gcloud-network.yml

# more details this workflow and other at https://github.com/didier-durand/gcloud-tests
name: Create VPC peering

on:

  workflow_dispatch:
    inputs:
 
  push:
    #protection to avoid triggering when other workflow is modified
    paths: 
    - '!.github/workflows/**'
    - '.github/workflows/gcloud-network.yml'
    
  schedule:
    - cron:  '30 3 * * MON' 

env:
  GCP_VERBOSITY: warning
  GCP_REGION1: us-central1
  GCP_REGION2: europe-west1
  NETWORK1_NAME: test-network1
  SUBNET11_NAME: test-subnet11
  SUBNET12_NAME: test-subnet12
  NETWORK2_NAME: test-network2
  SUBNET21_NAME: test-subnet21
  SUBNET22_NAME: test-subnet22
  PEERING_NAME: test-peering
  
jobs:
  list-project-services:
  
    runs-on: ubuntu-latest

    steps:
        
    - name: Checkout
      uses: actions/checkout@v2.3.4

    - name: Setup gcloud CLI
      uses: google-github-actions/setup-gcloud@master
      with:
        project_id: ${{ secrets.GCP_PROJECT }}
        service_account_key: ${{ secrets.GCP_SA_KEY }}
        
    - name: Get gcloud version & info
      run: |-
        echo '--- gcloud version ---'
        gcloud version
        echo '--- gcloud info ---'
        gcloud info --anonymize
        
    - name: Cleanup existing networks
      run: |-
        gcloud compute networks delete $NETWORK1_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet || true
        gcloud compute networks delete $NETWORK2_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet || true
        
    - name: Create networks and subnets 
      run: |-
        gcloud compute networks create $NETWORK1_NAME --subnet-mode=custom --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets create $SUBNET11_NAME --network $NETWORK1_NAME --range '10.0.0.0/24' --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets create $SUBNET12_NAME --network $NETWORK1_NAME --range '10.0.1.0/24' --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks create $NETWORK2_NAME --subnet-mode=custom --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets create $SUBNET21_NAME --network $NETWORK2_NAME --range '192.168.0.0/24' --region=$GCP_REGION2 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets create $SUBNET22_NAME --network $NETWORK2_NAME --range '192.168.1.0/24' --region=$GCP_REGION2 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
     
    - name: Describe networks
      run: |-
        echo "list networks: "
        gcloud compute networks list --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        echo "describe network $NETWORK1_NAME: "
        gcloud compute networks describe $NETWORK1_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        echo "describe network $NETWORK2_NAME: "
        gcloud compute networks describe $NETWORK2_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet  
       
    - name: Create peering
      run: |- 
        gcloud compute networks peerings create "${PEERING_NAME}1" \
          --network=$NETWORK1_NAME \
          --peer-network=$NETWORK2_NAME \
          --export-custom-routes \
          --import-custom-routes \
          --export-subnet-routes-with-public-ip \
          --import-subnet-routes-with-public-ip
        gcloud compute networks peerings create "${PEERING_NAME}2" \
          --network=$NETWORK2_NAME \
          --peer-network=$NETWORK1_NAME \
          --export-custom-routes \
          --import-custom-routes \
          --export-subnet-routes-with-public-ip \
          --import-subnet-routes-with-public-ip
     
    - name: List and check peering
      run: |- 
        export LIST_PEERING=$(gcloud compute networks peerings list)
        export INCOMING_ROUTES=$(gcloud compute networks peerings list-routes  "${PEERING_NAME}1" --direction=incoming --network=$NETWORK1_NAME --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet)
        export OUTGOING_ROUTES=$(gcloud compute networks peerings list-routes  "${PEERING_NAME}1" --direction=outgoing --network=$NETWORK1_NAME --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet)
        #display
        echo "list peerings: "     
        echo "$LIST_PEERING"
        echo "list incoming routes: "
        echo "$INCOMING_ROUTES"
        echo "list outgoing routes: "
        echo "$OUTGOING_ROUTES"
        #checks
        [[ "$LIST_PEERING" == *'test-peering1'*'test-network1'*'test-network2'*'True'*'ACTIVE'*'Connected'* ]]
        [[ "$LIST_PEERING" == *'test-peering2'*'test-network2'*'test-network1'*'True'*'ACTIVE'*'Connected'* ]]
        [[ "$INCOMING_ROUTES" == *'192.168.0.0/24'*'SUBNET_PEERING_ROUTE'*'europe-west1'*'0'*'accepted' ]]
        [[ "$INCOMING_ROUTES" == *'192.168.1.0/24'*'SUBNET_PEERING_ROUTE'*'europe-west1'*'0'*'accepted' ]]
        [[ "$OUTGOING_ROUTES" == *'10.0.0.0/24'*'SUBNET_PEERING_ROUTE'*'us-central1'*'0'*'accepted by peer' ]]
        [[ "$OUTGOING_ROUTES" == *'10.0.1.0/24'*'SUBNET_PEERING_ROUTE'*'us-central1'*'0'*'accepted by peer' ]]
           
    - name: Delete networks & peerings
      run: |-
      
        gcloud compute networks peerings delete "${PEERING_NAME}1"  --network $NETWORK1_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks peerings delete "${PEERING_NAME}2"  --network $NETWORK2_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
         
        gcloud compute networks subnets delete $SUBNET11_NAME --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets delete $SUBNET12_NAME --region=$GCP_REGION1 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks delete $NETWORK1_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        
        gcloud compute networks subnets delete $SUBNET21_NAME --region=$GCP_REGION2 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks subnets delete $SUBNET22_NAME --region=$GCP_REGION2 --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet
        gcloud compute networks delete $NETWORK2_NAME --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --quiet