feat: support svpc host project in export-terraform (#910)

GoogleContainerTools · Sep 12, 2022 · 1e5d4a1 · 1e5d4a1
1 parent f1759e7
commit 1e5d4a1
Show file tree

Hide file tree

Showing 10 changed files with 100 additions and 3 deletions.
diff --git a/functions/go/export-terraform/README.md b/functions/go/export-terraform/README.md
@@ -16,6 +16,7 @@ The goal is to make the generated output as close to possible as what a human wo
 The following KCC resources are supported:
 - Folder
 - Project
+- ComputeSharedVPCHostProject
 - IAMPartialPolicy
 - IAMPolicy
 - IAMPolicyMember

diff --git a/functions/go/export-terraform/terraformgenerator/network.go b/functions/go/export-terraform/terraformgenerator/network.go
@@ -31,3 +31,31 @@ func (resource *terraformResource) GetFirewallAllowPortsProtocol() []firewallAll
 	}
 	return firewallAllows
 }
+
+// IsSVPCHost checks if the resource is a SVPC Host project.
+// The resource is a SVPC Host project if and only if it is of kind Project
+// and has a corresponding ComputeSharedVPCHostProject child resource.
+func (resource *terraformResource) IsSVPCHost() bool {
+	if resource.Kind != "Project" {
+		return false
+	}
+	projectID, found, err := resource.Item.GetString("metadata", "name")
+	if !found || err != nil {
+		return false
+	}
+	for _, child := range resource.Children {
+		if child.Kind != "ComputeSharedVPCHostProject" {
+			continue
+		}
+		// ComputeSharedVPCHostProject has no spec and relies on anno
+		// https://cloud.google.com/config-connector/docs/reference/resource-docs/compute/computesharedvpchostproject#annotations
+		svpcHostProjectID, found, err := child.Item.GetString("metadata", "annotations", "cnrm.cloud.google.com/project-id")
+		if !found || err != nil {
+			continue
+		}
+		if projectID == svpcHostProjectID {
+			return true
+		}
+	}
+	return false
+}
diff --git a/functions/go/export-terraform/terraformgenerator/templates/projects.tf b/functions/go/export-terraform/terraformgenerator/templates/projects.tf
@@ -7,7 +7,8 @@ module "{{ $project.GetResourceName }}" {
   project_id = "{{ $project.GetResourceName }}"{{end}}
   org_id     = {{ $project.GetOrganization.GetTerraformId false }}{{if eq $project.Parent.Kind "Folder"}}
   folder_id  = {{ $project.Parent.GetTerraformId false }}{{end}}
-
+{{ if $project.IsSVPCHost }}
+  enable_shared_vpc_host_project = true{{end}}
   billing_account = {{ $project.References.BillingAccount.GetTerraformId false }}{{if $project.GetBool "metadata" "annotations" "cnrm.cloud.google.com/auto-create-network"}}
   auto_create_network = true{{end}}
 }

diff --git a/functions/go/export-terraform/terraformgenerator/terraform_generator.go b/functions/go/export-terraform/terraformgenerator/terraform_generator.go
@@ -55,6 +55,7 @@ func Processor(rl *sdk.ResourceList) error {
 		"ServiceNetworkingConnection": true,
 		"ComputeFirewall":             true,
 		"LoggingLogBucket":            true,
+		"ComputeSharedVPCHostProject": true,
 	}
 
 	for _, item := range rl.Items {

diff --git a/functions/go/export-terraform/testdata/multi-network/input/net1/sharedVPC.yaml b/functions/go/export-terraform/testdata/multi-network/input/net1/sharedVPC.yaml
@@ -0,0 +1,21 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: compute.cnrm.cloud.google.com/v1beta1
+kind: ComputeSharedVPCHostProject
+metadata:
+  name: prj-network-host
+  namespace: networking # kpt-set: ${namespace}
+  annotations:
+    cnrm.cloud.google.com/project-id: this-project-does-not-exist
+    cnrm.cloud.google.com/blueprint: cnrm/landing-zone:networking/v0.4.1
diff --git a/functions/go/export-terraform/testdata/multi-network/input/net2/projects.yaml b/functions/go/export-terraform/testdata/multi-network/input/net2/projects.yaml
@@ -20,7 +20,7 @@ metadata:
   annotations:
     cnrm.cloud.google.com/blueprint: 'kpt-fn'
 spec:
-  name: prj-network2 # kpt-set: ${project-id}
+  name: prj-network2-diff-name # kpt-set: ${project-id}
   billingAccountRef:
     external: AAAAAA-AAAAAA-AAAAAA
   organizationRef:

diff --git a/functions/go/export-terraform/testdata/multi-network/input/net2/sharedVPC.yaml b/functions/go/export-terraform/testdata/multi-network/input/net2/sharedVPC.yaml
@@ -0,0 +1,21 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: compute.cnrm.cloud.google.com/v1beta1
+kind: ComputeSharedVPCHostProject
+metadata:
+  name: prj-network-host
+  namespace: networking # kpt-set: ${namespace}
+  annotations:
+    cnrm.cloud.google.com/project-id: prj-network2
+    cnrm.cloud.google.com/blueprint: cnrm/landing-zone:networking/v0.4.1
diff --git a/functions/go/export-terraform/testdata/multi-network/tf/projects.tf b/functions/go/export-terraform/testdata/multi-network/tf/projects.tf
@@ -12,8 +12,10 @@ module "prj-network2" {
   source  = "terraform-google-modules/project-factory/google"
   version = "~> 12.0"
 
-  name       = "prj-network2"
+  name       = "prj-network2-diff-name"
+  project_id = "prj-network2"
   org_id     = var.org_id
 
+  enable_shared_vpc_host_project = true
   billing_account = var.billing_account
 }
diff --git a/functions/go/export-terraform/testdata/network/input/sharedVPC.yaml b/functions/go/export-terraform/testdata/network/input/sharedVPC.yaml
@@ -0,0 +1,21 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: compute.cnrm.cloud.google.com/v1beta1
+kind: ComputeSharedVPCHostProject
+metadata:
+  name: prj-network-host
+  namespace: networking # kpt-set: ${namespace}
+  annotations:
+    cnrm.cloud.google.com/project-id: prj-network
+    cnrm.cloud.google.com/blueprint: cnrm/landing-zone:networking/v0.4.1
diff --git a/functions/go/export-terraform/testdata/network/tf/projects.tf b/functions/go/export-terraform/testdata/network/tf/projects.tf
@@ -5,5 +5,6 @@ module "prj-network" {
   name       = "prj-network"
   org_id     = var.org_id
 
+  enable_shared_vpc_host_project = true
   billing_account = var.billing_account
 }