add stub-domains and stub-domains-private

terraform-google-modules · Jan 11, 2025 · 9ff81a7 · 9ff81a7
1 parent 590c97d
commit 9ff81a7
Show file tree

Hide file tree

Showing 17 changed files with 643 additions and 367 deletions.
diff --git a/.kitchen.yml b/.kitchen.yml
@@ -46,24 +46,6 @@ suites:
       systems:
         - name: simple_regional_with_ipv6
           backend: local
-  - name: "stub_domains"
-    transport:
-      root_module_directory: test/fixtures/stub_domains
-    verifier:
-      systems:
-        - name: stub_domains
-          backend: local
-          controls:
-            - gcloud
-            - kubectl
-  # Disabled due to issue #264
-  # (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/264)
-  #  - name: stub_domains_private
-  #    transport:
-  #      root_module_directory: test/fixtures/stub_domains_private
-  #      systems:
-  #        - name: stub_domains_private
-  #          backend: local
   - name: "stub_domains_upstream_nameservers"
     transport:
       root_module_directory: test/fixtures/stub_domains_upstream_nameservers

diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml
@@ -200,21 +200,36 @@ steps:
     - verify simple-zonal-private-local
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'cft test run TestSimpleZonalPrivate --stage teardown --verbose']
-- id: converge stub-domains-local
+- id: apply stub-domains-local
   waitFor:
     - create-all
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
-  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge stub-domains-local']
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomains --stage apply --verbose --test-dir test/integration']
 - id: verify stub-domains-local
   waitFor:
-    - converge stub-domains-local
+    - apply stub-domains-local
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
-  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify stub-domains-local']
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomains --stage verify --verbose --test-dir test/integration']
 - id: destroy stub-domains-local
   waitFor:
     - verify stub-domains-local
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
-  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy stub-domains-local']
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomains --stage destroy --verbose --test-dir test/integration']
+- id: apply stub-domains-private-local
+  waitFor:
+    - create-all
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomainsPrivate --stage apply --verbose --test-dir test/integration']
+- id: verify stub-domains-private-local
+  waitFor:
+    - apply stub-domains-private-local
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomainsPrivate --stage verify --verbose --test-dir test/integration']
+- id: destroy stub-domains-private-local
+  waitFor:
+    - verify stub-domains-private-local
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'cft test run TestStubDomainsPrivate --stage destroy --verbose --test-dir test/integration']
 - id: apply upstream-nameservers-local
   waitFor:
     - create-all

diff --git a/test/fixtures/stub_domains/example.tf b/test/fixtures/stub_domains/example.tf
@@ -1,5 +1,5 @@
 /**
- * Copyright 2018 Google LLC
+ * Copyright 2018-2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,6 +14,10 @@
  * limitations under the License.
  */
 
+locals {
+  compute_engine_service_account = var.compute_engine_service_accounts[1]
+}
+
 module "example" {
   source = "../../../examples/stub_domains"
 
@@ -24,6 +28,6 @@ module "example" {
   subnetwork                     = google_compute_subnetwork.main.name
   ip_range_pods                  = google_compute_subnetwork.main.secondary_ip_range[0].range_name
   ip_range_services              = google_compute_subnetwork.main.secondary_ip_range[1].range_name
-  compute_engine_service_account = var.compute_engine_service_accounts[1]
+  compute_engine_service_account = local.compute_engine_service_account
 }
 
diff --git a/test/fixtures/stub_domains/outputs.tf b/test/fixtures/stub_domains/outputs.tf
@@ -1,5 +1,5 @@
 /**
- * Copyright 2018 Google LLC
+ * Copyright 2018-2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,3 +56,11 @@ output "service_account" {
   description = "The service account to default running nodes as if not overridden in `node_pools`."
   value       = module.example.service_account
 }
+
+output "random_string" {
+  value = random_string.suffix.result
+}
+
+output "compute_engine_service_account" {
+  value = local.compute_engine_service_account
+}
diff --git a/test/fixtures/stub_domains_private/main.tf b/test/fixtures/stub_domains_private/main.tf
@@ -1,5 +1,5 @@
 /**
- * Copyright 2018 Google LLC
+ * Copyright 2018-2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,6 +14,10 @@
  * limitations under the License.
  */
 
+locals {
+  compute_engine_service_account = var.compute_engine_service_accounts[1]
+}
+
 resource "random_string" "suffix" {
   length  = 4
   special = false
@@ -49,7 +53,7 @@ resource "google_compute_subnetwork" "main" {
 module "example" {
   source = "../../../examples/stub_domains_private"
 
-  compute_engine_service_account = var.compute_engine_service_accounts[1]
+  compute_engine_service_account = local.compute_engine_service_account
   ip_range_pods                  = google_compute_subnetwork.main.secondary_ip_range[0].range_name
   ip_range_services              = google_compute_subnetwork.main.secondary_ip_range[1].range_name
   network                        = google_compute_network.main.name

diff --git a/test/fixtures/stub_domains_private/outputs.tf b/test/fixtures/stub_domains_private/outputs.tf
@@ -1,5 +1,5 @@
 /**
- * Copyright 2018 Google LLC
+ * Copyright 2018-2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,3 +56,11 @@ output "service_account" {
   description = "The service account to default running nodes as if not overridden in `node_pools`."
   value       = module.example.service_account
 }
+
+output "random_string" {
+  value = random_string.suffix.result
+}
+
+output "compute_engine_service_account" {
+  value = local.compute_engine_service_account
+}
diff --git a/test/integration/node_pool/testdata/TestNodePool.json b/test/integration/node_pool/testdata/TestNodePool.json
@@ -249,7 +249,6 @@
       "name": "default-pool",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "podIpv4CidrSize": 24,
@@ -302,7 +301,6 @@
       "name": "nap-e2-medium-1d469r1p",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "placementPolicy": {},
@@ -395,7 +393,6 @@
       "name": "pool-01",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "podIpv4CidrSize": 24,
@@ -490,7 +487,6 @@
       "name": "pool-02",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "podIpv4CidrSize": 24,
@@ -583,7 +579,6 @@
       "networkConfig": {
         "enablePrivateNodes": false,
         "podIpv4CidrBlock": "172.16.0.0/18",
-        "podIpv4RangeUtilization": 0.0625,
         "podRange": "test"
       },
       "podIpv4CidrSize": 24,
@@ -671,7 +666,6 @@
       "name": "pool-04",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "podIpv4CidrSize": 24,
@@ -759,7 +753,6 @@
       "name": "pool-05",
       "networkConfig": {
         "podIpv4CidrBlock": "192.168.0.0/18",
-        "podIpv4RangeUtilization": 0.0624,
         "podRange": "cft-gke-test-pods-RANDOM_STRING"
       },
       "podIpv4CidrSize": 24,

diff --git a/test/integration/stub_domains/controls/gcloud.rb b/test/integration/stub_domains/controls/gcloud.rb
diff --git a/test/integration/stub_domains/controls/kubectl.rb b/test/integration/stub_domains/controls/kubectl.rb
diff --git a/test/integration/stub_domains/inspec.yml b/test/integration/stub_domains/inspec.yml