Terraform module which creates a Google compute instance within the default networking of an existing project.

Deploys a Google compute instance to the existing networking of an existing Google cloud project.

Call it as a module and deploy the instance.

module "terraform-google-instance" {
  source = "[email protected]:newcontext-oss/terraform-google-instance.git"
}

Terraform version must be less than 0.12. (See below for tips on migrating to 0.12)

Feel free to submit pull requests to make changes to the module.

To begin developing on this module please have a Google Compute Project.

• See the script bin/example-setup-ubuntu.sh for the complete setup. However, the steps are listed below.

• https://github.com/kamatama41/tfenv
• brew install terraform
• https://www.terraform.io/downloads.html

• https://github.com/rbenv/rbenv
• brew install ruby # or other package managers
• http://ruby-lang.org/

• brew install jq # or other package managers
• https://stedolan.github.io/jq/

Download a credentials JSON file from a user with proper permissions. https://console.cloud.google.com/iam-admin/iam

Save the file to the root of the repository directory called: credentials.json

• https://cloud.google.com/sdk/gcloud/

Set up the gcloud command line client:

gcloud auth activate-service-account --key-file credentials.json
gcloud config set project $(jq -r '.project_id' credentials.json)
gcloud config set compute/zone us-west1-a

gem install bundler --no-rdoc --no-ri
bundle install

Create a file in the repository directory called: .env It will have environment variables that Terraform uses to run.

cat > .env <<HEREDOC
export GOOGLE_APPLICATION_CREDENTIALS="$(pwd)/credentials.json"
export GCLOUD_PROJECT=$(jq -r '.project_id' $GOOGLE_APPLICATION_CREDENTIALS)
export GCLOUD_REGION="us-west1"
export TF_VAR_gcloud_project=$GCLOUD_PROJECT
my_public_ip=\$(dig +short myip.opendns.com @resolver1.opendns.com)
export TF_VAR_engineer_cidrs="[\"\$my_public_ip/32\"]"
export TF_VAR_ssh_key="$(pwd)/ubuntu.pub"
HEREDOC

Common setup to be run once before any number of the rest of the following:

source .env
yes | ssh-keygen -f ubuntu -N '' >/dev/null

To run Terraform via Test-Kitchen:

bundle exec kitchen converge

Test-Kitchen will run the module code that is called via this file: test/fixtures/tf_module/main.tf

To run InSpec via Test-Kitchen:

bundle exec kitchen verify

Test-Kitchen will run the InSpec controls via this file: test/integration/kt_suite/controls/default.rb

To destroy everything via Test-Kitchen:

bundle exec kitchen destroy

This repository does not support Terraform 0.12+ out of the box. Here are some of the things necessary to migrate.

1. Edit Gemfile to change version requirements to be this:
   • gem 'inspec', '~> 4.0'
   • gem 'kitchen-terraform', '>= 4.0.0'
2. Testing (verify stage) does not pass - there seem to be problems with the inspec plugins.

Module managed by Nick Willever.

Apache 2 Licensed. See LICENSE for full details.