From 110fd798a74aed9bd4500a3c878ffa458146b344 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Thu, 21 Dec 2023 12:01:08 +0100 Subject: [PATCH 1/3] Fix always succeding test (#1937) Co-authored-by: Julio Castillo --- modules/gcs/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 2c3a85e308..539d82ce6a 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -53,7 +53,7 @@ module "bucket" { location = "EU" } -# tftest skip e2e +# tftest modules=3 skip e2e ``` ### Example with retention policy and logging From c4123044b7d466720000282ea970a2e6282f188e Mon Sep 17 00:00:00 2001 From: Luca Prete Date: Thu, 21 Dec 2023 14:23:38 +0100 Subject: [PATCH 2/3] Use new resources in GCVE module, bump up provider versions (#1941) --- default-versions.tf | 6 +- .../alloydb-instance/versions.tf | 6 +- modules/__experimental/net-neg/versions.tf | 6 +- .../project-iam-magic/versions.tf | 6 +- modules/api-gateway/versions.tf | 6 +- modules/apigee/versions.tf | 6 +- modules/artifact-registry/versions.tf | 6 +- modules/bigquery-dataset/versions.tf | 6 +- modules/bigtable-instance/versions.tf | 6 +- modules/billing-account/versions.tf | 6 +- modules/binauthz/versions.tf | 6 +- .../__need_fixing/onprem/versions.tf | 6 +- .../__need_fixing/squid/versions.tf | 6 +- .../coredns/versions.tf | 6 +- .../cos-generic-metadata/versions.tf | 6 +- .../envoy-sni-dyn-fwd-proxy/versions.tf | 6 +- .../envoy-traffic-director/versions.tf | 6 +- .../cloud-config-container/mysql/versions.tf | 6 +- .../nginx-tls/versions.tf | 6 +- .../cloud-config-container/nginx/versions.tf | 6 +- .../simple-nva/versions.tf | 6 +- modules/cloud-function-v1/versions.tf | 6 +- modules/cloud-function-v2/versions.tf | 6 +- modules/cloud-identity-group/versions.tf | 6 +- modules/cloud-run/versions.tf | 6 +- modules/cloudsql-instance/versions.tf | 6 +- modules/compute-mig/versions.tf | 6 +- modules/compute-vm/versions.tf | 6 +- modules/container-registry/versions.tf | 6 +- modules/data-catalog-policy-tag/versions.tf | 6 +- modules/datafusion/versions.tf | 6 +- modules/dataplex-datascan/versions.tf | 6 +- modules/dataplex/versions.tf | 6 +- modules/dataproc/versions.tf | 6 +- modules/dns-response-policy/versions.tf | 6 +- modules/dns/versions.tf | 6 +- modules/endpoints/versions.tf | 6 +- modules/folder/versions.tf | 6 +- modules/gcs/versions.tf | 6 +- modules/gcve-private-cloud/README.md | 134 +++++++---- modules/gcve-private-cloud/main.tf | 94 +++++--- modules/gcve-private-cloud/outputs.tf | 59 +---- modules/gcve-private-cloud/variables.tf | 134 +++++------ modules/gcve-private-cloud/versions.tf | 6 +- modules/gke-cluster-autopilot/versions.tf | 6 +- modules/gke-cluster-standard/versions.tf | 6 +- modules/gke-hub/versions.tf | 6 +- modules/gke-nodepool/versions.tf | 6 +- modules/iam-service-account/versions.tf | 6 +- modules/kms/versions.tf | 6 +- modules/logging-bucket/versions.tf | 6 +- modules/ncc-spoke-ra/versions.tf | 6 +- modules/net-address/versions.tf | 6 +- modules/net-cloudnat/versions.tf | 6 +- modules/net-firewall-policy/versions.tf | 6 +- .../net-ipsec-over-interconnect/versions.tf | 6 +- modules/net-lb-app-ext/versions.tf | 6 +- modules/net-lb-app-int/versions.tf | 6 +- modules/net-lb-ext/versions.tf | 6 +- modules/net-lb-int/versions.tf | 6 +- modules/net-lb-proxy-int/versions.tf | 6 +- modules/net-swp/versions.tf | 6 +- modules/net-vlan-attachment/versions.tf | 6 +- modules/net-vpc-firewall/versions.tf | 6 +- modules/net-vpc-peering/versions.tf | 6 +- modules/net-vpc/versions.tf | 6 +- modules/net-vpn-dynamic/versions.tf | 6 +- modules/net-vpn-ha/versions.tf | 6 +- modules/net-vpn-static/versions.tf | 6 +- modules/organization/versions.tf | 6 +- modules/project/versions.tf | 6 +- modules/projects-data-source/versions.tf | 6 +- modules/pubsub/versions.tf | 6 +- modules/secret-manager/versions.tf | 6 +- modules/service-directory/versions.tf | 6 +- modules/source-repository/versions.tf | 6 +- modules/vpc-sc/versions.tf | 6 +- modules/workstation-cluster/versions.tf | 6 +- tests/examples_e2e/setup_module/versions.tf | 6 +- .../examples/additional-clusters.yaml | 65 ++++++ .../gcve_private_cloud/examples/basic.yaml | 32 ++- .../{custom.yaml => custom-management.yaml} | 32 ++- tests/modules/gke_hub/examples/full.yaml | 217 +++++++++++++++++- 83 files changed, 684 insertions(+), 533 deletions(-) create mode 100644 tests/modules/gcve_private_cloud/examples/additional-clusters.yaml rename tests/modules/gcve_private_cloud/examples/{custom.yaml => custom-management.yaml} (53%) diff --git a/default-versions.tf b/default-versions.tf index 4a28371820..5ec74cff31 100644 --- a/default-versions.tf +++ b/default-versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/__experimental/alloydb-instance/versions.tf b/modules/__experimental/alloydb-instance/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/__experimental/alloydb-instance/versions.tf +++ b/modules/__experimental/alloydb-instance/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/__experimental/net-neg/versions.tf b/modules/__experimental/net-neg/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/__experimental/net-neg/versions.tf +++ b/modules/__experimental/net-neg/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/__experimental/project-iam-magic/versions.tf b/modules/__experimental/project-iam-magic/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/__experimental/project-iam-magic/versions.tf +++ b/modules/__experimental/project-iam-magic/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/api-gateway/versions.tf b/modules/api-gateway/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/api-gateway/versions.tf +++ b/modules/api-gateway/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/apigee/versions.tf b/modules/apigee/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/apigee/versions.tf +++ b/modules/apigee/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/artifact-registry/versions.tf b/modules/artifact-registry/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/artifact-registry/versions.tf +++ b/modules/artifact-registry/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/bigquery-dataset/versions.tf b/modules/bigquery-dataset/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/bigquery-dataset/versions.tf +++ b/modules/bigquery-dataset/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/bigtable-instance/versions.tf b/modules/bigtable-instance/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/bigtable-instance/versions.tf +++ b/modules/bigtable-instance/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/billing-account/versions.tf b/modules/billing-account/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/billing-account/versions.tf +++ b/modules/billing-account/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/binauthz/versions.tf b/modules/binauthz/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/binauthz/versions.tf +++ b/modules/binauthz/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/__need_fixing/onprem/versions.tf b/modules/cloud-config-container/__need_fixing/onprem/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/versions.tf +++ b/modules/cloud-config-container/__need_fixing/onprem/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/__need_fixing/squid/versions.tf b/modules/cloud-config-container/__need_fixing/squid/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/__need_fixing/squid/versions.tf +++ b/modules/cloud-config-container/__need_fixing/squid/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/coredns/versions.tf b/modules/cloud-config-container/coredns/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/coredns/versions.tf +++ b/modules/cloud-config-container/coredns/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/cos-generic-metadata/versions.tf b/modules/cloud-config-container/cos-generic-metadata/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/cos-generic-metadata/versions.tf +++ b/modules/cloud-config-container/cos-generic-metadata/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy/versions.tf b/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy/versions.tf +++ b/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/envoy-traffic-director/versions.tf b/modules/cloud-config-container/envoy-traffic-director/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/envoy-traffic-director/versions.tf +++ b/modules/cloud-config-container/envoy-traffic-director/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/mysql/versions.tf b/modules/cloud-config-container/mysql/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/mysql/versions.tf +++ b/modules/cloud-config-container/mysql/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/nginx-tls/versions.tf b/modules/cloud-config-container/nginx-tls/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/nginx-tls/versions.tf +++ b/modules/cloud-config-container/nginx-tls/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/nginx/versions.tf b/modules/cloud-config-container/nginx/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/nginx/versions.tf +++ b/modules/cloud-config-container/nginx/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-config-container/simple-nva/versions.tf b/modules/cloud-config-container/simple-nva/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-config-container/simple-nva/versions.tf +++ b/modules/cloud-config-container/simple-nva/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-function-v1/versions.tf b/modules/cloud-function-v1/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-function-v1/versions.tf +++ b/modules/cloud-function-v1/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-function-v2/versions.tf b/modules/cloud-function-v2/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-function-v2/versions.tf +++ b/modules/cloud-function-v2/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-identity-group/versions.tf b/modules/cloud-identity-group/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-identity-group/versions.tf +++ b/modules/cloud-identity-group/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloud-run/versions.tf b/modules/cloud-run/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloud-run/versions.tf +++ b/modules/cloud-run/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/cloudsql-instance/versions.tf b/modules/cloudsql-instance/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/cloudsql-instance/versions.tf +++ b/modules/cloudsql-instance/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/compute-mig/versions.tf b/modules/compute-mig/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/compute-mig/versions.tf +++ b/modules/compute-mig/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/compute-vm/versions.tf b/modules/compute-vm/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/compute-vm/versions.tf +++ b/modules/compute-vm/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/container-registry/versions.tf b/modules/container-registry/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/container-registry/versions.tf +++ b/modules/container-registry/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/data-catalog-policy-tag/versions.tf b/modules/data-catalog-policy-tag/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/data-catalog-policy-tag/versions.tf +++ b/modules/data-catalog-policy-tag/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/datafusion/versions.tf b/modules/datafusion/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/datafusion/versions.tf +++ b/modules/datafusion/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/dataplex-datascan/versions.tf b/modules/dataplex-datascan/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/dataplex-datascan/versions.tf +++ b/modules/dataplex-datascan/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/dataplex/versions.tf b/modules/dataplex/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/dataplex/versions.tf +++ b/modules/dataplex/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/dataproc/versions.tf b/modules/dataproc/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/dataproc/versions.tf +++ b/modules/dataproc/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/dns-response-policy/versions.tf b/modules/dns-response-policy/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/dns-response-policy/versions.tf +++ b/modules/dns-response-policy/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/dns/versions.tf +++ b/modules/dns/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/endpoints/versions.tf b/modules/endpoints/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/endpoints/versions.tf +++ b/modules/endpoints/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/folder/versions.tf b/modules/folder/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/folder/versions.tf +++ b/modules/folder/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/gcs/versions.tf b/modules/gcs/versions.tf index 4a28371820..5ec74cff31 100644 --- a/modules/gcs/versions.tf +++ b/modules/gcs/versions.tf @@ -17,13 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 5.6.0, < 6.0.0" # tftest + version = ">= 5.10.0, < 6.0.0" # tftest } } } - - diff --git a/modules/gcve-private-cloud/README.md b/modules/gcve-private-cloud/README.md index 0e3a9ef7b3..dbf5c753fd 100644 --- a/modules/gcve-private-cloud/README.md +++ b/modules/gcve-private-cloud/README.md @@ -1,6 +1,9 @@ # Google Cloud VMWare Engine Private Cloud Module -This module implements the creation and management of a Google Cloud VMWare Engine Private Cloud with its management cluster. If configured, it also creates the VMWare engine network or it can work with an existing one. The creation of the private connection with the user VPC requires the execution of the [Google SDK command](https://cloud.google.com/sdk/gcloud/reference/vmware/private-connections/create#--routing-mode) the module provides as an output. +The module manages one or more Google Cloud VMWare Engine Private Clouds. + +It also optionally creates: +- A VMWare engine network, shared betwee or it can work with an existing one. The module optionally creates peering connections to users' VPCs or other VMware engine networks. To understand the limits and to properly configure the vSphere/vSAN subnets CIDR range please refer to the [GCVE public documentation](https://cloud.google.com/vmware-engine/docs/quickstart-networking-requirements). @@ -9,92 +12,127 @@ Be aware that the deployment of this module might require up to 2 hours dependin - [Limitations](#limitations) - [Basic Private Cloud Creation](#basic-private-cloud-creation) -- [Private Cloud Creation with custom nodes and cores count](#private-cloud-creation-with-custom-nodes-and-cores-count) +- [Customize management cluster configs](#customize-management-cluster-configs) +- [Create additional clusters](#create-additional-clusters) - [Variables](#variables) - [Outputs](#outputs) ## Limitations -At the moment this module doesn't support the following use cases: -- Single node private cloud -- Stretched private cloud + +At the moment this module doesn't support the creation of stretched private clouds. ## Basic Private Cloud Creation ```hcl module "gcve-pc" { source = "./fabric/modules/gcve-private-cloud" - name = "gcve-pc" + prefix = "gcve-pc" project_id = "gcve-test-project" - zone = "europe-west8-a" - cidr = "192.168.0.0/24" - private_connections = { + vmw_network_peerings = { transit-conn1 = { - name = "transit-conn1" - network_self_link = "projects/test-prj-gcve-01/global/networks/default" - tenant_host_project = "g39a814990532d10ap-tp" - type = "PRIVATE_SERVICE_ACCESS" - routing_mode = "REGIONAL" + name = "to-my-vpc" + peer_network = "projects/test-prj-gcve-01/global/networks/default" + } + } + + vmw_private_cloud_configs = { + pcc_one = { + cidr = "192.168.0.0/24" + zone = "europe-west8-a" } } } -# tftest modules=1 resources=2 inventory=basic.yaml +# tftest modules=1 resources=3 inventory=basic.yaml ``` -## Private Cloud Creation with custom nodes and cores count + +## Customize management cluster configs + +You can customize the management cluster of each VMware engine private cloud. ```hcl module "gcve-pc" { source = "./fabric/modules/gcve-private-cloud" - name = "gcve-pc" + prefix = "gcve-pc" project_id = "gcve-test-project" - zone = "europe-west8-a" - cidr = "192.168.0.0/24" - management_cluster_config = { - node_type_id = "standard-72" - node_count = 6 - custom_core_count = 28 + vmw_network_peerings = { + transit-conn1 = { + name = "to-my-vpc" + peer_network = "projects/test-prj-gcve-01/global/networks/default" + } + } + + vmw_private_cloud_configs = { + pcc_one = { + cidr = "192.168.0.0/24" + management_cluster_config = { + node_type_id = "standard-72" + node_count = 6 + custom_core_count = 28 + } + zone = "europe-west8-a" + } } +} +# tftest modules=1 resources=3 inventory=custom-management.yaml +``` + +## Create additional clusters + +You can optionally create additional clusters in each VMware engine private cloud. + +```hcl +module "gcve-pc" { + source = "./fabric/modules/gcve-private-cloud" + prefix = "gcve-pc" + project_id = "gcve-test-project" - private_connections = { + vmw_network_peerings = { transit-conn1 = { - name = "transit-conn1" - network_self_link = "projects/test-prj-gcve-01/global/networks/default" - tenant_host_project = "g39a814990532d10ap-tp" - type = "PRIVATE_SERVICE_ACCESS" - routing_mode = "REGIONAL" + name = "to-my-vpc" + peer_network = "projects/test-prj-gcve-01/global/networks/default" + } + } + + vmw_private_cloud_configs = { + pcc_one = { + cidr = "192.168.0.0/24" + additional_cluster_configs = { + test-cluster-one = { + node_type_id = "standard-72" + node_count = 6 + custom_core_count = 28 + } + test-cluster-two = { + node_type_id = "standard-72" + node_count = 4 + custom_core_count = 28 + } + } + zone = "europe-west8-a" } } } -# tftest modules=1 resources=2 inventory=custom.yaml +# tftest modules=1 resources=5 inventory=additional-clusters.yaml ``` ## Variables | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [cidr](variables.tf#L16) | vSphere/vSAN subnets CIDR range. To undersatnd the limits, please refer to [GCVE network requirements](https://cloud.google.com/vmware-engine/docs/quickstart-networking-requirements). | string | ✓ | | -| [name](variables.tf#L42) | Private cloud name. | string | ✓ | | -| [project_id](variables.tf#L84) | Project id. | string | ✓ | | -| [zone](variables.tf#L101) | Private cloud zone. | string | ✓ | | -| [description](variables.tf#L21) | Private cloud description. | string | | "Terraform-managed." | -| [management_cluster_config](variables.tf#L27) | Management cluster configuration. | object({…}) | | {…} | -| [private_connections](variables.tf#L47) | VMWare private connections configuration. It is used to create the gcloud command printed as output. | map(object({…})) | | {} | -| [vmw_network_create](variables.tf#L89) | Create the VMware Engine network. When set to false, it uses a data source to reference an existing VMware Engine network. | bool | | true | -| [vmw_network_description](variables.tf#L95) | VMware Engine network description. | string | | "Terraform-managed." | +| [prefix](variables.tf#L17) | Resources name prefix. | string | ✓ | | +| [project_id](variables.tf#L22) | Project id. | string | ✓ | | +| [vmw_network_config](variables.tf#L27) | VMware Engine network configuration. | object({…}) | | {} | +| [vmw_network_peerings](variables.tf#L37) | The network peerings towards users' VPCs or other VMware Engine networks. The key is the peering name suffix. | map(object({…})) | | {} | +| [vmw_private_cloud_configs](variables.tf#L51) | The VMware private cloud configurations. The key is the unique private cloud name suffix. | map(object({…})) | | {…} | ## Outputs | name | description | sensitive | |---|---|:---:| -| [hcx](outputs.tf#L17) | Details about a HCX Cloud Manager appliance. | | -| [id](outputs.tf#L22) | ID of the private cloud. | | -| [management_cluster](outputs.tf#L27) | Details of the management cluster of the private cloud. | | -| [network_config](outputs.tf#L32) | Details about the network configuration of the private cloud. | | -| [nsx](outputs.tf#L37) | Details about a NSX Manager appliance. | | -| [private-cloud](outputs.tf#L42) | The private cloud resource. | | -| [private_connections_setup](outputs.tf#L47) | Cloud SDK commands for the private connections manual setup. | | -| [state](outputs.tf#L63) | Details about the state of the private cloud. | | -| [vcenter](outputs.tf#L68) | Details about a vCenter Server management appliance. | | +| [vmw_engine_network_config](outputs.tf#L17) | VMware engine network configuration. | | +| [vmw_engine_network_peerings](outputs.tf#L22) | The peerings created towards the user VPC or other VMware engine networks. | | +| [vmw_engine_private_clouds](outputs.tf#L27) | VMware engine private cloud resources. | | diff --git a/modules/gcve-private-cloud/main.tf b/modules/gcve-private-cloud/main.tf index 3235fb29a1..9e9579c41b 100644 --- a/modules/gcve-private-cloud/main.tf +++ b/modules/gcve-private-cloud/main.tf @@ -15,61 +15,87 @@ */ locals { - region = regex("([a-z]*-[a-z]*[0-9]{1,2})-([a-z])", var.zone)[0] + # Creates a map of additional clusters objects, including their parent private cloud + additional_cluster_configs = merge( + [for pcc_name, pcc in var.vmw_private_cloud_configs + : { for cluster_name, cluster in pcc.additional_cluster_configs + : "${cluster_name}" => merge( + cluster, + { parent = try(google_vmwareengine_private_cloud.vmw_engine_private_clouds[pcc_name].id, null) } + ) + } + ]...) vmw_network = ( - var.vmw_network_create - ? try(google_vmwareengine_network.private-cloud-network.0, null) - : try(data.google_vmwareengine_network.private-cloud-network.0, null) + var.vmw_network_config.create + ? try(google_vmwareengine_network.private_cloud_network.0, null) + : try(data.google_vmwareengine_network.private_cloud_network.0, null) ) - tenant_host_project = { - for k, v in var.private_connections : k => v.tenant_host_project == null - ? regex("(.*)/projects/([a-z0-9-]*)/(.*)", "${data.google_compute_network_peering.psa_peering[k].peer_network}")[1] - : v.tenant_host_project - } } -data "google_vmwareengine_network" "private-cloud-network" { - count = var.vmw_network_create ? 0 : 1 +resource "google_vmwareengine_network" "private_cloud_network" { + provider = google-beta + count = var.vmw_network_config.create ? 1 : 0 + project = var.project_id + name = "${var.prefix}-${var.vmw_network_config.name}" + description = var.vmw_network_config.description + location = "global" + type = "STANDARD" +} + +data "google_vmwareengine_network" "private_cloud_network" { provider = google-beta + count = var.vmw_network_config.create ? 0 : 1 project = var.project_id - name = "${local.region}-default" - location = local.region + name = "${var.prefix}-${var.vmw_network_config.name}" + location = "global" } -data "google_compute_network_peering" "psa_peering" { - for_each = { for k, v in var.private_connections : k => v if v.tenant_host_project == null } - name = each.value.peering_name - network = each.value.network_self_link +resource "google_vmwareengine_network_peering" "vmw_engine_network_peerings" { + provider = google-beta + for_each = var.vmw_network_peerings + project = var.project_id + name = "${var.prefix}-${each.key}" + description = each.value.description + export_custom_routes = each.value.export_custom_routes + export_custom_routes_with_public_ip = each.value.export_custom_routes_with_public_ip + import_custom_routes = each.value.import_custom_routes + import_custom_routes_with_public_ip = each.value.import_custom_routes_with_public_ip + peer_network = each.value.peer_network + peer_network_type = each.value.peer_to_vmware_engine_network ? "VMWARE_ENGINE_NETWORK" : "STANDARD" + vmware_engine_network = local.vmw_network.id } -resource "google_vmwareengine_private_cloud" "private-cloud" { +resource "google_vmwareengine_private_cloud" "vmw_engine_private_clouds" { provider = google-beta + for_each = var.vmw_private_cloud_configs project = var.project_id - location = var.zone - name = var.name - description = var.description + location = each.value.zone + name = "${var.prefix}-${each.key}" + description = each.value.description network_config { - management_cidr = var.cidr + management_cidr = each.value.cidr vmware_engine_network = local.vmw_network.id } management_cluster { - cluster_id = "${var.name}-mgmt-cluster" + cluster_id = "${var.prefix}-${each.key}-${each.value.management_cluster_config.name}" node_type_configs { - node_type_id = var.management_cluster_config.node_type_id - node_count = var.management_cluster_config.node_count - custom_core_count = var.management_cluster_config.custom_core_count + node_type_id = each.value.management_cluster_config.node_type_id + node_count = each.value.management_cluster_config.node_count + custom_core_count = each.value.management_cluster_config.custom_core_count } } } -resource "google_vmwareengine_network" "private-cloud-network" { - count = var.vmw_network_create ? 1 : 0 - provider = google-beta - project = var.project_id - name = "${local.region}-default" - location = local.region - type = "LEGACY" - description = var.vmw_network_description +resource "google_vmwareengine_cluster" "vmw_engine_additional_clusters" { + provider = google-beta + for_each = local.additional_cluster_configs + name = "${var.prefix}-${each.key}" + parent = each.value.parent + node_type_configs { + custom_core_count = each.value.custom_core_count + node_count = each.value.node_count + node_type_id = each.value.node_type_id + } } diff --git a/modules/gcve-private-cloud/outputs.tf b/modules/gcve-private-cloud/outputs.tf index 55578f6d2f..e3812b7f80 100644 --- a/modules/gcve-private-cloud/outputs.tf +++ b/modules/gcve-private-cloud/outputs.tf @@ -14,58 +14,17 @@ * limitations under the License. */ -output "hcx" { - description = "Details about a HCX Cloud Manager appliance." - value = google_vmwareengine_private_cloud.private-cloud.hcx +output "vmw_engine_network_config" { + description = "VMware engine network configuration." + value = local.vmw_network } -output "id" { - description = "ID of the private cloud." - value = google_vmwareengine_private_cloud.private-cloud.id +output "vmw_engine_network_peerings" { + description = "The peerings created towards the user VPC or other VMware engine networks." + value = google_vmwareengine_network_peering.vmw_engine_network_peerings } -output "management_cluster" { - description = "Details of the management cluster of the private cloud." - value = google_vmwareengine_private_cloud.private-cloud.management_cluster -} - -output "network_config" { - description = "Details about the network configuration of the private cloud." - value = google_vmwareengine_private_cloud.private-cloud.network_config -} - -output "nsx" { - description = "Details about a NSX Manager appliance." - value = google_vmwareengine_private_cloud.private-cloud.nsx -} - -output "private-cloud" { - description = "The private cloud resource." - value = google_vmwareengine_private_cloud.private-cloud -} - -output "private_connections_setup" { - description = "Cloud SDK commands for the private connections manual setup." - value = { - for k, v in var.private_connections : k => < Date: Thu, 21 Dec 2023 14:50:27 +0100 Subject: [PATCH 3/3] Revert "Add debug step for JWT tokens" (#1943) This reverts commit d95280081f99683085c4ad3a535f1a7491315e0d. --- .../0-bootstrap/templates/workflow-github.yaml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/fast/stages/0-bootstrap/templates/workflow-github.yaml b/fast/stages/0-bootstrap/templates/workflow-github.yaml index 5969f5a950..74a2e1f8b0 100644 --- a/fast/stages/0-bootstrap/templates/workflow-github.yaml +++ b/fast/stages/0-bootstrap/templates/workflow-github.yaml @@ -47,19 +47,6 @@ jobs: name: Checkout repository uses: actions/checkout@v3 -# # Print JWT token payload, useful for debugging -# - id: jwt-debug -# name: Print GITHUB_TOKEN payload -# shell: python -u {0} -# run: | -# import base64 -# import json -# -# token = '${{ secrets.GITHUB_TOKEN }}' -# payload_text = token.split('.')[1] -# payload = json.loads(base64.urlsafe_b64decode(payload_text + '=' * (4-len(payload_text) %4))) -# print(json.dumps(payload, indent=2)) - # set up SSH key authentication to the modules repository - id: ssh-config name: Configure SSH authentication