feat!: add Terraform 0.13 constraint and module attribution (#70)

* feat!: add Terraform 0.13 constraint and module attribution

* Multiple Updates to support move to 0.13

Updated Inspec tests for two examples.
Updated versions for managed_instance_group example +
sample for using the http-lb.
Updated version for project factory in test setup

Co-authored-by: James Duncan <[email protected]>
Co-authored-by: Bharath KKB <[email protected]>

Author: 3 people

Makefile

@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.12.0
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.13
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 

README.md

@@ -5,8 +5,10 @@ This module handles the generation of metadata for [deploying containers on GCE
 This module itself does not launch an instance or managed instance group. It simply generates the necessary metadata to create an instance or MIG yourself. Examples of using this module can be found in the [examples/](examples) directory.
 
 ## Compatibility
-
-This module is meant for use with Terraform 0.12. If you need a Terraform 0.11.x-compatible version of this module, the last released version intended for Terraform 0.11.x is [0.3.0].
+This module is meant for use with Terraform 0.13. If you haven't
+[upgraded](https://www.terraform.io/upgrade-guides/0-13.html) and need a Terraform
+0.12.x-compatible version of this module, the last released version
+intended for Terraform 0.12.x is [v2.0.0](https://registry.terraform.io/modules/terraform-google-modules/-container-vm/google/v2.0.0).
 
 ## Usage
 
@@ -73,12 +75,12 @@ Then perform the following commands on the root folder:
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| container | A description of the container to deploy | any | `<map>` | no |
-| cos\_image\_family | The COS image family to use (eg: stable, beta, or dev) | string | `"stable"` | no |
-| cos\_image\_name | Name of a specific COS image to use instead of the latest cos family image | string | `"null"` | no |
-| restart\_policy | The restart policy for a Docker container. Defaults to `OnFailure` | string | `"OnFailure"` | no |
-| volumes | A set of Docker Volumes to configure | any | `<list>` | no |
+|------|-------------|------|---------|:--------:|
+| container | A description of the container to deploy | `any` | <pre>{<br>  "command": "ls",<br>  "image": "gcr.io/google-containers/busybox"<br>}</pre> | no |
+| cos\_image\_family | The COS image family to use (eg: stable, beta, or dev) | `string` | `"stable"` | no |
+| cos\_image\_name | Name of a specific COS image to use instead of the latest cos family image | `string` | `null` | no |
+| restart\_policy | The restart policy for a Docker container. Defaults to `OnFailure` | `string` | `"OnFailure"` | no |
+| volumes | A set of Docker Volumes to configure | `any` | `[]` | no |
 
 ## Outputs
 
@@ -89,8 +91,8 @@ Then perform the following commands on the root folder:
 | metadata\_key | The key to assign `metadata_value` to, so container information is attached to the instance |
 | metadata\_value | The generated container configuration |
 | restart\_policy | The restart policy provided |
-| source\_image | The self_link to the COS image to use for the GCE instance. Equivalent to container_vm.self_link |
-| vm\_container\_label | The COS version to deploy to the instance. To be used as the value for the `vm_container_label_key` label key. Equivalent to container_vm.name |
+| source\_image | The self\_link to the COS image to use for the GCE instance. Equivalent to container\_vm.self\_link |
+| vm\_container\_label | The COS version to deploy to the instance. To be used as the value for the `vm_container_label_key` label key. Equivalent to container\_vm.name |
 | vm\_container\_label\_key | The label key for the COS version deployed to the instance |
 | volumes | The volume definition provided |
 
@@ -134,7 +136,7 @@ module "gce-advanced-container" {
 
 ## Requirements
 ### Terraform plugins
-- [Terraform](https://www.terraform.io/downloads.html) 0.10.x
+- [Terraform](https://www.terraform.io/downloads.html) >= 0.13.0
 - [terraform-provider-google](https://github.com/terraform-providers/terraform-provider-google) plugin v1.8.0
 
 ### Python Libraries

build/int.cloudbuild.yaml

@@ -38,4 +38,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.12.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.13'

build/lint.cloudbuild.yaml

@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.12.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.13'

examples/instance_with_advanced_options/README.md

@@ -6,13 +6,13 @@ This example illustrates how to deploy a container to a Google Compute Engine in
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| client\_email | Service account email address | string | `""` | no |
-| instance\_name | The desired name to assign to the deployed instance | string | `"container-vm-advanced-options"` | no |
-| project\_id | The project ID to deploy resources into | string | n/a | yes |
-| subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
-| subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
-| zone | The GCP zone to deploy instances into | string | n/a | yes |
+|------|-------------|------|---------|:--------:|
+| client\_email | Service account email address | `string` | `""` | no |
+| instance\_name | The desired name to assign to the deployed instance | `string` | `"container-vm-advanced-options"` | no |
+| project\_id | The project ID to deploy resources into | `any` | n/a | yes |
+| subnetwork | The name of the subnetwork to deploy instances into | `any` | n/a | yes |
+| subnetwork\_project | The project ID where the desired subnetwork is provisioned | `any` | n/a | yes |
+| zone | The GCP zone to deploy instances into | `string` | n/a | yes |
 
 ## Outputs
 

examples/instance_with_attached_disk/README.md

@@ -6,18 +6,18 @@ This example illustrates how to deploy and expose a container to a Google Comput
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| additional\_metadata | Additional metadata to attach to the instance | map(string) | `<map>` | no |
-| client\_email | Service account email address | string | `""` | no |
-| image | The Docker image to deploy to GCE instances | string | n/a | yes |
-| image\_port | The port the image exposes for HTTP requests | string | n/a | yes |
-| instance\_name | The desired name to assign to the deployed instance | string | `"disk-instance-vm-test"` | no |
-| machine\_type | The GCP machine type to deploy | string | n/a | yes |
-| project\_id | The project ID to deploy resource into | string | n/a | yes |
-| restart\_policy | The desired Docker restart policy for the deployed image | string | n/a | yes |
-| subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
-| subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
-| zone | The GCP zone to deploy instances into | string | n/a | yes |
+|------|-------------|------|---------|:--------:|
+| additional\_metadata | Additional metadata to attach to the instance | `map(string)` | `{}` | no |
+| client\_email | Service account email address | `string` | `""` | no |
+| image | The Docker image to deploy to GCE instances | `any` | n/a | yes |
+| image\_port | The port the image exposes for HTTP requests | `any` | n/a | yes |
+| instance\_name | The desired name to assign to the deployed instance | `string` | `"disk-instance-vm-test"` | no |
+| machine\_type | The GCP machine type to deploy | `any` | n/a | yes |
+| project\_id | The project ID to deploy resource into | `any` | n/a | yes |
+| restart\_policy | The desired Docker restart policy for the deployed image | `any` | n/a | yes |
+| subnetwork | The name of the subnetwork to deploy instances into | `any` | n/a | yes |
+| subnetwork\_project | The project ID where the desired subnetwork is provisioned | `any` | n/a | yes |
+| zone | The GCP zone to deploy instances into | `any` | n/a | yes |
 
 ## Outputs
 

examples/instance_with_config_file/README.md

@@ -6,15 +6,15 @@ This example illustrates how to deploy and expose a container to a Google Comput
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| additional\_metadata | Additional metadata to attach to the instance | map(string) | `<map>` | no |
-| client\_email | Service account email address | string | `""` | no |
-| cos\_image\_name | The forced COS image to use instead of latest | string | `"cos-stable-77-12371-89-0"` | no |
-| instance\_name | The desired name to assign to the deployed instance | string | `"hello-world-container-vm"` | no |
-| project\_id | The project ID to deploy resources into | string | n/a | yes |
-| subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
-| subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
-| zone | The GCP zone to deploy instances into | string | n/a | yes |
+|------|-------------|------|---------|:--------:|
+| additional\_metadata | Additional metadata to attach to the instance | `map(string)` | `{}` | no |
+| client\_email | Service account email address | `string` | `""` | no |
+| cos\_image\_name | The forced COS image to use instead of latest | `string` | `"cos-stable-77-12371-89-0"` | no |
+| instance\_name | The desired name to assign to the deployed instance | `string` | `"hello-world-container-vm"` | no |
+| project\_id | The project ID to deploy resources into | `any` | n/a | yes |
+| subnetwork | The name of the subnetwork to deploy instances into | `any` | n/a | yes |
+| subnetwork\_project | The project ID where the desired subnetwork is provisioned | `any` | n/a | yes |
+| zone | The GCP zone to deploy instances into | `string` | n/a | yes |
 
 ## Outputs
 

examples/instance_with_config_file/main.tf

@@ -16,7 +16,7 @@
 
 provider "google" {
   project = var.project_id
-  version = "~> 2.20"
+  version = "~> 3.53"
 }
 
 provider "template" {

examples/managed_instance_group/README.md

@@ -10,18 +10,18 @@ This example requires that some python libraries be installed, as outlined in `r
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| additional\_metadata | Additional metadata to attach to the instance | map | `<map>` | no |
-| image | The Docker image to deploy to GCE instances | string | `"gcr.io/google-samples/hello-app:1.0"` | no |
-| image\_port | The port the image exposes for HTTP requests | number | `"8080"` | no |
-| mig\_instance\_count | The number of instances to place in the managed instance group | string | `"2"` | no |
-| mig\_name | The desired name to assign to the deployed managed instance group | string | `"mig-test"` | no |
-| network | The GCP network | string | `"mig-net"` | no |
-| project\_id | The project ID to deploy resource into | string | n/a | yes |
-| region | The GCP region to deploy instances into | string | n/a | yes |
-| service\_account |  | object | `<map>` | no |
-| subnetwork | The name of the subnetwork to deploy instances into | string | `"mig-subnet"` | no |
-| zone | The GCP zone to deploy instances into | string | n/a | yes |
+|------|-------------|------|---------|:--------:|
+| additional\_metadata | Additional metadata to attach to the instance | `map(any)` | `{}` | no |
+| image | The Docker image to deploy to GCE instances | `string` | `"gcr.io/google-samples/hello-app:1.0"` | no |
+| image\_port | The port the image exposes for HTTP requests | `number` | `8080` | no |
+| mig\_instance\_count | The number of instances to place in the managed instance group | `string` | `"2"` | no |
+| mig\_name | The desired name to assign to the deployed managed instance group | `string` | `"mig-test"` | no |
+| network | The GCP network | `string` | `"mig-net"` | no |
+| project\_id | The project ID to deploy resource into | `string` | n/a | yes |
+| region | The GCP region to deploy instances into | `string` | n/a | yes |
+| service\_account | n/a | <pre>object({<br>    email  = string,<br>    scopes = list(string)<br>  })</pre> | <pre>{<br>  "email": "",<br>  "scopes": [<br>    "cloud-platform"<br>  ]<br>}</pre> | no |
+| subnetwork | The name of the subnetwork to deploy instances into | `string` | `"mig-subnet"` | no |
+| zone | The GCP zone to deploy instances into | `string` | n/a | yes |
 
 ## Outputs
 

examples/managed_instance_group/main.tf

@@ -24,11 +24,11 @@ locals {
 }
 provider "google" {
   project = var.project_id
-  version = "~> 2.7.0"
+  version = "~> 3.53.0"
 }
 provider "google-beta" {
   project = var.project_id
-  version = "~> 2.7.0"
+  version = "~> 3.53.0"
 }
 module "gce-container" {
   source = "../../"
@@ -63,7 +63,7 @@ module "cloud-nat" {
 }
 module "mig_template" {
   source               = "terraform-google-modules/vm/google//modules/instance_template"
-  version              = "~> 1.0.0"
+  version              = "~> 6.0"
   network              = google_compute_network.default.self_link
   subnetwork           = google_compute_subnetwork.default.self_link
   service_account      = var.service_account
@@ -81,7 +81,7 @@ module "mig_template" {
 }
 module "mig" {
   source            = "terraform-google-modules/vm/google//modules/mig"
-  version           = "~> 1.0.0"
+  version           = "~> 6.0"
   instance_template = module.mig_template.self_link
   region            = var.region
   hostname          = var.network
@@ -97,32 +97,68 @@ module "mig" {
 }
 module "http-lb" {
   source  = "GoogleCloudPlatform/lb-http/google"
-  version = "~> 2.0"
+  version = "~> 4.5"
 
-  project = var.project_id
-  name    = "${var.mig_name}-lb"
+  project     = var.project_id
+  name        = "${var.mig_name}-lb"
+  target_tags = local.target_tags
   firewall_networks = [
     google_compute_network.default.self_link
   ]
-  target_tags = local.target_tags
+
   backends = {
-    "0" = [
-      {
-        group                        = module.mig.instance_group
-        balancing_mode               = null
-        capacity_scaler              = null
-        description                  = null
-        max_connections              = null
-        max_connections_per_instance = null
-        max_rate                     = null
-        max_rate_per_instance        = null
-        max_utilization              = null
+    default = {
+      description                     = null
+      protocol                        = "HTTP"
+      port                            = 80
+      port_name                       = "http"
+      timeout_sec                     = 30
+      connection_draining_timeout_sec = null
+      enable_cdn                      = false
+      security_policy                 = null
+      session_affinity                = null
+      affinity_cookie_ttl_sec         = null
+      custom_request_headers          = null
+
+      health_check = {
+        check_interval_sec  = null
+        timeout_sec         = null
+        healthy_threshold   = null
+        unhealthy_threshold = null
+        request_path        = "/"
+        port                = 80
+        host                = null
+        logging             = null
       }
-    ]
+
+      log_config = {
+        enable      = false
+        sample_rate = null
+      }
+
+      groups = [
+        {
+          group                        = module.mig.instance_group
+          balancing_mode               = null
+          capacity_scaler              = null
+          description                  = null
+          max_connections              = null
+          max_connections_per_instance = null
+          max_connections_per_endpoint = null
+          max_rate                     = null
+          max_rate_per_instance        = null
+          max_rate_per_endpoint        = null
+          max_utilization              = null
+        }
+      ]
+
+      iap_config = {
+        enable               = false
+        oauth2_client_id     = ""
+        oauth2_client_secret = ""
+      }
+    }
   }
-  backend_params = [
-    "/,http,${var.image_port},30",
-  ]
 }
 resource "google_compute_firewall" "lb-to-instances" {
   name    = "${var.mig_name}-firewall-lb-to-instances"

examples/managed_instance_group/variables.tf

@@ -66,7 +66,7 @@ variable "network" {
 }
 
 variable "additional_metadata" {
-  type        = map
+  type        = map(any)
   description = "Additional metadata to attach to the instance"
   default     = {}
 }

examples/simple_instance/README.md

@@ -6,14 +6,14 @@ This example illustrates how to deploy a container to a Google Compute Engine in
 ## Inputs
 
 | Name | Description | Type | Default | Required |
-|------|-------------|:----:|:-----:|:-----:|
-| client\_email | Service account email address | string | `""` | no |
-| cos\_image\_name | The forced COS image to use instead of latest | string | `"cos-stable-77-12371-89-0"` | no |
-| instance\_name | The desired name to assign to the deployed instance | string | `"hello-world-container-vm"` | no |
-| project\_id | The project ID to deploy resources into | string | n/a | yes |
-| subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
-| subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
-| zone | The GCP zone to deploy instances into | string | n/a | yes |
+|------|-------------|------|---------|:--------:|
+| client\_email | Service account email address | `string` | `""` | no |
+| cos\_image\_name | The forced COS image to use instead of latest | `string` | `"cos-stable-77-12371-89-0"` | no |
+| instance\_name | The desired name to assign to the deployed instance | `string` | `"hello-world-container-vm"` | no |
+| project\_id | The project ID to deploy resources into | `any` | n/a | yes |
+| subnetwork | The name of the subnetwork to deploy instances into | `any` | n/a | yes |
+| subnetwork\_project | The project ID where the desired subnetwork is provisioned | `any` | n/a | yes |
+| zone | The GCP zone to deploy instances into | `string` | n/a | yes |
 
 ## Outputs