Merge pull request #3 from terraform-google-modules/ludo-0.12

Upgrade to 0.12, add CI

CHANGELOG.md

@@ -7,6 +7,17 @@ The format is based on
 and this project adheres to
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.0] - 2019-08-18
+
+### Changed
+
+- Updated for Terraform 0.12. [#2]
+- **BREAKING** the `zone_type` variable has been renamed to `type` for uniformity with the `name` and `domain` variables
+- **BREAKING** list/map variables now leverage 0.12 constructs internally, and have been simplified and renamed accordingly:
+  - `private_visibility_config` has been renamed to `private_visibility_config_networks` and is now a simple list of VPC self links
+  - `target_name_servers` has been renamed to `target_name_server_addresses` and is now a simple list of addresses
+
+
 ## [1.0.0] - 2019-06-17
 
 ### Added

CONTRIBUTING.md

@@ -2,20 +2,21 @@
 
 This document provides guidelines for contributing to the module.
 
+## Dependencies
+
+The following dependencies must be installed on the development system:
+
+- [Docker Engine][docker-engine]
+- [Google Cloud SDK][google-cloud-sdk]
+- [make]
+
 ## Generating Documentation for Inputs and Outputs
 
 The Inputs and Outputs tables in the READMEs of the root module,
 submodules, and example modules are automatically generated based on
 the `variables` and `outputs` of the respective modules. These tables
 must be refreshed if the module interfaces are changed.
 
-### Dependencies
-
-The following dependencies must be installed on the development system:
-
-- [make]
-- [terraform-docs] v0.6.0
-
 ### Execution
 
 Run `make generate_docs` to generate new Inputs and Outputs tables.
@@ -31,70 +32,58 @@ The integration tests are run using [Kitchen][kitchen],
 tools are packaged within a Docker image for convenience.
 
 The general strategy for these tests is to verify the behaviour of the
-[example modules](./examples), thus ensuring that the root module,
+[example modules](./examples/), thus ensuring that the root module,
 submodules, and example modules are all functionally correct.
 
-### Dependencies
+### Test Environment
+The easiest way to test the module is in an isolated test project. The setup for such a project is defined in [test/setup](./test/setup/) directory.
 
-The following dependencies must be installed on the development system:
+To use this setup, you need a service account with Project Creator access on a folder. Export the Service Account credentials to your environment like so:
 
-- [Docker Engine][docker-engine]
-- [Google Cloud SDK][google-cloud-sdk]
-- [make]
+```
+export SERVICE_ACCOUNT_JSON=$(< credentials.json)
+```
 
-### Inputs
+You will also need to set a few environment variables:
+```
+export TF_VAR_org_id="your_org_id"
+export TF_VAR_folder_id="your_folder_id"
+export TF_VAR_billing_account="your_billing_account_id"
+```
 
-Test instances are defined in the
-[Kitchen configuration file](./kitchen.yml). The inputs of each Kitchen
-instance may be configured with the `driver.variables` key in a
-local Kitchen configuration file located at `./kitchen.local.yml` or in
-a Terraform variables file located at
-`./test/fixtures/<instance>/variables.tfvars`.
+With these settings in place, you can prepare a test project using Docker:
+```
+make docker_test_prepare
+```
 
-### Credentials
+### Noninteractive Execution
 
-Download the key of a Service Account with the
-[required roles][required-roles] to `./credentials.json`.
+Run `make docker_test_integration` to test all of the example modules
+noninteractively, using the prepared test project.
 
 ### Interactive Execution
 
 1. Run `make docker_run` to start the testing Docker container in
    interactive mode.
 
-1. Run `kitchen create <EXAMPLE_NAME>` to initialize the working
+1. Run `kitchen_do create <EXAMPLE_NAME>` to initialize the working
    directory for an example module.
 
-1. Run `kitchen converge <EXAMPLE_NAME>` to apply the example module.
+1. Run `kitchen_do converge <EXAMPLE_NAME>` to apply the example module.
 
-1. Run `kitchen verify <EXAMPLE_NAME>` to test the example module.
+1. Run `kitchen_do verify <EXAMPLE_NAME>` to test the example module.
 
-1. Run `kitchen destroy <EXAMPLE_NAME>` to destroy the example module
+1. Run `kitchen_do destroy <EXAMPLE_NAME>` to destroy the example module
    state.
 
-### Noninteractive Execution
-
-Run `make test_integration_docker` to test all of the example modules
-noninteractively.
-
 ## Linting and Formatting
 
 Many of the files in the repository can be linted or formatted to
 maintain a standard of quality.
 
-### Dependencies
-
-The following dependencies must be installed on the development system:
-
-- [flake8]
-- [gofmt]
-- [hadolint]
-- [make]
-- [shellcheck]
-- [Terraform][terraform] v0.11
-
 ### Execution
 
-Run `make check`.
+Run `make docker_test_lint`.
 
 [docker-engine]: https://www.docker.com/products/docker-engine
 [flake8]: http://flake8.pycqa.org/en/latest/

Makefile

@@ -1,4 +1,4 @@
-# Copyright 2018 Google LLC
+# Copyright 2019 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,131 +18,68 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-# Docker build config variables
-CREDENTIALS_PATH 			?= /cft/workdir/credentials.json
-DOCKER_ORG 				:= gcr.io/cloud-foundation-cicd
-DOCKER_TAG_BASE_KITCHEN_TERRAFORM 	?= 1.0.1
-DOCKER_REPO_BASE_KITCHEN_TERRAFORM 	:= ${DOCKER_ORG}/cft/kitchen-terraform:${DOCKER_TAG_BASE_KITCHEN_TERRAFORM}
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.1.0
+DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
+REGISTRY_URL := gcr.io/cloud-foundation-cicd
 
-# All is the first target in the file so it will get picked up when you just run 'make' on its own
-.PHONY: all
-all: check generate_docs
-
-# Run all available linters
-.PHONY: check
-check: check_shell check_python check_golang check_terraform check_docker check_base_files test_check_headers check_headers check_trailing_whitespace
-
-# The .PHONY directive tells make that this isn't a real target and so
-# the presence of a file named 'check_shell' won't cause this target to stop
-# working
-.PHONY: check_shell
-check_shell:
-	@source test/make.sh && check_shell
-
-.PHONY: check_python
-check_python:
-	@source test/make.sh && check_python
-
-.PHONY: check_golang
-check_golang:
-	@source test/make.sh && golang
-
-.PHONY: check_terraform
-check_terraform:
-	@source test/make.sh && check_terraform
-
-.PHONY: check_docker
-check_docker:
-	@source test/make.sh && docker
-
-.PHONY: check_base_files
-check_base_files:
-	@source test/make.sh && basefiles
-
-.PHONY: check_trailing_whitespace
-check_trailing_whitespace:
-	@source test/make.sh && check_trailing_whitespace
-
-.PHONY: test_check_headers
-test_check_headers:
-	@echo "Testing the validity of the header check"
-	@python test/test_verify_boilerplate.py
-
-.PHONY: check_headers
-check_headers:
-	@source test/make.sh && check_headers
-
-# Integration tests
-.PHONY: test_integration
-test_integration:
-	test/ci_integration.sh
-
-.PHONY: generate_docs
-generate_docs:
-	@source test/make.sh && generate_docs
-
-# Versioning
-.PHONY: version
-version:
-	@source helpers/version-repo.sh
-
-# Run docker
+# Enter docker container for local development
 .PHONY: docker_run
 docker_run:
 	docker run --rm -it \
-		-e PROJECT_ID \
 		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		/bin/bash -c "source test/ci_integration.sh && setup_environment && exec /bin/bash"
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/bin/bash
 
-.PHONY: docker_create
-docker_create:
+# Execute prepare tests within the docker container
+.PHONY: docker_test_prepare
+docker_test_prepare:
 	docker run --rm -it \
-		-e PROJECT_ID \
 		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		/bin/bash -c "source test/ci_integration.sh && setup_environment && kitchen create"
-
-.PHONY: docker_converge
-docker_converge:
+		-e TF_VAR_org_id \
+		-e TF_VAR_folder_id \
+		-e TF_VAR_billing_account \
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/usr/local/bin/execute_with_credentials.sh prepare_environment
+
+# Clean up test environment within the docker container
+.PHONY: docker_test_cleanup
+docker_test_cleanup:
 	docker run --rm -it \
-		-e PROJECT_ID \
 		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		/bin/bash -c "source test/ci_integration.sh && setup_environment && kitchen converge"
-
-.PHONY: docker_verify
-docker_verify:
+		-e TF_VAR_org_id \
+		-e TF_VAR_folder_id \
+		-e TF_VAR_billing_account \
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/usr/local/bin/execute_with_credentials.sh cleanup_environment
+
+# Execute integration tests within the docker container
+.PHONY: docker_test_integration
+docker_test_integration:
 	docker run --rm -it \
-		-e PROJECT_ID \
 		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		/bin/bash -c "source test/ci_integration.sh && setup_environment && kitchen verify"
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/usr/local/bin/test_integration.sh
 
-.PHONY: docker_destroy
-docker_destroy:
+# Execute lint tests within the docker container
+.PHONY: docker_test_lint
+docker_test_lint:
 	docker run --rm -it \
-		-e PROJECT_ID \
-		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		/bin/bash -c "source test/ci_integration.sh && setup_environment && kitchen destroy"
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/usr/local/bin/test_lint.sh
 
-.PHONY: test_integration_docker
-test_integration_docker:
+# Generate documentation
+.PHONY: docker_generate_docs
+docker_generate_docs:
 	docker run --rm -it \
-		-e PROJECT_ID \
-		-e SERVICE_ACCOUNT_JSON \
-		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-		-v $(CURDIR):/cft/workdir \
-		${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-		make test_integration
+		-v $(CURDIR):/workspace \
+		$(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \
+		/bin/bash -c 'source /usr/local/bin/task_helper_functions.sh && generate_docs'
+
+# Alias for backwards compatibility
+.PHONY: generate_docs
+generate_docs: docker_generate_docs