* Feat: Add AssuredWorkload support to the folder module
* Formatting
* Use square brackets to access list items
* Docs gen after adding an example to the readme
* Reorder variables
* Formatting
* Reordering outputs, formatting
* Remove try where not needed. Add IAM into the AW example and tests
* Fix tests
* Enable Assured Workloads in E2E tests
* Add compliance_regime and partner enum fields validation
* Rewording validation message for compliance_regime, partner fields
* Sort the list of allowed values alphabetically
* Make the organization dependant on testing environment
* fix tests
* Disable E2E for Assured Workflow example.
This example requires Access Transparency enabled on org level, even
chosing different regime, we need to have `parent` and `organization`
within the same hierarchy, which is not currently the case and requires
more rework of the test framework.
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Add support for Cloud Run v2 jobs
* create a separate file for service creation (service.tf) and job
(job.tf) - for easy comparison
* add E2E tests where possibile
* remove default value for input variable `region`
* fix subnet range VPC Access Connector example
* add creation of service account for audit logs call (trigger requires
service account)
* use provided trigger service account email in
`local.trigger_sa_email`, so explicitly provided SA is passed to
trigger
* set default value for vpc_connector_create.throughput.max, to match
what is set by GCP API, as provider uses wrong default of 300 which
results in perma-diff
* create inventory fiels for all examples
Global changes
* (tests) add input variable `project_number`, to allow assigning IAM permissions to Service Accounts in fixtures
* (tests) fix not outputting the path, when object is not found in inventory
* (tests) fix `create_e2e_sandbox.sh` - now it properly finds root of the repo
Secret Manager
* added `version_versions` output, to allow specifying versions in other modules. `versions` is sensitive and it makes it unsuitable for `for_each` values
New test fixtures
* `pubsub.tf` - creating one topic
* `secret-credential.tf` - creating Secret Manager `credential` secret
* `shared-vpc.tf` - creating two projects (host and service), and vpc in host project
* `vpc-connector.tf` - creating VPC Access Connector instance
* Allow terraform fixtures for examples
* Allow defining multiple fixtures, and named fixtures under tests/fixtures/
* Enable e2e for wiktorn
* Fix prepare_files call for e2e
* Move fixture to separate file, fix test
* Revert shallow-copying symlinks, performane penalty - 20%
* Update tfdoc.py to list used fixtures
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Use of TF_VAR variables modified results of `tests/examples` and
required setting different environment to run `tests/examples` and
`tests/examples_e2e` tests. No both can be run using the same
environment.
* added tag serial to mark tests to be run serially
* always run tests using loadgroup distribution to make use of serial tag
* added end-to-end tests for organization, not adding to custom constraints as the name has to be unique
* fixed granting custom roles created in the same module call
* Add end-to-end tests for project module
* Add inventory to data tests
* Add files to end-to-end test cases
* Review fixes - use named groups
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Add end-to-end tests (apply, plan, destroy) for examples.
When run, `tests/examples_e2e`:
1. Create an environment for tests to run (folder, project vpc network)
2. For each marked example (with `e2e` tftest directive), run apply, plan, destroy
3. Verify:
* no failure in apply
* empty plan after apply
* no failure during destroy
4. When all tests are done, destroy test environment
More details in `tests/examples_e2e/README.md`
