Add configuratgion for Tls route (GoogleCloudPlatform#7755)

* Configuration for traffic director Mesh resource. * Add more tests for Mesh resource * Use new provider for test * Configuration for service binding. * Add hand written test for service binding. * Revert "Add hand written test for service binding." This reverts commit 367449a. * Update service binding yaml. * reduce timeouts. * Update mmv1/products/networkservices/ServiceBinding.yaml Co-authored-by: Sam Levenick <slevenick@google.com> * Service binding update test. * Fix compile error. * Add configuration for Tls route. * Remove extra files. * Address PR comments. * Fix failing tests. --------- Co-authored-by: Madhura Phadnis <madhurap@google.com> Co-authored-by: Sam Levenick <slevenick@google.com>
ravisiddhu · Apr 25, 2023 · 4c6b9cc · 4c6b9cc
1 parent 4484cc1
commit 4c6b9cc
Show file tree

Hide file tree

Showing 5 changed files with 394 additions and 0 deletions.
diff --git a/mmv1/products/networkservices/TlsRoute.yaml b/mmv1/products/networkservices/TlsRoute.yaml
@@ -0,0 +1,163 @@
+# Copyright 2023 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an 'AS IS' BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Api::Resource
+name: 'TlsRoute'
+base_url: 'projects/{{project}}/locations/global/tlsRoutes'
+create_url: 'projects/{{project}}/locations/global/tlsRoutes?tlsRouteId={{name}}'
+self_link: 'projects/{{project}}/locations/global/tlsRoutes/{{name}}'
+min_version: beta
+update_verb: :PATCH
+update_mask: true
+description: |
+  TlsRoute defines how traffic should be routed based on SNI and other matching L3 attributes.
+references: !ruby/object:Api::Resource::ReferenceLinks
+  api: 'https://cloud.google.com/traffic-director/docs/reference/network-services/rest/v1beta1/projects.locations.tlsRoutes'
+async: !ruby/object:Api::OpAsync
+  operation: !ruby/object:Api::OpAsync::Operation
+    path: 'name'
+    base_url: '{{op_id}}'
+    wait_ms: 1000
+    timeouts: !ruby/object:Api::Timeouts
+      insert_minutes: 30
+      update_minutes: 30
+      delete_minutes: 30
+  result: !ruby/object:Api::OpAsync::Result
+    path: 'response'
+  status: !ruby/object:Api::OpAsync::Status
+    path: 'done'
+    complete: true
+    allowed:
+      - true
+      - false
+  error: !ruby/object:Api::OpAsync::Error
+    path: 'error'
+    message: 'message'
+autogen_async: true
+import_format: ['projects/{{project}}/locations/global/tlsRoutes/{{name}}']
+examples:
+  - !ruby/object:Provider::Terraform::Examples
+    min_version: beta
+    name: 'network_services_tls_route_basic'
+    primary_resource_id: 'default'
+    vars:
+      resource_name: 'my-tls-route'
+      backend_service_name: "my-backend-service"
+      http_health_check_name: "backend-service-health-check"
+  - !ruby/object:Provider::Terraform::Examples
+    min_version: beta
+    name: 'network_services_tls_route_mesh_basic'
+    primary_resource_id: 'default'
+    vars:
+      resource_name: 'my-tls-route'
+      backend_service_name: "my-backend-service"
+      http_health_check_name: "backend-service-health-check"
+  - !ruby/object:Provider::Terraform::Examples
+    min_version: beta
+    name: 'network_services_tls_route_gateway_basic'
+    primary_resource_id: 'default'
+    vars:
+      resource_name: 'my-tls-route'
+      backend_service_name: "my-backend-service"
+      http_health_check_name: "backend-service-health-check"
+parameters:
+  - !ruby/object:Api::Type::String
+    name: 'name'
+    required: true
+    url_param_only: true
+    immutable: true
+    description: |
+      Name of the TlsRoute resource.
+properties:
+  - !ruby/object:Api::Type::String
+    name: 'selfLink'
+    description: |
+      Server-defined URL of this resource.
+    output: true
+  - !ruby/object:Api::Type::Time
+    name: 'createTime'
+    description: |
+      Time the TlsRoute was created in UTC.
+    output: true
+  - !ruby/object:Api::Type::Time
+    name: 'updateTime'
+    description: |
+      Time the TlsRoute was updated in UTC.
+    output: true
+  - !ruby/object:Api::Type::String
+    name: 'description'
+    description: |
+      A free-text description of the resource. Max length 1024 characters.
+  - !ruby/object:Api::Type::Array
+    name: meshes
+    item_type: Api::Type::String
+    description: |
+           Meshes defines a list of meshes this TlsRoute is attached to, as one of the routing rules to route the requests served by the mesh.
+           Each mesh reference should match the pattern: projects/*/locations/global/meshes/<mesh_name>
+           The attached Mesh should be of a type SIDECAR 
+    send_empty_value: true 
+  - !ruby/object:Api::Type::Array
+    name: gateways
+    item_type: Api::Type::String
+    description: |
+          Gateways defines a list of gateways this TlsRoute is attached to, as one of the routing rules to route the requests served by the gateway.
+          Each gateway reference should match the pattern: projects/*/locations/global/gateways/<gateway_name>  
+    send_empty_value: true
+  - !ruby/object:Api::Type::Array
+    name: rules
+    description: |
+          Rules that define how traffic is routed and handled.  
+    required: true
+    send_empty_value: true
+    item_type: !ruby/object:Api::Type::NestedObject
+      properties: 
+        - !ruby/object:Api::Type::Array
+          name: matches
+          description: |
+            Matches define the predicate used to match requests to a given action.
+          required: true
+          item_type: !ruby/object:Api::Type::NestedObject
+            properties:
+              - !ruby/object:Api::Type::Array
+                name: sniHost
+                description: |
+                  SNI (server name indicator) to match against. SNI will be matched against all wildcard domains, i.e. www.example.com will be first matched against www.example.com, then *.example.com, then *.com. 
+                  Partial wildcards are not supported, and values like *w.example.com are invalid. At least one of sniHost and alpn is required. Up to 5 sni hosts across all matches can be set.
+                item_type: Api::Type::String
+                send_empty_value: true
+              - !ruby/object:Api::Type::Array
+                name: alpn
+                description: |
+                  ALPN (Application-Layer Protocol Negotiation) to match against. Examples: "http/1.1", "h2". At least one of sniHost and alpn is required. Up to 5 alpns across all matches can be set.
+                item_type: Api::Type::String
+                send_empty_value: true
+        - !ruby/object:Api::Type::NestedObject
+          name: action
+          description: |
+              Required. A detailed rule defining how to route traffic.
+          required: true
+          properties:
+            - !ruby/object:Api::Type::Array
+              name: destinations
+              description: |
+                The destination to which traffic should be forwarded.
+              item_type: !ruby/object:Api::Type::NestedObject
+                properties:
+                  - !ruby/object:Api::Type::String
+                    name: serviceName
+                    description: |
+                      The URL of a BackendService to route traffic to.
+                  - !ruby/object:Api::Type::Integer
+                    name: weight
+                    description: |
+                      Specifies the proportion of requests forwarded to the backend referenced by the serviceName field.
diff --git a/mmv1/templates/terraform/examples/network_services_tls_route_basic.tf.erb b/mmv1/templates/terraform/examples/network_services_tls_route_basic.tf.erb
@@ -0,0 +1,31 @@
+resource "google_compute_backend_service" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name          = "<%= ctx[:vars]['backend_service_name'] %>"
+  health_checks = [google_compute_http_health_check.default.id]
+}
+
+resource "google_compute_http_health_check" "default" {
+  provider               = google-beta
+  name               = "<%= ctx[:vars]['http_health_check_name'] %>"
+  request_path       = "/"
+  check_interval_sec = 1
+  timeout_sec        = 1
+}
+
+resource "google_network_services_tls_route" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name                   = "<%= ctx[:vars]['resource_name'] %>"
+  description             = "my description"
+  rules                   {
+    matches {
+      sni_host = ["example.com"]
+      alpn = ["http/1.1"]
+    }
+    action {
+      destinations {
+        service_name = google_compute_backend_service.<%= ctx[:primary_resource_id] %>.id
+        weight = 1
+      }
+    }
+  }
+}
diff --git a/mmv1/templates/terraform/examples/network_services_tls_route_gateway_basic.tf.erb b/mmv1/templates/terraform/examples/network_services_tls_route_gateway_basic.tf.erb
@@ -0,0 +1,46 @@
+resource "google_compute_backend_service" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name          = "<%= ctx[:vars]['backend_service_name'] %>"
+  health_checks = [google_compute_http_health_check.default.id]
+}
+
+resource "google_compute_http_health_check" "default" {
+  provider               = google-beta
+  name               = "<%= ctx[:vars]['http_health_check_name'] %>"
+  request_path       = "/"
+  check_interval_sec = 1
+  timeout_sec        = 1
+}
+
+resource "google_network_services_gateway" "<%= ctx[:primary_resource_id] %>" {
+  provider    = google-beta
+  name        = "<%= ctx[:vars]['resource_name'] %>"
+  labels      = {
+    foo = "bar"
+  }
+  description = "my description"
+  scope = "my-scope"
+  type = "OPEN_MESH"
+  ports = [443]
+}
+
+resource "google_network_services_tls_route" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name                   = "<%= ctx[:vars]['resource_name'] %>"
+  description             = "my description"
+  gateways = [
+    google_network_services_gateway.<%= ctx[:primary_resource_id] %>.id
+  ]
+  rules                   {
+    matches {
+      sni_host = ["example.com"]
+      alpn = ["http/1.1"]
+    }
+    action {
+      destinations {
+        service_name = google_compute_backend_service.<%= ctx[:primary_resource_id] %>.id
+        weight = 1
+      }
+    }
+  }
+}
diff --git a/mmv1/templates/terraform/examples/network_services_tls_route_mesh_basic.tf.erb b/mmv1/templates/terraform/examples/network_services_tls_route_mesh_basic.tf.erb
@@ -0,0 +1,44 @@
+resource "google_compute_backend_service" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name          = "<%= ctx[:vars]['backend_service_name'] %>"
+  health_checks = [google_compute_http_health_check.default.id]
+}
+
+resource "google_compute_http_health_check" "default" {
+  provider               = google-beta
+  name               = "<%= ctx[:vars]['http_health_check_name'] %>"
+  request_path       = "/"
+  check_interval_sec = 1
+  timeout_sec        = 1
+}
+
+resource "google_network_services_mesh" "<%= ctx[:primary_resource_id] %>" {
+  provider    = google-beta
+  name        = "<%= ctx[:vars]['resource_name'] %>"
+  labels      = {
+    foo = "bar"
+  }
+  description = "my description"
+}
+
+
+resource "google_network_services_tls_route" "<%= ctx[:primary_resource_id] %>" {
+  provider               = google-beta
+  name                   = "<%= ctx[:vars]['resource_name'] %>"
+  description             = "my description"
+  meshes = [
+    google_network_services_mesh.<%= ctx[:primary_resource_id] %>.id
+  ]
+  rules                   {
+    matches {
+      sni_host = ["example.com"]
+      alpn = ["http/1.1"]
+    }
+    action {
+      destinations {
+        service_name = google_compute_backend_service.<%= ctx[:primary_resource_id] %>.id
+        weight = 1
+      }
+    }
+  }
+}
diff --git a/mmv1/third_party/terraform/tests/resource_network_services_tls_route_test.go.erb b/mmv1/third_party/terraform/tests/resource_network_services_tls_route_test.go.erb
@@ -0,0 +1,110 @@
+<% autogen_exception -%>
+package google
+<% unless version == 'ga' -%>
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccNetworkServicesTlsRoute_update(t *testing.T) {
+	t.Parallel()
+
+  tlsServiceName := fmt.Sprintf("tf-test-tls-service-%s", RandString(t, 10))
+  tlsHealthCheckName := fmt.Sprintf("tf-test-tls-healthcheck-%s", RandString(t, 10))
+	tlsRouteName := fmt.Sprintf("tf-test-tls-route-%s", RandString(t, 10))
+
+	VcrTest(t, resource.TestCase{
+		PreCheck:     func() { AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: ProtoV5ProviderFactories(t),
+		CheckDestroy: testAccCheckNetworkServicesTlsRouteDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+        Config: testAccNetworkServicesTlsRoute_basic(tlsServiceName, tlsHealthCheckName, tlsRouteName),
+			},
+			{
+				ResourceName:      "google_network_services_tls_route.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccNetworkServicesTlsRoute_update(tlsServiceName, tlsHealthCheckName, tlsRouteName),
+			},
+			{
+				ResourceName:      "google_network_services_tls_route.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccNetworkServicesTlsRoute_basic(tlsServiceName string, tlsHealthCheckName string, tlsRouteName string) string {
+	return fmt.Sprintf(`
+resource "google_compute_backend_service" "foo" {
+  name          = "%s"
+  health_checks = [google_compute_http_health_check.bar.id]
+}
+
+resource "google_compute_http_health_check" "bar" {
+  name               = "%s"
+  request_path       = "/"
+  check_interval_sec = 1
+  timeout_sec        = 1
+}
+
+resource "google_network_services_tls_route" "foobar" { 
+  name                   = "%s"
+  description             = "my description"
+  rules                   {
+    matches {
+      sni_host = ["example.com"]
+      alpn = ["http/1.1"]
+    }
+    action {
+      destinations {
+        service_name = google_compute_backend_service.foo.id
+        weight = 1
+      }
+    }
+  }
+}
+`, tlsServiceName, tlsHealthCheckName, tlsRouteName)
+}
+
+func testAccNetworkServicesTlsRoute_update(tlsServiceName string, tlsHealthCheckName string, tlsRouteName string) string {
+	return fmt.Sprintf(`
+  resource "google_compute_backend_service" "foo" {
+    name          = "%s"
+    health_checks = [google_compute_http_health_check.bar.id]
+  }
+
+  resource "google_compute_http_health_check" "bar" {
+    name               = "%s"
+    request_path       = "/"
+    check_interval_sec = 1
+    timeout_sec        = 1
+  }
+
+  resource "google_network_services_tls_route" "foobar" {
+    name                   = "%s"
+    description             = "update description"
+    rules                   {
+      matches {
+        sni_host = ["example.com"]
+        alpn = ["http/1.1"]
+      }
+      action {
+        destinations {
+          service_name = google_compute_backend_service.foo.id
+          weight = 1
+        }
+      }
+    }
+  }
+`, tlsServiceName, tlsHealthCheckName, tlsRouteName)
+}
+
+<% end -%>