Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Build Network Fixtures and Run Tests with Kitchen-Terraform #33

Merged
merged 39 commits into from
Dec 19, 2018
Merged
Changes from 1 commit
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
1f88f47
Fix Docker build
Jberlinsky Nov 13, 2018
45618e7
Specify cluster versions in examples
Jberlinsky Nov 17, 2018
47189ea
Set up examples to run in test fixture networks
Jberlinsky Nov 19, 2018
98eb6d1
Add network fixtures
Jberlinsky Nov 19, 2018
5ec503a
Create fixtures as part of the integration test process, and share co…
Jberlinsky Nov 19, 2018
76b3498
Clean up botched merge
Jberlinsky Nov 20, 2018
a0b4fd3
Extract common outputs to fixture file, and consolidate fixture insta…
Jberlinsky Nov 20, 2018
2c399b0
Remove reference to kitchen-inspec
aaron-lane Nov 27, 2018
a7c2e5d
Pin Ruby to 2.5
aaron-lane Nov 27, 2018
d384655
Pin rest-client to v2
aaron-lane Nov 27, 2018
a8c5ace
Pin kubeclient to v4
aaron-lane Nov 27, 2018
42da44e
Pin kitchen-terraform to v4
aaron-lane Nov 27, 2018
98145c1
Add missing SA roles to Read Me
aaron-lane Nov 27, 2018
4cd24bd
Increase platform support for base64 command
aaron-lane Nov 27, 2018
f3fda19
Only move variables.tf during install if it exists
aaron-lane Nov 27, 2018
bb0e0dd
Pin Ruby to v2.5 in Makefile
aaron-lane Nov 27, 2018
a6045dc
Update go to v1.10.5-r0 in Dockerfile
aaron-lane Nov 27, 2018
a75e252
Update curl, git in Dockerfile
aaron-lane Nov 27, 2018
8208f86
Update packages in kitchen_terraform/Dockerfile
aaron-lane Nov 27, 2018
486c90d
Refactor example cases with mutliple assertions
Jberlinsky Nov 29, 2018
72899fa
Reduce attributes passed into test-kitchen examples to simplify syste…
Jberlinsky Nov 29, 2018
ae7b5da
Switch to using `includes` matchers instead of filtering for specific…
Jberlinsky Nov 30, 2018
9f8f58e
Enable project-factory support by allowing arbitrary service accounts…
Jberlinsky Dec 13, 2018
d3d4436
Call examples as modules from test fixtures
Jberlinsky Dec 13, 2018
9bb3963
Bump tested GKE versions
Jberlinsky Dec 13, 2018
176ad6f
Wait for GKE cluster to not be in RECONCILING status before completin…
Jberlinsky Dec 13, 2018
0f3fcc1
Fix linter error
Jberlinsky Dec 13, 2018
1c9754c
Pin Ruby to 2.5.1
Jberlinsky Dec 13, 2018
1a84f32
Update testing documentation
Jberlinsky Dec 13, 2018
73afe8b
Add line breaks
Jberlinsky Dec 13, 2018
614c24e
Bump ruby version to 2.5.3
Jberlinsky Dec 13, 2018
be970a4
Run `terraform fmt` as part of linting
Jberlinsky Dec 13, 2018
8d46662
Fix Go version in tests.
morgante Dec 19, 2018
b017249
Actually symlink terraform.tfvars
morgante Dec 19, 2018
cf5c27a
Missed one tfvars symlink
morgante Dec 19, 2018
4eeaaa3
Add descriptions to test environment variables
Jberlinsky Dec 19, 2018
a4a3f71
`terraform fmt`
Jberlinsky Dec 19, 2018
90a122e
Bring back shared_vpc example and simple test fixture
Jberlinsky Dec 19, 2018
4a32e01
Only .gitignore actual terraform variables, not symlinks
Jberlinsky Dec 19, 2018
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -115,6 +115,7 @@ Then perform the following commands on the root folder:
| project_id | The project ID to host the cluster in (required) | string | - | yes |
| region | The region to host the cluster in (required) | string | - | yes |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | string | `true` | no |
| service_account | The service account to default running nodes as if not overridden in `node_pools`. Defaults to the compute engine default service account | string | `` | no |
| stub_domains | Map of stub domains and their resolvers to forward DNS queries for a certain domain to an external DNS server | map | `<map>` | no |
| subnetwork | The subnetwork to host the cluster in (required) | string | - | yes |
| zones | The zones to host the cluster in (optional if regional cluster / required if zonal) | list | `<list>` | no |
4 changes: 2 additions & 2 deletions cluster_regional.tf
Original file line number Diff line number Diff line change
@@ -78,7 +78,7 @@ resource "google_container_cluster" "primary" {
name = "default-pool"

node_config {
service_account = "${lookup(var.node_pools[0], "service_account", "")}"
service_account = "${lookup(var.node_pools[0], "service_account", var.service_account)}"
}
}
}
@@ -114,7 +114,7 @@ resource "google_container_node_pool" "pools" {

disk_size_gb = "${lookup(var.node_pools[count.index], "disk_size_gb", 100)}"
disk_type = "${lookup(var.node_pools[count.index], "disk_type", "pd-standard")}"
service_account = "${lookup(var.node_pools[count.index], "service_account", "")}"
service_account = "${lookup(var.node_pools[count.index], "service_account", var.service_account)}"
preemptible = "${lookup(var.node_pools[count.index], "preemptible", false)}"

oauth_scopes = [
4 changes: 2 additions & 2 deletions cluster_zonal.tf
Original file line number Diff line number Diff line change
@@ -78,7 +78,7 @@ resource "google_container_cluster" "zonal_primary" {
name = "default-pool"

node_config {
service_account = "${lookup(var.node_pools[0], "service_account", "")}"
service_account = "${lookup(var.node_pools[0], "service_account", var.service_account)}"
}
}
}
@@ -114,7 +114,7 @@ resource "google_container_node_pool" "zonal_pools" {

disk_size_gb = "${lookup(var.node_pools[count.index], "disk_size_gb", 100)}"
disk_type = "${lookup(var.node_pools[count.index], "disk_type", "pd-standard")}"
service_account = "${lookup(var.node_pools[count.index], "service_account", "")}"
service_account = "${lookup(var.node_pools[count.index], "service_account", var.service_account)}"
preemptible = "${lookup(var.node_pools[count.index], "preemptible", false)}"

oauth_scopes = [
1 change: 1 addition & 0 deletions examples/deploy_service/README.md
Original file line number Diff line number Diff line change
@@ -15,6 +15,7 @@ It will:

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| compute_engine_service_account | Service account to associate to the nodes in the cluster | string | - | yes |
| ip_range_pods | The secondary ip range to use for pods | string | - | yes |
| ip_range_services | The secondary ip range to use for pods | string | - | yes |
| network | The VPC network to host the cluster in | string | - | yes |
1 change: 1 addition & 0 deletions examples/deploy_service/main.tf
Original file line number Diff line number Diff line change
@@ -42,6 +42,7 @@ module "gke" {
ip_range_pods = "${local.ip_range_pods}"
ip_range_services = "${local.ip_range_services}"
kubernetes_version = "1.9.7-gke.11"
service_account = "${var.compute_engine_service_account}"
}

resource "kubernetes_pod" "nginx-example" {
2 changes: 2 additions & 0 deletions examples/deploy_service/variables.tf
Original file line number Diff line number Diff line change
@@ -46,4 +46,6 @@ locals {
subnetwork = "${var.subnetwork}"
ip_range_pods = "${var.ip_range_pods}"
ip_range_services = "${var.ip_range_services}"
variable "compute_engine_service_account" {
description = "Service account to associate to the nodes in the cluster"
}
2 changes: 1 addition & 1 deletion examples/node_pool/README.md
Original file line number Diff line number Diff line change
@@ -9,10 +9,10 @@ This example illustrates how to create a cluster with multiple custom node-pool

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| compute_engine_service_account | Service account to associate to the nodes in the cluster | string | - | yes |
| ip_range_pods | The secondary ip range to use for pods | string | - | yes |
| ip_range_services | The secondary ip range to use for pods | string | - | yes |
| network | The VPC network to host the cluster in | string | - | yes |
| pool_01_service_account | Service account to associate to the nodes on pool-01 | string | - | yes |
| project_id | The project ID to host the cluster in | string | - | yes |
| region | The region to host the cluster in | string | - | yes |
| subnetwork | The subnetwork to host the cluster in | string | - | yes |
3 changes: 2 additions & 1 deletion examples/node_pool/main.tf
Original file line number Diff line number Diff line change
@@ -39,6 +39,7 @@ module "gke" {
{
name = "pool-01"
min_count = 4
service_account = "${var.compute_engine_service_account}"
},
{
name = "pool-02"
@@ -50,7 +51,7 @@ module "gke" {
image_type = "COS"
auto_repair = false
auto_upgrade = false
service_account = "${local.pool_01_service_account}"
service_account = "${var.compute_engine_service_account}"
},
]

4 changes: 2 additions & 2 deletions examples/node_pool/variables.tf
Original file line number Diff line number Diff line change
@@ -38,6 +38,6 @@ variable "ip_range_services" {
description = "The secondary ip range to use for pods"
}

variable "pool_01_service_account" {
description = "Service account to associate to the nodes on pool-01"
variable "compute_engine_service_account" {
description = "Service account to associate to the nodes in the cluster"
}
1 change: 1 addition & 0 deletions examples/simple_regional/README.md
Original file line number Diff line number Diff line change
@@ -9,6 +9,7 @@ This example illustrates how to create a simple cluster.

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| compute_engine_service_account | Service account to associate to the nodes in the cluster | string | - | yes |
| ip_range_pods | The secondary ip range to use for pods | string | - | yes |
| ip_range_services | The secondary ip range to use for pods | string | - | yes |
| network | The VPC network to host the cluster in | string | - | yes |
1 change: 1 addition & 0 deletions examples/simple_regional/main.tf
Original file line number Diff line number Diff line change
@@ -35,6 +35,7 @@ module "gke" {
ip_range_services = "${local.ip_range_services}"
kubernetes_version = "1.9.7-gke.11"
node_version = "1.9.7-gke.11"
service_account = "${var.compute_engine_service_account}"
}

data "google_client_config" "default" {}
2 changes: 2 additions & 0 deletions examples/simple_regional/variables.tf
Original file line number Diff line number Diff line change
@@ -46,4 +46,6 @@ locals {
subnetwork = "${var.subnetwork}"
ip_range_pods = "${var.ip_range_pods}"
ip_range_services = "${var.ip_range_services}"
variable "compute_engine_service_account" {
description = "Service account to associate to the nodes in the cluster"
}
1 change: 1 addition & 0 deletions examples/simple_zonal/README.md
Original file line number Diff line number Diff line change
@@ -9,6 +9,7 @@ This example illustrates how to create a simple cluster.

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| compute_engine_service_account | Service account to associate to the nodes in the cluster | string | - | yes |
| ip_range_pods | The secondary ip range to use for pods | string | - | yes |
| ip_range_services | The secondary ip range to use for pods | string | - | yes |
| network | The VPC network to host the cluster in | string | - | yes |
1 change: 1 addition & 0 deletions examples/simple_zonal/main.tf
Original file line number Diff line number Diff line change
@@ -36,6 +36,7 @@ module "gke" {
ip_range_services = "${local.ip_range_services}"
kubernetes_version = "1.9.7-gke.11"
node_version = "1.9.7-gke.11"
service_account = "${var.compute_engine_service_account}"
}

data "google_client_config" "default" {}
2 changes: 2 additions & 0 deletions examples/simple_zonal/variables.tf
Original file line number Diff line number Diff line change
@@ -51,4 +51,6 @@ locals {
subnetwork = "${var.subnetwork}"
ip_range_pods = "${var.ip_range_pods}"
ip_range_services = "${var.ip_range_services}"
variable "compute_engine_service_account" {
description = "Service account to associate to the nodes in the cluster"
}
1 change: 1 addition & 0 deletions examples/stub_domains/README.md
Original file line number Diff line number Diff line change
@@ -14,6 +14,7 @@ It will:

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| compute_engine_service_account | Service account to associate to the nodes in the cluster | string | - | yes |
| ip_range_pods | The secondary ip range to use for pods | string | - | yes |
| ip_range_services | The secondary ip range to use for pods | string | - | yes |
| network | The VPC network to host the cluster in | string | - | yes |
1 change: 1 addition & 0 deletions examples/stub_domains/main.tf
Original file line number Diff line number Diff line change
@@ -35,6 +35,7 @@ module "gke" {
network_policy = true
kubernetes_version = "1.9.7-gke.11"
node_version = "1.9.7-gke.11"
service_account = "${var.compute_engine_service_account}"

stub_domains {
"example.com" = [
2 changes: 2 additions & 0 deletions examples/stub_domains/variables.tf
Original file line number Diff line number Diff line change
@@ -46,4 +46,6 @@ locals {
subnetwork = "${var.subnetwork}"
ip_range_pods = "${var.ip_range_pods}"
ip_range_services = "${var.ip_range_services}"
variable "compute_engine_service_account" {
description = "Service account to associate to the nodes in the cluster"
}
11 changes: 0 additions & 11 deletions test/integration/node_pool/controls/gcloud.rb
Original file line number Diff line number Diff line change
@@ -223,17 +223,6 @@
)
end

it "has the right service account" do
expect(data['nodePools']).to include(
including(
"name" => "pool-02",
"config" => including(
"serviceAccount" => "default",
),
)
)
end

it "has the expected labels" do
expect(data['nodePools']).to include(
including(
5 changes: 5 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -189,3 +189,8 @@ variable "monitoring_service" {
description = "The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com, monitoring.googleapis.com/kubernetes (beta) and none"
default = "monitoring.googleapis.com"
}

variable "service_account" {
description = "The service account to default running nodes as if not overridden in `node_pools`. Defaults to the compute engine default service account"
default = ""
}