import of tests for gke-multi-region and gke-service-lb examples

Author: danisla

example-gke-k8s-helm/README.md

@@ -7,6 +7,14 @@ gcloud auth application-default login
 export GOOGLE_PROJECT=$(gcloud config get-value project)
 ```
 
+## Enable service management API
+
+This example creates a Cloud Endpoints service and requires that the Service Manangement API is enabled.
+
+```
+gcloud services enable servicemanagement.googleapis.com
+```
+
 ### Install helm
 
 ```

example-gke-k8s-multi-region/README.md

@@ -13,15 +13,6 @@ gcloud auth application-default login
 export GOOGLE_PROJECT=$(gcloud config get-value project)
 ```
 
-## Create the `terraform.tfvars` file
-
-```
-cat > terraform.tfvars <<EOF
-gke_username = "admin"
-gke_password = "$(openssl rand -base64 16)"
-EOF
-```
-
 ## Run Terraform
 
 ```

example-gke-k8s-multi-region/gke-regional/get_server_config_beta.sh

@@ -6,9 +6,6 @@ variable "cluster_name" {
   default = "tf-regional"
 }
 
-variable "gke_username" {}
-variable "gke_password" {}
-
 variable "master_version" {
   default = ""
 }
@@ -30,27 +27,26 @@ variable "subnetwork" {
   default = "default"
 }
 
-// External data source to fetch latest regional versions (beta).
-data "external" "container-regional-versions-beta" {
-  program = ["${path.module}/get_server_config_beta.sh"]
+data "google_compute_zones" "available" {
+  region = "${var.region}"
+}
 
-  query = {
-    region = "${var.region}"
-  }
+data "google_container_engine_versions" "default" {
+  zone = "${element(data.google_compute_zones.available.names, 0)}"
 }
 
 resource "google_container_cluster" "default" {
   name               = "${var.cluster_name}"
   region             = "${var.region}"
   initial_node_count = "${var.node_count}"
-  min_master_version = "${var.master_version != "" ? var.master_version : data.external.container-regional-versions-beta.result.latest_master_version}"
+  min_master_version = "${var.master_version != "" ? var.master_version : data.google_container_engine_versions.default.latest_master_version}"
   network            = "${var.network}"
   subnetwork         = "${var.subnetwork}"
 
-  master_auth {
-    username = "${var.gke_username}"
-    password = "${var.gke_password}"
-  }
+  // Use legacy ABAC until these issues are resolved: 
+  //   https://github.com/mcuadros/terraform-provider-helm/issues/56
+  //   https://github.com/terraform-providers/terraform-provider-kubernetes/pull/73
+  enable_legacy_abac = true
 
   node_config {
     tags = ["${var.tags}"]

example-gke-k8s-multi-region/gke-regional/main.tf

@@ -1,6 +1,3 @@
-variable "gke_username" {}
-variable "gke_password" {}
-
 variable "region1_cluster_name" {
   default = "tf-region1"
 }
@@ -50,8 +47,6 @@ module "cluster1" {
   source       = "./gke-regional"
   region       = "${var.region1}"
   cluster_name = "${var.region1_cluster_name}"
-  gke_username = "${var.gke_username}"
-  gke_password = "${var.gke_password}"
   tags         = ["tf-gke-region1"]
   network      = "${google_compute_subnetwork.region1.network}"
   subnetwork   = "${google_compute_subnetwork.region1.name}"
@@ -61,8 +56,6 @@ module "cluster2" {
   source       = "./gke-regional"
   region       = "${var.region2}"
   cluster_name = "${var.region2_cluster_name}"
-  gke_username = "${var.gke_username}"
-  gke_password = "${var.gke_password}"
   tags         = ["tf-gke-region2"]
   network      = "${google_compute_subnetwork.region2.network}"
   subnetwork   = "${google_compute_subnetwork.region2.name}"
@@ -71,8 +64,7 @@ module "cluster2" {
 provider "kubernetes" {
   alias                  = "cluster1"
   host                   = "${module.cluster1.endpoint}"
-  username               = "${var.gke_username}"
-  password               = "${var.gke_password}"
+  token                  = "${data.google_client_config.current.access_token}"
   client_certificate     = "${base64decode(module.cluster1.client_certificate)}"
   client_key             = "${base64decode(module.cluster1.client_key)}"
   cluster_ca_certificate = "${base64decode(module.cluster1.cluster_ca_certificate)}"
@@ -81,8 +73,7 @@ provider "kubernetes" {
 provider "kubernetes" {
   alias                  = "cluster2"
   host                   = "${module.cluster2.endpoint}"
-  username               = "${var.gke_username}"
-  password               = "${var.gke_password}"
+  token                  = "${data.google_client_config.current.access_token}"
   client_certificate     = "${base64decode(module.cluster2.client_certificate)}"
   client_key             = "${base64decode(module.cluster2.client_key)}"
   cluster_ca_certificate = "${base64decode(module.cluster2.cluster_ca_certificate)}"

example-gke-k8s-multi-region/main.tf

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+set -x 
+set -e
+
+URL="http://$(terraform output load-balancer-ip)"
+status=0
+count=0
+while [[ $count -lt 120 && $status -ne 200 ]]; do
+  echo "INFO: Waiting for load balancer..."
+  status=$(curl -sf -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true)
+  ((count=count+1))
+  sleep 5
+done
+if [[ $count -lt 120 ]]; then
+  echo "INFO: PASS"
+else
+  echo "ERROR: Failed"
+fi

example-gke-k8s-multi-region/test.sh

@@ -27,6 +27,8 @@ resource "google_compute_subnetwork" "default" {
   private_ip_google_access = true
 }
 
+data "google_client_config" "current" {}
+
 data "google_container_engine_versions" "default" {
   zone = "${var.zone}"
 }
@@ -39,6 +41,11 @@ resource "google_container_cluster" "default" {
   network            = "${google_compute_subnetwork.default.name}"
   subnetwork         = "${google_compute_subnetwork.default.name}"
 
+  // Use legacy ABAC until these issues are resolved: 
+  //   https://github.com/mcuadros/terraform-provider-helm/issues/56
+  //   https://github.com/terraform-providers/terraform-provider-kubernetes/pull/73
+  enable_legacy_abac = true
+
   // Wait for the GCE LB controller to cleanup the resources.
   provisioner "local-exec" {
     when    = "destroy"

example-gke-k8s-service-lb/main.tf

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+set -x 
+set -e
+
+URL="http://$(terraform output load-balancer-ip)"
+status=0
+count=0
+while [[ $count -lt 120 && $status -ne 200 ]]; do
+  echo "INFO: Waiting for load balancer..."
+  status=$(curl -sf -m 5 -o /dev/null -w "%{http_code}" "${URL}" || true)
+  ((count=count+1))
+  sleep 5
+done
+if [[ $count -lt 120 ]]; then
+  echo "INFO: PASS"
+else
+  echo "ERROR: Failed"
+fi

example-gke-k8s-service-lb/test.sh

@@ -37,7 +37,7 @@ jobs:
       example_dir: example-gke-k8s-helm
       region: us-west1
       zone: us-west1-b
-      init_script: |
+      init_script: |        
         # Install helm
         curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
         chmod 700 get_helm.sh
@@ -65,6 +65,76 @@ jobs:
         body: email/body-failed
     file: git/tests/tasks/run-example.yaml
 
+###
+# run-example-gke-multi-region
+###
+- name: run-example-gke-multi-region
+  serial: true
+  plan:
+  - get: once-a-day
+    trigger: true
+
+  - get: git
+    trigger: false
+
+  - task: run-example-gke-multi-region
+    params:
+      git_src: git
+      git_target: git
+      service_account_json: ((regression-project.service_account_json))
+      project_id: ((regression-project.project_id))
+      backend_bucket: {{backend_bucket}}
+      backend_prefix: terraform-google-examples/
+      env_name: tf-ci-gke-multi-region
+      example_dir: example-gke-k8s-multi-region
+      region: us-central1
+      zone: us-central1-b
+      TF_VAR_network_name: tf-ci-gke-multi-region
+      TF_VAR_region1_cluster_name: tf-ci-gke-multi-1
+      TF_VAR_region1: us-central1
+      TF_VAR_region2_cluster_name: tf-ci-gke-multi-2
+      TF_VAR_region2: us-east1
+    on_failure:
+      put: send-an-email
+      params:
+        subject: email/subject-failed
+        body: email/body-failed
+    file: git/tests/tasks/run-example.yaml
+
+###
+# run-example-gke-service-lb
+###
+- name: run-example-gke-service-lb
+  serial: true
+  plan:
+  - get: once-a-day
+    trigger: true
+
+  - get: git
+    trigger: false
+
+  - task: run-example-gke-service-lb
+    params:
+      git_src: git
+      git_target: git
+      service_account_json: ((regression-project.service_account_json))
+      project_id: ((regression-project.project_id))
+      backend_bucket: {{backend_bucket}}
+      backend_prefix: terraform-google-examples/
+      env_name: tf-ci-gke-service-lb
+      example_dir: example-gke-k8s-service-lb
+      region: us-central1
+      zone: us-central1-f
+      TF_VAR_network_name: tf-ci-gke-service-lb
+      TF_VAR_region: us-central1
+      TF_VAR_zone: us-central1-f
+    on_failure:
+      put: send-an-email
+      params:
+        subject: email/subject-failed
+        body: email/body-failed
+    file: git/tests/tasks/run-example.yaml
+
 ###
 # Resource types
 ###