From d2038cc12f6f415503ee0418d838e05202b3a7b4 Mon Sep 17 00:00:00 2001
From: Esanim <17294241+Esanim@users.noreply.github.com>
Date: Fri, 1 Mar 2024 12:04:55 +0100
Subject: [PATCH] feat: add support for the latest subnetwork arguments (uses
5.10 google provider)
BREAKING CHANGE: drop support for google provider < 5.10
---
README.md | 48 ++++++++++++++++++++-
README.tfdoc.hcl | 56 ++++++++++++++++++++++++-
main.tf | 10 ++++-
test/unit-complete/_generated_google.tf | 4 +-
test/unit-complete/main.tf | 24 ++++++++++-
test/unit-disabled/_generated_google.tf | 4 +-
test/unit-minimal/_generated_google.tf | 4 +-
variables.tf | 36 ++++++++++++++++
versions.tf | 2 +-
versions.tm.hcl | 2 +-
10 files changed, 177 insertions(+), 13 deletions(-)
diff --git a/README.md b/README.md
index f97abf0..948c563 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@
A [Terraform](https://www.terraform.io) module to create a [Google Network Subnet](https://cloud.google.com/vpc/docs/vpc#vpc_networks_and_subnets) on [Google Cloud Services (GCP)](https://cloud.google.com/).
**_This module supports Terraform version 1
-and is compatible with the Terraform Google Provider version 4._** and 5._**
+and is compatible with the Terraform Google Provider version and 5.10+
This module is part of our Infrastructure as Code (IaC) framework
that enables our users and customers to easily deploy and manage reusable,
@@ -101,6 +101,52 @@ See [variables.tf] and [examples/] for details and use-cases.
Default is `true`.
+- [**`purpose`**](#var-purpose): *(Optional `string`)*
+
+ (Optional) This field can be either PRIVATE_RFC_1918, REGIONAL_MANAGED_PROXY,
+ GLOBAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT or PRIVATE_NAT(Beta).
+ If unspecified, the purpose defaults to PRIVATE_RFC_1918.
+
+ Default is `null`.
+
+- [**`role`**](#var-role): *(Optional `string`)*
+
+ The role of subnetwork. Currently, this field is only used when
+ purpose is REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP.
+ An ACTIVE subnetwork is one that is currently being used for Envoy-based
+ load balancers in a region. A BACKUP subnetwork is one that is ready to
+ be promoted to ACTIVE or is currently draining.
+
+ Default is `null`.
+
+- [**`private_ipv6_google_access`**](#var-private_ipv6_google_access): *(Optional `bool`)*
+
+ The private IPv6 google access type for the VMs in this subnet.
+
+ Default is `true`.
+
+- [**`stack_type`**](#var-stack_type): *(Optional `string`)*
+
+ The stack type for this subnet to identify whether the IPv6 feature is enabled or not.
+ If not specified IPV4_ONLY will be used. Possible values are: IPV4_ONLY, IPV4_IPV6.
+
+ Default is `null`.
+
+- [**`ipv6_access_type`**](#var-ipv6_access_type): *(Optional `string`)*
+
+ The access type of IPv6 address this subnet holds.
+ It's immutable and can only be specified during creation or the first time the subnet is updated
+ into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet cannot enable direct path.
+ Possible values are: EXTERNAL, INTERNAL.
+
+ Default is `null`.
+
+- [**`external_ipv6_prefix`**](#var-external_ipv6_prefix): *(Optional `string`)*
+
+ The range of external IPv6 addresses that are owned by this subnetwork.
+
+ Default is `null`.
+
- [**`ip_cidr_range`**](#var-ip_cidr_range): *(**Required** `string`)*
The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported.
diff --git a/README.tfdoc.hcl b/README.tfdoc.hcl
index 2e59f52..fc69317 100644
--- a/README.tfdoc.hcl
+++ b/README.tfdoc.hcl
@@ -40,7 +40,7 @@ section {
A [Terraform](https://www.terraform.io) module to create a [Google Network Subnet](https://cloud.google.com/vpc/docs/vpc#vpc_networks_and_subnets) on [Google Cloud Services (GCP)](https://cloud.google.com/).
**_This module supports Terraform version 1
- and is compatible with the Terraform Google Provider version 4._** and 5._**
+ and is compatible with the Terraform Google Provider version and 5.10+
This module is part of our Infrastructure as Code (IaC) framework
that enables our users and customers to easily deploy and manage reusable,
@@ -141,6 +141,60 @@ section {
END
}
+ variable "purpose" {
+ type = string
+ default = null
+ description = <<-END
+ (Optional) This field can be either PRIVATE_RFC_1918, REGIONAL_MANAGED_PROXY,
+ GLOBAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT or PRIVATE_NAT(Beta).
+ If unspecified, the purpose defaults to PRIVATE_RFC_1918.
+ END
+ }
+
+ variable "role" {
+ type = string
+ default = null
+ description = <<-END
+ The role of subnetwork. Currently, this field is only used when
+ purpose is REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP.
+ An ACTIVE subnetwork is one that is currently being used for Envoy-based
+ load balancers in a region. A BACKUP subnetwork is one that is ready to
+ be promoted to ACTIVE or is currently draining.
+ END
+ }
+ variable "private_ipv6_google_access" {
+ type = bool
+ default = true
+ description = <<-END
+ The private IPv6 google access type for the VMs in this subnet.
+ END
+ }
+ variable "stack_type" {
+ type = string
+ default = null
+ description = <<-END
+ The stack type for this subnet to identify whether the IPv6 feature is enabled or not.
+ If not specified IPV4_ONLY will be used. Possible values are: IPV4_ONLY, IPV4_IPV6.
+ END
+ }
+ variable "ipv6_access_type" {
+ type = string
+ default = null
+ description = <<-END
+ The access type of IPv6 address this subnet holds.
+ It's immutable and can only be specified during creation or the first time the subnet is updated
+ into IPV4_IPV6 dual stack. If the ipv6_type is EXTERNAL then this subnet cannot enable direct path.
+ Possible values are: EXTERNAL, INTERNAL.
+ END
+ }
+ variable "external_ipv6_prefix" {
+ type = string
+ default = null
+ description = <<-END
+ The range of external IPv6 addresses that are owned by this subnetwork.
+ END
+ }
+
variable "ip_cidr_range" {
required = true
type = string
diff --git a/main.tf b/main.tf
index b27664c..2556085 100644
--- a/main.tf
+++ b/main.tf
@@ -13,8 +13,14 @@ resource "google_compute_subnetwork" "subnetwork" {
name = var.name
description = var.description
- private_ip_google_access = var.private_ip_google_access
- ip_cidr_range = cidrsubnet(var.ip_cidr_range, 0, 0)
+ ip_cidr_range = cidrsubnet(var.ip_cidr_range, 0, 0)
+ purpose = try(var.purpose, null)
+ role = try(var.role, null)
+ private_ip_google_access = var.private_ip_google_access
+ private_ipv6_google_access = try(var.private_ipv6_google_access, null)
+ stack_type = try(var.stack_type, null)
+ ipv6_access_type = try(var.ipv6_access_type, null)
+ external_ipv6_prefix = try(var.external_ipv6_prefix, null)
dynamic "secondary_ip_range" {
for_each = var.secondary_ip_ranges
diff --git a/test/unit-complete/_generated_google.tf b/test/unit-complete/_generated_google.tf
index afb5c2b..94de2d2 100644
--- a/test/unit-complete/_generated_google.tf
+++ b/test/unit-complete/_generated_google.tf
@@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0, <6"
+ version = ">= 5.10, <6"
}
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.0, <6"
+ version = ">= 5.10, <6"
}
random = {
source = "hashicorp/random"
diff --git a/test/unit-complete/main.tf b/test/unit-complete/main.tf
index 4186759..97545db 100644
--- a/test/unit-complete/main.tf
+++ b/test/unit-complete/main.tf
@@ -1,5 +1,5 @@
module "test-sa" {
- source = "github.com/mineiros-io/terraform-google-service-account?ref=v0.0.12"
+ source = "github.com/mineiros-io/terraform-google-service-account?ref=v0.2.1"
account_id = "service-account-id-${local.random_suffix}"
}
@@ -121,3 +121,25 @@ module "test2" {
module_depends_on = ["nothing"]
}
+
+module "ipv6_regional_proxy" {
+ source = "../.."
+
+ module_enabled = true
+ name = "test-subnetwork"
+
+ project = local.project_id
+ network = "projects/test-project/global/networks/test-network"
+ ip_cidr_range = "10.0.0.0/22"
+ region = "us-west2"
+
+ stack_type = "IPV4_IPV6"
+ ipv6_access_type = "EXTERNAL"
+
+ purpose = "REGIONAL_MANAGED_PROXY"
+ role = "BACKUP"
+ private_ipv6_google_access = true
+ external_ipv6_prefix = "2001:db8:1234::/48"
+
+ module_depends_on = ["nothing"]
+}
diff --git a/test/unit-disabled/_generated_google.tf b/test/unit-disabled/_generated_google.tf
index baff3fe..bde9c35 100644
--- a/test/unit-disabled/_generated_google.tf
+++ b/test/unit-disabled/_generated_google.tf
@@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0, <6"
+ version = ">= 5.10, <6"
}
google-beta = {
source = "hashicorp/google-beta"
- version = ">= 4.0, <6"
+ version = ">= 5.10, <6"
}
random = {
source = "hashicorp/random"
diff --git a/test/unit-minimal/_generated_google.tf b/test/unit-minimal/_generated_google.tf
index 48fb18a..f3658b6 100644
--- a/test/unit-minimal/_generated_google.tf
+++ b/test/unit-minimal/_generated_google.tf
@@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = "4.0"
+ version = "5.10"
}
google-beta = {
source = "hashicorp/google-beta"
- version = "4.0"
+ version = "5.10"
}
random = {
source = "hashicorp/random"
diff --git a/variables.tf b/variables.tf
index 94298ff..8794c2b 100644
--- a/variables.tf
+++ b/variables.tf
@@ -46,6 +46,42 @@ variable "secondary_ip_ranges" {
default = []
}
+variable "purpose" {
+ type = string
+ description = "The purpose of the resource. This field can be either PRIVATE_RFC_1918, REGIONAL_MANAGED_PROXY, GLOBAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT or PRIVATE_NAT(Beta)."
+ default = null
+}
+
+variable "role" {
+ type = string
+ description = "The role of subnetwork. Currently, this field is only used when purpose is REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP"
+ default = null
+}
+
+variable "private_ipv6_google_access" {
+ type = bool
+ description = "The private IPv6 google access type for the VMs in this subnet."
+ default = null
+}
+
+variable "stack_type" {
+ type = string
+ description = "The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. Possible values are: IPV4_ONLY, IPV4_IPV6."
+ default = null
+}
+
+variable "ipv6_access_type" {
+ type = string
+ description = "The access type of IPv6 address this subnet holds. Possible values are: EXTERNAL, INTERNAL."
+ default = null
+}
+
+variable "external_ipv6_prefix" {
+ type = string
+ description = "The range of external IPv6 addresses that are owned by this subnetwork."
+ default = null
+}
+
variable "project" {
type = string
description = "(Optional) The ID of the project in which the resources belong. If it is not set, the provider project is used."
diff --git a/versions.tf b/versions.tf
index a263e7c..9cfd381 100644
--- a/versions.tf
+++ b/versions.tf
@@ -5,7 +5,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = ">= 4.0, <6"
+ version = ">= 5.10, <6"
}
}
}
diff --git a/versions.tm.hcl b/versions.tm.hcl
index 12f5183..049bd71 100644
--- a/versions.tm.hcl
+++ b/versions.tm.hcl
@@ -2,7 +2,7 @@ globals {
minimum_terraform_version = "1.0"
provider = "google"
- minimum_provider_version = "4.0"
+ minimum_provider_version = "5.10"
provider_version_constraint = ">= ${global.minimum_provider_version}, <6"
terraform_version_constraint = "~> ${global.minimum_terraform_version}, != 1.1.0, != 1.1.1"