feat: Adding vpc-serverless-connector-submodule-beta (#280)

* updated rules in readme example to resolve issue #252

* Adding vpc-serverless-connector-beta submodule with integration tests

* removing comment

* updateing docs via  make generate_docs

* Adding int tests, changing serverless submodule to list of maps, updated int tests

* Adding support for ip_cidr_range & network, modifying int test fixtures

* Adding serverless api for setup on integration tests

* Adding itegration test iam permissions and improving ip_cidr_range example

* removing accidental comment

* Adding project_id as output, updating docs

Author: tdigangi

.gitignore

@@ -23,6 +23,7 @@ Session.vim
 
 # Local .terraform directories
 **/.terraform/*
+.terraform.lock.hcl
 
 # .tfstate files
 *.tfstate

.kitchen.yml

@@ -1,4 +1,4 @@
-# Copyright 2019 Google LLC
+# Copyright 2021 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -159,3 +159,23 @@ suites:
           backend: local
           controls:
             - gcloud
+  - name: "submodule_vpc_serverless_connector_beta"
+    driver:
+      name: "terraform"
+      command_timeout: 1800
+      root_module_directory: test/fixtures/submodule_vpc_serverless_connector_beta/
+    verifier:
+      name: terraform
+      color: true
+      systems:
+        - name: inspec-gcp
+          attrs_outputs:
+            customized_inspec_attribute: output_connector_ids
+          backend: gcp
+          controls:
+            - gcp
+            - inspec_attributes
+        - name: local
+          backend: local
+          controls:
+            - gcloud

build/int.cloudbuild.yaml

@@ -161,6 +161,26 @@ steps:
     - verify submodule-network-peering-local
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy submodule-network-peering-local']
+- id: create submodule-vpc-serverless-connector-beta
+  waitFor:
+    - prepare
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do create submodule-vpc-serverless-connector-beta']
+- id: converge submodule-vpc-serverless-connector-beta
+  waitFor:
+    - create submodule-vpc-serverless-connector-beta
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge submodule-vpc-serverless-connector-beta']
+- id: verify submodule-vpc-serverless-connector-beta
+  waitFor:
+    - converge submodule-vpc-serverless-connector-beta
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify submodule-vpc-serverless-connector-beta']
+- id: destroy submodule-vpc-serverless-connector-beta
+  waitFor:
+    - verify submodule-vpc-serverless-connector-beta
+  name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy submodule-vpc-serverless-connector-beta']
 tags:
 - 'ci'
 - 'integration'

examples/submodule_vpc_serverless_connector/README.md

@@ -0,0 +1,19 @@
+# VPC Serverless Connector Beta
+
+This example deploys a single vpc serverless connector in the us-central1 region.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| project\_id | Project in which the vpc connector will be deployed. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| connector\_ids | ID of the vpc serverless connector that was deployed. |
+| project\_id | The ID of the project being used |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/submodule_vpc_serverless_connector/main.tf

@@ -0,0 +1,64 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+provider "google" {
+  version = "~> 3.62"
+}
+
+provider "google-beta" {
+  version = "~> 3.62"
+}
+
+module "test-vpc-module" {
+  source       = "terraform-google-modules/network/google"
+  version      = "~> 3.2.0"
+  project_id   = var.project_id # Replace this with your project ID in quotes
+  network_name = "my-serverless-network"
+  mtu          = 1460
+
+  subnets = [
+    {
+      subnet_name   = "serverless-subnet"
+      subnet_ip     = "10.10.10.0/28"
+      subnet_region = "us-central1"
+    }
+  ]
+}
+
+module "serverless-connector" {
+  source     = "../../modules/vpc-serverless-connector-beta"
+  project_id = var.project_id
+  vpc_connectors = [{
+    name        = "central-serverless"
+    region      = "us-central1"
+    subnet_name = module.test-vpc-module.subnets["us-central1/serverless-subnet"].name
+    # host_project_id = var.host_project_id # Leverage host_project_id if using a shared VPC
+    machine_type  = "e2-standard-4"
+    min_instances = 2
+    max_instances = 7
+    }
+    # Uncomment below to leverage ip_cidr_range
+    #   , {
+    #     name          = "central-serverless2"
+    #     region        = "us-central1"
+    #     network       = module.test-vpc-module.network_name
+    #     ip_cidr_range = "10.10.11.0/28"
+    #     subnet_name   = null
+    #     machine_type  = "e2-standard-4"
+    #     min_instances = 2
+    #   max_instances = 7 }
+  ]
+}

examples/submodule_vpc_serverless_connector/outputs.tf

@@ -0,0 +1,25 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "connector_ids" {
+  value       = module.serverless-connector.connector_ids
+  description = "ID of the vpc serverless connector that was deployed."
+}
+
+output "project_id" {
+  value       = var.project_id
+  description = "The ID of the project being used"
+}

examples/submodule_vpc_serverless_connector/variables.tf

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  type        = string
+  description = "Project in which the vpc connector will be deployed."
+}

examples/submodule_vpc_serverless_connector/versions.tf

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">=0.13.0"
+}

modules/vpc-serverless-connector-beta/README.md

@@ -0,0 +1,44 @@
+# Terraform VPC Serverless Connector Beta
+
+This submodule is part of the the `terraform-google-network` module. It creates the vpc serverless connector using the beta components available.
+
+It supports creating:
+
+- serverless connector
+- serverless vpc access connector
+
+## Usage
+
+Basic usage of this submodule is as follows:
+
+```hcl
+module "serverless-connector" {
+  source     = "terraform-google-modules/network/google//modules/vpc-serverless-connector-beta"
+  project_id = <PROJECT ID>
+  vpc_connectors = [{
+    name            = "central-serverless"
+    region          = "us-central1"
+    subnet_name     = "<SUBNET NAME>"
+    host_project_id = "<HOST PROJECT ID>"
+    machine_type    = "e2-standard-4"
+    min_instances   = 2
+    max_instances   = 3
+  }]
+}
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| project\_id | Project in which the vpc connector will be deployed. | `string` | n/a | yes |
+| vpc\_connectors | List of VPC serverless connectors. | `list(map(string))` | `[]` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| connector\_ids | VPC serverless connector ID. |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/vpc-serverless-connector-beta/main.tf

@@ -0,0 +1,37 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+# Pending new google-cloud-beta provider release Estimated Release 03/22
+# https://github.com/hashicorp/terraform-provider-google/issues/8475
+resource "google_vpc_access_connector" "connector_beta" {
+  for_each      = { for connector in var.vpc_connectors : connector.name => connector }
+  provider      = google-beta
+  name          = each.value.name
+  project       = var.project_id
+  region        = each.value.region
+  ip_cidr_range = lookup(each.value, "ip_cidr_range", null)
+  network       = lookup(each.value, "network", null)
+  dynamic "subnet" {
+    for_each = each.value.subnet_name == null ? [] : [each.value]
+    content {
+      name       = each.value.subnet_name
+      project_id = lookup(each.value, "host_project_id", null)
+    }
+  }
+  machine_type  = lookup(each.value, "machine_type", null)
+  min_instances = lookup(each.value, "min_instances", null)
+  max_instances = lookup(each.value, "max_instances", null)
+}