From 687674e6c564f75288dee18ea59ee2e09fce9b7d Mon Sep 17 00:00:00 2001
From: Sergey Novikov <sergey.novikov@flaconi.de>
Date: Thu, 12 Sep 2024 15:00:19 +0200
Subject: [PATCH] Fix CI to run in dedicated VPC

---
 .github/workflows/master.yml                        |  2 +-
 .github/workflows/terraform.yml                     |  2 +-
 examples/satellite-all/README.md                    |  1 +
 examples/satellite-all/main.tf                      | 13 +++++++++++--
 examples/satellite-all/variables.auto.tfvars        |  7 ++-----
 examples/satellite-default-route-all/README.md      |  1 +
 examples/satellite-default-route-all/main.tf        | 13 +++++++++++--
 .../variables.auto.tfvars                           |  4 ++--
 examples/satellite-default-route/README.md          |  1 +
 examples/satellite-default-route/main.tf            | 13 +++++++++++--
 .../satellite-default-route/variables.auto.tfvars   |  4 ++--
 examples/satellite/README.md                        |  1 +
 examples/satellite/main.tf                          | 13 +++++++++++--
 examples/satellite/variables.auto.tfvars            |  4 ++--
 14 files changed, 58 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
index cd025e7..051a316 100644
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@@ -19,7 +19,7 @@ jobs:
 
       - name: "make test"
         run: |
-          make test ARGS="-var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_hub=${TF_VAR_aws_account_id_hub} -var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_satellite=${TF_VAR_aws_account_id_satellite}"
+          make test ARGS="-var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_hub=${TF_VAR_aws_account_id_hub} -var role_to_assume_satellite=${TF_VAR_role_to_assume} -var aws_account_id_satellite=${TF_VAR_aws_account_id_satellite}"
         env:
           AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
index 87ae917..afc9bf8 100644
--- a/.github/workflows/terraform.yml
+++ b/.github/workflows/terraform.yml
@@ -40,7 +40,7 @@ jobs:
 
       - name: "make test"
         run: |
-          make test ARGS="-var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_hub=${TF_VAR_aws_account_id_hub} -var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_satellite=${TF_VAR_aws_account_id_satellite}"
+          make test ARGS="-var role_to_assume_hub=${TF_VAR_role_to_assume} -var aws_account_id_hub=${TF_VAR_aws_account_id_hub} -var role_to_assume_satellite=${TF_VAR_role_to_assume} -var aws_account_id_satellite=${TF_VAR_aws_account_id_satellite}"
         env:
           AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
diff --git a/examples/satellite-all/README.md b/examples/satellite-all/README.md
index 70b4366..f8d22ee 100644
--- a/examples/satellite-all/README.md
+++ b/examples/satellite-all/README.md
@@ -13,6 +13,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_tgw"></a> [tgw](#module\_tgw) | github.com/flaconi/terraform-aws-transit-gateway-hub.git | v1.6.0 |
 | <a name="module_tgw-satellite-all"></a> [tgw-satellite-all](#module\_tgw-satellite-all) | ../../ | n/a |
 
 ## Resources
diff --git a/examples/satellite-all/main.tf b/examples/satellite-all/main.tf
index f318e50..acd6d0d 100644
--- a/examples/satellite-all/main.tf
+++ b/examples/satellite-all/main.tf
@@ -1,5 +1,12 @@
-# The Transit Gateway (hub) has already been created in AWS, as a fixture for
-# this test case due to not being able to use 'depends_on' on Terraform modules
+module "tgw" {
+  source = "github.com/flaconi/terraform-aws-transit-gateway-hub.git?ref=v1.6.0"
+
+  name = var.transit_gateway_hub_name
+
+  aws_account_id_hub       = var.aws_account_id_hub
+  aws_account_id_satellite = [var.aws_account_id_satellite]
+}
+
 module "tgw-satellite-all" {
   source = "../../"
 
@@ -27,4 +34,6 @@ module "tgw-satellite-all" {
   route_private_subnets_via_tgw = var.route_private_subnets_via_tgw
 
   private_subnet_filters = var.private_subnet_filters
+
+  depends_on = [module.tgw]
 }
diff --git a/examples/satellite-all/variables.auto.tfvars b/examples/satellite-all/variables.auto.tfvars
index 7baabf6..264e7dc 100644
--- a/examples/satellite-all/variables.auto.tfvars
+++ b/examples/satellite-all/variables.auto.tfvars
@@ -1,9 +1,6 @@
 satellite_create = true
 
-role_to_assume_hub       = "ASSUME-ENG-CI"
-role_to_assume_satellite = "ASSUME-ENG-CI"
-
-vpc_name_to_attach = "default"
+vpc_name_to_attach = "ci-tgw"
 
 satellite_destination_cidr_blocks = ["208.67.222.222/32", "208.67.220.220/32"]
 hub_destination_cidr_blocks       = ["8.8.4.4/32", "8.8.8.8/32"]
@@ -19,7 +16,7 @@ attachment_subnet_filters = [
   }
 ]
 
-transit_gateway_hub_name = "test-tgw-fixture"
+transit_gateway_hub_name = "test-tgw-satellite-all"
 
 route_entire_satellite_vpc = true
 
diff --git a/examples/satellite-default-route-all/README.md b/examples/satellite-default-route-all/README.md
index e917015..782dc19 100644
--- a/examples/satellite-default-route-all/README.md
+++ b/examples/satellite-default-route-all/README.md
@@ -13,6 +13,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_tgw"></a> [tgw](#module\_tgw) | github.com/flaconi/terraform-aws-transit-gateway-hub.git | v1.6.0 |
 | <a name="module_tgw-satellite-default-route-all"></a> [tgw-satellite-default-route-all](#module\_tgw-satellite-default-route-all) | ../../ | n/a |
 
 ## Resources
diff --git a/examples/satellite-default-route-all/main.tf b/examples/satellite-default-route-all/main.tf
index f69f38c..ebc753c 100644
--- a/examples/satellite-default-route-all/main.tf
+++ b/examples/satellite-default-route-all/main.tf
@@ -1,5 +1,12 @@
-# The Transit Gateway (hub) has already been created in AWS, as a fixture for
-# this test case due to not being able to use 'depends_on' on Terraform modules
+module "tgw" {
+  source = "github.com/flaconi/terraform-aws-transit-gateway-hub.git?ref=v1.6.0"
+
+  name = var.transit_gateway_hub_name
+
+  aws_account_id_hub       = var.aws_account_id_hub
+  aws_account_id_satellite = [var.aws_account_id_satellite]
+}
+
 module "tgw-satellite-default-route-all" {
   source = "../../"
 
@@ -27,4 +34,6 @@ module "tgw-satellite-default-route-all" {
   route_private_subnets_via_tgw = var.route_private_subnets_via_tgw
 
   private_subnet_filters = var.private_subnet_filters
+
+  depends_on = [module.tgw]
 }
diff --git a/examples/satellite-default-route-all/variables.auto.tfvars b/examples/satellite-default-route-all/variables.auto.tfvars
index 1a0c5d2..dfd99a0 100644
--- a/examples/satellite-default-route-all/variables.auto.tfvars
+++ b/examples/satellite-default-route-all/variables.auto.tfvars
@@ -1,6 +1,6 @@
 satellite_create = true
 
-vpc_name_to_attach = "default"
+vpc_name_to_attach = "ci-tgw"
 
 satellite_destination_cidr_blocks = ["208.67.222.222/32", "208.67.220.220/32"]
 hub_destination_cidr_blocks       = ["8.8.4.4/32", "8.8.8.8/32"]
@@ -16,7 +16,7 @@ attachment_subnet_filters = [
   }
 ]
 
-transit_gateway_hub_name = "test-tgw-fixture"
+transit_gateway_hub_name = "test-tgw-satellite-default-route-all"
 
 route_entire_satellite_vpc = true
 
diff --git a/examples/satellite-default-route/README.md b/examples/satellite-default-route/README.md
index d8f61a9..fe3032a 100644
--- a/examples/satellite-default-route/README.md
+++ b/examples/satellite-default-route/README.md
@@ -13,6 +13,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_tgw"></a> [tgw](#module\_tgw) | github.com/flaconi/terraform-aws-transit-gateway-hub.git | v1.6.0 |
 | <a name="module_tgw-satellite-default-route"></a> [tgw-satellite-default-route](#module\_tgw-satellite-default-route) | ../../ | n/a |
 
 ## Resources
diff --git a/examples/satellite-default-route/main.tf b/examples/satellite-default-route/main.tf
index 98c07fa..087036b 100644
--- a/examples/satellite-default-route/main.tf
+++ b/examples/satellite-default-route/main.tf
@@ -1,5 +1,12 @@
-# The Transit Gateway (hub) has already been created in AWS, as a fixture for
-# this test case due to not being able to use 'depends_on' on Terraform modules
+module "tgw" {
+  source = "github.com/flaconi/terraform-aws-transit-gateway-hub.git?ref=v1.6.0"
+
+  name = var.transit_gateway_hub_name
+
+  aws_account_id_hub       = var.aws_account_id_hub
+  aws_account_id_satellite = [var.aws_account_id_satellite]
+}
+
 module "tgw-satellite-default-route" {
   source = "../../"
 
@@ -27,4 +34,6 @@ module "tgw-satellite-default-route" {
   route_private_subnets_via_tgw = var.route_private_subnets_via_tgw
 
   private_subnet_filters = var.private_subnet_filters
+
+  depends_on = [module.tgw]
 }
diff --git a/examples/satellite-default-route/variables.auto.tfvars b/examples/satellite-default-route/variables.auto.tfvars
index d769869..43195aa 100644
--- a/examples/satellite-default-route/variables.auto.tfvars
+++ b/examples/satellite-default-route/variables.auto.tfvars
@@ -1,6 +1,6 @@
 satellite_create = true
 
-vpc_name_to_attach = "default"
+vpc_name_to_attach = "ci-tgw"
 
 satellite_destination_cidr_blocks = ["208.67.222.222/32", "208.67.220.220/32"]
 hub_destination_cidr_blocks       = ["8.8.4.4/32", "8.8.8.8/32"]
@@ -16,7 +16,7 @@ attachment_subnet_filters = [
   }
 ]
 
-transit_gateway_hub_name = "test-tgw-fixture"
+transit_gateway_hub_name = "test-tgw-satellite-default-route"
 
 route_private_subnets_via_tgw = true
 
diff --git a/examples/satellite/README.md b/examples/satellite/README.md
index 80fff7b..b0c26c0 100644
--- a/examples/satellite/README.md
+++ b/examples/satellite/README.md
@@ -13,6 +13,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_tgw"></a> [tgw](#module\_tgw) | github.com/flaconi/terraform-aws-transit-gateway-hub.git | v1.6.0 |
 | <a name="module_tgw-satellite"></a> [tgw-satellite](#module\_tgw-satellite) | ../../ | n/a |
 
 ## Resources
diff --git a/examples/satellite/main.tf b/examples/satellite/main.tf
index 5111d1f..bcb549d 100644
--- a/examples/satellite/main.tf
+++ b/examples/satellite/main.tf
@@ -1,5 +1,12 @@
-# The Transit Gateway (hub) has already been created in AWS, as a fixture for
-# this test case due to not being able to use 'depends_on' on Terraform modules
+module "tgw" {
+  source = "github.com/flaconi/terraform-aws-transit-gateway-hub.git?ref=v1.6.0"
+
+  name = var.transit_gateway_hub_name
+
+  aws_account_id_hub       = var.aws_account_id_hub
+  aws_account_id_satellite = [var.aws_account_id_satellite]
+}
+
 module "tgw-satellite" {
   source = "../../"
 
@@ -29,4 +36,6 @@ module "tgw-satellite" {
   route_private_subnets_via_tgw = var.route_private_subnets_via_tgw
 
   private_subnet_filters = var.private_subnet_filters
+
+  depends_on = [module.tgw]
 }
diff --git a/examples/satellite/variables.auto.tfvars b/examples/satellite/variables.auto.tfvars
index 6a7f04c..229658c 100644
--- a/examples/satellite/variables.auto.tfvars
+++ b/examples/satellite/variables.auto.tfvars
@@ -1,6 +1,6 @@
 satellite_create = true
 
-vpc_name_to_attach = "default"
+vpc_name_to_attach = "ci-tgw"
 
 satellite_destination_cidr_blocks = ["208.67.222.222/32", "208.67.220.220/32"]
 hub_destination_cidr_blocks       = ["8.8.4.4/32", "8.8.8.8/32"]
@@ -16,7 +16,7 @@ attachment_subnet_filters = [
   }
 ]
 
-transit_gateway_hub_name = "test-tgw-fixture"
+transit_gateway_hub_name = "test-tgw-satellite"
 
 private_subnets_strict_acl_rules = true