Merge pull request #38 from NandosUK/NAP-275/domain-mapping

NAP-275/domain mapping

experimental/terraform/cloud-dns/main.tf

@@ -0,0 +1,153 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  is_static_zone = var.type == "public" || var.type == "private"
+}
+
+resource "google_dns_managed_zone" "peering" {
+  count         = var.type == "peering" ? 1 : 0
+  provider      = google-beta
+  project       = var.project_id
+  name          = var.name
+  dns_name      = var.domain
+  description   = var.description
+  labels        = var.labels
+  visibility    = "private"
+  force_destroy = var.force_destroy
+
+  private_visibility_config {
+    dynamic "networks" {
+      for_each = var.private_visibility_config_networks
+      content {
+        network_url = networks.value
+      }
+    }
+  }
+
+  peering_config {
+    target_network {
+      network_url = var.target_network
+    }
+  }
+}
+
+resource "google_dns_managed_zone" "forwarding" {
+  count         = var.type == "forwarding" ? 1 : 0
+  provider      = google-beta
+  project       = var.project_id
+  name          = var.name
+  dns_name      = var.domain
+  description   = var.description
+  labels        = var.labels
+  visibility    = "private"
+  force_destroy = var.force_destroy
+
+  private_visibility_config {
+    dynamic "networks" {
+      for_each = var.private_visibility_config_networks
+      content {
+        network_url = networks.value
+      }
+    }
+  }
+
+  forwarding_config {
+    dynamic "target_name_servers" {
+      for_each = var.target_name_server_addresses
+      content {
+        ipv4_address    = target_name_servers.value.ipv4_address
+        forwarding_path = target_name_servers.value.forwarding_path
+      }
+    }
+  }
+}
+
+resource "google_dns_managed_zone" "private" {
+  count         = var.type == "private" ? 1 : 0
+  project       = var.project_id
+  name          = var.name
+  dns_name      = var.domain
+  description   = var.description
+  labels        = var.labels
+  visibility    = "private"
+  force_destroy = var.force_destroy
+
+  private_visibility_config {
+    dynamic "networks" {
+      for_each = var.private_visibility_config_networks
+      content {
+        network_url = networks.value
+      }
+    }
+  }
+}
+
+resource "google_dns_managed_zone" "public" {
+  count         = var.type == "public" ? 1 : 0
+  project       = var.project_id
+  name          = var.name
+  dns_name      = var.domain
+  description   = var.description
+  labels        = var.labels
+  visibility    = "public"
+  force_destroy = var.force_destroy
+
+  dynamic "dnssec_config" {
+    for_each = var.dnssec_config == {} ? [] : [var.dnssec_config]
+    iterator = config
+    content {
+      kind          = lookup(config.value, "kind", "dns#managedZoneDnsSecConfig")
+      non_existence = lookup(config.value, "non_existence", "nsec3")
+      state         = lookup(config.value, "state", "off")
+
+      default_key_specs {
+        algorithm  = lookup(var.default_key_specs_key, "algorithm", "rsasha256")
+        key_length = lookup(var.default_key_specs_key, "key_length", 2048)
+        key_type   = lookup(var.default_key_specs_key, "key_type", "keySigning")
+        kind       = lookup(var.default_key_specs_key, "kind", "dns#dnsKeySpec")
+      }
+      default_key_specs {
+        algorithm  = lookup(var.default_key_specs_zone, "algorithm", "rsasha256")
+        key_length = lookup(var.default_key_specs_zone, "key_length", 1024)
+        key_type   = lookup(var.default_key_specs_zone, "key_type", "zoneSigning")
+        kind       = lookup(var.default_key_specs_zone, "kind", "dns#dnsKeySpec")
+      }
+    }
+  }
+
+}
+
+resource "google_dns_record_set" "cloud-static-records" {
+  project      = var.project_id
+  managed_zone = var.name
+
+  for_each = { for record in var.recordsets : join("/", [record.name, record.type]) => record }
+  name = (
+    each.value.name != "" ?
+    "${each.value.name}.${var.domain}" :
+    var.domain
+  )
+  type = each.value.type
+  ttl  = each.value.ttl
+
+  rrdatas = each.value.records
+
+  depends_on = [
+    google_dns_managed_zone.private,
+    google_dns_managed_zone.public,
+  ]
+}

experimental/terraform/cloud-dns/outputs.tf

@@ -0,0 +1,61 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "type" {
+  description = "The DNS zone type."
+  value       = var.type
+}
+
+output "name" {
+  description = "The DNS zone name."
+
+  value = element(
+    concat(
+      google_dns_managed_zone.peering.*.name,
+      google_dns_managed_zone.forwarding.*.name,
+      google_dns_managed_zone.private.*.name,
+      google_dns_managed_zone.public.*.name,
+    ),
+    0,
+  )
+}
+
+output "domain" {
+  description = "The DNS zone domain."
+
+  value = element(
+    concat(
+      google_dns_managed_zone.peering.*.dns_name,
+      google_dns_managed_zone.forwarding.*.dns_name,
+      google_dns_managed_zone.private.*.dns_name,
+      google_dns_managed_zone.public.*.dns_name,
+    ),
+    0,
+  )
+}
+
+output "name_servers" {
+  description = "The DNS zone name servers."
+
+  value = flatten(
+    concat(
+      google_dns_managed_zone.peering.*.name_servers,
+      google_dns_managed_zone.forwarding.*.name_servers,
+      google_dns_managed_zone.private.*.name_servers,
+      google_dns_managed_zone.public.*.name_servers,
+    ),
+  )
+}

experimental/terraform/cloud-dns/variables.tf

@@ -0,0 +1,108 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+###############################################################################
+#                                zone variables                               #
+###############################################################################
+
+variable "domain" {
+  description = "Zone domain, must end with a period."
+  type        = string
+}
+
+variable "name" {
+  description = "Zone name, must be unique within the project."
+  type        = string
+}
+
+variable "private_visibility_config_networks" {
+  description = "List of VPC self links that can see this zone."
+  default     = []
+  type        = list(string)
+}
+
+variable "project_id" {
+  description = "Project id for the zone."
+  type        = string
+}
+
+variable "target_name_server_addresses" {
+  description = "List of target name servers for forwarding zone."
+  default     = []
+  type        = list(map(any))
+}
+
+variable "target_network" {
+  description = "Peering network."
+  default     = ""
+}
+
+variable "description" {
+  description = "zone description (shown in console)"
+  default     = "Managed by Terraform"
+  type        = string
+}
+
+variable "type" {
+  description = "Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering'."
+  default     = "private"
+  type        = string
+}
+
+variable "dnssec_config" {
+  description = "Object containing : kind, non_existence, state. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details"
+  type        = any
+  default     = {}
+}
+
+variable "labels" {
+  type        = map(any)
+  description = "A set of key/value label pairs to assign to this ManagedZone"
+  default     = {}
+}
+
+variable "default_key_specs_key" {
+  description = "Object containing default key signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details"
+  type        = any
+  default     = {}
+}
+
+variable "default_key_specs_zone" {
+  description = "Object containing default zone signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details"
+  type        = any
+  default     = {}
+}
+
+variable "force_destroy" {
+  description = "Set this true to delete all records in the zone."
+  default     = false
+  type        = bool
+}
+
+###############################################################################
+#                               record variables                              #
+###############################################################################
+
+variable "recordsets" {
+  type = list(object({
+    name    = string
+    type    = string
+    ttl     = number
+    records = list(string)
+  }))
+  description = "List of DNS record objects to manage, in the standard terraform dns structure."
+  default     = []
+}

experimental/terraform/cloud-dns/versions.tf

@@ -0,0 +1,39 @@
+/**
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 3.53"
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = "~> 3.53"
+    }
+  }
+
+  provider_meta "google" {
+    module_name = "blueprints/terraform/terraform-google-cloud-dns/v1.0.0"
+  }
+
+  provider_meta "google-beta" {
+    module_name = "blueprints/terraform/terraform-google-cloud-dns/v1.0.0"
+  }
+
+}

experimental/terraform/outputs.tf

@@ -2,8 +2,8 @@ output "event_handler_endpoint" {
   value = google_cloud_run_service.event_handler.status[0]["url"]
 }
 
-output "event_handler_dns" {
-  value = try(google_cloud_run_domain_mapping.event_handler[0].status[0]["resource_records"][0], null)
+output "event_handler_name_servers" {
+  value = try(module.event_hander_dns[0].name_servers, null)
 }
 
 output "event_handler_secret" {