|
||||
FILE_TEST_RE = re.compile(r'# tftest-file +id=([\w_.-]+) +path=([\S]+)')
|
||||
|
||||
Example = collections.namedtuple('Example', 'name code module files')
|
||||
File = collections.namedtuple('File', 'path content')
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -18,7 +18,7 @@ from pathlib import Path
|
|||
|
||||
BASE_PATH = Path(__file__).parent
|
||||
COUNT_TEST_RE = re.compile(r'# tftest +modules=(\d+) +resources=(\d+)' +
|
||||
r'(?: +files=([\w,-.]+))?' +
|
||||
r'(?: +files=([\w,_-]+))?' +
|
||||
r'(?: +inventory=([\w\-.]+))?')
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.gateway.google_api_gateway_api.api:
|
||||
api_id: api
|
||||
display_name: api
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_api_config.api_config:
|
||||
api: api
|
||||
gateway_config: []
|
||||
grpc_services: []
|
||||
labels: null
|
||||
managed_service_configs: []
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_gateway.gateway:
|
||||
display_name: gw-api
|
||||
gateway_id: gw-api
|
||||
labels: null
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
module.gateway.google_project_service.service:
|
||||
disable_dependent_services: true
|
||||
disable_on_destroy: true
|
||||
project: my-project
|
||||
|
||||
counts:
|
||||
google_api_gateway_api: 1
|
||||
google_api_gateway_api_config: 1
|
||||
google_api_gateway_gateway: 1
|
||||
google_project_service: 1
|
|
@ -0,0 +1,90 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.gateway.google_api_gateway_api.api:
|
||||
api_id: api
|
||||
display_name: api
|
||||
labels: null
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_api_config.api_config:
|
||||
api: api
|
||||
grpc_services: []
|
||||
labels: null
|
||||
managed_service_configs: []
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
|
||||
api: api
|
||||
condition: []
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.viewer"]:
|
||||
api: api
|
||||
condition: []
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
role: roles/apigateway.viewer
|
||||
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
|
||||
api: api
|
||||
condition: []
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.viewer"]:
|
||||
api: api
|
||||
condition: []
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
role: roles/apigateway.viewer
|
||||
module.gateway.google_api_gateway_gateway.gateway:
|
||||
display_name: gw-api
|
||||
gateway_id: gw-api
|
||||
labels: null
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
|
||||
condition: []
|
||||
gateway: gw-api
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.viewer"]:
|
||||
condition: []
|
||||
gateway: gw-api
|
||||
members:
|
||||
- user:mirene@google.com
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/apigateway.viewer
|
||||
module.gateway.google_project_service.service: {}
|
||||
module.gateway.google_service_account.service_account[0]:
|
||||
account_id: sa-api-cfg-api
|
||||
project: my-project
|
||||
|
||||
counts:
|
||||
google_api_gateway_api: 1
|
||||
google_api_gateway_api_config: 1
|
||||
google_api_gateway_api_config_iam_binding: 2
|
||||
google_api_gateway_api_iam_binding: 2
|
||||
google_api_gateway_gateway: 1
|
||||
google_api_gateway_gateway_iam_binding: 2
|
||||
google_project_service: 1
|
||||
google_service_account: 1
|
|
@ -0,0 +1,71 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.gateway.google_api_gateway_api.api:
|
||||
api_id: api
|
||||
display_name: api
|
||||
labels: null
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_api_config.api_config:
|
||||
api: api
|
||||
gateway_config:
|
||||
- backend_config:
|
||||
- google_service_account: sa@my-project.iam.gserviceaccount.com
|
||||
grpc_services: []
|
||||
labels: null
|
||||
managed_service_configs: []
|
||||
project: my-project
|
||||
module.gateway.google_api_gateway_api_config_iam_binding.api_config_iam_bindings["roles/apigateway.admin"]:
|
||||
api: api
|
||||
api_config: api-cfg-api-8656c6040d6d9ba18a8b9b5f3955c223
|
||||
condition: []
|
||||
members:
|
||||
- user:user@example.com
|
||||
project: my-project
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_api_gateway_api_iam_binding.api_iam_bindings["roles/apigateway.admin"]:
|
||||
api: api
|
||||
condition: []
|
||||
members:
|
||||
- user:user@example.com
|
||||
project: my-project
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_api_gateway_gateway.gateway:
|
||||
display_name: gw-api
|
||||
gateway_id: gw-api
|
||||
labels: null
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
module.gateway.google_api_gateway_gateway_iam_binding.gateway_iam_bindings["roles/apigateway.admin"]:
|
||||
condition: []
|
||||
gateway: gw-api
|
||||
members:
|
||||
- user:user@example.com
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/apigateway.admin
|
||||
module.gateway.google_project_service.service:
|
||||
disable_dependent_services: true
|
||||
disable_on_destroy: true
|
||||
project: my-project
|
||||
|
||||
counts:
|
||||
google_api_gateway_api: 1
|
||||
google_api_gateway_api_config: 1
|
||||
google_api_gateway_api_config_iam_binding: 1
|
||||
google_api_gateway_api_iam_binding: 1
|
||||
google_api_gateway_gateway: 1
|
||||
google_api_gateway_gateway_iam_binding: 1
|
||||
google_project_service: 1
|
|
@ -1,26 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "gateway" {
|
||||
source = "../../../../modules/api-gateway"
|
||||
api_id = var.api_id
|
||||
project_id = var.project_id
|
||||
labels = var.labels
|
||||
iam = var.iam
|
||||
region = var.region
|
||||
spec = var.spec
|
||||
service_account_create = true
|
||||
}
|
|
@ -1,55 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "api_id" {
|
||||
type = string
|
||||
default = "my-api"
|
||||
}
|
||||
|
||||
variable "iam" {
|
||||
type = map(list(string))
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
type = map(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
type = string
|
||||
default = "my-project"
|
||||
}
|
||||
|
||||
variable "region" {
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "service_account_create" {
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "service_account_email" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "spec" {
|
||||
type = string
|
||||
default = "Spec contents"
|
||||
}
|
|
@ -0,0 +1,34 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
dns_name: test.example.
|
||||
forwarding_config:
|
||||
- target_name_servers:
|
||||
- forwarding_path: ''
|
||||
ipv4_address: 10.0.1.1
|
||||
- forwarding_path: private
|
||||
ipv4_address: 1.2.3.4
|
||||
name: test-example
|
||||
private_visibility_config:
|
||||
- gke_clusters: []
|
||||
networks:
|
||||
- network_url: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
visibility: private
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -13,24 +13,22 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_compute_network.network[0]:
|
||||
auto_create_subnetworks: false
|
||||
delete_default_routes_on_create: false
|
||||
description: Terraform-managed.
|
||||
name: test
|
||||
project: test-project
|
||||
routing_mode: GLOBAL
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
description: Forwarding zone for .
|
||||
dns_name: .
|
||||
forwarding_config: []
|
||||
name: test-example
|
||||
peering_config:
|
||||
- target_network:
|
||||
- network_url: projects/xxx/global/networks/ccc
|
||||
private_visibility_config:
|
||||
- gke_clusters: []
|
||||
networks:
|
||||
- network_url: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
visibility: private
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_dns_managed_zone: 1
|
||||
|
||||
outputs:
|
||||
bindings: {}
|
||||
project_id: test-project
|
||||
subnet_ips: {}
|
||||
subnet_regions: {}
|
||||
subnet_secondary_ranges: {}
|
||||
subnet_self_links: {}
|
||||
subnets: {}
|
||||
subnets_proxy_only: {}
|
||||
subnets_psc: {}
|
||||
outputs: {}
|
|
@ -0,0 +1,50 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
description: Terraform managed.
|
||||
dns_name: test.example.
|
||||
force_destroy: false
|
||||
forwarding_config: []
|
||||
name: test-example
|
||||
peering_config: []
|
||||
private_visibility_config:
|
||||
- gke_clusters: []
|
||||
networks:
|
||||
- network_url: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
visibility: private
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A localhost"]:
|
||||
managed_zone: test-example
|
||||
name: localhost.test.example.
|
||||
project: myproject
|
||||
routing_policy: []
|
||||
rrdatas:
|
||||
- 127.0.0.1
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A myhost"]:
|
||||
managed_zone: test-example
|
||||
name: myhost.test.example.
|
||||
project: myproject
|
||||
routing_policy: []
|
||||
rrdatas:
|
||||
- 10.0.0.120
|
||||
ttl: 600
|
||||
type: A
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
||||
google_dns_record_set: 2
|
|
@ -0,0 +1,38 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.public-dns.google_dns_managed_zone.public[0]:
|
||||
dns_name: example.com.
|
||||
name: example
|
||||
project: myproject
|
||||
visibility: public
|
||||
module.public-dns.google_dns_record_set.cloud-static-records["A myhost"]:
|
||||
managed_zone: example
|
||||
name: myhost.example.com.
|
||||
project: myproject
|
||||
routing_policy: []
|
||||
rrdatas:
|
||||
- 127.0.0.1
|
||||
ttl: 300
|
||||
type: A
|
||||
|
||||
counts:
|
||||
google_dns_keys: 1
|
||||
google_dns_managed_zone: 1
|
||||
google_dns_record_set: 1
|
||||
modules: 1
|
||||
resources: 3
|
||||
|
||||
outputs: {}
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -12,12 +12,16 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
region: europe-west1
|
||||
description: Sample description
|
||||
ip_cidr_range: 10.128.0.0/24
|
||||
enable_private_access: false
|
||||
iam_users: ["foobar@example.com"]
|
||||
iam_groups: ["lorem@example.com"]
|
||||
iam_service_accounts: ["foobar@project-id.iam.gserviceaccount.com"]
|
||||
secondary_ip_ranges:
|
||||
secondary-range-a: 192.168.128.0/24
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
description: Terraform managed.
|
||||
dns_name: 0.0.10.in-addr.arpa.
|
||||
name: test-example
|
||||
project: myproject
|
||||
reverse_lookup: true
|
||||
visibility: private
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
||||
|
||||
outputs: {}
|
|
@ -0,0 +1,80 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
dns_name: test.example.
|
||||
name: test-example
|
||||
project: myproject
|
||||
module.private-dns.google_dns_record_set.cloud-geo-records["A geo"]:
|
||||
managed_zone: test-example
|
||||
name: geo.test.example.
|
||||
project: myproject
|
||||
routing_policy:
|
||||
- enable_geo_fencing: null
|
||||
geo:
|
||||
- health_checked_targets: []
|
||||
location: europe-west1
|
||||
rrdatas:
|
||||
- 10.0.0.1
|
||||
- health_checked_targets: []
|
||||
location: europe-west2
|
||||
rrdatas:
|
||||
- 10.0.0.2
|
||||
- health_checked_targets: []
|
||||
location: europe-west3
|
||||
rrdatas:
|
||||
- 10.0.0.3
|
||||
primary_backup: []
|
||||
wrr: []
|
||||
rrdatas: null
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A regular"]:
|
||||
managed_zone: test-example
|
||||
name: regular.test.example.
|
||||
project: myproject
|
||||
routing_policy: []
|
||||
rrdatas:
|
||||
- 10.20.0.1
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-wrr-records["A wrr"]:
|
||||
managed_zone: test-example
|
||||
name: wrr.test.example.
|
||||
project: myproject
|
||||
routing_policy:
|
||||
- enable_geo_fencing: null
|
||||
geo: []
|
||||
primary_backup: []
|
||||
wrr:
|
||||
- health_checked_targets: []
|
||||
rrdatas:
|
||||
- 10.10.0.1
|
||||
weight: 0.6
|
||||
- health_checked_targets: []
|
||||
rrdatas:
|
||||
- 10.10.0.2
|
||||
weight: 0.2
|
||||
- health_checked_targets: []
|
||||
rrdatas:
|
||||
- 10.10.0.3
|
||||
weight: 0.2
|
||||
rrdatas: null
|
||||
ttl: 600
|
||||
type: A
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
||||
google_dns_record_set: 3
|
|
@ -1,27 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "test" {
|
||||
source = "../../../../modules/dns"
|
||||
project_id = "my-project"
|
||||
name = "test"
|
||||
domain = "test.example."
|
||||
client_networks = var.client_networks
|
||||
type = var.type
|
||||
forwarders = var.forwarders
|
||||
peer_network = var.peer_network
|
||||
recordsets = var.recordsets
|
||||
}
|
|
@ -1,62 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "client_networks" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default"
|
||||
]
|
||||
}
|
||||
|
||||
variable "forwarders" {
|
||||
type = map(string)
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "peer_network" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "recordsets" {
|
||||
type = any
|
||||
default = {
|
||||
"A localhost" = { ttl = 300, records = ["127.0.0.1"] }
|
||||
"A local-host.test.example." = { ttl = 300, records = ["127.0.0.2"] }
|
||||
"CNAME *" = { ttl = 300, records = ["localhost.example.org."] }
|
||||
"A " = { ttl = 300, records = ["127.0.0.3"] }
|
||||
"A geo" = {
|
||||
geo_routing = [
|
||||
{ location = "europe-west1", records = ["127.0.0.4"] },
|
||||
{ location = "europe-west2", records = ["127.0.0.5"] },
|
||||
{ location = "europe-west3", records = ["127.0.0.6"] }
|
||||
]
|
||||
}
|
||||
"A wrr" = {
|
||||
ttl = 600
|
||||
wrr_routing = [
|
||||
{ weight = 0.6, records = ["127.0.0.7"] },
|
||||
{ weight = 0.2, records = ["127.0.0.8"] },
|
||||
{ weight = 0.2, records = ["127.0.0.9"] }
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
variable "type" {
|
||||
type = string
|
||||
default = "private"
|
||||
}
|
|
@ -0,0 +1,5 @@
|
|||
type = "private"
|
||||
domain = "test.example."
|
||||
name = "test"
|
||||
project_id = "my-project"
|
||||
client_networks = []
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -13,18 +13,13 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_storage_bucket.bucket:
|
||||
google_dns_managed_zone.non-public[0]:
|
||||
dns_name: test.example.
|
||||
name: test
|
||||
|
||||
google_storage_bucket_iam_binding.bindings["roles/storage.admin"]:
|
||||
bucket: test
|
||||
condition: []
|
||||
members:
|
||||
- user:a@example.org
|
||||
role: roles/storage.admin
|
||||
private_visibility_config: []
|
||||
visibility: private
|
||||
|
||||
counts:
|
||||
google_storage_bucket: 1
|
||||
google_storage_bucket_iam_binding: 1
|
||||
google_dns_managed_zone: 1
|
||||
modules: 0
|
||||
resources: 2
|
||||
resources: 1
|
|
@ -0,0 +1,4 @@
|
|||
type = "forwarding"
|
||||
domain = "test.example."
|
||||
name = "test"
|
||||
project_id = "my-project"
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -12,6 +12,9 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
region: europe-west4
|
||||
description: Sample description
|
||||
ip_cidr_range: 10.129.0.0/24
|
||||
values:
|
||||
google_dns_managed_zone.non-public[0]:
|
||||
forwarding_config: []
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
|
@ -1,138 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
def test_private(plan_runner):
|
||||
"Test private zone with three recordsets."
|
||||
_, resources = plan_runner()
|
||||
assert len(resources) == 7
|
||||
assert set(r['type'] for r in resources) == {
|
||||
'google_dns_record_set', 'google_dns_managed_zone'
|
||||
}
|
||||
for r in resources:
|
||||
if r['type'] != 'google_dns_managed_zone':
|
||||
continue
|
||||
assert r['values']['visibility'] == 'private'
|
||||
assert len(r['values']['private_visibility_config']) == 1
|
||||
|
||||
|
||||
def test_private_recordsets(plan_runner):
|
||||
"Test recordsets in private zone."
|
||||
_, resources = plan_runner()
|
||||
recordsets = [
|
||||
r['values'] for r in resources if r['type'] == 'google_dns_record_set'
|
||||
]
|
||||
|
||||
assert set(r['name'] for r in recordsets) == {
|
||||
'localhost.test.example.', 'local-host.test.example.', '*.test.example.',
|
||||
"test.example.", "geo.test.example.", "wrr.test.example."
|
||||
}
|
||||
|
||||
for r in recordsets:
|
||||
if r['name'] not in ['wrr.test.example.', 'geo.test.example.']:
|
||||
assert r['routing_policy'] == []
|
||||
assert r['rrdatas'] != []
|
||||
|
||||
|
||||
def test_routing_policies(plan_runner):
|
||||
"Test recordsets with routing policies."
|
||||
_, resources = plan_runner()
|
||||
recordsets = [
|
||||
r['values'] for r in resources if r['type'] == 'google_dns_record_set'
|
||||
]
|
||||
geo_zone = [
|
||||
r['values'] for r in resources if r['address'] ==
|
||||
'module.test.google_dns_record_set.cloud-geo-records["A geo"]'
|
||||
][0]
|
||||
assert geo_zone['name'] == 'geo.test.example.'
|
||||
assert geo_zone['routing_policy'][0]['wrr'] == []
|
||||
geo_policy = geo_zone['routing_policy'][0]['geo']
|
||||
assert geo_policy[0]['location'] == 'europe-west1'
|
||||
assert geo_policy[0]['rrdatas'] == ['127.0.0.4']
|
||||
assert geo_policy[1]['location'] == 'europe-west2'
|
||||
assert geo_policy[1]['rrdatas'] == ['127.0.0.5']
|
||||
assert geo_policy[2]['location'] == 'europe-west3'
|
||||
assert geo_policy[2]['rrdatas'] == ['127.0.0.6']
|
||||
|
||||
wrr_zone = [
|
||||
r['values'] for r in resources if r['address'] ==
|
||||
'module.test.google_dns_record_set.cloud-wrr-records["A wrr"]'
|
||||
][0]
|
||||
assert wrr_zone['name'] == 'wrr.test.example.'
|
||||
wrr_policy = wrr_zone['routing_policy'][0]['wrr']
|
||||
assert wrr_policy[0]['weight'] == 0.6
|
||||
assert wrr_policy[0]['rrdatas'] == ['127.0.0.7']
|
||||
assert wrr_policy[1]['weight'] == 0.2
|
||||
assert wrr_policy[1]['rrdatas'] == ['127.0.0.8']
|
||||
assert wrr_policy[2]['weight'] == 0.2
|
||||
assert wrr_policy[2]['rrdatas'] == ['127.0.0.9']
|
||||
assert wrr_zone['routing_policy'][0]['geo'] == []
|
||||
|
||||
|
||||
def test_private_no_networks(plan_runner):
|
||||
"Test private zone not exposed to any network."
|
||||
_, resources = plan_runner(client_networks='[]')
|
||||
for r in resources:
|
||||
if r['type'] != 'google_dns_managed_zone':
|
||||
continue
|
||||
assert r['values']['visibility'] == 'private'
|
||||
assert len(r['values']['private_visibility_config']) == 0
|
||||
|
||||
|
||||
def test_forwarding_recordsets_null_forwarders(plan_runner):
|
||||
"Test forwarding zone with wrong set of attributes does not break."
|
||||
_, resources = plan_runner(type='forwarding')
|
||||
assert len(resources) == 1
|
||||
resource = resources[0]
|
||||
assert resource['type'] == 'google_dns_managed_zone'
|
||||
assert resource['values']['forwarding_config'] == []
|
||||
|
||||
|
||||
def test_forwarding(plan_runner):
|
||||
"Test forwarding zone with single forwarder."
|
||||
_, resources = plan_runner(type='forwarding', recordsets='null',
|
||||
forwarders='{ "1.2.3.4" = null }')
|
||||
assert len(resources) == 1
|
||||
resource = resources[0]
|
||||
assert resource['type'] == 'google_dns_managed_zone'
|
||||
assert resource['values']['forwarding_config'] == [{
|
||||
'target_name_servers': [{
|
||||
'forwarding_path': '',
|
||||
'ipv4_address': '1.2.3.4'
|
||||
}]
|
||||
}]
|
||||
|
||||
|
||||
def test_peering(plan_runner):
|
||||
"Test peering zone."
|
||||
_, resources = plan_runner(type='peering', recordsets='null',
|
||||
peer_network='dummy-vpc-self-link')
|
||||
assert len(resources) == 1
|
||||
resource = resources[0]
|
||||
assert resource['type'] == 'google_dns_managed_zone'
|
||||
assert resource['values']['peering_config'] == [{
|
||||
'target_network': [{
|
||||
'network_url': 'dummy-vpc-self-link'
|
||||
}]
|
||||
}]
|
||||
|
||||
|
||||
def test_public(plan_runner):
|
||||
"Test public zone with two recordsets."
|
||||
_, resources = plan_runner(type='public')
|
||||
for r in resources:
|
||||
if r['type'] != 'google_dns_managed_zone':
|
||||
continue
|
||||
assert r['values']['visibility'] == 'public'
|
||||
assert r['values']['private_visibility_config'] == []
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -12,9 +12,8 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module: modules/gcs
|
||||
common_tfvars:
|
||||
- common.tfvars
|
||||
module: modules/dns
|
||||
|
||||
tests:
|
||||
prefix:
|
||||
iam:
|
||||
no_clients:
|
||||
null_forwarders:
|
|
@ -1,13 +0,0 @@
|
|||
force_destroy = true
|
||||
labels = { environment = "test" }
|
||||
logging_config = {
|
||||
log_bucket = "foo"
|
||||
}
|
||||
name = "test"
|
||||
project_id = "test-project"
|
||||
retention_policy = {
|
||||
retention_period = 5
|
||||
is_locked = false
|
||||
}
|
||||
storage_class = "MULTI_REGIONAL"
|
||||
versioning = true
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -12,8 +12,12 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bucket.google_storage_bucket.bucket:
|
||||
encryption:
|
||||
- default_kms_key_name: my-encryption-key
|
||||
name: my-bucket
|
||||
project: myproject
|
||||
|
||||
def test_resource_count(plan_runner):
|
||||
"Test number of resources created."
|
||||
_, resources = plan_runner()
|
||||
assert len(resources) == 5
|
||||
counts:
|
||||
google_storage_bucket: 1
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -13,32 +13,26 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_storage_bucket.bucket:
|
||||
force_destroy: true
|
||||
labels:
|
||||
environment: test
|
||||
location: EU
|
||||
logging:
|
||||
- log_bucket: foo
|
||||
name: foo-test
|
||||
project: test-project
|
||||
retention_policy:
|
||||
- is_locked: false
|
||||
retention_period: 5
|
||||
storage_class: MULTI_REGIONAL
|
||||
uniform_bucket_level_access: true
|
||||
versioning:
|
||||
- enabled: true
|
||||
module.bucket.google_storage_bucket.bucket:
|
||||
lifecycle_rule:
|
||||
- action:
|
||||
- storage_class: STANDARD
|
||||
type: SetStorageClass
|
||||
condition:
|
||||
- age: 30
|
||||
created_before: ''
|
||||
custom_time_before: ''
|
||||
days_since_custom_time: null
|
||||
days_since_noncurrent_time: null
|
||||
matches_prefix: []
|
||||
matches_storage_class: []
|
||||
matches_suffix: []
|
||||
noncurrent_time_before: ''
|
||||
num_newer_versions: null
|
||||
name: my-bucket
|
||||
project: myproject
|
||||
|
||||
counts:
|
||||
google_storage_bucket: 1
|
||||
modules: 0
|
||||
resources: 1
|
||||
|
||||
outputs:
|
||||
bucket: __missing__
|
||||
id: foo-test
|
||||
name: foo-test
|
||||
notification: null
|
||||
topic: null
|
||||
url: __missing__
|
||||
outputs: {}
|
|
@ -0,0 +1,31 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bucket-gcs-notification.google_pubsub_topic.topic[0]: {}
|
||||
module.bucket-gcs-notification.google_pubsub_topic_iam_binding.binding[0]: {}
|
||||
module.bucket-gcs-notification.google_storage_bucket.bucket:
|
||||
name: my-bucket
|
||||
project: myproject
|
||||
module.bucket-gcs-notification.google_storage_notification.notification[0]:
|
||||
bucket: my-bucket
|
||||
event_types:
|
||||
- OBJECT_FINALIZE
|
||||
payload_format: JSON_API_V1
|
||||
|
||||
counts:
|
||||
google_pubsub_topic: 1
|
||||
google_pubsub_topic_iam_binding: 1
|
||||
google_storage_bucket: 1
|
||||
google_storage_notification: 1
|
|
@ -0,0 +1,26 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bucket.google_storage_bucket.bucket:
|
||||
logging:
|
||||
- log_bucket: log-bucket
|
||||
name: my-bucket
|
||||
project: myproject
|
||||
retention_policy:
|
||||
- is_locked: true
|
||||
retention_period: 100
|
||||
|
||||
counts:
|
||||
google_storage_bucket: 1
|
|
@ -0,0 +1,46 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bucket.google_storage_bucket.bucket:
|
||||
autoclass: []
|
||||
cors: []
|
||||
custom_placement_config: []
|
||||
default_event_based_hold: null
|
||||
encryption: []
|
||||
force_destroy: false
|
||||
labels:
|
||||
cost-center: devops
|
||||
lifecycle_rule: []
|
||||
location: EU
|
||||
logging: []
|
||||
name: test-my-bucket
|
||||
project: myproject
|
||||
requester_pays: null
|
||||
retention_policy: []
|
||||
storage_class: MULTI_REGIONAL
|
||||
timeouts: null
|
||||
uniform_bucket_level_access: true
|
||||
versioning:
|
||||
- enabled: true
|
||||
module.bucket.google_storage_bucket_iam_binding.bindings["roles/storage.admin"]:
|
||||
bucket: test-my-bucket
|
||||
condition: []
|
||||
members:
|
||||
- group:storage@example.com
|
||||
role: roles/storage.admin
|
||||
|
||||
counts:
|
||||
google_storage_bucket: 1
|
||||
google_storage_bucket_iam_binding: 1
|
|
@ -1,3 +0,0 @@
|
|||
iam = {
|
||||
"roles/storage.admin" = ["user:a@example.org"]
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
prefix = "foo"
|
|
@ -0,0 +1,32 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-autopilot.google_container_cluster.cluster:
|
||||
enable_autopilot: true
|
||||
ip_allocation_policy:
|
||||
- cluster_secondary_range_name: pods
|
||||
services_secondary_range_name: services
|
||||
location: europe-west1-b
|
||||
master_authorized_networks_config:
|
||||
- cidr_blocks:
|
||||
- cidr_block: 10.0.0.0/8
|
||||
display_name: internal-vms
|
||||
name: cluster-autopilot
|
||||
network: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
subnetwork: subnet_self_link
|
||||
|
||||
counts:
|
||||
google_container_cluster: 1
|
|
@ -0,0 +1,42 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1.google_container_cluster.cluster:
|
||||
default_max_pods_per_node: 32
|
||||
ip_allocation_policy:
|
||||
- cluster_secondary_range_name: pods
|
||||
services_secondary_range_name: services
|
||||
location: europe-west1-b
|
||||
master_authorized_networks_config:
|
||||
- cidr_blocks:
|
||||
- cidr_block: 10.0.0.0/8
|
||||
display_name: internal-vms
|
||||
name: cluster-1
|
||||
network: projects/xxx/global/networks/aaa
|
||||
private_cluster_config:
|
||||
- enable_private_endpoint: true
|
||||
enable_private_nodes: true
|
||||
master_global_access_config:
|
||||
- enabled: false
|
||||
master_ipv4_cidr_block: 192.168.0.0/28
|
||||
private_endpoint_subnetwork: null
|
||||
project: myproject
|
||||
remove_default_node_pool: true
|
||||
resource_labels:
|
||||
environment: dev
|
||||
subnetwork: subnet_self_link
|
||||
|
||||
counts:
|
||||
google_container_cluster: 1
|
|
@ -0,0 +1,45 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1.google_container_cluster.cluster:
|
||||
datapath_provider: ADVANCED_DATAPATH
|
||||
ip_allocation_policy:
|
||||
- cluster_secondary_range_name: pods
|
||||
services_secondary_range_name: services
|
||||
location: europe-west1-b
|
||||
master_authorized_networks_config:
|
||||
- cidr_blocks:
|
||||
- cidr_block: 10.0.0.0/8
|
||||
display_name: internal-vms
|
||||
min_master_version: null
|
||||
name: cluster-dataplane-v2
|
||||
network: projects/xxx/global/networks/aaa
|
||||
private_cluster_config:
|
||||
- enable_private_endpoint: true
|
||||
enable_private_nodes: true
|
||||
master_global_access_config:
|
||||
- enabled: false
|
||||
master_ipv4_cidr_block: 192.168.0.0/28
|
||||
private_endpoint_subnetwork: null
|
||||
project: myproject
|
||||
remove_default_node_pool: true
|
||||
resource_labels:
|
||||
environment: dev
|
||||
subnetwork: subnet_self_link
|
||||
workload_identity_config:
|
||||
- workload_pool: myproject.svc.id.goog
|
||||
|
||||
counts:
|
||||
google_container_cluster: 1
|
|
@ -1,29 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "test" {
|
||||
source = "../../../../modules/gke-cluster"
|
||||
project_id = "my-project"
|
||||
name = "cluster-1"
|
||||
location = "europe-west1-b"
|
||||
vpc_config = {
|
||||
network = "mynetwork"
|
||||
subnetwork = "mysubnet"
|
||||
}
|
||||
enable_addons = var.enable_addons
|
||||
enable_features = var.enable_features
|
||||
tags = var.tags
|
||||
}
|
|
@ -1,43 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "enable_addons" {
|
||||
type = any
|
||||
default = {
|
||||
horizontal_pod_autoscaling = true
|
||||
http_load_balancing = true
|
||||
}
|
||||
}
|
||||
|
||||
variable "enable_features" {
|
||||
type = any
|
||||
default = {
|
||||
workload_identity = true
|
||||
}
|
||||
}
|
||||
|
||||
variable "monitoring_config" {
|
||||
type = any
|
||||
default = {
|
||||
managed_prometheus = true
|
||||
}
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
description = "Network tags applied to nodes."
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
|
@ -1,38 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
def test_standard(plan_runner):
|
||||
"Test resources created with variable defaults."
|
||||
_, resources = plan_runner()
|
||||
assert len(resources) == 1
|
||||
|
||||
cluster_config = resources[0]['values']
|
||||
assert cluster_config['name'] == "cluster-1"
|
||||
assert cluster_config['network'] == "mynetwork"
|
||||
assert cluster_config['subnetwork'] == "mysubnet"
|
||||
assert cluster_config['enable_autopilot'] is None
|
||||
# assert 'service_account' not in node_config
|
||||
|
||||
|
||||
def test_autopilot(plan_runner):
|
||||
"Test resources created with variable defaults."
|
||||
_, resources = plan_runner(enable_features='{ autopilot=true }')
|
||||
assert len(resources) == 1
|
||||
cluster_config = resources[0]['values']
|
||||
assert cluster_config['name'] == "cluster-1"
|
||||
assert cluster_config['network'] == "mynetwork"
|
||||
assert cluster_config['subnetwork'] == "mysubnet"
|
||||
assert cluster_config['enable_autopilot'] == True
|
||||
# assert 'service_account' not in node_config
|
|
@ -0,0 +1,23 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1-nodepool-1.google_container_node_pool.nodepool:
|
||||
cluster: cluster-1
|
||||
location: europe-west1-b
|
||||
name: nodepool-1
|
||||
project: myproject
|
||||
|
||||
counts:
|
||||
google_container_node_pool: 1
|
|
@ -0,0 +1,60 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1-nodepool-1.google_container_node_pool.nodepool:
|
||||
autoscaling:
|
||||
- location_policy: null
|
||||
max_node_count: 10
|
||||
min_node_count: 1
|
||||
total_max_node_count: null
|
||||
total_min_node_count: null
|
||||
cluster: cluster-1
|
||||
initial_node_count: 1
|
||||
location: europe-west1-b
|
||||
management:
|
||||
- auto_repair: true
|
||||
auto_upgrade: false
|
||||
name: nodepool-1
|
||||
node_config:
|
||||
- boot_disk_kms_key: null
|
||||
disk_size_gb: 50
|
||||
disk_type: pd-ssd
|
||||
ephemeral_storage_config:
|
||||
- local_ssd_count: 1
|
||||
gcfs_config: []
|
||||
gvnic: []
|
||||
kubelet_config: []
|
||||
labels:
|
||||
environment: dev
|
||||
linux_node_config: []
|
||||
logging_variant: DEFAULT
|
||||
machine_type: n2-standard-2
|
||||
node_group: null
|
||||
oauth_scopes:
|
||||
- https://www.googleapis.com/auth/cloud-platform
|
||||
preemptible: false
|
||||
reservation_affinity: []
|
||||
resource_labels: null
|
||||
sandbox_config: []
|
||||
spot: true
|
||||
tags: null
|
||||
taint: []
|
||||
placement_policy: []
|
||||
project: myproject
|
||||
module.cluster-1-nodepool-1.google_service_account.service_account[0]: {}
|
||||
|
||||
counts:
|
||||
google_container_node_pool: 1
|
||||
google_service_account: 1
|
|
@ -0,0 +1,52 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1-nodepool-1.google_container_node_pool.nodepool:
|
||||
cluster: cluster-1
|
||||
location: europe-west1-b
|
||||
name: nodepool-1
|
||||
node_config:
|
||||
- boot_disk_kms_key: null
|
||||
disk_type: pd-balanced
|
||||
ephemeral_storage_config: []
|
||||
gcfs_config: []
|
||||
gvnic: []
|
||||
kubelet_config: []
|
||||
linux_node_config: []
|
||||
logging_variant: DEFAULT
|
||||
node_group: null
|
||||
oauth_scopes:
|
||||
- https://www.googleapis.com/auth/cloud-platform
|
||||
preemptible: false
|
||||
reservation_affinity: []
|
||||
resource_labels: null
|
||||
sandbox_config: []
|
||||
spot: false
|
||||
tags: null
|
||||
taint: []
|
||||
placement_policy: []
|
||||
project: myproject
|
||||
timeouts: null
|
||||
module.cluster-1-nodepool-1.google_service_account.service_account[0]:
|
||||
account_id: spam-eggs
|
||||
description: null
|
||||
disabled: false
|
||||
display_name: Terraform GKE cluster-1 nodepool-1.
|
||||
project: myproject
|
||||
timeouts: null
|
||||
|
||||
counts:
|
||||
google_container_node_pool: 1
|
||||
google_service_account: 1
|
|
@ -0,0 +1,43 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.cluster-1-nodepool-1.google_container_node_pool.nodepool:
|
||||
cluster: cluster-1
|
||||
location: europe-west1-b
|
||||
name: nodepool-1
|
||||
node_config:
|
||||
- boot_disk_kms_key: null
|
||||
disk_type: pd-balanced
|
||||
ephemeral_storage_config: []
|
||||
gcfs_config: []
|
||||
gvnic: []
|
||||
kubelet_config: []
|
||||
linux_node_config: []
|
||||
logging_variant: DEFAULT
|
||||
node_group: null
|
||||
oauth_scopes:
|
||||
- https://www.googleapis.com/auth/cloud-platform
|
||||
preemptible: false
|
||||
reservation_affinity: []
|
||||
resource_labels: null
|
||||
sandbox_config: []
|
||||
service_account: foo-bar@myproject.iam.gserviceaccount.com
|
||||
spot: false
|
||||
tags: null
|
||||
taint: []
|
||||
project: myproject
|
||||
|
||||
counts:
|
||||
google_container_node_pool: 1
|
|
@ -1,45 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
resource "google_service_account" "test" {
|
||||
project = "my-project"
|
||||
account_id = "gke-nodepool-test"
|
||||
display_name = "Test Service Account"
|
||||
}
|
||||
|
||||
module "test" {
|
||||
source = "../../../../modules/gke-nodepool"
|
||||
project_id = "my-project"
|
||||
cluster_name = "cluster-1"
|
||||
location = "europe-west1-b"
|
||||
name = "nodepool-1"
|
||||
gke_version = var.gke_version
|
||||
labels = var.labels
|
||||
max_pods_per_node = var.max_pods_per_node
|
||||
node_config = var.node_config
|
||||
node_count = var.node_count
|
||||
node_locations = var.node_locations
|
||||
nodepool_config = var.nodepool_config
|
||||
pod_range = var.pod_range
|
||||
reservation_affinity = var.reservation_affinity
|
||||
service_account = {
|
||||
create = var.service_account_create
|
||||
email = google_service_account.test.email
|
||||
}
|
||||
sole_tenant_nodegroup = var.sole_tenant_nodegroup
|
||||
tags = var.tags
|
||||
taints = var.taints
|
||||
}
|
|
@ -1,86 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "gke_version" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
type = map(string)
|
||||
default = {}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "max_pods_per_node" {
|
||||
type = number
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "node_config" {
|
||||
type = any
|
||||
default = {
|
||||
disk_type = "pd-balanced"
|
||||
}
|
||||
}
|
||||
|
||||
variable "node_count" {
|
||||
type = any
|
||||
default = {
|
||||
initial = 1
|
||||
}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "node_locations" {
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "nodepool_config" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "pod_range" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "reservation_affinity" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "service_account_create" {
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "sole_tenant_nodegroup" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "taints" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
|
@ -1,67 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
def test_defaults(plan_runner):
|
||||
"Test resources created with variable defaults."
|
||||
_, resources = plan_runner()
|
||||
assert len(resources) == 1
|
||||
assert resources[0]['values']['autoscaling'] == []
|
||||
|
||||
|
||||
def test_service_account(plan_runner):
|
||||
_, resources = plan_runner()
|
||||
assert len(resources) == 1
|
||||
_, resources = plan_runner(service_account_create='true')
|
||||
assert len(resources) == 2
|
||||
assert 'google_service_account' in [r['type'] for r in resources]
|
||||
|
||||
|
||||
def test_nodepool_config(plan_runner):
|
||||
nodepool_config = '''{
|
||||
autoscaling = { use_total_nodes = true, max_node_count = 3}
|
||||
management = {}
|
||||
upgrade_settings = { max_surge = 3, max_unavailable = 3 }
|
||||
}'''
|
||||
_, resources = plan_runner(nodepool_config=nodepool_config)
|
||||
assert resources[0]['values']['autoscaling'] == [{
|
||||
'location_policy': None,
|
||||
'max_node_count': None,
|
||||
'min_node_count': None,
|
||||
'total_max_node_count': 3,
|
||||
'total_min_node_count': None
|
||||
}]
|
||||
nodepool_config = '{ autoscaling = { max_node_count = 3} }'
|
||||
_, resources = plan_runner(nodepool_config=nodepool_config)
|
||||
assert resources[0]['values']['autoscaling'] == [{
|
||||
'location_policy': None,
|
||||
'max_node_count': 3,
|
||||
'min_node_count': None,
|
||||
'total_max_node_count': None,
|
||||
'total_min_node_count': None
|
||||
}]
|
||||
|
||||
|
||||
def test_node_config(plan_runner):
|
||||
node_config = '''{
|
||||
gcfs = true
|
||||
metadata = { foo = "bar" }
|
||||
}'''
|
||||
_, resources = plan_runner(node_config=node_config)
|
||||
values = resources[0]['values']['node_config'][0]
|
||||
assert values['gcfs_config'] == [{'enabled': True}]
|
||||
assert values['metadata'] == {
|
||||
'disable-legacy-endpoints': 'true',
|
||||
'foo': 'bar'
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: {}
|
||||
module.vpc.google_dns_policy.default[0]:
|
||||
alternative_name_server_config:
|
||||
- target_name_servers:
|
||||
- forwarding_path: ''
|
||||
ipv4_address: '8.8.8.8'
|
||||
- forwarding_path: private
|
||||
ipv4_address: '10.0.0.1'
|
||||
description: Managed by Terraform
|
||||
enable_inbound_forwarding: true
|
||||
enable_logging: null
|
||||
name: my-network
|
||||
networks:
|
||||
- {}
|
||||
project: my-project
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 1
|
||||
google_dns_policy: 1
|
||||
modules: 1
|
||||
resources: 3
|
||||
|
||||
outputs: {}
|
|
@ -0,0 +1,50 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-detailed"]:
|
||||
description: Sample description
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
log_config:
|
||||
- aggregation_interval: INTERVAL_5_SEC
|
||||
filter_expr: 'true'
|
||||
flow_sampling: 0.5
|
||||
metadata: INCLUDE_ALL_METADATA
|
||||
metadata_fields: null
|
||||
name: subnet-detailed
|
||||
private_ip_google_access: false
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range:
|
||||
- ip_cidr_range: 192.168.0.0/24
|
||||
range_name: secondary-range-a
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west4/subnet-simple"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.1.0/24
|
||||
log_config: []
|
||||
name: subnet-simple
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west4
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 2
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -13,35 +13,22 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_compute_network.network[0]:
|
||||
auto_create_subnetworks: false
|
||||
delete_default_routes_on_create: false
|
||||
description: Terraform-managed.
|
||||
name: test
|
||||
project: test-project
|
||||
routing_mode: GLOBAL
|
||||
google_compute_network_peering.local[0]:
|
||||
export_custom_routes: true
|
||||
import_custom_routes: false
|
||||
name: test-peer
|
||||
peer_network: projects/my-project/global/networks/peer
|
||||
google_compute_network_peering.remote[0]:
|
||||
module.vpc-hub.google_compute_network.network[0]: {}
|
||||
module.vpc-spoke-1.google_compute_network.network[0]: {}
|
||||
module.vpc-hub.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {}
|
||||
module.vpc-spoke-1.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]: {}
|
||||
module.vpc-spoke-1.google_compute_network_peering.local[0]:
|
||||
export_custom_routes: false
|
||||
export_subnet_routes_with_public_ip: true
|
||||
import_custom_routes: true
|
||||
name: peer-test
|
||||
network: projects/my-project/global/networks/peer
|
||||
import_subnet_routes_with_public_ip: null
|
||||
module.vpc-spoke-1.google_compute_network_peering.remote[0]:
|
||||
export_custom_routes: true
|
||||
export_subnet_routes_with_public_ip: true
|
||||
import_custom_routes: false
|
||||
import_subnet_routes_with_public_ip: null
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_network: 2
|
||||
google_compute_network_peering: 2
|
||||
|
||||
outputs:
|
||||
bindings: {}
|
||||
project_id: test-project
|
||||
subnet_ips: {}
|
||||
subnet_regions: {}
|
||||
subnet_secondary_ranges: {}
|
||||
subnet_self_links: {}
|
||||
subnets: {}
|
||||
subnets_proxy_only: {}
|
||||
subnets_psc: {}
|
||||
google_compute_subnetwork: 2
|
|
@ -0,0 +1,40 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.proxy_only["europe-west1/regional-proxy"]:
|
||||
description: Terraform-managed proxy-only subnet for Regional HTTPS or Internal HTTPS LB.
|
||||
ip_cidr_range: 10.0.1.0/24
|
||||
log_config: []
|
||||
name: regional-proxy
|
||||
project: my-project
|
||||
purpose: REGIONAL_MANAGED_PROXY
|
||||
region: europe-west1
|
||||
role: ACTIVE
|
||||
module.vpc.google_compute_subnetwork.psc["europe-west1/psc"]:
|
||||
description: Terraform-managed subnet for Private Service Connect (PSC NAT).
|
||||
ip_cidr_range: 10.0.3.0/24
|
||||
log_config: []
|
||||
name: psc
|
||||
project: my-project
|
||||
purpose: PRIVATE_SERVICE_CONNECT
|
||||
region: europe-west1
|
||||
role: null
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 2
|
|
@ -0,0 +1,47 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_global_address.psa_ranges["myrange"]:
|
||||
address: 10.0.1.0
|
||||
address_type: INTERNAL
|
||||
description: null
|
||||
ip_version: null
|
||||
name: myrange
|
||||
prefix_length: 24
|
||||
project: my-project
|
||||
purpose: VPC_PEERING
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]:
|
||||
export_custom_routes: true
|
||||
import_custom_routes: true
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
name: production
|
||||
project: my-project
|
||||
module.vpc.google_service_networking_connection.psa_connection["1"]:
|
||||
reserved_peering_ranges:
|
||||
- myrange
|
||||
service: servicenetworking.googleapis.com
|
||||
|
||||
counts:
|
||||
google_compute_global_address: 1
|
||||
google_compute_network: 1
|
||||
google_compute_network_peering_routes_config: 1
|
||||
google_compute_subnetwork: 1
|
||||
google_service_networking_connection: 1
|
|
@ -0,0 +1,46 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_global_address.psa_ranges["myrange"]:
|
||||
address: 10.0.1.0
|
||||
address_type: INTERNAL
|
||||
name: myrange
|
||||
prefix_length: 24
|
||||
project: my-project
|
||||
purpose: VPC_PEERING
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
module.vpc.google_compute_network_peering_routes_config.psa_routes["1"]:
|
||||
export_custom_routes: false
|
||||
import_custom_routes: false
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
name: production
|
||||
project: my-project
|
||||
module.vpc.google_service_networking_connection.psa_connection["1"]:
|
||||
reserved_peering_ranges:
|
||||
- myrange
|
||||
service: servicenetworking.googleapis.com
|
||||
|
||||
counts:
|
||||
google_compute_global_address: 1
|
||||
google_compute_network: 1
|
||||
google_compute_network_peering_routes_config: 1
|
||||
google_compute_subnetwork: 1
|
||||
google_service_networking_connection: 1
|
||||
|
||||
outputs: {}
|
|
@ -0,0 +1,146 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc["gateway"].google_compute_network.network[0]:
|
||||
name: my-network-with-route-gateway
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc["gateway"].google_compute_route.gateway["gateway"]:
|
||||
dest_range: 0.0.0.0/0
|
||||
name: my-network-with-route-gateway-gateway
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 100
|
||||
project: my-project
|
||||
tags:
|
||||
- tag-a
|
||||
module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
|
||||
dest_range: 192.168.128.0/24
|
||||
name: my-network-with-route-gateway-next-hop
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 1000
|
||||
project: my-project
|
||||
tags: null
|
||||
module.vpc["ilb"].google_compute_network.network[0]:
|
||||
name: my-network-with-route-ilb
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc["ilb"].google_compute_route.gateway["gateway"]:
|
||||
dest_range: 0.0.0.0/0
|
||||
name: my-network-with-route-ilb-gateway
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 100
|
||||
project: my-project
|
||||
tags:
|
||||
- tag-a
|
||||
module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
|
||||
dest_range: 192.168.128.0/24
|
||||
name: my-network-with-route-ilb-next-hop
|
||||
next_hop_gateway: null
|
||||
next_hop_ilb: regions/europe-west1/forwardingRules/test
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 1000
|
||||
project: my-project
|
||||
tags: null
|
||||
module.vpc["instance"].google_compute_network.network[0]:
|
||||
name: my-network-with-route-instance
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc["instance"].google_compute_route.gateway["gateway"]:
|
||||
dest_range: 0.0.0.0/0
|
||||
name: my-network-with-route-instance-gateway
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 100
|
||||
project: my-project
|
||||
tags:
|
||||
- tag-a
|
||||
module.vpc["instance"].google_compute_route.instance["next-hop"]:
|
||||
dest_range: 192.168.128.0/24
|
||||
name: my-network-with-route-instance-next-hop
|
||||
next_hop_gateway: null
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: zones/europe-west1-b/test
|
||||
next_hop_instance_zone: europe-west1-b
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 1000
|
||||
project: my-project
|
||||
tags: null
|
||||
module.vpc["ip"].google_compute_network.network[0]:
|
||||
name: my-network-with-route-ip
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc["ip"].google_compute_route.gateway["gateway"]:
|
||||
dest_range: 0.0.0.0/0
|
||||
name: my-network-with-route-ip-gateway
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 100
|
||||
project: my-project
|
||||
tags:
|
||||
- tag-a
|
||||
module.vpc["ip"].google_compute_route.ip["next-hop"]:
|
||||
dest_range: 192.168.128.0/24
|
||||
name: my-network-with-route-ip-next-hop
|
||||
next_hop_gateway: null
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_ip: 192.168.0.128
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 1000
|
||||
project: my-project
|
||||
tags: null
|
||||
module.vpc["vpn_tunnel"].google_compute_network.network[0]:
|
||||
name: my-network-with-route-vpn-tunnel
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
|
||||
dest_range: 0.0.0.0/0
|
||||
name: my-network-with-route-vpn-tunnel-gateway
|
||||
next_hop_gateway: global/gateways/default-internet-gateway
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: null
|
||||
priority: 100
|
||||
project: my-project
|
||||
tags:
|
||||
- tag-a
|
||||
module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
|
||||
dest_range: 192.168.128.0/24
|
||||
name: my-network-with-route-vpn-tunnel-next-hop
|
||||
next_hop_gateway: null
|
||||
next_hop_ilb: null
|
||||
next_hop_instance: null
|
||||
next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo
|
||||
priority: 1000
|
||||
project: my-project
|
||||
tags: null
|
||||
|
||||
counts:
|
||||
google_compute_network: 5
|
||||
google_compute_route: 10
|
|
@ -0,0 +1,51 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc-host.google_compute_network.network[0]:
|
||||
name: my-host-network
|
||||
project: my-project
|
||||
module.vpc-host.google_compute_shared_vpc_host_project.shared_vpc_host[0]:
|
||||
project: my-project
|
||||
module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project1"]:
|
||||
host_project: my-project
|
||||
service_project: project1
|
||||
module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project2"]:
|
||||
host_project: my-project
|
||||
service_project: project2
|
||||
module.vpc-host.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]: {}
|
||||
module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]:
|
||||
condition: []
|
||||
members:
|
||||
- serviceAccount:cloudsvc
|
||||
- serviceAccount:gke
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/compute.networkUser
|
||||
subnetwork: subnet-1
|
||||
module.vpc-host.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.securityAdmin"]:
|
||||
condition: []
|
||||
members:
|
||||
- serviceAccount:gke
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/compute.securityAdmin
|
||||
subnetwork: subnet-1
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_shared_vpc_host_project: 1
|
||||
google_compute_shared_vpc_service_project: 2
|
||||
google_compute_subnetwork: 1
|
||||
google_compute_subnetwork_iam_binding: 2
|
|
@ -0,0 +1,50 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
auto_create_subnetworks: false
|
||||
delete_default_routes_on_create: false
|
||||
description: Terraform-managed.
|
||||
name: my-network
|
||||
project: my-project
|
||||
routing_mode: GLOBAL
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
log_config: []
|
||||
name: production
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range:
|
||||
- ip_cidr_range: 172.16.0.0/20
|
||||
range_name: pods
|
||||
- ip_cidr_range: 192.168.0.0/24
|
||||
range_name: services
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west2/production"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.16.0/24
|
||||
log_config: []
|
||||
name: production
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west2
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 2
|
|
@ -0,0 +1,54 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]:
|
||||
name: subnet-1
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]:
|
||||
name: subnet-2
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-1.roles/compute.networkUser"]:
|
||||
condition: []
|
||||
members:
|
||||
- group:group1@example.com
|
||||
- user:user1@example.com
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/compute.networkUser
|
||||
subnetwork: subnet-1
|
||||
module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-2.roles/compute.networkUser"]:
|
||||
condition: []
|
||||
members:
|
||||
- group:group2@example.com
|
||||
- user:user2@example.com
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: roles/compute.networkUser
|
||||
subnetwork: subnet-2
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 2
|
||||
google_compute_subnetwork_iam_binding: 2
|
||||
modules: 1
|
||||
resources: 5
|
||||
|
||||
outputs: {}
|
|
@ -0,0 +1,70 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.vpc.google_compute_network.network[0]:
|
||||
name: my-network
|
||||
project: my-project
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/no-pga"]:
|
||||
description: Subnet b
|
||||
ip_cidr_range: 10.0.1.0/24
|
||||
log_config: []
|
||||
name: no-pga
|
||||
private_ip_google_access: false
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
secondary_ip_range: []
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/simple"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
log_config: []
|
||||
name: simple
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
secondary_ip_range: []
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-flow-logs"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.3.0/24
|
||||
ipv6_access_type: null
|
||||
log_config:
|
||||
- aggregation_interval: INTERVAL_10_MIN
|
||||
filter_expr: 'true'
|
||||
flow_sampling: 0.5
|
||||
metadata: INCLUDE_ALL_METADATA
|
||||
metadata_fields: null
|
||||
name: with-flow-logs
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-secondary-ranges"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.2.0/24
|
||||
log_config: []
|
||||
name: with-secondary-ranges
|
||||
private_ip_google_access: true
|
||||
project: my-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range:
|
||||
- ip_cidr_range: 192.168.0.0/24
|
||||
range_name: a
|
||||
- ip_cidr_range: 192.168.1.0/24
|
||||
range_name: b
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 4
|
|
@ -1 +0,0 @@
|
|||
data_folder = "../../tests/modules/net_vpc/data"
|
|
@ -1,44 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_compute_subnetwork.subnetwork["europe-west1/factory-subnet"]:
|
||||
description: 'Sample description'
|
||||
ip_cidr_range: '10.128.0.0/24'
|
||||
ipv6_access_type: null
|
||||
log_config: []
|
||||
name: 'factory-subnet'
|
||||
private_ip_google_access: false
|
||||
project: 'test-project'
|
||||
region: 'europe-west1'
|
||||
role: null
|
||||
secondary_ip_range:
|
||||
- ip_cidr_range: '192.168.128.0/24'
|
||||
range_name: 'secondary-range-a'
|
||||
google_compute_subnetwork.subnetwork["europe-west4/factory-subnet2"]:
|
||||
description: 'Sample description'
|
||||
ip_cidr_range: '10.129.0.0/24'
|
||||
log_config: []
|
||||
name: 'factory-subnet2'
|
||||
private_ip_google_access: true
|
||||
project: 'test-project'
|
||||
region: 'europe-west4'
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
|
||||
# FIXME: should we have some bindings here?
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 2
|
|
@ -1,30 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
module "test" {
|
||||
source = "../../../../modules/net-vpc"
|
||||
project_id = "test-project"
|
||||
name = "test"
|
||||
peering_config = var.peering_config
|
||||
routes = var.routes
|
||||
shared_vpc_host = var.shared_vpc_host
|
||||
shared_vpc_service_projects = var.shared_vpc_service_projects
|
||||
subnet_iam = var.subnet_iam
|
||||
subnets = var.subnets
|
||||
auto_create_subnetworks = var.auto_create_subnetworks
|
||||
psa_config = var.psa_config
|
||||
data_folder = var.data_folder
|
||||
}
|
|
@ -1,44 +0,0 @@
|
|||
subnet_iam = {
|
||||
"europe-west1/a" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:a@example.com", "group:g-a@example.com"
|
||||
]
|
||||
}
|
||||
"europe-west1/c" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:c@example.com", "group:g-c@example.com"
|
||||
]
|
||||
}
|
||||
}
|
||||
subnets = [
|
||||
{
|
||||
name = "a"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.0.0/24"
|
||||
},
|
||||
{
|
||||
name = "b"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.1.0/24",
|
||||
description = "Subnet b"
|
||||
enable_private_access = false
|
||||
},
|
||||
{
|
||||
name = "c"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.2.0/24"
|
||||
secondary_ip_ranges = {
|
||||
a = "192.168.0.0/24"
|
||||
b = "192.168.1.0/24"
|
||||
}
|
||||
},
|
||||
{
|
||||
name = "d"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.3.0/24"
|
||||
flow_logs_config = {
|
||||
flow_sampling = 0.5
|
||||
aggregation_interval = "INTERVAL_10_MIN"
|
||||
}
|
||||
}
|
||||
]
|
|
@ -1,101 +0,0 @@
|
|||
/**
|
||||
* Copyright 2022 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "auto_create_subnetworks" {
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "data_folder" {
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "delete_default_routes_on_create" {
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "description" {
|
||||
type = string
|
||||
default = "Terraform-managed."
|
||||
}
|
||||
|
||||
variable "dns_policy" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "mtu" {
|
||||
type = number
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "peering_config" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "psa_config" {
|
||||
type = any
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "routes" {
|
||||
type = any
|
||||
default = {}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "routing_mode" {
|
||||
type = string
|
||||
default = "GLOBAL"
|
||||
}
|
||||
|
||||
variable "shared_vpc_host" {
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "shared_vpc_service_projects" {
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "subnets" {
|
||||
type = any
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "subnet_iam" {
|
||||
type = map(map(list(string)))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "subnets_proxy_only" {
|
||||
type = any
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "subnets_psc" {
|
||||
type = any
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "vpc_create" {
|
||||
type = bool
|
||||
default = true
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
peering_config = {
|
||||
peer_vpc_self_link = "projects/my-project/global/networks/peer"
|
||||
export_routes = true
|
||||
import_routes = null
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
psa_config = {
|
||||
ranges = {
|
||||
bar = "172.16.100.0/24"
|
||||
foo = "172.16.101.0/24"
|
||||
}
|
||||
routes = null
|
||||
}
|
|
@ -1,70 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_compute_global_address.psa_ranges["bar"]:
|
||||
address: 172.16.100.0
|
||||
address_type: INTERNAL
|
||||
description: null
|
||||
ip_version: null
|
||||
name: bar
|
||||
prefix_length: 24
|
||||
project: test-project
|
||||
purpose: VPC_PEERING
|
||||
google_compute_global_address.psa_ranges["foo"]:
|
||||
address: 172.16.101.0
|
||||
address_type: INTERNAL
|
||||
description: null
|
||||
ip_version: null
|
||||
name: foo
|
||||
prefix_length: 24
|
||||
project: test-project
|
||||
purpose: VPC_PEERING
|
||||
google_compute_network.network[0]:
|
||||
auto_create_subnetworks: false
|
||||
delete_default_routes_on_create: false
|
||||
description: Terraform-managed.
|
||||
enable_ula_internal_ipv6: null
|
||||
name: test
|
||||
project: test-project
|
||||
routing_mode: GLOBAL
|
||||
google_compute_network_peering_routes_config.psa_routes["1"]:
|
||||
export_custom_routes: false
|
||||
import_custom_routes: false
|
||||
project: test-project
|
||||
google_service_networking_connection.psa_connection["1"]:
|
||||
reserved_peering_ranges:
|
||||
- bar
|
||||
- foo
|
||||
service: servicenetworking.googleapis.com
|
||||
|
||||
counts:
|
||||
google_compute_global_address: 2
|
||||
google_compute_network: 1
|
||||
google_compute_network_peering_routes_config: 1
|
||||
google_service_networking_connection: 1
|
||||
|
||||
outputs:
|
||||
bindings: {}
|
||||
name: __missing__
|
||||
network: __missing__
|
||||
project_id: test-project
|
||||
self_link: __missing__
|
||||
subnet_ips: {}
|
||||
subnet_regions: {}
|
||||
subnet_secondary_ranges: {}
|
||||
subnet_self_links: {}
|
||||
subnets: {}
|
||||
subnets_proxy_only: {}
|
||||
subnets_psc: {}
|
|
@ -1 +0,0 @@
|
|||
# skip boilerplate check
|
|
@ -1,44 +0,0 @@
|
|||
subnet_iam = {
|
||||
"europe-west1/a" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:a@example.com", "group:g-a@example.com"
|
||||
]
|
||||
}
|
||||
"europe-west1/c" = {
|
||||
"roles/compute.networkUser" = [
|
||||
"user:c@example.com", "group:g-c@example.com"
|
||||
]
|
||||
}
|
||||
}
|
||||
subnets = [
|
||||
{
|
||||
name = "a"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.0.0/24"
|
||||
},
|
||||
{
|
||||
name = "b"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.1.0/24",
|
||||
description = "Subnet b"
|
||||
enable_private_access = false
|
||||
},
|
||||
{
|
||||
name = "c"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.2.0/24"
|
||||
secondary_ip_ranges = {
|
||||
a = "192.168.0.0/24"
|
||||
b = "192.168.1.0/24"
|
||||
}
|
||||
},
|
||||
{
|
||||
name = "d"
|
||||
region = "europe-west1"
|
||||
ip_cidr_range = "10.0.3.0/24"
|
||||
flow_logs_config = {
|
||||
flow_sampling = 0.5
|
||||
aggregation_interval = "INTERVAL_10_MIN"
|
||||
}
|
||||
}
|
||||
]
|
|
@ -1,120 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_compute_network.network[0]:
|
||||
auto_create_subnetworks: false
|
||||
delete_default_routes_on_create: false
|
||||
description: Terraform-managed.
|
||||
name: test
|
||||
project: test-project
|
||||
routing_mode: GLOBAL
|
||||
google_compute_subnetwork.subnetwork["europe-west1/a"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.0.0/24
|
||||
log_config: []
|
||||
name: a
|
||||
private_ip_google_access: true
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
google_compute_subnetwork.subnetwork["europe-west1/b"]:
|
||||
description: Subnet b
|
||||
ip_cidr_range: 10.0.1.0/24
|
||||
log_config: []
|
||||
name: b
|
||||
private_ip_google_access: false
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
google_compute_subnetwork.subnetwork["europe-west1/c"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.2.0/24
|
||||
ipv6_access_type: null
|
||||
log_config: []
|
||||
name: c
|
||||
private_ip_google_access: true
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range:
|
||||
- ip_cidr_range: 192.168.0.0/24
|
||||
range_name: a
|
||||
- ip_cidr_range: 192.168.1.0/24
|
||||
range_name: b
|
||||
google_compute_subnetwork.subnetwork["europe-west1/d"]:
|
||||
description: Terraform-managed.
|
||||
ip_cidr_range: 10.0.3.0/24
|
||||
log_config:
|
||||
- aggregation_interval: INTERVAL_10_MIN
|
||||
filter_expr: 'true'
|
||||
flow_sampling: 0.5
|
||||
metadata: INCLUDE_ALL_METADATA
|
||||
metadata_fields: null
|
||||
name: d
|
||||
private_ip_google_access: true
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: null
|
||||
secondary_ip_range: []
|
||||
google_compute_subnetwork_iam_binding.binding["europe-west1/a.roles/compute.networkUser"]:
|
||||
condition: []
|
||||
members:
|
||||
- group:g-a@example.com
|
||||
- user:a@example.com
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: roles/compute.networkUser
|
||||
subnetwork: a
|
||||
google_compute_subnetwork_iam_binding.binding["europe-west1/c.roles/compute.networkUser"]:
|
||||
condition: []
|
||||
members:
|
||||
- group:g-c@example.com
|
||||
- user:c@example.com
|
||||
project: test-project
|
||||
region: europe-west1
|
||||
role: roles/compute.networkUser
|
||||
subnetwork: c
|
||||
|
||||
counts:
|
||||
google_compute_network: 1
|
||||
google_compute_subnetwork: 4
|
||||
google_compute_subnetwork_iam_binding: 2
|
||||
|
||||
outputs:
|
||||
bindings: __missing__
|
||||
project_id: test-project
|
||||
subnet_ips:
|
||||
europe-west1/a: 10.0.0.0/24
|
||||
europe-west1/b: 10.0.1.0/24
|
||||
europe-west1/c: 10.0.2.0/24
|
||||
europe-west1/d: 10.0.3.0/24
|
||||
subnet_regions:
|
||||
europe-west1/a: europe-west1
|
||||
europe-west1/b: europe-west1
|
||||
europe-west1/c: europe-west1
|
||||
europe-west1/d: europe-west1
|
||||
subnet_secondary_ranges:
|
||||
europe-west1/a: {}
|
||||
europe-west1/b: {}
|
||||
europe-west1/c:
|
||||
a: 192.168.0.0/24
|
||||
b: 192.168.1.0/24
|
||||
europe-west1/d: {}
|
||||
subnet_self_links: __missing__
|
||||
subnets: __missing__
|
||||
subnets_proxy_only: {}
|
||||
subnets_psc: {}
|
|
@ -1,47 +0,0 @@
|
|||
# Copyright 2022 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import pytest
|
||||
|
||||
_route_parameters = [('gateway', 'global/gateways/default-internet-gateway'),
|
||||
('instance', 'zones/europe-west1-b/test'),
|
||||
('ip', '192.168.0.128'),
|
||||
('ilb', 'regions/europe-west1/forwardingRules/test'),
|
||||
('vpn_tunnel', 'regions/europe-west1/vpnTunnels/foo')]
|
||||
|
||||
|
||||
@pytest.mark.parametrize('next_hop_type,next_hop', _route_parameters)
|
||||
def test_vpc_routes(plan_summary, next_hop_type, next_hop):
|
||||
'Test vpc routes.'
|
||||
|
||||
var_routes = '''{
|
||||
next-hop = {
|
||||
dest_range = "192.168.128.0/24"
|
||||
tags = null
|
||||
next_hop_type = "%s"
|
||||
next_hop = "%s"
|
||||
}
|
||||
gateway = {
|
||||
dest_range = "0.0.0.0/0",
|
||||
priority = 100
|
||||
tags = ["tag-a"]
|
||||
next_hop_type = "gateway",
|
||||
next_hop = "global/gateways/default-internet-gateway"
|
||||
}
|
||||
}''' % (next_hop_type, next_hop)
|
||||
summary = plan_summary('modules/net-vpc', tf_var_files=['common.tfvars'],
|
||||
routes=var_routes)
|
||||
assert len(summary.values) == 3
|
||||
route = summary.values[f'google_compute_route.{next_hop_type}["next-hop"]']
|
||||
assert route[f'next_hop_{next_hop_type}'] == next_hop
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -17,12 +17,7 @@ common_tfvars:
|
|||
- common.tfvars
|
||||
|
||||
tests:
|
||||
simple:
|
||||
subnets:
|
||||
peering:
|
||||
shared_vpc:
|
||||
factory:
|
||||
psa_simple:
|
||||
psa_routes_export:
|
||||
psa_routes_import:
|
||||
psa_routes_import_export:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
pytest>=6.2.5
|
||||
pytest>=7.2.1
|
||||
PyYAML>=6.0
|
||||
tftest>=1.8.1
|
||||
marko>=1.2.0
|
||||
deepdiff>=5.7.0
|
||||
python-hcl2>=3.0.5
|
||||
marko>=1.2.2
|
||||
deepdiff>=6.2.3
|
||||
python-hcl2>=4.3.0
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/usr/bin/env python3
|
||||
|
||||
# Copyright 2022 Google LLC
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
|
@ -16,6 +16,7 @@
|
|||
|
||||
import click
|
||||
import sys
|
||||
import tempfile
|
||||
import yaml
|
||||
|
||||
from pathlib import Path
|
||||
|
@ -27,17 +28,32 @@ import fixtures
|
|||
|
||||
|
||||
@click.command()
|
||||
@click.option('--example', default=False, is_flag=True)
|
||||
@click.argument('module', type=click.Path(), nargs=1)
|
||||
@click.argument('tfvars', type=click.Path(exists=True), nargs=-1)
|
||||
def main(module, tfvars):
|
||||
module = BASEDIR / module
|
||||
summary = fixtures.plan_summary(module, Path(), tfvars)
|
||||
print(yaml.dump({'values': summary.values}))
|
||||
print(yaml.dump({'counts': summary.counts}))
|
||||
outputs = {
|
||||
k: v.get('value', '__missing__') for k, v in summary.outputs.items()
|
||||
}
|
||||
print(yaml.dump({'outputs': outputs}))
|
||||
def main(example, module, tfvars):
|
||||
try:
|
||||
if example:
|
||||
tmp_dir = tempfile.TemporaryDirectory()
|
||||
tmp_path = Path(tmp_dir.name)
|
||||
common_vars = BASEDIR / 'tests' / 'examples' / 'variables.tf'
|
||||
(tmp_path / 'main.tf').symlink_to(module)
|
||||
(tmp_path / 'variables.tf').symlink_to(common_vars)
|
||||
(tmp_path / 'fabric').symlink_to(BASEDIR)
|
||||
module = tmp_path
|
||||
else:
|
||||
module = BASEDIR / module
|
||||
|
||||
summary = fixtures.plan_summary(module, Path(), tfvars)
|
||||
print(yaml.dump({'values': summary.values}))
|
||||
print(yaml.dump({'counts': summary.counts}))
|
||||
outputs = {
|
||||
k: v.get('value', '__missing__') for k, v in summary.outputs.items()
|
||||
}
|
||||
print(yaml.dump({'outputs': outputs}))
|
||||
finally:
|
||||
if example:
|
||||
tmp_dir.cleanup()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
|
Loading…
Reference in New Issue