Add terraform files and config for GCP

Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2026-02-06 19:05:55 +00:00 · 2023-06-21 20:43:07 +01:00
parent f6b0c6e7ef
commit 7c1b897919
8 changed files with 310 additions and 2 deletions
--- a/tests/integration/terraform/gcp/main.tf
+++ b/tests/integration/terraform/gcp/main.tf
@@ -0,0 +1,49 @@
+provider "google" {
+  project = var.gcp_project_id
+  region  = var.gcp_region
+  zone    = var.gcp_zone
+}
+
+resource "random_pet" "suffix" {}
+
+data "google_kms_key_ring" "keyring" {
+  name     = var.gcp_keyring
+  location = "global"
+}
+
+data "google_kms_crypto_key" "my_crypto_key" {
+  name     = var.gcp_crypto_key
+  key_ring = data.google_kms_key_ring.keyring.id
+}
+
+data "google_project" "project" {
+}
+
+module "gke" {
+  source = "git::https://github.com/fluxcd/test-infra.git//tf-modules/gcp/gke"
+  name   = "flux-e2e-${random_pet.suffix.id}"
+  tags   = var.tags
+}
+
+module "gcr" {
+  source = "git::https://github.com/fluxcd/test-infra.git//tf-modules/gcp/gcr"
+  name   = "flux-e2e-${random_pet.suffix.id}"
+  tags   = var.tags
+}
+
+resource "google_sourcerepo_repository" "fleet-infra" {
+  name = "fleet-infra-${random_pet.suffix.id}"
+}
+
+resource "google_sourcerepo_repository" "application" {
+  name = "application-${random_pet.suffix.id}"
+}
+
+resource "google_kms_key_ring_iam_binding" "key_ring" {
+  key_ring_id = data.google_kms_key_ring.keyring.id
+  role        = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+  members = [
+    "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com",
+  ]
+}
--- a/tests/integration/terraform/gcp/outputs.tf
+++ b/tests/integration/terraform/gcp/outputs.tf
@@ -0,0 +1,28 @@
+output "kubeconfig" {
+  value     = module.gke.kubeconfig
+  sensitive = true
+}
+
+output "gcp_project" {
+  value = var.gcp_project_id
+}
+
+output "gcp_region" {
+  value = var.gcp_region
+}
+
+output "artifact_registry_id" {
+  value = module.gcr.artifact_repository_id
+}
+
+output "sops_id" {
+  value = data.google_kms_crypto_key.my_crypto_key.id
+}
+
+output "fleet_infra_url" {
+  value = "ssh://${var.gcp_email}@source.developers.google.com:2022/p/${var.gcp_project_id}/r/${google_sourcerepo_repository.fleet-infra.name}"
+}
+
+output "application_url" {
+  value = "ssh://${var.gcp_email}@source.developers.google.com:2022/p/${var.gcp_project_id}/r/${google_sourcerepo_repository.application.name}"
+}
--- a/tests/integration/terraform/gcp/variables.tf
+++ b/tests/integration/terraform/gcp/variables.tf
@@ -0,0 +1,37 @@
+variable "gcp_project_id" {
+  type        = string
+  description = "GCP project to create the resources in"
+}
+
+variable "gcp_email" {
+  type        = string
+  description = "GCP email"
+}
+
+variable "gcp_region" {
+  type        = string
+  default     = "us-central1"
+  description = "GCP region"
+}
+
+variable "gcp_zone" {
+  type        = string
+  default     = "us-central1"
+  description = "GCP region"
+}
+
+
+variable "gcp_keyring" {
+  type        = string
+  description = "GCP keyring that contains crypto key for encrypting secrets"
+}
+
+variable "gcp_crypto_key" {
+  type        = string
+  description = "GCP crypto key for encrypting secrets"
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}