Add example with transparent proxy and E2E test

2025-03-18 20:11:25 +00:00
parent ffb1452dbd
commit eba82f67c5
6 changed files with 170 additions and 2 deletions
--- a/tests/examples_e2e/setup_module/main.tf
+++ b/tests/examples_e2e/setup_module/main.tf
@@ -27,6 +27,7 @@ locals {
    "artifactregistry.googleapis.com",
    "assuredworkloads.googleapis.com",
    "bigquery.googleapis.com",
+    "certificatemanager.googleapis.com",
    "cloudbuild.googleapis.com",
    "cloudfunctions.googleapis.com",
    "cloudkms.googleapis.com",
@@ -44,6 +45,9 @@ locals {
    "looker.googleapis.com",
    "monitoring.googleapis.com",
    "networkconnectivity.googleapis.com",
+    "networksecurity.googleapis.com",
+    "networkservices.googleapis.com",
+    "privateca.googleapis.com",
    "pubsub.googleapis.com",
    "run.googleapis.com",
    "secretmanager.googleapis.com",
--- a/tests/modules/net_swp/examples/tls.yaml
+++ b/tests/modules/net_swp/examples/tls.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023 Google LLC
+# Copyright 2025 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -121,9 +121,11 @@ values:
    description: Managed by Terraform.
    exclude_public_ca_set: false
    location: europe-west4
+    min_tls_version: TLS_VERSION_UNSPECIFIED
    name: secure-web-proxy
    project: my-project
    timeouts: null
+    tls_feature_profile: PROFILE_UNSPECIFIED
    trust_config: null
  module.secure-web-proxy.google_network_services_gateway.default:
    addresses:
--- a/tests/modules/net_swp/examples/transparent-proxy.yaml
+++ b/tests/modules/net_swp/examples/transparent-proxy.yaml
@@ -0,0 +1,93 @@
+
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+values:
+  module.secure-web-proxy.google_network_security_gateway_security_policy.default:
+    description: Managed by Terraform.
+    location: europe-west8
+    name: secure-web-proxy
+    project: project-id
+    tls_inspection_policy: null
+  module.secure-web-proxy.google_network_security_gateway_security_policy_rule.default["proxy-rule"]:
+    application_matcher: null
+    basic_profile: ALLOW
+    description: Managed by Terraform.
+    enabled: true
+    gateway_security_policy: secure-web-proxy
+    location: europe-west8
+    name: proxy-rule
+    priority: 100
+    project: project-id
+    session_matcher: 'true'
+    tls_inspection_enabled: false
+  module.secure-web-proxy.google_network_services_gateway.default:
+    addresses:
+    - 10.0.2.2
+    certificate_urls: []
+    delete_swg_autogen_router_on_destroy: true
+    description: Managed by Terraform.
+    effective_labels:
+      goog-terraform-provisioned: 'true'
+    location: europe-west8
+    name: secure-web-proxy
+    ports:
+    - 80
+    - 443
+    project: project-id
+    routing_mode: NEXT_HOP_ROUTING_MODE
+    scope: null
+    server_tls_policy: null
+    type: SECURE_WEB_GATEWAY
+  module.vpc.google_compute_network.network[0]:
+    name: swp-network
+    project: project-id
+  module.vpc.google_compute_route.ilb["gateway"]:
+    description: Terraform-managed.
+    dest_range: 0.0.0.0/0
+    name: swp-network-gateway
+    network: swp-network
+    next_hop_gateway: null
+    next_hop_ilb: 10.0.2.2
+    next_hop_instance: null
+    next_hop_vpn_tunnel: null
+    priority: 100
+    project: project-id
+    tags:
+    - swp
+  module.vpc.google_compute_subnetwork.proxy_only["europe-west8/regional-proxy"]:
+    description: Terraform-managed proxy-only subnet for Regional HTTPS, Internal
+      HTTPS or Cross-Regional HTTPS Internal LB.
+    ip_cidr_range: 10.0.1.0/24
+    log_config: []
+    name: regional-proxy
+    network: swp-network
+    project: project-id
+    purpose: REGIONAL_MANAGED_PROXY
+    region: europe-west8
+    role: ACTIVE
+  module.vpc.google_compute_subnetwork.subnetwork["europe-west8/production"]:
+    description: Terraform-managed.
+    ip_cidr_range: 10.0.2.0/24
+    log_config: []
+    name: production
+    network: swp-network
+    private_ip_google_access: true
+    project: project-id
+    region: europe-west8
+    send_secondary_ip_range_if_empty: true
+
+counts:
+  google_network_security_gateway_security_policy: 1