kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add GKE Hub module to fabric (#540)

Browse Source 
* GKE Hub initial PR commit

* variable management adjust

* comments, fixes and alphabetically ordered variables

* Update README.md

* Update README.md

* Update README.md

* fix test

* resources vs modules

still needs some love

* remove modules usage

* comments, readme update and output

* adjusting outputs and README

* fix README.md

* fix README

* adjusted based on comments

still need some love in the google_gke_hub_feature_membership variables management

* types and variable management

* optionally enable required api

* Update README.md

* reorder locals and use standard formatting

* Don't enable services from modules

* Use self links for member clusters

* Update readme

* members_clusters back to map

@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.

* Forcing null feature to false due to a bug in provider

If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow

* Readme update

* Readme.md update

* Update README.md

* bring back tolist, WIP

* Update main.tf

* Readme.md update

* Update README.md

* Update main.tf

* Update main.tf

* Add id and self_links output to gke-cluster

* Use try and make all member feature blocks dynamic/optional

* Change member clusters to map

* Add gke-hub tests

* Address PR comments

* Update gke-hub readme

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
This commit is contained in:
Daniel Marzini
2022-02-28 12:40:48 +01:00
committed by GitHub
parent fb90500adc
commit e372b50d19
11 changed files with 572 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
tests/modules/gke_hub/__init__.py Normal file
View File

@@ -0,0 +1,13 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

52
tests/modules/gke_hub/fixture/main.tf Normal file
View File

@@ -0,0 +1,52 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
module "hub" {
source = "../../../../modules/gke-hub"
project_id = var.project_id
member_clusters = var.member_clusters
features = {
configmanagement = true
mc_ingress = true
mc_servicediscovery = true
}
member_features = {
configmanagement = {
binauthz = true
config_sync = {
gcp_service_account_email = null
https_proxy = null
policy_dir = "configsync"
secret_type = "none"
source_format = "hierarchy"
sync_branch = "main"
sync_repo = "https://github.com/danielmarzini/configsync-platform-example"
sync_rev = null
}
hierarchy_controller = {
enable_hierarchical_resource_quota = true
enable_pod_tree_labels = true
}
policy_controller = {
exemptable_namespaces = []
log_denies_enabled = true
referential_rules_enabled = true
template_library_installed = true
}
version = "1.10.2"
}
}
}

26
tests/modules/gke_hub/fixture/variables.tf Normal file
View File

@@ -0,0 +1,26 @@
/**
* Copyright 2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "project_id" {
default = "my-project"
}
variable "member_clusters" {
default = {
mycluster1 = "projects/myproject/locations/europe-west1-b/clusters/mycluster1"
mycluster2 = "projects/myproject/locations/europe-west1-b/clusters/mycluster2"
}
}

81
tests/modules/gke_hub/test_plan.py Normal file
View File

@@ -0,0 +1,81 @@
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import pytest
@pytest.fixture
def resources(plan_runner):
_, resources = plan_runner()
return resources
def test_resource_count(resources):
"Test number of resources created."
assert len(resources) == 8
assert sorted(r['address'] for r in resources) == [
'module.hub.google_gke_hub_feature.configmanagement["1"]',
'module.hub.google_gke_hub_feature.mci["mycluster1"]',
'module.hub.google_gke_hub_feature.mci["mycluster2"]',
'module.hub.google_gke_hub_feature.mcs["1"]',
'module.hub.google_gke_hub_feature_membership.feature_member["mycluster1"]',
'module.hub.google_gke_hub_feature_membership.feature_member["mycluster2"]',
'module.hub.google_gke_hub_membership.membership["mycluster1"]',
'module.hub.google_gke_hub_membership.membership["mycluster2"]'
]
def test_configmanagement_setup(resources):
"Test configuration of configmanagement."
resources = {r['address']: r['values'] for r in resources}
expected_repo = 'https://github.com/danielmarzini/configsync-platform-example'
expected_configmanagement = [{
'binauthz': [{
'enabled': True
}],
'config_sync': [{
'git': [{
'gcp_service_account_email': None,
'https_proxy': None,
'policy_dir': 'configsync',
'secret_type': 'none',
'sync_branch': 'main',
'sync_repo': expected_repo,
'sync_rev': None,
'sync_wait_secs': None
}],
'source_format': 'hierarchy'
}],
'hierarchy_controller': [],
'policy_controller': [{
'audit_interval_seconds': None,
'enabled': True,
'exemptable_namespaces': [],
'log_denies_enabled': True,
'referential_rules_enabled': True,
'template_library_installed': True
}],
'version': '1.10.2'
}]
for cluster in ['mycluster1', 'mycluster2']:
membership_key = f'module.hub.google_gke_hub_membership.membership["{cluster}"]'
membership = resources[membership_key]
link = membership['endpoint'][0]['gke_cluster'][0]['resource_link']
assert link == f'projects/myproject/locations/europe-west1-b/clusters/{cluster}'
fm_key = f'module.hub.google_gke_hub_feature_membership.feature_member["{cluster}"]'
fm = resources[fm_key]
assert fm['configmanagement'] == expected_configmanagement