Add support for locality policies to net-lb-app-ext module (#2898)

* Fix the missing locality_lb_policy value and add validation for it

* Added variables, dynamic blocks and validation to support locality_lb_policy/ies

* Formatting

* tfdoc generation

* Fix net-lb-app-ext readme

* Fixes for Ludo, coalesce and brevity

* fmt

* Revert null check due to failing tests

---------

Co-authored-by: Jack Lever <jack@thelevers.com.au>
Co-authored-by: Ludo <ludomagno@google.com>

modules/net-lb-app-ext/backend-service.tf

@@ -60,6 +60,7 @@ resource "google_compute_backend_service" "default" {
   health_checks = length(each.value.health_checks) == 0 ? null : [
     for k in each.value.health_checks : lookup(local.hc_ids, k, k)
   ]
+  locality_lb_policy    = (each.value.locality_lb_policies == null ? each.value.locality_lb_policy : null)
   load_balancing_scheme = var.use_classic_version ? "EXTERNAL" : "EXTERNAL_MANAGED"
   port_name = (
     each.value.port_name == null
@@ -214,6 +215,25 @@ resource "google_compute_backend_service" "default" {
     }
   }
 
+  dynamic "locality_lb_policies" {
+    for_each = (each.value.locality_lb_policies == null ? [] : each.value.locality_lb_policies)
+    content {
+      dynamic "policy" {
+        for_each = (locality_lb_policies.value.policy != null ? locality_lb_policies.value.policy : {})
+        content {
+          name = policy.value
+        }
+      }
+      dynamic "custom_policy" {
+        for_each = (locality_lb_policies.value.custom_policy != null ? locality_lb_policies.value.custom_policy : {})
+        content {
+          name = custom_policy.value
+          data = custom_policy.value.data
+        }
+      }
+    }
+  }
+
   dynamic "outlier_detection" {
     for_each = (
       each.value.outlier_detection == null ? [] : [each.value.outlier_detection]

modules/net-lb-app-ext/variables-backend-service.tf

@@ -27,6 +27,7 @@ variable "backend_service_configs" {
     enable_cdn                      = optional(bool)
     health_checks                   = optional(list(string), ["default"])
     log_sample_rate                 = optional(number)
+    locality_lb_policy              = optional(string)
     port_name                       = optional(string)
     project_id                      = optional(string)
     protocol                        = optional(string)
@@ -101,6 +102,15 @@ variable "backend_service_configs" {
       oauth2_client_secret        = string
       oauth2_client_secret_sha256 = optional(string)
     }))
+    locality_lb_policies = optional(list(object({
+      policy = optional(object({
+        name = string
+      }))
+      custom_policy = optional(object({
+        name = string
+        data = optional(string)
+      }))
+    })))
     outlier_detection = optional(object({
       consecutive_errors                    = optional(number)
       consecutive_gateway_failure           = optional(number)
@@ -153,4 +163,28 @@ variable "backend_service_configs" {
     ]))
     error_message = "When specified, balancing mode needs to be 'RATE' or 'UTILIZATION'."
   }
+  validation {
+    condition = alltrue([
+      for backend_service in values(var.backend_service_configs) :
+      (backend_service.locality_lb_policy == null ? true :
+        contains(
+          [
+            "ROUND_ROBIN", "LEAST_REQUEST", "RING_HASH", "RANDOM",
+            "ORIGINAL_DESTINATION", "MAGLEV"
+          ],
+          backend_service.locality_lb_policy
+      ))
+    ])
+    error_message = "When specified, locality lb policy must be one of : 'ROUND_ROBIN', 'LEAST_REQUEST', 'RING_HASH', 'RANDOM', 'ORIGINAL_DESTINATION', 'MAGLEV', 'WEIGHTED_MAGLEV'."
+  }
+  validation {
+    condition = alltrue(flatten([
+      for backend_service in values(var.backend_service_configs) : [
+        for llp in coalesce(backend_service.locality_lb_policies, []) : (
+          ((llp.policy != null && llp.custom_policy == null) || (llp.policy == null && llp.custom_policy != null))
+        )
+      ]
+    ]))
+    error_message = "When specified, all locality lb polcies must have EITHER policy or custom_policy filled, not both."
+  }
 }

tests/modules/net_lb_app_ext/test-plan-llp.tfvars

@@ -0,0 +1,15 @@
+name       = "glb-test-0"
+project_id = "my-project"
+
+backend_service_configs = {
+  default = {
+    backends = [
+      { backend = "ig-b" },
+    ]
+    locality_lb_policies = [{
+      policy = {
+        name = "MAGLEV"
+      }
+    }]
+  }
+}

tests/modules/net_lb_app_ext/test-plan-llp.yaml

@@ -0,0 +1,34 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#counts:
+#  google_compute_backend_bucket: 1
+#  google_compute_backend_service: 5
+#  google_compute_global_forwarding_rule: 1
+#  google_compute_global_network_endpoint: 1
+#  google_compute_global_network_endpoint_group: 1
+#  google_compute_health_check: 1
+#  google_compute_instance_group: 1
+#  google_compute_network_endpoint: 2
+#  google_compute_network_endpoint_group: 2
+#  google_compute_region_network_endpoint_group: 1
+#  google_compute_target_http_proxy: 1
+#  google_compute_url_map: 1
+#outputs:
+#  address: __missing__
+#  backend_service_ids: __missing__
+#  forwarding_rules: __missing__
+#  group_ids: __missing__
+#  health_check_ids: __missing__
+#  neg_ids: __missing__

tests/modules/net_lb_app_ext/tftest.yaml

@@ -15,3 +15,4 @@
 module: modules/net-lb-app-ext
 tests:
   test-plan:
+  test-plan-llp: