feat: example-foundations test modes (#309)

* feat: example-foundations test modes

* fix bundle, fix type error

* add domain TF_VAR

* bump cred life

4-projects/business_unit_1/development/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

4-projects/business_unit_1/non-production/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

4-projects/business_unit_1/production/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

4-projects/business_unit_2/development/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

4-projects/business_unit_2/non-production/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

4-projects/business_unit_2/production/providers.tf

@@ -31,7 +31,7 @@ data "google_service_account_access_token" "default" {
   provider               = google.impersonate
   target_service_account = local.tf_sa
   scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "600s"
+  lifetime               = "900s"
 }
 
 /******************************************

build/int.cloudbuild.yaml

@@ -18,28 +18,15 @@ steps:
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment']
   env:
-  - 'TF_VAR_org_id=$_ORG_ID'
   - 'TF_VAR_folder_id=$_FOLDER_ID'
   - 'TF_VAR_billing_account=$_BILLING_ACCOUNT'
   - 'TF_VAR_group_email=test-gcp-org-admins@test.infra.cft.tips'
-  - 'TF_VAR_project_prefix=tst'
-# - id: clean
-#   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
-#   args: ['/bin/bash', '-c', './test/clean_org.sh']
-#   env:
-#   - 'TF_VAR_org_id=$_ORG_ID'
-#   - 'TF_VAR_folder_id=$_FOLDER_ID'
-#   - 'TF_VAR_billing_account=$_BILLING_ACCOUNT'
-#   - 'TF_VAR_group_email=test-gcp-org-admins@test.infra.cft.tips'
-#   - 'TF_VAR_project_prefix=tst'
 - id: create
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do create']
 - id: converge-bootstrap
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge bootstrap-default']
-  env:
-  - 'TF_VAR_project_prefix=tst'
 - id: verify-bootstrap
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify bootstrap-default']
@@ -49,10 +36,6 @@ steps:
 - id: converge-org
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge org-default']
-  env:
-  - 'TF_VAR_domain_to_allow=test.infra.cft.tips'
-  - 'TF_VAR_project_prefix=tst'
-  - 'TF_VAR_hub_and_spoke=true'
 - id: verify-org
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify org-default']
@@ -62,22 +45,15 @@ steps:
 - id: converge-envs
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge envs-default']
-  env:
-  - 'TF_VAR_project_prefix=tst'
 - id: verify-envs
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify envs-default']
 - id: create-dns-hub
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do create dns-hub-default']
-  env:
-  - 'TF_VAR_org_id=$_ORG_ID'
 - id: converge-dns-hub
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do converge dns-hub-default']
-  env:
-  - 'TF_VAR_domain=test.infra.cft.tips.'
-  - 'TF_VAR_org_id=$_ORG_ID'
 - id: verify-dns-hub
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify dns-hub-default']
@@ -87,9 +63,6 @@ steps:
 - id: converge-networks
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") && kitchen_do converge networks-default']
-  env:
-  - 'TF_VAR_org_id=$_ORG_ID'
-  - 'TF_VAR_domain=test.infra.cft.tips.'
 - id: verify-networks
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify networks-default']
@@ -99,54 +72,37 @@ steps:
 - id: converge-projects
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && source ./test/export_sc.sh && export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") && kitchen_do converge projects-default']
-  env:
-  - 'TF_VAR_org_id=$_ORG_ID'
-  - 'TF_VAR_domain=test.infra.cft.tips.'
-  - 'TF_VAR_project_prefix=tst'
 - id: verify-projects
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do verify projects-default']
 - id: destroy-projects
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && source ./test/export_sc.sh && export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") && kitchen_do destroy projects-default']
-  env:
-  - 'TF_VAR_org_id=$_ORG_ID'
-  - 'TF_VAR_domain=test.infra.cft.tips.'
-  - 'TF_VAR_project_prefix=tst'
 - id: destroy-networks
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") && kitchen_do destroy networks-default']
-  env:
-  - 'TF_VAR_org_id=$_ORG_ID'
-  - 'TF_VAR_domain=test.infra.cft.tips.'
 - id: destroy-dns-hub
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy dns-hub-default']
-  env:
-  - 'TF_VAR_domain=test.infra.cft.tips.'
-  - 'TF_VAR_org_id=$_ORG_ID'
 - id: destroy-envs
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy envs-default']
-  env:
-  - 'TF_VAR_domain_to_allow=test.infra.cft.tips'
-  - 'TF_VAR_project_prefix=tst'
 - id: destroy-org
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy org-default']
-  env:
-  - 'TF_VAR_domain_to_allow=test.infra.cft.tips'
-  - 'TF_VAR_project_prefix=tst'
-  - 'TF_VAR_hub_and_spoke=true'
 - id: destroy-bootstrap
   name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
   args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && kitchen_do destroy bootstrap-default']
-  env:
-  - 'TF_VAR_domain_to_allow=test.infra.cft.tips'
-  - 'TF_VAR_project_prefix=tst'
 tags:
 - 'ci'
 - 'integration'
+options:
+  env:
+  - 'TF_VAR_example_foundations_mode=$_EXAMPLE_FOUNDATIONS_TEST_MODE'
+  - 'TF_VAR_project_prefix=tst'
+  - 'TF_VAR_domain_to_allow=test.infra.cft.tips'
+  - 'TF_VAR_domain=test.infra.cft.tips.'
+  - 'TF_VAR_org_id=$_ORG_ID'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
   _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.13'

test/bundle.hcl

@@ -1,11 +1,21 @@
 terraform {
-  version = "0.12.29"
+  version = "0.13.5"
 }
 
 providers {
-  google = ["~> 3.30"]
-  google-beta = ["~> 3.30"]
-  external = ["~> 1.0"]
-  null = ["~> 2.0"]
-  random = ["~> 2.0"]
+  google = {
+    version = ["~> 3.30"]
+  }
+  google-beta = {
+    version = ["~> 3.30"]
+  }
+  external = {
+    version = ["~> 1.0"]
+  }
+  null = {
+    version = ["~> 2.0"]
+  }
+  random = {
+    version = ["~> 2.0"]
+  }
 }

test/setup/outputs.tf

@@ -48,3 +48,7 @@ output "billing_account" {
 output "group_email" {
   value = var.group_email
 }
+
+output "hub_and_spoke" {
+  value = var.example_foundations_mode == "HubAndSpoke" ? "true" : "false"
+}

test/setup/variables.tf

@@ -29,3 +29,7 @@ variable "billing_account" {
 variable "group_email" {
   description = "The group that will be assigned permissions for testing."
 }
+
+variable "example_foundations_mode" {
+  description = "The example foundations mode used for testing."
+}