chore: add validation functions for foundation deploy tasks (#953)

.gitignore

@@ -69,5 +69,7 @@ test/integration/tmp
 
 credentials.json
 
+helpers/deployer/deployer
+
 # File to populate env vars used by Docker test runs
 .envrc

helpers/deployer/README.md

@@ -0,0 +1,88 @@
+# Terraform Example Foundation deploy helper
+
+Helper tool to deploy the Terraform example foundation.
+
+## Usage
+
+- Check if required tools, Go 1.18+, Terraform 1.3.0+, gcloud 393.0.0+, and Git 2.28.0+, are installed:
+
+    ```bash
+    go version
+
+    terraform -version
+
+    gcloud --version
+
+    git --version
+    ```
+
+- Create a directory in the file system to host the Cloud Source repositories the will be created and a copy of the terraform example foundation.
+- Clone the `terraform-example-foundation` repository on this directory.
+
+    ```text
+    deploy-directory/
+    └── terraform-example-foundation
+    ```
+
+- Copy the file [global.tfvars.example](./global.tfvars.example) as `global.tfvars` to the same directory.
+
+    ```text
+    deploy-directory/
+    └── global.tfvars
+    └── terraform-example-foundation
+    ```
+
+- Update `global.tfvars` with values from your environment.
+See the READMEs for the stages for additional information:
+  - [0-bootstrap](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/README.md)
+  - [1-org](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/1-org/README.md)
+  - [2-environments](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/2-environments/README.md)
+  - [3-networks-dual-svpc](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-dual-svpc)
+  - [3-networks-hub-and-spoke](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-hub-and-spoke)
+  - [4-projects](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/4-projects)
+  - [5-app-infra](https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/5-app-infra)
+
+- Variable `code_checkout_path` is the full path to `deploy-directory` directory.
+- Variable `foundation_code_path` is the full path to `terraform-example-foundation` directory.
+- Build the helper:
+
+    ```bash
+    go build
+    ```
+
+- Validate the tfvars file:
+
+    ```bash
+    ./deployer -tfvars_file <PATH TO 'global.tfvars' FILE> -validate
+    ```
+
+### Supported flags
+
+```bash
+  -tfvars_file file
+        Full path to the Terraform .tfvars file with the configuration to be used.
+  -steps_file file
+        Path to the steps file to be used to save progress. (default ".steps.json")
+  -list_steps
+        List the existing steps.
+  -reset_step step
+        Name of a step to be reset.
+  -validate
+        Validate tfvars file inputs
+  -quiet
+        If true, additional output is suppressed.
+  -disable_prompt
+        Disable interactive prompt.
+  -destroy
+        Destroy the deployment.
+  -help
+        Prints this help text and exits.
+```
+
+## Requirements
+
+- [Go](https://go.dev/doc/install) 1.18+
+- [Google Cloud SDK](https://cloud.google.com/sdk/install) version 393.0.0+
+- [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) version 2.28.0+
+- [Terraform](https://www.terraform.io/downloads.html) version 1.3.0+
+- See `0-bootstrap` README for additional IAM [requirements](../../0-bootstrap/README.md#prerequisites) on the user deploying the Foundation.

helpers/deployer/gcp/gcp.go

@@ -162,8 +162,8 @@ func (g GCP) EnableApis(t testing.TB, project string, apis []string) {
 	g.Runf(t, "services enable %s --project %s", strings.Join(apis, " "), project)
 }
 
-// ApiIsEnabled checks if the api is enabled in the given project
-func (g GCP) ApiIsEnabled(t testing.TB, project, api string) bool {
+// IsApiEnabled checks if the api is enabled in the given project
+func (g GCP) IsApiEnabled(t testing.TB, project, api string) bool {
 	filter := fmt.Sprintf("config.name=%s", api)
 	return len(g.Runf(t, "services list --enabled --project %s --filter %s", project, filter).Array()) > 0
 }

helpers/deployer/global.tfvars.example

@@ -0,0 +1,119 @@
+/**
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// General inputs
+
+// The directory where the helper will git clone the Google Source Repositories that will
+// host the code for each one of the stages
+code_checkout_path = "FULL_PATH_TO_FOLDER_WHERE_TO_CHECK_OUT_THE_SOURCE_REPOSITORIES"
+
+// The directory where the user has created a fresh git clone of the Terraform Example Foundation repository
+foundation_code_path = "FULL_PATH_TO_FOLDER_WHERE_THE_EXAMPLE_FOUNDATION_CODE_WAS_CHECKED_OUT"
+
+// An existing project configured as the default project in the local Cloud SDK configuration
+// See https://cloud.google.com/sdk/gcloud/reference/config/set#EXAMPLES
+validator_project_id = "EXISTING_PROJECT_ID"
+
+
+// 0-bootstrap inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/README.md#inputs
+
+org_id          = "REPLACE_ME" # format "000000000000"
+billing_account = "REPLACE_ME" # format "000000-000000-000000"
+default_region  = "us-central1"
+
+group_org_admins     = "REPLACE_ME" # "[email protected]"
+group_billing_admins = "REPLACE_ME" # "[email protected]"
+
+bucket_force_destroy = false
+project_prefix       = "prj"
+folder_prefix        = "fldr"
+
+// Optional - for an organization with existing projects or for development/validation.
+// Uncomment this variable to place all the example foundation resources under
+// the provided folder instead of the root organization.
+// The variable value is the numeric folder ID
+// The folder must already exist.
+
+//parent_folder = "01234567890"
+
+
+// 1-org inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/1-org/envs/shared/README.md#inputs
+
+audit_data_users   = "REPLACE_ME" # "[email protected]"
+billing_data_users = "REPLACE_ME" # "[email protected]"
+
+domains_to_allow                    = ["example.com"] # Must include the domain of the organization you are deploying the foundation.
+essential_contacts_domains_to_allow = ["@example.com"]
+
+scc_notification_name                       = "scc-notify"
+audit_logs_table_delete_contents_on_destroy = false
+log_export_storage_force_destroy            = false
+
+// Choose witch network architecture to use:
+// Dual Shared VPC: https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-dual-svpc/README.md
+// Hub And Spoke: https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-hub-and-spoke/README.md
+
+enable_hub_and_spoke = false
+
+// Optional - If you are deploying Foundation Example in a parent folder
+// consider setting 'create_unique_tag_key' to 'true' because as Tag Keys are
+// unique organization-wide it will add a random suffix at each tag key
+
+create_unique_tag_key = false
+
+
+
+// 2-environments inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/2-environments/envs/production/README.md#inputs
+
+monitoring_workspace_users = "REPLACE_ME" # "[email protected]"
+
+
+// 3-networks inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-hub-and-spoke/envs/production/README.md#inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/3-networks-hub-and-spoke/envs/shared/README.md#inputs
+
+domain = "example.com." # The DNS name of peering managed zone. Must end with a period.
+
+// Add you email in the perimeter_additional_members list.
+// You must be in this list to be able to view/access resources in the project protected by the VPC service controls.
+
+perimeter_additional_members = ["user:[email protected]"]
+
+enable_hub_and_spoke_transitivity = false
+
+// List of IPv4 address of target name servers for the forwarding zone configuration.
+// See https://cloud.google.com/dns/docs/overview#dns-forwarding-zones
+
+target_name_server_addresses = [
+  {
+    ipv4_address    = "192.168.0.1",
+    forwarding_path = "default"
+  },
+  {
+    ipv4_address    = "192.168.0.2",
+    forwarding_path = "default"
+  }
+]
+
+
+// 4-projects inputs
+// https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/4-projects/business_unit_1/production/README.md#inputs
+
+projects_gcs_location = "US"
+projects_kms_location = "us"

helpers/deployer/go.mod

@@ -13,29 +13,54 @@ require (
 )
 
 require (
+	cloud.google.com/go v0.110.0 // indirect
 	cloud.google.com/go/compute v1.18.0 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
+	cloud.google.com/go/iam v0.12.0 // indirect
+	cloud.google.com/go/storage v1.29.0 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
+	github.com/aws/aws-sdk-go v1.44.209 // indirect
+	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/go-test/deep v1.0.7 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/kr/pretty v0.2.1 // indirect
-	github.com/kr/text v0.2.0 // indirect
-	github.com/kylelemons/godebug v1.1.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
+	github.com/googleapis/gax-go/v2 v2.7.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-getter v1.7.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-safetemp v1.0.0 // indirect
+	github.com/hashicorp/go-version v1.6.0 // indirect
+	github.com/hashicorp/terraform-json v0.15.0 // indirect
+	github.com/jinzhu/copier v0.3.5 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/klauspost/compress v1.15.15 // indirect
+	github.com/mattn/go-zglob v0.0.4 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
+	github.com/tmccombs/hcl2json v0.4.0 // indirect
+	github.com/ulikunitz/xz v0.5.11 // indirect
 	github.com/zclconf/go-cty v1.13.0 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	golang.org/x/crypto v0.6.0 // indirect
 	golang.org/x/mod v0.8.0 // indirect
 	golang.org/x/net v0.8.0 // indirect
 	golang.org/x/oauth2 v0.6.0 // indirect
+	golang.org/x/sys v0.6.0 // indirect
 	golang.org/x/text v0.8.0 // indirect
+	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
+	google.golang.org/api v0.110.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/genproto v0.0.0-20230223222841-637eb2293923 // indirect
+	google.golang.org/grpc v1.53.0 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
-	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )