From 17b0af4bbb8dc3824a9b2e35213ce38be04a0d85 Mon Sep 17 00:00:00 2001 From: Luca Comellini Date: Fri, 20 Dec 2024 10:33:56 +0100 Subject: [PATCH] tags --- tests/scripts/vars.env-example | 12 ------------ tests/tofu/main.tf | 3 ++- tests/tofu/network.tf | 12 ++++++++++++ 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/scripts/vars.env-example b/tests/scripts/vars.env-example index 6289b91f87..cb305108a7 100644 --- a/tests/scripts/vars.env-example +++ b/tests/scripts/vars.env-example @@ -1,23 +1,11 @@ # WARNING: This is an example - please copy this file to vars.env and complete appropriately for your environment -RESOURCE_NAME= TAG= PREFIX= NGINX_PREFIX= NGINX_PLUS_PREFIX= -GKE_CLUSTER_NAME= -GKE_CLUSTER_ZONE= -GKE_CLUSTER_REGION= -GKE_PROJECT= -GKE_SVC_ACCOUNT= -GKE_NODES_SERVICE_ACCOUNT= -NETWORK_TAGS= NGF_REPO= NGF_BRANCH=main GINKGO_LABEL= GINKGO_FLAGS= -SOURCE_IP_RANGE= -ADD_VM_IP_AUTH_NETWORKS= PLUS_ENABLED= NGF_VERSION= -GKE_MACHINE_TYPE= -GKE_NUM_NODES= diff --git a/tests/tofu/main.tf b/tests/tofu/main.tf index 3b59d2ad99..ac5fec5be2 100644 --- a/tests/tofu/main.tf +++ b/tests/tofu/main.tf @@ -67,6 +67,7 @@ resource "google_container_node_pool" "primary_nodes" { block-project-ssh-keys = "TRUE" disable-legacy-endpoints = "true" } + tags = ["ngf-tests-${var.gke_cluster_name}-nodes"] shielded_instance_config { enable_secure_boot = true } @@ -89,7 +90,7 @@ resource "google_compute_instance" "vm" { machine_type = "n2-standard-2" zone = local.google_zone allow_stopping_for_update = true - tags = ["ngf-tests-vm"] + tags = ["ngf-tests-${var.gke_cluster_name}-vm"] boot_disk { initialize_params { diff --git a/tests/tofu/network.tf b/tests/tofu/network.tf index 519d52ffe8..3b1af659d4 100644 --- a/tests/tofu/network.tf +++ b/tests/tofu/network.tf @@ -49,6 +49,18 @@ resource "google_compute_firewall" "deny_exkubelet" { } +resource "google_compute_firewall" "allow_inkublet" { + name = "${var.gke_cluster_name}-allow-inkubelet" + network = google_compute_network.vpc.self_link + direction = "INGRESS" + allow { + protocol = "tcp" + ports = ["10255"] + } + source_tags = ["ngf-tests-${var.gke_cluster_name}-nodes", "ngf-tests-${var.gke_cluster_name}-vm"] + +} + resource "google_compute_address" "vpc-ip" { name = "${var.gke_cluster_name}-vpc-ip" address_type = "EXTERNAL"