From 077e881406d554a0da588c5f0266ca6eae4c1acf Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Mon, 15 Feb 2021 19:08:00 +0100 Subject: [PATCH] Add tests to proxy example --- networking/filtering-proxy/README.md | 3 +- networking/filtering-proxy/main.tf | 8 ++--- networking/filtering-proxy/variables.tf | 10 ++++++ tests/networking/filtering_proxy/__init__.py | 13 ++++++++ .../filtering_proxy/fixture/main.tf | 23 ++++++++++++++ .../filtering_proxy/fixture/variables.tf | 18 +++++++++++ tests/networking/filtering_proxy/test_plan.py | 31 +++++++++++++++++++ 7 files changed, 100 insertions(+), 6 deletions(-) create mode 100644 tests/networking/filtering_proxy/__init__.py create mode 100644 tests/networking/filtering_proxy/fixture/main.tf create mode 100644 tests/networking/filtering_proxy/fixture/variables.tf create mode 100644 tests/networking/filtering_proxy/test_plan.py diff --git a/networking/filtering-proxy/README.md b/networking/filtering-proxy/README.md index 5df1d0ee0..02a36fb69 100644 --- a/networking/filtering-proxy/README.md +++ b/networking/filtering-proxy/README.md @@ -22,11 +22,12 @@ You can optionally deploy the Squid server as [Managed Instance Group](https://c |---|---|:---: |:---:|:---:| | billing_account | Billing account id used as default for new projects. | string | ✓ | | | prefix | Prefix used for resources that need unique names. | string | ✓ | | -| region | Default region for resources | string | ✓ | | | root_node | Root node for the new hierarchy, either 'organizations/org_id' or 'folders/folder_id'. | string | ✓ | | +| *allowed_domains* | List of domains allowed by the squid proxy. | list(string) | | ... | | *cidrs* | CIDR ranges for subnets | map(string) | | ... | | *mig* | Enables the creation of an autoscaling managed instance group of squid instances. | bool | | false | | *nat_logging* | Enables Cloud NAT logging if not null, value is one of 'ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL'. | string | | ERRORS_ONLY | +| *region* | Default region for resources | string | | europe-west1 | ## Outputs diff --git a/networking/filtering-proxy/main.tf b/networking/filtering-proxy/main.tf index b36daeeca..812aa1dec 100644 --- a/networking/filtering-proxy/main.tf +++ b/networking/filtering-proxy/main.tf @@ -124,10 +124,8 @@ module "service-account-squid" { } module "cos-squid" { - source = "../../modules/cloud-config-container/squid" - allow = [ - ".github.com", - ] + source = "../../modules/cloud-config-container/squid" + allow = var.allowed_domains clients = [var.cidrs.apps] } @@ -250,7 +248,7 @@ module "folder-apps" { module "project-app" { source = "../../modules/project" billing_account = var.billing_account - name = "app" + name = "app1" parent = module.folder-apps.id prefix = var.prefix services = ["compute.googleapis.com"] diff --git a/networking/filtering-proxy/variables.tf b/networking/filtering-proxy/variables.tf index 9b66bd354..99abfb0fb 100644 --- a/networking/filtering-proxy/variables.tf +++ b/networking/filtering-proxy/variables.tf @@ -32,6 +32,7 @@ variable "root_node" { variable "region" { description = "Default region for resources" type = string + default = "europe-west1" } variable "cidrs" { @@ -54,3 +55,12 @@ variable "mig" { type = bool default = false } + +variable "allowed_domains" { + description = "List of domains allowed by the squid proxy." + type = list(string) + default = [ + ".google.com", + ".github.com" + ] +} diff --git a/tests/networking/filtering_proxy/__init__.py b/tests/networking/filtering_proxy/__init__.py new file mode 100644 index 000000000..d46dbae5e --- /dev/null +++ b/tests/networking/filtering_proxy/__init__.py @@ -0,0 +1,13 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/tests/networking/filtering_proxy/fixture/main.tf b/tests/networking/filtering_proxy/fixture/main.tf new file mode 100644 index 000000000..62451c801 --- /dev/null +++ b/tests/networking/filtering_proxy/fixture/main.tf @@ -0,0 +1,23 @@ +/** + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "test" { + source = "../../../../networking/filtering-proxy" + billing_account = "123456-123456-123456" + mig = var.mig + prefix = "fabric" + root_node = "folders/123456789" +} diff --git a/tests/networking/filtering_proxy/fixture/variables.tf b/tests/networking/filtering_proxy/fixture/variables.tf new file mode 100644 index 000000000..a01f36741 --- /dev/null +++ b/tests/networking/filtering_proxy/fixture/variables.tf @@ -0,0 +1,18 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +variable "mig" { + type = bool + default = false +} diff --git a/tests/networking/filtering_proxy/test_plan.py b/tests/networking/filtering_proxy/test_plan.py new file mode 100644 index 000000000..7c92c4c0a --- /dev/null +++ b/tests/networking/filtering_proxy/test_plan.py @@ -0,0 +1,31 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import pytest + + +FIXTURES_DIR = os.path.join(os.path.dirname(__file__), "fixture") + + +def test_resources(e2e_plan_runner): + "Test that plan works and the numbers of resources is as expected." + modules, resources = e2e_plan_runner(FIXTURES_DIR) + assert len(modules) == 10 + assert len(resources) == 26 + + modules, resources = e2e_plan_runner(FIXTURES_DIR, mig="true") + assert len(modules) == 12 + assert len(resources) == 32