Merge pull request #26 from walterdolce/feature/add-ability-to-specify-routing-mode

Add ability to choose network routing mode

Author: andreyk-code

README.md

@@ -18,6 +18,7 @@ module "vpc" {
 
     project_id   = "<PROJECT ID>"
     network_name = "example-vpc"
+    routing_mode = "GLOBAL"
 
     subnets = [
         {
@@ -80,6 +81,7 @@ Then perform the following commands on the root folder:
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | network_name | The name of the network being created | string | - | yes |
+| routing_mode | The network routing mode. Can be either 'REGIONAL' or 'GLOBAL' | string | GLOBAL | no |
 | project_id | The ID of the project where this VPC will be created | string | - | yes |
 | shared_vpc_host | Makes this project a Shared VPC host if 'true' (default 'false') | string | `false` | no |
 | subnets | The list of subnets being created | list | - | yes |

examples/simple_project_with_regional_network/README.md

@@ -0,0 +1,29 @@
+# Simple Project
+
+This example configures a single simple regional VPC inside of a project.
+
+This VPC has two subnets, with no secondary ranges.
+
+[^]: (autogen_docs_start)
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| project\_id | The project ID to host the network in | string | - | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| network\_name | The name of the VPC being created |
+| network\_self\_link | The URI of the VPC being created |
+| routes | The routes associated with this VPC |
+| subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
+| subnets\_ips | The IP and cidrs of the subnets being created |
+| subnets\_names | The names of the subnets being created |
+| subnets\_private\_access | Whether the subnets will have access to Google API's without a public IP |
+| subnets\_regions | The region where subnets will be created |
+| subnets\_secondary\_ranges | The secondary ranges associated with these subnets |
+
+[^]: (autogen_docs_end)

examples/simple_project_with_regional_network/main.tf

@@ -0,0 +1,42 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "test-vpc-module" {
+  source       = "../../"
+  project_id   = "${var.project_id}"
+  network_name = "test-vpc-module"
+  routing_mode = "REGIONAL"
+
+  subnets = [
+    {
+      subnet_name   = "subnet-01"
+      subnet_ip     = "10.10.10.0/24"
+      subnet_region = "us-west1"
+    },
+    {
+      subnet_name           = "subnet-02"
+      subnet_ip             = "10.10.20.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = "true"
+      subnet_flow_logs      = "true"
+    },
+  ]
+
+  secondary_ranges = {
+    subnet-01 = []
+    subnet-02 = []
+  }
+}

examples/simple_project_with_regional_network/outputs.tf

@@ -0,0 +1,60 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "network_name" {
+  value       = "${module.test-vpc-module.network_name}"
+  description = "The name of the VPC being created"
+}
+
+output "network_self_link" {
+  value       = "${module.test-vpc-module.network_self_link}"
+  description = "The URI of the VPC being created"
+}
+
+output "subnets_names" {
+  value       = "${module.test-vpc-module.subnets_names}"
+  description = "The names of the subnets being created"
+}
+
+output "subnets_ips" {
+  value       = "${module.test-vpc-module.subnets_ips}"
+  description = "The IP and cidrs of the subnets being created"
+}
+
+output "subnets_regions" {
+  value       = "${module.test-vpc-module.subnets_regions}"
+  description = "The region where subnets will be created"
+}
+
+output "subnets_private_access" {
+  value       = "${module.test-vpc-module.subnets_private_access}"
+  description = "Whether the subnets will have access to Google API's without a public IP"
+}
+
+output "subnets_flow_logs" {
+  value       = "${module.test-vpc-module.subnets_flow_logs}"
+  description = "Whether the subnets will have VPC flow logs enabled"
+}
+
+output "subnets_secondary_ranges" {
+  value       = "${module.test-vpc-module.subnets_secondary_ranges}"
+  description = "The secondary ranges associated with these subnets"
+}
+
+output "routes" {
+  value       = "${module.test-vpc-module.routes}"
+  description = "The routes associated with this VPC"
+}

examples/simple_project_with_regional_network/variables.tf

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The project ID to host the network in"
+}

main.tf

@@ -20,7 +20,7 @@
 resource "google_compute_network" "network" {
   name                    = "${var.network_name}"
   auto_create_subnetworks = "false"
-  routing_mode            = "GLOBAL"
+  routing_mode            = "${var.routing_mode}"
   project                 = "${var.project_id}"
 }
 

test/integration/gcloud-test/integration.bats renamed to test/integration/gcloud-test/integration.global_network.bats

@@ -0,0 +1,153 @@
+#!/usr/bin/env bats
+
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# #################################### #
+#             Terraform tests          #
+# #################################### #
+
+@test "Ensure that Terraform configures the dirs and download the plugins" {
+
+  run terraform init
+  [ "$status" -eq 0 ]
+}
+
+@test "Ensure that Terraform updates the plugins" {
+  run terraform get
+  [ "$status" -eq 0 ]
+}
+
+@test "Terraform plan, ensure connection and creation of resources" {
+
+  run terraform plan
+  [ "$status" -eq 0 ]
+  [[ "$output" =~ 7\ to\ add ]]
+  [[ "$output" =~ 0\ to\ change ]]
+  [[ "$output" =~ 0\ to\ destroy ]]
+}
+
+@test "Terraform apply" {
+
+  run terraform apply -auto-approve
+  [ "$status" -eq 0 ]
+  [[ "$output" =~ 7\ added ]]
+  [[ "$output" =~ 0\ changed ]]
+  [[ "$output" =~ 0\ destroyed ]]
+}
+
+# #################################### #
+#             gcloud tests             #
+# #################################### #
+
+@test "Test that the network was created with the correct settings" {
+
+  NETWORK_NAME="$(terraform output network_name)"
+
+  run gcloud --project=${PROJECT_ID} compute networks describe ${NETWORK_NAME} --format='get(autoCreateSubnetworks)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "False" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks describe ${NETWORK_NAME} --format='get(routingConfig.routingMode)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "REGIONAL" ]]
+
+}
+
+@test "Test that the subnets were created with the correct settings" {
+
+  NETWORK_NAME="$(terraform output network_name)"
+
+  # test-network-01-subnet-01
+  SUBNET_NAME="$(terraform output -json subnets_names | jq '.value[0]' -r)"
+  SUBNET_REGION="$(terraform output -json subnets_regions | jq '.value[0]' -r)"
+  SUBNET_IP="$(terraform output -json subnets_ips | jq '.value[0]' -r)"
+  SUBNET_SECONDARY_RANGE_IP="$(terraform output -json subnets_secondary_ranges | jq '.value[0] | .[0].ip_cidr_range' -r)"
+  SUBNET_SECONDARY_RANGE_NAME="$(terraform output -json subnets_secondary_ranges | jq '.value[0] | .[0].range_name' -r)"
+
+  run gcloud --project=${PROJECT_ID} compute networks describe ${NETWORK_NAME} --format='get(subnetworks[0])'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/regions/${SUBNET_REGION}/subnetworks/${SUBNET_NAME}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(ipCidrRange)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_IP}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(privateIpGoogleAccess)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "False" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(secondaryIpRanges[0].ipCidrRange)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_SECONDARY_RANGE_IP}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(secondaryIpRanges[0].rangeName)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_SECONDARY_RANGE_NAME}" ]]
+
+  # test-network-01-subnet-02
+  SUBNET_NAME="$(terraform output -json subnets_names | jq '.value[1]' -r)"
+  SUBNET_REGION="$(terraform output -json subnets_regions | jq '.value[1]' -r)"
+  SUBNET_IP="$(terraform output -json subnets_ips | jq '.value[1]' -r)"
+  SUBNET_SECONDARY_RANGE_IP="$(terraform output -json subnets_secondary_ranges | jq '.value[1] | .[0].ip_cidr_range' -r)"
+  SUBNET_SECONDARY_RANGE_NAME="$(terraform output -json subnets_secondary_ranges | jq '.value[1] | .[0].range_name' -r)"
+
+  run gcloud --project=${PROJECT_ID} compute networks describe ${NETWORK_NAME} --format='get(subnetworks[1])'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/regions/${SUBNET_REGION}/subnetworks/${SUBNET_NAME}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(ipCidrRange)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_IP}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(privateIpGoogleAccess)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "False" ]]
+
+ run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(secondaryIpRanges[0].ipCidrRange)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_SECONDARY_RANGE_IP}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(secondaryIpRanges[0].rangeName)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_SECONDARY_RANGE_NAME}" ]]
+
+  # test-network-01-subnet-03
+  SUBNET_NAME="$(terraform output -json subnets_names | jq '.value[2]' -r)"
+  SUBNET_REGION="$(terraform output -json subnets_regions | jq '.value[2]' -r)"
+  SUBNET_IP="$(terraform output -json subnets_ips | jq '.value[2]' -r)"
+
+  run gcloud --project=${PROJECT_ID} compute networks describe ${NETWORK_NAME} --format='get(subnetworks[2])'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/regions/${SUBNET_REGION}/subnetworks/${SUBNET_NAME}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(ipCidrRange)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "${SUBNET_IP}" ]]
+
+  run gcloud --project=${PROJECT_ID} compute networks subnets describe ${SUBNET_NAME} --region=${SUBNET_REGION} --format='get(privateIpGoogleAccess)'[no-pad]
+  [ "$status" -eq 0 ]
+  [[ "${lines[0]}" = "False" ]]
+
+}
+
+# #################################### #
+#      Terraform destroy test          #
+# #################################### #
+
+@test "Terraform destroy" {
+  run terraform destroy -force
+  [ "$status" -eq 0 ]
+  [[ "$output" =~ 7\ destroyed ]]
+}

test/integration/gcloud-test/integration.regional_network.bats

@@ -38,7 +38,8 @@ function clean_workdir() {
 
 # Creates the main.tf file for Terraform
 function create_main_tf_file() {
-  echo "Creating main.tf file"
+  local ROUTING_MODE=$1
+  echo "Creating main.tf file (for a ${ROUTING_MODE} network)"
   touch main.tf
   eval "cat <<EOF
 $(<templates/main.tf.tmpl)
@@ -54,14 +55,25 @@ $(<templates/outputs.tf.tmpl)
 EOF" | tee > outputs.tf
 }
 
+## Testing Creation of Global Network
 # Preparing environment
 clean_workdir
-create_main_tf_file
+create_main_tf_file "GLOBAL"
 create_outputs_file
 
 # Call to bats
-echo "Test to execute: $(bats integration.bats -c)"
-bats integration.bats
+echo "Test to execute: $(bats integration.global_network.bats -c)"
+bats integration.global_network.bats
+
+## Testing Creation of Regional Network
+# Preparing environment
+clean_workdir
+create_main_tf_file "REGIONAL"
+create_outputs_file
+
+# Call to bats
+echo "Test to execute: $(bats integration.regional_network.bats -c)"
+bats integration.regional_network.bats
 
 export CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=""
 unset CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE

test/integration/gcloud-test/launch.sh

@@ -26,6 +26,7 @@ module "test-vpc-module-01" {
   source       = "../../../"
   project_id   = "${PROJECT_ID}"
   network_name = "test-network-01"
+  routing_mode = "${ROUTING_MODE}"
 
   subnets = [
     {