From 66a10d76c398860d8ff6f57ec5eb1c7ad6950b96 Mon Sep 17 00:00:00 2001
From: lcaggio <lorenzo.caggioni@gmail.com>
Date: Mon, 30 Jan 2023 23:47:33 +0100
Subject: [PATCH] Add test

---
 .../data-solutions/shielded-folder/README.md  |  1 +
 .../data-solutions/shielded-folder/main.tf    | 14 ++++----
 .../shielded-folder/variables.tf              |  2 +-
 .../shielded-folder/__init__.py               | 13 ++++++++
 .../shielded-folder/fixture/main.tf           | 32 +++++++++++++++++++
 .../shielded-folder/test_plan.py              | 19 +++++++++++
 6 files changed, 73 insertions(+), 8 deletions(-)
 create mode 100644 tests/blueprints/data_solutions/shielded-folder/__init__.py
 create mode 100644 tests/blueprints/data_solutions/shielded-folder/fixture/main.tf
 create mode 100644 tests/blueprints/data_solutions/shielded-folder/test_plan.py

diff --git a/blueprints/data-solutions/shielded-folder/README.md b/blueprints/data-solutions/shielded-folder/README.md
index e20c54c70..9eeec907e 100644
--- a/blueprints/data-solutions/shielded-folder/README.md
+++ b/blueprints/data-solutions/shielded-folder/README.md
@@ -65,6 +65,7 @@ The shielded Folfer blueprint assumes [groups described](#groups) are created in
 There are three sets of variables you will need to fill in:
 ```
 organization = {
+  id     = "12345678"
   domain = "example.com"
 }
 prefix = "prefix"
diff --git a/blueprints/data-solutions/shielded-folder/main.tf b/blueprints/data-solutions/shielded-folder/main.tf
index 17bdc05cf..fd4e5284e 100644
--- a/blueprints/data-solutions/shielded-folder/main.tf
+++ b/blueprints/data-solutions/shielded-folder/main.tf
@@ -15,12 +15,12 @@
 # tfdoc:file:description Folder resources.
 
 locals {
-  _vpc_sc_vpc_accessible_services = yamldecode(
+  _vpc_sc_vpc_accessible_services = var.data_dir != null ? yamldecode(
     file("${var.data_dir}/vpc-sc/restricted-services.yaml")
-  )
-  _vpc_sc_restricted_services = yamldecode(
+  ) : null
+  _vpc_sc_restricted_services = var.data_dir != null ? yamldecode(
     file("${var.data_dir}/vpc-sc/restricted-services.yaml")
-  )
+  ) : null
 
   access_policy_create = var.access_policy == null ? {
     parent = "organizations/${var.organization.id}"
@@ -63,12 +63,12 @@ module "folder" {
   name                   = try(var.folder_create.display_name, null)
   id                     = var.folder_create != null ? null : var.folder_id
   group_iam              = local.group_iam
-  org_policies_data_path = "${var.data_dir}/org-policies"
-  firewall_policy_factory = {
+  org_policies_data_path = var.data_dir != null ? "${var.data_dir}/org-policies" : null
+  firewall_policy_factory = var.data_dir != null ? {
     cidr_file   = "${var.data_dir}/firewall-policies/cidrs.yaml"
     policy_name = "${var.prefix}-fw-policy"
     rules_file  = "${var.data_dir}/firewall-policies/hierarchical-policy-rules.yaml"
-  }
+  } : null
   logging_sinks = var.enable_features.log_sink ? {
     for name, attrs in var.log_sinks : name => {
       bq_partitioned_table = attrs.type == "bigquery"
diff --git a/blueprints/data-solutions/shielded-folder/variables.tf b/blueprints/data-solutions/shielded-folder/variables.tf
index 666094e27..a48a88498 100644
--- a/blueprints/data-solutions/shielded-folder/variables.tf
+++ b/blueprints/data-solutions/shielded-folder/variables.tf
@@ -43,7 +43,7 @@ variable "enable_features" {
     log_sink = bool
   })
   default = {
-    kms      = true
+    kms      = false
     log_sink = true
   }
 }
diff --git a/tests/blueprints/data_solutions/shielded-folder/__init__.py b/tests/blueprints/data_solutions/shielded-folder/__init__.py
new file mode 100644
index 000000000..6d6d1266c
--- /dev/null
+++ b/tests/blueprints/data_solutions/shielded-folder/__init__.py
@@ -0,0 +1,13 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
diff --git a/tests/blueprints/data_solutions/shielded-folder/fixture/main.tf b/tests/blueprints/data_solutions/shielded-folder/fixture/main.tf
new file mode 100644
index 000000000..f4080c67f
--- /dev/null
+++ b/tests/blueprints/data_solutions/shielded-folder/fixture/main.tf
@@ -0,0 +1,32 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "test" {
+  source   = "../../../../../blueprints/data-solutions/shielded-folder/"
+  data_dir = null
+  folder_create = {
+    display_name = "ShieldedMVP"
+    parent       = "organizations/1054601055974"
+  }
+  organization = {
+    domain = "example.com"
+    id     = "1122334455"
+  }
+  prefix = "prefix"
+  projects_create = {
+    billing_account_id = "123456-123456-123456"
+  }
+}
diff --git a/tests/blueprints/data_solutions/shielded-folder/test_plan.py b/tests/blueprints/data_solutions/shielded-folder/test_plan.py
new file mode 100644
index 000000000..1519e710e
--- /dev/null
+++ b/tests/blueprints/data_solutions/shielded-folder/test_plan.py
@@ -0,0 +1,19 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+def test_resources(e2e_plan_runner):
+  "Test that plan works and the numbers of resources is as expected."
+  modules, resources = e2e_plan_runner()
+  assert len(modules) == 5
+  assert len(resources) == 18