From 4bbe83ee75823abc50279149f5729cda81a1af0b Mon Sep 17 00:00:00 2001 From: Fawzi Date: Sun, 4 Sep 2022 21:50:36 +1000 Subject: [PATCH 1/7] update outputs.tf (#793) Fixing typo --- fast/stages/00-cicd/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fast/stages/00-cicd/outputs.tf b/fast/stages/00-cicd/outputs.tf index 67341ba1..6430e2b3 100644 --- a/fast/stages/00-cicd/outputs.tf +++ b/fast/stages/00-cicd/outputs.tf @@ -23,7 +23,7 @@ locals { tfvars = { cicd_repositories = merge(local.cicd_repositories_by_system["gitlab"], local.cicd_repositories_by_system["github"]) cicd_ssh_urls = merge(local.gitlab_cicd_ssh, local.github_cicd_ssh) - cicd_https_urls = merge(local.gitlab_cicd_https, local.gitlab_cicd_https) + cicd_https_urls = merge(local.gitlab_cicd_https, local.github_cicd_https) } } From 01da987e9d06425660c99dec03b6a30ec53cd2e5 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Sun, 4 Sep 2022 13:51:30 +0200 Subject: [PATCH 2/7] update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 31cc312b..0801f834 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file. ### FAST +- [[#793](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/793)] FAST: fix typo in CI/CD stage outputs. ([fawzihmouda](https://github.com/fawzihmouda)) - [[#774](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/774)] FAST: fix data-platform-dev folder in stage 03-data-platform ([sttomm](https://github.com/sttomm)) - [[#770](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/770)] FAST: fix to move without `output_location` ([daisuky-jp](https://github.com/daisuky-jp)) - [[#767](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/767)] Allow interpolating SAs in project factory subnet IAM bindings ([ludoo](https://github.com/ludoo)) From a866182161add86d17987b198e5de985c8100fdf Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 6 Sep 2022 17:46:09 +0200 Subject: [PATCH 3/7] Test documentation examples in the examples/ folder --- .../iam-delegated-role-grants/README.md | 1 + .../data-platform-foundations/README.md | 24 +++++++++-- examples/factories/project-factory/README.md | 2 + .../hub-and-spoke-peering/README.md | 2 +- .../networking/hub-and-spoke-vpn/README.md | 2 + .../net-dns-policy-address/README.md | 2 +- modules/__experimental/net-neg/README.md | 2 +- modules/api-gateway/README.md | 6 +-- modules/apigee-organization/README.md | 6 +-- modules/apigee-x-instance/README.md | 4 +- modules/artifact-registry/README.md | 2 +- modules/bigquery-dataset/README.md | 12 +++--- modules/bigtable-instance/README.md | 2 +- modules/billing-budget/README.md | 6 +-- modules/binauthz/README.md | 2 +- .../cloud-config-container/coredns/README.md | 8 ++-- .../cos-generic-metadata/README.md | 2 +- .../envoy-traffic-director/README.md | 4 +- .../cloud-config-container/mysql/README.md | 6 +-- .../nginx-tls/README.md | 4 +- .../cloud-config-container/nginx/README.md | 4 +- .../cloud-config-container/onprem/README.md | 4 +- .../cloud-config-container/squid/README.md | 4 +- modules/cloud-function/README.md | 14 +++---- modules/cloud-identity-group/README.md | 4 +- modules/cloud-run/README.md | 16 +++---- modules/cloudsql-instance/README.md | 16 +++---- modules/compute-mig/README.md | 42 +++++++++---------- modules/compute-vm/README.md | 18 ++++---- modules/container-registry/README.md | 2 +- modules/data-catalog-policy-tag/README.md | 6 +-- modules/datafusion/README.md | 4 +- modules/dns/README.md | 6 +-- modules/endpoints/README.md | 2 +- modules/folder/README.md | 24 +++++------ modules/folders-unit/README.md | 2 +- modules/gcs/README.md | 10 ++--- modules/gke-cluster/README.md | 4 +- modules/gke-hub/README.md | 24 +++++------ modules/gke-nodepool/README.md | 4 +- modules/iam-service-account/README.md | 2 +- modules/iot-core/README.md | 6 +-- modules/kms/README.md | 6 +-- modules/logging-bucket/README.md | 6 +-- modules/naming-convention/README.md | 8 ++-- modules/net-address/README.md | 8 ++-- modules/net-cloudnat/README.md | 2 +- modules/net-glb/README.md | 22 +++++----- modules/net-ilb-l7/README.md | 16 +++---- modules/net-ilb/README.md | 8 ++-- .../README.md | 6 +-- modules/net-vpc-firewall/README.md | 8 ++-- modules/net-vpc-peering/README.md | 6 +-- modules/net-vpc/README.md | 18 ++++---- modules/net-vpn-dynamic/README.md | 2 +- modules/net-vpn-ha/README.md | 6 +-- modules/net-vpn-static/README.md | 4 +- modules/organization-policy/README.md | 4 +- modules/organization/README.md | 20 ++++----- modules/project/README.md | 32 +++++++------- modules/projects-data-source/README.md | 4 +- modules/pubsub/README.md | 8 ++-- modules/secret-manager/README.md | 6 +-- modules/service-directory/README.md | 8 ++-- modules/source-repository/README.md | 4 +- modules/vpc-sc/README.md | 10 ++--- tests/conftest.py | 20 ++++----- tests/doc_examples/conftest.py | 14 ++++--- tests/doc_examples/test_plan.py | 4 +- tests/doc_examples/variables.tf | 4 ++ 70 files changed, 303 insertions(+), 278 deletions(-) diff --git a/examples/cloud-operations/iam-delegated-role-grants/README.md b/examples/cloud-operations/iam-delegated-role-grants/README.md index b48eddbc..6b363fdb 100644 --- a/examples/cloud-operations/iam-delegated-role-grants/README.md +++ b/examples/cloud-operations/iam-delegated-role-grants/README.md @@ -33,6 +33,7 @@ You can easily configure the example for this use case: delegated_role_grants = ["roles/compute.networkUser"] direct_role_grants = [] restricted_role_grant = "roles/compute.networkAdmin" +# tftest skip ``` This diagram shows the resources and expected behaviour: diff --git a/examples/data-solutions/data-platform-foundations/README.md b/examples/data-solutions/data-platform-foundations/README.md index 47c49032..d70f3990 100644 --- a/examples/data-solutions/data-platform-foundations/README.md +++ b/examples/data-solutions/data-platform-foundations/README.md @@ -127,7 +127,7 @@ We suggest a centralized approach to key management, where Organization Security To configure the use of Cloud KMS on resources, you have to specify the key id on the `service_encryption_keys` variable. Key locations should match resource locations. Example: -```hcl +```tfvars service_encryption_keys = { bq = "KEY_URL_MULTIREGIONAL" composer = "KEY_URL_REGIONAL" @@ -135,6 +135,7 @@ service_encryption_keys = { storage = "KEY_URL_MULTIREGIONAL" pubsub = "KEY_URL_MULTIREGIONAL" } +# tftest skip ``` This step is optional and depends on customer policies and security best practices. @@ -191,12 +192,13 @@ The Data Platform is meant to be executed by a Service Account (or a regular use There are three sets of variables you will need to fill in: -```hcl +```tfvars billing_account_id = "111111-222222-333333" older_id = "folders/123456789012" organization_domain = "domain.com" prefix = "myco" -``` +# tftest skip` +`` For more fine details check variables on [`variables.tf`](./variables.tf) and update according to the desired configuration. Remember to create team groups described [below](#groups). @@ -207,6 +209,22 @@ terraform init terraform apply ``` +## How to use this example from Terraform + +While this example can be used as a standalone deployment, it can also be called directly as a Terraform module by providing the variables values as show below: + +```hcl +module "data-platform" { + source = "./fabric/examples/data-solutions/data-platform-foundations" + billing_account_id = var.billing_account_id + folder_id = var.folder_id + organization_domain = "example.com" + prefix = "myprefix" +} + +# tftest modules=1 resources=1 +``` + ## Customizations ### Create Cloud Key Management keys as part of the Data Platform diff --git a/examples/factories/project-factory/README.md b/examples/factories/project-factory/README.md index 4f94afab..fe65b6bf 100644 --- a/examples/factories/project-factory/README.md +++ b/examples/factories/project-factory/README.md @@ -79,6 +79,8 @@ module "projects" { services_iam = try(each.value.services_iam, {}) vpc = try(each.value.vpc, null) } + +# tftest skip ``` ### Projects configuration diff --git a/examples/networking/hub-and-spoke-peering/README.md b/examples/networking/hub-and-spoke-peering/README.md index 9eaa9d31..9fe988e6 100644 --- a/examples/networking/hub-and-spoke-peering/README.md +++ b/examples/networking/hub-and-spoke-peering/README.md @@ -47,7 +47,7 @@ The example configures the peering with the GKE master VPC to export routes for Change the GKE cluster module and add a new variable after `private_cluster_config`: -```hcl +```tfvars peering_config = { export_routes = true import_routes = false diff --git a/examples/networking/hub-and-spoke-vpn/README.md b/examples/networking/hub-and-spoke-vpn/README.md index a6f797bc..5a524160 100644 --- a/examples/networking/hub-and-spoke-vpn/README.md +++ b/examples/networking/hub-and-spoke-vpn/README.md @@ -50,6 +50,8 @@ module "project" { disable_dependent_services = false } } + +# tftest skip ``` ## Testing diff --git a/modules/__experimental/net-dns-policy-address/README.md b/modules/__experimental/net-dns-policy-address/README.md index 36f9e4e1..3dbabdac 100644 --- a/modules/__experimental/net-dns-policy-address/README.md +++ b/modules/__experimental/net-dns-policy-address/README.md @@ -8,7 +8,7 @@ Since it's currently impossible to fetch those addresses using a GCP data source ```hcl module "dns-policy-addresses" { - source = "./modules/__experimental/net-dns-policy-addresses" + source = "./fabric/modules/__experimental/net-dns-policy-addresses" project_id = "myproject" regions = ["europe-west1", "europe-west3"] } diff --git a/modules/__experimental/net-neg/README.md b/modules/__experimental/net-neg/README.md index ad90c14e..e00f797a 100644 --- a/modules/__experimental/net-neg/README.md +++ b/modules/__experimental/net-neg/README.md @@ -7,7 +7,7 @@ Note: this module will integrated into a general-purpose load balancing module i ## Example ```hcl module "neg" { - source = "./modules/net-neg" + source = "./fabric/modules/net-neg" project_id = "myproject" name = "myneg" network = module.vpc.self_link diff --git a/modules/api-gateway/README.md b/modules/api-gateway/README.md index b503f37e..62424657 100644 --- a/modules/api-gateway/README.md +++ b/modules/api-gateway/README.md @@ -6,7 +6,7 @@ This module allows creating an API with its associated API config and API gatewa ## Basic example ```hcl module "gateway" { - source = "./modules/api-gateway" + source = "./fabric/modules/api-gateway" project_id = "my-project" api_id = "api" region = "europe-west1" @@ -21,7 +21,7 @@ module "gateway" { ## Basic example + customer service account ```hcl module "gateway" { - source = "./modules/api-gateway" + source = "./fabric/modules/api-gateway" project_id = "my-project" api_id = "api" region = "europe-west1" @@ -40,7 +40,7 @@ module "gateway" { ## Basic example + service account creation ```hcl module "gateway" { - source = "./modules/api-gateway" + source = "./fabric/modules/api-gateway" project_id = "my-project" api_id = "api" region = "europe-west1" diff --git a/modules/apigee-organization/README.md b/modules/apigee-organization/README.md index 11dda36f..eceb4d13 100644 --- a/modules/apigee-organization/README.md +++ b/modules/apigee-organization/README.md @@ -8,7 +8,7 @@ This module allows managing a single Apigee organization and its environments an ```hcl module "apigee-organization" { - source = "./modules/apigee-organization" + source = "./fabric/modules/apigee-organization" project_id = "my-project" analytics_region = "us-central1" runtime_type = "CLOUD" @@ -36,7 +36,7 @@ module "apigee-organization" { ```hcl module "apigee-organization" { - source = "./modules/apigee-organization" + source = "./fabric/modules/apigee-organization" project_id = "my-project" analytics_region = "us-central1" runtime_type = "CLOUD" @@ -76,7 +76,7 @@ module "apigee-organization" { ```hcl module "apigee-organization" { - source = "./modules/apigee-organization" + source = "./fabric/modules/apigee-organization" project_id = "my-project" analytics_region = "us-central1" runtime_type = "HYBRID" diff --git a/modules/apigee-x-instance/README.md b/modules/apigee-x-instance/README.md index f2eec64f..d9eb1f1c 100644 --- a/modules/apigee-x-instance/README.md +++ b/modules/apigee-x-instance/README.md @@ -8,7 +8,7 @@ This module allows managing a single Apigee X instance and its environment attac ```hcl module "apigee-x-instance" { - source = "./modules/apigee-x-instance" + source = "./fabric/modules/apigee-x-instance" name = "my-us-instance" region = "us-central1" ip_range = "10.0.0.0/22" @@ -26,7 +26,7 @@ module "apigee-x-instance" { ```hcl module "apigee-x-instance" { - source = "./modules/apigee-x-instance" + source = "./fabric/modules/apigee-x-instance" name = "my-us-instance" region = "us-central1" ip_range = "10.0.0.0/22" diff --git a/modules/artifact-registry/README.md b/modules/artifact-registry/README.md index ac463ec1..92f103a5 100644 --- a/modules/artifact-registry/README.md +++ b/modules/artifact-registry/README.md @@ -8,7 +8,7 @@ Note: Artifact Registry is still in beta, hence this module currently uses the b ```hcl module "docker_artifact_registry" { - source = "./modules/artifact-registry" + source = "./fabric/modules/artifact-registry" project_id = "myproject" location = "europe-west1" format = "DOCKER" diff --git a/modules/bigquery-dataset/README.md b/modules/bigquery-dataset/README.md index 139ef9a5..29acba39 100644 --- a/modules/bigquery-dataset/README.md +++ b/modules/bigquery-dataset/README.md @@ -19,7 +19,7 @@ The access variables are split into `access` and `access_identities` variables, ```hcl module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my-dataset" access = { @@ -44,7 +44,7 @@ Access configuration can also be specified via IAM instead of basic roles via th ```hcl module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my-dataset" iam = { @@ -60,7 +60,7 @@ Dataset options are set via the `options` variable. all options must be specifie ```hcl module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my-dataset" options = { @@ -85,7 +85,7 @@ locals { } module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my_dataset" tables = { @@ -113,7 +113,7 @@ locals { } module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my-dataset" tables = { @@ -145,7 +145,7 @@ locals { } module "bigquery-dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "my_dataset" tables = { diff --git a/modules/bigtable-instance/README.md b/modules/bigtable-instance/README.md index 2ff7f595..2bd96d2f 100644 --- a/modules/bigtable-instance/README.md +++ b/modules/bigtable-instance/README.md @@ -14,7 +14,7 @@ This module allows managing a single BigTable instance, including access configu ```hcl module "bigtable-instance" { - source = "./modules/bigtable-instance" + source = "./fabric/modules/bigtable-instance" project_id = "my-project" name = "instance" cluster_id = "instance" diff --git a/modules/billing-budget/README.md b/modules/billing-budget/README.md index 0b39e190..44231d04 100644 --- a/modules/billing-budget/README.md +++ b/modules/billing-budget/README.md @@ -15,7 +15,7 @@ Send a notification to an email when a set of projects reach $100 of spend. ```hcl module "budget" { - source = "./modules/billing-budget" + source = "./fabric/modules/billing-budget" billing_account = var.billing_account_id name = "$100 budget" amount = 100 @@ -42,7 +42,7 @@ Send a notification to a PubSub topic the total spend of a billing account reach ```hcl module "budget" { - source = "./modules/billing-budget" + source = "./fabric/modules/billing-budget" billing_account = var.billing_account_id name = "previous period budget" amount = 0 @@ -54,7 +54,7 @@ module "budget" { } module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = var.project_id name = "budget-topic" } diff --git a/modules/binauthz/README.md b/modules/binauthz/README.md index b773ceb6..5d6ecdfa 100644 --- a/modules/binauthz/README.md +++ b/modules/binauthz/README.md @@ -8,7 +8,7 @@ This module simplifies the creation of a Binary Authorization policy, attestors ```hcl module "binauthz" { - source = "./modules/binauthz" + source = "./fabric/modules/binauthz" project_id = "my_project" global_policy_evaluation_mode = "DISABLE" default_admission_rule = { diff --git a/modules/cloud-config-container/coredns/README.md b/modules/cloud-config-container/coredns/README.md index 8099aee5..22ae5439 100644 --- a/modules/cloud-config-container/coredns/README.md +++ b/modules/cloud-config-container/coredns/README.md @@ -24,7 +24,7 @@ This example will create a `cloud-config` that uses the module's defaults, creat ```hcl module "cos-coredns" { - source = "./modules/cloud-config-container/coredns" + source = "./fabric/modules/cloud-config-container/coredns" } # use it as metadata in a compute instance or template @@ -40,8 +40,8 @@ This example will create a `cloud-config` using a custom CoreDNS configuration, ```hcl module "cos-coredns" { - source = "./modules/cloud-config-container/coredns" - coredns_config = "./modules/cloud-config-container/coredns/Corefile-hosts" + source = "./fabric/modules/cloud-config-container/coredns" + coredns_config = "./fabric/modules/cloud-config-container/coredns/Corefile-hosts" files = { "/etc/coredns/example.hosts" = { content = "127.0.0.2 foo.example.org foo" @@ -57,7 +57,7 @@ This example shows how to create the single instance optionally managed by the m ```hcl module "cos-coredns" { - source = "./modules/cloud-config-container/coredns" + source = "./fabric/modules/cloud-config-container/coredns" test_instance = { project_id = "my-project" zone = "europe-west1-b" diff --git a/modules/cloud-config-container/cos-generic-metadata/README.md b/modules/cloud-config-container/cos-generic-metadata/README.md index fef18386..9cbaad20 100644 --- a/modules/cloud-config-container/cos-generic-metadata/README.md +++ b/modules/cloud-config-container/cos-generic-metadata/README.md @@ -14,7 +14,7 @@ This example will create a `cloud-config` that starts [Envoy Proxy](https://www. ```hcl module "cos-envoy" { - source = "./modules/cos-generic-metadata" + source = "./fabric/modules/cos-generic-metadata" container_image = "envoyproxy/envoy:v1.14.1" container_name = "envoy" diff --git a/modules/cloud-config-container/envoy-traffic-director/README.md b/modules/cloud-config-container/envoy-traffic-director/README.md index a37e6081..c66bf359 100644 --- a/modules/cloud-config-container/envoy-traffic-director/README.md +++ b/modules/cloud-config-container/envoy-traffic-director/README.md @@ -13,12 +13,12 @@ This module depends on the [`cos-generic-metadata` module](../cos-generic-metada ```hcl # Envoy TD config module "cos-envoy-td" { - source = "./modules/cloud-config-container/envoy-traffic-director" + source = "./fabric/modules/cloud-config-container/envoy-traffic-director" } # COS VM module "vm-cos" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = local.project_id zone = local.zone name = "cos-envoy-td" diff --git a/modules/cloud-config-container/mysql/README.md b/modules/cloud-config-container/mysql/README.md index 3dc4e791..e6fcab4e 100644 --- a/modules/cloud-config-container/mysql/README.md +++ b/modules/cloud-config-container/mysql/README.md @@ -26,7 +26,7 @@ This example will create a `cloud-config` that uses the container's default conf ```hcl module "cos-mysql" { - source = "./modules/cos-container/mysql" + source = "./fabric/modules/cos-container/mysql" mysql_password = "foo" } @@ -43,7 +43,7 @@ This example will create a `cloud-config` that uses a custom MySQL configuration ```hcl module "cos-mysql" { - source = "./modules/cos-container/mysql" + source = "./fabric/modules/cos-container/mysql" mysql_config = "./my.cnf" mysql_password = "CiQAsd7WY==" kms_config = { @@ -61,7 +61,7 @@ This example shows how to create the single instance optionally managed by the m ```hcl module "cos-mysql" { - source = "./modules/cos-container/mysql" + source = "./fabric/modules/cos-container/mysql" mysql_password = "foo" test_instance = { project_id = "my-project" diff --git a/modules/cloud-config-container/nginx-tls/README.md b/modules/cloud-config-container/nginx-tls/README.md index bf31d666..44807d5d 100644 --- a/modules/cloud-config-container/nginx-tls/README.md +++ b/modules/cloud-config-container/nginx-tls/README.md @@ -14,12 +14,12 @@ This module depends on the [`cos-generic-metadata` module](../cos-generic-metada ```hcl # Nginx with self-signed TLS config module "cos-nginx-tls" { - source = "./modules/cloud-config-container/nginx-tls" + source = "./fabric/modules/cloud-config-container/nginx-tls" } # COS VM module "vm-nginx-tls" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = local.project_id zone = local.zone name = "cos-nginx-tls" diff --git a/modules/cloud-config-container/nginx/README.md b/modules/cloud-config-container/nginx/README.md index 317f6b56..6ae4f63c 100644 --- a/modules/cloud-config-container/nginx/README.md +++ b/modules/cloud-config-container/nginx/README.md @@ -24,7 +24,7 @@ This example will create a `cloud-config` that uses the module's defaults, creat ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } # use it as metadata in a compute instance or template @@ -40,7 +40,7 @@ This example shows how to create the single instance optionally managed by the m ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" test_instance = { project_id = "my-project" zone = "europe-west1-b" diff --git a/modules/cloud-config-container/onprem/README.md b/modules/cloud-config-container/onprem/README.md index 5033dcc9..8f33723a 100644 --- a/modules/cloud-config-container/onprem/README.md +++ b/modules/cloud-config-container/onprem/README.md @@ -24,7 +24,7 @@ The test instance is optional, as described above. ```hcl module "cloud-vpn" { - source = "./modules/net-vpn-static" + source = "./fabric/modules/net-vpn-static" project_id = "my-project" region = "europe-west1" network = "my-vpc" @@ -41,7 +41,7 @@ module "cloud-vpn" { } module "on-prem" { - source = "./modules/cos-container/on-prem" + source = "./fabric/modules/cos-container/on-prem" name = "onprem" vpn_config = { type = "static" diff --git a/modules/cloud-config-container/squid/README.md b/modules/cloud-config-container/squid/README.md index 7f2f45db..b7ff9bee 100644 --- a/modules/cloud-config-container/squid/README.md +++ b/modules/cloud-config-container/squid/README.md @@ -24,7 +24,7 @@ This example will create a `cloud-config` that allows any client in the 10.0.0.0 ```hcl module "cos-squid" { - source = "./modules/cloud-config-container/squid" + source = "./fabric/modules/cloud-config-container/squid" whitelist = [".github.com"] clients = ["10.0.0.0/8"] } @@ -42,7 +42,7 @@ This example shows how to create the single instance optionally managed by the m ```hcl module "cos-squid" { - source = "./modules/cloud-config-container/squid" + source = "./fabric/modules/cloud-config-container/squid" whitelist = ["github.com"] clients = ["10.0.0.0/8"] test_instance = { diff --git a/modules/cloud-function/README.md b/modules/cloud-function/README.md index 73a1d3f2..ffad5d4c 100644 --- a/modules/cloud-function/README.md +++ b/modules/cloud-function/README.md @@ -16,7 +16,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -35,7 +35,7 @@ Other trigger types other than HTTP are configured via the `trigger_config` vari ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -59,7 +59,7 @@ To allow anonymous access to the function, grant the `roles/cloudfunctions.invok ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -81,7 +81,7 @@ You can have the module auto-create the GCS bucket used for deployment via the ` ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -104,7 +104,7 @@ To use a custom service account managed by the module, set `service_account_crea ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -122,7 +122,7 @@ To use an externally managed service account, pass its email in `service_account ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -142,7 +142,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform ( ```hcl module "cf-http" { - source = "./modules/cloud-function" + source = "./fabric/modules/cloud-function" project_id = "my-project" name = "test-cf-http" bucket_name = "test-cf-bundles" diff --git a/modules/cloud-identity-group/README.md b/modules/cloud-identity-group/README.md index 03c05407..91c625fa 100644 --- a/modules/cloud-identity-group/README.md +++ b/modules/cloud-identity-group/README.md @@ -17,7 +17,7 @@ Until that bug is fixed, this module will only support the creation of MEMBER an ### Simple Group ```hcl module "group" { - source = "./modules/cloud-identity-group" + source = "./fabric/modules/cloud-identity-group" customer_id = "customers/C01234567" name = "mygroup@example.com" display_name = "My group name" @@ -34,7 +34,7 @@ module "group" { ### Group with managers ```hcl module "group" { - source = "./modules/cloud-identity-group" + source = "./fabric/modules/cloud-identity-group" customer_id = "customers/C01234567" name = "mygroup2@example.com" display_name = "My group name 2" diff --git a/modules/cloud-run/README.md b/modules/cloud-run/README.md index 205fcbc1..376b927b 100644 --- a/modules/cloud-run/README.md +++ b/modules/cloud-run/README.md @@ -10,7 +10,7 @@ This deploys a Cloud Run service and sets some environment variables. ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ @@ -36,7 +36,7 @@ module "cloud_run" { ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ @@ -64,7 +64,7 @@ module "cloud_run" { ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = var.project_id name = "hello" region = var.region @@ -98,7 +98,7 @@ This deploys a Cloud Run service with traffic split between two revisions. ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" revision_name = "green" @@ -123,7 +123,7 @@ This deploys a Cloud Run service that will be triggered when messages are publis ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ @@ -147,7 +147,7 @@ This deploys a Cloud Run service that will be triggered when specific log events ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ @@ -173,7 +173,7 @@ To use a custom service account managed by the module, set `service_account_crea ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ @@ -192,7 +192,7 @@ To use an externally managed service account, pass its email in `service_account ```hcl module "cloud_run" { - source = "./modules/cloud-run" + source = "./fabric/modules/cloud-run" project_id = "my-project" name = "hello" containers = [{ diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index 179e3c91..2cbb09b9 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -12,7 +12,7 @@ This example shows how to setup a project, VPC and a standalone Cloud SQL instan ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = var.billing_account_id parent = var.organization_id name = "my-db-project" @@ -22,7 +22,7 @@ module "project" { } module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = module.project.project_id name = "my-network" psa_config = { @@ -32,7 +32,7 @@ module "vpc" { } module "db" { - source = "./modules/cloudsql-instance" + source = "./fabric/modules/cloudsql-instance" project_id = module.project.project_id network = module.vpc.self_link name = "db" @@ -47,7 +47,7 @@ module "db" { ```hcl module "db" { - source = "./modules/cloudsql-instance" + source = "./fabric/modules/cloudsql-instance" project_id = var.project_id network = var.vpc.self_link name = "db" @@ -67,7 +67,7 @@ module "db" { ```hcl module "db" { - source = "./modules/cloudsql-instance" + source = "./fabric/modules/cloudsql-instance" project_id = var.project_id network = var.vpc.self_link name = "db" @@ -98,7 +98,7 @@ module "db" { ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = var.billing_account_id parent = var.organization_id name = "my-db-project" @@ -109,7 +109,7 @@ module "project" { } module "kms" { - source = "./modules/kms" + source = "./fabric/modules/kms" project_id = module.project.project_id keyring = { name = "keyring" @@ -128,7 +128,7 @@ module "kms" { } module "db" { - source = "./modules/cloudsql-instance" + source = "./fabric/modules/cloudsql-instance" project_id = module.project.project_id encryption_key_name = module.kms.keys["key-sql"].id network = var.vpc.self_link diff --git a/modules/compute-mig/README.md b/modules/compute-mig/README.md index 92bec4e8..601d7990 100644 --- a/modules/compute-mig/README.md +++ b/modules/compute-mig/README.md @@ -12,11 +12,11 @@ This example shows how to manage a simple MIG that leverages the `compute-vm` mo ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -39,7 +39,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -58,11 +58,11 @@ If multiple versions are desired, use more `compute-vm` instances for the additi ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -85,7 +85,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -111,11 +111,11 @@ Autohealing policies can use an externally defined health check, or have this mo ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -138,7 +138,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -167,11 +167,11 @@ The module can create and manage an autoscaler associated with the MIG. When usi ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -194,7 +194,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -219,11 +219,11 @@ module "nginx-mig" { ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -246,7 +246,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -281,11 +281,11 @@ Note that when referencing the stateful disk, you use `device_name` and not `dis ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -319,7 +319,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" @@ -358,11 +358,11 @@ Note that you will need to know the instance name in order to use this configura ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "nginx-template" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id name = "nginx-template" zone = "europe-west1-b" @@ -396,7 +396,7 @@ module "nginx-template" { } module "nginx-mig" { - source = "./modules/compute-mig" + source = "./fabric/modules/compute-mig" project_id = "my-project" location = "europe-west1-b" name = "mig-test" diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 93a7e763..c700ddfa 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -15,7 +15,7 @@ The simplest example leverages defaults for the boot disk image and size, and us ```hcl module "simple-vm-example" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "europe-west1-b" name = "test" @@ -37,7 +37,7 @@ module "simple-vm-example" { ```hcl module "spot-vm-example" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "europe-west1-b" name = "test" @@ -72,7 +72,7 @@ This is an example of attaching a pre-existing regional PD to a new instance: ```hcl module "simple-vm-example" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "${var.region}-b" name = "test" @@ -102,7 +102,7 @@ And the same example for an instance template (where not using the full self lin ```hcl module "simple-vm-example" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "${var.region}-b" name = "test" @@ -135,7 +135,7 @@ This example shows how to control disk encryption via the the `encryption` varia ```hcl module "kms-vm-example" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "europe-west1-b" name = "kms-test" @@ -175,7 +175,7 @@ This example shows how to add additional [Alias IPs](https://cloud.google.com/vp ```hcl module "vm-with-alias-ips" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = "my-project" zone = "europe-west1-b" name = "test" @@ -224,7 +224,7 @@ resource "google_compute_image" "cos-gvnic" { } module "vm-with-gvnic" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = "my-project" zone = "europe-west1-b" name = "test" @@ -256,7 +256,7 @@ This example shows how to use the module to manage an instance template that def ```hcl module "cos-test" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = "my-project" zone = "europe-west1-b" name = "test" @@ -296,7 +296,7 @@ locals { } module "instance-group" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" project_id = "my-project" zone = "europe-west1-b" name = "ilb-test" diff --git a/modules/container-registry/README.md b/modules/container-registry/README.md index c4baff76..bf049970 100644 --- a/modules/container-registry/README.md +++ b/modules/container-registry/README.md @@ -6,7 +6,7 @@ This module simplifies the creation of GCS buckets used by Google Container Regi ```hcl module "container_registry" { - source = "./modules/container-registry" + source = "./fabric/modules/container-registry" project_id = "myproject" location = "EU" iam = { diff --git a/modules/data-catalog-policy-tag/README.md b/modules/data-catalog-policy-tag/README.md index 5d41f723..2e6059bb 100644 --- a/modules/data-catalog-policy-tag/README.md +++ b/modules/data-catalog-policy-tag/README.md @@ -9,7 +9,7 @@ Note: Data Catalog is still in beta, hence this module currently uses the beta p ```hcl module "cmn-dc" { - source = "./modules/data-catalog-policy-tag" + source = "./fabric/modules/data-catalog-policy-tag" name = "my-datacatalog-policy-tags" project_id = "my-project" tags = { @@ -23,7 +23,7 @@ module "cmn-dc" { ```hcl module "cmn-dc" { - source = "./modules/data-catalog-policy-tag" + source = "./fabric/modules/data-catalog-policy-tag" name = "my-datacatalog-policy-tags" project_id = "my-project" tags = { @@ -65,4 +65,4 @@ module "cmn-dc" { ## TODO - Support IAM at tag level. -- Support Child policy tags \ No newline at end of file +- Support Child policy tags diff --git a/modules/datafusion/README.md b/modules/datafusion/README.md index 20414c6b..79115f05 100644 --- a/modules/datafusion/README.md +++ b/modules/datafusion/README.md @@ -8,7 +8,7 @@ This module allows simple management of ['Google Data Fusion'](https://cloud.goo ```hcl module "datafusion" { - source = "./modules/datafusion" + source = "./fabric/modules/datafusion" name = "my-datafusion" region = "europe-west1" project_id = "my-project" @@ -23,7 +23,7 @@ module "datafusion" { ```hcl module "datafusion" { - source = "./modules/datafusion" + source = "./fabric/modules/datafusion" name = "my-datafusion" region = "europe-west1" project_id = "my-project" diff --git a/modules/dns/README.md b/modules/dns/README.md index ae91dbbc..cfb8844f 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -10,7 +10,7 @@ For DNSSEC configuration, refer to the [`dns_managed_zone` documentation](https: ```hcl module "private-dns" { - source = "./modules/dns" + source = "./fabric/modules/dns" project_id = "myproject" type = "private" name = "test-example" @@ -27,7 +27,7 @@ module "private-dns" { ```hcl module "private-dns" { - source = "./modules/dns" + source = "./fabric/modules/dns" project_id = "myproject" type = "forwarding" name = "test-example" @@ -42,7 +42,7 @@ module "private-dns" { ```hcl module "private-dns" { - source = "./modules/dns" + source = "./fabric/modules/dns" project_id = "myproject" type = "peering" name = "test-example" diff --git a/modules/endpoints/README.md b/modules/endpoints/README.md index a82d14db..0d85961d 100644 --- a/modules/endpoints/README.md +++ b/modules/endpoints/README.md @@ -8,7 +8,7 @@ This module allows simple management of ['Google Cloud Endpoints'](https://cloud ```hcl module "endpoint" { - source = "./modules/endpoints" + source = "./fabric/modules/endpoints" project_id = "my-project" service_name = "YOUR-API.endpoints.YOUR-PROJECT-ID.cloud.goog" openapi_config = { "yaml_path" = "openapi.yaml" } diff --git a/modules/folder/README.md b/modules/folder/README.md index 38670c75..8f4c1bc3 100644 --- a/modules/folder/README.md +++ b/modules/folder/README.md @@ -8,7 +8,7 @@ This module allows the creation and management of folders, including support for ```hcl module "folder" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = "organizations/1234567890" name = "Folder name" group_iam = { @@ -28,7 +28,7 @@ module "folder" { ```hcl module "folder" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = "organizations/1234567890" name = "Folder name" policy_boolean = { @@ -53,7 +53,7 @@ In the same way as for the [organization](../organization) module, the in-built ```hcl module "folder" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = "organizations/1234567890" name = "Folder name" firewall_policy_factory = { @@ -109,33 +109,33 @@ allow-ssh-from-iap: ```hcl module "gcs" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "my-project" name = "gcs_sink" force_destroy = true } module "dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = "my-project" id = "bq_sink" } module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = "my-project" name = "pubsub_sink" } module "bucket" { - source = "./modules/logging-bucket" + source = "./fabric/modules/logging-bucket" parent_type = "project" parent = "my-project" id = "bucket" } module "folder-sink" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = "folders/657104291943" name = "my-folder" logging_sinks = { @@ -181,7 +181,7 @@ module "folder-sink" { ```hcl module "folder1" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = var.organization_id name = "policy-container" @@ -206,7 +206,7 @@ module "folder1" { } module "folder2" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = var.organization_id name = "hf2" firewall_policy_association = { @@ -222,7 +222,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id tags = { environment = { @@ -237,7 +237,7 @@ module "org" { } module "folder" { - source = "./modules/folder" + source = "./fabric/modules/folder" name = "Test" parent = module.org.organization_id tag_bindings = { diff --git a/modules/folders-unit/README.md b/modules/folders-unit/README.md index 45158533..e84a962b 100644 --- a/modules/folders-unit/README.md +++ b/modules/folders-unit/README.md @@ -6,7 +6,7 @@ This module allows creation and management of an organizational hierarchy "unit" ```hcl module "folders-unit" { - source = "./modules/folders-unit" + source = "./fabric/modules/folders-unit" name = "Business Intelligence" short_name = "bi" automation_project_id = "automation-project-394yr923811" diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 669009e0..5fe0a078 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -3,7 +3,7 @@ ```hcl module "bucket" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "myproject" prefix = "test" name = "my-bucket" @@ -18,7 +18,7 @@ module "bucket" { ```hcl module "bucket" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "myproject" prefix = "test" name = "my-bucket" @@ -34,7 +34,7 @@ module "bucket" { ```hcl module "bucket" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "myproject" prefix = "test" name = "my-bucket" @@ -59,7 +59,7 @@ module "bucket" { ```hcl module "bucket" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "myproject" prefix = "test" name = "my-bucket" @@ -91,7 +91,7 @@ module "bucket" { ### Minimal example with GCS notifications ```hcl module "bucket-gcs-notification" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = "myproject" prefix = "test" name = "my-bucket" diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index ba88eb25..d081e937 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -8,7 +8,7 @@ This module allows simplified creation and management of GKE clusters and should ```hcl module "cluster-1" { - source = "./modules/gke-cluster" + source = "./fabric/modules/gke-cluster" project_id = "myproject" name = "cluster-1" location = "europe-west1-b" @@ -37,7 +37,7 @@ module "cluster-1" { ```hcl module "cluster-1" { - source = "./modules/gke-cluster" + source = "./fabric/modules/gke-cluster" project_id = "myproject" name = "cluster-1" location = "europe-west1-b" diff --git a/modules/gke-hub/README.md b/modules/gke-hub/README.md index f4eef38c..87df1a47 100644 --- a/modules/gke-hub/README.md +++ b/modules/gke-hub/README.md @@ -17,7 +17,7 @@ To use this module you must ensure the following APIs are enabled in the target ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = var.billing_account_id name = "gkehub-test" parent = "folders/12345" @@ -33,7 +33,7 @@ module "project" { } module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = module.project.project_id name = "network" subnets = [{ @@ -48,7 +48,7 @@ module "vpc" { } module "cluster_1" { - source = "./modules/gke-cluster" + source = "./fabric/modules/gke-cluster" project_id = module.project.project_id name = "cluster-1" location = "europe-west1-b" @@ -67,7 +67,7 @@ module "cluster_1" { } module "hub" { - source = "./modules/gke-hub" + source = "./fabric/modules/gke-hub" project_id = module.project.project_id clusters = { cluster-1 = module.cluster_1.id @@ -124,7 +124,7 @@ module "hub" { ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = "123-456-789" name = "gkehub-test" parent = "folders/12345" @@ -140,7 +140,7 @@ module "project" { } module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = module.project.project_id name = "vpc" mtu = 1500 @@ -173,7 +173,7 @@ module "vpc" { } module "firewall" { - source = "./modules/net-vpc-firewall" + source = "./fabric/modules/net-vpc-firewall" project_id = module.project.project_id network = module.vpc.name custom_rules = { @@ -225,7 +225,7 @@ module "firewall" { } module "cluster_1" { - source = "./modules/gke-cluster" + source = "./fabric/modules/gke-cluster" project_id = module.project.project_id name = "cluster-1" location = "europe-wes1" @@ -252,7 +252,7 @@ module "cluster_1" { } module "cluster_1_nodepool" { - source = "./modules/gke-nodepool" + source = "./fabric/modules/gke-nodepool" project_id = module.project.project_id cluster_name = module.cluster_1.name location = "europe-west1" @@ -264,7 +264,7 @@ module "cluster_1_nodepool" { } module "cluster_2" { - source = "./modules/gke-cluster" + source = "./fabric/modules/gke-cluster" project_id = module.project.project_id name = "cluster-1" location = "europe-wes1" @@ -291,7 +291,7 @@ module "cluster_2" { } module "cluster_2_nodepool" { - source = "./modules/gke-nodepool" + source = "./fabric/modules/gke-nodepool" project_id = module.project.project_id cluster_name = module.cluster_2.name location = "europe-west4" @@ -304,7 +304,7 @@ module "cluster_2_nodepool" { module "hub" { - source = "./modules/gke-hub" + source = "./fabric/modules/gke-hub" project_id = module.project.project_id clusters = { cluster-1 = module.cluster_1.id diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index 08aef7ba..06387187 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -10,7 +10,7 @@ If no specific node configuration is set via variables, the module uses the prov ```hcl module "cluster-1-nodepool-1" { - source = "./modules/gke-nodepool" + source = "./fabric/modules/gke-nodepool" project_id = "myproject" cluster_name = "cluster-1" location = "europe-west1-b" @@ -24,7 +24,7 @@ To have the module auto-create a service account for the nodes, set the `node_se ```hcl module "cluster-1-nodepool-1" { - source = "./modules/gke-nodepool" + source = "./fabric/modules/gke-nodepool" project_id = "myproject" cluster_name = "cluster-1" location = "europe-west1-b" diff --git a/modules/iam-service-account/README.md b/modules/iam-service-account/README.md index ad39c389..e247ed83 100644 --- a/modules/iam-service-account/README.md +++ b/modules/iam-service-account/README.md @@ -8,7 +8,7 @@ Note that this module does not fully comply with our design principles, as outpu ```hcl module "myproject-default-service-accounts" { - source = "./modules/iam-service-account" + source = "./fabric/modules/iam-service-account" project_id = "myproject" name = "vm-default" generate_key = true diff --git a/modules/iot-core/README.md b/modules/iot-core/README.md index f72bcac1..6e505758 100644 --- a/modules/iot-core/README.md +++ b/modules/iot-core/README.md @@ -44,7 +44,7 @@ device_2: ```hcl module "iot-platform" { - source = "./modules/iot-core" + source = "./fabric/modules/iot-core" project_id = "my_project_id" region = "europe-west1" telemetry_pubsub_topic_id = "telemetry_topic_id" @@ -67,7 +67,7 @@ If you need to match specific MQTT topics (eg, /temperature) into specific PubSu ```hcl module "iot-platform" { - source = "./modules/iot-core" + source = "./fabric/modules/iot-core" project_id = "my_project_id" region = "europe-west1" telemetry_pubsub_topic_id = "telemetry_topic_id" @@ -99,7 +99,7 @@ In this example, we will show how to extend the **[Data Foundations Platform](.. ```hcl module "iot-platform" { - source = "./modules/iot-core" + source = "./fabric/modules/iot-core" project_id = "landing-project-id" region = "europe-west1" telemetry_pubsub_topic_id = "landing_pubsub_topic_id" diff --git a/modules/kms/README.md b/modules/kms/README.md index af1f60e9..cfaa822a 100644 --- a/modules/kms/README.md +++ b/modules/kms/README.md @@ -14,7 +14,7 @@ In this module **no lifecycle blocks are set on resources to prevent destroy**, ```hcl module "kms" { - source = "./modules/kms" + source = "./fabric/modules/kms" project_id = "my-project" iam = { "roles/cloudkms.admin" = ["user:user1@example.com"] @@ -30,7 +30,7 @@ module "kms" { ```hcl module "kms" { - source = "./modules/kms" + source = "./fabric/modules/kms" project_id = "my-project" iam_additive = { "roles/cloudkms.cryptoKeyEncrypterDecrypter" = [ @@ -63,7 +63,7 @@ module "kms" { ```hcl module "kms" { - source = "./modules/kms" + source = "./fabric/modules/kms" project_id = "my-project" key_purpose = { key-c = { diff --git a/modules/logging-bucket/README.md b/modules/logging-bucket/README.md index c7281771..7af82ccb 100644 --- a/modules/logging-bucket/README.md +++ b/modules/logging-bucket/README.md @@ -12,7 +12,7 @@ See also the `logging_sinks` argument within the [project](../project/), [folder ```hcl module "bucket" { - source = "./modules/logging-bucket" + source = "./fabric/modules/logging-bucket" parent_type = "project" parent = var.project_id id = "mybucket" @@ -25,13 +25,13 @@ module "bucket" { ```hcl module "folder" { - source = "./modules/folder" + source = "./fabric/modules/folder" parent = "folders/657104291943" name = "my folder" } module "bucket-default" { - source = "./modules/logging-bucket" + source = "./fabric/modules/logging-bucket" parent_type = "folder" parent = module.folder.id id = "_Default" diff --git a/modules/naming-convention/README.md b/modules/naming-convention/README.md index 356a9223..d3d0b85e 100644 --- a/modules/naming-convention/README.md +++ b/modules/naming-convention/README.md @@ -14,7 +14,7 @@ In its default configuration, the module supports an option prefix and suffix, a ```hcl module "names-org" { - source = "./modules/naming-convention" + source = "./fabric/modules/naming-convention" prefix = "myco" environment = "dev" team = "cloud" @@ -30,7 +30,7 @@ module "names-org" { } module "project-tf" { - source = "./modules/project" + source = "./fabric/modules/project" # myco-cloud-dev-tf name = module.names-org.names.project.tf # { environment = "dev", scope = "global", team = "cloud" } @@ -42,7 +42,7 @@ You can also enable resource type naming, useful with some legacy CMDB setups. W ```hcl module "names-org" { - source = "./modules/naming-convention" + source = "./fabric/modules/naming-convention" prefix = "myco" environment = "dev" team = "cloud" @@ -59,7 +59,7 @@ module "names-org" { } module "project-tf" { - source = "./modules/project" + source = "./fabric/modules/project" # prj-myco-cloud-dev-tf name = module.names-org.names.prj.tf } diff --git a/modules/net-address/README.md b/modules/net-address/README.md index a41912a7..76637ccd 100644 --- a/modules/net-address/README.md +++ b/modules/net-address/README.md @@ -8,7 +8,7 @@ This module allows reserving Compute Engine external, global, and internal addre ```hcl module "addresses" { - source = "./modules/net-address" + source = "./fabric/modules/net-address" project_id = var.project_id external_addresses = { nat-1 = var.region @@ -23,7 +23,7 @@ module "addresses" { ```hcl module "addresses" { - source = "./modules/net-address" + source = "./fabric/modules/net-address" project_id = var.project_id internal_addresses = { ilb-1 = { @@ -51,7 +51,7 @@ module "addresses" { ```hcl module "addresses" { - source = "./modules/net-address" + source = "./fabric/modules/net-address" project_id = var.project_id psa_addresses = { cloudsql-mysql = { @@ -68,7 +68,7 @@ module "addresses" { ```hcl module "addresses" { - source = "./modules/net-address" + source = "./fabric/modules/net-address" project_id = var.project_id psc_addresses = { one = { diff --git a/modules/net-cloudnat/README.md b/modules/net-cloudnat/README.md index bfcb208f..435ef7f3 100644 --- a/modules/net-cloudnat/README.md +++ b/modules/net-cloudnat/README.md @@ -6,7 +6,7 @@ Simple Cloud NAT management, with optional router creation. ```hcl module "nat" { - source = "./modules/net-cloudnat" + source = "./fabric/modules/net-cloudnat" project_id = "my-project" region = "europe-west1" name = "default" diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index c15229ab..cb561d42 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -10,7 +10,7 @@ This is a minimal example, which creates a global HTTP load balancer, pointing t ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -35,7 +35,7 @@ A very similar coniguration also applies to GCE instance groups: ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -72,7 +72,7 @@ For example, to contextually create a health check and attach it to the backend ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -117,7 +117,7 @@ Serverless backends can also be used, as shown in the example below. ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -163,7 +163,7 @@ Backends can be multiple, group and bucket backends can be mixed and group backe ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -227,7 +227,7 @@ In this example, we're using one backend service as the default backend ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -295,7 +295,7 @@ Optionally, a static IP address can be reserved: ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -332,7 +332,7 @@ If no `ssl_certificates_config` variable is specified, a managed certificate for ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -366,7 +366,7 @@ If the ids specified in the `target_proxy_https_config` variable are not found i ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -414,7 +414,7 @@ Using unamanged certificates is also possible. Here is an example: ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id @@ -487,7 +487,7 @@ You can also use regional load balancing by specifying a `region` parameter: ```hcl module "glb" { - source = "./modules/net-glb" + source = "./fabric/modules/net-glb" name = "glb-test" project_id = var.project_id region = var.region diff --git a/modules/net-ilb-l7/README.md b/modules/net-ilb-l7/README.md index 84a5b8f6..20bced5c 100644 --- a/modules/net-ilb-l7/README.md +++ b/modules/net-ilb-l7/README.md @@ -11,7 +11,7 @@ An HTTP ILB with a backend service pointing to a GCE instance group: ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -39,7 +39,7 @@ Network and subnetwork can be entered using their name (if present in the same p ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -75,7 +75,7 @@ For example, to contextually create a health check and attach it to the backend ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -118,7 +118,7 @@ Zonal Network Endpoint Groups (NEGs) can also be used, as shown in the example b ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -175,7 +175,7 @@ In this example, we're using a backend service as the default backend ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -234,7 +234,7 @@ Optionally, a static IP address can be reserved: ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -271,7 +271,7 @@ When HTTPS is enabled, if the ids specified in the `target_proxy_https_config` v ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" @@ -307,7 +307,7 @@ Otherwise, unmanaged certificates can also be contextually created: ```hcl module "ilb" { - source = "./modules/net-ilb-l7" + source = "./fabric/modules/net-ilb-l7" name = "ilb-test" project_id = var.project_id region = "europe-west1" diff --git a/modules/net-ilb/README.md b/modules/net-ilb/README.md index a48f94af..5637f0ef 100644 --- a/modules/net-ilb/README.md +++ b/modules/net-ilb/README.md @@ -18,7 +18,7 @@ This examples shows how to create an ILB by combining externally managed instanc ```hcl module "ilb" { - source = "./modules/net-ilb" + source = "./fabric/modules/net-ilb" project_id = var.project_id region = "europe-west1" name = "ilb-test" @@ -58,11 +58,11 @@ Note that the example uses the GCE default service account. You might want to cr ```hcl module "cos-nginx" { - source = "./modules/cloud-config-container/nginx" + source = "./fabric/modules/cloud-config-container/nginx" } module "instance-group" { - source = "./modules/compute-vm" + source = "./fabric/modules/compute-vm" for_each = toset(["b", "c"]) project_id = var.project_id zone = "europe-west1-${each.key}" @@ -86,7 +86,7 @@ module "instance-group" { } module "ilb" { - source = "./modules/net-ilb" + source = "./fabric/modules/net-ilb" project_id = var.project_id region = "europe-west1" name = "ilb-test" diff --git a/modules/net-interconnect-attachment-direct/README.md b/modules/net-interconnect-attachment-direct/README.md index 3b77372e..6a5244c7 100644 --- a/modules/net-interconnect-attachment-direct/README.md +++ b/modules/net-interconnect-attachment-direct/README.md @@ -8,7 +8,7 @@ This module allows creation of a VLAN attachment for Direct Interconnect and rou ```hcl module "vlan-attachment-1" { - source = "./modules/net-interconnect-attachment-direct" + source = "./fabric/modules/net-interconnect-attachment-direct" project_id = "dedicated-ic-5-8492" region = "us-west2" router_network = "myvpc" @@ -25,7 +25,7 @@ module "vlan-attachment-1" { ```hcl module "vlan-attachment-1" { - source = "./modules/net-interconnect-attachment-direct" + source = "./fabric/modules/net-interconnect-attachment-direct" project_id = "dedicated-ic-3-8386" region = "us-west2" router_name = "router-1" @@ -63,7 +63,7 @@ module "vlan-attachment-1" { } module "vlan-attachment-2" { - source = "./modules/net-interconnect-attachment-direct" + source = "./fabric/modules/net-interconnect-attachment-direct" project_id = "dedicated-ic-3-8386" region = "us-west2" router_name = "router-2" diff --git a/modules/net-vpc-firewall/README.md b/modules/net-vpc-firewall/README.md index 6a542e1e..cfb07395 100644 --- a/modules/net-vpc-firewall/README.md +++ b/modules/net-vpc-firewall/README.md @@ -16,7 +16,7 @@ This is often useful for prototyping or testing infrastructure, allowing open in ```hcl module "firewall" { - source = "./modules/net-vpc-firewall" + source = "./fabric/modules/net-vpc-firewall" project_id = "my-project" network = "my-network" admin_ranges = ["10.0.0.0/8"] @@ -30,7 +30,7 @@ This is an example of how to define custom rules, with a sample rule allowing op ```hcl module "firewall" { - source = "./modules/net-vpc-firewall" + source = "./fabric/modules/net-vpc-firewall" project_id = "my-project" network = "my-network" admin_ranges = ["10.0.0.0/8"] @@ -57,7 +57,7 @@ If you don't want any predefined rules set `admin_ranges`, `http_source_ranges`, ```hcl module "firewall" { - source = "./modules/net-vpc-firewall" + source = "./fabric/modules/net-vpc-firewall" project_id = "my-project" network = "my-network" admin_ranges = [] @@ -87,7 +87,7 @@ The module includes a rules factory (see [Resource Factories](../../examples/fac ```hcl module "firewall" { - source = "./modules/net-vpc-firewall" + source = "./fabric/modules/net-vpc-firewall" project_id = "my-project" network = "my-network" data_folder = "config/firewall" diff --git a/modules/net-vpc-peering/README.md b/modules/net-vpc-peering/README.md index 892f6cca..c25fb8db 100644 --- a/modules/net-vpc-peering/README.md +++ b/modules/net-vpc-peering/README.md @@ -13,7 +13,7 @@ Basic usage of this module is as follows: ```hcl module "peering" { - source = "./modules/net-vpc-peering" + source = "./fabric/modules/net-vpc-peering" prefix = "name-prefix" local_network = "projects/project-1/global/networks/vpc-1" peer_network = "projects/project-1/global/networks/vpc-2" @@ -25,14 +25,14 @@ If you need to create more than one peering for the same VPC Network `(A -> B, A ```hcl module "peering-a-b" { - source = "./modules/net-vpc-peering" + source = "./fabric/modules/net-vpc-peering" prefix = "name-prefix" local_network = "projects/project-a/global/networks/vpc-a" peer_network = "projects/project-b/global/networks/vpc-b" } module "peering-a-c" { - source = "./modules/net-vpc-peering" + source = "./fabric/modules/net-vpc-peering" prefix = "name-prefix" local_network = "projects/project-a/global/networks/vpc-a" peer_network = "projects/project-c/global/networks/vpc-c" diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 29360382..2d7084b7 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -10,7 +10,7 @@ The module allows for several different VPC configurations, some of the most com ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" subnets = [ @@ -42,7 +42,7 @@ If you only want to create the "local" side of the peering, use `peering_create_ ```hcl module "vpc-hub" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "hub" name = "vpc-hub" subnets = [{ @@ -54,7 +54,7 @@ module "vpc-hub" { } module "vpc-spoke-1" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "spoke1" name = "vpc-spoke1" subnets = [{ @@ -89,7 +89,7 @@ locals { } module "vpc-host" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-host-network" subnets = [ @@ -127,7 +127,7 @@ module "vpc-host" { ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" subnets = [ @@ -152,7 +152,7 @@ Custom routes can be optionally exported/imported through the peering formed wit ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" subnets = [ @@ -180,7 +180,7 @@ Along with common private subnets module supports creation more service specific ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" @@ -207,7 +207,7 @@ module "vpc" { ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" dns_policy = { @@ -236,7 +236,7 @@ The `net-vpc` module includes a subnet factory (see [Resource Factories](../../e ```hcl module "vpc" { - source = "./modules/net-vpc" + source = "./fabric/modules/net-vpc" project_id = "my-project" name = "my-network" data_folder = "config/subnets" diff --git a/modules/net-vpn-dynamic/README.md b/modules/net-vpn-dynamic/README.md index 00f1157b..1c8fb7b6 100644 --- a/modules/net-vpn-dynamic/README.md +++ b/modules/net-vpn-dynamic/README.md @@ -9,7 +9,7 @@ This example shows how to configure a single VPN tunnel using a couple of extra ```hcl module "vpn-dynamic" { - source = "./modules/net-vpn-dynamic" + source = "./fabric/modules/net-vpn-dynamic" project_id = "my-project" region = "europe-west1" network = "my-vpc" diff --git a/modules/net-vpn-ha/README.md b/modules/net-vpn-ha/README.md index 45025f99..b79a25f1 100644 --- a/modules/net-vpn-ha/README.md +++ b/modules/net-vpn-ha/README.md @@ -6,7 +6,7 @@ This module makes it easy to deploy either GCP-to-GCP or GCP-to-On-prem [Cloud H ### GCP to GCP ```hcl module "vpn_ha-1" { - source = "./modules/net-vpn-ha" + source = "./fabric/modules/net-vpn-ha" project_id = "" region = "europe-west4" network = "https://www.googleapis.com/compute/v1/projects//global/networks/network-1" @@ -51,7 +51,7 @@ module "vpn_ha-1" { } module "vpn_ha-2" { - source = "./modules/net-vpn-ha" + source = "./fabric/modules/net-vpn-ha" project_id = "" region = "europe-west4" network = "https://www.googleapis.com/compute/v1/projects//global/networks/local-network" @@ -96,7 +96,7 @@ Note: When using the `for_each` meta-argument you might experience a Cycle Error ```hcl module "vpn_ha" { - source = "./modules/net-vpn-ha" + source = "./fabric/modules/net-vpn-ha" project_id = var.project_id region = var.region network = var.vpc.self_link diff --git a/modules/net-vpn-static/README.md b/modules/net-vpn-static/README.md index 1591d9e8..92745e2d 100644 --- a/modules/net-vpn-static/README.md +++ b/modules/net-vpn-static/README.md @@ -4,7 +4,7 @@ ```hcl module "addresses" { - source = "./modules/net-address" + source = "./fabric/modules/net-address" project_id = var.project_id external_addresses = { vpn = "europe-west1" @@ -12,7 +12,7 @@ module "addresses" { } module "vpn" { - source = "./modules/net-vpn-static" + source = "./fabric/modules/net-vpn-static" project_id = var.project_id region = var.region network = var.vpc.self_link diff --git a/modules/organization-policy/README.md b/modules/organization-policy/README.md index 84429e8c..3b914170 100644 --- a/modules/organization-policy/README.md +++ b/modules/organization-policy/README.md @@ -13,14 +13,14 @@ Yaml based factory can simplify centralized management of Org Policies for a Dev ```hcl # using configuration provided in a set of yaml files module "org-policy-factory" { - source = "./modules/organization-policy" + source = "./fabric/modules/organization-policy" config_directory = "./policies" } # using configuration provided in the module variable module "org-policy" { - source = "./modules/organization-policy" + source = "./fabric/modules/organization-policy" policies = { "folders/1234567890" = { diff --git a/modules/organization/README.md b/modules/organization/README.md index 0fc50c89..cebb8429 100644 --- a/modules/organization/README.md +++ b/modules/organization/README.md @@ -11,7 +11,7 @@ This module allows managing several organization properties: ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = "organizations/1234567890" group_iam = { "cloud-owners@example.org" = ["roles/owner", "roles/projectCreator"] @@ -60,7 +60,7 @@ Once you have policies (either created via the module or externally), you can as ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id firewall_policies = { iap-policy = { @@ -92,7 +92,7 @@ The in-built factory allows you to define a single policy, using one file for ru ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id firewall_policy_factory = { cidr_file = "data/cidrs.yaml" @@ -147,33 +147,33 @@ allow-ssh-from-iap: ```hcl module "gcs" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = var.project_id name = "gcs_sink" force_destroy = true } module "dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = var.project_id id = "bq_sink" } module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = var.project_id name = "pubsub_sink" } module "bucket" { - source = "./modules/logging-bucket" + source = "./fabric/modules/logging-bucket" parent_type = "project" parent = "my-project" id = "bucket" } module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id logging_sinks = { @@ -223,7 +223,7 @@ module "org" { ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id custom_roles = { "myRole" = [ @@ -243,7 +243,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id tags = { environment = { diff --git a/modules/project/README.md b/modules/project/README.md index 1046e463..b30ff2eb 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -21,7 +21,7 @@ locals { } module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = "123456-123456-123456" name = "project-example" parent = "folders/1234567890" @@ -43,7 +43,7 @@ The `group_iam` variable uses group email addresses as keys and is a convenient ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = "123456-123456-123456" name = "project-example" parent = "folders/1234567890" @@ -70,7 +70,7 @@ Additive IAM is typically used where bindings for specific roles are controlled ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "project-example" iam_additive = { "roles/viewer" = [ @@ -94,7 +94,7 @@ As mentioned above, there are cases where authoritative management of specific I ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "project-example" group_iam = { "foo@example.com" = [ @@ -120,7 +120,7 @@ You can enable Shared VPC Host at the project level and manage project service a ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "project-example" shared_vpc_host_config = { enabled = true @@ -134,7 +134,7 @@ module "project" { ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "project-example" shared_vpc_service_config = { attach = true @@ -159,7 +159,7 @@ module "project" { ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" billing_account = "123456-123456-123456" name = "project-example" parent = "folders/1234567890" @@ -188,33 +188,33 @@ module "project" { ```hcl module "gcs" { - source = "./modules/gcs" + source = "./fabric/modules/gcs" project_id = var.project_id name = "gcs_sink" force_destroy = true } module "dataset" { - source = "./modules/bigquery-dataset" + source = "./fabric/modules/bigquery-dataset" project_id = var.project_id id = "bq_sink" } module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = var.project_id name = "pubsub_sink" } module "bucket" { - source = "./modules/logging-bucket" + source = "./fabric/modules/logging-bucket" parent_type = "project" parent = "my-project" id = "bucket" } module "project-host" { - source = "./modules/project" + source = "./fabric/modules/project" name = "my-project" billing_account = "123456-123456-123456" parent = "folders/1234567890" @@ -267,7 +267,7 @@ The module offers a simple, centralized way to assign `roles/cloudkms.cryptoKeyE ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "my-project" billing_account = "123456-123456-123456" prefix = "foo" @@ -294,7 +294,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana ```hcl module "org" { - source = "./modules/organization" + source = "./fabric/modules/organization" organization_id = var.organization_id tags = { environment = { @@ -309,7 +309,7 @@ module "org" { } module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "test-project" tag_bindings = { env-prod = module.org.tag_values["environment/prod"].id @@ -327,7 +327,7 @@ One non-obvious output is `service_accounts`, which offers a simple way to disco ```hcl module "project" { - source = "./modules/project" + source = "./fabric/modules/project" name = "project-example" services = [ "compute.googleapis.com" diff --git a/modules/projects-data-source/README.md b/modules/projects-data-source/README.md index c755d852..35c5df56 100644 --- a/modules/projects-data-source/README.md +++ b/modules/projects-data-source/README.md @@ -10,7 +10,7 @@ A good usage pattern would be when we want all the projects under a specific fol ```hcl module "my-org" { - source = "./modules/projects-data-source" + source = "./fabric/modules/projects-data-source" parent = "organizations/123456789" } @@ -29,7 +29,7 @@ output "folders" { ```hcl module "my-dev" { - source = "./modules/projects-data-source" + source = "./fabric/modules/projects-data-source" parent = "folders/123456789" filter = "labels.env:DEV lifecycleState:ACTIVE" } diff --git a/modules/pubsub/README.md b/modules/pubsub/README.md index 74d0b8ac..b75aaf6d 100644 --- a/modules/pubsub/README.md +++ b/modules/pubsub/README.md @@ -9,7 +9,7 @@ This module allows managing a single Pub/Sub topic, including multiple subscript ```hcl module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = "my-project" name = "my-topic" iam = { @@ -26,7 +26,7 @@ Subscriptions are defined with the `subscriptions` variable, allowing optional c ```hcl module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = "my-project" name = "my-topic" subscriptions = { @@ -52,7 +52,7 @@ Push subscriptions need extra configuration in the `push_configs` variable. ```hcl module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = "my-project" name = "my-topic" subscriptions = { @@ -73,7 +73,7 @@ module "pubsub" { ```hcl module "pubsub" { - source = "./modules/pubsub" + source = "./fabric/modules/pubsub" project_id = "my-project" name = "my-topic" subscriptions = { diff --git a/modules/secret-manager/README.md b/modules/secret-manager/README.md index ca5c4e01..a0a55e47 100644 --- a/modules/secret-manager/README.md +++ b/modules/secret-manager/README.md @@ -14,7 +14,7 @@ The secret replication policy is automatically managed if no location is set, or ```hcl module "secret-manager" { - source = "./modules/secret-manager" + source = "./fabric/modules/secret-manager" project_id = "my-project" secrets = { test-auto = null @@ -30,7 +30,7 @@ IAM bindings can be set per secret in the same way as for most other modules sup ```hcl module "secret-manager" { - source = "./modules/secret-manager" + source = "./fabric/modules/secret-manager" project_id = "my-project" secrets = { test-auto = null @@ -54,7 +54,7 @@ As mentioned above, please be aware that **version data will be stored in state ```hcl module "secret-manager" { - source = "./modules/secret-manager" + source = "./fabric/modules/secret-manager" project_id = "my-project" secrets = { test-auto = null diff --git a/modules/service-directory/README.md b/modules/service-directory/README.md index b67753c5..ded837f2 100644 --- a/modules/service-directory/README.md +++ b/modules/service-directory/README.md @@ -11,7 +11,7 @@ It can be used in conjunction with the [DNS](../dns) module to create [service-d ```hcl module "service-directory" { - source = "./modules/service-directory" + source = "./fabric/modules/service-directory" project_id = "my-project" location = "europe-west1" name = "sd-1" @@ -28,7 +28,7 @@ module "service-directory" { ```hcl module "service-directory" { - source = "./modules/service-directory" + source = "./fabric/modules/service-directory" project_id = "my-project" location = "europe-west1" name = "sd-1" @@ -59,7 +59,7 @@ Wiring a service directory namespace to a private DNS zone allows querying the n ```hcl module "service-directory" { - source = "./modules/service-directory" + source = "./fabric/modules/service-directory" project_id = "my-project" location = "europe-west1" name = "apps" @@ -77,7 +77,7 @@ module "service-directory" { } module "dns-sd" { - source = "./modules/dns" + source = "./fabric/modules/dns" project_id = "my-project" type = "service-directory" name = "apps" diff --git a/modules/source-repository/README.md b/modules/source-repository/README.md index 2075b89a..9baf0ebd 100644 --- a/modules/source-repository/README.md +++ b/modules/source-repository/README.md @@ -8,7 +8,7 @@ This module allows managing a single Cloud Source Repository, including IAM bind ```hcl module "repo" { - source = "./modules/source-repository" + source = "./fabric/modules/source-repository" project_id = "my-project" name = "my-repo" iam = { @@ -22,7 +22,7 @@ module "repo" { ```hcl module "repo" { - source = "./modules/source-repository" + source = "./fabric/modules/source-repository" project_id = "my-project" name = "my-repo" triggers = { diff --git a/modules/vpc-sc/README.md b/modules/vpc-sc/README.md index 190348af..06407eeb 100644 --- a/modules/vpc-sc/README.md +++ b/modules/vpc-sc/README.md @@ -14,7 +14,7 @@ By default, the module is configured to use an existing policy, passed in by nam ```hcl module "test" { - source = "./modules/vpc-sc" + source = "./fabric/modules/vpc-sc" access_policy = "12345678" } # tftest modules=0 resources=0 @@ -24,7 +24,7 @@ If you need the module to create the policy for you, use the `access_policy_crea ```hcl module "test" { - source = "./modules/vpc-sc" + source = "./fabric/modules/vpc-sc" access_policy = null access_policy_create = { parent = "organizations/123456" @@ -40,7 +40,7 @@ As highlighted above, the `access_levels` type replicates the underlying resourc ```hcl module "test" { - source = "./modules/vpc-sc" + source = "./fabric/modules/vpc-sc" access_policy = "12345678" access_levels = { a1 = { @@ -81,7 +81,7 @@ Resources for both perimeters have a `lifecycle` block that ignores changes to ` ```hcl module "test" { - source = "./modules/vpc-sc" + source = "./fabric/modules/vpc-sc" access_policy = "12345678" service_perimeters_bridge = { b1 = { @@ -103,7 +103,7 @@ module "test" { ```hcl module "test" { - source = "./modules/vpc-sc" + source = "./fabric/modules/vpc-sc" access_policy = "12345678" access_levels = { a1 = { diff --git a/tests/conftest.py b/tests/conftest.py index 9dc566b4..f6c0069b 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - "Shared fixtures" import inspect @@ -46,12 +45,13 @@ def _plan_runner(): tf = tftest.TerraformTest(tmp_path, BASEDIR, os.environ.get('TERRAFORM', 'terraform')) tf.setup(upgrade=True) - return tf.plan(output=True, refresh=refresh, tf_vars=tf_vars, targets=targets) + return tf.plan(output=True, refresh=refresh, tf_vars=tf_vars, + targets=targets) return run_plan -@ pytest.fixture(scope='session') +@pytest.fixture(scope='session') def plan_runner(_plan_runner): "Returns a function to run Terraform plan on a module fixture." @@ -65,15 +65,15 @@ def plan_runner(_plan_runner): return run_plan -@ pytest.fixture(scope='session') +@pytest.fixture(scope='session') def e2e_plan_runner(_plan_runner): "Returns a function to run Terraform plan on an end-to-end fixture." def run_plan(fixture_path=None, targets=None, refresh=True, include_bare_resources=False, **tf_vars): "Runs Terraform plan on an end-to-end module using defaults, returns data." - plan = _plan_runner(fixture_path, targets=targets, - refresh=refresh, **tf_vars) + plan = _plan_runner(fixture_path, targets=targets, refresh=refresh, + **tf_vars) # skip the fixture root_module = plan.root_module['child_modules'][0] modules = dict((mod['address'], mod['resources']) @@ -87,7 +87,7 @@ def e2e_plan_runner(_plan_runner): return run_plan -@ pytest.fixture(scope='session') +@pytest.fixture(scope='session') def doc_example_plan_runner(_plan_runner): "Returns a function to run Terraform plan on documentation examples." @@ -99,14 +99,12 @@ def doc_example_plan_runner(_plan_runner): plan = tf.plan(output=True, refresh=True) # the fixture is the example we are testing modules = plan.modules or {} - return ( - len(modules), - sum(len(m.resources) for m in modules.values())) + return (len(modules), sum(len(m.resources) for m in modules.values())) return run_plan -@ pytest.fixture(scope='session') +@pytest.fixture(scope='session') def apply_runner(): "Returns a function to run Terraform apply on a fixture." diff --git a/tests/doc_examples/conftest.py b/tests/doc_examples/conftest.py index 6289a580..07fa0cc3 100644 --- a/tests/doc_examples/conftest.py +++ b/tests/doc_examples/conftest.py @@ -16,18 +16,19 @@ from pathlib import Path import marko -MODULES_PATH = Path(__file__).parents[2] / 'modules/' +FABRIC_ROOT = Path(__file__).parents[2] +MODULES_PATH = FABRIC_ROOT / 'modules/' +EXAMPLES_PATH = FABRIC_ROOT / 'examples/' def pytest_generate_tests(metafunc): if 'example' in metafunc.fixturenames: - modules = [ - x for x in MODULES_PATH.iterdir() - if x.is_dir() - ] + modules = [x for x in MODULES_PATH.iterdir() if x.is_dir()] + modules.extend(x for x in EXAMPLES_PATH.glob("*/*") if x.is_dir()) modules.sort() examples = [] ids = [] + for module in modules: readme = module / 'README.md' if not readme.exists(): @@ -42,7 +43,8 @@ def pytest_generate_tests(metafunc): if 'tftest skip' in code: continue examples.append(code) - name = f'{module.stem}:{last_header}' + path = module.relative_to(FABRIC_ROOT) + name = f'{path}/{module.stem}:{last_header}' if index > 1: name += f' {index}' ids.append(name) diff --git a/tests/doc_examples/test_plan.py b/tests/doc_examples/test_plan.py index 0287a9d6..23a68eea 100644 --- a/tests/doc_examples/test_plan.py +++ b/tests/doc_examples/test_plan.py @@ -15,14 +15,12 @@ import re from pathlib import Path - BASE_PATH = Path(__file__).parent EXPECTED_RESOURCES_RE = re.compile(r'# tftest modules=(\d+) resources=(\d+)') def test_example(doc_example_plan_runner, tmp_path, example): - (tmp_path / 'modules').symlink_to( - Path(BASE_PATH, '../../modules/').resolve()) + (tmp_path / 'fabric').symlink_to(Path(BASE_PATH, '../../').resolve()) (tmp_path / 'variables.tf').symlink_to( Path(BASE_PATH, 'variables.tf').resolve()) (tmp_path / 'main.tf').write_text(example) diff --git a/tests/doc_examples/variables.tf b/tests/doc_examples/variables.tf index 38fb3db3..7e148dc1 100644 --- a/tests/doc_examples/variables.tf +++ b/tests/doc_examples/variables.tf @@ -32,6 +32,10 @@ variable "organization_id" { default = "organizations/1122334455" } +variable "folder_id" { + default = "folders/1122334455" +} + variable "project_id" { default = "projects/project-id" } From 7a2b76931260fbc3ace7d2dfe8da52954b260ccd Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Wed, 7 Sep 2022 11:14:19 +0200 Subject: [PATCH 4/7] Delete merge-pr.yml --- .github/workflows/merge-pr.yml | 51 ---------------------------------- 1 file changed, 51 deletions(-) delete mode 100644 .github/workflows/merge-pr.yml diff --git a/.github/workflows/merge-pr.yml b/.github/workflows/merge-pr.yml deleted file mode 100644 index a01eecd8..00000000 --- a/.github/workflows/merge-pr.yml +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -name: Post-merge tasks - -on: - pull_request: - branches: - - master - types: - - closed - -env: - PYTHON_VERSION: "3.10" - -jobs: - if_merged: - if: github.event.pull_request.merged == true - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: ${{ env.PYTHON_VERSION }} - - name: Install dependencies - run: | - pip install -r tools/requirements.txt - - name: Update Changelog - run: | - python3 tools/changelog.py --token secrets.GITHUB_TOKEN CHANGELOG.md - - name: Commit and push Changelog - env: - CI_COMMIT_MESSAGE: Update Changelog - CI_COMMIT_AUTHOR: Fabric Repo Workflows - run: | - git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}" - git config --global user.email "username@users.noreply.github.com" - git commit -a -m "${{ env.CI_COMMIT_MESSAGE }}" - git push From 027d797ef325652607738d2012c3252f7e6ef584 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Wed, 7 Sep 2022 11:15:40 +0200 Subject: [PATCH 5/7] update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0801f834..c26bd585 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. +- [[#794](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/794)] Test documentation examples in the `examples/` folder ([juliocc](https://github.com/juliocc)) ### FAST From 718f9d80df07d1b98b1b1cfa9b3e33a9d29d493b Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Wed, 7 Sep 2022 11:17:16 +0200 Subject: [PATCH 6/7] update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c26bd585..77ce0936 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,6 @@ All notable changes to this project will be documented in this file. -- [[#794](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/794)] Test documentation examples in the `examples/` folder ([juliocc](https://github.com/juliocc)) ### FAST @@ -100,6 +99,7 @@ All notable changes to this project will be documented in this file. ### TOOLS +- [[#794](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/794)] Test documentation examples in the `examples/` folder ([juliocc](https://github.com/juliocc)) - [[#788](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/788)] fix yaml quotes for merge-pr workflow ([drebes](https://github.com/drebes)) - [[#763](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/763)] Changelog generator ([ludoo](https://github.com/ludoo)) - [[#762](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/762)] Update changelog on pull request merge ([ludoo](https://github.com/ludoo)) From 70b03b50c83398a9df7b765064f14f836af672e5 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Wed, 7 Sep 2022 11:24:11 +0200 Subject: [PATCH 7/7] Remove duplicate path component from doc_examples test names. --- tests/doc_examples/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/doc_examples/conftest.py b/tests/doc_examples/conftest.py index 07fa0cc3..79975a96 100644 --- a/tests/doc_examples/conftest.py +++ b/tests/doc_examples/conftest.py @@ -44,7 +44,7 @@ def pytest_generate_tests(metafunc): continue examples.append(code) path = module.relative_to(FABRIC_ROOT) - name = f'{path}/{module.stem}:{last_header}' + name = f'{path}:{last_header}' if index > 1: name += f' {index}' ids.append(name)