Merge pull request #17 from terraform-google-modules/feature/ordering

feat: add variables for dependency ordering feat: add flag to disable upgrades and make each instance separate
terraform-google-modules · Jan 22, 2020 · 6acb11e · 6acb11e
2 parents a836d76 + 7863d69
commit 6acb11e
Show file tree

Hide file tree

Showing 15 changed files with 299 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -40,8 +40,10 @@ The [jq](https://stedolan.github.io/jq/) binary is also included in this module
 | destroy\_cmd\_body | On destroy, the command body you'd like to run with your entrypoint. | string | `"info"` | no |
 | destroy\_cmd\_entrypoint | On destroy, the command entrypoint you'd like to use.  Can also be set to a custom script. Module's bin directory will be prepended to path. | string | `"gcloud"` | no |
 | enabled | Flag to optionally disable usage of this module. | bool | `"true"` | no |
+| module\_depends\_on | List of modules or resources this module depends on. | list | `<list>` | no |
 | platform | Platform CLI will run on. Defaults to linux. Valid values: linux, darwin | string | `"linux"` | no |
 | service\_account\_key\_file | Path to service account key file to run `gcloud auth activate-service-account` with. Optional. | string | `""` | no |
+| upgrade | Whether to upgrade gcloud at runtime | bool | `"true"` | no |
 | use\_tf\_google\_credentials\_env\_var | Use GOOGLE_CREDENTIALS environment variable to run `gcloud auth activate-service-account` with. Optional. | string | `"false"` | no |
 
 ## Outputs

diff --git a/examples/dependency_example/README.md b/examples/dependency_example/README.md
@@ -0,0 +1,18 @@
+# Dependency Example
+
+This example illustrates how to control the order of execution for scripts.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| filename | Filename filled with text |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+To provision this example, run the following from within this directory:
+- `terraform init` to get the plugins
+- `terraform plan` to see the infrastructure plan
+- `terraform apply` to apply the infrastructure build
+- `terraform destroy` to destroy the built infrastructure
diff --git a/examples/dependency_example/main.tf b/examples/dependency_example/main.tf
@@ -0,0 +1,60 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  filename = abspath("${path.module}/file-${random_pet.filename.id}.txt")
+}
+
+resource "random_pet" "filename" {
+  keepers = {
+    always = uuid()
+  }
+}
+
+module "hello" {
+  source = "../.."
+
+  platform = "linux"
+  upgrade  = false
+
+  create_cmd_entrypoint = "${path.module}/scripts/script.sh"
+  create_cmd_body       = "${local.filename} hello"
+}
+
+module "two" {
+  source = "../.."
+
+  platform = "linux"
+  upgrade  = false
+
+  create_cmd_entrypoint = "${path.module}/scripts/script.sh"
+  create_cmd_body       = "${local.filename} two"
+}
+
+module "goodbye" {
+  source = "../.."
+
+  platform = "linux"
+  upgrade  = false
+
+  create_cmd_entrypoint = "${path.module}/scripts/script.sh"
+  create_cmd_body       = "${local.filename} goodbye"
+
+  module_depends_on = [
+    module.hello.wait,
+    module.two.wait
+  ]
+}
diff --git a/examples/dependency_example/outputs.tf b/examples/dependency_example/outputs.tf
@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "filename" {
+  description = "Filename filled with text"
+  value       = local.filename
+}
diff --git a/examples/dependency_example/scripts/script.sh b/examples/dependency_example/scripts/script.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/sh
+
+for i in {1..5}
+do
+    echo "$2 $i" >> "$1"
+    sleep 1
+done
diff --git a/examples/dependency_example/versions.tf b/examples/dependency_example/versions.tf
@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/examples/script_example/scripts/script.sh b/examples/script_example/scripts/script.sh
@@ -18,11 +18,6 @@
 GCLOUD_LOCATION=$(command -v gcloud)
 echo "Using gcloud from $GCLOUD_LOCATION"
 
-if [[ $GCLOUD_LOCATION != *"/cache/linux/google-cloud-sdk/bin/gcloud" ]]; then
-  echo "gcloud bin not in modules directory"
-  exit 1
-fi
-
 gcloud --version
 echo "running gcloud services $1 appengine.googleapis.com --project $2"
 gcloud services "$1" appengine.googleapis.com --project "$2"
diff --git a/kitchen.yml b/kitchen.yml
@@ -48,3 +48,14 @@ suites:
           backend: local
           controls:
             - gcloud
+  - name: dependency_example
+    driver:
+      command_timeout: 1800
+      root_module_directory: test/fixtures/dependency_example/
+    verifier:
+      color: false
+      systems:
+        - name: dependency_example local
+          backend: local
+          controls:
+            - file
diff --git a/main.tf b/main.tf
@@ -16,7 +16,8 @@
 
 locals {
   tmp_credentials_path = "${path.module}/terraform-google-credentials.json"
-  cache_path           = "${path.module}/cache/${var.platform}"
+  original_path        = "${path.module}/cache/${var.platform}"
+  cache_path           = "${path.module}/cache/${random_id.cache.hex}"
   gcloud_tar_path      = "${local.cache_path}/google-cloud-sdk.tar.gz"
   gcloud_bin_path      = "${local.cache_path}/google-cloud-sdk/bin"
   gcloud_bin_abs_path  = abspath(local.gcloud_bin_path)
@@ -36,6 +37,7 @@ locals {
     ) + length(null_resource.gcloud_auth_google_credentials.*.triggers,
   ) + length(null_resource.run_command.*.triggers)
 
+  copy_command                                 = "cp -R ${local.original_path} ${local.cache_path}"
   decompress_command                           = "tar -xzf ${local.gcloud_tar_path} -C ${local.cache_path} && cp ${local.cache_path}/jq ${local.cache_path}/google-cloud-sdk/bin/"
   upgrade_command                              = "${local.gcloud} components update --quiet"
   additional_components_command                = "${local.gcloud} components install ${local.components} --quiet"
@@ -47,6 +49,33 @@ locals {
 
 }
 
+resource "random_id" "cache" {
+  byte_length = 4
+}
+
+resource "null_resource" "module_depends_on" {
+  count = length(var.module_depends_on) > 0 ? 1 : 0
+
+  triggers = {
+    value = length(var.module_depends_on)
+  }
+}
+
+resource "null_resource" "copy" {
+  count = var.enabled ? 1 : 0
+
+  triggers = {
+    always = uuid()
+  }
+
+  provisioner "local-exec" {
+    when    = create
+    command = local.copy_command
+  }
+
+  depends_on = [null_resource.module_depends_on]
+}
+
 resource "null_resource" "decompress" {
   count = var.enabled ? 1 : 0
 
@@ -58,10 +87,12 @@ resource "null_resource" "decompress" {
     when    = create
     command = local.decompress_command
   }
+
+  depends_on = [null_resource.copy]
 }
 
 resource "null_resource" "upgrade" {
-  count = var.enabled ? 1 : 0
+  count = (var.enabled && var.upgrade) ? 1 : 0
 
   depends_on = [null_resource.decompress]
 
@@ -182,7 +213,7 @@ resource "null_resource" "additional_components_destroy" {
 }
 
 resource "null_resource" "upgrade_destroy" {
-  count = var.enabled ? 1 : 0
+  count = (var.enabled && var.upgrade) ? 1 : 0
 
   depends_on = [
     null_resource.additional_components_destroy,

diff --git a/test/fixtures/dependency_example/main.tf b/test/fixtures/dependency_example/main.tf
@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "example" {
+  source = "../../../examples/dependency_example"
+}
diff --git a/test/fixtures/dependency_example/outputs.tf b/test/fixtures/dependency_example/outputs.tf
@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "filename" {
+  description = "Filename filled with text"
+  value       = module.example.filename
+}
diff --git a/test/fixtures/dependency_example/versions.tf b/test/fixtures/dependency_example/versions.tf
@@ -0,0 +1,19 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/test/integration/dependency_example/controls/file.rb b/test/integration/dependency_example/controls/file.rb
@@ -0,0 +1,34 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+control "file" do
+  title "file"
+
+  describe command("cat #{attribute("filename")} | wc -l") do
+    its(:exit_status) { should eq 0 }
+    its(:stderr) { should eq "" }
+    its(:stdout) { should match "15" }
+  end
+
+  describe command("tail -n 5 #{attribute("filename")}") do
+    its(:exit_status) { should eq 0 }
+    its(:stderr) { should eq "" }
+    its(:stdout) { should match %{goodbye 1
+goodbye 2
+goodbye 3
+goodbye 4
+goodbye 5
+} }
+  end
+end
diff --git a/test/integration/dependency_example/inspec.yml b/test/integration/dependency_example/inspec.yml
@@ -0,0 +1,9 @@
+name: dependency_example
+depends:
+  - name: inspec-gcp
+    git: https://github.com/inspec/inspec-gcp.git
+    tag: v0.10.0
+attributes:
+  - name: filename
+    required: true
+    type: string
diff --git a/variables.tf b/variables.tf
@@ -20,6 +20,18 @@ variable "enabled" {
   default     = true
 }
 
+variable "upgrade" {
+  description = "Whether to upgrade gcloud at runtime"
+  type        = bool
+  default     = true
+}
+
+variable "module_depends_on" {
+  description = "List of modules or resources this module depends on."
+  type        = list
+  default     = []
+}
+
 variable "create_cmd_entrypoint" {
   description = "On create, the command entrypoint you'd like to use. Can also be set to a custom script. Module's bin directory will be prepended to path."
   default     = "gcloud"