fix: use service_networking_connection peering output for routes conf…

…ig (#98)
GoogleCloudPlatform · May 26, 2023 · 7a03911 · 7a03911
1 parent 5c90246
commit 7a03911
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 7 deletions.
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -43,7 +43,7 @@ jobs:
             REGISTRY=$(grep "REGISTRY_URL := " $MAKEFILE | cut -d\  -f3)
             echo dev-tools=${REGISTRY}/${IMAGE}:${VERSION} >> "$GITHUB_OUTPUT"
           fi
+      - run: docker run --rm -v ${{ github.workspace }}:/workspace ${{ steps.variables.outputs.dev-tools }} module-swapper
       - run: docker run --rm -e ENABLE_BPMETADATA -v ${{ github.workspace }}:/workspace ${{ steps.variables.outputs.dev-tools }} /usr/local/bin/test_lint.sh
         env:
           ENABLE_BPMETADATA: 1
-
diff --git a/examples/standalone_single_project/cicd.tf b/examples/standalone_single_project/cicd.tf
@@ -110,8 +110,9 @@ module "cloudbuild_private_pool" {
   worker_pool_name          = "cloudbuild-workerpool"
   machine_type              = var.cloudbuild_private_pool_machine_type
 
-  worker_address    = "10.39.0.0"
-  worker_range_name = "cloudbuild-worker-range"
+  worker_address               = "10.39.0.0"
+  worker_address_prefix_length = "24"
+  worker_range_name            = "cloudbuild-worker-range"
 
   labels = var.labels
 }
diff --git a/modules/cloudbuild-private-pool/README.md b/modules/cloudbuild-private-pool/README.md
@@ -50,7 +50,8 @@ module "cloudbuild_private_pool" {
 | network\_project\_id | Project ID for Cloud Build network. | `string` | n/a | yes |
 | private\_pool\_vpc\_name | Set the name of the private pool VPC | `string` | `"cloudbuild-vpc"` | no |
 | project\_id | Project ID for Cloud Build Private Worker Pool | `string` | n/a | yes |
-| worker\_address | Choose an address range for the Cloud Build Private Pool workers. example: 10.37.0.0. Do not include a prefix, as it must be /16 | `string` | `"10.37.0.0"` | no |
+| worker\_address | Choose an address range for the Cloud Build Private Pool workers. example: 10.37.0.0. Do not include a prefix length. | `string` | `"10.37.0.0"` | no |
+| worker\_address\_prefix\_length | Prefix length, such as 24 for /24 or 16 for /16. Must be 24 or lower. | `string` | `"16"` | no |
 | worker\_pool\_name | Name of Cloud Build Worker Pool | `string` | `"cloudbuild-private-worker-pool"` | no |
 | worker\_pool\_no\_external\_ip | Whether to disable external IP on the Cloud Build Worker Pool | `bool` | `false` | no |
 | worker\_range\_name | Name of Cloud Build Worker IP address range | `string` | `"worker-pool-range"` | no |

diff --git a/modules/cloudbuild-private-pool/main.tf b/modules/cloudbuild-private-pool/main.tf
@@ -57,7 +57,7 @@ resource "google_compute_global_address" "worker_range" {
   purpose       = "VPC_PEERING"
   address_type  = "INTERNAL"
   address       = var.worker_address
-  prefix_length = 16
+  prefix_length = var.worker_address_prefix_length
   network       = var.create_cloudbuild_network ? google_compute_network.private_pool_vpc[0].id : data.google_compute_network.workerpool_vpc[0].id
 }
 
@@ -70,7 +70,7 @@ resource "google_service_networking_connection" "worker_pool_connection" {
 
 resource "google_compute_network_peering_routes_config" "service_networking_peering_config" {
   project = var.network_project_id
-  peering = "servicenetworking-googleapis-com"
+  peering = google_service_networking_connection.worker_pool_connection.peering
   network = var.private_pool_vpc_name
 
   export_custom_routes = true

diff --git a/modules/cloudbuild-private-pool/variables.tf b/modules/cloudbuild-private-pool/variables.tf
@@ -37,10 +37,16 @@ variable "private_pool_vpc_name" {
 
 variable "worker_address" {
   type        = string
-  description = "Choose an address range for the Cloud Build Private Pool workers. example: 10.37.0.0. Do not include a prefix, as it must be /16"
+  description = "Choose an address range for the Cloud Build Private Pool workers. example: 10.37.0.0. Do not include a prefix length."
   default     = "10.37.0.0"
 }
 
+variable "worker_address_prefix_length" {
+  type        = string
+  description = "Prefix length, such as 24 for /24 or 16 for /16. Must be 24 or lower."
+  default     = "16"
+}
+
 variable "worker_pool_name" {
   type        = string
   description = "Name of Cloud Build Worker Pool"

diff --git a/test/integration/standalone_single_project/standalone_single_project_test.go b/test/integration/standalone_single_project/standalone_single_project_test.go
@@ -93,6 +93,7 @@ func TestStandaloneSingleProjectExample(t *testing.T) {
 		gitAppRun("config", "user.name", "Secure CICD Robot")
 		gitAppRun("config", "--global", "credential.https://source.developers.google.com.helper", "gcloud.sh")
 		gitAppRun("config", "--global", "init.defaultBranch", "main")
+		gitAppRun("config", "--global", "http.postBuffer", "157286400")
 		gitAppRun("checkout", "-b", "main")
 		err2 := cp.Copy("../../../build/cloudbuild-ci.yaml", fmt.Sprintf("%s/cloudbuild-ci.yaml", tmpDirApp))
 		fmt.Println(err2)