From b32dd66325f006f7c6ff9eea670ee532ee1f572d Mon Sep 17 00:00:00 2001 From: David Gleich Date: Tue, 27 Aug 2024 13:45:15 +0000 Subject: [PATCH] feat: Create module and example for NCC --- examples/network_connectivity_center/main.tf | 262 ++++++++++++++++++ .../network_connectivity_center/outputs.tf | 41 +++ .../network_connectivity_center/variables.tf | 59 ++++ .../network_connectivity_center/versions.tf | 27 ++ modules/network-connectivity-center/README.md | 42 +++ modules/network-connectivity-center/main.tf | 100 +++++++ .../network-connectivity-center/outputs.tf | 54 ++++ .../network-connectivity-center/variables.tf | 65 +++++ .../network-connectivity-center/versions.tf | 27 ++ .../network_connectivity_center/main.tf | 33 +++ .../network_connectivity_center/outputs.tf | 41 +++ .../network_connectivity_center/variables.tf | 24 ++ .../network_connectivity_center_test.go | 44 +++ test/setup/main.tf | 1 + 14 files changed, 820 insertions(+) create mode 100644 examples/network_connectivity_center/main.tf create mode 100644 examples/network_connectivity_center/outputs.tf create mode 100644 examples/network_connectivity_center/variables.tf create mode 100644 examples/network_connectivity_center/versions.tf create mode 100644 modules/network-connectivity-center/README.md create mode 100644 modules/network-connectivity-center/main.tf create mode 100644 modules/network-connectivity-center/outputs.tf create mode 100644 modules/network-connectivity-center/variables.tf create mode 100644 modules/network-connectivity-center/versions.tf create mode 100644 test/fixtures/network_connectivity_center/main.tf create mode 100644 test/fixtures/network_connectivity_center/outputs.tf create mode 100644 test/fixtures/network_connectivity_center/variables.tf create mode 100644 test/integration/network_connectivity_center/network_connectivity_center_test.go diff --git a/examples/network_connectivity_center/main.tf b/examples/network_connectivity_center/main.tf new file mode 100644 index 00000000..84c843ff --- /dev/null +++ b/examples/network_connectivity_center/main.tf @@ -0,0 +1,262 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "network_connectivity_center" { + source = "terraform-google-modules/network/google//modules/network-connectivity-center" + project_id = var.project_id + ncc_hub_name = var.ncc_hub_name + vpc_spokes = { + "vpc-1" = { + uri = module.vpc_spoke_vpc.network_id + } + } + hybrid_spokes = { + "vpn-1" = { + type = "vpn" + uris = [for k, v in module.local_to_remote_vpn.tunnel_self_links : v] + site_to_site_data_transfer = true + location = var.vpn_region + } + } + router_appliance_spokes = { + "appliance-1" = { + instances = [ + { + virtual_machine = google_compute_instance.router_appliance_1.id + ip_address = google_compute_instance.router_appliance_1.network_interface[0].network_ip + }, + { + virtual_machine = google_compute_instance.router_appliance_2.id + ip_address = google_compute_instance.router_appliance_2.network_interface[0].network_ip + } + ] + location = var.instance_region + site_to_site_data_transfer = false + } + } +} + +################################ +# VPC Spoke # +################################ +module "vpc_spoke_vpc" { + source = "terraform-google-modules/network/google" + project_id = var.project_id + network_name = var.vpc_spoke_vpc_name + routing_mode = "GLOBAL" + + subnets = [ + { + subnet_name = "vpc-spoke-subnet-01" + subnet_ip = "10.10.10.0/24" + subnet_region = "us-west1" + }, + { + subnet_name = "vpc-spoke-subnet-02" + subnet_ip = "10.10.20.0/24" + subnet_region = "us-east1" + }, + { + subnet_name = "vpc-spoke-subnet-03" + subnet_ip = "10.10.30.0/24" + subnet_region = "europe-west4" + } + ] +} + +################################ +# VPN Spoke # +################################ +# Simulates an on-prem network that will be connected over VPN +module "vpn_spoke_remote_vpc" { + source = "terraform-google-modules/network/google" + project_id = var.project_id + network_name = var.vpn_spoke_remote_vpc_name + routing_mode = "GLOBAL" + + subnets = [ + { + subnet_name = "vpn-subnet-01" + subnet_ip = "10.20.10.0/24" + subnet_region = "us-west1" + }, + { + subnet_name = "vpn-subnet-02" + subnet_ip = "10.20.20.0/24" + subnet_region = "us-east1" + }, + { + subnet_name = "vpn-subnet-03" + subnet_ip = "10.20.30.0/24" + subnet_region = "europe-west4" + } + ] +} + +module "vpn_spoke_local_vpc" { + source = "terraform-google-modules/network/google" + project_id = var.project_id + network_name = var.vpn_spoke_local_vpc_name + routing_mode = "GLOBAL" + subnets = [] +} + +module "remote_to_local_vpn" { + source = "terraform-google-modules/vpn/google//modules/vpn_ha" + version = "~> 4.0" + + project_id = var.project_id + region = var.vpn_region + network = module.vpn_spoke_remote_vpc.network_id + name = "remote-to-local" + router_asn = 64513 + peer_gcp_gateway = module.local_to_remote_vpn.self_link + tunnels = { + remote-0 = { + bgp_peer = { + address = "169.254.1.2" + asn = 64514 + } + bgp_peer_options = null + bgp_session_range = "169.254.1.1/30" + ike_version = 2 + vpn_gateway_interface = 0 + peer_external_gateway_interface = null + shared_secret = module.local_to_remote_vpn.random_secret + } + remote-1 = { + bgp_peer = { + address = "169.254.2.2" + asn = 64514 + } + bgp_peer_options = null + bgp_session_range = "169.254.2.1/30" + ike_version = 2 + vpn_gateway_interface = 1 + peer_external_gateway_interface = null + shared_secret = module.local_to_remote_vpn.random_secret + } + } +} + +module "local_to_remote_vpn" { + source = "terraform-google-modules/vpn/google//modules/vpn_ha" + version = "~> 4.0" + + project_id = var.project_id + region = var.vpn_region + network = module.vpn_spoke_local_vpc.network_id + name = "local-to-remote" + peer_gcp_gateway = module.remote_to_local_vpn.self_link + router_asn = 64514 + tunnels = { + remote-0 = { + bgp_peer = { + address = "169.254.1.1" + asn = 64513 + } + bgp_peer_options = null + bgp_session_range = "169.254.1.2/30" + ike_version = 2 + vpn_gateway_interface = 0 + peer_external_gateway_interface = null + shared_secret = "" + } + remote-1 = { + bgp_peer = { + address = "169.254.2.1" + asn = 64513 + } + bgp_peer_options = null + bgp_session_range = "169.254.2.2/30" + ike_version = 2 + vpn_gateway_interface = 1 + peer_external_gateway_interface = null + shared_secret = "" + } + } +} + + +################################ +# Router Appliance Spoke # +################################ +data "google_compute_zones" "available" { + project = var.project_id + region = var.instance_region +} + +resource "random_shuffle" "zone" { + input = data.google_compute_zones.available.names + result_count = 1 +} + +module "router_appliance_spoke_vpc" { + source = "terraform-google-modules/network/google" + project_id = var.project_id + network_name = var.router_appliance_vpc_name + routing_mode = "GLOBAL" + + subnets = [ + { + subnet_name = "router-appliance-subnet-01" + subnet_ip = "10.20.10.0/24" + subnet_region = var.instance_region + } + ] +} + +resource "google_compute_instance" "router_appliance_1" { + name = "fake-router-appliance-1" + machine_type = "e2-medium" + project = var.project_id + can_ip_forward = true + zone = random_shuffle.zone.result[0] + + boot_disk { + initialize_params { + image = "debian-cloud/debian-11" + } + } + + network_interface { + subnetwork = module.router_appliance_spoke_vpc.subnets["${var.instance_region}/router-appliance-subnet-01"].id + access_config { + network_tier = "PREMIUM" + } + } +} + +resource "google_compute_instance" "router_appliance_2" { + name = "fake-router-appliance-2" + machine_type = "e2-medium" + project = var.project_id + can_ip_forward = true + zone = random_shuffle.zone.result[0] + + boot_disk { + initialize_params { + image = "debian-cloud/debian-11" + } + } + + network_interface { + subnetwork = module.router_appliance_spoke_vpc.subnets["${var.instance_region}/router-appliance-subnet-01"].id + access_config { + network_tier = "PREMIUM" + } + } +} diff --git a/examples/network_connectivity_center/outputs.tf b/examples/network_connectivity_center/outputs.tf new file mode 100644 index 00000000..be46209a --- /dev/null +++ b/examples/network_connectivity_center/outputs.tf @@ -0,0 +1,41 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "ncc_hub" { + description = "The NCC Hub object" + value = module.network_connectivity_center.ncc_hub +} + +output "vpc_spokes" { + description = "All vpc spoke objects" + value = module.network_connectivity_center.vpc_spokes +} + + +output "hybrid_spokes" { + description = "All hybrid spoke objects" + value = module.network_connectivity_center.hybrid_spokes +} + +output "router_appliance_spokes" { + description = "All router appliance spoke objects" + value = module.network_connectivity_center.router_appliance_spokes +} + +output "spokes" { + description = "All spoke objects prefixed with the type of spoke (vpc, hybrid, appliance)" + value = module.network_connectivity_center.spokes +} diff --git a/examples/network_connectivity_center/variables.tf b/examples/network_connectivity_center/variables.tf new file mode 100644 index 00000000..e677e98c --- /dev/null +++ b/examples/network_connectivity_center/variables.tf @@ -0,0 +1,59 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + description = "The project ID to host the network in" +} + +variable "vpn_region" { + description = "The region where to deploy the VPN" + default = "europe-west4" +} + +variable "instance_region" { + description = "The region where to deploy the Router Instance in" + default = "us-central1" +} + +variable "ncc_hub_name" { + description = "The Name of the NCC Hub" + type = string + default = "ncc-hub" +} + +variable "vpc_spoke_vpc_name" { + description = "The VPC Name for the VPC Spoke" + type = string + default = "vpc-spoke" +} + +variable "vpn_spoke_local_vpc_name" { + description = "The name for the local VPC (GCP side) for the VPN Spoke" + type = string + default = "vpn-local-spoke" +} + +variable "vpn_spoke_remote_vpc_name" { + description = "The name for the remote VPC (fake on-orem) for the VPN Spoke" + type = string + default = "vpn-remote-spoke" +} + +variable "router_appliance_vpc_name" { + description = "The VPC Name for the VPC Spoke" + type = string + default = "router-appliance-spoke" +} diff --git a/examples/network_connectivity_center/versions.tf b/examples/network_connectivity_center/versions.tf new file mode 100644 index 00000000..5ebf9393 --- /dev/null +++ b/examples/network_connectivity_center/versions.tf @@ -0,0 +1,27 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +terraform { + required_version = ">=0.13.0" + + required_providers { + google = { + source = "hashicorp/google" + version = ">= 5.40.0" + + } + } +} diff --git a/modules/network-connectivity-center/README.md b/modules/network-connectivity-center/README.md new file mode 100644 index 00000000..6eb91329 --- /dev/null +++ b/modules/network-connectivity-center/README.md @@ -0,0 +1,42 @@ +# Terraform Network Connectivity Center Module + +This submodule is part of the the `terraform-google-network` module. It creates a Network Connectivity Center Hub and attaches spokes. + +## Usage + +Basic usage of this submodule is as follows: + +```hcl +module "ncc" { + source = "terraform-google-modules/network/google//modules/network-connectivity-center" + version = "~> 9.0.0" + + project_id = "" +} +``` + +An extensive example that also contains the creation and attachment of multiple spokes can be found in [examples/network-connectivity-center](../../examples/network_connectivity_center/) + + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| export\_psc | Whether Private Service Connect transitivity is enabled for the hub | `bool` | `true` | no | +| hybrid\_spokes | VLAN attachments and VPN Tunnels that are associated with the spoke. Type must be one of `interconnect` and `vpn`. | 
map(object({
    location                   = string
    uris                       = set(string)
    site_to_site_data_transfer = optional(bool, false)
    type                       = string
  }))
| `{}` | no | +| ncc\_hub\_name | The Name of the NCC Hub | `string` | `"ncc-hub"` | no | +| project\_id | Project id of the project that holds the network. | `string` | n/a | yes | +| router\_appliance\_spokes | Router appliance instances that are associated with the spoke. | 
map(object({
    instances = set(object({
      virtual_machine = string
      ip_address      = string
    }))
    location                   = string
    site_to_site_data_transfer = optional(bool, false)
  }))
| `{}` | no | +| vpc\_spokes | VPC network that is associated with the spoke | 
map(object({
    uri                   = string
    exclude_export_ranges = optional(set(string))
  }))
| `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| hybrid\_spokes | All hybrid spoke objects | +| ncc\_hub | The NCC Hub object | +| router\_appliance\_spokes | All router appliance spoke objects | +| spokes | All spoke objects prefixed with the type of spoke (vpc, hybrid, appliance) | +| vpc\_spokes | All vpc spoke objects | + + diff --git a/modules/network-connectivity-center/main.tf b/modules/network-connectivity-center/main.tf new file mode 100644 index 00000000..4a21202a --- /dev/null +++ b/modules/network-connectivity-center/main.tf @@ -0,0 +1,100 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +locals { + default_description = "Managed by Terraform" + vpc_spokes = { + for k, v in google_network_connectivity_spoke.vpc_spoke : + k => v + } + hybrid_spokes = { + for k, v in google_network_connectivity_spoke.hybrid_spoke : + k => v + } + router_appliance_spokes = { + for k, v in google_network_connectivity_spoke.router_appliance_spoke : + k => v + } +} + +resource "google_network_connectivity_hub" "hub" { + name = var.ncc_hub_name + project = var.project_id + description = local.default_description + export_psc = var.export_psc +} + + +resource "google_network_connectivity_spoke" "vpc_spoke" { + for_each = var.vpc_spokes + project = var.project_id + name = each.key + location = "global" + description = local.default_description + hub = google_network_connectivity_hub.hub.id + + linked_vpc_network { + uri = each.value.uri + exclude_export_ranges = each.value.exclude_export_ranges + } +} + +resource "google_network_connectivity_spoke" "hybrid_spoke" { + for_each = var.hybrid_spokes + project = var.project_id + name = each.key + location = each.value.location + description = local.default_description + hub = google_network_connectivity_hub.hub.id + + dynamic "linked_interconnect_attachments" { + for_each = each.value.type == "interconnect" ? [1] : [] + content { + uris = each.value.uris + site_to_site_data_transfer = each.value.site_to_site_data_transfer + } + } + + dynamic "linked_vpn_tunnels" { + for_each = each.value.type == "vpn" ? [1] : [] + content { + uris = each.value.uris + site_to_site_data_transfer = each.value.site_to_site_data_transfer + } + } +} + +resource "google_network_connectivity_spoke" "router_appliance_spoke" { + for_each = var.router_appliance_spokes + project = var.project_id + name = each.key + location = each.value.location + description = local.default_description + hub = google_network_connectivity_hub.hub.id + + linked_router_appliance_instances { + dynamic "instances" { + for_each = each.value.instances + iterator = instance_list + content { + virtual_machine = instance_list.value.virtual_machine + ip_address = instance_list.value.ip_address + } + } + site_to_site_data_transfer = each.value.site_to_site_data_transfer + + } +} diff --git a/modules/network-connectivity-center/outputs.tf b/modules/network-connectivity-center/outputs.tf new file mode 100644 index 00000000..3b306adf --- /dev/null +++ b/modules/network-connectivity-center/outputs.tf @@ -0,0 +1,54 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "ncc_hub" { + description = "The NCC Hub object" + value = google_network_connectivity_hub.hub +} + +output "vpc_spokes" { + description = "All vpc spoke objects" + value = local.vpc_spokes +} + + +output "hybrid_spokes" { + description = "All hybrid spoke objects" + value = local.hybrid_spokes +} + +output "router_appliance_spokes" { + description = "All router appliance spoke objects" + value = local.router_appliance_spokes +} + +output "spokes" { + description = "All spoke objects prefixed with the type of spoke (vpc, hybrid, appliance)" + value = flatten([ + { + for k, v in local.vpc_spokes : + "vpc/${k}" => v + }, + { + for k, v in local.hybrid_spokes : + "hybrid/${k}" => v + }, + { + for k, v in local.router_appliance_spokes : + "appliance/${k}" => v + }, + ]) +} diff --git a/modules/network-connectivity-center/variables.tf b/modules/network-connectivity-center/variables.tf new file mode 100644 index 00000000..3e54178f --- /dev/null +++ b/modules/network-connectivity-center/variables.tf @@ -0,0 +1,65 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + description = "Project id of the project that holds the network." + type = string +} + +variable "ncc_hub_name" { + description = "The Name of the NCC Hub" + type = string + default = "ncc-hub" +} + +variable "export_psc" { + description = "Whether Private Service Connect transitivity is enabled for the hub" + type = bool + default = true +} + +variable "vpc_spokes" { + description = "VPC network that is associated with the spoke" + type = map(object({ + uri = string + exclude_export_ranges = optional(set(string)) + })) + default = {} +} + +variable "hybrid_spokes" { + description = "VLAN attachments and VPN Tunnels that are associated with the spoke. Type must be one of `interconnect` and `vpn`." + type = map(object({ + location = string + uris = set(string) + site_to_site_data_transfer = optional(bool, false) + type = string + })) + default = {} +} + +variable "router_appliance_spokes" { + description = "Router appliance instances that are associated with the spoke." + type = map(object({ + instances = set(object({ + virtual_machine = string + ip_address = string + })) + location = string + site_to_site_data_transfer = optional(bool, false) + })) + default = {} +} diff --git a/modules/network-connectivity-center/versions.tf b/modules/network-connectivity-center/versions.tf new file mode 100644 index 00000000..5ebf9393 --- /dev/null +++ b/modules/network-connectivity-center/versions.tf @@ -0,0 +1,27 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +terraform { + required_version = ">=0.13.0" + + required_providers { + google = { + source = "hashicorp/google" + version = ">= 5.40.0" + + } + } +} diff --git a/test/fixtures/network_connectivity_center/main.tf b/test/fixtures/network_connectivity_center/main.tf new file mode 100644 index 00000000..348fe1e5 --- /dev/null +++ b/test/fixtures/network_connectivity_center/main.tf @@ -0,0 +1,33 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +locals { + ncc_hub_name = "ncc-hub-${var.random_string_for_testing}" + vpc_spoke_vpc_name = "vpc-spoke-${var.random_string_for_testing}" + vpn_spoke_local_vpc_name = "vpn-local-spoke-${var.random_string_for_testing}" + vpn_spoke_remote_vpc_name = "vpn-remote-spoke-${var.random_string_for_testing}" + router_appliance_vpc_name = "router-appliance-spoke-${var.random_string_for_testing}" +} + +module "example" { + source = "../../../examples/network_connectivity_center" + project_id = var.project_id + ncc_hub_name = local.ncc_hub_name + vpc_spoke_vpc_name = local.vpc_spoke_vpc_name + vpn_spoke_local_vpc_name = local.vpn_spoke_local_vpc_name + vpn_spoke_remote_vpc_name = local.vpn_spoke_remote_vpc_name + router_appliance_vpc_name = local.router_appliance_vpc_name +} diff --git a/test/fixtures/network_connectivity_center/outputs.tf b/test/fixtures/network_connectivity_center/outputs.tf new file mode 100644 index 00000000..761ddbc1 --- /dev/null +++ b/test/fixtures/network_connectivity_center/outputs.tf @@ -0,0 +1,41 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "project_id" { + value = var.project_id + description = "The ID of the project being used" +} + +output "ncc_hub_name" { + value = local.ncc_hub_name +} + +output "vpc_spoke_vpc_name" { + value = local.vpc_spoke_vpc_name +} + +output "vpn_spoke_local_vpc_name" { + value = local.vpn_spoke_local_vpc_name +} + +output "vpn_spoke_remote_vpc_name" { + value = local.vpn_spoke_remote_vpc_name +} + +output "router_appliance_vpc_name" { + value = local.router_appliance_vpc_name +} + diff --git a/test/fixtures/network_connectivity_center/variables.tf b/test/fixtures/network_connectivity_center/variables.tf new file mode 100644 index 00000000..e631230e --- /dev/null +++ b/test/fixtures/network_connectivity_center/variables.tf @@ -0,0 +1,24 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + description = "The GCP project to use for integration tests" +} + +variable "random_string_for_testing" { + description = "A random string of characters to be appended to resource names to ensure uniqueness" + default = "a1" +} diff --git a/test/integration/network_connectivity_center/network_connectivity_center_test.go b/test/integration/network_connectivity_center/network_connectivity_center_test.go new file mode 100644 index 00000000..757727c2 --- /dev/null +++ b/test/integration/network_connectivity_center/network_connectivity_center_test.go @@ -0,0 +1,44 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package ncc + +import ( + // "strings" + + "testing" + + "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" + "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" + "github.com/stretchr/testify/assert" +) + +func TestNetworkConnectivityCenter(t *testing.T) { + net := tft.NewTFBlueprintTest(t) + net.DefineVerify( + func(assert *assert.Assertions) { + net.DefaultVerify(assert) + projectID := net.GetStringOutput("project_id") + nccHubName := net.GetStringOutput("ncc_hub_name") + expectedNccSpokesCount := 3 + + op := gcloud.Run(t, "network-connectivity hubs describe ", gcloud.WithCommonArgs([]string{nccHubName, "--project", projectID, "--format", "json"})) + nccSpokeStateCount := op.Get("spokeSummary.spokeStateCounts").Array() + assert.Equal(1, len(nccSpokeStateCount), "should have spokes in one State") + assert.Equal("ACTIVE", nccSpokeStateCount[0].Get("state").String(), "should have only active spokes") + assert.Equal(int64(expectedNccSpokesCount), nccSpokeStateCount[0].Get("count").Int(), "should have exactly 3 spokes") + assert.Equal(expectedNccSpokesCount, len(op.Get("spokeSummary.spokeTypeCounts").Array()), "should have 3 different spoke types") + }) + net.Test() +} diff --git a/test/setup/main.tf b/test/setup/main.tf index 79cbb95d..59d1825e 100644 --- a/test/setup/main.tf +++ b/test/setup/main.tf @@ -53,6 +53,7 @@ module "project" { "vpcaccess.googleapis.com", "dns.googleapis.com", "networksecurity.googleapis.com", + "networkconnectivity.googleapis.com", "iam.googleapis.com", ] }