Add compute instance template for InSpec (#1308)

Merged PR #1308.

products/compute/inspec.yaml

@@ -41,8 +41,6 @@ overrides: !ruby/object:Overrides::ResourceOverrides
     exclude: true
   InstanceGroup: !ruby/object:Overrides::Inspec::ResourceOverride
     exclude: true
-  InstanceTemplate: !ruby/object:Overrides::Inspec::ResourceOverride
-    exclude: true
   InterconnectAttachment: !ruby/object:Overrides::Inspec::ResourceOverride
     exclude: true
   License: !ruby/object:Overrides::Inspec::ResourceOverride

templates/inspec/examples/attributes/google_compute_instance_template.erb

@@ -0,0 +1,2 @@
+gcp_project_id = attribute(:gcp_project_id, default: '<%= external_attribute('gcp_project_id') -%>', description: 'The GCP project identifier.')
+instance_template = attribute('instance_template', default: <%= JSON.pretty_generate(grab_attributes['instance_template']) -%>, description: 'An instance template definition')

templates/inspec/examples/google_compute_instance_template.erb

@@ -0,0 +1,18 @@
+<% gcp_project_id = "#{external_attribute('gcp_project_id', doc_generation)}" -%>
+<% instance_template = grab_attributes['instance_template'] -%>
+describe google_compute_instance_template(project: <%= doc_generation ? "#{gcp_project_id}" : "gcp_project_id" -%>, name: <%= doc_generation ? "'#{instance_template['name']}'" : "instance_template['name']" -%>) do
+  it { should exist }
+  its('description') { should eq <%= doc_generation ? "'#{instance_template['description']}'" : "instance_template['description']" -%> }
+  its('properties.description') { should eq <%= doc_generation ? "'#{instance_template['instance_description']}'" : "instance_template['instance_description']" -%> }
+  its('properties.machine_type') { should eq <%= doc_generation ? "'#{instance_template['machine_type']}'" : "instance_template['machine_type']" -%> }
+  its('properties.tags.items') { should include <%= doc_generation ? "'#{instance_template['tag']}'" : "instance_template['tag']" -%> }
+  its('properties.disks.count') { should eq 1 }
+  its('properties.disks.first.auto_delete') { should eq <%= doc_generation ? "'#{instance_template['disk_auto_delete']}'" : "instance_template['disk_auto_delete']" -%> }
+  its('properties.disks.first.boot') { should eq <%= doc_generation ? "'#{instance_template['disk_boot']}'" : "instance_template['disk_boot']" -%> }
+  its('properties.network_interfaces.count') { should eq 1 }
+  its('properties.service_accounts.count') { should eq 1 }
+end
+
+describe google_compute_instance_template(project: <%= doc_generation ? "#{gcp_project_id}" : "gcp_project_id" -%>, name: 'nonexistent') do
+  it { should_not exist }
+end

templates/inspec/examples/google_compute_instance_templates.erb

@@ -0,0 +1,5 @@
+<% gcp_project_id = "#{external_attribute('gcp_project_id', doc_generation)}" -%>
+<% instance_template = grab_attributes['instance_template'] -%>
+describe google_compute_instance_templates(project: <%= doc_generation ? "#{gcp_project_id}" : "gcp_project_id" -%>) do
+  its('names') { should include <%= doc_generation ? "'#{instance_template['name']}'" : "instance_template['name']" -%> }
+end

templates/inspec/tests/integration/build/gcp-mm.tf

@@ -50,6 +50,10 @@ variable "https_health_check" {
   type = "map"
 }
 
+variable "instance_template" {
+  type = "map"
+}
+
 resource "google_compute_ssl_policy" "custom-ssl-policy" {
   name            = "${var.ssl_policy["name"]}"
   min_tls_version = "${var.ssl_policy["min_tls_version"]}"
@@ -187,4 +191,36 @@ resource "google_compute_https_health_check" "gcp-inspec-https-health-check" {
   timeout_sec         = "${var.https_health_check["timeout_sec"]}"
   check_interval_sec  = "${var.https_health_check["check_interval_sec"]}"
   unhealthy_threshold = "${var.https_health_check["unhealthy_threshold"]}"
+}
+
+resource "google_compute_instance_template" "gcp-inspec-instance-template" {
+  project     = "${var.gcp_project_id}"
+  name        = "${var.instance_template["name"]}"
+  description = "${var.instance_template["description"]}"
+
+  tags = ["${var.instance_template["tag"]}"]
+
+  instance_description = "${var.instance_template["instance_description"]}"
+  machine_type         = "${var.instance_template["machine_type"]}"
+  can_ip_forward       = "${var.instance_template["can_ip_forward"]}"
+
+  scheduling {
+    automatic_restart   = "${var.instance_template["scheduling_automatic_restart"]}"
+    on_host_maintenance = "${var.instance_template["scheduling_on_host_maintenance"]}"
+  }
+
+  // Create a new boot disk from an image
+  disk {
+    source_image = "${var.instance_template["disk_source_image"]}"
+    auto_delete  = "${var.instance_template["disk_auto_delete"]}"
+    boot         = "${var.instance_template["disk_boot"]}"
+  }
+
+  network_interface {
+    network = "${var.instance_template["network_interface_network"]}"
+  }
+
+  service_account {
+    scopes = ["${var.instance_template["service_account_scope"]}"]
+  }
 }

templates/inspec/tests/integration/configuration/mm-attributes.yml

@@ -74,3 +74,18 @@ https_health_check:
   timeout_sec: 15
   check_interval_sec: 15
   unhealthy_threshold: 3
+
+instance_template:
+  name: inspec-gcp-instance-template
+  description: A description of the instance template
+  instance_description: A description of the instance itself
+  machine_type: n1-standard-1
+  tag: foo
+  can_ip_forward: false
+  scheduling_automatic_restart: true
+  scheduling_on_host_maintenance: MIGRATE
+  disk_source_image: debian-cloud/debian-9
+  disk_auto_delete: true
+  disk_boot: true
+  network_interface_network: default
+  service_account_scope: storage-ro