Skip to content
This repository has been archived by the owner on Mar 29, 2023. It is now read-only.

Commit

Permalink
Merge pull request #58 from gruntwork-io/tf13
Browse files Browse the repository at this point in the history
Update repo to work with Terraform 0.13.x
  • Loading branch information
robmorgan authored Nov 16, 2020
2 parents 186c0ec + 03061d7 commit 21fcbd2
Show file tree
Hide file tree
Showing 16 changed files with 782 additions and 956 deletions.
170 changes: 86 additions & 84 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,105 +1,107 @@
version: 2.1

defaults: &defaults
machine: true

env: &env
environment:
GRUNTWORK_INSTALLER_VERSION: v0.0.21
TERRATEST_LOG_PARSER_VERSION: v0.13.13
MODULE_CI_VERSION: v0.13.3
TERRAFORM_VERSION: 0.12.1
GRUNTWORK_INSTALLER_VERSION: v0.0.30
TERRATEST_LOG_PARSER_VERSION: v0.30.4
MODULE_CI_VERSION: v0.29.1
TERRAFORM_VERSION: 0.13.5
TERRAGRUNT_VERSION: NONE
PACKER_VERSION: NONE
GOLANG_VERSION: 1.11.2
K8S_VERSION: v1.10.0
KUBECONFIG: /home/circleci/.kube/config

install_gruntwork_utils: &install_gruntwork_utils
name: install gruntwork utils
command: |
curl -Ls https://raw.githubusercontent.com/gruntwork-io/gruntwork-installer/master/bootstrap-gruntwork-installer.sh | bash /dev/stdin --version "${GRUNTWORK_INSTALLER_VERSION}"
gruntwork-install --module-name "gruntwork-module-circleci-helpers" --repo "https://github.com/gruntwork-io/module-ci" --tag "${MODULE_CI_VERSION}"
gruntwork-install --binary-name "terratest_log_parser" --repo "https://github.com/gruntwork-io/terratest" --tag "${TERRATEST_LOG_PARSER_VERSION}"
configure-environment-for-gruntwork-module \
--circle-ci-2-machine-executor \
--terraform-version ${TERRAFORM_VERSION} \
--terragrunt-version ${TERRAGRUNT_VERSION} \
--packer-version ${PACKER_VERSION} \
--use-go-dep \
--go-version ${GOLANG_VERSION} \
--go-src-path test
GOLANG_VERSION: 1.13.8

version: 2
jobs:
build:
<<: *defaults
precommit:
<<: *env
docker:
- image: circleci/python:3.8.1
steps:
- checkout
- restore_cache:
keys:
- dep-v1-{{ checksum "test/Gopkg.lock" }}

# Install gruntwork utilities
- run:
<<: *install_gruntwork_utils

- save_cache:
key: dep-v1-{{ checksum "test/Gopkg.lock" }}
paths:
- ./test/vendor

name: install dependencies
command: |
curl -Ls https://raw.githubusercontent.com/gruntwork-io/gruntwork-installer/master/bootstrap-gruntwork-installer.sh | bash /dev/stdin --version "${GRUNTWORK_INSTALLER_VERSION}"
gruntwork-install --module-name "gruntwork-module-circleci-helpers" --repo "https://github.com/gruntwork-io/module-ci" --tag "${MODULE_CI_VERSION}"
configure-environment-for-gruntwork-module \
--terraform-version ${TERRAFORM_VERSION} \
--terragrunt-version NONE \
--packer-version NONE \
--go-version ${GOLANG_VERSION}
# Fail the build if the pre-commit hooks don't pass. Note: if you run pre-commit install locally, these hooks will
# execute automatically every time before you commit, ensuring the build never fails at this step!
- run: pip install pre-commit==1.11.2 cfgv==2.0.1
- run: pre-commit install
- run: pre-commit run --all-files

- persist_to_workspace:
root: /home/circleci
paths:
- project
- terraform
- packer
- run:
command: |
pip install pre-commit==1.21.0 cfgv==2.0.1 zipp==1.1.0 yapf
pre-commit install
pre-commit run --all-files
test:
<<: *defaults
<<: *env
steps:
- attach_workspace:
at: /home/circleci
- checkout
- run: echo 'export PATH=$HOME/terraform:$HOME/packer:$PATH' >> $BASH_ENV
- run:
<<: *install_gruntwork_utils
- run:
name: update gcloud
command: |
sudo apt-get remove -y google-cloud-sdk
sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update
sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update beta kubectl
- run:
name: run tests
command: |
mkdir -p /tmp/logs
# required for gcloud and kubectl to authenticate correctly
echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
# required for terraform and terratest to authenticate correctly
echo $GCLOUD_SERVICE_KEY > /tmp/gcloud.json
export GOOGLE_APPLICATION_CREDENTIALS="/tmp/gcloud.json"
# run the tests
run-go-tests --path test --timeout 60m | tee /tmp/logs/all.log
no_output_timeout: 3600s
- run:
command: terratest_log_parser --testlog /tmp/logs/all.log --outputdir /tmp/logs
when: always
- store_artifacts:
path: /tmp/logs
- store_test_results:
path: /tmp/logs
- checkout
- run: &install_gruntwork_tooling
name: install gruntwork tooling
command: |
sudo apt-get -y update
curl -Ls https://raw.githubusercontent.com/gruntwork-io/gruntwork-installer/master/bootstrap-gruntwork-installer.sh | bash /dev/stdin --version "${GRUNTWORK_INSTALLER_VERSION}"
gruntwork-install --module-name "gruntwork-module-circleci-helpers" --repo "https://github.com/gruntwork-io/module-ci" --tag "${MODULE_CI_VERSION}"
gruntwork-install --module-name "git-helpers" --repo "https://github.com/gruntwork-io/module-ci" --tag "${MODULE_CI_VERSION}"
gruntwork-install --binary-name "terratest_log_parser" --repo "https://github.com/gruntwork-io/terratest" --tag "${TERRATEST_LOG_PARSER_VERSION}"
configure-environment-for-gruntwork-module --go-src-path ./test --terraform-version ${TERRAFORM_VERSION} --terragrunt-version ${TERRAGRUNT_VERSION} --packer-version ${PACKER_VERSION} --go-version ${GOLANG_VERSION}
# Install external dependencies
- run:
name: update gcloud
command: |
sudo apt-get remove -y google-cloud-sdk
sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update
sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update beta kubectl
- run:
name: run tests
command: |
# required for gcloud and kubectl to authenticate correctly
echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=-
gcloud --quiet config set project ${GOOGLE_PROJECT_ID}
gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
# required for terraform and terratest to authenticate correctly
echo $GCLOUD_SERVICE_KEY > /tmp/gcloud.json
export GOOGLE_APPLICATION_CREDENTIALS="/tmp/gcloud.json"
# run the tests
mkdir -p /tmp/logs
run-go-tests --path test --timeout 2h | tee /tmp/logs/all.log
no_output_timeout: 1h

- run:
name: parse test output
command: terratest_log_parser --testlog /tmp/logs/all.log --outputdir /tmp/logs
when: always

- store_artifacts:
path: /tmp/logs
- store_test_results:
path: /tmp/logs

workflows:
version: 2
build-and-test:
test:
jobs:
- build
- test:
requires:
- build
# We have to explicitly tell CircleCI to run on all tags and branches, or tag commits/pushes will not trigger
# builds: https://circleci.com/docs/2.0/workflows/#git-tag-job-execution.
- precommit:
filters:
branches:
only: /.*/
tags:
only: /.*/
- test:
requires:
- precommit
filters:
tags:
only: /^v.*/
3 changes: 2 additions & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
repos:
- repo: https://github.com/gruntwork-io/pre-commit
sha: v0.0.2
rev: v0.1.10
hooks:
- id: terraform-fmt
- id: gofmt

42 changes: 20 additions & 22 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
[![Maintained by Gruntwork.io](https://img.shields.io/badge/maintained%20by-gruntwork.io-%235849a6.svg)](https://gruntwork.io/?ref=repo_google_network)
[![GitHub tag (latest SemVer)](https://img.shields.io/github/tag/gruntwork-io/terraform-google-network.svg?label=latest)](https://github.com/gruntwork-io/terraform-google-network/releases/latest)
![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.12.0-blue.svg)
![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.13.0-blue.svg)

# Google VPC Network Modules

This repo contains modules for creating [Virtual Private Cloud (VPC) networks](https://cloud.google.com/vpc/docs/vpc) on
Expand All @@ -16,42 +17,42 @@ for instructions.

This repo has the following folder structure:

* [root](https://github.com/gruntwork-io/terraform-google-network/tree/master): The root folder contains an example of how
- [root](https://github.com/gruntwork-io/terraform-google-network/tree/master): The root folder contains an example of how
to deploy a service-agnostic "management" VPC network in GCP. See [network-management](https://github.com/gruntwork-io/terraform-google-network/blob/master/examples/network-management)
for the documentation.

* [modules](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules): This folder contains the
- [modules](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules): This folder contains the
main implementation code for this Module, broken down into multiple standalone submodules.

The primary module is:

* [vpc-network](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/vpc-network): Launch a
- [vpc-network](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/vpc-network): Launch a
secure VPC network on GCP.

Inbound traffic to instances in the network is controlled by "access tiers", a pair of subnetwork and
[network `tags`](https://cloud.google.com/vpc/docs/add-remove-network-tags). By defining an appropriate subnetwork
and tag for an instance, you'll ensure that traffic to and from the instance is properly restricted. See
[the Access Tier table](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/vpc-network#access-tier)
for more details.
Inbound traffic to instances in the network is controlled by "access tiers", a pair of subnetwork and
[network `tags`](https://cloud.google.com/vpc/docs/add-remove-network-tags). By defining an appropriate subnetwork
and tag for an instance, you'll ensure that traffic to and from the instance is properly restricted. See
[the Access Tier table](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/vpc-network#access-tier)
for more details.

There are also several supporting modules that add extra functionality on top of `vpc-network`:
There are also several supporting modules that add extra functionality on top of `vpc-network`:

* [network-peering](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/network-peering):
- [network-peering](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/network-peering):
Configure peering connections between your networks, allowing you to limit access between environments and reduce
the risk of production workloads being compromised.

* [project-host-configuration](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/project-host-configuration):
- [project-host-configuration](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/project-host-configuration):
Configure your project to be a "host project" whose networks can be shared across multiple projects in the
organization as part of a defense-in-depth security strategy, and to allow service-level billing across different
teams within your organization.

* [network-firewall](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/network-firewall):
- [network-firewall](https://github.com/gruntwork-io/terraform-google-network/tree/master/modules/network-firewall):
Configures the firewall rules expected by the `vpc-network` module.

* [examples](https://github.com/gruntwork-io/terraform-google-network/tree/master/examples): This folder contains
- [examples](https://github.com/gruntwork-io/terraform-google-network/tree/master/examples): This folder contains
examples of how to use the submodules.

* [test](https://github.com/gruntwork-io/terraform-google-network/tree/master/test): Automated tests for the submodules
- [test](https://github.com/gruntwork-io/terraform-google-network/tree/master/test): Automated tests for the submodules
and examples.

## What's a VPC?
Expand Down Expand Up @@ -83,19 +84,17 @@ commercial support, send an email to

Gruntwork can help with:

* Setup, customization, and support for this Module.
* Modules and submodules for other types of infrastructure, such as VPCs, Docker clusters, databases, and continuous
- Setup, customization, and support for this Module.
- Modules and submodules for other types of infrastructure, such as VPCs, Docker clusters, databases, and continuous
integration.
* Modules and Submodules that meet compliance requirements, such as HIPAA.
* Consulting & Training on AWS, Terraform, and DevOps.

- Modules and Submodules that meet compliance requirements, such as HIPAA.
- Consulting & Training on AWS, Terraform, and DevOps.

## How do I contribute to this Module?

Contributions are very welcome! Check out the [Contribution Guidelines](https://github.com/gruntwork-io/terraform-google-network/blob/master/CONTRIBUTING.md)
for instructions.


## How is this Module versioned?

This Module follows the principles of [Semantic Versioning](http://semver.org/). You can find each new release, along
Expand All @@ -105,7 +104,6 @@ During initial development, the major version will be 0 (e.g., `0.x.y`), which i
stable API. Once we hit `1.0.0`, we will make every effort to maintain a backwards compatible API and use the MAJOR,
MINOR, and PATCH versions on each release to indicate any incompatibilities.


## License

Please see [LICENSE](https://github.com/gruntwork-io/terraform-google-network/blob/master/LICENSE) for how the code in
Expand Down
8 changes: 4 additions & 4 deletions examples/bastion-host/main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
terraform {
# The modules used in this example have been updated with 0.12 syntax, which means the example is no longer
# compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down Expand Up @@ -63,4 +64,3 @@ resource "google_compute_instance" "private" {
enable-oslogin = "TRUE"
}
}

8 changes: 4 additions & 4 deletions examples/network-host-application/main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
terraform {
# The modules used in this example have been updated with 0.12 syntax, which means the example is no longer
# compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

module "application_network" {
Expand All @@ -23,4 +24,3 @@ module "project_host_configuration" {

project = var.project
}

8 changes: 4 additions & 4 deletions examples/network-management/main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
terraform {
# The modules used in this example have been updated with 0.12 syntax, which means the example is no longer
# compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down Expand Up @@ -154,4 +155,3 @@ resource "google_compute_instance" "private_persistence" {
subnetwork = module.management_network.private_subnetwork
}
}

8 changes: 4 additions & 4 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
terraform {
# The modules used in this example have been updated with 0.12 syntax, which means the example is no longer
# compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down Expand Up @@ -160,4 +161,3 @@ resource "google_compute_instance" "private_persistence" {
subnetwork = module.management_network.private_subnetwork
}
}

6 changes: 4 additions & 2 deletions modules/bastion-host/main.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
terraform {
# This module has been updated with 0.12 syntax, which means it is no longer compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down
6 changes: 4 additions & 2 deletions modules/network-firewall/main.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
terraform {
# This module has been updated with 0.12 syntax, which means it is no longer compatible with any versions below 0.12.
required_version = ">= 0.12"
# This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
# 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
# forwards compatible with 0.13.x code.
required_version = ">= 0.12.26"
}

data "google_compute_subnetwork" "public_subnetwork" {
Expand Down
Loading

0 comments on commit 21fcbd2

Please sign in to comment.