Merge pull request #48 from terraform-google-modules/feature/ci

Concourse CI

Author: morgante

Makefile

@@ -16,15 +16,12 @@
 SHELL := /usr/bin/env bash
 
 # Docker build config variables
-BUILD_TERRAFORM_VERSION ?= 0.11.10
-BUILD_CLOUD_SDK_VERSION ?= 216.0.0
-BUILD_PROVIDER_GOOGLE_VERSION ?= 1.17.1
-BUILD_PROVIDER_GSUITE_VERSION ?= 0.1.8
-DOCKER_IMAGE_TERRAFORM := cftk/terraform
-DOCKER_TAG_TERRAFORM ?= ${BUILD_TERRAFORM_VERSION}_${BUILD_CLOUD_SDK_VERSION}_${BUILD_PROVIDER_GOOGLE_VERSION}_${BUILD_PROVIDER_GSUITE_VERSION}
-BUILD_RUBY_VERSION := 2.5.3
-DOCKER_IMAGE_KITCHEN_TERRAFORM := cftk/kitchen_terraform
-DOCKER_TAG_KITCHEN_TERRAFORM ?= ${BUILD_TERRAFORM_VERSION}_${BUILD_CLOUD_SDK_VERSION}_${BUILD_PROVIDER_GOOGLE_VERSION}_${BUILD_PROVIDER_GSUITE_VERSION}
+CREDENTIALS_PATH ?= /cft/workdir/credentials.json
+DOCKER_ORG := gcr.io/cloud-foundation-cicd
+DOCKER_TAG_BASE_KITCHEN_TERRAFORM ?= 0.11.10_216.0.0_1.19.1_0.1.10
+DOCKER_REPO_BASE_KITCHEN_TERRAFORM := ${DOCKER_ORG}/cft/kitchen-terraform:${DOCKER_TAG_BASE_KITCHEN_TERRAFORM}
+DOCKER_TAG_KITCHEN_TERRAFORM ?= ${DOCKER_TAG_BASE_KITCHEN_TERRAFORM}
+DOCKER_IMAGE_KITCHEN_TERRAFORM := cft/kitchen-terraform_terraform-google-kubernetes-engine
 
 # All is the first target in the file so it will get picked up when you just run 'make' on its own
 all: check_shell check_python check_golang check_terraform check_docker check_base_files test_check_headers check_headers check_trailing_whitespace generate_docs
@@ -94,57 +91,61 @@ version:
 	@source helpers/version-repo.sh
 
 # Build Docker
-.PHONY: docker_build_terraform
-docker_build_terraform:
-	docker build -f build/docker/terraform/Dockerfile \
-		--build-arg BUILD_TERRAFORM_VERSION=${BUILD_TERRAFORM_VERSION} \
-		--build-arg BUILD_CLOUD_SDK_VERSION=${BUILD_CLOUD_SDK_VERSION} \
-		--build-arg BUILD_PROVIDER_GOOGLE_VERSION=${BUILD_PROVIDER_GOOGLE_VERSION} \
-		--build-arg BUILD_PROVIDER_GSUITE_VERSION=${BUILD_PROVIDER_GSUITE_VERSION} \
-		--build-arg CREDENTIALS_FILE=${CREDENTIALS_FILE} \
-		-t ${DOCKER_IMAGE_TERRAFORM}:${DOCKER_TAG_TERRAFORM} .
-
 .PHONY: docker_build_kitchen_terraform
 docker_build_kitchen_terraform:
 	docker build -f build/docker/kitchen_terraform/Dockerfile \
-		--build-arg BUILD_TERRAFORM_IMAGE="${DOCKER_IMAGE_TERRAFORM}:${DOCKER_TAG_TERRAFORM}" \
-		--build-arg BUILD_RUBY_VERSION="${BUILD_RUBY_VERSION}" \
-		--build-arg CREDENTIALS_FILE="${CREDENTIALS_FILE}" \
+		--build-arg BASE_IMAGE=${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
 		-t ${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} .
 
+# Push Docker image
+.PHONY: docker_push_kitchen_terraform
+docker_push_kitchen_terraform:
+	docker tag ${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} ${DOCKER_ORG}/${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM}
+	docker push ${DOCKER_ORG}/${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM}
+
 # Run docker
 .PHONY: docker_run
 docker_run:
 	docker run --rm -it \
-		-v $(CURDIR):/cftk/workdir \
+		-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
+		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
+		-v $(CURDIR):/cft/workdir \
 		${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
 		/bin/bash
 
 .PHONY: docker_create
-docker_create: docker_build_terraform docker_build_kitchen_terraform
+docker_create: docker_build_kitchen_terraform
 	docker run --rm -it \
-		-v $(CURDIR):/cftk/workdir \
+		-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
+		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
+		-v $(CURDIR):/cft/workdir \
 		${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
 		/bin/bash -c "kitchen create"
 
 .PHONY: docker_converge
 docker_converge:
 	docker run --rm -it \
-		-v $(CURDIR):/cftk/workdir \
+		-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
+		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
+		-v $(CURDIR):/cft/workdir \
 		${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
 		/bin/bash -c "kitchen converge && kitchen converge"
 
 .PHONY: docker_verify
 docker_verify:
 	docker run --rm -it \
-		-v $(CURDIR):/cftk/workdir \
+		-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
+		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
+		-v $(CURDIR):/cft/workdir \
 		${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
 		/bin/bash -c "kitchen verify"
 
 .PHONY: docker_destroy
 docker_destroy:
 	docker run --rm -it \
-		-v $(CURDIR):/cftk/workdir \
+		-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
+		-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
+		-v $(CURDIR):/cft/workdir \
 		${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
 		/bin/bash -c "kitchen destroy"
 

README.md

@@ -230,8 +230,8 @@ The test-kitchen instances in `test/fixtures/` wrap identically-named examples i
 3. Build the Docker containers for testing:
 
   ```
-  CREDENTIALS_FILE="credentials.json" make docker_build_terraform
-  CREDENTIALS_FILE="credentials.json" make docker_build_kitchen_terraform
+  make docker_build_terraform
+  make docker_build_kitchen_terraform
   ```
 4. Run the testing container in interactive mode:
 
@@ -247,7 +247,7 @@ The test-kitchen instances in `test/fixtures/` wrap identically-named examples i
   3. `kitchen verify` tests the created infrastructure. Run `kitchen verify <INSTANCE_NAME>` to run a specific test case.
   4. `kitchen destroy` tears down the underlying resources created by `kitchen converge`. Run `kitchen destroy <INSTANCE_NAME>` to tear down resources for a specific test case.
 
-Alternatively, you can simply run `CREDENTIALS_FILE="credentials.json"  make test_integration_docker` to run all the test steps non-interactively.
+Alternatively, you can simply run `make test_integration_docker` to run all the test steps non-interactively.
 
 #### Test configuration
 

build/docker/kitchen_terraform/Dockerfile

@@ -12,58 +12,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-ARG BUILD_TERRAFORM_IMAGE
-ARG BUILD_RUBY_VERSION
-# hadolint ignore=DL3006
-FROM $BUILD_TERRAFORM_IMAGE as cfkt_terraform
+ARG BASE_IMAGE
 
-
-
-FROM ruby:$BUILD_RUBY_VERSION-alpine
+FROM $BASE_IMAGE
 
 RUN apk add --no-cache \
-    bash=4.4.19-r1 \
-    curl=7.61.1-r1 \
-    git=2.18.1-r0 \
-    g++=6.4.0-r9 \
-    jq=1.6_rc1-r1 \
-    make=4.2.1-r2 \
-    musl-dev=1.1.19-r10 \
-    python2=2.7.15-r1 \
-    python2-dev=2.7.15-r1 \
-    py2-pip=10.0.1-r0 \
     ca-certificates=20171114-r3
 
 ADD https://storage.googleapis.com/kubernetes-release/release/v1.12.2/bin/linux/amd64/kubectl /usr/local/bin/kubectl
 RUN chmod +x /usr/local/bin/kubectl
 
-SHELL ["/bin/bash", "-c"]
-
-ENV APP_BASE_DIR="/cftk"
-
-COPY --from=cfkt_terraform $APP_BASE_DIR $APP_BASE_DIR
-
-ARG CREDENTIALS_FILE
-
-ENV HOME="$APP_BASE_DIR/home"
-ENV PATH $APP_BASE_DIR/bin:$APP_BASE_DIR/google-cloud-sdk/bin:$PATH
-ENV GOOGLE_APPLICATION_CREDENTIALS="$APP_BASE_DIR/workdir/$CREDENTIALS_FILE" \
-    CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE="$APP_BASE_DIR/workdir/$CREDENTIALS_FILE"
-
-# Fix base64 inconsistency
-SHELL ["/bin/bash", "-c"]
-RUN echo 'base64() { if [[ $@ == "--decode" ]]; then command base64 -d | more; else command base64 "$@"; fi; }' >> $APP_BASE_DIR/home/.bashrc
-
-RUN terraform --version && \
-    gcloud --version && \
-    ruby --version && \
-    bundle --version
-
-COPY ./Gemfile /opt/kitchen/
-
 WORKDIR /opt/kitchen
+COPY Gemfile .
 RUN bundle install
-
-RUN gcloud components install beta --quiet
-
 WORKDIR $APP_BASE_DIR/workdir

build/docker/terraform/Dockerfile

@@ -38,14 +38,14 @@ module "gke" {
   node_pools = [
     {
       name            = "pool-01"
-      min_count       = 4
+      min_count       = 1
       service_account = "${var.compute_engine_service_account}"
     },
     {
       name            = "pool-02"
       machine_type    = "n1-standard-2"
-      min_count       = 2
-      max_count       = 3
+      min_count       = 1
+      max_count       = 2
       disk_size_gb    = 30
       disk_type       = "pd-standard"
       image_type      = "COS"

examples/node_pool/main.tf

@@ -76,7 +76,7 @@
             including(
               "name" => "pool-01",
               "autoscaling" => including(
-                "minNodeCount" => 4,
+                "minNodeCount" => 1,
               ),
             )
           )
@@ -173,7 +173,7 @@
             including(
               "name" => "pool-02",
               "autoscaling" => including(
-                "minNodeCount" => 2,
+                "minNodeCount" => 1,
               ),
             )
           )
@@ -184,7 +184,7 @@
             including(
               "name" => "pool-02",
               "autoscaling" => including(
-                "maxNodeCount" => 3,
+                "maxNodeCount" => 2,
               ),
             )
           )