Merge pull request #1 from terraform-google-modules/morgante/initial-release

Initial release

Author: morgante

.gitignore

@@ -0,0 +1,36 @@
+# OSX leaves these everywhere on SMB shares
+._*
+
+# OSX trash
+.DS_Store
+*.pyc*
+
+# Emacs save files
+*~
+\#*\#
+.\#*
+
+# Vim-related files
+[._]*.s[a-w][a-z]
+[._]s[a-w][a-z]
+*.un~
+Session.vim
+.netrwhist
+
+### https://raw.github.com/github/gitignore/90f149de451a5433aebd94d02d11b0e28843a1af/Terraform.gitignore
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars

LICENSE

@@ -1,3 +1,4 @@
+
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -198,4 +199,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

Makefile

@@ -0,0 +1,65 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Make will use bash instead of sh
+SHELL := /usr/bin/env bash
+
+# All is the first target in the file so it will get picked up when you just run 'make' on its own
+all: check_shell check_python check_golang check_terraform check_docker check_base_files test_check_headers check_headers check_trailing_whitespace
+
+# The .PHONY directive tells make that this isn't a real target and so
+# the presence of a file named 'check_shell' won't cause this target to stop
+# working
+.PHONY: check_shell
+check_shell:
+	@source test/make.sh && check_shell
+
+.PHONY: check_python
+check_python:
+	@source test/make.sh && check_python
+
+.PHONY: check_golang
+check_golang:
+	@source test/make.sh && golang
+
+.PHONY: check_terraform
+check_terraform:
+	@source test/make.sh && check_terraform
+
+.PHONY: check_docker
+check_docker:
+	@source test/make.sh && docker
+
+.PHONY: check_base_files
+check_base_files:
+	@source test/make.sh && basefiles
+
+.PHONY: check_shebangs
+check_shebangs:
+	@source test/make.sh && check_bash
+
+.PHONY: check_trailing_whitespace
+check_trailing_whitespace:
+	@source test/make.sh && check_trailing_whitespace
+
+.PHONY: test_check_headers
+test_check_headers:
+	@echo "Testing the validity of the header check"
+	@python test/test_verify_boilerplate.py
+
+.PHONY: check_headers
+check_headers:
+	@echo "Checking file headers"
+	@python test/verify_boilerplate.py
+

README.md

@@ -1,2 +1,144 @@
-# terraform-google-network
-A Cloud Foundation Toolkit Module: Opinionated Google Cloud Platform project creation and configuration with Shared VPC, IAM, APIs, etc.
+# Terraform Network Module
+
+This modules makes it easy to set up a new VPC Network in GCP by defining your network and subnet ranges in a concise syntax.
+
+It supports creating:
+
+- A Google Virtual Private Network (VPC)
+- Subnets within the VPC
+- Secondary ranges for the subnets (if applicable)
+
+## Requirements
+### Terraform plugins
+- [Terraform](https://www.terraform.io/downloads.html) 0.10.x
+- [terraform-provider-google](https://github.com/terraform-providers/terraform-provider-google) plugin v1.8.0
+
+### Configure a Service Account
+In order to execute this module you must have a Service Account with the following roles:
+
+- roles/compute.networkAdmin on the organization
+
+### Enable API's
+In order to operate with the Service Account you must activate the following API on the project where the Service Account was created:
+
+- Compute Engine API - compute.googleapis.com
+
+## Install
+
+### Terraform
+Be sure you have the correct Terraform version (0.10.x), you can choose the binary here:
+- https://releases.hashicorp.com/terraform/
+
+## Usage
+You can go to the examples folder, however the usage of the module could be like this in your own main.tf file:
+
+```hcl
+module "vpc" {
+    source = "github.com/terraform-google-modules/terraform-google-network"
+    project_id = "<PROJECT ID>"
+    vpc_name   = "example-vpc"
+
+    subnets = [
+        {
+            subnet_name           = "subnet-01"
+            subnet_ip             = "10.10.10.0/24"
+            subnet_region         = "us-west1"
+            subnet_private_access = false
+        },
+        {
+            subnet_name           = "subnet-02"
+            subnet_ip             = "10.10.20.0/24"
+            subnet_region         = "us-west1"
+            subnet_private_access = false
+        },
+    ]
+
+    secondary_ranges = {
+        subnet-01 = [
+            {
+                range_name    = "subnet-01-secondary-01"
+                ip_cidr_range = "192.168.64.0/24"
+            },
+        ]
+
+        subnet-02 = []
+    }
+}
+```
+
+Then perform the following commands on the root folder:
+
+- `terraform init` to get the plugins
+- `terraform plan` to see the infrastructure plan
+- `terraform apply` to apply the infrastructure build
+- `terraform destroy` to destroy the built infrastructure
+
+#### Variables
+Please refer the /variables.tf file for the required and optional variables.
+
+#### Outputs
+Please refer the /outputs.tf file for the outputs that you can get with the `terraform output` command
+
+## File structure
+The project has the following folders and files:
+
+- /: root folder
+- /examples: examples for using this module
+- /test: Folders with files for testing the module (see Testing section on this file)
+- /main.tf: main file for this module, contains all the resources to create
+- /variables.tf: all the variables for the module
+- /output.tf: the outputs of the module
+- /README.md: this file
+
+## Testing
+
+### Requirements
+- [bats](https://github.com/sstephenson/bats) 0.4.0
+- [jq](https://stedolan.github.io/jq/) 1.5
+
+### Integration test
+##### Terraform integration tests
+The integration tests for this module are built with bats, basically the test checks the following:
+- Perform `terraform init` command
+- Perform `terraform get` command
+- Perform `terraform plan` command and check that it'll create *n* resources, modify 0 resources and delete 0 resources
+- Perform `terraform apply -auto-approve` command and check that it has created the *n* resources, modified 0 resources and deleted 0 resources
+- Perform several `gcloud` commands and check the infrastructure is in the desired state
+- Perform `terraform destroy -force` command and check that it has destroyed the *n* resources
+
+You can use the following command to run the integration test in the folder */test/integration/gcloud-test*
+
+  `. launch.sh`
+
+### Linting
+The makefile in this project will lint or sometimes just format any shell,
+Python, golang, Terraform, or Dockerfiles. The linters will only be run if
+the makefile finds files with the appropriate file extension.
+
+All of the linter checks are in the default make target, so you just have to
+run
+
+```
+make -s
+```
+
+The -s is for 'silent'. Successful output looks like this
+
+```
+Running shellcheck
+Running flake8
+Running gofmt
+Running terraform validate
+Running hadolint on Dockerfiles
+Test passed - Verified all file Apache 2 headers
+```
+
+The linters
+are as follows:
+* Shell - shellcheck. Can be found in homebrew
+* Python - flake8. Can be installed with 'pip install flake8'
+* Golang - gofmt. gofmt comes with the standard golang installation. golang
+is a compiled language so there is no standard linter.
+* Terraform - terraform has a built-in linter in the 'terraform validate'
+command.
+* Dockerfiles - hadolint. Can be found in homebrew

examples/.gitignore

@@ -0,0 +1 @@
+.tfvars

examples/multi_vpc/README.md

@@ -0,0 +1,3 @@
+# Multiple Networks
+
+This example configures a host network project with two separate networks.

examples/multi_vpc/main.tf

@@ -0,0 +1,96 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "test-vpc-module-01" {
+  source       = "../../"
+  project_id   = "${var.project_id}"
+  network_name = "test-network-01"
+
+  subnets = [
+    {
+      subnet_name           = "test-network-01-subnet-01"
+      subnet_ip             = "10.10.10.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = false
+    },
+    {
+      subnet_name           = "test-network-01-subnet-02"
+      subnet_ip             = "10.10.20.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = false
+    },
+    {
+      subnet_name           = "test-network-01-subnet-03"
+      subnet_ip             = "10.10.30.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = false
+    },
+  ]
+
+  secondary_ranges = {
+    test-network-01-subnet-01 = [
+      {
+        range_name    = "test-network-01-subnet-01-01"
+        ip_cidr_range = "192.168.64.0/24"
+      },
+      {
+        range_name    = "test-network-01-subnet-01-02"
+        ip_cidr_range = "192.168.65.0/24"
+      },
+    ]
+
+    test-network-01-subnet-02 = [
+      {
+        range_name    = "test-network-01-subnet-02-01"
+        ip_cidr_range = "192.168.74.0/24"
+      },
+    ]
+
+    test-network-01-subnet-03 = []
+  }
+}
+
+module "test-vpc-module-02" {
+  source       = "../../"
+  project_id   = "${var.project_id}"
+  network_name = "test-network-02"
+
+  subnets = [
+    {
+      subnet_name           = "test-network-02-subnet-01"
+      subnet_ip             = "10.10.40.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = false
+    },
+    {
+      subnet_name           = "test-network-02-subnet-02"
+      subnet_ip             = "10.10.50.0/24"
+      subnet_region         = "us-west1"
+      subnet_private_access = false
+    },
+  ]
+
+  secondary_ranges = {
+    test-network-02-subnet-01 = [
+      {
+        range_name    = "est-network-02-subnet-02-01"
+        ip_cidr_range = "192.168.75.0/24"
+      },
+    ]
+
+    test-network-02-subnet-02 = []
+  }
+}