Skip to content

Commit

Permalink
Merge branch 'master' into feature/preconditions-checks-billing-acct-fmt
Browse files Browse the repository at this point in the history
  • Loading branch information
@trotttrotttrott
trotttrotttrott committed Jan 22, 2019
2 parents 7e04096 + 7c10cb3 commit d9a948d
Show file tree
Hide file tree
Showing 8 changed files with 68 additions and 55 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## 1.0.1

### FIXED

- Replaced missing forward of `var.disable_services_on_destroy` from `root` module to `core_project_factory` module.

## 1.0.0
1.0.0 is a major backwards incompatible release. See the [upgrade guide](./docs/upgrading_to_project_factory_v1.0.md) for details.

Expand Down
4 changes: 2 additions & 2 deletions docs/upgrading_to_project_factory_v1.0.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ index d876954..ebb3b1e 100755
--- i/main.tf
+++ w/main.tf
@@ -14,7 +14,7 @@ provider "gsuite" {

module "project-factory" {
source = "terraform-google-modules/project-factory/google"
- version = "v0.3.0"
Expand All @@ -78,7 +78,7 @@ index d876954..ebb3b1e 100755
name = "pf-gsuite-migrate-simple"
org_id = "${var.org_id}"
@@ -24,8 +24,8 @@ module "project-factory" {

module "project-factory-gsuite" {
- source = "terraform-google-modules/project-factory/google"
- version = "v0.3.0"
Expand Down
8 changes: 4 additions & 4 deletions helpers/combine_docfiles.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

''' Combine file from:
* script argument 1
with content of file from:
Expand All @@ -28,8 +27,8 @@
import re
import sys

insert_separator_regex = r'(.*?\[\^\]\:\ \(autogen_docs_start\))(.*?)(\n\[\^\]\:\ \(autogen_docs_end\).*?$)'
exclude_separator_regex = r'(.*?)Copyright 20\d\d Google LLC.*?limitations under the License.(.*?)$'
insert_separator_regex = r'(.*?\[\^\]\:\ \(autogen_docs_start\))(.*?)(\n\[\^\]\:\ \(autogen_docs_end\).*?$)' # noqa: E501
exclude_separator_regex = r'(.*?)Copyright 20\d\d Google LLC.*?limitations under the License.(.*?)$' # noqa: E501

if len(sys.argv) != 3:
sys.exit(1)
Expand All @@ -38,7 +37,8 @@
replace_content = open(sys.argv[2], "r").read()

# Exclude the specified content from the replacement content
groups = re.match(exclude_separator_regex, replace_content, re.DOTALL).groups(0)
groups = re.match(exclude_separator_regex, replace_content,
re.DOTALL).groups(0)
replace_content = groups[0] + groups[1]

# Find where to put the replacement content, overwrite the input file
Expand Down
7 changes: 4 additions & 3 deletions helpers/migrate.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ def moves(self):
new = copy.deepcopy(old)
new.module += migration["module"]

# If the "rename" value is set, update the copied resource with the new name
# Update the copied resource with the "rename" value if it is set
if "rename" in migration:
new.name = migration["rename"]

Expand Down Expand Up @@ -245,7 +245,8 @@ def from_path(cls, path):
Terraform resource path.
"""
if re.match(r'\A[\w.\[\]-]+\Z', path) is None:
raise ValueError("Invalid Terraform resource path {!r}".format(path))
raise ValueError(
"Invalid Terraform resource path {!r}".format(path))

parts = path.split(".")
name = parts.pop()
Expand Down Expand Up @@ -349,7 +350,7 @@ def migrate(statefile, dryrun=False):
factories = [
module for module in modules
if module.has_resource("random_id", "random_project_id_suffix")
and module.has_resource("google_project", "project")
and module.has_resource("google_project", "project")
]

print("---- Migrating the following project-factory modules:")
Expand Down
43 changes: 22 additions & 21 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,25 +28,26 @@ module "gsuite_group" {
module "project-factory" {
source = "modules/core_project_factory"

group_email = "${module.gsuite_group.email}"
group_role = "${var.group_role}"
lien = "${var.lien}"
manage_group = "${var.group_name != "" ? "true" : "false"}"
random_project_id = "${var.random_project_id}"
org_id = "${var.org_id}"
name = "${var.name}"
shared_vpc = "${var.shared_vpc}"
billing_account = "${var.billing_account}"
folder_id = "${var.folder_id}"
sa_role = "${var.sa_role}"
activate_apis = "${var.activate_apis}"
usage_bucket_name = "${var.usage_bucket_name}"
usage_bucket_prefix = "${var.usage_bucket_prefix}"
credentials_path = "${var.credentials_path}"
shared_vpc_subnets = "${var.shared_vpc_subnets}"
labels = "${var.labels}"
bucket_project = "${var.bucket_project}"
bucket_name = "${var.bucket_name}"
auto_create_network = "${var.auto_create_network}"
app_engine = "${var.app_engine}"
group_email = "${module.gsuite_group.email}"
group_role = "${var.group_role}"
lien = "${var.lien}"
manage_group = "${var.group_name != "" ? "true" : "false"}"
random_project_id = "${var.random_project_id}"
org_id = "${var.org_id}"
name = "${var.name}"
shared_vpc = "${var.shared_vpc}"
billing_account = "${var.billing_account}"
folder_id = "${var.folder_id}"
sa_role = "${var.sa_role}"
activate_apis = "${var.activate_apis}"
usage_bucket_name = "${var.usage_bucket_name}"
usage_bucket_prefix = "${var.usage_bucket_prefix}"
credentials_path = "${var.credentials_path}"
shared_vpc_subnets = "${var.shared_vpc_subnets}"
labels = "${var.labels}"
bucket_project = "${var.bucket_project}"
bucket_name = "${var.bucket_name}"
auto_create_network = "${var.auto_create_network}"
app_engine = "${var.app_engine}"
disable_services_on_destroy = "${var.disable_services_on_destroy}"
}
2 changes: 1 addition & 1 deletion modules/core_project_factory/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ resource "google_service_account_iam_member" "service_account_grant_to_group" {
}

/******************************************************************************************************************
compute.networkUser role granted to G Suite group, APIs Service account, Project Service Account, and GKE Service
compute.networkUser role granted to G Suite group, APIs Service account, Project Service Account, and GKE Service
Account on shared VPC
*****************************************************************************************************************/
resource "google_project_iam_member" "controlling_group_vpc_membership" {
Expand Down
2 changes: 1 addition & 1 deletion modules/core_project_factory/scripts/preconditions/preconditions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -421,7 +421,7 @@ def main(argv):

if retcode == 1 or opts.verbose:
json.dump(results, sys.stdout, indent=4)
except FileNotFoundError as error:
except FileNotFoundError as error: # noqa: F821
print(error)
retcode = 1

Expand Down
51 changes: 28 additions & 23 deletions test/helpers/test_migrate.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,31 +30,31 @@
"google_compute_instance.test",
"google_project_iam_member.user-editor",
"module.project-factory.google_compute_default_service_account.default",
"module.project-factory.google_compute_shared_vpc_service_project.shared_vpc_attachment",
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[0]",
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[1]",
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[2]",
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[0]",
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[1]",
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[2]",
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[0]",
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[1]",
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[2]",
"module.project-factory.google_compute_shared_vpc_service_project.shared_vpc_attachment", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[0]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[1]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.apis_service_account_role_to_vpc_subnets[2]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[0]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[1]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.group_role_to_vpc_subnets[2]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[0]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[1]", # noqa: E501
"module.project-factory.google_compute_subnetwork_iam_member.service_account_role_to_vpc_subnets[2]", # noqa: E501
"module.project-factory.google_organization.org",
"module.project-factory.google_project.project",
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[0]",
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[1]",
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[2]",
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[0]", # noqa: E501
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[1]", # noqa: E501
"module.project-factory.google_project_iam_member.controlling_group_vpc_membership[2]", # noqa: E501
"module.project-factory.google_project_iam_member.gsuite_group_role",
"module.project-factory.google_project_service.project_services",
"module.project-factory.google_service_account.default_service_account",
"module.project-factory.google_service_account_iam_member.service_account_grant_to_group",
"module.project-factory.google_service_account_iam_member.service_account_grant_to_group", # noqa: E501
"module.project-factory.gsuite_group.group",
"module.project-factory.gsuite_group_member.api_s_account_api_sa_group_member",
"module.project-factory.gsuite_group_member.api_s_account_api_sa_group_member", # noqa: E501
"module.project-factory.null_data_source.data_final_group_email",
"module.project-factory.null_data_source.data_given_group_email",
"module.project-factory.null_data_source.data_group_email_format",
"module.project-factory.null_resource.delete_default_compute_service_account",
"module.project-factory.null_resource.delete_default_compute_service_account", # noqa: E501
"module.project-factory.random_id.random_project_id_suffix",
]

Expand Down Expand Up @@ -92,7 +92,8 @@ def test_no_moves_outside_of_module(self):

old_resources = [move[0] for move in computed_moves]
self.assertFalse("google_compute_instance.test" in old_resources)
self.assertFalse("google_project_iam_member.user-editor" in old_resources)
self.assertFalse(
"google_project_iam_member.user-editor" in old_resources)


class TestTerraformModule(unittest.TestCase):
Expand All @@ -113,7 +114,8 @@ def test_has_resource(self):
self.assertTrue(self.module.has_resource(None, None))

def test_has_resource_empty(self):
self.assertFalse(self.module.has_resource('google_cloudiot_registry', None))
self.assertFalse(
self.module.has_resource('google_cloudiot_registry', None))

def test_get_resources(self):
expected = [resource for resource in self.resources
Expand All @@ -127,23 +129,25 @@ def test_get_resources_empty(self):


class TestTerraformResource(unittest.TestCase):

def test_root_resource_from_path(self):
resource = migrate.TerraformResource.from_path("google_project.project")
resource = migrate.TerraformResource.from_path(
"google_project.project")
self.assertEqual(resource.module, '')
self.assertEqual(resource.resource_type, 'google_project')
self.assertEqual(resource.name, 'project')

def test_module_resource_from_path(self):
resource = migrate.TerraformResource.from_path("module.project-factory.google_project.project")
resource = migrate.TerraformResource.from_path(
"module.project-factory.google_project.project")
self.assertEqual(resource.module, 'module.project-factory')
self.assertEqual(resource.resource_type, 'google_project')
self.assertEqual(resource.name, 'project')

def test_invalid_resource_from_path(self):
self.assertRaises(
Exception,
lambda: migrate.TerraformResource.from_path("not a resource path!"))
lambda: migrate.TerraformResource.from_path("not a resource path!")
)

def test_resource_init(self):
resource = migrate.TerraformResource('', 'google_project', 'project')
Expand All @@ -156,7 +160,8 @@ def test_resource_path_no_module(self):
self.assertEqual(resource.path(), 'google_project.project')

def test_resource_path_with_module(self):
resource = migrate.TerraformResource('module.project-factory', 'google_project', 'project')
resource = migrate.TerraformResource('module.project-factory',
'google_project', 'project')
expected = 'module.project-factory.google_project.project'
actual = resource.path()
self.assertEqual(expected, actual)
Expand Down

0 comments on commit d9a948d

Please sign in to comment.