Skip to content

Commit 15d95a6

Browse files
fix dual-svpc integration test
1 parent 32afc3e commit 15d95a6

File tree

3 files changed

+150
-163
lines changed

3 files changed

+150
-163
lines changed

3-networks-dual-svpc/envs/shared/outputs.tf

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -14,14 +14,3 @@
1414
* limitations under the License.
1515
*/
1616

17-
18-
output "restricted_host_project_id" {
19-
value = local.restricted_net_hub_project_id
20-
description = "The restricted host project ID"
21-
}
22-
23-
output "base_host_project_id" {
24-
value = local.base_net_hub_project_id
25-
description = "The base host project ID"
26-
}
27-

3-networks-dual-svpc/envs/shared/remote.tf

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -15,21 +15,19 @@
1515
*/
1616

1717
locals {
18-
env = "common"
19-
environment_code = "c"
20-
dns_bgp_asn_number = var.bgp_asn_dns
21-
default_region1 = data.terraform_remote_state.bootstrap.outputs.common_config.default_region
22-
default_region2 = data.terraform_remote_state.bootstrap.outputs.common_config.default_region_2
23-
folder_prefix = data.terraform_remote_state.bootstrap.outputs.common_config.folder_prefix
24-
parent_id = data.terraform_remote_state.bootstrap.outputs.common_config.parent_id
25-
bootstrap_folder_name = data.terraform_remote_state.bootstrap.outputs.common_config.bootstrap_folder_name
26-
common_folder_name = data.terraform_remote_state.org.outputs.common_folder_name
27-
network_folder_name = data.terraform_remote_state.org.outputs.network_folder_name
28-
development_folder_name = data.terraform_remote_state.env_development.outputs.env_folder
29-
nonproduction_folder_name = data.terraform_remote_state.env_nonproduction.outputs.env_folder
30-
production_folder_name = data.terraform_remote_state.env_production.outputs.env_folder
31-
base_net_hub_project_id = data.terraform_remote_state.org.outputs.base_net_hub_project_id //
32-
restricted_net_hub_project_id = data.terraform_remote_state.org.outputs.restricted_net_hub_project_id //
18+
env = "common"
19+
environment_code = "c"
20+
dns_bgp_asn_number = var.bgp_asn_dns
21+
default_region1 = data.terraform_remote_state.bootstrap.outputs.common_config.default_region
22+
default_region2 = data.terraform_remote_state.bootstrap.outputs.common_config.default_region_2
23+
folder_prefix = data.terraform_remote_state.bootstrap.outputs.common_config.folder_prefix
24+
parent_id = data.terraform_remote_state.bootstrap.outputs.common_config.parent_id
25+
bootstrap_folder_name = data.terraform_remote_state.bootstrap.outputs.common_config.bootstrap_folder_name
26+
common_folder_name = data.terraform_remote_state.org.outputs.common_folder_name
27+
network_folder_name = data.terraform_remote_state.org.outputs.network_folder_name
28+
development_folder_name = data.terraform_remote_state.env_development.outputs.env_folder
29+
nonproduction_folder_name = data.terraform_remote_state.env_nonproduction.outputs.env_folder
30+
production_folder_name = data.terraform_remote_state.env_production.outputs.env_folder
3331
}
3432

3533
data "terraform_remote_state" "bootstrap" {

test/integration/shared/shared_test.go

Lines changed: 137 additions & 137 deletions
Original file line numberDiff line numberDiff line change
@@ -78,144 +78,144 @@ func TestShared(t *testing.T) {
7878
// do a time.Sleep to wait for propagation of VPC Service Controls configuration in the Hub and Spoke network mode
7979
if isHubAndSpokeMode(t) {
8080
time.Sleep(60 * time.Second)
81-
}
82-
83-
// perform default verification ensuring Terraform reports no additional changes on an applied blueprint
84-
// Comment DefaultVerify because proxy-only subnets tries to change `ipv6_access_type` from `INTERNAL` to `null` on every run (plan and apply)
85-
// Module issue: https://github.com/terraform-google-modules/terraform-google-network/issues/528
86-
// Resource issue: https://github.com/hashicorp/terraform-provider-google/issues/16801
87-
// Resource issue: https://github.com/hashicorp/terraform-provider-google/issues/16804
88-
// shared.DefaultVerify(assert)
89-
90-
dnsFwZoneName := "fz-dns-hub"
91-
bgpAdvertisedIpRange := "35.199.192.0/19"
92-
93-
baseProjectID := shared.GetStringOutput("base_host_project_id")
94-
baseNetworkName := shared.GetStringOutput("base_network_name")
95-
baseDNSPolicyName := shared.GetStringOutput("base_dns_policy")
96-
baseDNSHubNetworkUrl := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", baseProjectID, baseNetworkName)
97-
98-
baseDNSPolicy := gcloud.Runf(t, "dns policies describe %s --project %s", baseDNSPolicyName, baseProjectID) ///////
99-
assert.True(baseDNSPolicy.Get("enableInboundForwarding").Bool(), fmt.Sprintf("dns policy %s should have inbound forwarding enabled", baseDNSPolicyName))
100-
assert.Equal(baseDNSHubNetworkUrl, baseDNSPolicy.Get("networks.0.networkUrl").String(), fmt.Sprintf("dns policy %s should be on network %s", baseDNSPolicyName, baseNetworkName))
101-
102-
baseDNSZone := gcloud.Runf(t, "dns managed-zones describe %s --project %s", dnsFwZoneName, baseProjectID)
103-
assert.Equal(dnsFwZoneName, baseDNSZone.Get("name").String(), fmt.Sprintf("baseDNSZone %s should exist", dnsFwZoneName)) //
104-
105-
baseProjectNetwork := gcloud.Runf(t, "compute networks describe %s --project %s", baseNetworkName, baseProjectID)
106-
assert.Equal(baseNetworkName, baseProjectNetwork.Get("name").String(), fmt.Sprintf("network %s should exist", baseNetworkName))
107-
108-
for _, subnet := range []struct {
109-
name string
110-
cidrRange string
111-
region string
112-
}{
113-
{
114-
name: "sb-c-shared-base-hub-us-west1",
115-
cidrRange: "10.1.0.0/18",
116-
region: "us-west1",
117-
},
118-
{
119-
name: "sb-c-shared-base-hub-us-central1",
120-
cidrRange: "10.0.0.0/18",
121-
region: "us-central1",
122-
},
123-
} {
124-
baseSubnet := gcloud.Runf(t, "compute networks subnets describe %s --region %s --project %s", subnet.name, subnet.region, baseProjectID)
125-
assert.Equal(subnet.name, baseSubnet.Get("name").String(), fmt.Sprintf("subnet %s should exist", subnet.name))
126-
assert.Equal(subnet.cidrRange, baseSubnet.Get("ipCidrRange").String(), fmt.Sprintf("IP CIDR range %s should be", subnet.cidrRange))
127-
}
128-
129-
for _, router := range []struct {
130-
name string
131-
region string
132-
}{
133-
{
134-
name: "cr-c-shared-base-hub-us-central1-cr1",
135-
region: "us-central1",
136-
},
137-
{
138-
name: "cr-c-shared-base-hub-us-central1-cr2",
139-
region: "us-central1",
140-
},
141-
{
142-
name: "cr-c-shared-base-hub-us-west1-cr3",
143-
region: "us-west1",
144-
},
145-
{
146-
name: "cr-c-shared-base-hub-us-west1-cr4",
147-
region: "us-west1",
148-
},
149-
} {
150-
baseComputeRouter := gcloud.Runf(t, "compute routers describe %s --region %s --project %s", router.name, router.region, baseProjectID)
151-
assert.Equal(router.name, baseComputeRouter.Get("name").String(), fmt.Sprintf("router %s should exist", router.name))
152-
assert.Equal("64514", baseComputeRouter.Get("bgp.asn").String(), fmt.Sprintf("router %s should have bgp asm 64514", router.name))
153-
assert.Equal(bgpAdvertisedIpRange, baseComputeRouter.Get("bgp.advertisedIpRanges.0.range").String(), fmt.Sprintf("router %s should have range %s", router.name, bgpAdvertisedIpRange))
154-
assert.Equal(baseDNSHubNetworkUrl, baseComputeRouter.Get("network").String(), fmt.Sprintf("router %s should be on network vpc-c-shared-base-hub", router.name))
155-
}
156-
157-
restrictedProjectID := shared.GetStringOutput("restricted_host_project_id")
158-
restrictedNetworkName := shared.GetStringOutput("restricted_network_name")
159-
restrictedDNSPolicyName := shared.GetStringOutput("restricted_dns_policy")
160-
restrictedDNSHubNetworkUrl := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", restrictedProjectID, restrictedNetworkName)
161-
162-
restrictedDNSPolicy := gcloud.Runf(t, "dns policies describe %s --project %s", restrictedDNSPolicyName, restrictedProjectID)
163-
assert.True(restrictedDNSPolicy.Get("enableInboundForwarding").Bool(), fmt.Sprintf("dns policy %s should have inbound forwarding enabled", restrictedDNSPolicyName))
164-
assert.Equal(restrictedDNSHubNetworkUrl, restrictedDNSPolicy.Get("networks.0.networkUrl").String(), fmt.Sprintf("dns policy %s should be on network %s", restrictedDNSPolicyName, restrictedNetworkName))
165-
166-
restrictedDNSZone := gcloud.Runf(t, "dns managed-zones describe %s --project %s", dnsFwZoneName, restrictedProjectID)
167-
assert.Equal(dnsFwZoneName, restrictedDNSZone.Get("name").String(), fmt.Sprintf("restrictedDNSZone %s should exist", dnsFwZoneName))
168-
169-
restrictedProjectNetwork := gcloud.Runf(t, "compute networks describe %s --project %s", restrictedNetworkName, restrictedProjectID)
170-
assert.Equal(restrictedNetworkName, restrictedProjectNetwork.Get("name").String(), fmt.Sprintf("network %s should exist", restrictedNetworkName))
171-
172-
for _, subnet := range []struct {
173-
name string
174-
cidrRange string
175-
region string
176-
}{
177-
{
178-
name: "sb-c-shared-restricted-hub-us-west1",
179-
cidrRange: "10.9.0.0/18",
180-
region: "us-west1",
181-
},
182-
{
183-
name: "sb-c-shared-restricted-hub-us-central1",
184-
cidrRange: "10.8.0.0/18",
185-
region: "us-central1",
186-
},
187-
} {
188-
restrictedSubnet := gcloud.Runf(t, "compute networks subnets describe %s --region %s --project %s", subnet.name, subnet.region, restrictedProjectID)
189-
assert.Equal(subnet.name, restrictedSubnet.Get("name").String(), fmt.Sprintf("subnet %s should exist", subnet.name))
190-
assert.Equal(subnet.cidrRange, restrictedSubnet.Get("ipCidrRange").String(), fmt.Sprintf("IP CIDR range %s should be", subnet.cidrRange))
191-
}
19281

193-
for _, router := range []struct {
194-
name string
195-
region string
196-
}{
197-
{
198-
name: "cr-c-shared-restricted-hub-us-central1-cr5",
199-
region: "us-central1",
200-
},
201-
{
202-
name: "cr-c-shared-restricted-hub-us-central1-cr6",
203-
region: "us-central1",
204-
},
205-
{
206-
name: "cr-c-shared-restricted-hub-us-west1-cr7",
207-
region: "us-west1",
208-
},
209-
{
210-
name: "cr-c-shared-restricted-hub-us-west1-cr8",
211-
region: "us-west1",
212-
},
213-
} {
214-
restrictedComputeRouter := gcloud.Runf(t, "compute routers describe %s --region %s --project %s", router.name, router.region, restrictedProjectID)
215-
assert.Equal(router.name, restrictedComputeRouter.Get("name").String(), fmt.Sprintf("router %s should exist", router.name))
216-
assert.Equal("64514", restrictedComputeRouter.Get("bgp.asn").String(), fmt.Sprintf("router %s should have bgp asm 64514", router.name))
217-
assert.Equal(bgpAdvertisedIpRange, restrictedComputeRouter.Get("bgp.advertisedIpRanges.0.range").String(), fmt.Sprintf("router %s should have range %s", router.name, bgpAdvertisedIpRange))
218-
assert.Equal(restrictedDNSHubNetworkUrl, restrictedComputeRouter.Get("network").String(), fmt.Sprintf("router %s should be on network vpc-c-shared-restricted-hub", router.name))
82+
// perform default verification ensuring Terraform reports no additional changes on an applied blueprint
83+
// Comment DefaultVerify because proxy-only subnets tries to change `ipv6_access_type` from `INTERNAL` to `null` on every run (plan and apply)
84+
// Module issue: https://github.com/terraform-google-modules/terraform-google-network/issues/528
85+
// Resource issue: https://github.com/hashicorp/terraform-provider-google/issues/16801
86+
// Resource issue: https://github.com/hashicorp/terraform-provider-google/issues/16804
87+
// shared.DefaultVerify(assert)
88+
89+
dnsFwZoneName := "fz-dns-hub"
90+
bgpAdvertisedIpRange := "35.199.192.0/19"
91+
92+
baseProjectID := shared.GetStringOutput("base_host_project_id")
93+
baseNetworkName := shared.GetStringOutput("base_network_name")
94+
baseDNSPolicyName := shared.GetStringOutput("base_dns_policy")
95+
baseDNSHubNetworkUrl := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", baseProjectID, baseNetworkName)
96+
97+
baseDNSPolicy := gcloud.Runf(t, "dns policies describe %s --project %s", baseDNSPolicyName, baseProjectID) ///////
98+
assert.True(baseDNSPolicy.Get("enableInboundForwarding").Bool(), fmt.Sprintf("dns policy %s should have inbound forwarding enabled", baseDNSPolicyName))
99+
assert.Equal(baseDNSHubNetworkUrl, baseDNSPolicy.Get("networks.0.networkUrl").String(), fmt.Sprintf("dns policy %s should be on network %s", baseDNSPolicyName, baseNetworkName))
100+
101+
baseDNSZone := gcloud.Runf(t, "dns managed-zones describe %s --project %s", dnsFwZoneName, baseProjectID)
102+
assert.Equal(dnsFwZoneName, baseDNSZone.Get("name").String(), fmt.Sprintf("baseDNSZone %s should exist", dnsFwZoneName)) //
103+
104+
baseProjectNetwork := gcloud.Runf(t, "compute networks describe %s --project %s", baseNetworkName, baseProjectID)
105+
assert.Equal(baseNetworkName, baseProjectNetwork.Get("name").String(), fmt.Sprintf("network %s should exist", baseNetworkName))
106+
107+
for _, subnet := range []struct {
108+
name string
109+
cidrRange string
110+
region string
111+
}{
112+
{
113+
name: "sb-c-shared-base-hub-us-west1",
114+
cidrRange: "10.1.0.0/18",
115+
region: "us-west1",
116+
},
117+
{
118+
name: "sb-c-shared-base-hub-us-central1",
119+
cidrRange: "10.0.0.0/18",
120+
region: "us-central1",
121+
},
122+
} {
123+
baseSubnet := gcloud.Runf(t, "compute networks subnets describe %s --region %s --project %s", subnet.name, subnet.region, baseProjectID)
124+
assert.Equal(subnet.name, baseSubnet.Get("name").String(), fmt.Sprintf("subnet %s should exist", subnet.name))
125+
assert.Equal(subnet.cidrRange, baseSubnet.Get("ipCidrRange").String(), fmt.Sprintf("IP CIDR range %s should be", subnet.cidrRange))
126+
}
127+
128+
for _, router := range []struct {
129+
name string
130+
region string
131+
}{
132+
{
133+
name: "cr-c-shared-base-hub-us-central1-cr1",
134+
region: "us-central1",
135+
},
136+
{
137+
name: "cr-c-shared-base-hub-us-central1-cr2",
138+
region: "us-central1",
139+
},
140+
{
141+
name: "cr-c-shared-base-hub-us-west1-cr3",
142+
region: "us-west1",
143+
},
144+
{
145+
name: "cr-c-shared-base-hub-us-west1-cr4",
146+
region: "us-west1",
147+
},
148+
} {
149+
baseComputeRouter := gcloud.Runf(t, "compute routers describe %s --region %s --project %s", router.name, router.region, baseProjectID)
150+
assert.Equal(router.name, baseComputeRouter.Get("name").String(), fmt.Sprintf("router %s should exist", router.name))
151+
assert.Equal("64514", baseComputeRouter.Get("bgp.asn").String(), fmt.Sprintf("router %s should have bgp asm 64514", router.name))
152+
assert.Equal(bgpAdvertisedIpRange, baseComputeRouter.Get("bgp.advertisedIpRanges.0.range").String(), fmt.Sprintf("router %s should have range %s", router.name, bgpAdvertisedIpRange))
153+
assert.Equal(baseDNSHubNetworkUrl, baseComputeRouter.Get("network").String(), fmt.Sprintf("router %s should be on network vpc-c-shared-base-hub", router.name))
154+
}
155+
156+
restrictedProjectID := shared.GetStringOutput("restricted_host_project_id")
157+
restrictedNetworkName := shared.GetStringOutput("restricted_network_name")
158+
restrictedDNSPolicyName := shared.GetStringOutput("restricted_dns_policy")
159+
restrictedDNSHubNetworkUrl := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", restrictedProjectID, restrictedNetworkName)
160+
161+
restrictedDNSPolicy := gcloud.Runf(t, "dns policies describe %s --project %s", restrictedDNSPolicyName, restrictedProjectID)
162+
assert.True(restrictedDNSPolicy.Get("enableInboundForwarding").Bool(), fmt.Sprintf("dns policy %s should have inbound forwarding enabled", restrictedDNSPolicyName))
163+
assert.Equal(restrictedDNSHubNetworkUrl, restrictedDNSPolicy.Get("networks.0.networkUrl").String(), fmt.Sprintf("dns policy %s should be on network %s", restrictedDNSPolicyName, restrictedNetworkName))
164+
165+
restrictedDNSZone := gcloud.Runf(t, "dns managed-zones describe %s --project %s", dnsFwZoneName, restrictedProjectID)
166+
assert.Equal(dnsFwZoneName, restrictedDNSZone.Get("name").String(), fmt.Sprintf("restrictedDNSZone %s should exist", dnsFwZoneName))
167+
168+
restrictedProjectNetwork := gcloud.Runf(t, "compute networks describe %s --project %s", restrictedNetworkName, restrictedProjectID)
169+
assert.Equal(restrictedNetworkName, restrictedProjectNetwork.Get("name").String(), fmt.Sprintf("network %s should exist", restrictedNetworkName))
170+
171+
for _, subnet := range []struct {
172+
name string
173+
cidrRange string
174+
region string
175+
}{
176+
{
177+
name: "sb-c-shared-restricted-hub-us-west1",
178+
cidrRange: "10.9.0.0/18",
179+
region: "us-west1",
180+
},
181+
{
182+
name: "sb-c-shared-restricted-hub-us-central1",
183+
cidrRange: "10.8.0.0/18",
184+
region: "us-central1",
185+
},
186+
} {
187+
restrictedSubnet := gcloud.Runf(t, "compute networks subnets describe %s --region %s --project %s", subnet.name, subnet.region, restrictedProjectID)
188+
assert.Equal(subnet.name, restrictedSubnet.Get("name").String(), fmt.Sprintf("subnet %s should exist", subnet.name))
189+
assert.Equal(subnet.cidrRange, restrictedSubnet.Get("ipCidrRange").String(), fmt.Sprintf("IP CIDR range %s should be", subnet.cidrRange))
190+
}
191+
192+
for _, router := range []struct {
193+
name string
194+
region string
195+
}{
196+
{
197+
name: "cr-c-shared-restricted-hub-us-central1-cr5",
198+
region: "us-central1",
199+
},
200+
{
201+
name: "cr-c-shared-restricted-hub-us-central1-cr6",
202+
region: "us-central1",
203+
},
204+
{
205+
name: "cr-c-shared-restricted-hub-us-west1-cr7",
206+
region: "us-west1",
207+
},
208+
{
209+
name: "cr-c-shared-restricted-hub-us-west1-cr8",
210+
region: "us-west1",
211+
},
212+
} {
213+
restrictedComputeRouter := gcloud.Runf(t, "compute routers describe %s --region %s --project %s", router.name, router.region, restrictedProjectID)
214+
assert.Equal(router.name, restrictedComputeRouter.Get("name").String(), fmt.Sprintf("router %s should exist", router.name))
215+
assert.Equal("64514", restrictedComputeRouter.Get("bgp.asn").String(), fmt.Sprintf("router %s should have bgp asm 64514", router.name))
216+
assert.Equal(bgpAdvertisedIpRange, restrictedComputeRouter.Get("bgp.advertisedIpRanges.0.range").String(), fmt.Sprintf("router %s should have range %s", router.name, bgpAdvertisedIpRange))
217+
assert.Equal(restrictedDNSHubNetworkUrl, restrictedComputeRouter.Get("network").String(), fmt.Sprintf("router %s should be on network vpc-c-shared-restricted-hub", router.name))
218+
}
219219
}
220220
})
221221
shared.Test()

0 commit comments

Comments
 (0)