diff --git a/build/kcc/samples/address_basic/main.tf b/build/kcc/samples/address_basic/main.tf new file mode 100644 index 000000000000..8b02adbc5618 --- /dev/null +++ b/build/kcc/samples/address_basic/main.tf @@ -0,0 +1,3 @@ +resource "google_compute_address" "ip_address" { + name = "my-address-${local.name_suffix}" +} diff --git a/build/kcc/samples/address_with_subnetwork/main.tf b/build/kcc/samples/address_with_subnetwork/main.tf new file mode 100644 index 000000000000..f31d90895953 --- /dev/null +++ b/build/kcc/samples/address_with_subnetwork/main.tf @@ -0,0 +1,18 @@ +resource "google_compute_network" "default" { + name = "my-network-${local.name_suffix}" +} + +resource "google_compute_subnetwork" "default" { + name = "my-subnet-${local.name_suffix}" + ip_cidr_range = "10.0.0.0/16" + region = "us-central1" + network = "${google_compute_network.default.self_link}" +} + +resource "google_compute_address" "internal_with_subnet_and_address" { + name = "my-internal-address-${local.name_suffix}" + subnetwork = "${google_compute_subnetwork.default.self_link}" + address_type = "INTERNAL" + address = "10.0.42.42" + region = "us-central1" +} diff --git a/build/kcc/samples/autoscaler_basic/main.tf b/build/kcc/samples/autoscaler_basic/main.tf new file mode 100644 index 000000000000..044e59be01ca --- /dev/null +++ b/build/kcc/samples/autoscaler_basic/main.tf @@ -0,0 +1,58 @@ +resource "google_compute_autoscaler" "foobar" { + name = "my-autoscaler-${local.name_suffix}" + zone = "us-central1-f" + target = "${google_compute_instance_group_manager.foobar.self_link}" + + autoscaling_policy { + max_replicas = 5 + min_replicas = 1 + cooldown_period = 60 + + cpu_utilization { + target = 0.5 + } + } +} + +resource "google_compute_instance_template" "foobar" { + name = "my-instance-template-${local.name_suffix}" + machine_type = "n1-standard-1" + can_ip_forward = false + + tags = ["foo", "bar"] + + disk { + source_image = "${data.google_compute_image.debian_9.self_link}" + } + + network_interface { + network = "default" + } + + metadata = { + foo = "bar" + } + + service_account { + scopes = ["userinfo-email", "compute-ro", "storage-ro"] + } +} + +resource "google_compute_target_pool" "foobar" { + name = "my-target-pool-${local.name_suffix}" +} + +resource "google_compute_instance_group_manager" "foobar" { + name = "my-igm-${local.name_suffix}" + zone = "us-central1-f" + + instance_template = "${google_compute_instance_template.foobar.self_link}" + + target_pools = ["${google_compute_target_pool.foobar.self_link}"] + base_instance_name = "foobar" +} + +data "google_compute_image" "debian_9" { + family = "debian-9" + project = "debian-cloud" +} diff --git a/build/kcc/samples/backend_bucket_basic/main.tf b/build/kcc/samples/backend_bucket_basic/main.tf new file mode 100644 index 000000000000..4e592a393b14 --- /dev/null +++ b/build/kcc/samples/backend_bucket_basic/main.tf @@ -0,0 +1,11 @@ +resource "google_compute_backend_bucket" "image_backend" { + name = "image-backend-bucket-${local.name_suffix}" + description = "Contains beautiful images" + bucket_name = "${google_storage_bucket.image_bucket.name}" + enable_cdn = true +} + +resource "google_storage_bucket" "image_bucket" { + name = "image-store-bucket-${local.name_suffix}" + location = "EU" +} diff --git a/build/kcc/samples/backend_service_basic/main.tf b/build/kcc/samples/backend_service_basic/main.tf new file mode 100644 index 000000000000..4844d8a51558 --- /dev/null +++ b/build/kcc/samples/backend_service_basic/main.tf @@ -0,0 +1,11 @@ +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "health-check-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/build/kcc/samples/bigquery_dataset_basic/main.tf b/build/kcc/samples/bigquery_dataset_basic/main.tf new file mode 100644 index 000000000000..566f97ee41d1 --- /dev/null +++ b/build/kcc/samples/bigquery_dataset_basic/main.tf @@ -0,0 +1,20 @@ +resource "google_bigquery_dataset" "dataset" { + dataset_id = "example_dataset-${local.name_suffix}" + friendly_name = "test" + description = "This is a test description" + location = "EU" + default_table_expiration_ms = 3600000 + + labels = { + env = "default" + } + + access { + role = "OWNER" + user_by_email = "Joe@example.com" + } + access { + role = "READER" + domain = "example.com" + } +} diff --git a/build/kcc/samples/bigtable_app_profile_multicluster/main.tf b/build/kcc/samples/bigtable_app_profile_multicluster/main.tf new file mode 100644 index 000000000000..115acd24cd5f --- /dev/null +++ b/build/kcc/samples/bigtable_app_profile_multicluster/main.tf @@ -0,0 +1,17 @@ +resource "google_bigtable_instance" "instance" { + name = "tf-test-instance--${local.name_suffix}" + cluster { + cluster_id = "tf-test-instance--${local.name_suffix}" + zone = "us-central1-b" + num_nodes = 3 + storage_type = "HDD" + } +} + +resource "google_bigtable_app_profile" "ap" { + instance = google_bigtable_instance.instance.name + app_profile_id = "tf-test-profile--${local.name_suffix}" + + multi_cluster_routing_use_any = true + ignore_warnings = true +} diff --git a/build/kcc/samples/bigtable_app_profile_singlecluster/main.tf b/build/kcc/samples/bigtable_app_profile_singlecluster/main.tf new file mode 100644 index 000000000000..02c6ba2aa8dd --- /dev/null +++ b/build/kcc/samples/bigtable_app_profile_singlecluster/main.tf @@ -0,0 +1,21 @@ +resource "google_bigtable_instance" "instance" { + name = "tf-test-instance--${local.name_suffix}" + cluster { + cluster_id = "tf-test-instance--${local.name_suffix}" + zone = "us-central1-b" + num_nodes = 3 + storage_type = "HDD" + } +} + +resource "google_bigtable_app_profile" "ap" { + instance = google_bigtable_instance.instance.name + app_profile_id = "tf-test-profile--${local.name_suffix}" + + single_cluster_routing { + cluster_id = "tf-test-instance--${local.name_suffix}" + allow_transactional_writes = true + } + + ignore_warnings = true +} diff --git a/build/kcc/samples/cloudbuild_trigger_filename/main.tf b/build/kcc/samples/cloudbuild_trigger_filename/main.tf new file mode 100644 index 000000000000..a17e9f8d0e9c --- /dev/null +++ b/build/kcc/samples/cloudbuild_trigger_filename/main.tf @@ -0,0 +1,13 @@ +resource "google_cloudbuild_trigger" "filename-trigger" { + trigger_template { + branch_name = "master" + repo_name = "my-repo" + } + + substitutions = { + _FOO = "bar" + _BAZ = "qux" + } + + filename = "cloudbuild.yaml" +} diff --git a/build/kcc/samples/disk_basic/main.tf b/build/kcc/samples/disk_basic/main.tf new file mode 100644 index 000000000000..3fea463d4982 --- /dev/null +++ b/build/kcc/samples/disk_basic/main.tf @@ -0,0 +1,10 @@ +resource "google_compute_disk" "default" { + name = "test-disk-${local.name_suffix}" + type = "pd-ssd" + zone = "us-central1-a" + image = "debian-8-jessie-v20170523" + labels = { + environment = "dev" + } + physical_block_size_bytes = 4096 +} diff --git a/build/kcc/samples/dns_managed_zone_basic/main.tf b/build/kcc/samples/dns_managed_zone_basic/main.tf new file mode 100644 index 000000000000..c87e31b30a9f --- /dev/null +++ b/build/kcc/samples/dns_managed_zone_basic/main.tf @@ -0,0 +1,12 @@ +resource "google_dns_managed_zone" "example-zone" { + name = "example-zone" + dns_name = "example-${random_id.rnd.hex}.com." + description = "Example DNS zone" + labels = { + foo = "bar" + } +} + +resource "random_id" "rnd" { + byte_length = 4 +} diff --git a/build/kcc/samples/dns_managed_zone_private/main.tf b/build/kcc/samples/dns_managed_zone_private/main.tf new file mode 100644 index 000000000000..2c1309a8b441 --- /dev/null +++ b/build/kcc/samples/dns_managed_zone_private/main.tf @@ -0,0 +1,29 @@ +resource "google_dns_managed_zone" "private-zone" { + name = "private-zone-${local.name_suffix}" + dns_name = "private.example.com." + description = "Example private DNS zone" + labels = { + foo = "bar" + } + + visibility = "private" + + private_visibility_config { + networks { + network_url = "${google_compute_network.network-1.self_link}" + } + networks { + network_url = "${google_compute_network.network-2.self_link}" + } + } +} + +resource "google_compute_network" "network-1" { + name = "network-1-${local.name_suffix}" + auto_create_subnetworks = false +} + +resource "google_compute_network" "network-2" { + name = "network-2-${local.name_suffix}" + auto_create_subnetworks = false +} diff --git a/build/kcc/samples/filestore_instance_basic/main.tf b/build/kcc/samples/filestore_instance_basic/main.tf new file mode 100644 index 000000000000..49f182cd75f0 --- /dev/null +++ b/build/kcc/samples/filestore_instance_basic/main.tf @@ -0,0 +1,15 @@ +resource "google_filestore_instance" "instance" { + name = "test-instance-${local.name_suffix}" + zone = "us-central1-b" + tier = "PREMIUM" + + file_shares { + capacity_gb = 2660 + name = "share1" + } + + networks { + network = "default" + modes = ["MODE_IPV4"] + } +} diff --git a/build/kcc/samples/firewall_basic/main.tf b/build/kcc/samples/firewall_basic/main.tf new file mode 100644 index 000000000000..768eea609b84 --- /dev/null +++ b/build/kcc/samples/firewall_basic/main.tf @@ -0,0 +1,19 @@ +resource "google_compute_firewall" "default" { + name = "test-firewall-${local.name_suffix}" + network = "${google_compute_network.default.name}" + + allow { + protocol = "icmp" + } + + allow { + protocol = "tcp" + ports = ["80", "8080", "1000-2000"] + } + + source_tags = ["web"] +} + +resource "google_compute_network" "default" { + name = "test-network-${local.name_suffix}" +} diff --git a/build/kcc/samples/forwarding_rule_basic/main.tf b/build/kcc/samples/forwarding_rule_basic/main.tf new file mode 100644 index 000000000000..59d44e96f523 --- /dev/null +++ b/build/kcc/samples/forwarding_rule_basic/main.tf @@ -0,0 +1,9 @@ +resource "google_compute_forwarding_rule" "default" { + name = "website-forwarding-rule-${local.name_suffix}" + target = "${google_compute_target_pool.default.self_link}" + port_range = "80" +} + +resource "google_compute_target_pool" "default" { + name = "website-target-pool-${local.name_suffix}" +} diff --git a/build/kcc/samples/forwarding_rule_internallb/main.tf b/build/kcc/samples/forwarding_rule_internallb/main.tf new file mode 100644 index 000000000000..de4f69ca2fb0 --- /dev/null +++ b/build/kcc/samples/forwarding_rule_internallb/main.tf @@ -0,0 +1,39 @@ +// Forwarding rule for Internal Load Balancing +resource "google_compute_forwarding_rule" "default" { + name = "website-forwarding-rule-${local.name_suffix}" + region = "us-central1" + + load_balancing_scheme = "INTERNAL" + backend_service = "${google_compute_region_backend_service.backend.self_link}" + all_ports = true + network = "${google_compute_network.default.name}" + subnetwork = "${google_compute_subnetwork.default.name}" +} + +resource "google_compute_region_backend_service" "backend" { + name = "website-backend-${local.name_suffix}" + region = "us-central1" + health_checks = ["${google_compute_health_check.hc.self_link}"] +} + +resource "google_compute_health_check" "hc" { + name = "check-website-backend-${local.name_suffix}" + check_interval_sec = 1 + timeout_sec = 1 + + tcp_health_check { + port = "80" + } +} + +resource "google_compute_network" "default" { + name = "website-net-${local.name_suffix}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "default" { + name = "website-net-${local.name_suffix}" + ip_cidr_range = "10.0.0.0/16" + region = "us-central1" + network = "${google_compute_network.default.self_link}" +} diff --git a/build/kcc/samples/global_address_basic/main.tf b/build/kcc/samples/global_address_basic/main.tf new file mode 100644 index 000000000000..f2383276f80c --- /dev/null +++ b/build/kcc/samples/global_address_basic/main.tf @@ -0,0 +1,3 @@ +resource "google_compute_global_address" "default" { + name = "global-appserver-ip-${local.name_suffix}" +} diff --git a/build/kcc/samples/global_forwarding_rule_http/main.tf b/build/kcc/samples/global_forwarding_rule_http/main.tf new file mode 100644 index 000000000000..b82175976029 --- /dev/null +++ b/build/kcc/samples/global_forwarding_rule_http/main.tf @@ -0,0 +1,48 @@ +resource "google_compute_global_forwarding_rule" "default" { + name = "global-rule-${local.name_suffix}" + target = "${google_compute_target_http_proxy.default.self_link}" + port_range = "80" +} + +resource "google_compute_target_http_proxy" "default" { + name = "target-proxy-${local.name_suffix}" + description = "a description" + url_map = "${google_compute_url_map.default.self_link}" +} + +resource "google_compute_url_map" "default" { + name = "url-map-target-proxy-${local.name_suffix}" + description = "a description" + default_service = "${google_compute_backend_service.default.self_link}" + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = "${google_compute_backend_service.default.self_link}" + + path_rule { + paths = ["/*"] + service = "${google_compute_backend_service.default.self_link}" + } + } +} + +resource "google_compute_backend_service" "default" { + name = "backend-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "check-backend-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/build/kcc/samples/health_check_basic/main.tf b/build/kcc/samples/health_check_basic/main.tf new file mode 100644 index 000000000000..3831e852ab76 --- /dev/null +++ b/build/kcc/samples/health_check_basic/main.tf @@ -0,0 +1,10 @@ +resource "google_compute_health_check" "internal-health-check" { + name = "internal-service-health-check-${local.name_suffix}" + + timeout_sec = 1 + check_interval_sec = 1 + + tcp_health_check { + port = "80" + } +} diff --git a/build/kcc/samples/http_health_check_basic/main.tf b/build/kcc/samples/http_health_check_basic/main.tf new file mode 100644 index 000000000000..88ba9e937600 --- /dev/null +++ b/build/kcc/samples/http_health_check_basic/main.tf @@ -0,0 +1,7 @@ +resource "google_compute_http_health_check" "default" { + name = "authentication-health-check-${local.name_suffix}" + request_path = "/health_check" + + timeout_sec = 1 + check_interval_sec = 1 +} diff --git a/build/kcc/samples/https_health_check_basic/main.tf b/build/kcc/samples/https_health_check_basic/main.tf new file mode 100644 index 000000000000..849488d68b35 --- /dev/null +++ b/build/kcc/samples/https_health_check_basic/main.tf @@ -0,0 +1,7 @@ +resource "google_compute_https_health_check" "default" { + name = "authentication-health-check-${local.name_suffix}" + request_path = "/health_check" + + timeout_sec = 1 + check_interval_sec = 1 +} diff --git a/build/kcc/samples/image_basic/main.tf b/build/kcc/samples/image_basic/main.tf new file mode 100644 index 000000000000..6c13e5004d37 --- /dev/null +++ b/build/kcc/samples/image_basic/main.tf @@ -0,0 +1,7 @@ +resource "google_compute_image" "example" { + name = "example-image-${local.name_suffix}" + + raw_disk { + source = "https://storage.googleapis.com/bosh-cpi-artifacts/bosh-stemcell-3262.4-google-kvm-ubuntu-trusty-go_agent-raw.tar.gz" + } +} diff --git a/build/kcc/samples/instance_with_ip/main.tf b/build/kcc/samples/instance_with_ip/main.tf new file mode 100644 index 000000000000..268bb98a3729 --- /dev/null +++ b/build/kcc/samples/instance_with_ip/main.tf @@ -0,0 +1,27 @@ +resource "google_compute_address" "static" { + name = "ipv4-address-${local.name_suffix}" +} + +data "google_compute_image" "debian_image" { + family = "debian-9" + project = "debian-cloud" +} + +resource "google_compute_instance" "instance_with_ip" { + name = "vm-instance-${local.name_suffix}" + machine_type = "f1-micro" + zone = "us-central1-a" + + boot_disk { + initialize_params{ + image = "${data.google_compute_image.debian_image.self_link}" + } + } + + network_interface { + network = "default" + access_config { + nat_ip = "${google_compute_address.static.address}" + } + } +} diff --git a/build/kcc/samples/logging_metric_basic/main.tf b/build/kcc/samples/logging_metric_basic/main.tf new file mode 100644 index 000000000000..55f28a30257c --- /dev/null +++ b/build/kcc/samples/logging_metric_basic/main.tf @@ -0,0 +1,22 @@ +resource "google_logging_metric" "logging_metric" { + name = "my-(custom)/metric-${local.name_suffix}" + filter = "resource.type=gae_app AND severity>=ERROR" + metric_descriptor { + metric_kind = "DELTA" + value_type = "DISTRIBUTION" + labels { + key = "mass" + value_type = "STRING" + description = "amount of matter" + } + } + value_extractor = "EXTRACT(jsonPayload.request)" + label_extractors = { "mass": "EXTRACT(jsonPayload.request)" } + bucket_options { + linear_buckets { + num_finite_buckets = 3 + width = 1 + offset = 1 + } + } +} diff --git a/build/kcc/samples/logging_metric_counter_basic/main.tf b/build/kcc/samples/logging_metric_counter_basic/main.tf new file mode 100644 index 000000000000..874668965b26 --- /dev/null +++ b/build/kcc/samples/logging_metric_counter_basic/main.tf @@ -0,0 +1,8 @@ +resource "google_logging_metric" "logging_metric" { + name = "my-(custom)/metric-${local.name_suffix}" + filter = "resource.type=gae_app AND severity>=ERROR" + metric_descriptor { + metric_kind = "DELTA" + value_type = "INT64" + } +} diff --git a/build/kcc/samples/logging_metric_counter_labels/main.tf b/build/kcc/samples/logging_metric_counter_labels/main.tf new file mode 100644 index 000000000000..7e0e64d4b9a1 --- /dev/null +++ b/build/kcc/samples/logging_metric_counter_labels/main.tf @@ -0,0 +1,14 @@ +resource "google_logging_metric" "logging_metric" { + name = "my-(custom)/metric-${local.name_suffix}" + filter = "resource.type=gae_app AND severity>=ERROR" + metric_descriptor { + metric_kind = "DELTA" + value_type = "INT64" + labels { + key = "mass" + value_type = "STRING" + description = "amount of matter" + } + } + label_extractors = { "mass": "EXTRACT(jsonPayload.request)" } +} diff --git a/build/kcc/samples/ml_model_basic/main.tf b/build/kcc/samples/ml_model_basic/main.tf new file mode 100644 index 000000000000..ce3f82858246 --- /dev/null +++ b/build/kcc/samples/ml_model_basic/main.tf @@ -0,0 +1,5 @@ +resource "google_ml_engine_model" "default" { + name = "default-${local.name_suffix}" + description = "My model" + regions = ["us-central1"] +} diff --git a/build/kcc/samples/ml_model_full/main.tf b/build/kcc/samples/ml_model_full/main.tf new file mode 100644 index 000000000000..ff33bc47992a --- /dev/null +++ b/build/kcc/samples/ml_model_full/main.tf @@ -0,0 +1,10 @@ +resource "google_ml_engine_model" "default" { + name = "default-${local.name_suffix}" + description = "My model" + regions = ["us-central1"] + labels = { + my_model = "foo" + } + online_prediction_logging = true + online_prediction_console_logging = true +} diff --git a/build/kcc/samples/monitoring_group_basic/main.tf b/build/kcc/samples/monitoring_group_basic/main.tf new file mode 100644 index 000000000000..e12b7c5cfd35 --- /dev/null +++ b/build/kcc/samples/monitoring_group_basic/main.tf @@ -0,0 +1,5 @@ +resource "google_monitoring_group" "basic" { + display_name = "New Test Group-${local.name_suffix}" + + filter = "resource.metadata.region=\"europe-west2\"" +} diff --git a/build/kcc/samples/monitoring_group_subgroup/main.tf b/build/kcc/samples/monitoring_group_subgroup/main.tf new file mode 100644 index 000000000000..e043ef03dea9 --- /dev/null +++ b/build/kcc/samples/monitoring_group_subgroup/main.tf @@ -0,0 +1,10 @@ +resource "google_monitoring_group" "parent" { + display_name = "New Test SubGroup-${local.name_suffix}" + filter = "resource.metadata.region=\"europe-west2\"" +} + +resource "google_monitoring_group" "subgroup" { + display_name = "New Test SubGroup-${local.name_suffix}" + filter = "resource.metadata.region=\"europe-west2\"" + parent_name = "${google_monitoring_group.parent.name}" +} diff --git a/build/kcc/samples/network_basic/main.tf b/build/kcc/samples/network_basic/main.tf new file mode 100644 index 000000000000..266ad28f49a2 --- /dev/null +++ b/build/kcc/samples/network_basic/main.tf @@ -0,0 +1,3 @@ +resource "google_compute_network" "vpc_network" { + name = "vpc-network-${local.name_suffix}" +} diff --git a/build/kcc/samples/network_endpoint_group/main.tf b/build/kcc/samples/network_endpoint_group/main.tf new file mode 100644 index 000000000000..605521bbfbb2 --- /dev/null +++ b/build/kcc/samples/network_endpoint_group/main.tf @@ -0,0 +1,19 @@ +resource "google_compute_network_endpoint_group" "neg" { + name = "my-lb-neg-${local.name_suffix}" + network = "${google_compute_network.default.self_link}" + subnetwork = "${google_compute_subnetwork.default.self_link}" + default_port = "90" + zone = "us-central1-a" +} + +resource "google_compute_network" "default" { + name = "neg-network-${local.name_suffix}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "default" { + name = "neg-subnetwork-${local.name_suffix}" + ip_cidr_range = "10.0.0.0/16" + region = "us-central1" + network = "${google_compute_network.default.self_link}" +} diff --git a/build/kcc/samples/node_group_basic/main.tf b/build/kcc/samples/node_group_basic/main.tf new file mode 100644 index 000000000000..e3f5ce1aba5b --- /dev/null +++ b/build/kcc/samples/node_group_basic/main.tf @@ -0,0 +1,18 @@ +data "google_compute_node_types" "central1a" { + zone = "us-central1-a" +} + +resource "google_compute_node_template" "soletenant-tmpl" { + name = "soletenant-tmpl-${local.name_suffix}" + region = "us-central1" + node_type = "${data.google_compute_node_types.central1a.names[0]}" +} + +resource "google_compute_node_group" "nodes" { + name = "soletenant-group-${local.name_suffix}" + zone = "us-central1-a" + description = "example google_compute_node_group for Terraform Google Provider" + + size = 1 + node_template = "${google_compute_node_template.soletenant-tmpl.self_link}" +} diff --git a/build/kcc/samples/node_template_basic/main.tf b/build/kcc/samples/node_template_basic/main.tf new file mode 100644 index 000000000000..12cb122188f4 --- /dev/null +++ b/build/kcc/samples/node_template_basic/main.tf @@ -0,0 +1,9 @@ +data "google_compute_node_types" "central1a" { + zone = "us-central1-a" +} + +resource "google_compute_node_template" "template" { + name = "soletenant-tmpl-${local.name_suffix}" + region = "us-central1" + node_type = "${data.google_compute_node_types.central1a.names[0]}" +} diff --git a/build/kcc/samples/notification_channel_basic/main.tf b/build/kcc/samples/notification_channel_basic/main.tf new file mode 100644 index 000000000000..39333ed36ca5 --- /dev/null +++ b/build/kcc/samples/notification_channel_basic/main.tf @@ -0,0 +1,7 @@ +resource "google_monitoring_notification_channel" "basic" { + display_name = "Test Notification Channel-${local.name_suffix}" + type = "email" + labels = { + email_address = "fake_email@blahblah.com" + } +} diff --git a/build/kcc/samples/pubsub_subscription_pull/main.tf b/build/kcc/samples/pubsub_subscription_pull/main.tf new file mode 100644 index 000000000000..af838f4cc92e --- /dev/null +++ b/build/kcc/samples/pubsub_subscription_pull/main.tf @@ -0,0 +1,22 @@ +resource "google_pubsub_topic" "example" { + name = "example-topic-${local.name_suffix}" +} + +resource "google_pubsub_subscription" "example" { + name = "example-subscription-${local.name_suffix}" + topic = "${google_pubsub_topic.example.name}" + + labels = { + foo = "bar" + } + + # 20 minutes + message_retention_duration = "1200s" + retain_acked_messages = true + + ack_deadline_seconds = 20 + + expiration_policy { + ttl = "300000.5s" + } +} diff --git a/build/kcc/samples/pubsub_topic_basic/main.tf b/build/kcc/samples/pubsub_topic_basic/main.tf new file mode 100644 index 000000000000..33c9d664b20e --- /dev/null +++ b/build/kcc/samples/pubsub_topic_basic/main.tf @@ -0,0 +1,7 @@ +resource "google_pubsub_topic" "example" { + name = "example-topic-${local.name_suffix}" + + labels = { + foo = "bar" + } +} diff --git a/build/kcc/samples/pubsub_topic_geo_restricted/main.tf b/build/kcc/samples/pubsub_topic_geo_restricted/main.tf new file mode 100644 index 000000000000..c6a6f8d1556a --- /dev/null +++ b/build/kcc/samples/pubsub_topic_geo_restricted/main.tf @@ -0,0 +1,10 @@ +resource "google_pubsub_topic" "example" { + name = "example-topic-${local.name_suffix}" + + message_storage_policy { + allowed_persistence_regions = [ + "europe-west3", + ] + } + +} diff --git a/build/kcc/samples/redis_instance_basic/main.tf b/build/kcc/samples/redis_instance_basic/main.tf new file mode 100644 index 000000000000..b85e969f5965 --- /dev/null +++ b/build/kcc/samples/redis_instance_basic/main.tf @@ -0,0 +1,4 @@ +resource "google_redis_instance" "cache" { + name = "memory-cache-${local.name_suffix}" + memory_size_gb = 1 +} diff --git a/build/kcc/samples/redis_instance_full/main.tf b/build/kcc/samples/redis_instance_full/main.tf new file mode 100644 index 000000000000..6785370a316c --- /dev/null +++ b/build/kcc/samples/redis_instance_full/main.tf @@ -0,0 +1,23 @@ +resource "google_redis_instance" "cache" { + name = "ha-memory-cache-${local.name_suffix}" + tier = "STANDARD_HA" + memory_size_gb = 1 + + location_id = "us-central1-a" + alternative_location_id = "us-central1-f" + + authorized_network = "${google_compute_network.auto-network.self_link}" + + redis_version = "REDIS_3_2" + display_name = "Terraform Test Instance" + reserved_ip_range = "192.168.0.0/29" + + labels = { + my_key = "my_val" + other_key = "other_val" + } +} + +resource "google_compute_network" "auto-network" { + name = "authorized-network-${local.name_suffix}" +} diff --git a/build/kcc/samples/region_autoscaler_basic/main.tf b/build/kcc/samples/region_autoscaler_basic/main.tf new file mode 100644 index 000000000000..3aef6f5568d1 --- /dev/null +++ b/build/kcc/samples/region_autoscaler_basic/main.tf @@ -0,0 +1,58 @@ +resource "google_compute_region_autoscaler" "foobar" { + name = "my-region-autoscaler-${local.name_suffix}" + region = "us-central1" + target = "${google_compute_region_instance_group_manager.foobar.self_link}" + + autoscaling_policy { + max_replicas = 5 + min_replicas = 1 + cooldown_period = 60 + + cpu_utilization { + target = 0.5 + } + } +} + +resource "google_compute_instance_template" "foobar" { + name = "my-instance-template-${local.name_suffix}" + machine_type = "n1-standard-1" + can_ip_forward = false + + tags = ["foo", "bar"] + + disk { + source_image = "${data.google_compute_image.debian_9.self_link}" + } + + network_interface { + network = "default" + } + + metadata = { + foo = "bar" + } + + service_account { + scopes = ["userinfo-email", "compute-ro", "storage-ro"] + } +} + +resource "google_compute_target_pool" "foobar" { + name = "my-target-pool-${local.name_suffix}" +} + +resource "google_compute_region_instance_group_manager" "foobar" { + name = "my-region-igm-${local.name_suffix}" + region = "us-central1" + + instance_template = "${google_compute_instance_template.foobar.self_link}" + + target_pools = ["${google_compute_target_pool.foobar.self_link}"] + base_instance_name = "foobar" +} + +data "google_compute_image" "debian_9" { + family = "debian-9" + project = "debian-cloud" +} diff --git a/build/kcc/samples/region_backend_service_basic/main.tf b/build/kcc/samples/region_backend_service_basic/main.tf new file mode 100644 index 000000000000..235376cb8228 --- /dev/null +++ b/build/kcc/samples/region_backend_service_basic/main.tf @@ -0,0 +1,17 @@ +resource "google_compute_region_backend_service" "default" { + name = "region-backend-service-${local.name_suffix}" + region = "us-central1" + health_checks = ["${google_compute_health_check.default.self_link}"] + connection_draining_timeout_sec = 10 + session_affinity = "CLIENT_IP" +} + +resource "google_compute_health_check" "default" { + name = "health-check-${local.name_suffix}" + check_interval_sec = 1 + timeout_sec = 1 + + tcp_health_check { + port = "80" + } +} diff --git a/build/kcc/samples/region_disk_basic/main.tf b/build/kcc/samples/region_disk_basic/main.tf new file mode 100644 index 000000000000..e5378e542f25 --- /dev/null +++ b/build/kcc/samples/region_disk_basic/main.tf @@ -0,0 +1,23 @@ +resource "google_compute_region_disk" "regiondisk" { + name = "my-region-disk-${local.name_suffix}" + snapshot = "${google_compute_snapshot.snapdisk.self_link}" + type = "pd-ssd" + region = "us-central1" + physical_block_size_bytes = 4096 + + replica_zones = ["us-central1-a", "us-central1-f"] +} + +resource "google_compute_disk" "disk" { + name = "my-disk-${local.name_suffix}" + image = "debian-cloud/debian-9" + size = 50 + type = "pd-ssd" + zone = "us-central1-a" +} + +resource "google_compute_snapshot" "snapdisk" { + name = "my-snapshot-${local.name_suffix}" + source_disk = "${google_compute_disk.disk.name}" + zone = "us-central1-a" +} diff --git a/build/kcc/samples/route_basic/main.tf b/build/kcc/samples/route_basic/main.tf new file mode 100644 index 000000000000..89f4de7de95d --- /dev/null +++ b/build/kcc/samples/route_basic/main.tf @@ -0,0 +1,11 @@ +resource "google_compute_route" "default" { + name = "network-route-${local.name_suffix}" + dest_range = "15.0.0.0/24" + network = "${google_compute_network.default.name}" + next_hop_ip = "10.132.1.5" + priority = 100 +} + +resource "google_compute_network" "default" { + name = "compute-network-${local.name_suffix}" +} diff --git a/build/kcc/samples/router_basic/main.tf b/build/kcc/samples/router_basic/main.tf new file mode 100644 index 000000000000..a9ec2d391386 --- /dev/null +++ b/build/kcc/samples/router_basic/main.tf @@ -0,0 +1,20 @@ +resource "google_compute_router" "foobar" { + name = "my-router-${local.name_suffix}" + network = "${google_compute_network.foobar.name}" + bgp { + asn = 64514 + advertise_mode = "CUSTOM" + advertised_groups = ["ALL_SUBNETS"] + advertised_ip_ranges { + range = "1.2.3.4" + } + advertised_ip_ranges { + range = "6.7.0.0/16" + } + } +} + +resource "google_compute_network" "foobar" { + name = "my-network-${local.name_suffix}" + auto_create_subnetworks = false +} diff --git a/build/kcc/samples/scheduler_job_app_engine/main.tf b/build/kcc/samples/scheduler_job_app_engine/main.tf new file mode 100644 index 000000000000..e6ba4f86bb5a --- /dev/null +++ b/build/kcc/samples/scheduler_job_app_engine/main.tf @@ -0,0 +1,18 @@ +resource "google_cloud_scheduler_job" "job" { + name = "test-job-${local.name_suffix}" + schedule = "*/4 * * * *" + description = "test app engine job" + time_zone = "Europe/London" + + app_engine_http_target { + http_method = "POST" + + app_engine_routing { + service = "web" + version = "prod" + instance = "my-instance-001" + } + + relative_uri = "/ping" + } +} diff --git a/build/kcc/samples/scheduler_job_http/main.tf b/build/kcc/samples/scheduler_job_http/main.tf new file mode 100644 index 000000000000..8f2c7a45d6e4 --- /dev/null +++ b/build/kcc/samples/scheduler_job_http/main.tf @@ -0,0 +1,11 @@ +resource "google_cloud_scheduler_job" "job" { + name = "test-job-${local.name_suffix}" + description = "test http job" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + + http_target { + http_method = "POST" + uri = "https://example.com/ping" + } +} diff --git a/build/kcc/samples/scheduler_job_oidc/main.tf b/build/kcc/samples/scheduler_job_oidc/main.tf new file mode 100644 index 000000000000..a198e60c4fb4 --- /dev/null +++ b/build/kcc/samples/scheduler_job_oidc/main.tf @@ -0,0 +1,17 @@ +data "google_compute_default_service_account" "default" { } + +resource "google_cloud_scheduler_job" "job" { + name = "test-job-${local.name_suffix}" + description = "test http job" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + + http_target { + http_method = "GET" + uri = "https://example.com/ping" + + oidc_token { + service_account_email = "${data.google_compute_default_service_account.default.email}" + } + } +} diff --git a/build/kcc/samples/scheduler_job_pubsub/main.tf b/build/kcc/samples/scheduler_job_pubsub/main.tf new file mode 100644 index 000000000000..97318c903bbb --- /dev/null +++ b/build/kcc/samples/scheduler_job_pubsub/main.tf @@ -0,0 +1,14 @@ +resource "google_pubsub_topic" "topic" { + name = "job-topic-${local.name_suffix}" +} + +resource "google_cloud_scheduler_job" "job" { + name = "test-job-${local.name_suffix}" + description = "test job" + schedule = "*/2 * * * *" + + pubsub_target { + topic_name = "${google_pubsub_topic.topic.id}" + data = "${base64encode("test")}" + } +} diff --git a/build/kcc/samples/snapshot_basic/main.tf b/build/kcc/samples/snapshot_basic/main.tf new file mode 100644 index 000000000000..b06cd6735a3a --- /dev/null +++ b/build/kcc/samples/snapshot_basic/main.tf @@ -0,0 +1,21 @@ +resource "google_compute_snapshot" "snapshot" { + name = "my-snapshot-${local.name_suffix}" + source_disk = "${google_compute_disk.persistent.name}" + zone = "us-central1-a" + labels = { + my_label = "value" + } +} + +data "google_compute_image" "debian" { + family = "debian-9" + project = "debian-cloud" +} + +resource "google_compute_disk" "persistent" { + name = "debian-disk-${local.name_suffix}" + image = "${data.google_compute_image.debian.self_link}" + size = 10 + type = "pd-ssd" + zone = "us-central1-a" +} diff --git a/build/kcc/samples/sourcerepo_repository_basic/main.tf b/build/kcc/samples/sourcerepo_repository_basic/main.tf new file mode 100644 index 000000000000..4ef5847dbc90 --- /dev/null +++ b/build/kcc/samples/sourcerepo_repository_basic/main.tf @@ -0,0 +1,3 @@ +resource "google_sourcerepo_repository" "my-repo" { + name = "my-repository-${local.name_suffix}" +} diff --git a/build/kcc/samples/spanner_database_basic/main.tf b/build/kcc/samples/spanner_database_basic/main.tf new file mode 100644 index 000000000000..285c8402db7c --- /dev/null +++ b/build/kcc/samples/spanner_database_basic/main.tf @@ -0,0 +1,13 @@ +resource "google_spanner_instance" "main" { + config = "regional-europe-west1" + display_name = "main-instance" +} + +resource "google_spanner_database" "database" { + instance = "${google_spanner_instance.main.name}" + name = "my-database-${local.name_suffix}" + ddl = [ + "CREATE TABLE t1 (t1 INT64 NOT NULL,) PRIMARY KEY(t1)", + "CREATE TABLE t2 (t2 INT64 NOT NULL,) PRIMARY KEY(t2)" + ] +} diff --git a/build/kcc/samples/spanner_instance_basic/main.tf b/build/kcc/samples/spanner_instance_basic/main.tf new file mode 100644 index 000000000000..de2d41635c2c --- /dev/null +++ b/build/kcc/samples/spanner_instance_basic/main.tf @@ -0,0 +1,8 @@ +resource "google_spanner_instance" "example" { + config = "regional-us-central1" + display_name = "Test Spanner Instance" + num_nodes = 2 + labels = { + "foo" = "bar" + } +} diff --git a/build/kcc/samples/sql_database_basic/main.tf b/build/kcc/samples/sql_database_basic/main.tf new file mode 100644 index 000000000000..61edff43e031 --- /dev/null +++ b/build/kcc/samples/sql_database_basic/main.tf @@ -0,0 +1,12 @@ +resource "google_sql_database" "database" { + name = "my-database-${local.name_suffix}" + instance = "${google_sql_database_instance.instance.name}" +} + +resource "google_sql_database_instance" "instance" { + name = "my-database-instance-${local.name_suffix}" + region = "us-central" + settings { + tier = "D0" + } +} diff --git a/build/kcc/samples/ssl_certificate_basic/main.tf b/build/kcc/samples/ssl_certificate_basic/main.tf new file mode 100644 index 000000000000..23c8e0998546 --- /dev/null +++ b/build/kcc/samples/ssl_certificate_basic/main.tf @@ -0,0 +1,10 @@ +resource "google_compute_ssl_certificate" "default" { + name_prefix = "my-certificate-" + description = "a description" + private_key = "${file("../static/ssl_cert/test.key")}" + certificate = "${file("../static/ssl_cert/test.crt")}" + + lifecycle { + create_before_destroy = true + } +} diff --git a/build/kcc/samples/ssl_certificate_random_provider/main.tf b/build/kcc/samples/ssl_certificate_random_provider/main.tf new file mode 100644 index 000000000000..1390c95aa7f4 --- /dev/null +++ b/build/kcc/samples/ssl_certificate_random_provider/main.tf @@ -0,0 +1,23 @@ +# You may also want to control name generation explicitly: +resource "google_compute_ssl_certificate" "default" { + # The name will contain 8 random hex digits, + # e.g. "my-certificate-48ab27cd2a" + name = "${random_id.certificate.hex}" + private_key = "${file("../static/ssl_cert/test.key")}" + certificate = "${file("../static/ssl_cert/test.crt")}" + + lifecycle { + create_before_destroy = true + } +} + +resource "random_id" "certificate" { + byte_length = 4 + prefix = "my-certificate-" + + # For security, do not expose raw certificate values in the output + keepers = { + private_key = "${base64sha256(file("../static/ssl_cert/test.key"))}" + certificate = "${base64sha256(file("../static/ssl_cert/test.crt"))}" + } +} diff --git a/build/kcc/samples/ssl_certificate_target_https_proxies/main.tf b/build/kcc/samples/ssl_certificate_target_https_proxies/main.tf new file mode 100644 index 000000000000..b909554ae28b --- /dev/null +++ b/build/kcc/samples/ssl_certificate_target_https_proxies/main.tf @@ -0,0 +1,63 @@ +// Using with Target HTTPS Proxies +// +// SSL certificates cannot be updated after creation. In order to apply +// the specified configuration, Terraform will destroy the existing +// resource and create a replacement. To effectively use an SSL +// certificate resource with a Target HTTPS Proxy resource, it's +// recommended to specify create_before_destroy in a lifecycle block. +// Either omit the Instance Template name attribute, specify a partial +// name with name_prefix, or use random_id resource. Example: + +resource "google_compute_ssl_certificate" "default" { + name_prefix = "my-certificate-" + private_key = "${file("../static/ssl_cert/test.key")}" + certificate = "${file("../static/ssl_cert/test.crt")}" + + lifecycle { + create_before_destroy = true + } +} + +resource "google_compute_target_https_proxy" "default" { + name = "test-proxy-${local.name_suffix}" + url_map = "${google_compute_url_map.default.self_link}" + ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"] +} + +resource "google_compute_url_map" "default" { + name = "url-map-${local.name_suffix}" + description = "a description" + + default_service = "${google_compute_backend_service.default.self_link}" + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = "${google_compute_backend_service.default.self_link}" + + path_rule { + paths = ["/*"] + service = "${google_compute_backend_service.default.self_link}" + } + } +} + +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "http-health-check-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/build/kcc/samples/ssl_policy_basic/main.tf b/build/kcc/samples/ssl_policy_basic/main.tf new file mode 100644 index 000000000000..0f4e2b3260bc --- /dev/null +++ b/build/kcc/samples/ssl_policy_basic/main.tf @@ -0,0 +1,17 @@ +resource "google_compute_ssl_policy" "prod-ssl-policy" { + name = "production-ssl-policy-${local.name_suffix}" + profile = "MODERN" +} + +resource "google_compute_ssl_policy" "nonprod-ssl-policy" { + name = "nonprod-ssl-policy-${local.name_suffix}" + profile = "MODERN" + min_tls_version = "TLS_1_2" +} + +resource "google_compute_ssl_policy" "custom-ssl-policy" { + name = "custom-ssl-policy-${local.name_suffix}" + min_tls_version = "TLS_1_2" + profile = "CUSTOM" + custom_features = ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"] +} diff --git a/build/kcc/samples/storage_default_object_access_control_public/main.tf b/build/kcc/samples/storage_default_object_access_control_public/main.tf new file mode 100644 index 000000000000..64265300fa98 --- /dev/null +++ b/build/kcc/samples/storage_default_object_access_control_public/main.tf @@ -0,0 +1,9 @@ +resource "google_storage_default_object_access_control" "public_rule" { + bucket = "${google_storage_bucket.bucket.name}" + role = "READER" + entity = "allUsers" +} + +resource "google_storage_bucket" "bucket" { + name = "static-content-bucket-${local.name_suffix}" +} diff --git a/build/kcc/samples/storage_object_access_control_public_object/main.tf b/build/kcc/samples/storage_object_access_control_public_object/main.tf new file mode 100644 index 000000000000..f54876b4d9f5 --- /dev/null +++ b/build/kcc/samples/storage_object_access_control_public_object/main.tf @@ -0,0 +1,16 @@ +resource "google_storage_object_access_control" "public_rule" { + object = "${google_storage_bucket_object.object.output_name}" + bucket = "${google_storage_bucket.bucket.name}" + role = "READER" + entity = "allUsers" +} + +resource "google_storage_bucket" "bucket" { + name = "static-content-bucket-${local.name_suffix}" +} + + resource "google_storage_bucket_object" "object" { + name = "public-object-${local.name_suffix}" + bucket = "${google_storage_bucket.bucket.name}" + source = "../static/header-logo.png" +} diff --git a/build/kcc/samples/subnetwork_basic/main.tf b/build/kcc/samples/subnetwork_basic/main.tf new file mode 100644 index 000000000000..0cd84e18e160 --- /dev/null +++ b/build/kcc/samples/subnetwork_basic/main.tf @@ -0,0 +1,15 @@ +resource "google_compute_subnetwork" "network-with-private-secondary-ip-ranges" { + name = "test-subnetwork-${local.name_suffix}" + ip_cidr_range = "10.2.0.0/16" + region = "us-central1" + network = "${google_compute_network.custom-test.self_link}" + secondary_ip_range { + range_name = "tf-test-secondary-range-update1" + ip_cidr_range = "192.168.10.0/24" + } +} + +resource "google_compute_network" "custom-test" { + name = "test-network-${local.name_suffix}" + auto_create_subnetworks = false +} diff --git a/build/kcc/samples/target_http_proxy_basic/main.tf b/build/kcc/samples/target_http_proxy_basic/main.tf new file mode 100644 index 000000000000..c23ffe2d3554 --- /dev/null +++ b/build/kcc/samples/target_http_proxy_basic/main.tf @@ -0,0 +1,40 @@ +resource "google_compute_target_http_proxy" "default" { + name = "test-proxy-${local.name_suffix}" + url_map = "${google_compute_url_map.default.self_link}" +} + +resource "google_compute_url_map" "default" { + name = "url-map-${local.name_suffix}" + default_service = "${google_compute_backend_service.default.self_link}" + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = "${google_compute_backend_service.default.self_link}" + + path_rule { + paths = ["/*"] + service = "${google_compute_backend_service.default.self_link}" + } + } +} + +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "http-health-check-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/build/kcc/samples/target_https_proxy_basic/main.tf b/build/kcc/samples/target_https_proxy_basic/main.tf new file mode 100644 index 000000000000..728744d0bcd6 --- /dev/null +++ b/build/kcc/samples/target_https_proxy_basic/main.tf @@ -0,0 +1,49 @@ +resource "google_compute_target_https_proxy" "default" { + name = "test-proxy-${local.name_suffix}" + url_map = "${google_compute_url_map.default.self_link}" + ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"] +} + +resource "google_compute_ssl_certificate" "default" { + name = "my-certificate-${local.name_suffix}" + private_key = "${file("../static/ssl_cert/test.key")}" + certificate = "${file("../static/ssl_cert/test.crt")}" +} + +resource "google_compute_url_map" "default" { + name = "url-map-${local.name_suffix}" + description = "a description" + + default_service = "${google_compute_backend_service.default.self_link}" + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = "${google_compute_backend_service.default.self_link}" + + path_rule { + paths = ["/*"] + service = "${google_compute_backend_service.default.self_link}" + } + } +} + +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "http-health-check-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/build/kcc/samples/target_instance_basic/main.tf b/build/kcc/samples/target_instance_basic/main.tf new file mode 100644 index 000000000000..31f25025c2d2 --- /dev/null +++ b/build/kcc/samples/target_instance_basic/main.tf @@ -0,0 +1,25 @@ +resource "google_compute_target_instance" "default" { + name = "target-${local.name_suffix}" + instance = "${google_compute_instance.target-vm.self_link}" +} + +data "google_compute_image" "vmimage" { + family = "debian-9" + project = "debian-cloud" +} + +resource "google_compute_instance" "target-vm" { + name = "target-vm-${local.name_suffix}" + machine_type = "n1-standard-1" + zone = "us-central1-a" + + boot_disk { + initialize_params{ + image = "${data.google_compute_image.vmimage.self_link}" + } + } + + network_interface { + network = "default" + } +} diff --git a/build/kcc/samples/target_ssl_proxy_basic/main.tf b/build/kcc/samples/target_ssl_proxy_basic/main.tf new file mode 100644 index 000000000000..d89a4625250d --- /dev/null +++ b/build/kcc/samples/target_ssl_proxy_basic/main.tf @@ -0,0 +1,26 @@ +resource "google_compute_target_ssl_proxy" "default" { + name = "test-proxy-${local.name_suffix}" + backend_service = "${google_compute_backend_service.default.self_link}" + ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"] +} + +resource "google_compute_ssl_certificate" "default" { + name = "default-cert-${local.name_suffix}" + private_key = "${file("../static/ssl_cert/test.key")}" + certificate = "${file("../static/ssl_cert/test.crt")}" +} + +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + protocol = "SSL" + health_checks = ["${google_compute_health_check.default.self_link}"] +} + +resource "google_compute_health_check" "default" { + name = "health-check-${local.name_suffix}" + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "443" + } +} diff --git a/build/kcc/samples/target_tcp_proxy_basic/main.tf b/build/kcc/samples/target_tcp_proxy_basic/main.tf new file mode 100644 index 000000000000..b453684f070a --- /dev/null +++ b/build/kcc/samples/target_tcp_proxy_basic/main.tf @@ -0,0 +1,22 @@ +resource "google_compute_target_tcp_proxy" "default" { + name = "test-proxy-${local.name_suffix}" + backend_service = "${google_compute_backend_service.default.self_link}" +} + +resource "google_compute_backend_service" "default" { + name = "backend-service-${local.name_suffix}" + protocol = "TCP" + timeout_sec = 10 + + health_checks = ["${google_compute_health_check.default.self_link}"] +} + +resource "google_compute_health_check" "default" { + name = "health-check-${local.name_suffix}" + timeout_sec = 1 + check_interval_sec = 1 + + tcp_health_check { + port = "443" + } +} diff --git a/build/kcc/samples/target_vpn_gateway_basic/main.tf b/build/kcc/samples/target_vpn_gateway_basic/main.tf new file mode 100644 index 000000000000..7e3a8e90d711 --- /dev/null +++ b/build/kcc/samples/target_vpn_gateway_basic/main.tf @@ -0,0 +1,58 @@ +resource "google_compute_vpn_gateway" "target_gateway" { + name = "vpn1-${local.name_suffix}" + network = "${google_compute_network.network1.self_link}" +} + +resource "google_compute_network" "network1" { + name = "network1-${local.name_suffix}" +} + +resource "google_compute_address" "vpn_static_ip" { + name = "vpn-static-ip-${local.name_suffix}" +} + +resource "google_compute_forwarding_rule" "fr_esp" { + name = "fr-esp-${local.name_suffix}" + ip_protocol = "ESP" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_forwarding_rule" "fr_udp500" { + name = "fr-udp500-${local.name_suffix}" + ip_protocol = "UDP" + port_range = "500" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_forwarding_rule" "fr_udp4500" { + name = "fr-udp4500-${local.name_suffix}" + ip_protocol = "UDP" + port_range = "4500" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_vpn_tunnel" "tunnel1" { + name = "tunnel1-${local.name_suffix}" + peer_ip = "15.0.0.120" + shared_secret = "a secret message" + + target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway.self_link}" + + depends_on = [ + "google_compute_forwarding_rule.fr_esp", + "google_compute_forwarding_rule.fr_udp500", + "google_compute_forwarding_rule.fr_udp4500", + ] +} + +resource "google_compute_route" "route1" { + name = "route1-${local.name_suffix}" + network = "${google_compute_network.network1.name}" + dest_range = "15.0.0.0/24" + priority = 1000 + + next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.self_link}" +} diff --git a/build/kcc/samples/tpu_node_basic/main.tf b/build/kcc/samples/tpu_node_basic/main.tf new file mode 100644 index 000000000000..31c4c9187e32 --- /dev/null +++ b/build/kcc/samples/tpu_node_basic/main.tf @@ -0,0 +1,10 @@ +data "google_tpu_tensorflow_versions" "available" { } + +resource "google_tpu_node" "tpu" { + name = "test-tpu-${local.name_suffix}" + zone = "us-central1-b" + + accelerator_type = "v3-8" + tensorflow_version = "${data.google_tpu_tensorflow_versions.available.versions[0]}" + cidr_block = "10.2.0.0/29" +} diff --git a/build/kcc/samples/tpu_node_full/main.tf b/build/kcc/samples/tpu_node_full/main.tf new file mode 100644 index 000000000000..6f5f4a00fe25 --- /dev/null +++ b/build/kcc/samples/tpu_node_full/main.tf @@ -0,0 +1,22 @@ +data "google_tpu_tensorflow_versions" "available" { } + +resource "google_tpu_node" "tpu" { + name = "test-tpu-${local.name_suffix}" + zone = "us-central1-b" + + accelerator_type = "v3-8" + + cidr_block = "10.3.0.0/29" + tensorflow_version = "${data.google_tpu_tensorflow_versions.available.versions[0]}" + + description = "Terraform Google Provider test TPU" + network = "default" + + labels = { + foo = "bar" + } + + scheduling_config { + preemptible = true + } +} diff --git a/build/kcc/samples/uptime_check_tcp/main.tf b/build/kcc/samples/uptime_check_tcp/main.tf new file mode 100644 index 000000000000..c6fbb12150c6 --- /dev/null +++ b/build/kcc/samples/uptime_check_tcp/main.tf @@ -0,0 +1,19 @@ +resource "google_monitoring_uptime_check_config" "tcp_group" { + display_name = "tcp-uptime-check-${local.name_suffix}" + timeout = "60s" + + tcp_check { + port = 888 + } + + resource_group { + resource_type = "INSTANCE" + group_id = "${google_monitoring_group.check.name}" + } +} + + +resource "google_monitoring_group" "check" { + display_name = "uptime-check-group-${local.name_suffix}" + filter = "resource.metadata.name=has_substring(\"foo\")" +} diff --git a/build/kcc/samples/url_map_basic/main.tf b/build/kcc/samples/url_map_basic/main.tf new file mode 100644 index 000000000000..7152ef7387c2 --- /dev/null +++ b/build/kcc/samples/url_map_basic/main.tf @@ -0,0 +1,73 @@ +resource "google_compute_url_map" "urlmap" { + name = "urlmap-${local.name_suffix}" + description = "a description" + + default_service = "${google_compute_backend_service.home.self_link}" + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = "${google_compute_backend_service.home.self_link}" + + path_rule { + paths = ["/home"] + service = "${google_compute_backend_service.home.self_link}" + } + + path_rule { + paths = ["/login"] + service = "${google_compute_backend_service.login.self_link}" + } + + path_rule { + paths = ["/static"] + service = "${google_compute_backend_bucket.static.self_link}" + } + } + + test { + service = "${google_compute_backend_service.home.self_link}" + host = "hi.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "login" { + name = "login-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_backend_service" "home" { + name = "home-${local.name_suffix}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = ["${google_compute_http_health_check.default.self_link}"] +} + +resource "google_compute_http_health_check" "default" { + name = "health-check-${local.name_suffix}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} + +resource "google_compute_backend_bucket" "static" { + name = "static-asset-backend-bucket-${local.name_suffix}" + bucket_name = "${google_storage_bucket.static.name}" + enable_cdn = true +} + +resource "google_storage_bucket" "static" { + name = "static-asset-bucket-${local.name_suffix}" + location = "US" +} diff --git a/build/kcc/samples/vpn_tunnel_basic/main.tf b/build/kcc/samples/vpn_tunnel_basic/main.tf new file mode 100644 index 000000000000..fda2d912daf9 --- /dev/null +++ b/build/kcc/samples/vpn_tunnel_basic/main.tf @@ -0,0 +1,58 @@ +resource "google_compute_vpn_tunnel" "tunnel1" { + name = "tunnel1-${local.name_suffix}" + peer_ip = "15.0.0.120" + shared_secret = "a secret message" + + target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway.self_link}" + + depends_on = [ + "google_compute_forwarding_rule.fr_esp", + "google_compute_forwarding_rule.fr_udp500", + "google_compute_forwarding_rule.fr_udp4500", + ] +} + +resource "google_compute_vpn_gateway" "target_gateway" { + name = "vpn1-${local.name_suffix}" + network = "${google_compute_network.network1.self_link}" +} + +resource "google_compute_network" "network1" { + name = "network1-${local.name_suffix}" +} + +resource "google_compute_address" "vpn_static_ip" { + name = "vpn-static-ip-${local.name_suffix}" +} + +resource "google_compute_forwarding_rule" "fr_esp" { + name = "fr-esp-${local.name_suffix}" + ip_protocol = "ESP" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_forwarding_rule" "fr_udp500" { + name = "fr-udp500-${local.name_suffix}" + ip_protocol = "UDP" + port_range = "500" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_forwarding_rule" "fr_udp4500" { + name = "fr-udp4500-${local.name_suffix}" + ip_protocol = "UDP" + port_range = "4500" + ip_address = "${google_compute_address.vpn_static_ip.address}" + target = "${google_compute_vpn_gateway.target_gateway.self_link}" +} + +resource "google_compute_route" "route1" { + name = "route1-${local.name_suffix}" + network = "${google_compute_network.network1.name}" + dest_range = "15.0.0.0/24" + priority = 1000 + + next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.self_link}" +} diff --git a/build/kcc/servicemappings/compute.yaml b/build/kcc/servicemappings/compute.yaml index 10860a09ddcc..aaa4a5371a91 100644 --- a/build/kcc/servicemappings/compute.yaml +++ b/build/kcc/servicemappings/compute.yaml @@ -11,7 +11,6 @@ spec: kind: ComputeAddress metadataMapping: name: name - labels: labels idTemplate: "projects/{{project}}/regions/{{region}}/addresses/{{name}}" resourceReferences: - key: subnetworkRef @@ -83,7 +82,6 @@ spec: kind: ComputeForwardingRule metadataMapping: name: name - labels: labels idTemplate: "projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}" resourceReferences: - key: backendServiceRef @@ -106,7 +104,6 @@ spec: kind: ComputeGlobalAddress metadataMapping: name: name - labels: labels idTemplate: "projects/{{project}}/global/addresses/{{name}}" resourceReferences: - key: networkRef @@ -117,13 +114,7 @@ spec: kind: ComputeGlobalForwardingRule metadataMapping: name: name - labels: labels idTemplate: "projects/{{project}}/global/forwardingRules/{{name}}" - resourceReferences: - - key: networkRef - tfField: network - kind: Network - required: false - name: google_compute_http_health_check kind: ComputeHttpHealthCheck metadataMapping: @@ -238,10 +229,6 @@ spec: tfField: nextHopVpnTunnel kind: VpnTunnel required: false - - key: nextHopIlbRef - tfField: nextHopIlb - kind: ForwardingRule - required: false - name: google_compute_router kind: ComputeRouter metadataMapping: @@ -364,25 +351,12 @@ spec: kind: ComputeVpnTunnel metadataMapping: name: name - labels: labels idTemplate: "projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}" resourceReferences: - key: targetVpnGatewayRef tfField: targetVpnGateway kind: VpnGateway required: false - - key: vpnGatewayRef - tfField: vpnGateway - kind: HaVpnGateway - required: false - - key: peerExternalGatewayRef - tfField: peerExternalGateway - kind: ExternalVpnGateway - required: false - - key: peerGcpGatewayRef - tfField: peerGcpGateway - kind: HaVpnGateway - required: false - key: routerRef tfField: router kind: Router diff --git a/provider/terraform_kcc.rb b/provider/terraform_kcc.rb index 79c528771aa6..067946cd5e46 100644 --- a/provider/terraform_kcc.rb +++ b/provider/terraform_kcc.rb @@ -19,11 +19,37 @@ module Provider # Instead of generating KCC directly, this provider generates a KCC-compatible # library to be consumed by KCC. class TerraformKCC < Provider::Terraform - def generate(output_folder, _types, _product_path, _dump_yaml) + def generate(output_folder, types, _product_path, _dump_yaml) @base_url = @version.base_url + generate_objects(output_folder, types) compile_product_files(output_folder) end + # Create a directory of samples per resource + def generate_resource(data) + examples = data.object.examples + .reject(&:skip_test) + .reject { |e| !e.test_env_vars.nil? && e.test_env_vars.any? } + .reject { |e| @version < @api.version_obj_or_closest(e.min_version) } + + examples.each do |example| + target_folder = File.join(data.output_folder, 'samples', example.name) + FileUtils.mkpath target_folder + + data.example = example + + data.generate( + 'templates/kcc/samples/sample.tf.erb', + File.join(target_folder, 'main.tf'), + self + ) + end + end + + def generate_resource_tests(data) end + + def generate_iam_policy(data) end + def compile_product_files(output_folder) file_template = ProductFileTemplate.new( output_folder, diff --git a/templates/kcc/samples/sample.tf.erb b/templates/kcc/samples/sample.tf.erb new file mode 100644 index 000000000000..5d2155f0173b --- /dev/null +++ b/templates/kcc/samples/sample.tf.erb @@ -0,0 +1,2 @@ +<% autogen_exception -%> +<%= example.config_example -%>