Merge pull request #116 from taylorludwig/feature/103-submodules

Feature/103 submodules

.kitchen.yml

@@ -74,7 +74,7 @@ suites:
             customized_inspec_attribute: output_subnets_private_access
             customized_inspec_attribute: output_subnets_regions
             customized_inspec_attribute: output_subnets_secondary_ranges
-            customized_inspec_attribute: output_svpc_host_project_id
+            customized_inspec_attribute: output_project_id
 
 
           backend: local
@@ -131,7 +131,7 @@ suites:
             customized_inspec_attribute: output_subnets_private_access
             customized_inspec_attribute: output_subnets_regions
             customized_inspec_attribute: output_subnets_secondary_ranges
-            customized_inspec_attribute: output_svpc_host_project_id
+            customized_inspec_attribute: output_project_id
           backend: local
           controls:
             - gcloud

CHANGELOG.md

@@ -8,6 +8,10 @@ and this project adheres to [Semantic Versioning][semver-site].
 ## [Unreleased]
 v2.0.0 is a backwards-incompatible release. Please see the [upgrading guide](./docs/upgrading_to_v2.0.md).
 
+### Added
+
+- Split main module up into vpc, subnets, and routes submodules. [#103]
+
 ### Fixed
 
 - Fixes subnet recreation when a subnet is updated. [#73]

Makefile

@@ -15,7 +15,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.1.0
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.6.0
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 
@@ -42,7 +42,7 @@ docker_test_prepare:
 
 # Clean up test environment within the docker container
 .PHONY: docker_test_cleanup
-docker_test_prepare:
+docker_test_cleanup:
 	docker run --rm -it \
 		-e SERVICE_ACCOUNT_JSON \
 		-e TF_VAR_org_id \

README.md

@@ -8,6 +8,8 @@ It supports creating:
 - Subnets within the VPC
 - Secondary ranges for the subnets (if applicable)
 
+Sub modules are provided for creating individual vpc, subnets, and routes. See the modules directory for the various sub modules usage.
+
 ## Compatibility
 
 This module is meant for use with Terraform 0.12. If you haven't [upgraded](https://www.terraform.io/upgrade-guides/0-12.html) and need a Terraform 0.11.x-compatible version of this module, the last released version intended for Terraform 0.11.x is [0.8.0](https://registry.terraform.io/modules/terraform-google-modules/network/google/0.8.0).
@@ -100,7 +102,7 @@ Then perform the following commands on the root folder:
 | routes | List of routes being created in this VPC | list(map(string)) | `<list>` | no |
 | routing\_mode | The network routing mode (default 'GLOBAL') | string | `"GLOBAL"` | no |
 | secondary\_ranges | Secondary ranges that will be used in some of the subnets | object | `<map>` | no |
-| shared\_vpc\_host | Makes this project a Shared VPC host if 'true' (default 'false') | string | `"false"` | no |
+| shared\_vpc\_host | Makes this project a Shared VPC host if 'true' (default 'false') | bool | `"false"` | no |
 | subnets | The list of subnets being created | list(map(string)) | n/a | yes |
 
 ## Outputs
@@ -109,19 +111,20 @@ Then perform the following commands on the root folder:
 |------|-------------|
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
-| routes | The routes associated with this VPC |
+| project\_id | VPC project id |
+| route\_names | The route names associated with this VPC |
 | subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
 | subnets\_ips | The IPs and CIDRs of the subnets being created |
 | subnets\_names | The names of the subnets being created |
 | subnets\_private\_access | Whether the subnets will have access to Google API's without a public IP |
 | subnets\_regions | The region where the subnets will be created |
 | subnets\_secondary\_ranges | The secondary ranges associated with these subnets |
 | subnets\_self\_links | The self-links of subnets being created |
-| svpc\_host\_project\_id | Shared VPC host project id. |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ### Subnet Inputs
+
 The subnets list contains maps, where each object represents a subnet. Each map has the following inputs (please see examples folder for additional references):
 
 | Name | Description | Type | Default | Required |
@@ -133,7 +136,8 @@ The subnets list contains maps, where each object represents a subnet. Each map
 | subnet\_flow\_logs  | Whether the subnet will record and send flow log data to logging | string | `"false"` | no |
 
 ### Route Inputs
-The routes list contains maps, where each object represents a route. For the next\_hop\_* inputs, only one is possible to be used in each route. Having two next_hop_* inputs will produce an error. Each map has the following inputs (please see examples folder for additional references):
+
+The routes list contains maps, where each object represents a route. For the next_hop_* inputs, only one is possible to be used in each route. Having two next_hop_* inputs will produce an error. Each map has the following inputs (please see examples folder for additional references):
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|

build/int.cloudbuild.yaml

@@ -38,4 +38,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.1.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.6.0'

build/lint.cloudbuild.yaml

@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.1.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.6.0'

docs/upgrading_to_v2.0.md

@@ -48,7 +48,7 @@ Terraform will perform the following actions:
       - self_link                = "https://www.googleapis.com/compute/v1/projects/dev-xpn-networking/regions/us-west1/subnetworks/simple-project-timh-subnet-02" -> null
     }
 
-  # module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork["us-west1/simple-project-timh-subnet-01"] will be created
+  # module.example.module.test-vpc-module.google_compute_subnetwork.module.subnets.subnetwork["us-west1/simple-project-timh-subnet-01"] will be created
   + resource "google_compute_subnetwork" "subnetwork" {
       + creation_timestamp       = (known after apply)
       + enable_flow_logs         = false
@@ -65,7 +65,7 @@ Terraform will perform the following actions:
       + self_link                = (known after apply)
     }
 
-  # module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork["us-west1/simple-project-timh-subnet-02"] will be created
+  # module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork["us-west1/simple-project-timh-subnet-02"] will be created
   + resource "google_compute_subnetwork" "subnetwork" {
       + creation_timestamp       = (known after apply)
       + enable_flow_logs         = true
@@ -93,11 +93,17 @@ can't guarantee that exactly these actions will be performed if
 
 ### Manual Migration Steps
 
-In this example here are the two commands used migrate the subnets created by the `simple_project` in the examples directory.  _please note the need to escape the quotes on the new resource_. You may also use the migration script.
+In this example here are the commands used migrate the vpc and subnets created by the `simple_project` in the examples directory.  _please note the need to escape the quotes on the new resource_. You may also use the migration script.
 
--   `terraform state mv module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[0] module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-01\"]`
+-   `terraform state mv module.example.module.test-vpc-module.google_compute_network.network module.example.module.test-vpc-module.module.vpc.google_compute_subnetwork.network`
 
--   `terraform state mv module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[1] module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-02\"]`
+-   `terraform state mv module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork`
+
+-   `terraform state mv module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork[0] module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-01\"]`
+
+-   `terraform state mv module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork[1] module.example.module.test-vpc-module.module.subnets.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-02\"]`
+
+*You'll notice that because of a terraform [issue](https://github.com/hashicorp/terraform/issues/22301), we need to move the whole resource collection first before renaming to the `for_each` keys*
 
 `terraform plan` should now return a no-op and show no new changes.
 
@@ -125,26 +131,66 @@ actions need to be performed.
 1.  Download the script
 
     ```sh
-    curl -O https://raw.githubusercontent.com/terraform-google-modules/terraform-google-network/master/helpers/migrate.sh
-    chmod +x migrate.sh
+    curl -O https://raw.githubusercontent.com/terraform-google-modules/terraform-google-network/master/helpers/migrate.py
+    chmod +x migrate.py
     ```
 
 2.  Run the script to output the migration commands:
 
     ```sh
-    $  ./migrate.sh --dry-run
-    terraform state mv module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[0] module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-01\"]
-    terraform state mv module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[1] module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-02\"]
+    $  ./migrate.py --dry-run
+    terraform state mv 'module.example.module.test-vpc-module-02.google_compute_network.network[0]' 'module.example.module.test-vpc-module-02.module.vpc.google_compute_network.network'
+    terraform state mv 'module.example.module.test-vpc-module-02.google_compute_subnetwork.subnetwork' 'module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork'
+    terraform state mv 'module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[0]' 'module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork["us-west1/multi-vpc-a1-02-subnet-01"]'
+    terraform state mv 'module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[1]' 'module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork["us-west1/multi-vpc-a1-02-subnet-02"]'
+    terraform state mv 'module.example.module.test-vpc-module-02.google_compute_route.route' 'module.example.module.test-vpc-module-02.module.routes.google_compute_route.route'
+    terraform state mv 'module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[0]' 'module.example.module.test-vpc-module-02.module.routes.google_compute_route.route["multi-vpc-a1-02-egress-inet"]'
+    terraform state mv 'module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[1]' 'module.example.module.test-vpc-module-02.module.routes.google_compute_route.route["multi-vpc-a1-02-testapp-proxy"]'
+
     ```
 
 3.  Execute the migration command
 
     ```sh
-    $ ./migrate.sh
-    Move "module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[0]" to "module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-01\"]"
+    $ ./migrate.py
+    ---- Migrating the following modules:
+    -- module.example.module.test-vpc-module-02
+    ---- Commands to run:
+    Move "module.example.module.test-vpc-module-02.google_compute_network.network[0]" to "module.example.module.test-vpc-module-02.module.vpc.google_compute_network.network"
+    Successfully moved 1 object(s).
+    Move "module.example.module.test-vpc-module-02.google_compute_subnetwork.subnetwork" to "module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork"
     Successfully moved 1 object(s).
-    Move "module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[1]" to "module.example.module.test-vpc-module.google_compute_subnetwork.subnetwork[\"us-west1/simple-project-timh-subnet-02\"]"
+    Move "module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[0]" to "module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[\"us-west1/multi-vpc-a1-02-subnet-01\"]"
     Successfully moved 1 object(s).
+    Move "module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[1]" to "module.example.module.test-vpc-module-02.module.subnets.google_compute_subnetwork.subnetwork[\"us-west1/multi-vpc-a1-02-subnet-02\"]"
+    Successfully moved 1 object(s).
+    Move "module.example.module.test-vpc-module-02.google_compute_route.route" to "module.example.module.test-vpc-module-02.module.routes.google_compute_route.route"
+    Successfully moved 1 object(s).
+    Move "module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[0]" to "module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[\"multi-vpc-a1-02-egress-inet\"]"
+    Successfully moved 1 object(s).
+    Move "module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[1]" to "module.example.module.test-vpc-module-02.module.routes.google_compute_route.route[\"multi-vpc-a1-02-testapp-proxy\"]"
+    Successfully moved 1 object(s).
+
     ```
 
 4.  Run `terraform plan` to confirm no changes are expected.
+
+### Known Issues
+
+If your previous state only contains a **single** subnet or route then `terraform mv` will throw an error similar to the following during migration:
+
+```
+Error: Invalid target address
+
+Cannot move to
+module.example.module.test-vpc-module-01.module.routes.google_compute_route.route["multi-vpc-a1-01-egress-inet"]:
+module.example.module.test-vpc-module-01.module.routes.google_compute_route.route
+does not exist in the current state.
+```
+
+This is due to a terraform mv [issue](https://github.com/hashicorp/terraform/issues/22301)
+
+The workaround is to either
+
+1. Create a temporary subnet or route prior to migration
+2. Manually updating the state file. Update the `index_key` of the appropriate user and push the to the remote state if necessary.

examples/delete_default_gateway_routes/README.md

@@ -18,7 +18,7 @@ This VPC has a single subnet with no secondary ranges, and ensures the default i
 |------|-------------|
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
-| routes | The routes associated with this VPC |
+| route\_names | The routes associated with this VPC |
 | subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
 | subnets\_ips | The IP and cidrs of the subnets being created |
 | subnets\_names | The names of the subnets being created |

examples/delete_default_gateway_routes/outputs.tf

@@ -54,7 +54,7 @@ output "subnets_secondary_ranges" {
   description = "The secondary ranges associated with these subnets"
 }
 
-output "routes" {
-  value       = module.test-vpc-module.routes
+output "route_names" {
+  value       = module.test-vpc-module.route_names
   description = "The routes associated with this VPC"
 }

examples/multi_vpc/outputs.tf

@@ -56,7 +56,7 @@ output "network_01_subnets_secondary_ranges" {
 }
 
 output "network_01_routes" {
-  value       = module.test-vpc-module-01.routes
+  value       = module.test-vpc-module-01.route_names
   description = "The routes associated with network-01"
 }
 
@@ -102,6 +102,6 @@ output "network_02_subnets_secondary_ranges" {
 }
 
 output "network_02_routes" {
-  value       = module.test-vpc-module-02.routes
+  value       = module.test-vpc-module-02.route_names
   description = "The routes associated with network-02"
 }

examples/secondary_ranges/README.md

@@ -19,13 +19,13 @@ ranges and the third being given a single secondary range.
 |------|-------------|
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
-| routes | The routes associated with this VPC |
+| project\_id | VPC project id |
+| route\_names | The routes associated with this VPC |
 | subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
 | subnets\_ips | The IP and cidrs of the subnets being created |
 | subnets\_names | The names of the subnets being created |
 | subnets\_private\_access | Whether the subnets will have access to Google API's without a public IP |
 | subnets\_regions | The region where subnets will be created |
 | subnets\_secondary\_ranges | The secondary ranges associated with these subnets |
-| svpc\_host\_project\_id | Shared VPC host project id. |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/secondary_ranges/outputs.tf

@@ -24,9 +24,9 @@ output "network_self_link" {
   description = "The URI of the VPC being created"
 }
 
-output "svpc_host_project_id" {
-  value       = module.vpc-secondary-ranges.svpc_host_project_id
-  description = "Shared VPC host project id."
+output "project_id" {
+  value       = module.vpc-secondary-ranges.project_id
+  description = "VPC project id"
 }
 
 output "subnets_names" {
@@ -59,7 +59,7 @@ output "subnets_secondary_ranges" {
   description = "The secondary ranges associated with these subnets"
 }
 
-output "routes" {
-  value       = module.vpc-secondary-ranges.routes
+output "route_names" {
+  value       = module.vpc-secondary-ranges.route_names
   description = "The routes associated with this VPC"
 }

examples/simple_project/README.md

@@ -18,13 +18,13 @@ This VPC has two subnets, with no secondary ranges.
 |------|-------------|
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
-| routes | The routes associated with this VPC |
+| project\_id | VPC project id |
+| route\_names | The routes associated with this VPC |
 | subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
 | subnets\_ips | The IP and cidrs of the subnets being created |
 | subnets\_names | The names of the subnets being created |
 | subnets\_private\_access | Whether the subnets will have access to Google API's without a public IP |
 | subnets\_regions | The region where subnets will be created |
 | subnets\_secondary\_ranges | The secondary ranges associated with these subnets |
-| svpc\_host\_project\_id | Shared VPC host project id. |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/simple_project/outputs.tf

@@ -24,9 +24,9 @@ output "network_self_link" {
   description = "The URI of the VPC being created"
 }
 
-output "svpc_host_project_id" {
-  value       = module.test-vpc-module.svpc_host_project_id
-  description = "Shared VPC host project id."
+output "project_id" {
+  value       = module.test-vpc-module.project_id
+  description = "VPC project id"
 }
 
 output "subnets_names" {
@@ -59,7 +59,7 @@ output "subnets_secondary_ranges" {
   description = "The secondary ranges associated with these subnets"
 }
 
-output "routes" {
-  value       = module.test-vpc-module.routes
+output "route_names" {
+  value       = module.test-vpc-module.route_names
   description = "The routes associated with this VPC"
 }

examples/simple_project_with_regional_network/README.md

@@ -18,13 +18,13 @@ This VPC has two subnets, with no secondary ranges.
 |------|-------------|
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
-| routes | The routes associated with this VPC |
+| project\_id | VPC project id |
+| route\_names | The routes associated with this VPC |
 | subnets\_flow\_logs | Whether the subnets will have VPC flow logs enabled |
 | subnets\_ips | The IP and cidrs of the subnets being created |
 | subnets\_names | The names of the subnets being created |
 | subnets\_private\_access | Whether the subnets will have access to Google API's without a public IP |
 | subnets\_regions | The region where subnets will be created |
 | subnets\_secondary\_ranges | The secondary ranges associated with these subnets |
-| svpc\_host\_project\_id | Shared VPC host project id. |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->