├── .github ├── conventional-commit-lint.yaml ├── release-please.yml ├── renovate.json ├── trusted-contribution.yml └── workflows │ ├── lint.yaml │ └── stale.yml ├── .gitignore ├── CHANGELOG.md ├── CODEOWNERS ├── CONTRIBUTING.md ├── LICENSE ├── Makefile ├── README.md ├── build ├── int.cloudbuild.yaml └── lint.cloudbuild.yaml ├── docs └── TROUBLESHOOTING.md ├── examples ├── dns_forward_and_reverse │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── terraform.tfvars.sample │ ├── test_outputs.tf │ ├── variables.tf │ └── versions.tf ├── dns_forward_example │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── terraform.tfvars.sample │ ├── test_outputs.tf │ ├── variables.tf │ └── versions.tf ├── dns_forward_example_multi_names │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── test_outputs.tf │ └── variables.tf ├── global_external_address │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── variables.tf │ └── versions.tf ├── internal_with_dynamic_ip │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── terraform.tfvars.sample │ ├── variables.tf │ └── versions.tf ├── internal_with_specific_ip │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── variables.tf │ └── versions.tf ├── ip_address_only │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── terraform.tfvars.sample │ ├── test_outputs.tf │ ├── variables.tf │ └── versions.tf ├── ip_address_with_specific_ip │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── test_outputs.tf │ ├── variables.tf │ └── versions.tf └── regional_external_address │ ├── README.md │ ├── main.tf │ ├── outputs.tf │ ├── variables.tf │ └── versions.tf ├── helpers ├── setup-sa.sh └── terraform_docs ├── main.tf ├── outputs.tf ├── test ├── boilerplate │ ├── boilerplate.Dockerfile.txt │ ├── boilerplate.Makefile.txt │ ├── boilerplate.go.txt │ ├── boilerplate.py.txt │ ├── boilerplate.sh.txt │ ├── boilerplate.tf.txt │ ├── boilerplate.xml.txt │ └── boilerplate.yaml.txt ├── ci_integration.sh ├── fixtures │ ├── all_examples │ │ └── test_outputs.tfshared │ ├── dns_forward_and_reverse │ │ ├── main.tf │ │ ├── network.tf │ │ ├── outputs.tf │ │ ├── shared_outputs.tf │ │ ├── variables.tf │ │ └── versions.tf │ ├── dns_forward_example │ │ ├── main.tf │ │ ├── network.tf │ │ ├── outputs.tf │ │ ├── shared_outputs.tf │ │ ├── variables.tf │ │ └── versions.tf │ ├── ip_address_only │ │ ├── main.tf │ │ ├── network.tf │ │ ├── outputs.tf │ │ ├── shared_outputs.tf │ │ ├── variables.tf │ │ └── versions.tf │ ├── ip_address_with_specific_ip │ │ ├── main.tf │ │ ├── network.tf │ │ ├── outputs.tf │ │ ├── shared_outputs.tf │ │ ├── variables.tf │ │ └── versions.tf │ └── shared │ │ ├── network.tf │ │ ├── no_dns │ │ ├── network.tfshared │ │ └── outputs.tfshared │ │ ├── shared_outputs.tfshared │ │ ├── terraform.tfvars.example │ │ └── variables.tfshared ├── integration │ ├── discover_test.go │ ├── dns_forward_and_reverse │ │ └── dns_forward_and_reverse_test.go │ ├── dns_forward_example │ │ └── dns_forward_example_test.go │ ├── dns_forward_example_multi_names │ │ └── dns_forward_example_multi_names_test.go │ ├── go.mod │ ├── go.sum │ ├── ip_address_only │ │ └── ip_address_only_test.go │ └── ip_address_with_specific_ip │ │ └── ip_address_with_specific_ip_test.go ├── make.sh ├── setup │ ├── iam.tf │ ├── main.tf │ ├── outputs.tf │ ├── variables.tf │ └── versions.tf ├── test_verify_boilerplate.py └── verify_boilerplate.py ├── variables.tf └── versions.tf /.github/conventional-commit-lint.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2022-2025 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # NOTE: This file is automatically generated from: 16 | # https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github 17 | 18 | enabled: true 19 | always_check_pr_title: true 20 | -------------------------------------------------------------------------------- /.github/release-please.yml: -------------------------------------------------------------------------------- 1 | # Copyright 2022 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | releaseType: terraform-module 16 | handleGHRelease: true 17 | -------------------------------------------------------------------------------- /.github/renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "extends": ["github>GoogleCloudPlatform/cloud-foundation-toolkit//infra/terraform/test-org/github/resources/renovate"] 4 | } 5 | -------------------------------------------------------------------------------- /.github/trusted-contribution.yml: -------------------------------------------------------------------------------- 1 | # Copyright 2023-2025 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # NOTE: This file is automatically generated from: 16 | # https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github 17 | 18 | annotations: 19 | - type: comment 20 | text: "/gcbrun" 21 | trustedContributors: 22 | - release-please[bot] 23 | - renovate[bot] 24 | - renovate-bot 25 | - forking-renovate[bot] 26 | - dependabot[bot] 27 | -------------------------------------------------------------------------------- /.github/workflows/lint.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2023-2025 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # NOTE: This file is automatically generated from values at: 16 | # https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/org/locals.tf 17 | 18 | name: 'lint' 19 | 20 | on: 21 | workflow_dispatch: 22 | pull_request: 23 | branches: 24 | - main 25 | 26 | concurrency: 27 | group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' 28 | cancel-in-progress: true 29 | 30 | jobs: 31 | lint: 32 | name: 'lint' 33 | runs-on: 'ubuntu-latest' 34 | steps: 35 | - uses: 'actions/checkout@v4' 36 | - id: variables 37 | run: | 38 | MAKEFILE=$(find . -name Makefile -print -quit) 39 | if [ -z "$MAKEFILE" ]; then 40 | echo dev-tools=gcr.io/cloud-foundation-cicd/cft/developer-tools:1 >> "$GITHUB_OUTPUT" 41 | else 42 | VERSION=$(grep "DOCKER_TAG_VERSION_DEVELOPER_TOOLS := " $MAKEFILE | cut -d\ -f3) 43 | IMAGE=$(grep "DOCKER_IMAGE_DEVELOPER_TOOLS := " $MAKEFILE | cut -d\ -f3) 44 | REGISTRY=$(grep "REGISTRY_URL := " $MAKEFILE | cut -d\ -f3) 45 | echo dev-tools=${REGISTRY}/${IMAGE}:${VERSION} >> "$GITHUB_OUTPUT" 46 | fi 47 | - run: docker run --rm -v ${{ github.workspace }}:/workspace ${{ steps.variables.outputs.dev-tools }} module-swapper 48 | - run: docker run --rm -v ${{ github.workspace }}:/workspace ${{ steps.variables.outputs.dev-tools }} /usr/local/bin/test_lint.sh 49 | -------------------------------------------------------------------------------- /.github/workflows/stale.yml: -------------------------------------------------------------------------------- 1 | # Copyright 2022-2025 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # NOTE: This file is automatically generated from: 16 | # https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github 17 | 18 | name: "Close stale issues" 19 | on: 20 | schedule: 21 | - cron: "0 23 * * *" 22 | 23 | jobs: 24 | stale: 25 | if: github.repository_owner == 'GoogleCloudPlatform' || github.repository_owner == 'terraform-google-modules' 26 | runs-on: ubuntu-latest 27 | steps: 28 | - uses: actions/stale@v9 29 | with: 30 | repo-token: ${{ secrets.GITHUB_TOKEN }} 31 | stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days' 32 | stale-pr-message: 'This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days' 33 | exempt-issue-labels: 'triaged' 34 | exempt-pr-labels: 'dependencies,autorelease: pending' 35 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # OSX leaves these everywhere on SMB shares 2 | ._* 3 | 4 | # OSX trash 5 | .DS_Store 6 | 7 | # Python 8 | *.pyc 9 | 10 | # Emacs save files 11 | *~ 12 | \#*\# 13 | .\#* 14 | 15 | # Vim-related files 16 | [._]*.s[a-w][a-z] 17 | [._]s[a-w][a-z] 18 | *.un~ 19 | Session.vim 20 | .netrwhist 21 | 22 | ### https://raw.github.com/github/gitignore/90f149de451a5433aebd94d02d11b0e28843a1af/Terraform.gitignore 23 | 24 | # Local .terraform directories & files 25 | **/.terraform/* 26 | **/.terraform.* 27 | 28 | # .tfstate files 29 | *.tfstate 30 | *.tfstate.* 31 | 32 | # Crash log files 33 | crash.log 34 | 35 | # Kitchen files 36 | **/inspec.lock 37 | **/.kitchen 38 | **/.kitchen.local.yml 39 | **/Gemfile.lock 40 | 41 | # Ignore any .tfvars files that are generated automatically for each Terraform run. Most 42 | # .tfvars files are managed as part of configuration and so should be included in 43 | # version control. 44 | # 45 | # example.tfvars 46 | **/terraform.tfvars 47 | !test/fixtures/*/terraform.tfvars 48 | test/fixtures/shared/terraform.tfvars 49 | 50 | credentials.json 51 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Change Log 2 | 3 | All notable changes to this project will be documented in this file. 4 | 5 | The format is based on [Keep a Changelog](http://keepachangelog.com/) and this 6 | project adheres to [Semantic Versioning](http://semver.org/). 7 | 8 | ## [4.1.0](https://github.com/terraform-google-modules/terraform-google-address/compare/v4.0.0...v4.1.0) (2024-08-29) 9 | 10 | 11 | ### Features 12 | 13 | * add support for descriptions argument ([#136](https://github.com/terraform-google-modules/terraform-google-address/issues/136)) ([7e36a24](https://github.com/terraform-google-modules/terraform-google-address/commit/7e36a24fa724ca60b1551f55ede11867ef6d65f9)) 14 | * **deps:** Update Terraform Google Provider to v6 (major) ([#143](https://github.com/terraform-google-modules/terraform-google-address/issues/143)) ([e157add](https://github.com/terraform-google-modules/terraform-google-address/commit/e157addc03603f0301853ee58ef9502309c32b8d)) 15 | 16 | ## [4.0.0](https://github.com/terraform-google-modules/terraform-google-address/compare/v3.2.0...v4.0.0) (2024-05-20) 17 | 18 | 19 | ### ⚠ BREAKING CHANGES 20 | 21 | * **TPG>=5.2:** support labelling regional IPs ([#116](https://github.com/terraform-google-modules/terraform-google-address/issues/116)) 22 | 23 | ### Features 24 | 25 | * **TPG>=5.2:** support labelling regional IPs ([#116](https://github.com/terraform-google-modules/terraform-google-address/issues/116)) ([48bcee6](https://github.com/terraform-google-modules/terraform-google-address/commit/48bcee60ec9eddc7d096d53c0af1604db1f15a74)) 26 | 27 | ## [3.2.0](https://github.com/terraform-google-modules/terraform-google-address/compare/v3.1.3...v3.2.0) (2023-11-27) 28 | 29 | 30 | ### Features 31 | 32 | * upgraded versions.tf to include minor bumps from tpg v5 ([2465280](https://github.com/terraform-google-modules/terraform-google-address/commit/2465280c8763b98f40c892505194b30e4c64c105)) 33 | 34 | ## [3.1.3](https://github.com/terraform-google-modules/terraform-google-address/compare/v3.1.2...v3.1.3) (2023-06-15) 35 | 36 | 37 | ### Bug Fixes 38 | 39 | * fixes for tflint ([#89](https://github.com/terraform-google-modules/terraform-google-address/issues/89)) ([76f0701](https://github.com/terraform-google-modules/terraform-google-address/commit/76f07016b0c95cadc01912decf210b4ec94ba69e)) 40 | 41 | ## [3.1.2](https://github.com/terraform-google-modules/terraform-google-address/compare/v3.1.1...v3.1.2) (2022-11-03) 42 | 43 | 44 | ### Bug Fixes 45 | 46 | * maps one ip to multiple dns records ([#59](https://github.com/terraform-google-modules/terraform-google-address/issues/59)) ([6085d28](https://github.com/terraform-google-modules/terraform-google-address/commit/6085d282a74c8b918f6f08b30224e064955b3384)) 47 | 48 | ### [3.1.1](https://github.com/terraform-google-modules/terraform-google-address/compare/v3.1.0...v3.1.1) (2022-02-02) 49 | 50 | 51 | ### Bug Fixes 52 | 53 | * Remove need for deprecated template terraform provider ([#38](https://github.com/terraform-google-modules/terraform-google-address/issues/38)) ([a6d91de](https://github.com/terraform-google-modules/terraform-google-address/commit/a6d91de9ab21851f002c95a4fad5cfca70d257bc)) 54 | 55 | ## [3.1.0](https://www.github.com/terraform-google-modules/terraform-google-address/compare/v3.0.0...v3.1.0) (2021-12-14) 56 | 57 | 58 | ### Features 59 | 60 | * update TPG version constraints to allow 4.0 ([#35](https://www.github.com/terraform-google-modules/terraform-google-address/issues/35)) ([537186d](https://www.github.com/terraform-google-modules/terraform-google-address/commit/537186da3e127fb55b47375877517686d0a9d3a0)) 61 | 62 | ## [3.0.0](https://www.github.com/terraform-google-modules/terraform-google-address/compare/v2.1.1...v3.0.0) (2021-04-12) 63 | 64 | 65 | ### ⚠ BREAKING CHANGES 66 | 67 | * add Terraform 0.13 constraint and module attribution 68 | 69 | ### Features 70 | 71 | * Add support for setting purpose, network_tier, prefix_length, and ip_version ([#29](https://www.github.com/terraform-google-modules/terraform-google-address/issues/29)) ([451c131](https://www.github.com/terraform-google-modules/terraform-google-address/commit/451c131105c2313e47ce5e01fcfdfc153b7dd21b)) 72 | * add Terraform 0.13 constraint and module attribution ([88a65ae](https://www.github.com/terraform-google-modules/terraform-google-address/commit/88a65ae7d754d3aca387eb06df825482eb4cfd18)) 73 | 74 | ### [2.1.1](https://www.github.com/terraform-google-modules/terraform-google-address/compare/v2.1.0...v2.1.1) (2021-02-03) 75 | 76 | 77 | ### Bug Fixes 78 | 79 | * Remove symlinks in test fixtures ([#22](https://www.github.com/terraform-google-modules/terraform-google-address/issues/22)) ([912b479](https://www.github.com/terraform-google-modules/terraform-google-address/commit/912b479958a62558f9c6e33623dd6dca1c30ed3c)) 80 | 81 | ## [2.1.0](https://www.github.com/terraform-google-modules/terraform-google-address/compare/v2.0.0...v2.1.0) (2020-06-01) 82 | 83 | 84 | ### Features 85 | 86 | * Add self_links output ([#13](https://www.github.com/terraform-google-modules/terraform-google-address/issues/13)) ([43dfef4](https://www.github.com/terraform-google-modules/terraform-google-address/commit/43dfef4baa47d376e6e23d37a5f12d29f2fc5c27)) 87 | 88 | ## [Unreleased] 89 | 90 | ## [v2.0.0](https://github.com/terraform-google-modules/terraform-google-address/releases/tag/v2.0.0) 2019-10-16 91 | 92 | ### Changed 93 | 94 | - The supported version of Terraform is 0.12. [#10] 95 | 96 | ## [v1.0.0](https://github.com/terraform-google-modules/terraform-google-address/releases/tag/v1.0.0) 2019-06-08 97 | 98 | ### Added 99 | - Added support for setting `region`. [#8](https://github.com/terraform-google-modules/terraform-google-address/pull/8) 100 | 101 | ## [v0.2.0](https://github.com/terraform-google-modules/terraform-google-address/releases/tag/v0.2.0) 2019-06-04 102 | 103 | ### Added 104 | - Added support for setting `project_id`. [#7](https://github.com/terraform-google-modules/terraform-google-address/pull/7) 105 | 106 | ## [v0.1.0](https://github.com/terraform-google-modules/terraform-google-address/releases/tag/v0.1.0) 2019-01-18 107 | 108 | ### Added 109 | - This is the initial release of the module with basic support for: 110 | - Reserving internal/external IP addresses 111 | - Optionally, being able to reserve specific IP addresses within a subnetwork (internal IP addresses only) 112 | - Registering IP addresses with Google Cloud DNS 113 | - Forward and Reverse lookup zones are supported 114 | 115 | [Unreleased]: https://github.com/terraform-google-modules/terraform-google-address/compare/v2.0.0...HEAD 116 | [#10]: https://github.com/terraform-google-modules/terraform-google-address/pull/10 117 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # NOTE: This file is automatically generated from values at: 2 | # https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/org/locals.tf 3 | 4 | * @terraform-google-modules/cft-admins 5 | 6 | # NOTE: GitHub CODEOWNERS locations: 7 | # https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-and-branch-protection 8 | 9 | CODEOWNERS @terraform-google-modules/cft-admins 10 | .github/CODEOWNERS @terraform-google-modules/cft-admins 11 | docs/CODEOWNERS @terraform-google-modules/cft-admins 12 | 13 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | This document provides guidelines for contributing to the module. 4 | 5 | ## Dependencies 6 | 7 | The following dependencies must be installed on the development system: 8 | 9 | - [Docker Engine][docker-engine] 10 | - [Google Cloud SDK][google-cloud-sdk] 11 | - [make] 12 | 13 | ## Generating Documentation for Inputs and Outputs 14 | 15 | The Inputs and Outputs tables in the READMEs of the root module, 16 | submodules, and example modules are automatically generated based on 17 | the `variables` and `outputs` of the respective modules. These tables 18 | must be refreshed if the module interfaces are changed. 19 | 20 | ### Execution 21 | 22 | Run `make generate_docs` to generate new Inputs and Outputs tables. 23 | 24 | ## Integration Testing 25 | 26 | Integration tests are used to verify the behaviour of the root module, 27 | submodules, and example modules. Additions, changes, and fixes should 28 | be accompanied with tests. 29 | 30 | The integration tests are run using [Kitchen][kitchen], 31 | [Kitchen-Terraform][kitchen-terraform], and [InSpec][inspec]. These 32 | tools are packaged within a Docker image for convenience. 33 | 34 | The general strategy for these tests is to verify the behaviour of the 35 | [example modules](./examples/), thus ensuring that the root module, 36 | submodules, and example modules are all functionally correct. 37 | 38 | ### Test Environment 39 | The easiest way to test the module is in an isolated test project. The setup for such a project is defined in [test/setup](./test/setup/) directory. 40 | 41 | To use this setup, you need a service account with these permissions (on a Folder or Organization): 42 | - Project Creator 43 | - Project Billing Manager 44 | 45 | The project that the service account belongs to must have the following APIs enabled (the setup won't 46 | create any resources on the service account's project): 47 | - Cloud Resource Manager 48 | - Cloud Billing 49 | - Service Usage 50 | - Identity and Access Management (IAM) 51 | 52 | Export the Service Account credentials to your environment like so: 53 | 54 | ``` 55 | export SERVICE_ACCOUNT_JSON=$(< credentials.json) 56 | ``` 57 | 58 | You will also need to set a few environment variables: 59 | ``` 60 | export TF_VAR_org_id="your_org_id" 61 | export TF_VAR_folder_id="your_folder_id" 62 | export TF_VAR_billing_account="your_billing_account_id" 63 | ``` 64 | 65 | With these settings in place, you can prepare a test project using Docker: 66 | ``` 67 | make docker_test_prepare 68 | ``` 69 | 70 | ### Noninteractive Execution 71 | 72 | Run `make docker_test_integration` to test all of the example modules 73 | noninteractively, using the prepared test project. 74 | 75 | ### Interactive Execution 76 | 77 | 1. Run `make docker_run` to start the testing Docker container in 78 | interactive mode. 79 | 80 | 1. Run `kitchen_do create ` to initialize the working 81 | directory for an example module. 82 | 83 | 1. Run `kitchen_do converge ` to apply the example module. 84 | 85 | 1. Run `kitchen_do verify ` to test the example module. 86 | 87 | 1. Run `kitchen_do destroy ` to destroy the example module 88 | state. 89 | 90 | ## Linting and Formatting 91 | 92 | Many of the files in the repository can be linted or formatted to 93 | maintain a standard of quality. 94 | 95 | ### Execution 96 | 97 | Run `make docker_test_lint`. 98 | 99 | [docker-engine]: https://www.docker.com/products/docker-engine 100 | [flake8]: http://flake8.pycqa.org/en/latest/ 101 | [gofmt]: https://golang.org/cmd/gofmt/ 102 | [google-cloud-sdk]: https://cloud.google.com/sdk/install 103 | [hadolint]: https://github.com/hadolint/hadolint 104 | [inspec]: https://inspec.io/ 105 | [kitchen-terraform]: https://github.com/newcontext-oss/kitchen-terraform 106 | [kitchen]: https://kitchen.ci/ 107 | [make]: https://en.wikipedia.org/wiki/Make_(software) 108 | [shellcheck]: https://www.shellcheck.net/ 109 | [terraform-docs]: https://github.com/segmentio/terraform-docs 110 | [terraform]: https://terraform.io/ 111 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Please note that this file was generated from [terraform-google-module-template](https://github.com/terraform-google-modules/terraform-google-module-template). 16 | # Please make sure to contribute relevant changes upstream! 17 | 18 | # Make will use bash instead of sh 19 | SHELL := /usr/bin/env bash 20 | 21 | DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.22 22 | DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools 23 | REGISTRY_URL := gcr.io/cloud-foundation-cicd 24 | 25 | # Enter docker container for local development 26 | .PHONY: docker_run 27 | docker_run: 28 | docker run --rm -it \ 29 | -e SERVICE_ACCOUNT_JSON \ 30 | -v "$(CURDIR)":/workspace \ 31 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 32 | /bin/bash 33 | 34 | # Execute prepare tests within the docker container 35 | .PHONY: docker_test_prepare 36 | docker_test_prepare: 37 | docker run --rm -it \ 38 | -e SERVICE_ACCOUNT_JSON \ 39 | -e TF_VAR_org_id \ 40 | -e TF_VAR_folder_id \ 41 | -e TF_VAR_billing_account \ 42 | -v "$(CURDIR)":/workspace \ 43 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 44 | /usr/local/bin/execute_with_credentials.sh prepare_environment 45 | 46 | # Clean up test environment within the docker container 47 | .PHONY: docker_test_cleanup 48 | docker_test_cleanup: 49 | docker run --rm -it \ 50 | -e SERVICE_ACCOUNT_JSON \ 51 | -e TF_VAR_org_id \ 52 | -e TF_VAR_folder_id \ 53 | -e TF_VAR_billing_account \ 54 | -v "$(CURDIR)":/workspace \ 55 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 56 | /usr/local/bin/execute_with_credentials.sh cleanup_environment 57 | 58 | # Execute integration tests within the docker container 59 | .PHONY: docker_test_integration 60 | docker_test_integration: 61 | docker run --rm -it \ 62 | -e SERVICE_ACCOUNT_JSON \ 63 | -v "$(CURDIR)":/workspace \ 64 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 65 | /usr/local/bin/test_integration.sh 66 | 67 | # Execute lint tests within the docker container 68 | .PHONY: docker_test_lint 69 | docker_test_lint: 70 | docker run --rm -it \ 71 | -v "$(CURDIR)":/workspace \ 72 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 73 | /usr/local/bin/test_lint.sh 74 | 75 | # Generate documentation 76 | .PHONY: docker_generate_docs 77 | docker_generate_docs: 78 | docker run --rm -it \ 79 | -v "$(CURDIR)":/workspace \ 80 | $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ 81 | /bin/bash -c 'source /usr/local/bin/task_helper_functions.sh && generate_docs' 82 | 83 | # Alias for backwards compatibility 84 | .PHONY: generate_docs 85 | generate_docs: docker_generate_docs 86 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # [Google Address Terraform Module](https://registry.terraform.io/modules/terraform-google-modules/address/google/) 2 | 3 | This terraform module provides the means to permanently reserve an [IP address](https://cloud.google.com/compute/docs/ip-addresses/) 4 | available to Google Cloud Platform (GCP) resources, and optionally create 5 | forward and reverse entries within Google Cloud DNS. The intent is to provide an 6 | address resource which exists independent of the lifecycle of the resources 7 | that require the address. 8 | 9 | ## Compatibility 10 | This module is meant for use with Terraform 0.13. If you haven't 11 | [upgraded](https://www.terraform.io/upgrade-guides/0-13.html) and need a Terraform 12 | 0.12.x-compatible version of this module, the last released version 13 | intended for Terraform 0.12.x is [v2.1.1](https://registry.terraform.io/modules/terraform-google-modules/-address/google/v2.1.1). 14 | 15 | ## Examples without DNS 16 | 17 | Examples are provided in the `examples` folder, but to simply reserve IP 18 | addresses on a subnetwork without registering them in DNS refer to the 19 | following example: 20 | 21 | ```hcl 22 | module "address-fe" { 23 | source = "terraform-google-modules/address/google" 24 | version = "~> 4.1" 25 | 26 | project_id = "gcp-network" 27 | region = "us-west1" 28 | 29 | subnetwork = "projects/gcp-network/regions/us-west1/subnetworks/dev-us-west1-dynamic" 30 | 31 | names = [ 32 | "gusw1-dev-fooapp-fe-0001-a-001-ip", 33 | "gusw1-dev-fooapp-fe-0001-a-002-ip", 34 | "gusw1-dev-fooapp-fe-0001-a-003-ip" 35 | ] 36 | } 37 | ``` 38 | 39 | Then perform the following commands on the root folder: 40 | 41 | - `terraform init` to get the plugins 42 | - `terraform plan` to see the infrastructure plan 43 | - `terraform apply` to apply the infrastructure build 44 | - `terraform destroy` to destroy the built infrastructure 45 | 46 | An `addresses` output has been provided as the list of IP addresses that were 47 | reserved by GCP. Because the `addresses` input variable was not specified, GCP has 48 | reserved the next available IP addresses from the subnetwork provided. The number 49 | of IP addresses reserved is equal to the length of the `names` input 50 | variable, so size that list accordingly. 51 | 52 | If you would prefer to provide the specific IP addresses to be reserved, that can be accomplished with the `addresses` input variable: 53 | 54 | ```hcl 55 | module "address-fe" { 56 | source = "terraform-google-modules/address/google" 57 | version = "~> 3.1" 58 | 59 | subnetwork = "projects/gcp-network/regions/us-west1/subnetworks/dev-us-west1-dynamic" 60 | 61 | names = [ 62 | "gusw1-dev-fooapp-fe-0001-a-001-ip", 63 | "gusw1-dev-fooapp-fe-0001-a-002-ip", 64 | "gusw1-dev-fooapp-fe-0001-a-003-ip" 65 | ] 66 | 67 | addresses = [ 68 | "10.11.0.10", 69 | "10.11.0.11", 70 | "10.11.0.12" 71 | ] 72 | } 73 | ``` 74 | 75 | Note that the IP addresses must not be reserved and must fall within the range of the provided subnetwork. 76 | 77 | ### External IP address 78 | 79 | External IP addresses can be reserved by setting the `global` input var to `true` and omitting the subnetwork: 80 | 81 | ```hcl 82 | module "address-fe" { 83 | source = "terraform-google-modules/address/google" 84 | version = "~> 3.1" 85 | 86 | names = ["external-facing-ip"] 87 | global = true 88 | } 89 | ``` 90 | 91 | ## DNS Examples 92 | 93 | Optionally, the IP addresses you reserve can be registered in Google Cloud 94 | DNS by providing information on the project hosting the Cloud DNS zone, the 95 | managed zone name, the domain registered with Cloud DNS, and setting the 96 | `enable_cloud_dns` feature flag to `true`: 97 | 98 | ```hcl 99 | module "address-fe" { 100 | source = "terraform-google-modules/address/google" 101 | version = "~> 3.1" 102 | 103 | subnetwork = "projects/gcp-network/regions/us-west1/subnetworks/dev-us-west1-dynamic" 104 | enable_cloud_dns = true 105 | dns_project = "gcp-dns" 106 | dns_domain = "example.com" 107 | dns_managed_zone = "nonprod-dns-zone" 108 | 109 | names = [ 110 | "gusw1-dev-fooapp-fe-0001-a-001-ip", 111 | "gusw1-dev-fooapp-fe-0001-a-002-ip", 112 | "gusw1-dev-fooapp-fe-0001-a-003-ip" 113 | ] 114 | 115 | dns_short_names = [ 116 | "gusw1-dev-fooapp-fe-0001-a-001", 117 | "gusw1-dev-fooapp-fe-0001-a-002", 118 | "gusw1-dev-fooapp-fe-0001-a-003" 119 | ] 120 | } 121 | ``` 122 | 123 | ### Reverse DNS 124 | 125 | The module also supports the ability to register reverse DNS entries within 126 | their own zone by setting the `enable_gcp_ptr` feature flag to `true` and 127 | specifying the zone with the `dns_reverse_zone` input variable: 128 | 129 | ```hcl 130 | module "address-fe" { 131 | source = "terraform-google-modules/address/google" 132 | version = "~> 3.1" 133 | 134 | subnetwork = "projects/gcp-network/regions/us-west1/subnetworks/dev-us-west1-dynamic" 135 | enable_cloud_dns = true 136 | enable_gcp_ptr = true 137 | dns_project = "gcp-dns" 138 | dns_domain = "example.com" 139 | dns_managed_zone = "nonprod-dns-zone" 140 | dns_reverse_zone = "nonprod-dns-reverse-zone" 141 | 142 | names = [ 143 | "gusw1-dev-fooapp-fe-0001-a-001-ip", 144 | "gusw1-dev-fooapp-fe-0001-a-002-ip", 145 | "gusw1-dev-fooapp-fe-0001-a-003-ip" 146 | ] 147 | 148 | dns_short_names = [ 149 | "gusw1-dev-fooapp-fe-0001-a-001", 150 | "gusw1-dev-fooapp-fe-0001-a-002", 151 | "gusw1-dev-fooapp-fe-0001-a-003" 152 | ] 153 | } 154 | ``` 155 | 156 | As with the non-DNS examples above, the `addresses` input variable can be 157 | provided with a list of specific IP addresses to be reserved if desired. 158 | 159 | ## Input variables that cannot contain computed values 160 | 161 | Because of the way the module is structured, and due to the fact that 162 | Terraform doesn't yet support computed count values, there are certain input 163 | variables whose values cannot be computed values. The list of those input 164 | variables is as follows: 165 | 166 | ``` 167 | var.dns_domain 168 | var.dns_short_names 169 | var.enable_cloud_dns 170 | var.enable_reverse_dns 171 | var.global 172 | var.names 173 | ``` 174 | 175 | You must currently use literal values for these input variables. If you 176 | don't you run the risk of failing validation (at the least) or surfacing the 177 | dreaded `value of 'count' cannot be computed` error. Future versions of 178 | Terraform may change this fact, but this is the current limitation. 179 | 180 | 181 | ## Inputs 182 | 183 | | Name | Description | Type | Default | Required | 184 | |------|-------------|------|---------|:--------:| 185 | | address\_type | The type of address to reserve, either "INTERNAL" or "EXTERNAL". If unspecified, defaults to "INTERNAL". | `string` | `"INTERNAL"` | no | 186 | | addresses | A list of IP addresses to create. GCP will reserve unreserved addresses if given the value "". If multiple names are given the default value is sufficient to have multiple addresses automatically picked for each name. | `list(string)` | 
[
  ""
]
| no | 187 | | descriptions | A list of descriptions to add to each address. | `list(string)` | `[]` | no | 188 | | dns\_domain | The domain to append to DNS short names when registering in Cloud DNS. | `string` | `""` | no | 189 | | dns\_managed\_zone | The name of the managed zone to create records within. This managed zone must exist in the host project. | `string` | `""` | no | 190 | | dns\_project | The project where DNS A records will be configured. | `string` | `""` | no | 191 | | dns\_record\_type | The type of records to create in the managed zone. (e.g. "A") | `string` | `"A"` | no | 192 | | dns\_reverse\_zone | The name of the managed zone to create PTR records within. This managed zone must exist in the host project. | `string` | `""` | no | 193 | | dns\_short\_names | A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns\_short\_names. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001"]) | `list(string)` | `[]` | no | 194 | | dns\_ttl | The DNS TTL in seconds for records created in Cloud DNS. The default value should be used unless the application demands special handling. | `number` | `300` | no | 195 | | enable\_cloud\_dns | If a value is set, register records in Cloud DNS. | `bool` | `false` | no | 196 | | enable\_reverse\_dns | If a value is set, register reverse DNS PTR records in Cloud DNS in the managed zone specified by dns\_reverse\_zone | `bool` | `false` | no | 197 | | global | The scope in which the address should live. If set to true, the IP address will be globally scoped. Defaults to false, i.e. regionally scoped. When set to true, do not provide a subnetwork. | `bool` | `false` | no | 198 | | ip\_version | The IP Version that will be used by this address. | `string` | `"IPV4"` | no | 199 | | labels | Labels to apply to this address. | `map(string)` | `{}` | no | 200 | | names | A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. ["gusw1-dev-fooapp-fe-0001-a-001-ip"]) | `list(string)` | `[]` | no | 201 | | network\_tier | The networking tier used for configuring this address. | `string` | `"PREMIUM"` | no | 202 | | prefix\_length | The prefix length of the IP range. | `number` | `16` | no | 203 | | project\_id | The project ID to create the address in | `string` | n/a | yes | 204 | | purpose | The purpose of the resource(GCE\_ENDPOINT, SHARED\_LOADBALANCER\_VIP, VPC\_PEERING). | `string` | `"GCE_ENDPOINT"` | no | 205 | | region | The region to create the address in | `string` | n/a | yes | 206 | | subnetwork | The subnet containing the address. For EXTERNAL addresses use the empty string, "". (e.g. "projects//regions//subnetworks/") | `string` | `""` | no | 207 | 208 | ## Outputs 209 | 210 | | Name | Description | 211 | |------|-------------| 212 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 213 | | dns\_fqdns | List of DNS fully qualified domain names registered in Cloud DNS. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001.example.com", "gusw1-dev-fooapp-fe-0001-a-0002.example.com"]) | 214 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 215 | | reverse\_dns\_fqdns | List of reverse DNS PTR records registered in Cloud DNS. (e.g. ["1.2.11.10.in-addr.arpa", "2.2.11.10.in-addr.arpa"]) | 216 | | self\_links | List of URIs of the created address resources | 217 | 218 | 219 | 220 | 221 | ## Requirements 222 | ### Terraform plugins 223 | - [Terraform](https://www.terraform.io/downloads.html) >= 0.13.0 224 | - [terraform-provider-google](https://github.com/terraform-providers/terraform-provider-google) plugin >= 5.2.0 225 | 226 | ### Configure a Service Account 227 | In order to execute this module you must have a Service Account with the following roles: 228 | 229 | - roles/dns.admin on the project (for DNS registration) 230 | - roles/compute.networkAdmin on the organization (or the host project that defines the network) 231 | 232 | #### Script Helper 233 | A [helper script](./helpers/setup-sa.sh) is included to automatically grant all the 234 | required roles at the project level. The `roles/compute.networkAdmin` can 235 | either be assigned at the project level on the project hosting the network 236 | and subnetworks where IP addresses will be reserved, or at the organization 237 | level. The `setup-sa.sh` script will assign it at the project level on the 238 | host project that is passed in. If this is not what you need then you will 239 | need to adjust permissions accordingly. 240 | 241 | Run the script as follows: 242 | 243 | ``` 244 | ./helpers/setup-sa.sh 245 | ``` 246 | 247 | The `SERVICE_ACCOUNT_NAME` can be whatever you want the service account to be 248 | named. Successful completion of the `setup-sa.sh` script will result in a 249 | credentials file called `credentials.json` that can be used with 250 | `gcloud` or referenced by the module tests. 251 | 252 | ### Enable API's 253 | In order to operate with the Service Account you must activate the following API on the project where the Service Account was created: 254 | 255 | - Compute Engine API - compute.googleapis.com 256 | - Google Cloud DNS API - dns.googleapis.com 257 | 258 | NOTE: These APIs are enabled by default on the host project passed in to the `./helpers/setup-sa.sh` helper script. 259 | 260 | ## Install 261 | 262 | ### Terraform 263 | Be sure you have the correct Terraform version (0.12.x), you can choose the binary here: 264 | - https://releases.hashicorp.com/terraform/ 265 | 266 | ## File structure 267 | The project has the following folders and files: 268 | 269 | - /: root folder 270 | - /examples: examples for using this module 271 | - /test: Folders with files for testing the module (see Testing section on this file) 272 | - /main.tf: main file for this module, contains all the resources to create 273 | - /variables.tf: all the variables for the module 274 | - /output.tf: the outputs of the module 275 | - /README.md: this file 276 | -------------------------------------------------------------------------------- /build/int.cloudbuild.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | timeout: 12600s 16 | steps: 17 | - id: swap-module-refs 18 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 19 | args: ['module-swapper'] 20 | - id: prepare 21 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 22 | args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment && sleep 240'] 23 | env: 24 | - 'TF_VAR_org_id=$_ORG_ID' 25 | - 'TF_VAR_folder_id=$_FOLDER_ID' 26 | - 'TF_VAR_billing_account=$_BILLING_ACCOUNT' 27 | - id: create ip-address-only-local 28 | waitFor: 29 | - prepare 30 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 31 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressOnly --verbose --stage init'] 32 | - id: converge ip-address-only-local 33 | waitFor: 34 | - create ip-address-only-local 35 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 36 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressOnly --verbose --stage apply'] 37 | - id: verify ip-address-only-local 38 | waitFor: 39 | - converge ip-address-only-local 40 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 41 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressOnly --verbose --stage verify'] 42 | - id: destroy ip-address-only-local 43 | waitFor: 44 | - verify ip-address-only-local 45 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 46 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressOnly --verbose --stage teardown'] 47 | - id: create ip-address-with-specific-ip-local 48 | waitFor: 49 | - destroy ip-address-only-local 50 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 51 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressWithSpecificIp --verbose --stage init'] 52 | - id: converge ip-address-with-specific-ip-local 53 | waitFor: 54 | - create ip-address-with-specific-ip-local 55 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 56 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressWithSpecificIp --verbose --stage apply'] 57 | - id: verify ip-address-with-specific-ip-local 58 | waitFor: 59 | - converge ip-address-with-specific-ip-local 60 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 61 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressWithSpecificIp --verbose --stage verify'] 62 | - id: destroy ip-address-with-specific-ip-local 63 | waitFor: 64 | - verify ip-address-with-specific-ip-local 65 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 66 | args: ['/bin/bash', '-c', 'cft test run TestIpAddressWithSpecificIp --verbose --stage teardown'] 67 | - id: create TestDnsForwardExample 68 | waitFor: 69 | - destroy ip-address-with-specific-ip-local 70 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 71 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExample --verbose --stage init'] 72 | - id: converge TestDnsForwardExample 73 | waitFor: 74 | - create TestDnsForwardExample 75 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 76 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExample --verbose --stage apply'] 77 | - id: verify TestDnsForwardExample 78 | waitFor: 79 | - converge TestDnsForwardExample 80 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 81 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExample --verbose --stage verify'] 82 | - id: destroy TestDnsForwardExample 83 | waitFor: 84 | - verify TestDnsForwardExample 85 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 86 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExample --verbose --stage teardown'] 87 | - id: create TestDnsForwardExampleMultiNames 88 | waitFor: 89 | - destroy TestDnsForwardExample 90 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 91 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExampleMultiNames --verbose --stage init'] 92 | - id: converge TestDnsForwardExampleMultiNames 93 | waitFor: 94 | - create TestDnsForwardExampleMultiNames 95 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 96 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExampleMultiNames --verbose --stage apply '] 97 | - id: verify TestDnsForwardExampleMultiNames 98 | waitFor: 99 | - converge TestDnsForwardExampleMultiNames 100 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 101 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExampleMultiNames --verbose --stage verify'] 102 | - id: destroy TestDnsForwardExampleMultiNames 103 | waitFor: 104 | - verify TestDnsForwardExampleMultiNames 105 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 106 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardExampleMultiNames --verbose --stage teardown'] 107 | - id: create TestDnsForwardAndReverse 108 | waitFor: 109 | - destroy TestDnsForwardExampleMultiNames 110 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 111 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardAndReverse --verbose --stage init '] 112 | - id: converge TestDnsForwardAndReverse 113 | waitFor: 114 | - create TestDnsForwardAndReverse 115 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 116 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardAndReverse --verbose --stage apply '] 117 | - id: verify TestDnsForwardAndReverse 118 | waitFor: 119 | - converge TestDnsForwardAndReverse 120 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 121 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardAndReverse --verbose --stage verify'] 122 | - id: destroy TestDnsForwardAndReverse 123 | waitFor: 124 | - verify TestDnsForwardAndReverse 125 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 126 | args: ['/bin/bash', '-c', 'cft test run TestDnsForwardAndReverse --verbose --stage teardown'] 127 | tags: 128 | - 'ci' 129 | - 'integration' 130 | substitutions: 131 | _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools' 132 | _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.22' 133 | options: 134 | machineType: 'N1_HIGHCPU_8' 135 | -------------------------------------------------------------------------------- /build/lint.cloudbuild.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | timeout: 900s 16 | steps: 17 | - id: 'lint-tests' 18 | name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' 19 | args: ['/usr/local/bin/test_lint.sh'] 20 | tags: 21 | - 'ci' 22 | - 'lint' 23 | substitutions: 24 | _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools' 25 | _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.22' 26 | options: 27 | machineType: 'N1_HIGHCPU_8' 28 | -------------------------------------------------------------------------------- /docs/TROUBLESHOOTING.md: -------------------------------------------------------------------------------- 1 | # Troubleshooting Guide 2 | 3 | The following errors and solutions have been identified through the use of this module: 4 | 5 | ## The value of 'count' cannot be computed 6 | 7 | The value of the `count` variable is determined conditionally on all of the 8 | resources within this module. The value of `count` cannot be a computed value, 9 | and if it is then the following error will arise: 10 | 11 | **Error message:** 12 | 13 | ``` 14 | Error: Error running plan: 2 error(s) occurred: 15 | 16 | * module.example.module.address.google_dns_record_set.ip: google_dns_record_set.ip: value of 'count' cannot be computed 17 | * module.example.module.address.google_dns_record_set.ptr: google_dns_record_set.ptr: value of 'count' cannot be computed 18 | ``` 19 | 20 | **Cause:** 21 | 22 | This error arises if the value of one of the following input variables 23 | is a computed value: 24 | 25 | ``` 26 | var.dns_domain 27 | var.dns_short_names 28 | var.enable_cloud_dns 29 | var.enable_reverse_dns 30 | var.global 31 | var.names 32 | ``` 33 | 34 | **Solution:** 35 | 36 | Ensure that the values for the listed input variables are literal values (or 37 | arrays/maps that contain literal values). 38 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/README.md: -------------------------------------------------------------------------------- 1 | # Simple Example 2 | 3 | This example illustrates how to reserve multiple IP addresses at the same 4 | time, and how to enable the Google Cloud DNS registration functionality for 5 | both forward and reverse DNS lookup zones. 6 | 7 | 8 | ## Inputs 9 | 10 | | Name | Description | Type | Default | Required | 11 | |------|-------------|------|---------|:--------:| 12 | | dns\_domain | The name of the domain to be registered with Cloud DNS | `string` | n/a | yes | 13 | | dns\_managed\_zone | The name of the managed zone to create records within. This managed zone must exist in the host project. | `string` | n/a | yes | 14 | | dns\_project | The project where DNS A records will be configured. | `string` | n/a | yes | 15 | | dns\_reverse\_zone | The name of the managed zone to create PTR records within. This managed zone must exist in the host project. | `string` | n/a | yes | 16 | | dns\_short\_names | A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns\_short\_names. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001"]) | `list(string)` | n/a | yes | 17 | | names | A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. ["gusw1-dev-fooapp-fe-0001-a-001-ip"]) | `list(string)` | n/a | yes | 18 | | project\_id | The project ID to deploy to | `string` | n/a | yes | 19 | | region | The region to deploy to | `string` | n/a | yes | 20 | | subnetwork | The subnet containing the address. For EXTERNAL addresses use the empty string, "". (e.g. "projects//regions//subnetworks/") | `string` | n/a | yes | 21 | 22 | ## Outputs 23 | 24 | | Name | Description | 25 | |------|-------------| 26 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 27 | | dns\_fqdns | List of DNS fully qualified domain names registered in Cloud DNS. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001.example.com", "gusw1-dev-fooapp-fe-0001-a-0002.example.com"]) | 28 | | forward\_zone | The GCP name of the forward lookup DNS zone being used | 29 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 30 | | project\_id | ID of the project being used | 31 | | region | Region being used | 32 | | reverse\_dns\_fqdns | List of reverse DNS PTR records registered in Cloud DNS. | 33 | | reverse\_zone | The GCP name of the reverse lookup DNS zone being used | 34 | 35 | 36 | 37 | To provision this example, run the following from within this directory: 38 | - `terraform init` to get the plugins 39 | - `terraform plan` to see the infrastructure plan 40 | - `terraform apply` to apply the infrastructure build 41 | - `terraform destroy` to destroy the built infrastructure 42 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | provider "google" { 18 | region = var.region 19 | } 20 | 21 | module "address" { 22 | source = "terraform-google-modules/address/google" 23 | version = "~> 4.0" 24 | 25 | project_id = var.project_id 26 | region = var.region 27 | subnetwork = var.subnetwork 28 | enable_cloud_dns = true 29 | enable_reverse_dns = true 30 | dns_domain = var.dns_domain 31 | dns_managed_zone = var.dns_managed_zone 32 | dns_reverse_zone = var.dns_reverse_zone 33 | dns_project = var.dns_project 34 | names = var.names 35 | dns_short_names = var.dns_short_names 36 | } 37 | 38 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | output "dns_fqdns" { 28 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 29 | value = module.address.dns_fqdns 30 | } 31 | 32 | output "reverse_dns_fqdns" { 33 | description = "List of reverse DNS PTR records registered in Cloud DNS." 34 | value = module.address.reverse_dns_fqdns 35 | } 36 | 37 | output "forward_zone" { 38 | description = "The GCP name of the forward lookup DNS zone being used" 39 | value = var.dns_managed_zone 40 | } 41 | 42 | output "reverse_zone" { 43 | description = "The GCP name of the reverse lookup DNS zone being used" 44 | value = var.dns_reverse_zone 45 | } 46 | 47 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/terraform.tfvars.sample: -------------------------------------------------------------------------------- 1 | # Region and Project setup 2 | region = "us-west1" 3 | project_id = "my-project-name" 4 | 5 | # The domain name to be used for the example 6 | dns_domain = "example.org" 7 | 8 | # Subnetwork where the IP Address will be reserved 9 | subnetwork = "" 10 | 11 | # List of GCP resource names for each IP address desired 12 | names = [""] 13 | 14 | # List of dns short names to register with Cloud dns 15 | dns_short_names = [""] 16 | 17 | # GCP resource names of the forward and reverse zones where records will be created 18 | dns_managed_zone = "" 19 | dns_reverse_zone = "" 20 | 21 | # Name of the GCP project where Cloud DNS is enabled 22 | dns_project = "" 23 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/test_outputs.tf: -------------------------------------------------------------------------------- 1 | ../../test/fixtures/all_examples/test_outputs.tfshared -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "dns_domain" { 23 | type = string 24 | description = "The name of the domain to be registered with Cloud DNS" 25 | } 26 | 27 | variable "region" { 28 | type = string 29 | description = "The region to deploy to" 30 | } 31 | 32 | variable "subnetwork" { 33 | type = string 34 | description = "The subnet containing the address. For EXTERNAL addresses use the empty string, \"\". (e.g. \"projects//regions//subnetworks/\")" 35 | } 36 | 37 | variable "names" { 38 | description = "A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001-ip\"])" 39 | type = list(string) 40 | } 41 | 42 | variable "dns_short_names" { 43 | description = "A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns_short_names. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001\"])" 44 | type = list(string) 45 | } 46 | 47 | variable "dns_managed_zone" { 48 | description = "The name of the managed zone to create records within. This managed zone must exist in the host project." 49 | type = string 50 | } 51 | 52 | variable "dns_reverse_zone" { 53 | type = string 54 | description = "The name of the managed zone to create PTR records within. This managed zone must exist in the host project." 55 | } 56 | 57 | variable "dns_project" { 58 | type = string 59 | description = "The project where DNS A records will be configured." 60 | } 61 | 62 | -------------------------------------------------------------------------------- /examples/dns_forward_and_reverse/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /examples/dns_forward_example/README.md: -------------------------------------------------------------------------------- 1 | # Simple Example 2 | 3 | This example illustrates how to reserve multiple IP addresses at the same 4 | time, and how to enable the Google Cloud DNS registration functionality that 5 | will register the IP addresses and their corresponding DNS names with Google 6 | Cloud DNS. 7 | 8 | 9 | ## Inputs 10 | 11 | | Name | Description | Type | Default | Required | 12 | |------|-------------|------|---------|:--------:| 13 | | dns\_domain | The name of the domain to be registered with Cloud DNS | `string` | n/a | yes | 14 | | dns\_managed\_zone | The name of the managed zone to create records within. This managed zone must exist in the host project. | `string` | n/a | yes | 15 | | dns\_project | The project where DNS A records will be configured. | `string` | n/a | yes | 16 | | dns\_short\_names | A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns\_short\_names. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001"]) | `list(string)` | n/a | yes | 17 | | names | A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. ["gusw1-dev-fooapp-fe-0001-a-001-ip"]) | `list(string)` | n/a | yes | 18 | | project\_id | The project ID to deploy to | `string` | n/a | yes | 19 | | region | The region to deploy to | `string` | n/a | yes | 20 | | subnetwork | The subnet containing the address. For EXTERNAL addresses use the empty string, "". (e.g. "projects//regions//subnetworks/") | `string` | n/a | yes | 21 | 22 | ## Outputs 23 | 24 | | Name | Description | 25 | |------|-------------| 26 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 27 | | dns\_fqdns | List of DNS fully qualified domain names registered in Cloud DNS. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001.example.com", "gusw1-dev-fooapp-fe-0001-a-0002.example.com"]) | 28 | | forward\_zone | The GCP name of the forward lookup DNS zone being used | 29 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 30 | | project\_id | ID of the project being used | 31 | | region | Region being used | 32 | 33 | 34 | 35 | To provision this example, run the following from within this directory: 36 | - `terraform init` to get the plugins 37 | - `terraform plan` to see the infrastructure plan 38 | - `terraform apply` to apply the infrastructure build 39 | - `terraform destroy` to destroy the built infrastructure 40 | -------------------------------------------------------------------------------- /examples/dns_forward_example/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | provider "google" { 18 | region = var.region 19 | } 20 | 21 | module "address" { 22 | source = "terraform-google-modules/address/google" 23 | version = "~> 4.0" 24 | 25 | project_id = var.project_id 26 | region = var.region 27 | subnetwork = var.subnetwork 28 | enable_cloud_dns = true 29 | dns_domain = var.dns_domain 30 | dns_managed_zone = var.dns_managed_zone 31 | dns_project = var.dns_project 32 | names = var.names 33 | dns_short_names = var.dns_short_names 34 | } 35 | 36 | -------------------------------------------------------------------------------- /examples/dns_forward_example/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | output "dns_fqdns" { 28 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 29 | value = module.address.dns_fqdns 30 | } 31 | 32 | output "forward_zone" { 33 | description = "The GCP name of the forward lookup DNS zone being used" 34 | value = var.dns_managed_zone 35 | } 36 | 37 | -------------------------------------------------------------------------------- /examples/dns_forward_example/terraform.tfvars.sample: -------------------------------------------------------------------------------- 1 | # Region and Project setup 2 | region = "us-west1" 3 | project_id = "my-project-name" 4 | 5 | # The domain name to be used for the example 6 | dns_domain = "example.org" 7 | 8 | # Subnetwork where the IP Address will be reserved 9 | subnetwork = "" 10 | 11 | # List of GCP resource names for each IP address desired 12 | names = [""] 13 | 14 | # List of dns short names to register with Cloud dns 15 | dns_short_names = [""] 16 | 17 | # GCP resource names of the forward zone where records will be created 18 | dns_managed_zone = "" 19 | 20 | # Name of the GCP project where Cloud DNS is enabled 21 | dns_project = "" 22 | -------------------------------------------------------------------------------- /examples/dns_forward_example/test_outputs.tf: -------------------------------------------------------------------------------- 1 | ../../test/fixtures/all_examples/test_outputs.tfshared -------------------------------------------------------------------------------- /examples/dns_forward_example/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "dns_domain" { 23 | type = string 24 | description = "The name of the domain to be registered with Cloud DNS" 25 | } 26 | 27 | variable "region" { 28 | type = string 29 | description = "The region to deploy to" 30 | } 31 | 32 | variable "subnetwork" { 33 | type = string 34 | description = "The subnet containing the address. For EXTERNAL addresses use the empty string, \"\". (e.g. \"projects//regions//subnetworks/\")" 35 | } 36 | 37 | variable "names" { 38 | description = "A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001-ip\"])" 39 | type = list(string) 40 | } 41 | 42 | variable "dns_short_names" { 43 | description = "A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns_short_names. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001\"])" 44 | type = list(string) 45 | } 46 | 47 | variable "dns_managed_zone" { 48 | type = string 49 | description = "The name of the managed zone to create records within. This managed zone must exist in the host project." 50 | } 51 | 52 | variable "dns_project" { 53 | type = string 54 | description = "The project where DNS A records will be configured." 55 | } 56 | 57 | -------------------------------------------------------------------------------- /examples/dns_forward_example/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /examples/dns_forward_example_multi_names/README.md: -------------------------------------------------------------------------------- 1 | # Simple Example 2 | 3 | This example illustrates how to reserve multiple IP addresses at the same 4 | time, and how to enable the Google Cloud DNS registration functionality that 5 | will register the same IP address and its corresponding DNS names with Google 6 | Cloud DNS. 7 | 8 | 9 | ## Inputs 10 | 11 | | Name | Description | Type | Default | Required | 12 | |------|-------------|------|---------|:--------:| 13 | | project\_id | The project ID to deploy to | `string` | n/a | yes | 14 | | region | The region to deploy to | `string` | `"us-central1"` | no | 15 | 16 | ## Outputs 17 | 18 | | Name | Description | 19 | |------|-------------| 20 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 21 | | dns\_fqdns | List of DNS fully qualified domain names registered in Cloud DNS. (e.g. ["gusw1-dev-fooapp-fe-0001-a-001.example.com", "gusw1-dev-fooapp-fe-0001-a-0002.example.com"]) | 22 | | forward\_zone | The GCP name of the forward lookup DNS zone being used | 23 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 24 | | project\_id | ID of the project being used | 25 | | region | Region being used | 26 | 27 | 28 | 29 | To provision this example, run the following from within this directory: 30 | - `terraform init` to get the plugins 31 | - `terraform plan` to see the infrastructure plan 32 | - `terraform apply` to apply the infrastructure build 33 | - `terraform destroy` to destroy the built infrastructure 34 | -------------------------------------------------------------------------------- /examples/dns_forward_example_multi_names/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | locals { 18 | domain = "justfortestingmultinames-${random_string.suffix.result}.local" 19 | forward_zone = "forward-example-multinames" 20 | } 21 | 22 | module "address" { 23 | source = "terraform-google-modules/address/google" 24 | version = "~> 4.0" 25 | 26 | project_id = var.project_id 27 | region = var.region 28 | enable_cloud_dns = true 29 | dns_domain = local.domain 30 | dns_managed_zone = google_dns_managed_zone.forward.name 31 | dns_project = var.project_id 32 | names = [ 33 | "dynamically-reserved-ip-040", 34 | ] 35 | dns_short_names = [ 36 | "testip-041", 37 | "testip-042", 38 | "testip-043", 39 | ] 40 | address_type = "EXTERNAL" 41 | } 42 | 43 | resource "random_string" "suffix" { 44 | length = 4 45 | special = false 46 | upper = false 47 | } 48 | 49 | resource "google_dns_managed_zone" "forward" { 50 | name = local.forward_zone 51 | dns_name = "${local.domain}." 52 | description = "DNS forward lookup zone example" 53 | force_destroy = true 54 | project = var.project_id 55 | } 56 | -------------------------------------------------------------------------------- /examples/dns_forward_example_multi_names/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | output "dns_fqdns" { 28 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 29 | value = module.address.dns_fqdns 30 | } 31 | 32 | output "forward_zone" { 33 | description = "The GCP name of the forward lookup DNS zone being used" 34 | value = google_dns_managed_zone.forward.name 35 | } 36 | 37 | -------------------------------------------------------------------------------- /examples/dns_forward_example_multi_names/test_outputs.tf: -------------------------------------------------------------------------------- 1 | ../../test/fixtures/all_examples/test_outputs.tfshared -------------------------------------------------------------------------------- /examples/dns_forward_example_multi_names/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "region" { 23 | type = string 24 | description = "The region to deploy to" 25 | default = "us-central1" 26 | } 27 | -------------------------------------------------------------------------------- /examples/global_external_address/README.md: -------------------------------------------------------------------------------- 1 | # Global external IPv6 address 2 | 3 | This example illustrates how to reserve a global external IPv6 address. 4 | 5 | The IPv6 address is dynamically assigned by Google Cloud. 6 | 7 | 8 | ## Inputs 9 | 10 | | Name | Description | Type | Default | Required | 11 | |------|-------------|------|---------|:--------:| 12 | | project\_id | The Google Cloud project ID | `any` | n/a | yes | 13 | 14 | ## Outputs 15 | 16 | | Name | Description | 17 | |------|-------------| 18 | | addresses | IP address | 19 | 20 | 21 | 22 | To provision this example, run the following from within this directory: 23 | - `terraform init` to get the plugins 24 | - `terraform plan` to see the infrastructure plan 25 | - `terraform apply` to apply the infrastructure build 26 | - `terraform destroy` to destroy the built infrastructure 27 | -------------------------------------------------------------------------------- /examples/global_external_address/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | # [START compute_external_ip_create] 18 | resource "google_compute_global_address" "default" { 19 | project = var.project_id # Replace this with your service project ID in quotes 20 | name = "ipv6-address" 21 | address_type = "EXTERNAL" 22 | ip_version = "IPV6" 23 | } 24 | # [END compute_external_ip_create] 25 | -------------------------------------------------------------------------------- /examples/global_external_address/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "IP address" 19 | value = google_compute_global_address.default.address 20 | } 21 | -------------------------------------------------------------------------------- /examples/global_external_address/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | description = "The Google Cloud project ID" 19 | } 20 | -------------------------------------------------------------------------------- /examples/global_external_address/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | null = { 24 | source = "hashicorp/null" 25 | version = "~> 3.0" 26 | } 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/README.md: -------------------------------------------------------------------------------- 1 | # Reserving internal IPv4 address with specific IP addresses 2 | 3 | This example illustrates how to reserve internal 4 | IP addresses with the addresses dynamically assigned by Google Cloud. 5 | 6 | 7 | ## Inputs 8 | 9 | | Name | Description | Type | Default | Required | 10 | |------|-------------|------|---------|:--------:| 11 | | project\_id | The Google Cloud project ID to deploy to | `string` | n/a | yes | 12 | 13 | ## Outputs 14 | 15 | | Name | Description | 16 | |------|-------------| 17 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 18 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 19 | 20 | 21 | 22 | To provision this example, run the following from within this directory: 23 | - `terraform init` to get the plugins 24 | - `terraform plan` to see the infrastructure plan 25 | - `terraform apply` to apply the infrastructure build 26 | - `terraform destroy` to destroy the built infrastructure 27 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | # [START compute_internal_ip_create] 18 | module "address" { 19 | source = "terraform-google-modules/address/google" 20 | version = "~> 4.0" 21 | project_id = var.project_id # Replace this with your project ID in quotes 22 | region = "asia-east1" 23 | subnetwork = "my-subnet" 24 | names = ["internal-address1", "internal-address2"] 25 | } 26 | # [END compute_internal_ip_create] 27 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/terraform.tfvars.sample: -------------------------------------------------------------------------------- 1 | # Region and Project setup 2 | region = "us-west1" 3 | project_id = "my-project-name" 4 | 5 | # Subnetwork where the IP Address will be reserved 6 | subnetwork = "" 7 | 8 | # List of GCP resource names for each IP address desired 9 | names = [""] 10 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The Google Cloud project ID to deploy to" 20 | } 21 | -------------------------------------------------------------------------------- /examples/internal_with_dynamic_ip/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | null = { 24 | source = "hashicorp/null" 25 | version = "~> 3.0" 26 | } 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /examples/internal_with_specific_ip/README.md: -------------------------------------------------------------------------------- 1 | # Reserving internal IPv4 address with specific IP addresses 2 | 3 | This example illustrates how to reserve specific internal 4 | IP addresses (instead of allowing Google Cloud to dynamically 5 | assign them from the subnet provided). 6 | 7 | 8 | ## Inputs 9 | 10 | | Name | Description | Type | Default | Required | 11 | |------|-------------|------|---------|:--------:| 12 | | project\_id | The Google Cloud project ID to deploy to | `string` | n/a | yes | 13 | 14 | ## Outputs 15 | 16 | | Name | Description | 17 | |------|-------------| 18 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 19 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 20 | 21 | 22 | 23 | To provision this example, run the following from within this directory: 24 | - `terraform init` to get the plugins 25 | - `terraform plan` to see the infrastructure plan 26 | - `terraform apply` to apply the infrastructure build 27 | - `terraform destroy` to destroy the built infrastructure 28 | -------------------------------------------------------------------------------- /examples/internal_with_specific_ip/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | # [START compute_internal_ip_create] 18 | module "address" { 19 | source = "terraform-google-modules/address/google" 20 | version = "~> 4.0" 21 | project_id = var.project_id # Replace this with your project ID in quotes 22 | region = "asia-east1" 23 | subnetwork = "my-subnet" 24 | names = ["internal-address1", "internal-address2"] 25 | addresses = ["10.0.0.3", "10.0.0.4"] 26 | } 27 | # [END compute_internal_ip_create] 28 | -------------------------------------------------------------------------------- /examples/internal_with_specific_ip/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | -------------------------------------------------------------------------------- /examples/internal_with_specific_ip/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The Google Cloud project ID to deploy to" 20 | } 21 | -------------------------------------------------------------------------------- /examples/internal_with_specific_ip/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | null = { 24 | source = "hashicorp/null" 25 | version = "~> 3.0" 26 | } 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /examples/ip_address_only/README.md: -------------------------------------------------------------------------------- 1 | # Simple Example 2 | 3 | This example illustrates how to simply reserve an IP address that is 4 | dynamically assigned by GCP. Outputs have been provided to list the address 5 | itself as well as the resource name that corresponds. 6 | 7 | 8 | ## Inputs 9 | 10 | | Name | Description | Type | Default | Required | 11 | |------|-------------|------|---------|:--------:| 12 | | names | A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. ["gusw1-dev-fooapp-fe-0001-a-001-ip"]) | `list(string)` | n/a | yes | 13 | | project\_id | The project ID to deploy to | `string` | n/a | yes | 14 | | region | The region to deploy to | `string` | n/a | yes | 15 | | subnetwork | The subnetwork on which the IP address will be reserved | `string` | n/a | yes | 16 | 17 | ## Outputs 18 | 19 | | Name | Description | 20 | |------|-------------| 21 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 22 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 23 | | project\_id | ID of the project being used | 24 | | region | Region being used | 25 | 26 | 27 | 28 | To provision this example, run the following from within this directory: 29 | - `terraform init` to get the plugins 30 | - `terraform plan` to see the infrastructure plan 31 | - `terraform apply` to apply the infrastructure build 32 | - `terraform destroy` to destroy the built infrastructure 33 | -------------------------------------------------------------------------------- /examples/ip_address_only/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | provider "google" { 18 | region = var.region 19 | } 20 | 21 | module "address" { 22 | source = "terraform-google-modules/address/google" 23 | version = "~> 4.0" 24 | 25 | project_id = var.project_id 26 | region = var.region 27 | subnetwork = var.subnetwork 28 | names = var.names 29 | } 30 | 31 | -------------------------------------------------------------------------------- /examples/ip_address_only/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | -------------------------------------------------------------------------------- /examples/ip_address_only/terraform.tfvars.sample: -------------------------------------------------------------------------------- 1 | # Region and Project setup 2 | region = "us-west1" 3 | project_id = "my-project-name" 4 | 5 | # Subnetwork where the IP Address will be reserved 6 | subnetwork = "" 7 | 8 | # List of GCP resource names for each IP address desired 9 | names = [""] 10 | -------------------------------------------------------------------------------- /examples/ip_address_only/test_outputs.tf: -------------------------------------------------------------------------------- 1 | ../../test/fixtures/all_examples/test_outputs.tfshared -------------------------------------------------------------------------------- /examples/ip_address_only/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "region" { 23 | type = string 24 | description = "The region to deploy to" 25 | } 26 | 27 | variable "subnetwork" { 28 | type = string 29 | description = "The subnetwork on which the IP address will be reserved" 30 | } 31 | 32 | variable "names" { 33 | description = "A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001-ip\"])" 34 | type = list(string) 35 | } 36 | 37 | -------------------------------------------------------------------------------- /examples/ip_address_only/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/README.md: -------------------------------------------------------------------------------- 1 | # Simple Example 2 | 3 | This example illustrates how to reserve a specific IP address (instead of 4 | allowing GCP to dynamically assign it from the subnet provided). 5 | 6 | 7 | ## Inputs 8 | 9 | | Name | Description | Type | Default | Required | 10 | |------|-------------|------|---------|:--------:| 11 | | addresses | A list of IP addresses to create. GCP will reserve unreserved addresses if given the value "". If multiple names are given the default value is sufficient to have multiple addresses automatically picked for each name. | `list(string)` | n/a | yes | 12 | | names | A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. ["gusw1-dev-fooapp-fe-0001-a-001-ip"]) | `list(string)` | n/a | yes | 13 | | project\_id | The project ID to deploy to | `string` | n/a | yes | 14 | | region | The region to deploy to | `string` | n/a | yes | 15 | | subnetwork | The subnetwork on which the IP address will be reserved | `string` | n/a | yes | 16 | 17 | ## Outputs 18 | 19 | | Name | Description | 20 | |------|-------------| 21 | | addresses | List of address values managed by this module (e.g. ["1.2.3.4"]) | 22 | | names | List of address resource names managed by this module (e.g. ["gusw1-dev-fooapp-fe-0001-a-0001-ip"]) | 23 | | project\_id | ID of the project being used | 24 | | region | Region being used | 25 | 26 | 27 | 28 | To provision this example, run the following from within this directory: 29 | - `terraform init` to get the plugins 30 | - `terraform plan` to see the infrastructure plan 31 | - `terraform apply` to apply the infrastructure build 32 | - `terraform destroy` to destroy the built infrastructure 33 | -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | provider "google" { 18 | region = var.region 19 | } 20 | 21 | module "address" { 22 | source = "terraform-google-modules/address/google" 23 | version = "~> 4.0" 24 | 25 | project_id = var.project_id 26 | region = var.region 27 | subnetwork = var.subnetwork 28 | names = var.names 29 | addresses = var.addresses 30 | } 31 | 32 | -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.address.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.address.names 25 | } 26 | 27 | -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/test_outputs.tf: -------------------------------------------------------------------------------- 1 | ../../test/fixtures/all_examples/test_outputs.tfshared -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "region" { 23 | type = string 24 | description = "The region to deploy to" 25 | } 26 | 27 | variable "subnetwork" { 28 | type = string 29 | description = "The subnetwork on which the IP address will be reserved" 30 | } 31 | 32 | variable "names" { 33 | description = "A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001-ip\"])" 34 | type = list(string) 35 | } 36 | 37 | variable "addresses" { 38 | description = "A list of IP addresses to create. GCP will reserve unreserved addresses if given the value \"\". If multiple names are given the default value is sufficient to have multiple addresses automatically picked for each name." 39 | type = list(string) 40 | } 41 | 42 | -------------------------------------------------------------------------------- /examples/ip_address_with_specific_ip/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /examples/regional_external_address/README.md: -------------------------------------------------------------------------------- 1 | # Regional external IPv4 address 2 | 3 | This example illustrates how to reserve a regional external IPv4 address. 4 | 5 | The IP address is dynamically assigned by Google Cloud. 6 | 7 | 8 | ## Inputs 9 | 10 | | Name | Description | Type | Default | Required | 11 | |------|-------------|------|---------|:--------:| 12 | | project\_id | The Google Cloud project ID to deploy to | `string` | n/a | yes | 13 | 14 | ## Outputs 15 | 16 | | Name | Description | 17 | |------|-------------| 18 | | addresses | List of address values managed by this module | 19 | | names | List of address resource names | 20 | 21 | 22 | 23 | To provision this example, run the following from within this directory: 24 | - `terraform init` to get the plugins 25 | - `terraform plan` to see the infrastructure plan 26 | - `terraform apply` to apply the infrastructure build 27 | - `terraform destroy` to destroy the built infrastructure 28 | -------------------------------------------------------------------------------- /examples/regional_external_address/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | # [START compute_external_ip_create] 18 | module "address" { 19 | source = "terraform-google-modules/address/google" 20 | version = "~> 4.0" 21 | project_id = var.project_id # Replace this with your service project ID in quotes 22 | region = "europe-west1" 23 | address_type = "EXTERNAL" 24 | names = [ 25 | "regional-external-ip-address-1", 26 | "regional-external-ip-address-2", 27 | "regional-external-ip-address-3" 28 | ] 29 | } 30 | # [END compute_external_ip_create] 31 | 32 | -------------------------------------------------------------------------------- /examples/regional_external_address/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "names" { 18 | description = "List of address resource names" 19 | value = module.address.names 20 | } 21 | 22 | output "addresses" { 23 | description = "List of address values managed by this module" 24 | value = module.address.addresses 25 | } 26 | 27 | 28 | -------------------------------------------------------------------------------- /examples/regional_external_address/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The Google Cloud project ID to deploy to" 20 | } 21 | -------------------------------------------------------------------------------- /examples/regional_external_address/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | } 23 | null = { 24 | source = "hashicorp/null" 25 | version = "~> 3.0" 26 | } 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /helpers/setup-sa.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright 2019 Google LLC 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | set -e 17 | set -u 18 | 19 | # check for input variables 20 | if [ $# -lt 2 ]; then 21 | echo 22 | echo "Usage: $0 " 23 | echo 24 | echo " project id (required)" 25 | echo " service account name (required)" 26 | echo 27 | exit 1 28 | fi 29 | 30 | 31 | # Host project 32 | echo "Verifying project..." 33 | HOST_PROJECT="$(gcloud projects list --format="value(projectId)" --filter="$1")" 34 | 35 | if [[ $HOST_PROJECT == "" ]]; 36 | then 37 | echo "The host project does not exist. Exiting." 38 | exit 1; 39 | fi 40 | 41 | # Service Account creation 42 | SA_NAME="$2" 43 | SA_ID="${SA_NAME}@${HOST_PROJECT}.iam.gserviceaccount.com" 44 | STAGING_DIR="${PWD}" 45 | KEY_FILE="${STAGING_DIR}/credentials.json" 46 | 47 | echo "Creating service account..." 48 | gcloud iam service-accounts \ 49 | --project "${HOST_PROJECT}" create "${SA_NAME}" \ 50 | --display-name "${SA_NAME}" 51 | 52 | echo "Downloading key to credentials.json..." 53 | gcloud iam service-accounts keys create "${KEY_FILE}" \ 54 | --iam-account "${SA_ID}" \ 55 | --user-output-enabled false 56 | 57 | # Grant roles/dns.admin to the service account on the host project 58 | echo "Adding role roles/dns.admin on project ${HOST_PROJECT} to ${SA_ID}..." 59 | gcloud projects add-iam-policy-binding \ 60 | "${HOST_PROJECT}" \ 61 | --member="serviceAccount:${SA_ID}" \ 62 | --role="roles/dns.admin" \ 63 | --user-output-enabled false 64 | 65 | # Grant roles/compute.networkAdmin to the service account on the host project 66 | echo "Adding role roles/compute.networkAdmin on project ${HOST_PROJECT} to ${SA_ID}..." 67 | gcloud projects add-iam-policy-binding \ 68 | "${HOST_PROJECT}" \ 69 | --member="serviceAccount:${SA_ID}" \ 70 | --role="roles/compute.networkAdmin" \ 71 | --user-output-enabled false 72 | 73 | # Enable required API's 74 | echo "Enabling APIs..." 75 | gcloud services enable \ 76 | cloudresourcemanager.googleapis.com \ 77 | compute.googleapis.com \ 78 | dns.googleapis.com \ 79 | --project "${HOST_PROJECT}" 80 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /****************************************** 18 | Locals configuration and validation 19 | *****************************************/ 20 | locals { 21 | dns_fqdns = formatlist("%s.%s", var.dns_short_names, var.dns_domain) 22 | regional_addresses_count = var.global ? 0 : length(var.names) 23 | global_addresses_count = var.global ? length(var.names) : 0 24 | dns_forward_record_count = var.enable_cloud_dns ? length(local.dns_fqdns) : 0 25 | dns_reverse_record_count = var.enable_reverse_dns ? length(local.dns_fqdns) : 0 26 | ip_addresses = concat( 27 | google_compute_address.ip[*].address, 28 | google_compute_global_address.global_ip[*].address, 29 | ) 30 | ip_names = concat( 31 | google_compute_address.ip[*].name, 32 | google_compute_global_address.global_ip[*].name, 33 | ) 34 | self_links = concat( 35 | google_compute_address.ip[*].self_link, 36 | google_compute_global_address.global_ip[*].self_link, 37 | ) 38 | prefix_length = var.address_type == "EXTERNAL" || (var.address_type == "INTERNAL" && var.purpose == "PRIVATE_SERVICE_CONNECT") ? null : var.prefix_length 39 | 40 | /****************************************** 41 | Format reverse DNS entries - see https://github.com/hashicorp/terraform/issues/9404 42 | *****************************************/ 43 | split_ips = [for ip in local.ip_addresses : split(".", ip)] 44 | dns_ptr_fqdns = var.enable_reverse_dns ? [for split_ip in local.split_ips : "${split_ip[3]}.${split_ip[2]}.${split_ip[1]}.${split_ip[0]}.in-addr.arpa"] : [] 45 | } 46 | 47 | /****************************************** 48 | IP address reservation 49 | *****************************************/ 50 | resource "google_compute_address" "ip" { 51 | count = local.regional_addresses_count 52 | project = var.project_id 53 | region = var.region 54 | name = element(var.names, count.index) 55 | address = element(var.addresses, count.index) 56 | subnetwork = var.subnetwork 57 | address_type = var.address_type 58 | purpose = var.address_type == "INTERNAL" ? var.purpose : null 59 | network_tier = var.address_type == "INTERNAL" ? null : var.network_tier 60 | labels = var.labels 61 | description = try(element(var.descriptions, count.index), null) 62 | } 63 | 64 | resource "google_compute_global_address" "global_ip" { 65 | count = local.global_addresses_count 66 | project = var.project_id 67 | name = var.names[count.index] 68 | address_type = var.address_type 69 | address = element(var.addresses, count.index) 70 | network = var.address_type == "EXTERNAL" ? null : var.subnetwork 71 | purpose = var.global && var.address_type == "INTERNAL" ? "VPC_PEERING" : null 72 | prefix_length = local.prefix_length 73 | ip_version = var.ip_version 74 | description = try(element(var.descriptions, count.index), null) 75 | } 76 | 77 | /****************************************** 78 | Forward and reverse DNS entries - note the trailing dot in name 79 | *****************************************/ 80 | resource "google_dns_record_set" "ip" { 81 | count = local.dns_forward_record_count 82 | name = "${local.dns_fqdns[count.index]}." 83 | managed_zone = var.dns_managed_zone 84 | type = var.dns_record_type 85 | ttl = var.dns_ttl 86 | rrdatas = length(local.ip_addresses) == 1 ? [local.ip_addresses[0]] : [local.ip_addresses[count.index]] 87 | project = var.dns_project 88 | } 89 | 90 | resource "google_dns_record_set" "ptr" { 91 | count = local.dns_reverse_record_count 92 | name = "${local.dns_ptr_fqdns[count.index]}." 93 | managed_zone = var.dns_reverse_zone 94 | type = "PTR" 95 | ttl = var.dns_ttl 96 | rrdatas = ["${local.dns_fqdns[count.index]}."] 97 | project = var.dns_project 98 | } 99 | 100 | -------------------------------------------------------------------------------- /outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = local.ip_addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = local.ip_names 25 | } 26 | 27 | output "self_links" { 28 | description = "List of URIs of the created address resources" 29 | value = local.self_links 30 | } 31 | 32 | output "dns_fqdns" { 33 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 34 | value = local.dns_fqdns 35 | } 36 | 37 | output "reverse_dns_fqdns" { 38 | description = "List of reverse DNS PTR records registered in Cloud DNS. (e.g. [\"1.2.11.10.in-addr.arpa\", \"2.2.11.10.in-addr.arpa\"])" 39 | value = local.dns_ptr_fqdns 40 | } 41 | 42 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.Dockerfile.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.Makefile.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 Google LLC 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | https://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.py.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.sh.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.tf.txt: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.xml.txt: -------------------------------------------------------------------------------- 1 | 16 | -------------------------------------------------------------------------------- /test/boilerplate/boilerplate.yaml.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2019 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | -------------------------------------------------------------------------------- /test/ci_integration.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 Google LLC 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # Entry point for CI Integration Tests. This script is expected to be run 18 | # inside the same docker image specified in the CI Pipeline definition. 19 | 20 | # Always clean up. 21 | DELETE_AT_EXIT="$(mktemp -d)" 22 | 23 | finish() { 24 | echo 'BEGIN: finish() trap handler' >&2 25 | # There is a dependency issue with the integration tests - a DNS zone is 26 | # being created but the module also creates DNS entries within the zone. GCP 27 | # will not let you delete a zone without deleting all the entries first, and 28 | # the way the module is setup makes it difficult to setup that dependency. 29 | # Because of that reason, `kitchen destroy` needs to be run twice: first to 30 | # take care of the zone entries (which will produce an error), and a second 31 | # time to get rid of the zone. 32 | set +e 33 | kitchen destroy 34 | [[ -d "${DELETE_AT_EXIT}" ]] && rm -rf "${DELETE_AT_EXIT}" 35 | echo 'END: finish() trap handler' >&2 36 | } 37 | 38 | # Map the input parameters provided by Concourse CI, or whatever mechanism is 39 | # running the tests to Terraform input variables. Also setup credentials for 40 | # use with kitchen-terraform, inspec, and gcloud. 41 | setup_environment() { 42 | local tmpfile 43 | tmpfile="$(mktemp)" 44 | echo "${SERVICE_ACCOUNT_JSON}" > "${tmpfile}" 45 | 46 | # Terraform and most other tools respect GOOGLE_CREDENTIALS 47 | export GOOGLE_CREDENTIALS="${SERVICE_ACCOUNT_JSON}" 48 | # gcloud variables 49 | export CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE="${tmpfile}" 50 | export CLOUDSDK_CORE_PROJECT="${PROJECT_ID}" 51 | 52 | # Terraform input variables 53 | export TF_VAR_project_id="${PROJECT_ID}" 54 | export TF_VAR_region="${REGION:-us-east4}" 55 | } 56 | 57 | main() { 58 | export SUITE="${SUITE:-}" 59 | 60 | set -eu 61 | # Setup trap handler to auto-cleanup 62 | export TMPDIR="${DELETE_AT_EXIT}" 63 | trap finish EXIT 64 | 65 | # Setup environment variables 66 | setup_environment 67 | set -x 68 | 69 | # Execute the test lifecycle 70 | kitchen create "$SUITE" 71 | kitchen converge "$SUITE" 72 | kitchen verify "$SUITE" 73 | kitchen destroy "$SUITE" 74 | kitchen destroy "$SUITE" 75 | } 76 | 77 | # if script is being executed and not sourced. 78 | if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then 79 | main "$@" 80 | fi 81 | -------------------------------------------------------------------------------- /test/fixtures/all_examples/test_outputs.tfshared: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "region" { 18 | description = "Region being used" 19 | value = var.region 20 | } 21 | 22 | output "project_id" { 23 | description = "ID of the project being used" 24 | value = var.project_id 25 | } 26 | 27 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module "example" { 18 | source = "../../../examples/dns_forward_and_reverse" 19 | project_id = var.project_id 20 | region = var.region 21 | subnetwork = google_compute_subnetwork.main.name 22 | dns_project = var.project_id 23 | dns_domain = local.domain 24 | dns_managed_zone = google_dns_managed_zone.forward.name 25 | dns_reverse_zone = google_dns_managed_zone.reverse.name 26 | 27 | 28 | names = [ 29 | "dynamically-reserved-ip-030", 30 | "dynamically-reserved-ip-031", 31 | "dynamically-reserved-ip-032", 32 | ] 33 | 34 | dns_short_names = [ 35 | "testip-031", 36 | "testip-032", 37 | "testip-033", 38 | ] 39 | } 40 | 41 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/network.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | locals { 18 | randomized_name = "cft-address-test-${random_string.suffix.result}" 19 | domain = "justfortesting-${random_string.suffix.result}.local" 20 | forward_zone = "forward-cft-address-test" 21 | reverse_zone = "reverse-cft-address-test" 22 | } 23 | 24 | resource "random_string" "suffix" { 25 | length = 4 26 | special = false 27 | upper = false 28 | } 29 | 30 | provider "google" { 31 | project = var.project_id 32 | } 33 | 34 | resource "google_compute_network" "main" { 35 | name = local.randomized_name 36 | auto_create_subnetworks = false 37 | } 38 | 39 | resource "google_compute_subnetwork" "main" { 40 | name = local.randomized_name 41 | ip_cidr_range = "10.10.0.0/24" 42 | region = var.region 43 | private_ip_google_access = true 44 | network = google_compute_network.main.self_link 45 | } 46 | 47 | resource "google_dns_managed_zone" "forward" { 48 | name = local.forward_zone 49 | dns_name = "${local.domain}." 50 | description = "DNS forward lookup zone example" 51 | force_destroy = true 52 | } 53 | 54 | resource "google_dns_managed_zone" "reverse" { 55 | name = local.reverse_zone 56 | dns_name = "10.10.in-addr.arpa." 57 | description = "DNS reverse lookup zone example" 58 | force_destroy = true 59 | visibility = "private" 60 | } 61 | 62 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.example.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.example.names 25 | } 26 | 27 | output "dns_fqdns" { 28 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 29 | value = module.example.dns_fqdns 30 | } 31 | 32 | output "reverse_dns_fqdns" { 33 | description = "List of reverse DNS PTR records registered in Cloud DNS." 34 | value = module.example.reverse_dns_fqdns 35 | } 36 | 37 | output "forward_zone" { 38 | description = "The GCP name of the forward lookup DNS zone being used" 39 | value = module.example.forward_zone 40 | } 41 | 42 | output "reverse_zone" { 43 | description = "The GCP name of the reverse lookup DNS zone being used" 44 | value = module.example.reverse_zone 45 | } 46 | 47 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/shared_outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/shared_outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/variables.tf: -------------------------------------------------------------------------------- 1 | ../shared/variables.tfshared -------------------------------------------------------------------------------- /test/fixtures/dns_forward_and_reverse/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.12" 19 | } 20 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module "example" { 18 | source = "../../../examples/dns_forward_example" 19 | project_id = var.project_id 20 | region = var.region 21 | subnetwork = google_compute_subnetwork.main.name 22 | dns_project = var.project_id 23 | dns_domain = local.domain 24 | dns_managed_zone = google_dns_managed_zone.forward.name 25 | 26 | names = [ 27 | "dynamically-reserved-ip-020", 28 | "dynamically-reserved-ip-021", 29 | "dynamically-reserved-ip-022", 30 | ] 31 | 32 | dns_short_names = [ 33 | "testip-021", 34 | "testip-022", 35 | "testip-023", 36 | ] 37 | } 38 | 39 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/network.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | locals { 18 | randomized_name = "cft-address-test-${random_string.suffix.result}" 19 | domain = "justfortesting-${random_string.suffix.result}.local" 20 | forward_zone = "forward-example-only" 21 | } 22 | 23 | resource "random_string" "suffix" { 24 | length = 4 25 | special = false 26 | upper = false 27 | } 28 | 29 | provider "google" { 30 | project = var.project_id 31 | } 32 | 33 | resource "google_compute_network" "main" { 34 | name = local.randomized_name 35 | auto_create_subnetworks = false 36 | } 37 | 38 | resource "google_compute_subnetwork" "main" { 39 | name = local.randomized_name 40 | ip_cidr_range = "10.12.0.0/24" 41 | region = var.region 42 | private_ip_google_access = true 43 | network = google_compute_network.main.self_link 44 | } 45 | 46 | resource "google_dns_managed_zone" "forward" { 47 | name = local.forward_zone 48 | dns_name = "${local.domain}." 49 | description = "DNS forward lookup zone example" 50 | force_destroy = true 51 | } 52 | 53 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.example.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.example.names 25 | } 26 | 27 | output "dns_fqdns" { 28 | description = "List of DNS fully qualified domain names registered in Cloud DNS. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001.example.com\", \"gusw1-dev-fooapp-fe-0001-a-0002.example.com\"])" 29 | value = module.example.dns_fqdns 30 | } 31 | 32 | output "forward_zone" { 33 | description = "The GCP name of the forward lookup DNS zone being used" 34 | value = module.example.forward_zone 35 | } 36 | 37 | -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/shared_outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/shared_outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/variables.tf: -------------------------------------------------------------------------------- 1 | ../shared/variables.tfshared -------------------------------------------------------------------------------- /test/fixtures/dns_forward_example/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.12" 19 | } 20 | -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module "example" { 18 | source = "../../../examples/ip_address_only" 19 | project_id = var.project_id 20 | region = var.region 21 | subnetwork = google_compute_subnetwork.main.name 22 | names = ["dynamically-assigned-ip-001"] 23 | } 24 | 25 | -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/network.tf: -------------------------------------------------------------------------------- 1 | ../shared/no_dns/network.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/no_dns/outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/shared_outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/shared_outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/variables.tf: -------------------------------------------------------------------------------- 1 | ../shared/variables.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_only/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.12" 19 | } 20 | -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module "example" { 18 | source = "../../../examples/ip_address_with_specific_ip" 19 | project_id = var.project_id 20 | region = var.region 21 | subnetwork = google_compute_subnetwork.main.name 22 | addresses = ["10.13.0.100"] 23 | names = ["statically-reserved-ip-001"] 24 | } 25 | 26 | -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/network.tf: -------------------------------------------------------------------------------- 1 | ../shared/no_dns/network.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/no_dns/outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/shared_outputs.tf: -------------------------------------------------------------------------------- 1 | ../shared/shared_outputs.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/variables.tf: -------------------------------------------------------------------------------- 1 | ../shared/variables.tfshared -------------------------------------------------------------------------------- /test/fixtures/ip_address_with_specific_ip/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.12" 19 | } 20 | -------------------------------------------------------------------------------- /test/fixtures/shared/network.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | resource "random_string" "suffix" { 18 | length = 4 19 | special = false 20 | upper = false 21 | } 22 | 23 | resource "google_compute_network" "main" { 24 | project = var.project_id 25 | name = "cft-vm-test-${random_string.suffix.result}" 26 | auto_create_subnetworks = false 27 | } 28 | 29 | resource "google_compute_subnetwork" "main" { 30 | project = var.project_id 31 | region = "us-central1" 32 | name = "cft-vm-test-${random_string.suffix.result}" 33 | ip_cidr_range = "10.128.0.0/20" 34 | network = google_compute_network.main.self_link 35 | } 36 | -------------------------------------------------------------------------------- /test/fixtures/shared/no_dns/network.tfshared: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | resource "random_string" "suffix" { 18 | length = 4 19 | special = false 20 | upper = false 21 | } 22 | 23 | provider "google" { 24 | project = var.project_id 25 | } 26 | 27 | resource "google_compute_network" "main" { 28 | name = "cft-address-test-${random_string.suffix.result}" 29 | auto_create_subnetworks = false 30 | } 31 | 32 | resource "google_compute_subnetwork" "main" { 33 | name = "cft-address-test-${random_string.suffix.result}" 34 | ip_cidr_range = "10.13.0.0/24" 35 | region = var.region 36 | private_ip_google_access = true 37 | network = google_compute_network.main.self_link 38 | } 39 | 40 | -------------------------------------------------------------------------------- /test/fixtures/shared/no_dns/outputs.tfshared: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "addresses" { 18 | description = "List of address values managed by this module (e.g. [\"1.2.3.4\"])" 19 | value = module.example.addresses 20 | } 21 | 22 | output "names" { 23 | description = "List of address resource names managed by this module (e.g. [\"gusw1-dev-fooapp-fe-0001-a-0001-ip\"])" 24 | value = module.example.names 25 | } 26 | 27 | -------------------------------------------------------------------------------- /test/fixtures/shared/shared_outputs.tfshared: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | output "project_id" { 18 | value = var.project_id 19 | } 20 | 21 | output "region" { 22 | value = module.example.region 23 | } 24 | 25 | -------------------------------------------------------------------------------- /test/fixtures/shared/terraform.tfvars.example: -------------------------------------------------------------------------------- 1 | project_id = "" 2 | 3 | credentials_path_relative = "../../../../credentials.json" 4 | 5 | region = "us-central1" 6 | 7 | service_account = { 8 | email = "" 9 | scopes = ["cloud-platform"] 10 | } 11 | -------------------------------------------------------------------------------- /test/fixtures/shared/variables.tfshared: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to deploy to" 20 | } 21 | 22 | variable "region" { 23 | type = string 24 | description = "The region to deploy to" 25 | default = "us-central1" 26 | } 27 | 28 | -------------------------------------------------------------------------------- /test/integration/discover_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package test 16 | 17 | import ( 18 | "testing" 19 | 20 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 21 | ) 22 | 23 | func TestAll(t *testing.T) { 24 | tft.AutoDiscoverAndTest(t) 25 | } 26 | -------------------------------------------------------------------------------- /test/integration/dns_forward_and_reverse/dns_forward_and_reverse_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package dns_forward_and_reverse 16 | 17 | import ( 18 | "fmt" 19 | "testing" 20 | 21 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" 22 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 23 | "github.com/gruntwork-io/terratest/modules/terraform" 24 | "github.com/stretchr/testify/assert" 25 | ) 26 | 27 | func TestDnsForwardAndReverse(t *testing.T) { 28 | bpt := tft.NewTFBlueprintTest(t) 29 | 30 | bpt.DefineVerify(func(assert *assert.Assertions) { 31 | bpt.DefaultVerify(assert) 32 | 33 | projectId := bpt.GetStringOutput("project_id") 34 | addresses := terraform.OutputList(t, bpt.GetTFOptions(), "addresses") 35 | name := [3]string{"dynamically-reserved-ip-030", "dynamically-reserved-ip-031", "dynamically-reserved-ip-032"} 36 | dnsFqdns := terraform.OutputList(t, bpt.GetTFOptions(), "dns_fqdns") 37 | reverseDnsFqdns := terraform.OutputList(t, bpt.GetTFOptions(), "reverse_dns_fqdns") 38 | forwardZone := bpt.GetStringOutput("forward_zone") 39 | reverseZone := bpt.GetStringOutput("reverse_zone") 40 | 41 | for index, element := range addresses { 42 | op := gcloud.Runf(t, fmt.Sprintf("compute addresses list --filter='%s' --project %s", element, projectId)).Array()[0].Get("name") 43 | assert.Contains(op.String(), name[index], "IP addresses Created") 44 | } 45 | 46 | for index, element := range dnsFqdns { 47 | op1 := gcloud.Runf(t, fmt.Sprintf("dns record-sets list --filter='%s' --zone=%s --project %s", element, forwardZone, projectId)).Array()[0].Get("rrdatas") 48 | assert.Contains(op1.String(), addresses[index], "Matches the FQDN to the correct IP address") 49 | } 50 | 51 | for index, element := range reverseDnsFqdns { 52 | op2 := gcloud.Runf(t, fmt.Sprintf("dns record-sets list --filter='%s' --zone=%s --project %s", element, reverseZone, projectId)).Array()[0].Get("rrdatas") 53 | assert.Contains(op2.String(), dnsFqdns[index], "Matches the FQDN to the correct IP address") 54 | } 55 | }) 56 | 57 | bpt.Test() 58 | } 59 | -------------------------------------------------------------------------------- /test/integration/dns_forward_example/dns_forward_example_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package dns_forward_example 16 | 17 | import ( 18 | "fmt" 19 | "testing" 20 | 21 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" 22 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 23 | "github.com/gruntwork-io/terratest/modules/terraform" 24 | "github.com/stretchr/testify/assert" 25 | ) 26 | 27 | func TestDnsForwardExample(t *testing.T) { 28 | bpt := tft.NewTFBlueprintTest(t) 29 | 30 | bpt.DefineVerify(func(assert *assert.Assertions) { 31 | bpt.DefaultVerify(assert) 32 | 33 | projectId := bpt.GetStringOutput("project_id") 34 | dnsFqdns := terraform.OutputList(t, bpt.GetTFOptions(), "dns_fqdns") 35 | forwardZone := bpt.GetStringOutput("forward_zone") 36 | addresses := terraform.OutputList(t, bpt.GetTFOptions(), "addresses") 37 | name := [3]string{"dynamically-reserved-ip-020", "dynamically-reserved-ip-021", "dynamically-reserved-ip-022"} 38 | for index, element := range addresses { 39 | op := gcloud.Runf(t, fmt.Sprintf("compute addresses list --filter='%s' --project %s", element, projectId)).Array()[0].Get("name") 40 | assert.Contains(op.String(), name[index], "IP addresses Created") 41 | } 42 | 43 | for index, element := range dnsFqdns { 44 | op1 := gcloud.Runf(t, fmt.Sprintf("dns record-sets list --filter='%s' --zone=%s --project %s", element, forwardZone, projectId)).Array()[0].Get("rrdatas") 45 | assert.Contains(op1.String(), addresses[index], "Matches the FQDN to the correct IP address") 46 | } 47 | }) 48 | 49 | bpt.Test() 50 | } 51 | -------------------------------------------------------------------------------- /test/integration/dns_forward_example_multi_names/dns_forward_example_multi_names_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package dns_forward_example_multi_names 16 | 17 | import ( 18 | "fmt" 19 | "testing" 20 | 21 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" 22 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 23 | "github.com/gruntwork-io/terratest/modules/terraform" 24 | "github.com/stretchr/testify/assert" 25 | ) 26 | 27 | func TestDnsForwardExampleMultiNames(t *testing.T) { 28 | bpt := tft.NewTFBlueprintTest(t) 29 | 30 | bpt.DefineVerify(func(assert *assert.Assertions) { 31 | bpt.DefaultVerify(assert) 32 | 33 | projectId := bpt.GetStringOutput("project_id") 34 | addresses := terraform.OutputList(t, bpt.GetTFOptions(), "addresses") 35 | names := terraform.OutputList(t, bpt.GetTFOptions(), "names") 36 | dnsFqdns := terraform.OutputList(t, bpt.GetTFOptions(), "dns_fqdns") 37 | forwardZone := bpt.GetStringOutput("forward_zone") 38 | 39 | for index, element := range addresses { 40 | op := gcloud.Runf(t, fmt.Sprintf("compute addresses list --filter='%s' --project %s", element, projectId)).Array()[0].Get("name") 41 | assert.Contains(op.String(), names[index], "IP addresses Created") 42 | } 43 | 44 | for _, element := range dnsFqdns { 45 | op1 := gcloud.Runf(t, fmt.Sprintf("dns record-sets list --filter='%s' --zone=%s --project %s", element, forwardZone, projectId)).Array()[0].Get("rrdatas") 46 | assert.Contains(op1.String(), addresses[0], "Matches the FQDN to the correct IP address") 47 | } 48 | }) 49 | 50 | bpt.Test() 51 | } 52 | -------------------------------------------------------------------------------- /test/integration/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/terraform-google-modules/workspace/test/integration 2 | 3 | go 1.22.7 4 | 5 | toolchain go1.24.1 6 | 7 | require ( 8 | github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.3 9 | github.com/gruntwork-io/terratest v0.47.2 10 | github.com/stretchr/testify v1.9.0 11 | ) 12 | 13 | require ( 14 | cloud.google.com/go v0.110.7 // indirect 15 | cloud.google.com/go/compute v1.23.0 // indirect 16 | cloud.google.com/go/compute/metadata v0.2.3 // indirect 17 | cloud.google.com/go/iam v1.1.2 // indirect 18 | cloud.google.com/go/storage v1.33.0 // indirect 19 | github.com/agext/levenshtein v1.2.3 // indirect 20 | github.com/alexflint/go-filemutex v1.3.0 // indirect 21 | github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect 22 | github.com/aws/aws-sdk-go v1.45.5 // indirect 23 | github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect 24 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect 25 | github.com/go-errors/errors v1.5.0 // indirect 26 | github.com/go-openapi/jsonpointer v0.20.0 // indirect 27 | github.com/go-openapi/jsonreference v0.20.2 // indirect 28 | github.com/go-openapi/swag v0.22.4 // indirect 29 | github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect 30 | github.com/golang/protobuf v1.5.3 // indirect 31 | github.com/google/gnostic-models v0.6.8 // indirect 32 | github.com/google/go-cmp v0.6.0 // indirect 33 | github.com/google/s2a-go v0.1.7 // indirect 34 | github.com/google/uuid v1.6.0 // indirect 35 | github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect 36 | github.com/googleapis/gax-go/v2 v2.12.0 // indirect 37 | github.com/hashicorp/errwrap v1.1.0 // indirect 38 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect 39 | github.com/hashicorp/go-getter v1.7.6 // indirect 40 | github.com/hashicorp/go-multierror v1.1.1 // indirect 41 | github.com/hashicorp/go-safetemp v1.0.0 // indirect 42 | github.com/hashicorp/go-version v1.7.0 // indirect 43 | github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f // indirect 44 | github.com/hashicorp/hcl/v2 v2.20.1 // indirect 45 | github.com/hashicorp/terraform-config-inspect v0.0.0-20240801114854-6714b46f5fe4 // indirect 46 | github.com/hashicorp/terraform-json v0.23.0 // indirect 47 | github.com/jinzhu/copier v0.4.0 // indirect 48 | github.com/jmespath/go-jmespath v0.4.0 // indirect 49 | github.com/josharian/intern v1.0.0 // indirect 50 | github.com/klauspost/compress v1.16.7 // indirect 51 | github.com/mailru/easyjson v0.7.7 // indirect 52 | github.com/mattn/go-zglob v0.0.4 // indirect 53 | github.com/mitchellh/go-homedir v1.1.0 // indirect 54 | github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 // indirect 55 | github.com/mitchellh/go-wordwrap v1.0.1 // indirect 56 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect 57 | github.com/tidwall/gjson v1.18.0 // indirect 58 | github.com/tidwall/match v1.1.1 // indirect 59 | github.com/tidwall/pretty v1.2.1 // indirect 60 | github.com/tidwall/sjson v1.2.5 // indirect 61 | github.com/tmccombs/hcl2json v0.6.0 // indirect 62 | github.com/ulikunitz/xz v0.5.11 // indirect 63 | github.com/zclconf/go-cty v1.15.0 // indirect 64 | go.opencensus.io v0.24.0 // indirect 65 | golang.org/x/crypto v0.31.0 // indirect 66 | golang.org/x/mod v0.21.0 // indirect 67 | golang.org/x/net v0.25.0 // indirect 68 | golang.org/x/oauth2 v0.12.0 // indirect 69 | golang.org/x/sync v0.10.0 // indirect 70 | golang.org/x/sys v0.28.0 // indirect 71 | golang.org/x/text v0.21.0 // indirect 72 | golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect 73 | golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect 74 | google.golang.org/api v0.138.0 // indirect 75 | google.golang.org/appengine v1.6.8 // indirect 76 | google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect 77 | google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect 78 | google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect 79 | google.golang.org/grpc v1.58.3 // indirect 80 | google.golang.org/protobuf v1.33.0 // indirect 81 | gopkg.in/yaml.v3 v3.0.1 // indirect 82 | k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect 83 | sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect 84 | sigs.k8s.io/yaml v1.4.0 // indirect 85 | ) 86 | -------------------------------------------------------------------------------- /test/integration/ip_address_only/ip_address_only_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package ip_address_only 16 | 17 | import ( 18 | "fmt" 19 | "testing" 20 | 21 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" 22 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 23 | "github.com/stretchr/testify/assert" 24 | ) 25 | 26 | func TestIpAddressOnly(t *testing.T) { 27 | bpt := tft.NewTFBlueprintTest(t) 28 | 29 | bpt.DefineVerify(func(assert *assert.Assertions) { 30 | bpt.DefaultVerify(assert) 31 | 32 | projectId := bpt.GetStringOutput("project_id") 33 | address := "10.13.0.2" 34 | name := "dynamically-assigned-ip-001" 35 | 36 | op := gcloud.Runf(t, fmt.Sprintf("compute addresses list --filter='%s' --project %s", address, projectId)).Array()[0].Get("name") 37 | assert.Contains(op.String(), name, "IP addresses Created") 38 | }) 39 | 40 | bpt.Test() 41 | } 42 | -------------------------------------------------------------------------------- /test/integration/ip_address_with_specific_ip/ip_address_with_specific_ip_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2022 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package ip_address_with_specific_ip 16 | 17 | import ( 18 | "fmt" 19 | "testing" 20 | 21 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" 22 | "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" 23 | "github.com/stretchr/testify/assert" 24 | ) 25 | 26 | func TestIpAddressWithSpecificIp(t *testing.T) { 27 | bpt := tft.NewTFBlueprintTest(t) 28 | 29 | bpt.DefineVerify(func(assert *assert.Assertions) { 30 | bpt.DefaultVerify(assert) 31 | 32 | projectId := bpt.GetStringOutput("project_id") 33 | address := "10.13.0.100" 34 | name := "statically-reserved-ip-001" 35 | 36 | op := gcloud.Runf(t, fmt.Sprintf("compute addresses list --filter='%s' --project %s", address, projectId)).Array()[0].Get("name") 37 | assert.Contains(op.String(), name, "IP addresses Created") 38 | }) 39 | 40 | bpt.Test() 41 | } 42 | -------------------------------------------------------------------------------- /test/make.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2019 Google LLC 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # This function checks to make sure that every 18 | # shebang has a '- e' flag, which causes it 19 | # to exit on error 20 | 21 | # find_files is a helper to exclude .git directories and match only regular 22 | # files to avoid double-processing symlinks. 23 | find_files() { 24 | local pth="$1" 25 | shift 26 | find "${pth}" '(' -path '*/.git' -o -path '*/.terraform' ')' \ 27 | -prune -o -type f "$@" 28 | } 29 | 30 | # Create a temporary file in the auto-cleaned up directory while avoiding 31 | # overwriting TMPDIR for other processes. 32 | # shellcheck disable=SC2120 # (Arguments may be passed, e.g. maketemp -d) 33 | maketemp() { 34 | TMPDIR="${DELETE_AT_EXIT}" mktemp "$@" 35 | } 36 | 37 | 38 | # Compatibility with both GNU and BSD style xargs. 39 | compat_xargs() { 40 | local compat=() 41 | # Test if xargs is GNU or BSD style. GNU xargs will succeed with status 0 42 | # when given --no-run-if-empty and no input on STDIN. BSD xargs will fail and 43 | # exit status non-zero If xargs fails, assume it is BSD style and proceed. 44 | # stderr is silently redirected to avoid console log spam. 45 | if xargs --no-run-if-empty /dev/null; then 46 | compat=("--no-run-if-empty") 47 | fi 48 | xargs "${compat[@]}" "$@" 49 | } 50 | 51 | # This function makes sure that the required files for 52 | # releasing to OSS are present 53 | function basefiles() { 54 | local fn required_files="LICENSE README.md" 55 | echo "Checking for required files ${required_files}" 56 | for fn in ${required_files}; do 57 | test -f "${fn}" || echo "Missing required file ${fn}" 58 | done 59 | } 60 | 61 | function check_bash() { 62 | find . -name "*.sh" | while IFS= read -d '' -r file; 63 | do 64 | if [[ "$file" != *"bash -e"* ]]; 65 | then 66 | echo "$file is missing shebang with -e"; 67 | exit 1; 68 | fi; 69 | done; 70 | } 71 | 72 | # This function makes sure that the required files for 73 | # releasing to OSS are present 74 | function basefiles() { 75 | echo "Checking for required files" 76 | test -f LICENSE || echo "Missing LICENSE" 77 | test -f README.md || echo "Missing README.md" 78 | } 79 | 80 | # This function runs 'terraform validate' against all 81 | # files ending in '.tf' 82 | 83 | function check_terraform() { 84 | local rval=125 85 | # fmt is before validate for faster feedback, validate requires terraform 86 | # init which takes time. 87 | echo "Running terraform fmt" 88 | find_files . -name "*.tf" -exec terraform fmt -check=true -write=false {} \; 89 | rval="$?" 90 | if [[ "${rval}" -gt 0 ]]; then 91 | echo "Error: terraform fmt failed with exit code ${rval}" >&2 92 | echo "Check the output for diffs and correct using terraform fmt " >&2 93 | return "${rval}" 94 | fi 95 | echo "Running terraform validate" 96 | local DIRS_TF="" 97 | local BASEPATH="" 98 | BASEPATH="$(pwd)" 99 | DIRS_TF=$(find_files . -not -path "./test/fixtures/shared/*" -name "*.tf" -print0 | compat_xargs -0 -n1 dirname | sort -u) 100 | for DIR_TF in $DIRS_TF 101 | do 102 | # shellcheck disable=SC2164 103 | cd "$DIR_TF" 104 | terraform init && terraform validate && rm -rf .terraform 105 | # shellcheck disable=SC2164 106 | cd "$BASEPATH" 107 | done 108 | } 109 | 110 | # This function runs 'go fmt' and 'go vet' on every file 111 | # that ends in '.go' 112 | function golang() { 113 | echo "Running go fmt and go vet" 114 | find . -name "*.go" -exec go fmt {} \; 115 | find . -name "*.go" -exec go vet {} \; 116 | } 117 | 118 | # This function runs the flake8 linter on every file 119 | # ending in '.py' 120 | function check_python() { 121 | echo "Running flake8" 122 | find . -name "*.py" -exec flake8 {} \; 123 | } 124 | 125 | # This function runs the shellcheck linter on every 126 | # file ending in '.sh' 127 | function check_shell() { 128 | echo "Running shellcheck" 129 | find . -name "*.sh" -exec shellcheck -x {} \; 130 | } 131 | 132 | # This function makes sure that there is no trailing whitespace 133 | # in any files in the project. 134 | # There are some exclusions 135 | function check_trailing_whitespace() { 136 | echo "The following lines have trailing whitespace" 137 | grep -r '[[:blank:]]$' --exclude-dir=".terraform" --exclude-dir=".kitchen" --exclude="*.png" --exclude="*.pyc" --exclude-dir=".git" . 138 | rc=$? 139 | if [ $rc = 0 ]; then 140 | exit 1 141 | fi 142 | } 143 | 144 | function generate_docs() { 145 | echo "Generating markdown docs with terraform-docs" 146 | local pth helper_dir rval 147 | helper_dir="$(pwd)/helpers" 148 | while read -r pth; do 149 | if [[ -e "${pth}/README.md" ]]; then 150 | (cd "${pth}" || return 3; "${helper_dir}"/terraform_docs .;) 151 | rval="$?" 152 | if [[ "${rval}" -gt 0 ]]; then 153 | echo "Error: terraform_docs in ${pth} exit code: ${rval}" >&2 154 | return "${rval}" 155 | fi 156 | else 157 | echo "Skipping ${pth} because README.md does not exist." 158 | fi 159 | done < <(find_files . -name '*.tf' -print0 \ 160 | | compat_xargs -0 -n1 dirname \ 161 | | sort -u) 162 | } 163 | 164 | 165 | function prepare_test_variables() { 166 | echo "Preparing terraform.tfvars files for integration tests" 167 | #shellcheck disable=2044 168 | for i in $(find ./test/fixtures -type f -name terraform.tfvars.sample); do 169 | destination=${i/%.sample/} 170 | if [ ! -f "${destination}" ]; then 171 | cp "${i}" "${destination}" 172 | echo "${destination} has been created. Please edit it to reflect your GCP configuration." 173 | fi 174 | done 175 | } 176 | 177 | function check_headers() { 178 | echo "Checking file headers" 179 | # Use the exclusion behavior of find_files 180 | find_files . -print0 \ 181 | | compat_xargs -0 python test/verify_boilerplate.py 182 | } 183 | -------------------------------------------------------------------------------- /test/setup/iam.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | locals { 18 | int_required_roles = [ 19 | "roles/compute.networkAdmin", 20 | "roles/dns.admin", 21 | "roles/iam.serviceAccountUser", 22 | ] 23 | 24 | } 25 | 26 | resource "random_id" "random_suffix" { 27 | byte_length = 2 28 | } 29 | 30 | resource "google_service_account" "address" { 31 | project = module.address_module.project_id 32 | account_id = "ci-address-${random_id.random_suffix.hex}" 33 | display_name = "ci-address" 34 | } 35 | 36 | resource "google_project_iam_member" "address" { 37 | count = length(local.int_required_roles) 38 | project = module.address_module.project_id 39 | role = local.int_required_roles[count.index] 40 | member = "serviceAccount:${google_service_account.address.email}" 41 | } 42 | 43 | resource "google_service_account_key" "address" { 44 | service_account_id = google_service_account.address.id 45 | } 46 | -------------------------------------------------------------------------------- /test/setup/main.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | resource "random_id" "random_project_id_suffix" { 18 | byte_length = 4 19 | } 20 | 21 | module "address_module" { 22 | source = "terraform-google-modules/project-factory/google" 23 | version = "~> 18.0" 24 | 25 | name = "ci-address-${random_id.random_project_id_suffix.hex}" 26 | random_project_id = true 27 | org_id = var.org_id 28 | folder_id = var.folder_id 29 | billing_account = var.billing_account 30 | 31 | auto_create_network = false 32 | 33 | activate_apis = [ 34 | "oslogin.googleapis.com", 35 | "cloudresourcemanager.googleapis.com", 36 | "compute.googleapis.com", 37 | "dns.googleapis.com", 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /test/setup/outputs.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | output "service_account_private_key" { 17 | description = "The SA KEY JSON content. Store in GOOGLE_CREDENTIALS." 18 | value = base64decode(google_service_account_key.address.private_key) 19 | sensitive = true 20 | } 21 | 22 | output "project_id" { 23 | value = module.address_module.project_id 24 | } 25 | -------------------------------------------------------------------------------- /test/setup/variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "region" { 18 | type = string 19 | description = "The region to deploy to" 20 | default = "us-central1" 21 | } 22 | 23 | variable "org_id" { 24 | description = "The numeric organization id" 25 | } 26 | 27 | variable "folder_id" { 28 | description = "The folder to deploy in" 29 | } 30 | 31 | variable "billing_account" { 32 | description = "The billing account id associated with the project, e.g. XXXXXX-YYYYYY-ZZZZZZ" 33 | } 34 | -------------------------------------------------------------------------------- /test/setup/versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | google = { 21 | source = "hashicorp/google" 22 | version = ">= 3.50, < 7" 23 | } 24 | google-beta = { 25 | source = "hashicorp/google-beta" 26 | version = ">= 3.50, < 7" 27 | } 28 | random = { 29 | source = "hashicorp/random" 30 | } 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /test/test_verify_boilerplate.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Copyright 2019 Google LLC 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # https://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | ''' A simple test for the verify_boilerplate python script. 18 | This will create a set of test files, both valid and invalid, 19 | and confirm that the has_valid_header call returns the correct 20 | value. 21 | 22 | It also checks the number of files that are found by the 23 | get_files call. 24 | ''' 25 | from copy import deepcopy 26 | from tempfile import mkdtemp 27 | from shutil import rmtree 28 | import unittest 29 | from verify_boilerplate import has_valid_header, get_refs, get_regexs, \ 30 | get_args, get_files 31 | 32 | 33 | class AllTestCase(unittest.TestCase): 34 | """ 35 | All of the setup, teardown, and tests are contained in this 36 | class. 37 | """ 38 | 39 | def write_file(self, filename, content, expected): 40 | """ 41 | A utility method that creates test files, and adds them to 42 | the cases that will be tested. 43 | 44 | Args: 45 | filename: (string) the file name (path) to be created. 46 | content: (list of strings) the contents of the file. 47 | expected: (boolean) True if the header is expected to be valid, 48 | false if not. 49 | """ 50 | 51 | file = open(filename, 'w+') 52 | for line in content: 53 | file.write(line + "\n") 54 | file.close() 55 | self.cases[filename] = expected 56 | 57 | def create_test_files(self, tmp_path, extension, header): 58 | """ 59 | Creates 2 test files for .tf, .xml, .go, etc and one for 60 | Dockerfile, and Makefile. 61 | 62 | The reason for the difference is that Makefile and Dockerfile 63 | don't have an extension. These would be substantially more 64 | difficult to create negative test cases, unless the files 65 | were written, deleted, and re-written. 66 | 67 | Args: 68 | tmp_path: (string) the path in which to create the files 69 | extension: (string) the file extension 70 | header: (list of strings) the header/boilerplate content 71 | """ 72 | 73 | content = "\n...blah \ncould be code or could be garbage\n" 74 | special_cases = ["Dockerfile", "Makefile"] 75 | header_template = deepcopy(header) 76 | valid_filename = tmp_path + extension 77 | valid_content = header_template.append(content) 78 | if extension not in special_cases: 79 | # Invalid test cases for non-*file files (.tf|.py|.sh|.yaml|.xml..) 80 | invalid_header = [] 81 | for line in header_template: 82 | if "2019" in line: 83 | invalid_header.append(line.replace('2019', 'YEAR')) 84 | else: 85 | invalid_header.append(line) 86 | invalid_header.append(content) 87 | invalid_content = invalid_header 88 | invalid_filename = tmp_path + "invalid." + extension 89 | self.write_file(invalid_filename, invalid_content, False) 90 | valid_filename = tmp_path + "testfile." + extension 91 | 92 | valid_content = header_template 93 | self.write_file(valid_filename, valid_content, True) 94 | 95 | def setUp(self): 96 | """ 97 | Set initial counts and values, and initializes the setup of the 98 | test files. 99 | """ 100 | self.cases = {} 101 | self.tmp_path = mkdtemp() + "/" 102 | self.my_args = get_args() 103 | self.my_refs = get_refs(self.my_args) 104 | self.my_regex = get_regexs() 105 | self.prexisting_file_count = len( 106 | get_files(self.my_refs.keys(), self.my_args)) 107 | for key in self.my_refs: 108 | self.create_test_files(self.tmp_path, key, 109 | self.my_refs.get(key)) 110 | 111 | def tearDown(self): 112 | """ Delete the test directory. """ 113 | rmtree(self.tmp_path) 114 | 115 | def test_files_headers(self): 116 | """ 117 | Confirms that the expected output of has_valid_header is correct. 118 | """ 119 | for case in self.cases: 120 | if self.cases[case]: 121 | self.assertTrue(has_valid_header(case, self.my_refs, 122 | self.my_regex)) 123 | else: 124 | self.assertFalse(has_valid_header(case, self.my_refs, 125 | self.my_regex)) 126 | 127 | def test_invalid_count(self): 128 | """ 129 | Test that the initial files found isn't zero, indicating 130 | a problem with the code. 131 | """ 132 | self.assertFalse(self.prexisting_file_count == 0) 133 | 134 | 135 | if __name__ == "__main__": 136 | unittest.main() 137 | -------------------------------------------------------------------------------- /test/verify_boilerplate.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # Copyright 2019 Google LLC 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # https://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # Verifies that all source files contain the necessary copyright boilerplate 17 | # snippet. 18 | # This is based on existing work 19 | # https://github.com/kubernetes/test-infra/blob/master/hack 20 | # /verify_boilerplate.py 21 | from __future__ import print_function 22 | import argparse 23 | import glob 24 | import os 25 | import re 26 | import sys 27 | 28 | 29 | def get_args(): 30 | """Parses command line arguments. 31 | 32 | Configures and runs argparse.ArgumentParser to extract command line 33 | arguments. 34 | 35 | Returns: 36 | An argparse.Namespace containing the arguments parsed from the 37 | command line 38 | """ 39 | parser = argparse.ArgumentParser() 40 | parser.add_argument("filenames", 41 | help="list of files to check, " 42 | "all files if unspecified", 43 | nargs='*') 44 | rootdir = os.path.dirname(__file__) + "/../" 45 | rootdir = os.path.abspath(rootdir) 46 | parser.add_argument( 47 | "--rootdir", 48 | default=rootdir, 49 | help="root directory to examine") 50 | 51 | default_boilerplate_dir = os.path.join(rootdir, "test/boilerplate") 52 | parser.add_argument("--boilerplate-dir", default=default_boilerplate_dir) 53 | return parser.parse_args() 54 | 55 | 56 | def get_refs(ARGS): 57 | """Converts the directory of boilerplate files into a map keyed by file 58 | extension. 59 | 60 | Reads each boilerplate file's contents into an array, then adds that array 61 | to a map keyed by the file extension. 62 | 63 | Returns: 64 | A map of boilerplate lines, keyed by file extension. For example, 65 | boilerplate.py.txt would result in the k,v pair {".py": py_lines} where 66 | py_lines is an array containing each line of the file. 67 | """ 68 | refs = {} 69 | 70 | # Find and iterate over the absolute path for each boilerplate template 71 | for path in glob.glob(os.path.join( 72 | ARGS.boilerplate_dir, 73 | "boilerplate.*.txt")): 74 | extension = os.path.basename(path).split(".")[1] 75 | ref_file = open(path, 'r') 76 | ref = ref_file.read().splitlines() 77 | ref_file.close() 78 | refs[extension] = ref 79 | return refs 80 | 81 | 82 | # pylint: disable=too-many-locals 83 | def has_valid_header(filename, refs, regexs): 84 | """Test whether a file has the correct boilerplate header. 85 | 86 | Tests each file against the boilerplate stored in refs for that file type 87 | (based on extension), or by the entire filename (eg Dockerfile, Makefile). 88 | Some heuristics are applied to remove build tags and shebangs, but little 89 | variance in header formatting is tolerated. 90 | 91 | Args: 92 | filename: A string containing the name of the file to test 93 | refs: A map of boilerplate headers, keyed by file extension 94 | regexs: a map of compiled regex objects used in verifying boilerplate 95 | 96 | Returns: 97 | True if the file has the correct boilerplate header, otherwise returns 98 | False. 99 | """ 100 | try: 101 | with open(filename, 'r') as fp: # pylint: disable=invalid-name 102 | data = fp.read() 103 | except IOError: 104 | return False 105 | basename = os.path.basename(filename) 106 | extension = get_file_extension(filename) 107 | if extension: 108 | ref = refs[extension] 109 | else: 110 | ref = refs[basename] 111 | # remove build tags from the top of Go files 112 | if extension == "go": 113 | con = regexs["go_build_constraints"] 114 | (data, found) = con.subn("", data, 1) 115 | # remove shebang 116 | elif extension == "sh" or extension == "py": 117 | she = regexs["shebang"] 118 | (data, found) = she.subn("", data, 1) 119 | data = data.splitlines() 120 | # if our test file is smaller than the reference it surely fails! 121 | if len(ref) > len(data): 122 | return False 123 | # trim our file to the same number of lines as the reference file 124 | data = data[:len(ref)] 125 | year = regexs["year"] 126 | for datum in data: 127 | if year.search(datum): 128 | return False 129 | 130 | # if we don't match the reference at this point, fail 131 | if ref != data: 132 | return False 133 | return True 134 | 135 | 136 | def get_file_extension(filename): 137 | """Extracts the extension part of a filename. 138 | 139 | Identifies the extension as everything after the last period in filename. 140 | 141 | Args: 142 | filename: string containing the filename 143 | 144 | Returns: 145 | A string containing the extension in lowercase 146 | """ 147 | return os.path.splitext(filename)[1].split(".")[-1].lower() 148 | 149 | 150 | # These directories will be omitted from header checks 151 | SKIPPED_DIRS = [ 152 | 'Godeps', 'third_party', '_gopath', '_output', 153 | '.git', 'vendor', '__init__.py', 'node_modules' 154 | ] 155 | 156 | 157 | def normalize_files(files): 158 | """Extracts the files that require boilerplate checking from the files 159 | argument. 160 | 161 | A new list will be built. Each path from the original files argument will 162 | be added unless it is within one of SKIPPED_DIRS. All relative paths will 163 | be converted to absolute paths by prepending the root_dir path parsed from 164 | the command line, or its default value. 165 | 166 | Args: 167 | files: a list of file path strings 168 | 169 | Returns: 170 | A modified copy of the files list where any any path in a skipped 171 | directory is removed, and all paths have been made absolute. 172 | """ 173 | newfiles = [] 174 | for pathname in files: 175 | if any(x in pathname for x in SKIPPED_DIRS): 176 | continue 177 | newfiles.append(pathname) 178 | for idx, pathname in enumerate(newfiles): 179 | if not os.path.isabs(pathname): 180 | newfiles[idx] = os.path.join(ARGS.rootdir, pathname) 181 | return newfiles 182 | 183 | 184 | def get_files(extensions, ARGS): 185 | """Generates a list of paths whose boilerplate should be verified. 186 | 187 | If a list of file names has been provided on the command line, it will be 188 | treated as the initial set to search. Otherwise, all paths within rootdir 189 | will be discovered and used as the initial set. 190 | 191 | Once the initial set of files is identified, it is normalized via 192 | normalize_files() and further stripped of any file name whose extension is 193 | not in extensions. 194 | 195 | Args: 196 | extensions: a list of file extensions indicating which file types 197 | should have their boilerplate verified 198 | 199 | Returns: 200 | A list of absolute file paths 201 | """ 202 | files = [] 203 | if ARGS.filenames: 204 | files = ARGS.filenames 205 | else: 206 | for root, dirs, walkfiles in os.walk(ARGS.rootdir): 207 | # don't visit certain dirs. This is just a performance improvement 208 | # as we would prune these later in normalize_files(). But doing it 209 | # cuts down the amount of filesystem walking we do and cuts down 210 | # the size of the file list 211 | for dpath in SKIPPED_DIRS: 212 | if dpath in dirs: 213 | dirs.remove(dpath) 214 | for name in walkfiles: 215 | pathname = os.path.join(root, name) 216 | files.append(pathname) 217 | files = normalize_files(files) 218 | outfiles = [] 219 | for pathname in files: 220 | basename = os.path.basename(pathname) 221 | extension = get_file_extension(pathname) 222 | if extension in extensions or basename in extensions: 223 | outfiles.append(pathname) 224 | return outfiles 225 | 226 | 227 | def get_regexs(): 228 | """Builds a map of regular expressions used in boilerplate validation. 229 | 230 | There are two scenarios where these regexes are used. The first is in 231 | validating the date referenced is the boilerplate, by ensuring it is an 232 | acceptable year. The second is in identifying non-boilerplate elements, 233 | like shebangs and compiler hints that should be ignored when validating 234 | headers. 235 | 236 | Returns: 237 | A map of compiled regular expression objects, keyed by mnemonic. 238 | """ 239 | regexs = {} 240 | # Search for "YEAR" which exists in the boilerplate, but shouldn't in the 241 | # real thing 242 | regexs["year"] = re.compile('YEAR') 243 | # dates can be 2014, 2015, 2016 or 2017, company holder names can be 244 | # anything 245 | regexs["date"] = re.compile('(2014|2015|2016|2017|2018|2019)') 246 | # strip // +build \n\n build constraints 247 | regexs["go_build_constraints"] = re.compile(r"^(// \+build.*\n)+\n", 248 | re.MULTILINE) 249 | # strip #!.* from shell/python scripts 250 | regexs["shebang"] = re.compile(r"^(#!.*\n)\n*", re.MULTILINE) 251 | return regexs 252 | 253 | 254 | def main(args): 255 | """Identifies and verifies files that should have the desired boilerplate. 256 | 257 | Retrieves the lists of files to be validated and tests each one in turn. 258 | If all files contain correct boilerplate, this function terminates 259 | normally. Otherwise it prints the name of each non-conforming file and 260 | exists with a non-zero status code. 261 | """ 262 | regexs = get_regexs() 263 | refs = get_refs(args) 264 | filenames = get_files(refs.keys(), args) 265 | nonconforming_files = [] 266 | for filename in filenames: 267 | if not has_valid_header(filename, refs, regexs): 268 | nonconforming_files.append(filename) 269 | if nonconforming_files: 270 | print('%d files have incorrect boilerplate headers:' % len( 271 | nonconforming_files)) 272 | for filename in sorted(nonconforming_files): 273 | print(os.path.relpath(filename, args.rootdir)) 274 | sys.exit(1) 275 | 276 | 277 | if __name__ == "__main__": 278 | ARGS = get_args() 279 | main(ARGS) 280 | -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | variable "project_id" { 18 | type = string 19 | description = "The project ID to create the address in" 20 | } 21 | 22 | variable "region" { 23 | type = string 24 | description = "The region to create the address in" 25 | } 26 | 27 | variable "names" { 28 | description = "A list of IP address resource names to create. This is the GCP resource name and not the associated hostname of the IP address. Existing resource names may be found with `gcloud compute addresses list` (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001-ip\"])" 29 | type = list(string) 30 | default = [] 31 | } 32 | 33 | variable "addresses" { 34 | description = "A list of IP addresses to create. GCP will reserve unreserved addresses if given the value \"\". If multiple names are given the default value is sufficient to have multiple addresses automatically picked for each name." 35 | type = list(string) 36 | default = [""] 37 | } 38 | 39 | variable "global" { 40 | description = "The scope in which the address should live. If set to true, the IP address will be globally scoped. Defaults to false, i.e. regionally scoped. When set to true, do not provide a subnetwork." 41 | type = bool 42 | default = false 43 | } 44 | 45 | variable "dns_short_names" { 46 | description = "A list of DNS short names to register within Cloud DNS. Names corresponding to addresses must align by their list index position in the two input variables, `names` and `dns_short_names`. If an empty list, no domain names are registered. Multiple names may be registered to the same address by passing a single element list to names and multiple elements to dns_short_names. (e.g. [\"gusw1-dev-fooapp-fe-0001-a-001\"])" 47 | type = list(string) 48 | default = [] 49 | } 50 | 51 | variable "dns_domain" { 52 | description = "The domain to append to DNS short names when registering in Cloud DNS." 53 | type = string 54 | default = "" 55 | } 56 | 57 | variable "dns_project" { 58 | description = "The project where DNS A records will be configured." 59 | type = string 60 | default = "" 61 | } 62 | 63 | variable "dns_ttl" { 64 | type = number 65 | description = "The DNS TTL in seconds for records created in Cloud DNS. The default value should be used unless the application demands special handling." 66 | default = 300 67 | } 68 | 69 | variable "dns_managed_zone" { 70 | type = string 71 | description = "The name of the managed zone to create records within. This managed zone must exist in the host project." 72 | default = "" 73 | } 74 | 75 | variable "dns_reverse_zone" { 76 | type = string 77 | description = "The name of the managed zone to create PTR records within. This managed zone must exist in the host project." 78 | default = "" 79 | } 80 | 81 | variable "dns_record_type" { 82 | type = string 83 | description = "The type of records to create in the managed zone. (e.g. \"A\")" 84 | default = "A" 85 | } 86 | 87 | variable "subnetwork" { 88 | type = string 89 | description = "The subnet containing the address. For EXTERNAL addresses use the empty string, \"\". (e.g. \"projects//regions//subnetworks/\")" 90 | default = "" 91 | } 92 | 93 | variable "address_type" { 94 | type = string 95 | description = "The type of address to reserve, either \"INTERNAL\" or \"EXTERNAL\". If unspecified, defaults to \"INTERNAL\"." 96 | default = "INTERNAL" 97 | } 98 | 99 | variable "enable_cloud_dns" { 100 | description = "If a value is set, register records in Cloud DNS." 101 | type = bool 102 | default = false 103 | } 104 | 105 | variable "enable_reverse_dns" { 106 | description = "If a value is set, register reverse DNS PTR records in Cloud DNS in the managed zone specified by dns_reverse_zone" 107 | type = bool 108 | default = false 109 | } 110 | 111 | variable "purpose" { 112 | type = string 113 | description = "The purpose of the resource(GCE_ENDPOINT, SHARED_LOADBALANCER_VIP, VPC_PEERING)." 114 | default = "GCE_ENDPOINT" 115 | } 116 | 117 | variable "network_tier" { 118 | type = string 119 | description = "The networking tier used for configuring this address." 120 | default = "PREMIUM" 121 | } 122 | 123 | variable "prefix_length" { 124 | type = number 125 | description = "The prefix length of the IP range." 126 | default = 16 127 | } 128 | 129 | variable "ip_version" { 130 | type = string 131 | description = "The IP Version that will be used by this address." 132 | default = "IPV4" 133 | } 134 | 135 | variable "labels" { 136 | type = map(string) 137 | description = "Labels to apply to this address." 138 | default = {} 139 | } 140 | 141 | variable "descriptions" { 142 | description = "A list of descriptions to add to each address." 143 | type = list(string) 144 | default = [] 145 | } 146 | -------------------------------------------------------------------------------- /versions.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_version = ">= 0.13" 19 | required_providers { 20 | 21 | google = { 22 | source = "hashicorp/google" 23 | version = ">= 5.2, < 7" 24 | } 25 | } 26 | 27 | provider_meta "google" { 28 | module_name = "blueprints/terraform/terraform-google-address/v4.1.0" 29 | } 30 | 31 | } 32 | --------------------------------------------------------------------------------