ApigeeInstance add ipRange field (#5607)

* Add support IAM policy for the Environment of Apigee X * Add support IAM policy for the Environment of Apigee X * Add support IAM policy for the Environment of Apigee X * Add support IAM policy for the Environment of Apigee X * Revert all changes to test files. * Revert all changes to test files. * Revert all changes to test files. * Add primary_resource_name to fix tests. * Update iam_attributes.tf.erb to honor skip_test. * Don't reject skip_tests when example is nil. * Update mmv1/products/apigee/api.yaml Co-authored-by: Stephen Lewis (Burrows) <stephen.r.burrows@gmail.com> * Fix primary_resource_name for apigee organization name. * Add a new field "ipRange". Co-authored-by: Stephen Lewis (Burrows) <stephen.r.burrows@gmail.com>
GoogleCloudPlatform · Jan 18, 2022 · ba4abbf · ba4abbf
1 parent 05868fb
commit ba4abbf
Show file tree

Hide file tree

Showing 4 changed files with 117 additions and 0 deletions.
diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml
@@ -175,6 +175,16 @@ objects:
         description: |
           The size of the CIDR block range that will be reserved by the instance. For valid values, 
           see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation.
+      - !ruby/object:Api::Type::String
+        name: 'ipRange'
+        description: |
+          IP range represents the customer-provided CIDR block of length 22 that will be used for
+          the Apigee instance creation. This optional range, if provided, should be freely
+          available as part of larger named range the customer has allocated to the Service
+          Networking peering. If this is not provided, Apigee will automatically request for any
+          available /22 CIDR block from Service Networking. The customer should use this CIDR block
+          for configuring their firewall needs to allow traffic from Apigee.
+          Input format: "a.b.c.d/22"
       - !ruby/object:Api::Type::String
         name: 'description'
         description: |

diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml
@@ -85,6 +85,20 @@ overrides: !ruby/object:Overrides::ResourceOverrides
       skip_docs: true
       # Resource creation race
       skip_vcr: true
+    - !ruby/object:Provider::Terraform::Examples
+      name: "apigee_instance_ip_range"
+      skip_test: true
+    - !ruby/object:Provider::Terraform::Examples
+      # This is a more verbose version of the above that creates all
+      # the resources needed for the acceptance test.
+      name: "apigee_instance_ip_range_test"
+      primary_resource_id: "apigee_instance"
+      test_env_vars:
+        org_id: :ORG_ID
+        billing_account: :BILLING_ACCT
+      skip_docs: true
+      # Resource creation race
+      skip_vcr: true
     - !ruby/object:Provider::Terraform::Examples
       name: "apigee_instance_full"
       skip_test: true

diff --git a/mmv1/templates/terraform/examples/apigee_instance_ip_range.tf.erb b/mmv1/templates/terraform/examples/apigee_instance_ip_range.tf.erb
@@ -0,0 +1,33 @@
+data "google_client_config" "current" {}
+
+resource "google_compute_network" "apigee_network" {
+  name = "apigee-network"
+}
+
+resource "google_compute_global_address" "apigee_range" {
+  name          = "apigee-range"
+  purpose       = "VPC_PEERING"
+  address_type  = "INTERNAL"
+  prefix_length = 22
+  network       = google_compute_network.apigee_network.id
+}
+
+resource "google_service_networking_connection" "apigee_vpc_connection" {
+  network                 = google_compute_network.apigee_network.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
+}
+
+resource "google_apigee_organization" "apigee_org" {
+  analytics_region   = "us-central1"
+  project_id         = data.google_client_config.current.project
+  authorized_network = google_compute_network.apigee_network.id
+  depends_on         = [google_service_networking_connection.apigee_vpc_connection]
+}
+
+resource "google_apigee_instance" "apigee_instance" {
+  name     = "tf-test%{random_suffix}"
+  location = "us-central1-b"
+  org_id   = google_apigee_organization.apigee_org.id
+  ip_range = "10.87.8.0/22"
+}
diff --git a/mmv1/templates/terraform/examples/apigee_instance_ip_range_test.tf.erb b/mmv1/templates/terraform/examples/apigee_instance_ip_range_test.tf.erb
@@ -0,0 +1,60 @@
+resource "google_project" "project" {
+  project_id      = "tf-test%{random_suffix}"
+  name            = "tf-test%{random_suffix}"
+  org_id          = "<%= ctx[:test_env_vars]['org_id'] %>"
+  billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>"
+}
+
+resource "google_project_service" "apigee" {
+  project = google_project.project.project_id
+  service = "apigee.googleapis.com"
+}
+
+resource "google_project_service" "compute" {
+  project = google_project.project.project_id
+  service = "compute.googleapis.com"
+}
+
+resource "google_project_service" "servicenetworking" {
+  project = google_project.project.project_id
+  service = "servicenetworking.googleapis.com"
+}
+
+resource "google_compute_network" "apigee_network" {
+  name       = "apigee-network"
+  project    = google_project.project.project_id
+  depends_on = [google_project_service.compute]
+}
+
+resource "google_compute_global_address" "apigee_range" {
+  name          = "apigee-range"
+  purpose       = "VPC_PEERING"
+  address_type  = "INTERNAL"
+  prefix_length = 22
+  network       = google_compute_network.apigee_network.id
+  project       = google_project.project.project_id
+}
+
+resource "google_service_networking_connection" "apigee_vpc_connection" {
+  network                 = google_compute_network.apigee_network.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
+  depends_on              = [google_project_service.servicenetworking]
+}
+
+resource "google_apigee_organization" "apigee_org" {
+  analytics_region   = "us-central1"
+  project_id         = google_project.project.project_id
+  authorized_network = google_compute_network.apigee_network.id
+  depends_on         = [
+    google_service_networking_connection.apigee_vpc_connection,
+    google_project_service.apigee,
+  ]
+}
+
+resource "google_apigee_instance" "<%= ctx[:primary_resource_id] %>" {
+  name     = "tf-test%{random_suffix}"
+  location = "us-central1"
+  org_id   = google_apigee_organization.apigee_org.id
+  ip_range = "10.87.8.0/22"
+}