Migrate integration tests to Test Kitchen

This commit eliminates the existing BATS integration tests and instead
introduces integration tests with Test Kitchen using the
kitchen-terraform and inspec-gcp plugins. The changes made to the
examples were to ensure that all scenarios could be run in parallel, to
correct syntax errors, and to use locals to make testing easier.

Author: glarizza

.kitchen.yml

@@ -24,23 +24,59 @@ platforms:
   - name: local
 
 suites:
-  - name: "simple_example"
+  - name: "simple_project"
     driver:
       name: "terraform"
       command_timeout: 1800
-      root_module_directory: test/fixtures/simple_example/
+      root_module_directory: test/fixtures/simple_project/
     verifier:
       name: terraform
-      color: false
+      color: true
       systems:
-        - name: simple_example
+        - name: inspec-gcp
+          backend: gcp
+          controls:
+            - gcp
+        - name: local
           backend: local
           controls:
             - gcloud
-        - name: simple_example
+  - name: "simple_project_with_regional_network"
+    driver:
+      name: "terraform"
+      command_timeout: 1800
+      root_module_directory: test/fixtures/simple_project_with_regional_network/
+    verifier:
+      name: terraform
+      color: true
+      systems:
+        - name: inspec-gcp
           backend: gcp
-          shell: true
           controls:
             - gcp
-    provisioner:
+  - name: "secondary_ranges"
+    driver:
+      name: "terraform"
+      command_timeout: 1800
+      root_module_directory: test/fixtures/secondary_ranges/
+    verifier:
       name: terraform
+      color: true
+      systems:
+        - name: local
+          backend: local
+          controls:
+            - gcloud
+  - name: "multi_vpc"
+    driver:
+      name: "terraform"
+      command_timeout: 1800
+      root_module_directory: test/fixtures/multi_vpc/
+    verifier:
+      name: terraform
+      color: true
+      systems:
+        - name: local
+          backend: local
+          controls:
+            - gcloud

README.md

@@ -81,12 +81,29 @@ Then perform the following commands on the root folder:
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | network_name | The name of the network being created | string | - | yes |
-| routing_mode | The network routing mode. Can be either 'REGIONAL' or 'GLOBAL' | string | GLOBAL | no |
 | project_id | The ID of the project where this VPC will be created | string | - | yes |
+| routes | List of routes being created in this VPC | list | `<list>` | no |
+| routing_mode | The network routing mode (default 'GLOBAL') | string | `GLOBAL` | no |
+| secondary_ranges | Secondary ranges that will be used in some of the subnets | map | - | yes |
 | shared_vpc_host | Makes this project a Shared VPC host if 'true' (default 'false') | string | `false` | no |
 | subnets | The list of subnets being created | list | - | yes |
-| secondary_ranges | Secondary ranges that will be used in some of the subnets | map | - | yes |
-| routes | The list of routes being created | list | - | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| network_name | The name of the VPC being created |
+| network_self_link | The URI of the VPC being created |
+| routes | The routes associated with this VPC |
+| subnets_flow_logs | Whether the subnets will have VPC flow logs enabled |
+| subnets_ips | The IPs and CIDRs of the subnets being created |
+| subnets_names | The names of the subnets being created |
+| subnets_private_access | Whether the subnets will have access to Google API's without a public IP |
+| subnets_regions | The region where the subnets will be created |
+| subnets_secondary_ranges | The secondary ranges associated with these subnets |
+| subnets_self_links | The self-links of subnets being created |
+
+[^]: (autogen_docs_end)
 
 ### Subnet Inputs
 The subnets list contains maps, where each object represents a subnet. Each map has the following inputs (please see examples folder for additional references):
@@ -115,23 +132,6 @@ The routes list contains maps, where each object represents a route. For the nex
 | next_hop_vpn_tunnel | URL to a VpnTunnel that should handle matching packets | string | - | yes |
 | priority | The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins | string | 1000 | yes |
 
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| network_name | The name of the VPC being created |
-| network_self_link | The URI of the VPC being created |
-| subnets_ips | The IPs and CIDRs of the subnets being created |
-| subnets_self_links | The `self_link`s of the subnets being created |
-| subnets_names | The names of the subnets being created |
-| subnets_private_access | Whether the subnets will have access to Google API's without a public IP |
-| subnets_flow_logs | Whether the subnets will have VPC flow logs enabled |
-| subnets_regions | The region where the subnets will be created |
-| subnets_secondary_ranges | The secondary ranges associated with these subnets |
-| routes | The routes associated with this VPC |
-
-[^]: (autogen_docs_end)
-
 ## Requirements
 ### Terraform plugins
 - [Terraform](https://www.terraform.io/downloads.html) 0.10.x

codelabs/simple/main.tf

@@ -1,3 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 resource "random_id" "network_id" {
   byte_length = 8
 }

examples/multi_vpc/README.md

@@ -15,23 +15,25 @@ This example configures a host network project with two separate networks.
 
 | Name | Description |
 |------|-------------|
-| network_01_name | vpc 1 |
+| network_01_name | The name of the VPC network-01 |
+| network_01_route_data | The route data for network 01 that was passed into the network module |
+| network_01_routes | The routes associated with network-01 |
 | network_01_self_link | The URI of the VPC network-01 |
 | network_01_subnets | The names of the subnets being created on network-01 |
 | network_01_subnets_flow_logs | Whether the subnets will have VPC flow logs enabled |
 | network_01_subnets_ips | The IP and cidrs of the subnets being created on network-01 |
 | network_01_subnets_private_access | Whether the subnets will have access to Google API's without a public IP on network-01 |
 | network_01_subnets_regions | The region where the subnets will be created on network-01 |
 | network_01_subnets_secondary_ranges | The secondary ranges associated with these subnets on network-01 |
-| network_01_routes | The routes associated with network-01 |
-| network_02_name | vpc 2 |
+| network_02_name | The name of the VPC network-02 |
+| network_02_route_data | The route data for network 02 that was passed into the network module |
+| network_02_routes | The routes associated with network-02 |
 | network_02_self_link | The URI of the VPC network-02 |
 | network_02_subnets | The names of the subnets being created on network-02 |
 | network_02_subnets_flow_logs | Whether the subnets will have VPC flow logs enabled |
 | network_02_subnets_ips | The IP and cidrs of the subnets being created on network-02 |
 | network_02_subnets_private_access | Whether the subnets will have access to Google API's without a public IP on network-02 |
 | network_02_subnets_regions | The region where the subnets will be created on network-02 |
 | network_02_subnets_secondary_ranges | The secondary ranges associated with these subnets on network-02 |
-| network_02_routes | The routes associated with network-02 |
 
-[^]: (autogen_docs_end)
+[^]: (autogen_docs_end)

examples/multi_vpc/main.tf

@@ -14,28 +14,72 @@
  * limitations under the License.
  */
 
+locals {
+  network_01_name = "test-network-301"
+  network_02_name = "test-network-302"
+
+  network_01_routes = [
+    {
+      name              = "${local.network_01_name}-egress-inet"
+      description       = "route through IGW to access internet"
+      destination_range = "0.0.0.0/0"
+      tags              = "egress-inet"
+      next_hop_internet = "true"
+    },
+  ]
+
+  network_02_routes = [
+    {
+      name              = "${local.network_02_name}-egress-inet"
+      description       = "route through IGW to access internet"
+      destination_range = "0.0.0.0/0"
+      tags              = "egress-inet"
+      next_hop_internet = "true"
+    },
+    {
+      name              = "${local.network_02_name}-testapp-proxy"
+      description       = "route through proxy to reach app"
+      destination_range = "10.50.10.0/24"
+      tags              = "app-proxy"
+      next_hop_ip       = "10.10.40.10"
+    },
+  ]
+}
+
+resource "random_string" "random_suffix_01" {
+  length  = 4
+  upper   = "false"
+  special = "false"
+}
+
+resource "random_string" "random_suffix_02" {
+  length  = 4
+  upper   = "false"
+  special = "false"
+}
+
 module "test-vpc-module-01" {
   source       = "../../"
   project_id   = "${var.project_id}"
-  network_name = "test-network-01"
+  network_name = "test-network-${random_string.random_suffix_01.result}"
 
   subnets = [
     {
-      subnet_name           = "test-network-01-subnet-01"
+      subnet_name           = "${local.network_01_name}-subnet-01"
       subnet_ip             = "10.10.10.0/24"
       subnet_region         = "us-west1"
       subnet_private_access = "false"
       subnet_flow_logs      = "true"
     },
     {
-      subnet_name           = "test-network-01-subnet-02"
+      subnet_name           = "${local.network_01_name}-subnet-02"
       subnet_ip             = "10.10.20.0/24"
       subnet_region         = "us-west1"
       subnet_private_access = "false"
       subnet_flow_logs      = "true"
     },
     {
-      subnet_name           = "test-network-01-subnet-03"
+      subnet_name           = "${local.network_01_name}-subnet-03"
       subnet_ip             = "10.10.30.0/24"
       subnet_region         = "us-west1"
       subnet_private_access = "false"
@@ -44,53 +88,45 @@ module "test-vpc-module-01" {
   ]
 
   secondary_ranges = {
-    test-network-01-subnet-01 = [
+    "${local.network_01_name}-subnet-01" = [
       {
-        range_name    = "test-network-01-subnet-01-01"
+        range_name    = "${local.network_01_name}-subnet-01-01"
         ip_cidr_range = "192.168.64.0/24"
       },
       {
-        range_name    = "test-network-01-subnet-01-02"
+        range_name    = "${local.network_01_name}-subnet-01-02"
         ip_cidr_range = "192.168.65.0/24"
       },
     ]
 
-    test-network-01-subnet-02 = [
+    "${local.network_01_name}-subnet-02" = [
       {
-        range_name    = "test-network-01-subnet-02-01"
+        range_name    = "${local.network_01_name}-subnet-02-01"
         ip_cidr_range = "192.168.74.0/24"
       },
     ]
 
-    test-network-01-subnet-03 = []
+    "${local.network_01_name}-subnet-03" = []
   }
 
-  routes = [
-    {
-      name             = "egress-inet"
-      description      = "route through IGW to access internet"
-      dest_range       = "0.0.0.0/0"
-      tags             = "egress-inet"
-      next_hop_gateway = "true"
-    },
-  ]
+  routes = "${local.network_01_routes}"
 }
 
 module "test-vpc-module-02" {
   source       = "../../"
   project_id   = "${var.project_id}"
-  network_name = "test-network-02"
+  network_name = "test-network-${random_string.random_suffix_02.result}"
 
   subnets = [
     {
-      subnet_name           = "test-network-02-subnet-01"
+      subnet_name           = "${local.network_02_name}-subnet-01"
       subnet_ip             = "10.10.40.0/24"
       subnet_region         = "us-west1"
       subnet_private_access = "false"
       subnet_flow_logs      = "true"
     },
     {
-      subnet_name           = "test-network-02-subnet-02"
+      subnet_name           = "${local.network_02_name}-subnet-02"
       subnet_ip             = "10.10.50.0/24"
       subnet_region         = "us-west1"
       subnet_private_access = "false"
@@ -99,30 +135,15 @@ module "test-vpc-module-02" {
   ]
 
   secondary_ranges = {
-    test-network-02-subnet-01 = [
+    "${local.network_02_name}-subnet-01" = [
       {
-        range_name    = "est-network-02-subnet-02-01"
+        range_name    = "${local.network_02_name}-subnet-02-01"
         ip_cidr_range = "192.168.75.0/24"
       },
     ]
 
-    test-network-02-subnet-02 = []
+    "${local.network_02_name}-subnet-02" = []
   }
 
-  routes = [
-    {
-      name              = "egress-inet"
-      description       = "route through IGW to access internet"
-      destination_range = "0.0.0.0/0"
-      tags              = "egress-inet"
-      next_hop_gateway  = "true"
-    },
-    {
-      name              = "app-proxy"
-      description       = "route through proxy to reach app"
-      destination_range = "10.50.10.0/24"
-      tags              = "app-proxy"
-      next_hop_ip       = "10.10.40.10"
-    },
-  ]
+  routes = "${local.network_02_routes}"
 }

examples/multi_vpc/outputs.tf

@@ -60,6 +60,11 @@ output "network_01_routes" {
   description = "The routes associated with network-01"
 }
 
+output "network_01_route_data" {
+  value       = "${local.network_01_routes}"
+  description = "The route data for network 01 that was passed into the network module"
+}
+
 # vpc 2
 output "network_02_name" {
   value       = "${module.test-vpc-module-02.network_name}"
@@ -105,3 +110,8 @@ output "network_02_routes" {
   value       = "${module.test-vpc-module-02.routes}"
   description = "The routes associated with network-02"
 }
+
+output "network_02_route_data" {
+  value       = "${local.network_02_routes}"
+  description = "The route data for network 02 that was passed into the network module"
+}