feat!: add deletion_policy in volumes (#9)

Co-authored-by: Awais Malik <[email protected]>

Makefile

@@ -1,4 +1,4 @@
-# Copyright 2019 Google LLC
+# Copyright 2020 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,10 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# Please note that this file was generated from [terraform-google-module-template](https://github.com/terraform-google-modules/terraform-google-module-template).
+# Please make sure to contribute relevant changes upstream!
+
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.18
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.19
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 
@@ -24,7 +27,7 @@ REGISTRY_URL := gcr.io/cloud-foundation-cicd
 docker_run:
 	docker run --rm -it \
 		-e SERVICE_ACCOUNT_JSON \
-		-v $(CURDIR):/workspace \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
 		/bin/bash
 
@@ -36,7 +39,7 @@ docker_test_prepare:
 		-e TF_VAR_org_id \
 		-e TF_VAR_folder_id \
 		-e TF_VAR_billing_account \
-		-v $(CURDIR):/workspace \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
 		/usr/local/bin/execute_with_credentials.sh prepare_environment
 
@@ -48,7 +51,7 @@ docker_test_cleanup:
 		-e TF_VAR_org_id \
 		-e TF_VAR_folder_id \
 		-e TF_VAR_billing_account \
-		-v $(CURDIR):/workspace \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
 		/usr/local/bin/execute_with_credentials.sh cleanup_environment
 
@@ -57,32 +60,24 @@ docker_test_cleanup:
 docker_test_integration:
 	docker run --rm -it \
 		-e SERVICE_ACCOUNT_JSON \
-		-v $(CURDIR):/workspace \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
-		cft test run all
+		/usr/local/bin/test_integration.sh
 
 # Execute lint tests within the docker container
 .PHONY: docker_test_lint
 docker_test_lint:
 	docker run --rm -it \
-		-v $(CURDIR):/workspace \
+		-e EXCLUDE_LINT_DIRS \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
 		/usr/local/bin/test_lint.sh
 
-# Execute lint tests in github actions
-.PHONY: docker_test_lint_gha
-docker_test_lint_gha:
-	docker run --rm \
-		-v $(CURDIR):/workspace \
-		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
-		/usr/local/bin/test_lint.sh --markdown --contrib-guide=../blob/master/CONTRIBUTING.md
-
-
 # Generate documentation
 .PHONY: docker_generate_docs
 docker_generate_docs:
 	docker run --rm -it \
-		-v $(CURDIR):/workspace \
+		-v "$(CURDIR)":/workspace \
 		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
 		/bin/bash -c 'source /usr/local/bin/task_helper_functions.sh && generate_docs'
 

README.md

@@ -149,7 +149,7 @@ module "volumes_only" {
 | location | Name of the location. Usually a region name, expect for some STANDARD service level pools which require a zone name | `string` | n/a | yes |
 | project\_id | The ID of the project in which the resource belongs | `string` | n/a | yes |
 | storage\_pool | Storage pool details | <pre>object({<br>    create_pool   = optional(bool, false)<br>    name          = string<br>    network_name  = optional(string)<br>    service_level = optional(string)<br>    size          = optional(number)<br>    description   = optional(string)<br>    labels        = optional(map(string), {})<br>    ldap_enabled  = optional(bool, false)<br>    ad_id         = optional(string)<br>  })</pre> | n/a | yes |
-| storage\_volumes | List of Storage Volumes | <pre>list(object({<br>    name               = string<br>    size               = number<br>    share_name         = string<br>    protocols          = list(string)<br>    labels             = optional(map(string), {})<br>    smb_settings       = optional(list(string))<br>    unix_permissions   = optional(string)<br>    description        = optional(string)<br>    snapshot_directory = optional(bool)<br>    security_style     = optional(string)<br>    kerberos_enabled   = optional(bool)<br>    restricted_actions = optional(list(string))<br><br>    export_policy_rules = optional(map(object({<br>      allowed_clients       = optional(string)<br>      has_root_access       = optional(string)<br>      access_type           = optional(string) #Possible values are: READ_ONLY, READ_WRITE, READ_NONE<br>      nfsv3                 = optional(bool)<br>      nfsv4                 = optional(bool)<br>      kerberos5_read_only   = optional(bool)<br>      kerberos5_read_write  = optional(bool)<br>      kerberos5i_read_only  = optional(bool)<br>      kerberos5i_read_write = optional(bool)<br>      kerberos5p_read_only  = optional(bool)<br>      kerberos5p_read_write = optional(bool)<br>    })))<br><br>    snapshot_policy = optional(object({<br>      enabled = optional(bool, false)<br>      hourly_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>      }), null)<br><br>      daily_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>        hour              = optional(number)<br>      }), null)<br><br>      weekly_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>        hour              = optional(number)<br>        day               = optional(string)<br>      }), null)<br>    }))<br><br>  }))</pre> | n/a | yes |
+| storage\_volumes | List of Storage Volumes | <pre>list(object({<br>    name               = string<br>    size               = number<br>    share_name         = string<br>    protocols          = list(string)<br>    labels             = optional(map(string), {})<br>    smb_settings       = optional(list(string))<br>    unix_permissions   = optional(string)<br>    description        = optional(string)<br>    snapshot_directory = optional(bool)<br>    security_style     = optional(string)<br>    kerberos_enabled   = optional(bool)<br>    restricted_actions = optional(list(string))<br>    deletion_policy    = optional(string)<br><br>    export_policy_rules = optional(map(object({<br>      allowed_clients       = optional(string)<br>      has_root_access       = optional(string)<br>      access_type           = optional(string) #Possible values are: READ_ONLY, READ_WRITE, READ_NONE<br>      nfsv3                 = optional(bool)<br>      nfsv4                 = optional(bool)<br>      kerberos5_read_only   = optional(bool)<br>      kerberos5_read_write  = optional(bool)<br>      kerberos5i_read_only  = optional(bool)<br>      kerberos5i_read_write = optional(bool)<br>      kerberos5p_read_only  = optional(bool)<br>      kerberos5p_read_write = optional(bool)<br>    })))<br><br>    snapshot_policy = optional(object({<br>      enabled = optional(bool, false)<br>      hourly_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>      }))<br><br>      daily_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>        hour              = optional(number)<br>      }))<br><br>      weekly_schedule = optional(object({<br>        snapshots_to_keep = optional(number)<br>        minute            = optional(number)<br>        hour              = optional(number)<br>        day               = optional(string)<br>      }))<br><br>    }))<br><br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
@@ -180,7 +180,7 @@ These sections describe requirements for using this module.
 The following dependencies must be available:
 
 - [Terraform][terraform] v1.3+
-- [Terraform Provider for GCP][terraform-provider-gcp] plugin v5.13+
+- [Terraform Provider for GCP][terraform-provider-gcp] plugin v5.15+
 
 ### Service Account
 

build/int.cloudbuild.yaml

@@ -19,12 +19,14 @@ steps:
   args: ['module-swapper']
 - id: prepare
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
-  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment']
+  args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment && sleep 120']
   env:
   - 'TF_VAR_org_id=$_ORG_ID'
   - 'TF_VAR_folder_id=$_FOLDER_ID'
   - 'TF_VAR_billing_account=$_BILLING_ACCOUNT'
 - id: simple-example-init
+  waitFor:
+    - prepare
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'cft test run TestSimpleNetApp --stage init --verbose']
 - id: simple-example-apply
@@ -41,4 +43,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.8'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.19'

examples/simple_example/main.tf

@@ -76,7 +76,8 @@ resource "google_service_networking_connection" "netapp_vpc_connection" {
 ## Create Storage Pool and 2 Volumes
 
 module "netapp_volumes" {
-  source = "GoogleCloudPlatform/netapp-volumes/google"
+  source  = "GoogleCloudPlatform/netapp-volumes/google"
+  version = "~> 0.1"
 
   project_id = var.project_id
   location   = var.region
@@ -103,6 +104,10 @@ module "netapp_volumes" {
       protocols  = ["NFSV3"]
       snapshot_policy = {
         enabled = true
+        hourly_schedule = {
+          snapshots_to_keep = 12
+          minute            = 30
+        }
         daily_schedule = {
           snapshots_to_keep = 1
           minute            = 45
@@ -118,20 +123,14 @@ module "netapp_volumes" {
           has_root_access = true
         }
       }
+
     },
 
     {
       name       = "test-volume-2"
       share_name = "test-volume-2"
       size       = "200"
       protocols  = ["NFSV3"]
-      snapshot_policy = {
-        enabled = true
-        daily_schedule = {
-          snapshots_to_keep = 1
-          hour              = 22
-        }
-      }
     },
 
   ]
@@ -145,7 +144,8 @@ module "netapp_volumes" {
 ## Create storage volume in the storage pool created by first module call.
 
 module "volumes_only" {
-  source = "GoogleCloudPlatform/netapp-volumes/google"
+  source  = "GoogleCloudPlatform/netapp-volumes/google"
+  version = "~> 0.1"
 
   project_id = module.netapp_volumes.storage_pool.project
   location   = module.netapp_volumes.storage_pool.location
@@ -159,10 +159,12 @@ module "volumes_only" {
   storage_volumes = [
 
     {
-      name       = "test-volume-3"
-      share_name = "test-volume-3"
-      size       = "100"
-      protocols  = ["NFSV3"]
+      name            = "test-volume-3"
+      share_name      = "test-volume-3"
+      size            = "100"
+      protocols       = ["NFSV3"]
+      deletion_policy = "DEFAULT"
+
       snapshot_policy = {
         enabled = true
         daily_schedule = {

main.tf

@@ -52,21 +52,22 @@ resource "google_netapp_volume" "storage_volumes" {
   security_style     = lookup(each.value, "security_style", null)
   kerberos_enabled   = lookup(each.value, "kerberos_enabled", null)
   restricted_actions = lookup(each.value, "restricted_actions", null)
+  deletion_policy    = lookup(each.value, "deletion_policy", null)
 
   dynamic "snapshot_policy" {
-    for_each = each.value.snapshot_policy.enabled ? ["volume_snapshot_policy"] : []
+    for_each = each.value.snapshot_policy != null ? ["volume_snapshot_policy"] : []
     content {
-      enabled = each.value.snapshot_policy.enabled
+      enabled = lookup(each.value.snapshot_policy, "enabled", false)
       dynamic "hourly_schedule" {
-        for_each = each.value.snapshot_policy.hourly_schedule == null ? [] : ["hourly_schedule"]
+        for_each = lookup(each.value.snapshot_policy, "hourly_schedule", null) == null ? [] : ["hourly_schedule"]
         content {
           snapshots_to_keep = lookup(each.value.snapshot_policy.hourly_schedule, "snapshots_to_keep")
           minute            = lookup(each.value.snapshot_policy.hourly_schedule, "minute")
         }
       }
 
       dynamic "daily_schedule" {
-        for_each = each.value.snapshot_policy.daily_schedule == null ? [] : ["daily_schedule"]
+        for_each = lookup(each.value.snapshot_policy, "daily_schedule", null) == null ? [] : ["daily_schedule"]
         content {
           snapshots_to_keep = lookup(each.value.snapshot_policy.daily_schedule, "snapshots_to_keep")
           minute            = lookup(each.value.snapshot_policy.daily_schedule, "minute")
@@ -75,7 +76,7 @@ resource "google_netapp_volume" "storage_volumes" {
       }
 
       dynamic "weekly_schedule" {
-        for_each = each.value.snapshot_policy.weekly_schedule == null ? [] : ["weekly_schedule"]
+        for_each = lookup(each.value.snapshot_policy, "weekly_schedule", null) == null ? [] : ["weekly_schedule"]
         content {
           snapshots_to_keep = lookup(each.value.snapshot_policy.weekly_schedule, "snapshots_to_keep")
           minute            = lookup(each.value.snapshot_policy.weekly_schedule, "minute")

test/integration/go.mod

@@ -1,4 +1,4 @@
-module github.com/GoogleCloudPlatform/terraform-google-cloud-armor/test/integration
+module github.com/GoogleCloudPlatform/terraform-google-netapp-volumes/test/integration
 
 go 1.21
 

test/integration/simple_example/simple_example_test.go

@@ -30,7 +30,6 @@ func TestSimpleNetApp(t *testing.T) {
 
 		projectID := netapp.GetStringOutput("project_id")
 		location := netapp.GetStringOutput("location")
-		// storagePool : netapp.GetStringOutput("storage_pool")
 		storagePoolName := netapp.GetStringOutput("storage_pool_name")
 		storagePoolID := netapp.GetStringOutput("storage_pool_id")
 		volume1Name := netapp.GetStringOutput("storage_volume1_name")
@@ -63,9 +62,6 @@ func TestSimpleNetApp(t *testing.T) {
 		assert.Equal("UNIX", sv2.Get("securityStyle").String(), "has expected securityStyle")
 		assert.Equal(volume2ID, sv2.Get("name").String(), "has expected name")
 		assert.Equal("PREMIUM", sv2.Get("serviceLevel").String(), "has expected serviceLevel")
-		assert.Equal("1", sv2.Get("snapshotPolicy.dailySchedule.snapshotsToKeep").String(), "has expected snapshotsToKeep")
-		assert.Equal("22", sv2.Get("snapshotPolicy.dailySchedule.hour").String(), "has expected hour")
-		assert.Equal("0", sv2.Get("snapshotPolicy.dailySchedule.minute").String(), "has expected minute")
 
 		sv3 := gcloud.Runf(t, "netapp volumes describe %s --location %s --project %s", volume3Name, location, projectID)
 

variables.tf

@@ -60,6 +60,7 @@ variable "storage_volumes" {
     security_style     = optional(string)
     kerberos_enabled   = optional(bool)
     restricted_actions = optional(list(string))
+    deletion_policy    = optional(string)
 
     export_policy_rules = optional(map(object({
       allowed_clients       = optional(string)
@@ -80,20 +81,21 @@ variable "storage_volumes" {
       hourly_schedule = optional(object({
         snapshots_to_keep = optional(number)
         minute            = optional(number)
-      }), null)
+      }))
 
       daily_schedule = optional(object({
         snapshots_to_keep = optional(number)
         minute            = optional(number)
         hour              = optional(number)
-      }), null)
+      }))
 
       weekly_schedule = optional(object({
         snapshots_to_keep = optional(number)
         minute            = optional(number)
         hour              = optional(number)
         day               = optional(string)
-      }), null)
+      }))
+
     }))
 
   }))

versions.tf

@@ -19,7 +19,7 @@ terraform {
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = ">= 5.13, < 6"
+      version = ">= 5.15, < 6"
     }
   }
   provider_meta "google" {