Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Agent policy module #2

Merged
merged 11 commits into from
Sep 10, 2020
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
# Make will use bash instead of sh
SHELL := /usr/bin/env bash

DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0
DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.12.0
DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
REGISTRY_URL := gcr.io/cloud-foundation-cicd

Expand Down
75 changes: 3 additions & 72 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,82 +1,13 @@
# terraform-google-cloud-operations

This module was generated from [terraform-google-module-template](https://github.com/terraform-google-modules/terraform-google-module-template/), which by default generates a module that simply creates a GCS bucket. As the module develops, this README should be updated.

The resources/services/activations/deletions that this module will create/trigger are:

- Create a GCS bucket with the provided name
This module is a collection of submodules related to Google Cloud Operations (Logging and Monitoring):
- [Agent Policy](./modules/agent-policy/README.md)

## Usage

Basic usage of this module is as follows:

```hcl
module "cloud_operations" {
source = "terraform-google-modules/cloud-operations/google"
version = "~> 0.1"

project_id = "<PROJECT ID>"
bucket_name = "gcs-test-bucket"
}
```

Functional examples are included in the
[examples](./examples/) directory.

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| bucket\_name | The name of the bucket to create | string | n/a | yes |
| project\_id | The project ID to deploy to | string | n/a | yes |

## Outputs

| Name | Description |
|------|-------------|
| bucket\_name | |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

## Requirements

These sections describe requirements for using this module.

### Software

The following dependencies must be available:

- [Terraform][terraform] v0.12
- [Terraform Provider for GCP][terraform-provider-gcp] plugin v2.0

### Service Account

A service account with the following roles must be used to provision
the resources of this module:

- Storage Admin: `roles/storage.admin`

The [Project Factory module][project-factory-module] and the
[IAM module][iam-module] may be used in combination to provision a
service account with the necessary roles applied.

### APIs

A project with the following APIs enabled must be used to host the
resources of this module:

- Google Cloud Storage JSON API: `storage-api.googleapis.com`

The [Project Factory module][project-factory-module] can be used to
provision a project with the necessary APIs enabled.
Each submodule's usage is documented in the [modules](./modules) folder. Functional examples are included in the [examples](./examples/) directory.

## Contributing

Refer to the [contribution guidelines](./CONTRIBUTING.md) for
information on contributing to this module.

[iam-module]: https://registry.terraform.io/modules/terraform-google-modules/iam/google
[project-factory-module]: https://registry.terraform.io/modules/terraform-google-modules/project-factory/google
[terraform-provider-gcp]: https://www.terraform.io/docs/providers/google/index.html
[terraform]: https://www.terraform.io/downloads.html
2 changes: 1 addition & 1 deletion build/int.cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,4 @@ tags:
- 'integration'
substitutions:
_DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.12.0'
2 changes: 1 addition & 1 deletion build/lint.cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,4 +21,4 @@ tags:
- 'lint'
substitutions:
_DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.12.0'
Original file line number Diff line number Diff line change
@@ -1,21 +1,14 @@
# Simple Example

This example illustrates how to use the `cloud-operations` module.
This example illustrates how to use the `agent-policy` module.

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| bucket\_name | The name of the bucket to create. | string | n/a | yes |
| project\_id | The ID of the project in which to provision resources. | string | n/a | yes |

## Outputs

| Name | Description |
|------|-------------|
| bucket\_name | The name of the bucket. |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

To provision this example, run the following from within this directory:
Expand Down
74 changes: 74 additions & 0 deletions examples/agent_policy_detailed_example/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
/**
* Copyright 2020 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

provider "google" {
version = "~> 2.0"
}

module "agent_policy_detailed" {
source = "./../../modules/agent-policy"
project_id = var.project_id
policy_id = "ops-agents-test-policy-detailed"
description = "an example policy description"
agent_rules = [
{
type = "logging"
version = "current-major"
package_state = "installed"
enable_autoupgrade = true
},
{
type = "metrics"
version = "latest"
package_state = "removed"
enable_autoupgrade = false
},
]
group_labels = [
tishen25 marked this conversation as resolved.
Show resolved Hide resolved
[
{
name = "env"
value = "prod"
},
{
name = "product"
value = "myapp"
},
],
[
{
name = "env"
value = "staging"
},
{
name = "product"
value = "myapp"
},
],
]
os_types = [
{
short_name = "debian"
version = "10"
},
]
zones = [
"us-central1-c",
"asia-northeast2-b",
"europe-north1-b",
]
instances = ["zones/us-central1-a/instances/test-instance"]
}
18 changes: 18 additions & 0 deletions examples/agent_policy_simple_example/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Simple Example

This example illustrates how to use the `agent-policy` module.

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| project\_id | The ID of the project in which to provision resources. | string | n/a | yes |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

To provision this example, run the following from within this directory:
- `terraform init` to get the plugins
- `terraform plan` to see the infrastructure plan
- `terraform apply` to apply the infrastructure build
- `terraform destroy` to destroy the built infrastructure
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,19 @@ provider "google" {
version = "~> 2.0"
}

module "cloud_operations" {
source = "../.."

project_id = var.project_id
bucket_name = var.bucket_name
module "agent_policy_simple" {
source = "./../../modules/agent-policy"
project_id = "${var.project_id}"
policy_id = "ops-agents-test-policy-simple"
agent_rules = [
{
type = "logging"
},
]
os_types = [
{
short_name = "centos"
version = "8"
},
]
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,3 @@ variable "project_id" {
description = "The ID of the project in which to provision resources."
type = string
}

variable "bucket_name" {
description = "The name of the bucket to create."
type = string
}
19 changes: 12 additions & 7 deletions kitchen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,18 +26,23 @@ platforms:
- name: default

suites:
- name: simple_example
- name: agent_policy_simple_example
driver:
root_module_directory: test/fixtures/simple_example/
root_module_directory: test/fixtures/agent_policy_simple_example/
verifier:
color: false
systems:
- name: simple_example local
- name: agent_policy_simple_example local
backend: local
controls:
- gcloud
- gsutil
- name: simple_example gcp
backend: gcp
- name: agent_policy_detailed_example
driver:
root_module_directory: test/fixtures/agent_policy_detailed_example/
verifier:
color: false
systems:
- name: agent_policy_detailed_example local
backend: local
controls:
- gcp
- gcloud
Loading