Merge branch 'master' into lcaggio/fix-20221123
This commit is contained in:
lcaggio
GitHub
commit
e56762b4d3
|
|
@ -15,12 +15,12 @@
|
||||||
'on:blueprints':
|
'on:blueprints':
|
||||||
- blueprints/**/*
|
- blueprints/**/*
|
||||||
'on:documentation':
|
'on:documentation':
|
||||||
- '**/*.md'
|
- README.md
|
||||||
- assets/**/*
|
- */README.md
|
||||||
- tests/**/*
|
|
||||||
'on:FAST':
|
'on:FAST':
|
||||||
- fast/**/*
|
- fast/**/*
|
||||||
'on:modules':
|
'on:modules':
|
||||||
- modules/**/*
|
- modules/**/*
|
||||||
'on:tools':
|
'on:tools':
|
||||||
- tools/**/*
|
- tools/**/*
|
||||||
|
- .github/**/*
|
||||||
|
|
|
||||||
|
|
@ -61,7 +61,7 @@ Once done testing, you can clean up resources by running `terraform destroy`.
|
||||||
| [disk_type](variables.tf#L37) | Disk type. | <code>string</code> | | <code>"pd-ssd"</code> |
|
| [disk_type](variables.tf#L37) | Disk type. | <code>string</code> | | <code>"pd-ssd"</code> |
|
||||||
| [image](variables.tf#L43) | Image. | <code>string</code> | | <code>"projects/windows-cloud/global/images/family/windows-2022"</code> |
|
| [image](variables.tf#L43) | Image. | <code>string</code> | | <code>"projects/windows-cloud/global/images/family/windows-2022"</code> |
|
||||||
| [instance_type](variables.tf#L49) | Instance type. | <code>string</code> | | <code>"n1-standard-2"</code> |
|
| [instance_type](variables.tf#L49) | Instance type. | <code>string</code> | | <code>"n1-standard-2"</code> |
|
||||||
| [network_config](variables.tf#L55) | Network configuration | <code title="object({ network = string subnet = string })">object({…})</code> | | <code>null</code> |
|
| [network_config](variables.tf#L55) | Network configuration. | <code title="object({ network = string subnet = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [project_create](variables.tf#L73) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L73) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [region](variables.tf#L87) | Region. | <code>string</code> | | <code>"europe-west1"</code> |
|
| [region](variables.tf#L87) | Region. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||||
| [subnet_ip_cidr_block](variables.tf#L93) | Subnet IP CIDR block. | <code>string</code> | | <code>"10.0.1.0/28"</code> |
|
| [subnet_ip_cidr_block](variables.tf#L93) | Subnet IP CIDR block. | <code>string</code> | | <code>"10.0.1.0/28"</code> |
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,7 @@ variable "instance_type" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "network_config" {
|
variable "network_config" {
|
||||||
description = "Network configuration"
|
description = "Network configuration."
|
||||||
type = object({
|
type = object({
|
||||||
network = string
|
network = string
|
||||||
subnet = string
|
subnet = string
|
||||||
|
|
|
||||||
|
|
@ -63,7 +63,7 @@ Do the following to verify that everything works as expected.
|
||||||
| [instances](variables.tf#L46) | Instance. | <code title="map(object({ display_name = optional(string) description = optional(string) region = string environments = list(string) psa_ip_cidr_range = string disk_encryption_key = optional(string) consumer_accept_list = optional(list(string)) }))">map(object({…}))</code> | ✓ | |
|
| [instances](variables.tf#L46) | Instance. | <code title="map(object({ display_name = optional(string) description = optional(string) region = string environments = list(string) psa_ip_cidr_range = string disk_encryption_key = optional(string) consumer_accept_list = optional(list(string)) }))">map(object({…}))</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L92) | Project ID. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L92) | Project ID. | <code>string</code> | ✓ | |
|
||||||
| [psc_config](variables.tf#L98) | PSC configuration. | <code>map(string)</code> | ✓ | |
|
| [psc_config](variables.tf#L98) | PSC configuration. | <code>map(string)</code> | ✓ | |
|
||||||
| [datastore_name](variables.tf#L17) | Datastore | <code>string</code> | | <code>"gcs"</code> |
|
| [datastore_name](variables.tf#L17) | Datastore. | <code>string</code> | | <code>"gcs"</code> |
|
||||||
| [organization](variables.tf#L60) | Apigee organization. | <code title="object({ display_name = optional(string, "Apigee organization created by tf module") description = optional(string, "Apigee organization created by tf module") authorized_network = optional(string, "vpc") runtime_type = optional(string, "CLOUD") billing_type = optional(string) database_encryption_key = optional(string) analytics_region = optional(string, "europe-west1") })">object({…})</code> | | <code title="{ }">{…}</code> |
|
| [organization](variables.tf#L60) | Apigee organization. | <code title="object({ display_name = optional(string, "Apigee organization created by tf module") description = optional(string, "Apigee organization created by tf module") authorized_network = optional(string, "vpc") runtime_type = optional(string, "CLOUD") billing_type = optional(string) database_encryption_key = optional(string) analytics_region = optional(string, "europe-west1") })">object({…})</code> | | <code title="{ }">{…}</code> |
|
||||||
| [path](variables.tf#L76) | Bucket path. | <code>string</code> | | <code>"/analytics"</code> |
|
| [path](variables.tf#L76) | Bucket path. | <code>string</code> | | <code>"/analytics"</code> |
|
||||||
| [project_create](variables.tf#L83) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L83) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
variable "datastore_name" {
|
variable "datastore_name" {
|
||||||
description = "Datastore"
|
description = "Datastore."
|
||||||
type = string
|
type = string
|
||||||
nullable = false
|
nullable = false
|
||||||
default = "gcs"
|
default = "gcs"
|
||||||
|
|
|
||||||
|
|
@ -89,15 +89,15 @@ If you are interested in this and/or would like to contribute, please contact le
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [billing_account](variables.tf#L17) | The ID of the billing account to associate this project with | <code></code> | ✓ | |
|
| [billing_account](variables.tf#L17) | The ID of the billing account to associate this project with. | <code></code> | ✓ | |
|
||||||
| [monitored_projects_list](variables.tf#L36) | ID of the projects to be monitored (where limits and quotas data will be pulled) | <code>list(string)</code> | ✓ | |
|
| [monitored_projects_list](variables.tf#L36) | ID of the projects to be monitored (where limits and quotas data will be pulled). | <code>list(string)</code> | ✓ | |
|
||||||
| [organization_id](variables.tf#L46) | The organization id for the associated services | <code></code> | ✓ | |
|
| [organization_id](variables.tf#L46) | The organization id for the associated services. | <code></code> | ✓ | |
|
||||||
| [prefix](variables.tf#L50) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
| [prefix](variables.tf#L50) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
||||||
| [cf_version](variables.tf#L21) | Cloud Function version 2nd Gen or 1st Gen. Possible options: 'V1' or 'V2'.Use CFv2 if your Cloud Function timeouts after 9 minutes. By default it is using CFv1. | <code></code> | | <code>V1</code> |
|
| [cf_version](variables.tf#L21) | Cloud Function version 2nd Gen or 1st Gen. Possible options: 'V1' or 'V2'.Use CFv2 if your Cloud Function timeouts after 9 minutes. By default it is using CFv1. | <code></code> | | <code>V1</code> |
|
||||||
| [monitored_folders_list](variables.tf#L30) | ID of the projects to be monitored (where limits and quotas data will be pulled) | <code>list(string)</code> | | <code>[]</code> |
|
| [monitored_folders_list](variables.tf#L30) | ID of the projects to be monitored (where limits and quotas data will be pulled). | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [monitoring_project_id](variables.tf#L41) | Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string | <code></code> | | |
|
| [monitoring_project_id](variables.tf#L41) | Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string. | <code></code> | | |
|
||||||
| [project_monitoring_services](variables.tf#L59) | Service APIs enabled in the monitoring project if it will be created. | <code></code> | | <code title="[ "artifactregistry.googleapis.com", "cloudasset.googleapis.com", "cloudbilling.googleapis.com", "cloudbuild.googleapis.com", "cloudfunctions.googleapis.com", "cloudresourcemanager.googleapis.com", "cloudscheduler.googleapis.com", "compute.googleapis.com", "iam.googleapis.com", "iamcredentials.googleapis.com", "logging.googleapis.com", "monitoring.googleapis.com", "pubsub.googleapis.com", "run.googleapis.com", "servicenetworking.googleapis.com", "serviceusage.googleapis.com", "storage-component.googleapis.com" ]">[…]</code> |
|
| [project_monitoring_services](variables.tf#L59) | Service APIs enabled in the monitoring project if it will be created. | <code></code> | | <code title="[ "artifactregistry.googleapis.com", "cloudasset.googleapis.com", "cloudbilling.googleapis.com", "cloudbuild.googleapis.com", "cloudfunctions.googleapis.com", "cloudresourcemanager.googleapis.com", "cloudscheduler.googleapis.com", "compute.googleapis.com", "iam.googleapis.com", "iamcredentials.googleapis.com", "logging.googleapis.com", "monitoring.googleapis.com", "pubsub.googleapis.com", "run.googleapis.com", "servicenetworking.googleapis.com", "serviceusage.googleapis.com", "storage-component.googleapis.com" ]">[…]</code> |
|
||||||
| [region](variables.tf#L81) | Region used to deploy the cloud functions and scheduler | <code></code> | | <code>europe-west1</code> |
|
| [region](variables.tf#L81) | Region used to deploy the cloud functions and scheduler. | <code></code> | | <code>europe-west1</code> |
|
||||||
| [schedule_cron](variables.tf#L86) | Cron format schedule to run the Cloud Function. Default is every 10 minutes. | <code></code> | | <code>*/10 * * * *</code> |
|
| [schedule_cron](variables.tf#L86) | Cron format schedule to run the Cloud Function. Default is every 10 minutes. | <code></code> | | <code>*/10 * * * *</code> |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
variable "billing_account" {
|
variable "billing_account" {
|
||||||
description = "The ID of the billing account to associate this project with"
|
description = "The ID of the billing account to associate this project with."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "cf_version" {
|
variable "cf_version" {
|
||||||
|
|
@ -29,22 +29,22 @@ variable "cf_version" {
|
||||||
|
|
||||||
variable "monitored_folders_list" {
|
variable "monitored_folders_list" {
|
||||||
type = list(string)
|
type = list(string)
|
||||||
description = "ID of the projects to be monitored (where limits and quotas data will be pulled)"
|
description = "ID of the projects to be monitored (where limits and quotas data will be pulled)."
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "monitored_projects_list" {
|
variable "monitored_projects_list" {
|
||||||
type = list(string)
|
type = list(string)
|
||||||
description = "ID of the projects to be monitored (where limits and quotas data will be pulled)"
|
description = "ID of the projects to be monitored (where limits and quotas data will be pulled)."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "monitoring_project_id" {
|
variable "monitoring_project_id" {
|
||||||
description = "Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string"
|
description = "Monitoring project where the dashboard will be created and the solution deployed; a project will be created if set to empty string."
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "organization_id" {
|
variable "organization_id" {
|
||||||
description = "The organization id for the associated services"
|
description = "The organization id for the associated services."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "prefix" {
|
variable "prefix" {
|
||||||
|
|
@ -79,7 +79,7 @@ variable "project_monitoring_services" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
variable "region" {
|
variable "region" {
|
||||||
description = "Region used to deploy the cloud functions and scheduler"
|
description = "Region used to deploy the cloud functions and scheduler."
|
||||||
default = "europe-west1"
|
default = "europe-west1"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -35,6 +35,6 @@ provider "google-beta" {
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [credentials](outputs.tf#L17) | | |
|
| [credentials](outputs.tf#L17) | Credentials in format to pass the to gcp provider. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
output "credentials" {
|
output "credentials" {
|
||||||
|
description = "Credentials in format to pass the to gcp provider."
|
||||||
value = jsonencode({
|
value = jsonencode({
|
||||||
"type" : "external_account",
|
"type" : "external_account",
|
||||||
"audience" : "${local.audience}",
|
"audience" : "${local.audience}",
|
||||||
|
|
|
||||||
|
|
@ -22,11 +22,11 @@ This sample creates several distinct groups of resources:
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [m4ce_ssh_public_key](variables.tf#L43) | Filesystem path to the public key for the SSH login | <code>string</code> | ✓ | |
|
| [m4ce_ssh_public_key](variables.tf#L43) | Filesystem path to the public key for the SSH login. | <code>string</code> | ✓ | |
|
||||||
| [vcenter_password](variables.tf#L48) | VCenter user password. | <code>string</code> | ✓ | |
|
| [vcenter_password](variables.tf#L48) | VCenter user password. | <code>string</code> | ✓ | |
|
||||||
| [vsphere_environment](variables.tf#L53) | VMVware VSphere connection parameters | <code title="object({ vcenter_ip = string vcenter_user = string data_center = string resource_pool = string host_ip = string datastore = string virtual_net = string })">object({…})</code> | ✓ | |
|
| [vsphere_environment](variables.tf#L53) | VMVware VSphere connection parameters. | <code title="object({ vcenter_ip = string vcenter_user = string data_center = string resource_pool = string host_ip = string datastore = string virtual_net = string })">object({…})</code> | ✓ | |
|
||||||
| [m4ce_appliance_properties](variables.tf#L15) | M4CE connector OVA image configuration parameters | <code title="object({ hostname = string ip0 = string netmask0 = string gateway = string DNS = string proxy = string route0 = string })">object({…})</code> | | <code title="{ "hostname" = "gcp-m4ce-connector" "ip0" = "0.0.0.0" "netmask0" = "0.0.0.0" "gateway" = "0.0.0.0" "DNS" = "" "proxy" = "" "route0" = "" }">{…}</code> |
|
| [m4ce_appliance_properties](variables.tf#L15) | M4CE connector OVA image configuration parameters. | <code title="object({ hostname = string ip0 = string netmask0 = string gateway = string DNS = string proxy = string route0 = string })">object({…})</code> | | <code title="{ "hostname" = "gcp-m4ce-connector" "ip0" = "0.0.0.0" "netmask0" = "0.0.0.0" "gateway" = "0.0.0.0" "DNS" = "" "proxy" = "" "route0" = "" }">{…}</code> |
|
||||||
| [m4ce_connector_ovf_url](variables.tf#L37) | http URL to the public M4CE connector OVA image | <code>string</code> | | <code>"https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"</code> |
|
| [m4ce_connector_ovf_url](variables.tf#L37) | http URL to the public M4CE connector OVA image. | <code>string</code> | | <code>"https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"</code> |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
## Manual Steps
|
## Manual Steps
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
variable "m4ce_appliance_properties" {
|
variable "m4ce_appliance_properties" {
|
||||||
description = "M4CE connector OVA image configuration parameters"
|
description = "M4CE connector OVA image configuration parameters."
|
||||||
type = object({
|
type = object({
|
||||||
hostname = string
|
hostname = string
|
||||||
ip0 = string
|
ip0 = string
|
||||||
|
|
@ -35,13 +35,13 @@ variable "m4ce_appliance_properties" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "m4ce_connector_ovf_url" {
|
variable "m4ce_connector_ovf_url" {
|
||||||
description = "http URL to the public M4CE connector OVA image"
|
description = "http URL to the public M4CE connector OVA image."
|
||||||
type = string
|
type = string
|
||||||
default = "https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"
|
default = "https://storage.googleapis.com/vmmigration-public-artifacts/migrate-connector-2-0-1663.ova"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "m4ce_ssh_public_key" {
|
variable "m4ce_ssh_public_key" {
|
||||||
description = "Filesystem path to the public key for the SSH login"
|
description = "Filesystem path to the public key for the SSH login."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -51,7 +51,7 @@ variable "vcenter_password" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "vsphere_environment" {
|
variable "vsphere_environment" {
|
||||||
description = "VMVware VSphere connection parameters"
|
description = "VMVware VSphere connection parameters."
|
||||||
type = object({
|
type = object({
|
||||||
vcenter_ip = string
|
vcenter_ip = string
|
||||||
vcenter_user = string
|
vcenter_user = string
|
||||||
|
|
|
||||||
|
|
@ -25,16 +25,16 @@ This sample creates\updates several distinct groups of resources:
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format. | <code>list(string)</code> | ✓ | |
|
||||||
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations | <code>list(string)</code> | ✓ | |
|
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations. | <code>list(string)</code> | ✓ | |
|
||||||
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [project_create](variables.tf#L31) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L31) | Parameters for the creation of the new project to host the M4CE backend. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [project_name](variables.tf#L40) | Name of an existing project or of the new project assigned as M4CE host project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
| [project_name](variables.tf#L40) | Name of an existing project or of the new project assigned as M4CE host project. | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects | |
|
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,6 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
output "m4ce_gmanaged_service_account" {
|
output "m4ce_gmanaged_service_account" {
|
||||||
description = "Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects"
|
description = "Google managed service account created automatically during the migrate connector registration.. It is used by M4CE to perform activities on target projects."
|
||||||
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,23 +13,23 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
variable "migration_admin_users" {
|
variable "migration_admin_users" {
|
||||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "migration_target_projects" {
|
variable "migration_target_projects" {
|
||||||
description = "List of target projects for m4ce workload migrations"
|
description = "List of target projects for m4ce workload migrations."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "migration_viewer_users" {
|
variable "migration_viewer_users" {
|
||||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_create" {
|
variable "project_create" {
|
||||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
description = "Parameters for the creation of the new project to host the M4CE backend."
|
||||||
type = object({
|
type = object({
|
||||||
billing_account_id = string
|
billing_account_id = string
|
||||||
parent = string
|
parent = string
|
||||||
|
|
@ -38,7 +38,7 @@ variable "project_create" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "Name of an existing project or of the new project assigned as M4CE host project"
|
description = "Name of an existing project or of the new project assigned as M4CE host project."
|
||||||
type = string
|
type = string
|
||||||
default = "m4ce-host-project-000"
|
default = "m4ce-host-project-000"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,18 +26,18 @@ This sample creates\update several distinct groups of resources:
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format. | <code>list(string)</code> | ✓ | |
|
||||||
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations | <code>list(string)</code> | ✓ | |
|
| [migration_target_projects](variables.tf#L20) | List of target projects for m4ce workload migrations. | <code>list(string)</code> | ✓ | |
|
||||||
| [sharedvpc_host_projects](variables.tf#L45) | List of host projects that share a VPC with the selected target projects | <code>list(string)</code> | ✓ | |
|
| [sharedvpc_host_projects](variables.tf#L45) | List of host projects that share a VPC with the selected target projects. | <code>list(string)</code> | ✓ | |
|
||||||
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
| [migration_viewer_users](variables.tf#L25) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [project_create](variables.tf#L30) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L30) | Parameters for the creation of the new project to host the M4CE backend. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [project_name](variables.tf#L39) | Name of an existing project or of the new project assigned as M4CE host project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
| [project_name](variables.tf#L39) | Name of an existing project or of the new project assigned as M4CE host project. | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects | |
|
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
## Manual Steps
|
## Manual Steps
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,6 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
output "m4ce_gmanaged_service_account" {
|
output "m4ce_gmanaged_service_account" {
|
||||||
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects"
|
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects."
|
||||||
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
value = "serviceAccount:service-${module.host-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,22 +13,22 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
variable "migration_admin_users" {
|
variable "migration_admin_users" {
|
||||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "migration_target_projects" {
|
variable "migration_target_projects" {
|
||||||
description = "List of target projects for m4ce workload migrations"
|
description = "List of target projects for m4ce workload migrations."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "migration_viewer_users" {
|
variable "migration_viewer_users" {
|
||||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
variable "project_create" {
|
variable "project_create" {
|
||||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
description = "Parameters for the creation of the new project to host the M4CE backend."
|
||||||
type = object({
|
type = object({
|
||||||
billing_account_id = string
|
billing_account_id = string
|
||||||
parent = string
|
parent = string
|
||||||
|
|
@ -37,12 +37,12 @@ variable "project_create" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "Name of an existing project or of the new project assigned as M4CE host project"
|
description = "Name of an existing project or of the new project assigned as M4CE host project."
|
||||||
type = string
|
type = string
|
||||||
default = "m4ce-host-project-000"
|
default = "m4ce-host-project-000"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "sharedvpc_host_projects" {
|
variable "sharedvpc_host_projects" {
|
||||||
description = "List of host projects that share a VPC with the selected target projects"
|
description = "List of host projects that share a VPC with the selected target projects."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,16 +26,16 @@ This sample creates several distinct groups of resources:
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format | <code>list(string)</code> | ✓ | |
|
| [migration_admin_users](variables.tf#L15) | List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format. | <code>list(string)</code> | ✓ | |
|
||||||
| [migration_viewer_users](variables.tf#L20) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format | <code>list(string)</code> | | <code>[]</code> |
|
| [migration_viewer_users](variables.tf#L20) | List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [project_create](variables.tf#L26) | Parameters for the creation of the new project to host the M4CE backend | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L26) | Parameters for the creation of the new project to host the M4CE backend. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [project_name](variables.tf#L35) | Name of an existing project or of the new project assigned as M4CE host an target project | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
| [project_name](variables.tf#L35) | Name of an existing project or of the new project assigned as M4CE host an target project. | <code>string</code> | | <code>"m4ce-host-project-000"</code> |
|
||||||
| [vpc_config](variables.tf#L41) | Parameters to create a simple VPC on the M4CE project | <code title="object({ ip_cidr_range = string, region = string })">object({…})</code> | | <code title="{ ip_cidr_range = "10.200.0.0/20", region = "us-west2" }">{…}</code> |
|
| [vpc_config](variables.tf#L41) | Parameters to create a simple VPC on the M4CE project. | <code title="object({ ip_cidr_range = string, region = string })">object({…})</code> | | <code title="{ ip_cidr_range = "10.200.0.0/20", region = "us-west2" }">{…}</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects | |
|
| [m4ce_gmanaged_service_account](outputs.tf#L15) | Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,6 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
output "m4ce_gmanaged_service_account" {
|
output "m4ce_gmanaged_service_account" {
|
||||||
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects"
|
description = "Google managed service account created automatically during the migrate connector registration. It is used by M4CE to perform activities on target projects."
|
||||||
value = "serviceAccount:service-${module.landing-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
value = "serviceAccount:service-${module.landing-project.number}@gcp-sa-vmmigration.iam.gserviceaccount.com"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,18 +13,18 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
variable "migration_admin_users" {
|
variable "migration_admin_users" {
|
||||||
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format"
|
description = "List of users authorized to create a new M4CE sources and perform all other migration operations, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "migration_viewer_users" {
|
variable "migration_viewer_users" {
|
||||||
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format"
|
description = "List of users authorized to retrive information about M4CE in the Google Cloud Console, in IAM format."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_create" {
|
variable "project_create" {
|
||||||
description = "Parameters for the creation of the new project to host the M4CE backend"
|
description = "Parameters for the creation of the new project to host the M4CE backend."
|
||||||
type = object({
|
type = object({
|
||||||
billing_account_id = string
|
billing_account_id = string
|
||||||
parent = string
|
parent = string
|
||||||
|
|
@ -33,13 +33,13 @@ variable "project_create" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "Name of an existing project or of the new project assigned as M4CE host an target project"
|
description = "Name of an existing project or of the new project assigned as M4CE host an target project."
|
||||||
type = string
|
type = string
|
||||||
default = "m4ce-host-project-000"
|
default = "m4ce-host-project-000"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "vpc_config" {
|
variable "vpc_config" {
|
||||||
description = "Parameters to create a simple VPC on the M4CE project"
|
description = "Parameters to create a simple VPC on the M4CE project."
|
||||||
type = object({
|
type = object({
|
||||||
ip_cidr_range = string,
|
ip_cidr_range = string,
|
||||||
region = string
|
region = string
|
||||||
|
|
|
||||||
|
|
@ -151,7 +151,7 @@ The above command will delete the associated resources so there will be no billa
|
||||||
| [project_create](variables.tf#L54) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L54) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [regions](variables.tf#L68) | Map of instance_name => location where instances will be deployed. | <code>map(string)</code> | | <code title="{ primary = "europe-west1" replica = "europe-west3" }">{…}</code> |
|
| [regions](variables.tf#L68) | Map of instance_name => location where instances will be deployed. | <code>map(string)</code> | | <code title="{ primary = "europe-west1" replica = "europe-west3" }">{…}</code> |
|
||||||
| [service_encryption_keys](variables.tf#L81) | Cloud KMS keys to use to encrypt resources. Provide a key for each reagion configured. | <code>map(string)</code> | | <code>null</code> |
|
| [service_encryption_keys](variables.tf#L81) | Cloud KMS keys to use to encrypt resources. Provide a key for each reagion configured. | <code>map(string)</code> | | <code>null</code> |
|
||||||
| [sql_configuration](variables.tf#L87) | Cloud SQL configuration | <code title="object({ availability_type = string database_version = string psa_range = string tier = string })">object({…})</code> | | <code title="{ availability_type = "REGIONAL" database_version = "POSTGRES_13" psa_range = "10.60.0.0/16" tier = "db-g1-small" }">{…}</code> |
|
| [sql_configuration](variables.tf#L87) | Cloud SQL configuration. | <code title="object({ availability_type = string database_version = string psa_range = string tier = string })">object({…})</code> | | <code title="{ availability_type = "REGIONAL" database_version = "POSTGRES_13" psa_range = "10.60.0.0/16" tier = "db-g1-small" }">{…}</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -85,7 +85,7 @@ variable "service_encryption_keys" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "sql_configuration" {
|
variable "sql_configuration" {
|
||||||
description = "Cloud SQL configuration"
|
description = "Cloud SQL configuration."
|
||||||
type = object({
|
type = object({
|
||||||
availability_type = string
|
availability_type = string
|
||||||
database_version = string
|
database_version = string
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@ You can now connect to the Vertex AI notbook to perform your data analysy.
|
||||||
| [prefix](variables.tf#L22) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
| [prefix](variables.tf#L22) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L40) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L40) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||||
| [location](variables.tf#L16) | The location where resources will be deployed. | <code>string</code> | | <code>"EU"</code> |
|
| [location](variables.tf#L16) | The location where resources will be deployed. | <code>string</code> | | <code>"EU"</code> |
|
||||||
| [project_create](variables.tf#L31) | Provide values if project creation is needed, uses existing project if null. Parent format: folders/folder_id or organizations/org_id | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L31) | Provide values if project creation is needed, uses existing project if null. Parent format: folders/folder_id or organizations/org_id. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [region](variables.tf#L45) | The region where resources will be deployed. | <code>string</code> | | <code>"europe-west1"</code> |
|
| [region](variables.tf#L45) | The region where resources will be deployed. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||||
| [vpc_config](variables.tf#L61) | Parameters to create a VPC. | <code title="object({ ip_cidr_range = string })">object({…})</code> | | <code title="{ ip_cidr_range = "10.0.0.0/20" }">{…}</code> |
|
| [vpc_config](variables.tf#L61) | Parameters to create a VPC. | <code title="object({ ip_cidr_range = string })">object({…})</code> | | <code title="{ ip_cidr_range = "10.0.0.0/20" }">{…}</code> |
|
||||||
|
|
||||||
|
|
@ -61,7 +61,7 @@ You can now connect to the Vertex AI notbook to perform your data analysy.
|
||||||
| [bucket](outputs.tf#L15) | GCS Bucket URL. | |
|
| [bucket](outputs.tf#L15) | GCS Bucket URL. | |
|
||||||
| [dataset](outputs.tf#L20) | GCS Bucket URL. | |
|
| [dataset](outputs.tf#L20) | GCS Bucket URL. | |
|
||||||
| [notebook](outputs.tf#L25) | Vertex AI notebook details. | |
|
| [notebook](outputs.tf#L25) | Vertex AI notebook details. | |
|
||||||
| [project](outputs.tf#L33) | Project id | |
|
| [project](outputs.tf#L33) | Project id. | |
|
||||||
| [vpc](outputs.tf#L38) | VPC Network | |
|
| [vpc](outputs.tf#L38) | VPC Network. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -31,11 +31,11 @@ output "notebook" {
|
||||||
}
|
}
|
||||||
|
|
||||||
output "project" {
|
output "project" {
|
||||||
description = "Project id"
|
description = "Project id."
|
||||||
value = module.project.project_id
|
value = module.project.project_id
|
||||||
}
|
}
|
||||||
|
|
||||||
output "vpc" {
|
output "vpc" {
|
||||||
description = "VPC Network"
|
description = "VPC Network."
|
||||||
value = module.vpc.name
|
value = module.vpc.name
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ variable "prefix" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_create" {
|
variable "project_create" {
|
||||||
description = "Provide values if project creation is needed, uses existing project if null. Parent format: folders/folder_id or organizations/org_id"
|
description = "Provide values if project creation is needed, uses existing project if null. Parent format: folders/folder_id or organizations/org_id."
|
||||||
type = object({
|
type = object({
|
||||||
billing_account_id = string
|
billing_account_id = string
|
||||||
parent = string
|
parent = string
|
||||||
|
|
|
||||||
|
|
@ -35,37 +35,37 @@ and to `C:\GcpSetupLog.txt` file.
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [ad_domain_fqdn](variables.tf#L15) | Active Directory domain (FQDN) | <code>string</code> | ✓ | |
|
| [ad_domain_fqdn](variables.tf#L15) | Active Directory domain (FQDN). | <code>string</code> | ✓ | |
|
||||||
| [ad_domain_netbios](variables.tf#L24) | Active Directory domain (NetBIOS) | <code>string</code> | ✓ | |
|
| [ad_domain_netbios](variables.tf#L24) | Active Directory domain (NetBIOS). | <code>string</code> | ✓ | |
|
||||||
| [network](variables.tf#L90) | Network to use in the project | <code>string</code> | ✓ | |
|
| [network](variables.tf#L90) | Network to use in the project. | <code>string</code> | ✓ | |
|
||||||
| [prefix](variables.tf#L113) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
| [prefix](variables.tf#L113) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L131) | Google Cloud project ID | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L131) | Google Cloud project ID. | <code>string</code> | ✓ | |
|
||||||
| [sql_admin_password](variables.tf#L148) | Password for the SQL admin user to be created | <code>string</code> | ✓ | |
|
| [sql_admin_password](variables.tf#L148) | Password for the SQL admin user to be created. | <code>string</code> | ✓ | |
|
||||||
| [subnetwork](variables.tf#L163) | Subnetwork to use in the project | <code>string</code> | ✓ | |
|
| [subnetwork](variables.tf#L163) | Subnetwork to use in the project. | <code>string</code> | ✓ | |
|
||||||
| [always_on_groups](variables.tf#L33) | List of Always On Groups | <code>list(string)</code> | | <code>["bookshelf"]</code> |
|
| [always_on_groups](variables.tf#L33) | List of Always On Groups. | <code>list(string)</code> | | <code>["bookshelf"]</code> |
|
||||||
| [boot_disk_size](variables.tf#L39) | Boot disk size in GB | <code>number</code> | | <code>50</code> |
|
| [boot_disk_size](variables.tf#L39) | Boot disk size in GB. | <code>number</code> | | <code>50</code> |
|
||||||
| [cluster_name](variables.tf#L45) | Cluster name (prepended with prefix) | <code>string</code> | | <code>"cluster"</code> |
|
| [cluster_name](variables.tf#L45) | Cluster name (prepended with prefix). | <code>string</code> | | <code>"cluster"</code> |
|
||||||
| [data_disk_size](variables.tf#L51) | Database disk size in GB | <code>number</code> | | <code>200</code> |
|
| [data_disk_size](variables.tf#L51) | Database disk size in GB. | <code>number</code> | | <code>200</code> |
|
||||||
| [health_check_config](variables.tf#L57) | Health check configuration | <code title="object({ check_interval_sec = number, healthy_threshold = number, unhealthy_threshold = number, timeout_sec = number, })">…</code> | | <code title="{ check_interval_sec = 2 healthy_threshold = 1 unhealthy_threshold = 2 timeout_sec = 1 }">{…}</code> |
|
| [health_check_config](variables.tf#L57) | Health check configuration. | <code title="object({ check_interval_sec = number, healthy_threshold = number, unhealthy_threshold = number, timeout_sec = number, })">…</code> | | <code title="{ check_interval_sec = 2 healthy_threshold = 1 unhealthy_threshold = 2 timeout_sec = 1 }">{…}</code> |
|
||||||
| [health_check_port](variables.tf#L72) | Health check port | <code>number</code> | | <code>59997</code> |
|
| [health_check_port](variables.tf#L72) | Health check port. | <code>number</code> | | <code>59997</code> |
|
||||||
| [health_check_ranges](variables.tf#L78) | Health check ranges | <code>list(string)</code> | | <code>["35.191.0.0/16", "209.85.152.0/22", "209.85.204.0/22"]</code> |
|
| [health_check_ranges](variables.tf#L78) | Health check ranges. | <code>list(string)</code> | | <code>["35.191.0.0/16", "209.85.152.0/22", "209.85.204.0/22"]</code> |
|
||||||
| [managed_ad_dn](variables.tf#L84) | Managed Active Directory domain (eg. OU=Cloud,DC=example,DC=com) | <code>string</code> | | <code>""</code> |
|
| [managed_ad_dn](variables.tf#L84) | Managed Active Directory domain (eg. OU=Cloud,DC=example,DC=com). | <code>string</code> | | <code>""</code> |
|
||||||
| [node_image](variables.tf#L95) | SQL Server node machine image | <code>string</code> | | <code>"projects/windows-sql-cloud/global/images/family/sql-ent-2019-win-2019"</code> |
|
| [node_image](variables.tf#L95) | SQL Server node machine image. | <code>string</code> | | <code>"projects/windows-sql-cloud/global/images/family/sql-ent-2019-win-2019"</code> |
|
||||||
| [node_instance_type](variables.tf#L101) | SQL Server database node instance type | <code>string</code> | | <code>"n2-standard-8"</code> |
|
| [node_instance_type](variables.tf#L101) | SQL Server database node instance type. | <code>string</code> | | <code>"n2-standard-8"</code> |
|
||||||
| [node_name](variables.tf#L107) | Node base name | <code>string</code> | | <code>"node"</code> |
|
| [node_name](variables.tf#L107) | Node base name. | <code>string</code> | | <code>"node"</code> |
|
||||||
| [project_create](variables.tf#L122) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L122) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [region](variables.tf#L136) | Region for resources | <code>string</code> | | <code>"europe-west4"</code> |
|
| [region](variables.tf#L136) | Region for resources. | <code>string</code> | | <code>"europe-west4"</code> |
|
||||||
| [shared_vpc_project_id](variables.tf#L142) | Shared VPC project ID for firewall rules | <code>string</code> | | <code>null</code> |
|
| [shared_vpc_project_id](variables.tf#L142) | Shared VPC project ID for firewall rules. | <code>string</code> | | <code>null</code> |
|
||||||
| [sql_client_cidrs](variables.tf#L157) | CIDR ranges that are allowed to connect to SQL Server | <code>list(string)</code> | | <code>["0.0.0.0/0"]</code> |
|
| [sql_client_cidrs](variables.tf#L157) | CIDR ranges that are allowed to connect to SQL Server. | <code>list(string)</code> | | <code>["0.0.0.0/0"]</code> |
|
||||||
| [vpc_ip_cidr_range](variables.tf#L168) | Ip range used in the subnet deployef in the Service Project. | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
| [vpc_ip_cidr_range](variables.tf#L168) | Ip range used in the subnet deployef in the Service Project. | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
||||||
| [witness_image](variables.tf#L174) | SQL Server witness machine image | <code>string</code> | | <code>"projects/windows-cloud/global/images/family/windows-2019"</code> |
|
| [witness_image](variables.tf#L174) | SQL Server witness machine image. | <code>string</code> | | <code>"projects/windows-cloud/global/images/family/windows-2019"</code> |
|
||||||
| [witness_instance_type](variables.tf#L180) | SQL Server witness node instance type | <code>string</code> | | <code>"n2-standard-2"</code> |
|
| [witness_instance_type](variables.tf#L180) | SQL Server witness node instance type. | <code>string</code> | | <code>"n2-standard-2"</code> |
|
||||||
| [witness_name](variables.tf#L186) | Witness base name | <code>string</code> | | <code>"witness"</code> |
|
| [witness_name](variables.tf#L186) | Witness base name. | <code>string</code> | | <code>"witness"</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [instructions](outputs.tf#L19) | | |
|
| [instructions](outputs.tf#L19) | List of steps to follow after applying. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,8 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
output "instructions" {
|
output "instructions" {
|
||||||
value = <<EOF
|
description = "List of steps to follow after applying."
|
||||||
|
value = <<EOF
|
||||||
Log-in to all 3 instances with Administrator credentials and run the following PowerShell command:
|
Log-in to all 3 instances with Administrator credentials and run the following PowerShell command:
|
||||||
|
|
||||||
Add-Computer -Domain ${var.ad_domain_fqdn} -Restart
|
Add-Computer -Domain ${var.ad_domain_fqdn} -Restart
|
||||||
|
|
@ -28,4 +29,4 @@ output "instructions" {
|
||||||
Follow the instructions from here: https://cloud.google.com/compute/docs/instances/sql-server/configure-availability#creating_an_availability_group
|
Follow the instructions from here: https://cloud.google.com/compute/docs/instances/sql-server/configure-availability#creating_an_availability_group
|
||||||
Use the following listener IP addresses for: ${join(", ", local.loadbalancer_outputs)}
|
Use the following listener IP addresses for: ${join(", ", local.loadbalancer_outputs)}
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
variable "ad_domain_fqdn" {
|
variable "ad_domain_fqdn" {
|
||||||
description = "Active Directory domain (FQDN)"
|
description = "Active Directory domain (FQDN)."
|
||||||
type = string
|
type = string
|
||||||
validation {
|
validation {
|
||||||
condition = length(var.ad_domain_fqdn) > 0
|
condition = length(var.ad_domain_fqdn) > 0
|
||||||
|
|
@ -22,7 +22,7 @@ variable "ad_domain_fqdn" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "ad_domain_netbios" {
|
variable "ad_domain_netbios" {
|
||||||
description = "Active Directory domain (NetBIOS)"
|
description = "Active Directory domain (NetBIOS)."
|
||||||
type = string
|
type = string
|
||||||
validation {
|
validation {
|
||||||
condition = length(var.ad_domain_netbios) > 0
|
condition = length(var.ad_domain_netbios) > 0
|
||||||
|
|
@ -31,31 +31,31 @@ variable "ad_domain_netbios" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "always_on_groups" {
|
variable "always_on_groups" {
|
||||||
description = "List of Always On Groups"
|
description = "List of Always On Groups."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = ["bookshelf"]
|
default = ["bookshelf"]
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "boot_disk_size" {
|
variable "boot_disk_size" {
|
||||||
description = "Boot disk size in GB"
|
description = "Boot disk size in GB."
|
||||||
type = number
|
type = number
|
||||||
default = 50
|
default = 50
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "cluster_name" {
|
variable "cluster_name" {
|
||||||
description = "Cluster name (prepended with prefix)"
|
description = "Cluster name (prepended with prefix)."
|
||||||
type = string
|
type = string
|
||||||
default = "cluster"
|
default = "cluster"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "data_disk_size" {
|
variable "data_disk_size" {
|
||||||
description = "Database disk size in GB"
|
description = "Database disk size in GB."
|
||||||
type = number
|
type = number
|
||||||
default = 200
|
default = 200
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "health_check_config" {
|
variable "health_check_config" {
|
||||||
description = "Health check configuration"
|
description = "Health check configuration."
|
||||||
type = object({ check_interval_sec = number,
|
type = object({ check_interval_sec = number,
|
||||||
healthy_threshold = number,
|
healthy_threshold = number,
|
||||||
unhealthy_threshold = number,
|
unhealthy_threshold = number,
|
||||||
|
|
@ -70,42 +70,42 @@ variable "health_check_config" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "health_check_port" {
|
variable "health_check_port" {
|
||||||
description = "Health check port"
|
description = "Health check port."
|
||||||
type = number
|
type = number
|
||||||
default = 59997
|
default = 59997
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "health_check_ranges" {
|
variable "health_check_ranges" {
|
||||||
description = "Health check ranges"
|
description = "Health check ranges."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = ["35.191.0.0/16", "209.85.152.0/22", "209.85.204.0/22"]
|
default = ["35.191.0.0/16", "209.85.152.0/22", "209.85.204.0/22"]
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "managed_ad_dn" {
|
variable "managed_ad_dn" {
|
||||||
description = "Managed Active Directory domain (eg. OU=Cloud,DC=example,DC=com)"
|
description = "Managed Active Directory domain (eg. OU=Cloud,DC=example,DC=com)."
|
||||||
type = string
|
type = string
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "network" {
|
variable "network" {
|
||||||
description = "Network to use in the project"
|
description = "Network to use in the project."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "node_image" {
|
variable "node_image" {
|
||||||
description = "SQL Server node machine image"
|
description = "SQL Server node machine image."
|
||||||
type = string
|
type = string
|
||||||
default = "projects/windows-sql-cloud/global/images/family/sql-ent-2019-win-2019"
|
default = "projects/windows-sql-cloud/global/images/family/sql-ent-2019-win-2019"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "node_instance_type" {
|
variable "node_instance_type" {
|
||||||
description = "SQL Server database node instance type"
|
description = "SQL Server database node instance type."
|
||||||
type = string
|
type = string
|
||||||
default = "n2-standard-8"
|
default = "n2-standard-8"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "node_name" {
|
variable "node_name" {
|
||||||
description = "Node base name"
|
description = "Node base name."
|
||||||
type = string
|
type = string
|
||||||
default = "node"
|
default = "node"
|
||||||
}
|
}
|
||||||
|
|
@ -129,24 +129,24 @@ variable "project_create" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_id" {
|
variable "project_id" {
|
||||||
description = "Google Cloud project ID"
|
description = "Google Cloud project ID."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "region" {
|
variable "region" {
|
||||||
description = "Region for resources"
|
description = "Region for resources."
|
||||||
type = string
|
type = string
|
||||||
default = "europe-west4"
|
default = "europe-west4"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "shared_vpc_project_id" {
|
variable "shared_vpc_project_id" {
|
||||||
description = "Shared VPC project ID for firewall rules"
|
description = "Shared VPC project ID for firewall rules."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "sql_admin_password" {
|
variable "sql_admin_password" {
|
||||||
description = "Password for the SQL admin user to be created"
|
description = "Password for the SQL admin user to be created."
|
||||||
type = string
|
type = string
|
||||||
validation {
|
validation {
|
||||||
condition = length(var.sql_admin_password) > 0
|
condition = length(var.sql_admin_password) > 0
|
||||||
|
|
@ -155,13 +155,13 @@ variable "sql_admin_password" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "sql_client_cidrs" {
|
variable "sql_client_cidrs" {
|
||||||
description = "CIDR ranges that are allowed to connect to SQL Server"
|
description = "CIDR ranges that are allowed to connect to SQL Server."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = ["0.0.0.0/0"]
|
default = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "subnetwork" {
|
variable "subnetwork" {
|
||||||
description = "Subnetwork to use in the project"
|
description = "Subnetwork to use in the project."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -172,19 +172,19 @@ variable "vpc_ip_cidr_range" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "witness_image" {
|
variable "witness_image" {
|
||||||
description = "SQL Server witness machine image"
|
description = "SQL Server witness machine image."
|
||||||
type = string
|
type = string
|
||||||
default = "projects/windows-cloud/global/images/family/windows-2019"
|
default = "projects/windows-cloud/global/images/family/windows-2019"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "witness_instance_type" {
|
variable "witness_instance_type" {
|
||||||
description = "SQL Server witness node instance type"
|
description = "SQL Server witness node instance type."
|
||||||
type = string
|
type = string
|
||||||
default = "n2-standard-2"
|
default = "n2-standard-2"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "witness_name" {
|
variable "witness_name" {
|
||||||
description = "Witness base name"
|
description = "Witness base name."
|
||||||
type = string
|
type = string
|
||||||
default = "witness"
|
default = "witness"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -73,7 +73,7 @@ deletion_protection: bool # not required, defaults to false
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [project_id](variables.tf#L17) | Project ID | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L17) | Project ID. | <code>string</code> | ✓ | |
|
||||||
| [tables_dir](variables.tf#L22) | Relative path for the folder storing table data. | <code>string</code> | ✓ | |
|
| [tables_dir](variables.tf#L22) | Relative path for the folder storing table data. | <code>string</code> | ✓ | |
|
||||||
| [views_dir](variables.tf#L27) | Relative path for the folder storing view data. | <code>string</code> | ✓ | |
|
| [views_dir](variables.tf#L27) | Relative path for the folder storing view data. | <code>string</code> | ✓ | |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
variable "project_id" {
|
variable "project_id" {
|
||||||
description = "Project ID"
|
description = "Project ID."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -238,8 +238,8 @@ vpc:
|
||||||
| [org_policies](variables.tf#L111) | Org-policy overrides at project level. | <code title="map(object({ inherit_from_parent = optional(bool) # for list policies only. reset = optional(bool) allow = optional(object({ all = optional(bool) values = optional(list(string)) })) deny = optional(object({ all = optional(bool) values = optional(list(string)) })) enforce = optional(bool, true) # for boolean policies only. rules = optional(list(object({ allow = optional(object({ all = optional(bool) values = optional(list(string)) })) deny = optional(object({ all = optional(bool) values = optional(list(string)) })) enforce = optional(bool, true) # for boolean policies only. condition = object({ description = optional(string) expression = optional(string) location = optional(string) title = optional(string) }) })), []) }))">map(object({…}))</code> | | <code>{}</code> |
|
| [org_policies](variables.tf#L111) | Org-policy overrides at project level. | <code title="map(object({ inherit_from_parent = optional(bool) # for list policies only. reset = optional(bool) allow = optional(object({ all = optional(bool) values = optional(list(string)) })) deny = optional(object({ all = optional(bool) values = optional(list(string)) })) enforce = optional(bool, true) # for boolean policies only. rules = optional(list(object({ allow = optional(object({ all = optional(bool) values = optional(list(string)) })) deny = optional(object({ all = optional(bool) values = optional(list(string)) })) enforce = optional(bool, true) # for boolean policies only. condition = object({ description = optional(string) expression = optional(string) location = optional(string) title = optional(string) }) })), []) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||||
| [service_accounts](variables.tf#L165) | Service accounts to be created, and roles assigned them on the project. | <code>map(list(string))</code> | | <code>{}</code> |
|
| [service_accounts](variables.tf#L165) | Service accounts to be created, and roles assigned them on the project. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||||
| [service_accounts_additive](variables.tf#L171) | Service accounts to be created, and roles assigned them on the project additively. | <code>map(list(string))</code> | | <code>{}</code> |
|
| [service_accounts_additive](variables.tf#L171) | Service accounts to be created, and roles assigned them on the project additively. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||||
| [service_accounts_iam](variables.tf#L177) | IAM bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]} | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
| [service_accounts_iam](variables.tf#L177) | IAM bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
||||||
| [service_accounts_iam_additive](variables.tf#L184) | IAM additive bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]} | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
| [service_accounts_iam_additive](variables.tf#L184) | IAM additive bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
||||||
| [service_identities_iam](variables.tf#L191) | Custom IAM settings for service identities in service => [role] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
| [service_identities_iam](variables.tf#L191) | Custom IAM settings for service identities in service => [role] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||||
| [service_identities_iam_additive](variables.tf#L198) | Custom additive IAM settings for service identities in service => [role] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
| [service_identities_iam_additive](variables.tf#L198) | Custom additive IAM settings for service identities in service => [role] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||||
| [services](variables.tf#L205) | Services to be enabled for the project. | <code>list(string)</code> | | <code>[]</code> |
|
| [services](variables.tf#L205) | Services to be enabled for the project. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
|
|
@ -249,7 +249,7 @@ vpc:
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [project](outputs.tf#L19) | The project resource as return by the `project` module | |
|
| [project](outputs.tf#L19) | The project resource as return by the `project` module. | |
|
||||||
| [project_id](outputs.tf#L29) | Project ID. | |
|
| [project_id](outputs.tf#L29) | Project ID. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,7 @@
|
||||||
# TODO(): proper outputs
|
# TODO(): proper outputs
|
||||||
|
|
||||||
output "project" {
|
output "project" {
|
||||||
description = "The project resource as return by the `project` module"
|
description = "The project resource as return by the `project` module."
|
||||||
value = module.project
|
value = module.project
|
||||||
|
|
||||||
depends_on = [
|
depends_on = [
|
||||||
|
|
|
||||||
|
|
@ -175,14 +175,14 @@ variable "service_accounts_additive" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "service_accounts_iam" {
|
variable "service_accounts_iam" {
|
||||||
description = "IAM bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}"
|
description = "IAM bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}."
|
||||||
type = map(map(list(string)))
|
type = map(map(list(string)))
|
||||||
default = {}
|
default = {}
|
||||||
nullable = false
|
nullable = false
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "service_accounts_iam_additive" {
|
variable "service_accounts_iam_additive" {
|
||||||
description = "IAM additive bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}"
|
description = "IAM additive bindings on service account resources. Format is KEY => {ROLE => [MEMBERS]}."
|
||||||
type = map(map(list(string)))
|
type = map(map(list(string)))
|
||||||
default = {}
|
default = {}
|
||||||
nullable = false
|
nullable = false
|
||||||
|
|
|
||||||
|
|
@ -69,8 +69,8 @@ Once done testing, you can clean up resources by running `terraform destroy`.
|
||||||
| [mgmt_project_id](variables.tf#L63) | Management Project ID. | <code>string</code> | ✓ | |
|
| [mgmt_project_id](variables.tf#L63) | Management Project ID. | <code>string</code> | ✓ | |
|
||||||
| [parent](variables.tf#L94) | Parent. | <code>string</code> | ✓ | |
|
| [parent](variables.tf#L94) | Parent. | <code>string</code> | ✓ | |
|
||||||
| [clusters_config](variables.tf#L22) | Clusters configuration. | <code title="map(object({ subnet_cidr_block = string master_cidr_block = string services_cidr_block = string pods_cidr_block = string }))">map(object({…}))</code> | | <code title="{ cluster-a = { subnet_cidr_block = "10.0.1.0/24" master_cidr_block = "10.16.0.0/28" services_cidr_block = "192.168.1.0/24" pods_cidr_block = "172.16.0.0/20" } cluster-b = { subnet_cidr_block = "10.0.2.0/24" master_cidr_block = "10.16.0.16/28" services_cidr_block = "192.168.2.0/24" pods_cidr_block = "172.16.16.0/20" } }">{…}</code> |
|
| [clusters_config](variables.tf#L22) | Clusters configuration. | <code title="map(object({ subnet_cidr_block = string master_cidr_block = string services_cidr_block = string pods_cidr_block = string }))">map(object({…}))</code> | | <code title="{ cluster-a = { subnet_cidr_block = "10.0.1.0/24" master_cidr_block = "10.16.0.0/28" services_cidr_block = "192.168.1.0/24" pods_cidr_block = "172.16.0.0/20" } cluster-b = { subnet_cidr_block = "10.0.2.0/24" master_cidr_block = "10.16.0.16/28" services_cidr_block = "192.168.2.0/24" pods_cidr_block = "172.16.16.0/20" } }">{…}</code> |
|
||||||
| [istio_version](variables.tf#L57) | ASM version | <code>string</code> | | <code>"1.14.1-asm.3"</code> |
|
| [istio_version](variables.tf#L57) | ASM version. | <code>string</code> | | <code>"1.14.1-asm.3"</code> |
|
||||||
| [mgmt_server_config](variables.tf#L68) | Mgmt server configuration | <code title="object({ disk_size = number disk_type = string image = string instance_type = string region = string zone = string })">object({…})</code> | | <code title="{ disk_size = 50 disk_type = "pd-ssd" image = "projects/ubuntu-os-cloud/global/images/family/ubuntu-2204-lts" instance_type = "n1-standard-2" region = "europe-west1" zone = "europe-west1-c" }">{…}</code> |
|
| [mgmt_server_config](variables.tf#L68) | Mgmt server configuration. | <code title="object({ disk_size = number disk_type = string image = string instance_type = string region = string zone = string })">object({…})</code> | | <code title="{ disk_size = 50 disk_type = "pd-ssd" image = "projects/ubuntu-os-cloud/global/images/family/ubuntu-2204-lts" instance_type = "n1-standard-2" region = "europe-west1" zone = "europe-west1-c" }">{…}</code> |
|
||||||
| [mgmt_subnet_cidr_block](variables.tf#L88) | Management subnet CIDR block. | <code>string</code> | | <code>"10.0.0.0/28"</code> |
|
| [mgmt_subnet_cidr_block](variables.tf#L88) | Management subnet CIDR block. | <code>string</code> | | <code>"10.0.0.0/28"</code> |
|
||||||
| [region](variables.tf#L99) | Region. | <code>string</code> | | <code>"europe-west1"</code> |
|
| [region](variables.tf#L99) | Region. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,7 @@ variable "host_project_id" {
|
||||||
|
|
||||||
|
|
||||||
variable "istio_version" {
|
variable "istio_version" {
|
||||||
description = "ASM version"
|
description = "ASM version."
|
||||||
type = string
|
type = string
|
||||||
default = "1.14.1-asm.3"
|
default = "1.14.1-asm.3"
|
||||||
}
|
}
|
||||||
|
|
@ -66,7 +66,7 @@ variable "mgmt_project_id" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "mgmt_server_config" {
|
variable "mgmt_server_config" {
|
||||||
description = "Mgmt server configuration"
|
description = "Mgmt server configuration."
|
||||||
type = object({
|
type = object({
|
||||||
disk_size = number
|
disk_size = number
|
||||||
disk_type = string
|
disk_type = string
|
||||||
|
|
|
||||||
|
|
@ -17,20 +17,20 @@ There is a simple [`Dockerfile`](Dockerfile) available for building Ops Agent to
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [autoscaling_metric](variables.tf#L31) | | <code title="object({ name = string single_instance_assignment = number target = number type = string # GAUGE, DELTA_PER_SECOND, DELTA_PER_MINUTE filter = string }) default = { name = "workload.googleapis.com/nginx.connections_current" single_instance_assignment = null target = 10 # Target 10 connections per instance, just for demonstration purposes type = "GAUGE" filter = null }">object({…}</code> | ✓ | |
|
| [autoscaling_metric](variables.tf#L31) | Definition of metric to use for scaling. | <code title="object({ name = string single_instance_assignment = number target = number type = string # GAUGE, DELTA_PER_SECOND, DELTA_PER_MINUTE filter = string }) default = { name = "workload.googleapis.com/nginx.connections_current" single_instance_assignment = null target = 10 # Target 10 connections per instance, just for demonstration purposes type = "GAUGE" filter = null }">object({…}</code> | ✓ | |
|
||||||
| [prefix](variables.tf#L93) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
| [prefix](variables.tf#L94) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
||||||
| [project_name](variables.tf#L111) | Name of an existing project or of the new project | <code>string</code> | ✓ | |
|
| [project_name](variables.tf#L112) | Name of an existing project or of the new project. | <code>string</code> | ✓ | |
|
||||||
| [autoscaling](variables.tf#L17) | Autoscaling configuration for the instance group. | <code title="object({ min_replicas = number max_replicas = number cooldown_period = number })">object({…})</code> | | <code title="{ min_replicas = 1 max_replicas = 10 cooldown_period = 30 }">{…}</code> |
|
| [autoscaling](variables.tf#L17) | Autoscaling configuration for the instance group. | <code title="object({ min_replicas = number max_replicas = number cooldown_period = number })">object({…})</code> | | <code title="{ min_replicas = 1 max_replicas = 10 cooldown_period = 30 }">{…}</code> |
|
||||||
| [backends](variables.tf#L49) | Nginx locations configurations to proxy traffic to. | <code>string</code> | | <code title=""<<-EOT location / { proxy_pass http://10.0.16.58:80; proxy_http_version 1.1; proxy_set_header Connection ""; } EOT"">"<<-EOT…EOT"</code> |
|
| [backends](variables.tf#L50) | Nginx locations configurations to proxy traffic to. | <code>string</code> | | <code title=""<<-EOT location / { proxy_pass http://10.0.16.58:80; proxy_http_version 1.1; proxy_set_header Connection ""; } EOT"">"<<-EOT…EOT"</code> |
|
||||||
| [cidrs](variables.tf#L61) | Subnet IP CIDR ranges. | <code>map(string)</code> | | <code title="{ gce = "10.0.16.0/24" }">{…}</code> |
|
| [cidrs](variables.tf#L62) | Subnet IP CIDR ranges. | <code>map(string)</code> | | <code title="{ gce = "10.0.16.0/24" }">{…}</code> |
|
||||||
| [network](variables.tf#L69) | Network name. | <code>string</code> | | <code>"reverse-proxy-vpc"</code> |
|
| [network](variables.tf#L70) | Network name. | <code>string</code> | | <code>"reverse-proxy-vpc"</code> |
|
||||||
| [network_create](variables.tf#L75) | Create network or use existing one. | <code>bool</code> | | <code>true</code> |
|
| [network_create](variables.tf#L76) | Create network or use existing one. | <code>bool</code> | | <code>true</code> |
|
||||||
| [nginx_image](variables.tf#L81) | Nginx container image to use. | <code>string</code> | | <code>"gcr.io/cloud-marketplace/google/nginx1:latest"</code> |
|
| [nginx_image](variables.tf#L82) | Nginx container image to use. | <code>string</code> | | <code>"gcr.io/cloud-marketplace/google/nginx1:latest"</code> |
|
||||||
| [ops_agent_image](variables.tf#L87) | Google Cloud Ops Agent container image to use. | <code>string</code> | | <code>"gcr.io/sfans-hub-project-d647/ops-agent:latest"</code> |
|
| [ops_agent_image](variables.tf#L88) | Google Cloud Ops Agent container image to use. | <code>string</code> | | <code>"gcr.io/sfans-hub-project-d647/ops-agent:latest"</code> |
|
||||||
| [project_create](variables.tf#L102) | Parameters for the creation of the new project | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L103) | Parameters for the creation of the new project. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [region](variables.tf#L116) | Default region for resources. | <code>string</code> | | <code>"europe-west4"</code> |
|
| [region](variables.tf#L117) | Default region for resources. | <code>string</code> | | <code>"europe-west4"</code> |
|
||||||
| [subnetwork](variables.tf#L122) | Subnetwork name. | <code>string</code> | | <code>"gce"</code> |
|
| [subnetwork](variables.tf#L123) | Subnetwork name. | <code>string</code> | | <code>"gce"</code> |
|
||||||
| [tls](variables.tf#L128) | Also offer reverse proxying with TLS (self-signed certificate). | <code>bool</code> | | <code>false</code> |
|
| [tls](variables.tf#L129) | Also offer reverse proxying with TLS (self-signed certificate). | <code>bool</code> | | <code>false</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,6 +29,7 @@ variable "autoscaling" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "autoscaling_metric" {
|
variable "autoscaling_metric" {
|
||||||
|
description = "Definition of metric to use for scaling."
|
||||||
type = object({
|
type = object({
|
||||||
name = string
|
name = string
|
||||||
single_instance_assignment = number
|
single_instance_assignment = number
|
||||||
|
|
@ -100,7 +101,7 @@ variable "prefix" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_create" {
|
variable "project_create" {
|
||||||
description = "Parameters for the creation of the new project"
|
description = "Parameters for the creation of the new project."
|
||||||
type = object({
|
type = object({
|
||||||
billing_account_id = string
|
billing_account_id = string
|
||||||
parent = string
|
parent = string
|
||||||
|
|
@ -109,7 +110,7 @@ variable "project_create" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "Name of an existing project or of the new project"
|
description = "Name of an existing project or of the new project."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -123,25 +123,25 @@ The above command will delete the associated resources so there will be no billa
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [prefix](variables.tf#L57) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
| [prefix](variables.tf#L57) | Prefix used for resource names. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L81) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L81) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||||
| [wordpress_image](variables.tf#L92) | Image to run with Cloud Run, starts with \"gcr.io\" | <code>string</code> | ✓ | |
|
| [wordpress_image](variables.tf#L92) | Image to run with Cloud Run, starts with \"gcr.io\". | <code>string</code> | ✓ | |
|
||||||
| [cloud_run_invoker](variables.tf#L18) | IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone) | <code>string</code> | | <code>"allUsers"</code> |
|
| [cloud_run_invoker](variables.tf#L18) | IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone). | <code>string</code> | | <code>"allUsers"</code> |
|
||||||
| [cloudsql_password](variables.tf#L24) | CloudSQL password (will be randomly generated by default) | <code>string</code> | | <code>null</code> |
|
| [cloudsql_password](variables.tf#L24) | CloudSQL password (will be randomly generated by default). | <code>string</code> | | <code>null</code> |
|
||||||
| [connector](variables.tf#L30) | Existing VPC serverless connector to use if not creating a new one | <code>string</code> | | <code>null</code> |
|
| [connector](variables.tf#L30) | Existing VPC serverless connector to use if not creating a new one. | <code>string</code> | | <code>null</code> |
|
||||||
| [create_connector](variables.tf#L36) | Should a VPC serverless connector be created or not | <code>bool</code> | | <code>true</code> |
|
| [create_connector](variables.tf#L36) | Should a VPC serverless connector be created or not. | <code>bool</code> | | <code>true</code> |
|
||||||
| [ip_ranges](variables.tf#L43) | CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC | <code title="object({ connector = string psa = string sql_vpc = string })">object({…})</code> | | <code title="{ connector = "10.8.0.0/28" psa = "10.60.0.0/24" sql_vpc = "10.0.0.0/20" }">{…}</code> |
|
| [ip_ranges](variables.tf#L43) | CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC. | <code title="object({ connector = string psa = string sql_vpc = string })">object({…})</code> | | <code title="{ connector = "10.8.0.0/28" psa = "10.60.0.0/24" sql_vpc = "10.0.0.0/20" }">{…}</code> |
|
||||||
| [principals](variables.tf#L66) | List of users to give rights to (CloudSQL admin, client and instanceUser, Logging admin, Service Account User and TokenCreator), eg 'user@domain.com'. | <code>list(string)</code> | | <code>[]</code> |
|
| [principals](variables.tf#L66) | List of users to give rights to (CloudSQL admin, client and instanceUser, Logging admin, Service Account User and TokenCreator), eg 'user@domain.com'. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [project_create](variables.tf#L72) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
| [project_create](variables.tf#L72) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||||
| [region](variables.tf#L86) | Region for the created resources | <code>string</code> | | <code>"europe-west4"</code> |
|
| [region](variables.tf#L86) | Region for the created resources. | <code>string</code> | | <code>"europe-west4"</code> |
|
||||||
| [wordpress_password](variables.tf#L97) | Password for the Wordpress user (will be randomly generated by default) | <code>string</code> | | <code>null</code> |
|
| [wordpress_password](variables.tf#L97) | Password for the Wordpress user (will be randomly generated by default). | <code>string</code> | | <code>null</code> |
|
||||||
| [wordpress_port](variables.tf#L103) | Port for the Wordpress image | <code>number</code> | | <code>8080</code> |
|
| [wordpress_port](variables.tf#L103) | Port for the Wordpress image. | <code>number</code> | | <code>8080</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [cloud_run_service](outputs.tf#L17) | CloudRun service URL | ✓ |
|
| [cloud_run_service](outputs.tf#L17) | CloudRun service URL. | ✓ |
|
||||||
| [cloudsql_password](outputs.tf#L23) | CloudSQL password | ✓ |
|
| [cloudsql_password](outputs.tf#L23) | CloudSQL password. | ✓ |
|
||||||
| [wp_password](outputs.tf#L29) | Wordpress user password | ✓ |
|
| [wp_password](outputs.tf#L29) | Wordpress user password. | ✓ |
|
||||||
| [wp_user](outputs.tf#L35) | Wordpress username | |
|
| [wp_user](outputs.tf#L35) | Wordpress username. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -15,24 +15,24 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
output "cloud_run_service" {
|
output "cloud_run_service" {
|
||||||
description = "CloudRun service URL"
|
description = "CloudRun service URL."
|
||||||
value = module.cloud_run.service.status[0].url
|
value = module.cloud_run.service.status[0].url
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
||||||
output "cloudsql_password" {
|
output "cloudsql_password" {
|
||||||
description = "CloudSQL password"
|
description = "CloudSQL password."
|
||||||
value = var.cloudsql_password == null ? module.cloudsql.user_passwords[local.cloudsql_conf.user] : var.cloudsql_password
|
value = var.cloudsql_password == null ? module.cloudsql.user_passwords[local.cloudsql_conf.user] : var.cloudsql_password
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
||||||
output "wp_password" {
|
output "wp_password" {
|
||||||
description = "Wordpress user password"
|
description = "Wordpress user password."
|
||||||
value = local.wp_pass
|
value = local.wp_pass
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
||||||
output "wp_user" {
|
output "wp_user" {
|
||||||
description = "Wordpress username"
|
description = "Wordpress username."
|
||||||
value = local.wp_user
|
value = local.wp_user
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,31 +17,31 @@
|
||||||
# Documentation: https://cloud.google.com/run/docs/securing/managing-access#making_a_service_public
|
# Documentation: https://cloud.google.com/run/docs/securing/managing-access#making_a_service_public
|
||||||
variable "cloud_run_invoker" {
|
variable "cloud_run_invoker" {
|
||||||
type = string
|
type = string
|
||||||
description = "IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone)"
|
description = "IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone)."
|
||||||
default = "allUsers"
|
default = "allUsers"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "cloudsql_password" {
|
variable "cloudsql_password" {
|
||||||
type = string
|
type = string
|
||||||
description = "CloudSQL password (will be randomly generated by default)"
|
description = "CloudSQL password (will be randomly generated by default)."
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "connector" {
|
variable "connector" {
|
||||||
type = string
|
type = string
|
||||||
description = "Existing VPC serverless connector to use if not creating a new one"
|
description = "Existing VPC serverless connector to use if not creating a new one."
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "create_connector" {
|
variable "create_connector" {
|
||||||
type = bool
|
type = bool
|
||||||
description = "Should a VPC serverless connector be created or not"
|
description = "Should a VPC serverless connector be created or not."
|
||||||
default = true
|
default = true
|
||||||
}
|
}
|
||||||
|
|
||||||
# PSA: documentation: https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range
|
# PSA: documentation: https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range
|
||||||
variable "ip_ranges" {
|
variable "ip_ranges" {
|
||||||
description = "CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC"
|
description = "CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC."
|
||||||
type = object({
|
type = object({
|
||||||
connector = string
|
connector = string
|
||||||
psa = string
|
psa = string
|
||||||
|
|
@ -85,23 +85,23 @@ variable "project_id" {
|
||||||
|
|
||||||
variable "region" {
|
variable "region" {
|
||||||
type = string
|
type = string
|
||||||
description = "Region for the created resources"
|
description = "Region for the created resources."
|
||||||
default = "europe-west4"
|
default = "europe-west4"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "wordpress_image" {
|
variable "wordpress_image" {
|
||||||
type = string
|
type = string
|
||||||
description = "Image to run with Cloud Run, starts with \"gcr.io\""
|
description = "Image to run with Cloud Run, starts with \"gcr.io\"."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "wordpress_password" {
|
variable "wordpress_password" {
|
||||||
type = string
|
type = string
|
||||||
description = "Password for the Wordpress user (will be randomly generated by default)"
|
description = "Password for the Wordpress user (will be randomly generated by default)."
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "wordpress_port" {
|
variable "wordpress_port" {
|
||||||
type = number
|
type = number
|
||||||
description = "Port for the Wordpress image"
|
description = "Port for the Wordpress image."
|
||||||
default = 8080
|
default = 8080
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
/Users/jccb/code/cloud-foundation-fabric/fast-configs/jccb/providers/00-bootstrap-providers.tf
|
||||||
|
|
@ -477,7 +477,7 @@ The remaining configuration is manual, as it regards the repositories themselves
|
||||||
| [iam_additive](variables.tf#L152) | Organization-level custom IAM settings in role => [principal] format for non-authoritative bindings. | <code>map(list(string))</code> | | <code>{}</code> | |
|
| [iam_additive](variables.tf#L152) | Organization-level custom IAM settings in role => [principal] format for non-authoritative bindings. | <code>map(list(string))</code> | | <code>{}</code> | |
|
||||||
| [locations](variables.tf#L158) | Optional locations for GCS, BigQuery, and logging buckets created here. | <code title="object({ bq = string gcs = string logging = string pubsub = list(string) })">object({…})</code> | | <code title="{ bq = "EU" gcs = "EU" logging = "global" pubsub = [] }">{…}</code> | |
|
| [locations](variables.tf#L158) | Optional locations for GCS, BigQuery, and logging buckets created here. | <code title="object({ bq = string gcs = string logging = string pubsub = list(string) })">object({…})</code> | | <code title="{ bq = "EU" gcs = "EU" logging = "global" pubsub = [] }">{…}</code> | |
|
||||||
| [log_sinks](variables.tf#L177) | Org-level log sinks, in name => {type, filter} format. | <code title="map(object({ filter = string type = string }))">map(object({…}))</code> | | <code title="{ audit-logs = { filter = "logName:\"/logs/cloudaudit.googleapis.com%2Factivity\" OR logName:\"/logs/cloudaudit.googleapis.com%2Fsystem_event\"" type = "bigquery" } vpc-sc = { filter = "protoPayload.metadata.@type=\"type.googleapis.com/google.cloud.audit.VpcServiceControlAuditMetadata\"" type = "bigquery" } }">{…}</code> | |
|
| [log_sinks](variables.tf#L177) | Org-level log sinks, in name => {type, filter} format. | <code title="map(object({ filter = string type = string }))">map(object({…}))</code> | | <code title="{ audit-logs = { filter = "logName:\"/logs/cloudaudit.googleapis.com%2Factivity\" OR logName:\"/logs/cloudaudit.googleapis.com%2Fsystem_event\"" type = "bigquery" } vpc-sc = { filter = "protoPayload.metadata.@type=\"type.googleapis.com/google.cloud.audit.VpcServiceControlAuditMetadata\"" type = "bigquery" } }">{…}</code> | |
|
||||||
| [outputs_location](variables.tf#L211) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable | <code>string</code> | | <code>null</code> | |
|
| [outputs_location](variables.tf#L211) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable. | <code>string</code> | | <code>null</code> | |
|
||||||
| [project_parent_ids](variables.tf#L227) | Optional parents for projects created here in folders/nnnnnnn format. Null values will use the organization as parent. | <code title="object({ automation = string billing = string logging = string })">object({…})</code> | | <code title="{ automation = null billing = null logging = null }">{…}</code> | |
|
| [project_parent_ids](variables.tf#L227) | Optional parents for projects created here in folders/nnnnnnn format. Null values will use the organization as parent. | <code title="object({ automation = string billing = string logging = string })">object({…})</code> | | <code title="{ automation = null billing = null logging = null }">{…}</code> | |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
|
||||||
|
|
@ -209,7 +209,7 @@ variable "organization" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "outputs_location" {
|
variable "outputs_location" {
|
||||||
description = "Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable"
|
description = "Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -191,7 +191,7 @@ Due to its simplicity, this stage lends itself easily to customizations: adding
|
||||||
| [groups](variables.tf#L164) | Group names to grant organization-level permissions. | <code>map(string)</code> | | <code title="{ gcp-billing-admins = "gcp-billing-admins", gcp-devops = "gcp-devops", gcp-network-admins = "gcp-network-admins" gcp-organization-admins = "gcp-organization-admins" gcp-security-admins = "gcp-security-admins" gcp-support = "gcp-support" }">{…}</code> | <code>00-bootstrap</code> |
|
| [groups](variables.tf#L164) | Group names to grant organization-level permissions. | <code>map(string)</code> | | <code title="{ gcp-billing-admins = "gcp-billing-admins", gcp-devops = "gcp-devops", gcp-network-admins = "gcp-network-admins" gcp-organization-admins = "gcp-organization-admins" gcp-security-admins = "gcp-security-admins" gcp-support = "gcp-support" }">{…}</code> | <code>00-bootstrap</code> |
|
||||||
| [locations](variables.tf#L179) | Optional locations for GCS, BigQuery, and logging buckets created here. | <code title="object({ bq = string gcs = string logging = string pubsub = list(string) })">object({…})</code> | | <code title="{ bq = "EU" gcs = "EU" logging = "global" pubsub = [] }">{…}</code> | <code>00-bootstrap</code> |
|
| [locations](variables.tf#L179) | Optional locations for GCS, BigQuery, and logging buckets created here. | <code title="object({ bq = string gcs = string logging = string pubsub = list(string) })">object({…})</code> | | <code title="{ bq = "EU" gcs = "EU" logging = "global" pubsub = [] }">{…}</code> | <code>00-bootstrap</code> |
|
||||||
| [organization_policy_configs](variables.tf#L207) | Organization policies customization. | <code title="object({ allowed_policy_member_domains = list(string) })">object({…})</code> | | <code>null</code> | |
|
| [organization_policy_configs](variables.tf#L207) | Organization policies customization. | <code title="object({ allowed_policy_member_domains = list(string) })">object({…})</code> | | <code>null</code> | |
|
||||||
| [outputs_location](variables.tf#L215) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable | <code>string</code> | | <code>null</code> | |
|
| [outputs_location](variables.tf#L215) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable. | <code>string</code> | | <code>null</code> | |
|
||||||
| [tag_names](variables.tf#L232) | Customized names for resource management tags. | <code title="object({ context = string environment = string })">object({…})</code> | | <code title="{ context = "context" environment = "environment" }">{…}</code> | |
|
| [tag_names](variables.tf#L232) | Customized names for resource management tags. | <code title="object({ context = string environment = string })">object({…})</code> | | <code title="{ context = "context" environment = "environment" }">{…}</code> | |
|
||||||
| [team_folders](variables.tf#L249) | Team folders to be created. Format is described in a code comment. | <code title="map(object({ descriptive_name = string group_iam = map(list(string)) impersonation_groups = list(string) }))">map(object({…}))</code> | | <code>null</code> | |
|
| [team_folders](variables.tf#L249) | Team folders to be created. Format is described in a code comment. | <code title="map(object({ descriptive_name = string group_iam = map(list(string)) impersonation_groups = list(string) }))">map(object({…}))</code> | | <code>null</code> | |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -213,7 +213,7 @@ variable "organization_policy_configs" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "outputs_location" {
|
variable "outputs_location" {
|
||||||
description = "Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable"
|
description = "Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -379,7 +379,7 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS
|
||||||
| [custom_adv](variables.tf#L34) | Custom advertisement definitions in name => range format. | <code>map(string)</code> | | <code title="{ cloud_dns = "35.199.192.0/19" gcp_all = "10.128.0.0/16" gcp_dev_ew1 = "10.128.128.0/19" gcp_dev_ew4 = "10.128.160.0/19" gcp_landing_trusted_ew1 = "10.128.64.0/19" gcp_landing_trusted_ew4 = "10.128.96.0/19" gcp_landing_untrusted_ew1 = "10.128.0.0/19" gcp_landing_untrusted_ew4 = "10.128.32.0/19" gcp_prod_ew1 = "10.128.192.0/19" gcp_prod_ew4 = "10.128.224.0/19" googleapis_private = "199.36.153.8/30" googleapis_restricted = "199.36.153.4/30" rfc_1918_10 = "10.0.0.0/8" rfc_1918_172 = "172.16.0.0/12" rfc_1918_192 = "192.168.0.0/16" }">{…}</code> | |
|
| [custom_adv](variables.tf#L34) | Custom advertisement definitions in name => range format. | <code>map(string)</code> | | <code title="{ cloud_dns = "35.199.192.0/19" gcp_all = "10.128.0.0/16" gcp_dev_ew1 = "10.128.128.0/19" gcp_dev_ew4 = "10.128.160.0/19" gcp_landing_trusted_ew1 = "10.128.64.0/19" gcp_landing_trusted_ew4 = "10.128.96.0/19" gcp_landing_untrusted_ew1 = "10.128.0.0/19" gcp_landing_untrusted_ew4 = "10.128.32.0/19" gcp_prod_ew1 = "10.128.192.0/19" gcp_prod_ew4 = "10.128.224.0/19" googleapis_private = "199.36.153.8/30" googleapis_restricted = "199.36.153.4/30" rfc_1918_10 = "10.0.0.0/8" rfc_1918_172 = "172.16.0.0/12" rfc_1918_192 = "192.168.0.0/16" }">{…}</code> | |
|
||||||
| [custom_roles](variables.tf#L56) | Custom roles defined at the org level, in key => id format. | <code title="object({ service_project_network_admin = string })">object({…})</code> | | <code>null</code> | <code>00-bootstrap</code> |
|
| [custom_roles](variables.tf#L56) | Custom roles defined at the org level, in key => id format. | <code title="object({ service_project_network_admin = string })">object({…})</code> | | <code>null</code> | <code>00-bootstrap</code> |
|
||||||
| [data_dir](variables.tf#L65) | Relative path for the folder storing configuration data for network resources. | <code>string</code> | | <code>"data"</code> | |
|
| [data_dir](variables.tf#L65) | Relative path for the folder storing configuration data for network resources. | <code>string</code> | | <code>"data"</code> | |
|
||||||
| [dns](variables.tf#L71) | Onprem DNS resolvers | <code>map(list(string))</code> | | <code title="{ onprem = ["10.0.200.3"] }">{…}</code> | |
|
| [dns](variables.tf#L71) | Onprem DNS resolvers. | <code>map(list(string))</code> | | <code title="{ onprem = ["10.0.200.3"] }">{…}</code> | |
|
||||||
| [l7ilb_subnets](variables.tf#L89) | Subnets used for L7 ILBs. | <code title="map(list(object({ ip_cidr_range = string region = string })))">map(list(object({…})))</code> | | <code title="{ dev = [ { ip_cidr_range = "10.128.159.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.191.0/24", region = "europe-west4" } ] prod = [ { ip_cidr_range = "10.128.223.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.255.0/24", region = "europe-west4" } ] }">{…}</code> | |
|
| [l7ilb_subnets](variables.tf#L89) | Subnets used for L7 ILBs. | <code title="map(list(object({ ip_cidr_range = string region = string })))">map(list(object({…})))</code> | | <code title="{ dev = [ { ip_cidr_range = "10.128.159.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.191.0/24", region = "europe-west4" } ] prod = [ { ip_cidr_range = "10.128.223.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.255.0/24", region = "europe-west4" } ] }">{…}</code> | |
|
||||||
| [onprem_cidr](variables.tf#L107) | Onprem addresses in name => range format. | <code>map(string)</code> | | <code title="{ main = "10.0.0.0/24" }">{…}</code> | |
|
| [onprem_cidr](variables.tf#L107) | Onprem addresses in name => range format. | <code>map(string)</code> | | <code title="{ main = "10.0.0.0/24" }">{…}</code> | |
|
||||||
| [outputs_location](variables.tf#L125) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
| [outputs_location](variables.tf#L125) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
||||||
|
|
|
||||||
|
|
@ -69,7 +69,7 @@ variable "data_dir" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "dns" {
|
variable "dns" {
|
||||||
description = "Onprem DNS resolvers"
|
description = "Onprem DNS resolvers."
|
||||||
type = map(list(string))
|
type = map(list(string))
|
||||||
default = {
|
default = {
|
||||||
onprem = ["10.0.200.3"]
|
onprem = ["10.0.200.3"]
|
||||||
|
|
|
||||||
|
|
@ -168,22 +168,22 @@ You can find examples in the `[demo](../../../../blueprints/data-solutions/data-
|
||||||
|---|---|:---:|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|:---:|
|
||||||
| [automation](variables.tf#L17) | Automation resources created by the bootstrap stage. | <code title="object({ outputs_bucket = string })">object({…})</code> | ✓ | | <code>00-bootstrap</code> |
|
| [automation](variables.tf#L17) | Automation resources created by the bootstrap stage. | <code title="object({ outputs_bucket = string })">object({…})</code> | ✓ | | <code>00-bootstrap</code> |
|
||||||
| [billing_account](variables.tf#L25) | Billing account id and organization id ('nnnnnnnn' or null). | <code title="object({ id = string organization_id = number })">object({…})</code> | ✓ | | <code>00-globals</code> |
|
| [billing_account](variables.tf#L25) | Billing account id and organization id ('nnnnnnnn' or null). | <code title="object({ id = string organization_id = number })">object({…})</code> | ✓ | | <code>00-globals</code> |
|
||||||
| [folder_ids](variables.tf#L64) | Folder to be used for the networking resources in folders/nnnn format. | <code title="object({ data-platform-dev = string })">object({…})</code> | ✓ | | <code>01-resman</code> |
|
| [folder_ids](variables.tf#L65) | Folder to be used for the networking resources in folders/nnnn format. | <code title="object({ data-platform-dev = string })">object({…})</code> | ✓ | | <code>01-resman</code> |
|
||||||
| [host_project_ids](variables.tf#L82) | Shared VPC project ids. | <code title="object({ dev-spoke-0 = string })">object({…})</code> | ✓ | | <code>02-networking</code> |
|
| [host_project_ids](variables.tf#L83) | Shared VPC project ids. | <code title="object({ dev-spoke-0 = string })">object({…})</code> | ✓ | | <code>02-networking</code> |
|
||||||
| [organization](variables.tf#L114) | Organization details. | <code title="object({ domain = string id = number customer_id = string })">object({…})</code> | ✓ | | <code>00-globals</code> |
|
| [organization](variables.tf#L115) | Organization details. | <code title="object({ domain = string id = number customer_id = string })">object({…})</code> | ✓ | | <code>00-globals</code> |
|
||||||
| [prefix](variables.tf#L130) | Unique prefix used for resource names. Not used for projects if 'project_create' is null. | <code>string</code> | ✓ | | <code>00-globals</code> |
|
| [prefix](variables.tf#L131) | Unique prefix used for resource names. Not used for projects if 'project_create' is null. | <code>string</code> | ✓ | | <code>00-globals</code> |
|
||||||
| [composer_config](variables.tf#L34) | | <code title="object({ node_count = number airflow_version = string env_variables = map(string) })">object({…})</code> | | <code title="{ node_count = 3 airflow_version = "composer-1.17.5-airflow-2.1.4" env_variables = {} }">{…}</code> | |
|
| [composer_config](variables.tf#L34) | Cloud Composer configuration options. | <code title="object({ node_count = number airflow_version = string env_variables = map(string) })">object({…})</code> | | <code title="{ node_count = 3 airflow_version = "composer-1.17.5-airflow-2.1.4" env_variables = {} }">{…}</code> | |
|
||||||
| [data_catalog_tags](variables.tf#L47) | List of Data Catalog Policy tags to be created with optional IAM binging configuration in {tag => {ROLE => [MEMBERS]}} format. | <code>map(map(list(string)))</code> | | <code title="{ "3_Confidential" = null "2_Private" = null "1_Sensitive" = null }">{…}</code> | |
|
| [data_catalog_tags](variables.tf#L48) | List of Data Catalog Policy tags to be created with optional IAM binging configuration in {tag => {ROLE => [MEMBERS]}} format. | <code>map(map(list(string)))</code> | | <code title="{ "3_Confidential" = null "2_Private" = null "1_Sensitive" = null }">{…}</code> | |
|
||||||
| [data_force_destroy](variables.tf#L58) | Flag to set 'force_destroy' on data services like BigQery or Cloud Storage. | <code>bool</code> | | <code>false</code> | |
|
| [data_force_destroy](variables.tf#L59) | Flag to set 'force_destroy' on data services like BigQery or Cloud Storage. | <code>bool</code> | | <code>false</code> | |
|
||||||
| [groups](variables.tf#L72) | Groups. | <code>map(string)</code> | | <code title="{ data-analysts = "gcp-data-analysts" data-engineers = "gcp-data-engineers" data-security = "gcp-data-security" }">{…}</code> | |
|
| [groups](variables.tf#L73) | Groups. | <code>map(string)</code> | | <code title="{ data-analysts = "gcp-data-analysts" data-engineers = "gcp-data-engineers" data-security = "gcp-data-security" }">{…}</code> | |
|
||||||
| [location](variables.tf#L90) | Location used for multi-regional resources. | <code>string</code> | | <code>"eu"</code> | |
|
| [location](variables.tf#L91) | Location used for multi-regional resources. | <code>string</code> | | <code>"eu"</code> | |
|
||||||
| [network_config_composer](variables.tf#L96) | Network configurations to use for Composer. | <code title="object({ cloudsql_range = string gke_master_range = string gke_pods_name = string gke_services_name = string web_server_range = string })">object({…})</code> | | <code title="{ cloudsql_range = "192.168.254.0/24" gke_master_range = "192.168.255.0/28" gke_pods_name = "pods" gke_services_name = "services" web_server_range = "192.168.255.16/28" }">{…}</code> | |
|
| [network_config_composer](variables.tf#L97) | Network configurations to use for Composer. | <code title="object({ cloudsql_range = string gke_master_range = string gke_pods_name = string gke_services_name = string web_server_range = string })">object({…})</code> | | <code title="{ cloudsql_range = "192.168.254.0/24" gke_master_range = "192.168.255.0/28" gke_pods_name = "pods" gke_services_name = "services" web_server_range = "192.168.255.16/28" }">{…}</code> | |
|
||||||
| [outputs_location](variables.tf#L124) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
| [outputs_location](variables.tf#L125) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
||||||
| [project_services](variables.tf#L136) | List of core services enabled on all projects. | <code>list(string)</code> | | <code title="[ "cloudresourcemanager.googleapis.com", "iam.googleapis.com", "serviceusage.googleapis.com", "stackdriver.googleapis.com" ]">[…]</code> | |
|
| [project_services](variables.tf#L137) | List of core services enabled on all projects. | <code>list(string)</code> | | <code title="[ "cloudresourcemanager.googleapis.com", "iam.googleapis.com", "serviceusage.googleapis.com", "stackdriver.googleapis.com" ]">[…]</code> | |
|
||||||
| [region](variables.tf#L147) | Region used for regional resources. | <code>string</code> | | <code>"europe-west1"</code> | |
|
| [region](variables.tf#L148) | Region used for regional resources. | <code>string</code> | | <code>"europe-west1"</code> | |
|
||||||
| [service_encryption_keys](variables.tf#L153) | Cloud KMS to use to encrypt different services. Key location should match service region. | <code title="object({ bq = string composer = string dataflow = string storage = string pubsub = string })">object({…})</code> | | <code>null</code> | |
|
| [service_encryption_keys](variables.tf#L154) | Cloud KMS to use to encrypt different services. Key location should match service region. | <code title="object({ bq = string composer = string dataflow = string storage = string pubsub = string })">object({…})</code> | | <code>null</code> | |
|
||||||
| [subnet_self_links](variables.tf#L165) | Shared VPC subnet self links. | <code title="object({ dev-spoke-0 = map(string) })">object({…})</code> | | <code>null</code> | <code>02-networking</code> |
|
| [subnet_self_links](variables.tf#L166) | Shared VPC subnet self links. | <code title="object({ dev-spoke-0 = map(string) })">object({…})</code> | | <code>null</code> | <code>02-networking</code> |
|
||||||
| [vpc_self_links](variables.tf#L174) | Shared VPC self links. | <code title="object({ dev-spoke-0 = string })">object({…})</code> | | <code>null</code> | <code>02-networking</code> |
|
| [vpc_self_links](variables.tf#L175) | Shared VPC self links. | <code title="object({ dev-spoke-0 = string })">object({…})</code> | | <code>null</code> | <code>02-networking</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -32,6 +32,7 @@ variable "billing_account" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "composer_config" {
|
variable "composer_config" {
|
||||||
|
description = "Cloud Composer configuration options."
|
||||||
type = object({
|
type = object({
|
||||||
node_count = number
|
node_count = number
|
||||||
airflow_version = string
|
airflow_version = string
|
||||||
|
|
|
||||||
|
|
@ -64,12 +64,12 @@ module "gateway" {
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [api_id](variables.tf#L17) | API identifier. | <code>string</code> | ✓ | |
|
| [api_id](variables.tf#L17) | API identifier. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L34) | Project identifier. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L34) | Project identifier. | <code>string</code> | ✓ | |
|
||||||
| [region](variables.tf#L39) | Region | <code>string</code> | ✓ | |
|
| [region](variables.tf#L39) | Region. | <code>string</code> | ✓ | |
|
||||||
| [spec](variables.tf#L56) | String with the contents of the OpenAPI spec. | <code>string</code> | ✓ | |
|
| [spec](variables.tf#L56) | String with the contents of the OpenAPI spec. | <code>string</code> | ✓ | |
|
||||||
| [iam](variables.tf#L22) | IAM bindings for the API in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>null</code> |
|
| [iam](variables.tf#L22) | IAM bindings for the API in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>null</code> |
|
||||||
| [labels](variables.tf#L28) | Map of labels. | <code>map(string)</code> | | <code>null</code> |
|
| [labels](variables.tf#L28) | Map of labels. | <code>map(string)</code> | | <code>null</code> |
|
||||||
| [service_account_create](variables.tf#L44) | Flag indicating whether a service account needs to be created | <code>bool</code> | | <code>false</code> |
|
| [service_account_create](variables.tf#L44) | Flag indicating whether a service account needs to be created. | <code>bool</code> | | <code>false</code> |
|
||||||
| [service_account_email](variables.tf#L50) | Service account for creating API configs | <code>string</code> | | <code>null</code> |
|
| [service_account_email](variables.tf#L50) | Service account for creating API configs. | <code>string</code> | | <code>null</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -37,18 +37,18 @@ variable "project_id" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "region" {
|
variable "region" {
|
||||||
description = "Region"
|
description = "Region."
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "service_account_create" {
|
variable "service_account_create" {
|
||||||
description = "Flag indicating whether a service account needs to be created"
|
description = "Flag indicating whether a service account needs to be created."
|
||||||
type = bool
|
type = bool
|
||||||
default = false
|
default = false
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "service_account_email" {
|
variable "service_account_email" {
|
||||||
description = "Service account for creating API configs"
|
description = "Service account for creating API configs."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -153,7 +153,7 @@ module "apigee" {
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [envgroups](outputs.tf#L17) | Environment groups. | |
|
| [envgroups](outputs.tf#L17) | Environment groups. | |
|
||||||
| [environments](outputs.tf#L22) | Environment. | |
|
| [environments](outputs.tf#L22) | Environment. | |
|
||||||
| [instances](outputs.tf#L27) | Instances | |
|
| [instances](outputs.tf#L27) | Instances. | |
|
||||||
| [org_id](outputs.tf#L32) | Organization ID. | |
|
| [org_id](outputs.tf#L32) | Organization ID. | |
|
||||||
| [org_name](outputs.tf#L37) | Organization name. | |
|
| [org_name](outputs.tf#L37) | Organization name. | |
|
||||||
| [organization](outputs.tf#L42) | Organization. | |
|
| [organization](outputs.tf#L42) | Organization. | |
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@ output "environments" {
|
||||||
}
|
}
|
||||||
|
|
||||||
output "instances" {
|
output "instances" {
|
||||||
description = "Instances"
|
description = "Instances."
|
||||||
value = try(google_apigee_instance.instances, null)
|
value = try(google_apigee_instance.instances, null)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -62,10 +62,10 @@ module "binauthz" {
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|---|---|:---:|:---:|:---:|
|
|---|---|:---:|:---:|:---:|
|
||||||
| [project_id](variables.tf#L68) | Project ID. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L68) | Project ID. | <code>string</code> | ✓ | |
|
||||||
| [admission_whitelist_patterns](variables.tf#L17) | An image name pattern to allowlist | <code>list(string)</code> | | <code>null</code> |
|
| [admission_whitelist_patterns](variables.tf#L17) | An image name pattern to allowlist. | <code>list(string)</code> | | <code>null</code> |
|
||||||
| [attestors_config](variables.tf#L23) | Attestors configuration | <code title="map(object({ note_reference = string iam = map(list(string)) pgp_public_keys = list(string) pkix_public_keys = list(object({ id = string public_key_pem = string signature_algorithm = string })) }))">map(object({…}))</code> | | <code>null</code> |
|
| [attestors_config](variables.tf#L23) | Attestors configuration. | <code title="map(object({ note_reference = string iam = map(list(string)) pgp_public_keys = list(string) pkix_public_keys = list(object({ id = string public_key_pem = string signature_algorithm = string })) }))">map(object({…}))</code> | | <code>null</code> |
|
||||||
| [cluster_admission_rules](variables.tf#L38) | Admission rules | <code title="map(object({ evaluation_mode = string enforcement_mode = string attestors = list(string) }))">map(object({…}))</code> | | <code>null</code> |
|
| [cluster_admission_rules](variables.tf#L38) | Admission rules. | <code title="map(object({ evaluation_mode = string enforcement_mode = string attestors = list(string) }))">map(object({…}))</code> | | <code>null</code> |
|
||||||
| [default_admission_rule](variables.tf#L48) | Default admission rule | <code title="object({ evaluation_mode = string enforcement_mode = string attestors = list(string) })">object({…})</code> | | <code title="{ evaluation_mode = "ALWAYS_ALLOW" enforcement_mode = "ENFORCED_BLOCK_AND_AUDIT_LOG" attestors = null }">{…}</code> |
|
| [default_admission_rule](variables.tf#L48) | Default admission rule. | <code title="object({ evaluation_mode = string enforcement_mode = string attestors = list(string) })">object({…})</code> | | <code title="{ evaluation_mode = "ALWAYS_ALLOW" enforcement_mode = "ENFORCED_BLOCK_AND_AUDIT_LOG" attestors = null }">{…}</code> |
|
||||||
| [global_policy_evaluation_mode](variables.tf#L62) | Global policy evaluation mode. | <code>string</code> | | <code>null</code> |
|
| [global_policy_evaluation_mode](variables.tf#L62) | Global policy evaluation mode. | <code>string</code> | | <code>null</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
@ -73,7 +73,7 @@ module "binauthz" {
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [attestors](outputs.tf#L17) | Attestors. | |
|
| [attestors](outputs.tf#L17) | Attestors. | |
|
||||||
| [id](outputs.tf#L25) | Binary Authorization policy ID | |
|
| [id](outputs.tf#L25) | Binary Authorization policy ID. | |
|
||||||
| [notes](outputs.tf#L30) | Notes. | |
|
| [notes](outputs.tf#L30) | Notes. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ output "attestors" {
|
||||||
}
|
}
|
||||||
|
|
||||||
output "id" {
|
output "id" {
|
||||||
description = "Binary Authorization policy ID"
|
description = "Binary Authorization policy ID."
|
||||||
value = google_binary_authorization_policy.policy.id
|
value = google_binary_authorization_policy.policy.id
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -15,13 +15,13 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
variable "admission_whitelist_patterns" {
|
variable "admission_whitelist_patterns" {
|
||||||
description = "An image name pattern to allowlist"
|
description = "An image name pattern to allowlist."
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "attestors_config" {
|
variable "attestors_config" {
|
||||||
description = "Attestors configuration"
|
description = "Attestors configuration."
|
||||||
type = map(object({
|
type = map(object({
|
||||||
note_reference = string
|
note_reference = string
|
||||||
iam = map(list(string))
|
iam = map(list(string))
|
||||||
|
|
@ -36,7 +36,7 @@ variable "attestors_config" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "cluster_admission_rules" {
|
variable "cluster_admission_rules" {
|
||||||
description = "Admission rules"
|
description = "Admission rules."
|
||||||
type = map(object({
|
type = map(object({
|
||||||
evaluation_mode = string
|
evaluation_mode = string
|
||||||
enforcement_mode = string
|
enforcement_mode = string
|
||||||
|
|
@ -46,7 +46,7 @@ variable "cluster_admission_rules" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "default_admission_rule" {
|
variable "default_admission_rule" {
|
||||||
description = "Default admission rule"
|
description = "Default admission rule."
|
||||||
type = object({
|
type = object({
|
||||||
evaluation_mode = string
|
evaluation_mode = string
|
||||||
enforcement_mode = string
|
enforcement_mode = string
|
||||||
|
|
|
||||||
|
|
@ -230,10 +230,10 @@ module "cf-http" {
|
||||||
| [name](variables.tf#L94) | Name used for cloud function and associated resources. | <code>string</code> | ✓ | |
|
| [name](variables.tf#L94) | Name used for cloud function and associated resources. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L109) | Project id used for all resources. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L109) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||||
| [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | <code title="object({ location = optional(string) lifecycle_delete_age_days = optional(number) })">object({…})</code> | | <code>null</code> |
|
| [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | <code title="object({ location = optional(string) lifecycle_delete_age_days = optional(number) })">object({…})</code> | | <code>null</code> |
|
||||||
| [build_worker_pool](variables.tf#L31) | Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format | <code>string</code> | | <code>null</code> |
|
| [build_worker_pool](variables.tf#L31) | Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format. | <code>string</code> | | <code>null</code> |
|
||||||
| [description](variables.tf#L46) | Optional description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
| [description](variables.tf#L46) | Optional description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||||
| [environment_variables](variables.tf#L52) | Cloud function environment variables. | <code>map(string)</code> | | <code>{}</code> |
|
| [environment_variables](variables.tf#L52) | Cloud function environment variables. | <code>map(string)</code> | | <code>{}</code> |
|
||||||
| [function_config](variables.tf#L58) | Cloud function configuration. Defaults to using main as entrypoint, 1 instance with 256MiB of memory, and 180 second timeout | <code title="object({ entry_point = optional(string, "main") instance_count = optional(number, 1) memory_mb = optional(number, 256) # Memory in MB runtime = optional(string, "python310") timeout_seconds = optional(number, 180) })">object({…})</code> | | <code title="{ entry_point = "main" instance_count = 1 memory_mb = 256 runtime = "python310" timeout_seconds = 180 }">{…}</code> |
|
| [function_config](variables.tf#L58) | Cloud function configuration. Defaults to using main as entrypoint, 1 instance with 256MiB of memory, and 180 second timeout. | <code title="object({ entry_point = optional(string, "main") instance_count = optional(number, 1) memory_mb = optional(number, 256) # Memory in MB runtime = optional(string, "python310") timeout_seconds = optional(number, 180) })">object({…})</code> | | <code title="{ entry_point = "main" instance_count = 1 memory_mb = 256 runtime = "python310" timeout_seconds = 180 }">{…}</code> |
|
||||||
| [iam](variables.tf#L76) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
| [iam](variables.tf#L76) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||||
| [ingress_settings](variables.tf#L82) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | <code>string</code> | | <code>null</code> |
|
| [ingress_settings](variables.tf#L82) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | <code>string</code> | | <code>null</code> |
|
||||||
| [labels](variables.tf#L88) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
| [labels](variables.tf#L88) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ variable "bucket_name" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "build_worker_pool" {
|
variable "build_worker_pool" {
|
||||||
description = "Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format"
|
description = "Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
@ -56,7 +56,7 @@ variable "environment_variables" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "function_config" {
|
variable "function_config" {
|
||||||
description = "Cloud function configuration. Defaults to using main as entrypoint, 1 instance with 256MiB of memory, and 180 second timeout"
|
description = "Cloud function configuration. Defaults to using main as entrypoint, 1 instance with 256MiB of memory, and 180 second timeout."
|
||||||
type = object({
|
type = object({
|
||||||
entry_point = optional(string, "main")
|
entry_point = optional(string, "main")
|
||||||
instance_count = optional(number, 1)
|
instance_count = optional(number, 1)
|
||||||
|
|
|
||||||
|
|
@ -165,7 +165,7 @@ module "db" {
|
||||||
| [labels](variables.tf#L96) | Labels to be attached to all instances. | <code>map(string)</code> | | <code>null</code> |
|
| [labels](variables.tf#L96) | Labels to be attached to all instances. | <code>map(string)</code> | | <code>null</code> |
|
||||||
| [prefix](variables.tf#L112) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
|
| [prefix](variables.tf#L112) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
|
||||||
| [replicas](variables.tf#L132) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | <code title="map(object({ region = string encryption_key_name = string }))">map(object({…}))</code> | | <code>{}</code> |
|
| [replicas](variables.tf#L132) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | <code title="map(object({ region = string encryption_key_name = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||||
| [root_password](variables.tf#L141) | Root password of the Cloud SQL instance. Required for MS SQL Server | <code>string</code> | | <code>null</code> |
|
| [root_password](variables.tf#L141) | Root password of the Cloud SQL instance. Required for MS SQL Server. | <code>string</code> | | <code>null</code> |
|
||||||
| [users](variables.tf#L152) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | <code>map(string)</code> | | <code>null</code> |
|
| [users](variables.tf#L152) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | <code>map(string)</code> | | <code>null</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
|
||||||
|
|
@ -139,7 +139,7 @@ variable "replicas" {
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "root_password" {
|
variable "root_password" {
|
||||||
description = "Root password of the Cloud SQL instance. Required for MS SQL Server"
|
description = "Root password of the Cloud SQL instance. Required for MS SQL Server."
|
||||||
type = string
|
type = string
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -297,7 +297,6 @@ module "hub" {
|
||||||
|
|
||||||
# tftest modules=8 resources=28
|
# tftest modules=8 resources=28
|
||||||
```
|
```
|
||||||
|
|
||||||
<!-- BEGIN TFDOC -->
|
<!-- BEGIN TFDOC -->
|
||||||
|
|
||||||
## Variables
|
## Variables
|
||||||
|
|
@ -315,6 +314,6 @@ module "hub" {
|
||||||
|
|
||||||
| name | description | sensitive |
|
| name | description | sensitive |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [cluster_ids](outputs.tf#L17) | | |
|
| [cluster_ids](outputs.tf#L17) | Ids of all the clusters created. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
output "cluster_ids" {
|
output "cluster_ids" {
|
||||||
|
description = "Ids of all the clusters created."
|
||||||
value = {
|
value = {
|
||||||
for k, v in google_gke_hub_membership.default : k => v.id
|
for k, v in google_gke_hub_membership.default : k => v.id
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -574,11 +574,7 @@ module "ilb-l7" {
|
||||||
| [backend-service.tf](./backend-service.tf) | Backend service resources. | <code>google_compute_region_backend_service</code> |
|
| [backend-service.tf](./backend-service.tf) | Backend service resources. | <code>google_compute_region_backend_service</code> |
|
||||||
| [health-check.tf](./health-check.tf) | Health check resource. | <code>google_compute_health_check</code> |
|
| [health-check.tf](./health-check.tf) | Health check resource. | <code>google_compute_health_check</code> |
|
||||||
| [main.tf](./main.tf) | Module-level locals and resources. | <code>google_compute_forwarding_rule</code> · <code>google_compute_instance_group</code> · <code>google_compute_network_endpoint</code> · <code>google_compute_network_endpoint_group</code> · <code>google_compute_region_network_endpoint_group</code> · <code>google_compute_region_ssl_certificate</code> · <code>google_compute_region_target_http_proxy</code> · <code>google_compute_region_target_https_proxy</code> |
|
| [main.tf](./main.tf) | Module-level locals and resources. | <code>google_compute_forwarding_rule</code> · <code>google_compute_instance_group</code> · <code>google_compute_network_endpoint</code> · <code>google_compute_network_endpoint_group</code> · <code>google_compute_region_network_endpoint_group</code> · <code>google_compute_region_ssl_certificate</code> · <code>google_compute_region_target_http_proxy</code> · <code>google_compute_region_target_https_proxy</code> |
|
||||||
| [outputs.tf](./outputs.tf) | Module outputs. | <code>
|
| [outputs.tf](./outputs.tf) | Module outputs. | |
|
||||||
value = google_compute_forwarding_rule.default
|
|
||||||
}
|
|
||||||
|
|
||||||
output </code> |
|
|
||||||
| [urlmap.tf](./urlmap.tf) | URL map resources. | <code>google_compute_region_url_map</code> |
|
| [urlmap.tf](./urlmap.tf) | URL map resources. | <code>google_compute_region_url_map</code> |
|
||||||
| [variables-backend-service.tf](./variables-backend-service.tf) | Backend services variables. | |
|
| [variables-backend-service.tf](./variables-backend-service.tf) | Backend services variables. | |
|
||||||
| [variables-health-check.tf](./variables-health-check.tf) | Health check variable. | |
|
| [variables-health-check.tf](./variables-health-check.tf) | Health check variable. | |
|
||||||
|
|
@ -615,7 +611,7 @@ output </code> |
|
||||||
|---|---|:---:|
|
|---|---|:---:|
|
||||||
| [address](outputs.tf#L17) | Forwarding rule address. | |
|
| [address](outputs.tf#L17) | Forwarding rule address. | |
|
||||||
| [backend_service_ids](outputs.tf#L22) | Backend service resources. | |
|
| [backend_service_ids](outputs.tf#L22) | Backend service resources. | |
|
||||||
| [forwarding_rule](outputs.tf#L29) | Forwarding rule resource | |
|
| [forwarding_rule](outputs.tf#L29) | Forwarding rule resource. | |
|
||||||
| [group_ids](outputs.tf#L34) | Autogenerated instance group ids. | |
|
| [group_ids](outputs.tf#L34) | Autogenerated instance group ids. | |
|
||||||
| [health_check_ids](outputs.tf#L41) | Autogenerated health check ids. | |
|
| [health_check_ids](outputs.tf#L41) | Autogenerated health check ids. | |
|
||||||
| [neg_ids](outputs.tf#L48) | Autogenerated network endpoint group ids. | |
|
| [neg_ids](outputs.tf#L48) | Autogenerated network endpoint group ids. | |
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@ output "backend_service_ids" {
|
||||||
}
|
}
|
||||||
|
|
||||||
output "forwarding_rule" {
|
output "forwarding_rule" {
|
||||||
description = "Forwarding rule resource"
|
description = "Forwarding rule resource."
|
||||||
value = google_compute_forwarding_rule.default
|
value = google_compute_forwarding_rule.default
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -471,10 +471,10 @@ module "org" {
|
||||||
| [firewall_policies](outputs.tf#L35) | Map of firewall policy resources created in the organization. | |
|
| [firewall_policies](outputs.tf#L35) | Map of firewall policy resources created in the organization. | |
|
||||||
| [firewall_policy_id](outputs.tf#L40) | Map of firewall policy ids created in the organization. | |
|
| [firewall_policy_id](outputs.tf#L40) | Map of firewall policy ids created in the organization. | |
|
||||||
| [network_tag_keys](outputs.tf#L45) | Tag key resources. | |
|
| [network_tag_keys](outputs.tf#L45) | Tag key resources. | |
|
||||||
| [network_tag_values](outputs.tf#L52) | Tag value resources. | |
|
| [network_tag_values](outputs.tf#L54) | Tag value resources. | |
|
||||||
| [organization_id](outputs.tf#L60) | Organization id dependent on module resources. | |
|
| [organization_id](outputs.tf#L65) | Organization id dependent on module resources. | |
|
||||||
| [sink_writer_identities](outputs.tf#L77) | Writer identities created for each sink. | |
|
| [sink_writer_identities](outputs.tf#L82) | Writer identities created for each sink. | |
|
||||||
| [tag_keys](outputs.tf#L85) | Tag key resources. | |
|
| [tag_keys](outputs.tf#L90) | Tag key resources. | |
|
||||||
| [tag_values](outputs.tf#L92) | Tag value resources. | |
|
| [tag_values](outputs.tf#L99) | Tag value resources. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,9 @@ output "firewall_policy_id" {
|
||||||
output "network_tag_keys" {
|
output "network_tag_keys" {
|
||||||
description = "Tag key resources."
|
description = "Tag key resources."
|
||||||
value = {
|
value = {
|
||||||
for k, v in google_tags_tag_key.default : k => v if v.purpose != null
|
for k, v in google_tags_tag_key.default : k => v if(
|
||||||
|
v.purpose != null && v.purpose != ""
|
||||||
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -53,7 +55,10 @@ output "network_tag_values" {
|
||||||
description = "Tag value resources."
|
description = "Tag value resources."
|
||||||
value = {
|
value = {
|
||||||
for k, v in google_tags_tag_value.default
|
for k, v in google_tags_tag_value.default
|
||||||
: k => v if google_tags_tag_key.default[split("/", k)[0]].purpose != null
|
: k => v if(
|
||||||
|
google_tags_tag_key.default[split("/", k)[0]].purpose != null &&
|
||||||
|
google_tags_tag_key.default[split("/", k)[0]].purpose != ""
|
||||||
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -85,7 +90,9 @@ output "sink_writer_identities" {
|
||||||
output "tag_keys" {
|
output "tag_keys" {
|
||||||
description = "Tag key resources."
|
description = "Tag key resources."
|
||||||
value = {
|
value = {
|
||||||
for k, v in google_tags_tag_key.default : k => v if v.purpose == null
|
for k, v in google_tags_tag_key.default : k => v if(
|
||||||
|
v.purpose == null || v.purpose == ""
|
||||||
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -93,6 +100,9 @@ output "tag_values" {
|
||||||
description = "Tag value resources."
|
description = "Tag value resources."
|
||||||
value = {
|
value = {
|
||||||
for k, v in google_tags_tag_value.default
|
for k, v in google_tags_tag_value.default
|
||||||
: k => v if google_tags_tag_key.default[split("/", k)[0]].purpose == null
|
: k => v if(
|
||||||
|
google_tags_tag_key.default[split("/", k)[0]].purpose == null ||
|
||||||
|
google_tags_tag_key.default[split("/", k)[0]].purpose == ""
|
||||||
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,10 @@ class State(enum.IntEnum):
|
||||||
FAIL_STALE_README = enum.auto()
|
FAIL_STALE_README = enum.auto()
|
||||||
FAIL_UNSORTED_VARS = enum.auto()
|
FAIL_UNSORTED_VARS = enum.auto()
|
||||||
FAIL_UNSORTED_OUTPUTS = enum.auto()
|
FAIL_UNSORTED_OUTPUTS = enum.auto()
|
||||||
|
FAIL_VARIABLE_PERIOD = enum.auto()
|
||||||
|
FAIL_OUTPUT_PERIOD = enum.auto()
|
||||||
|
FAIL_VARIABLE_DESCRIPTION = enum.auto()
|
||||||
|
FAIL_OUTPUT_DESCRIPTION = enum.auto()
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def failed(self):
|
def failed(self):
|
||||||
|
|
@ -48,8 +52,12 @@ class State(enum.IntEnum):
|
||||||
State.SKIP: ' ',
|
State.SKIP: ' ',
|
||||||
State.OK: '✓ ',
|
State.OK: '✓ ',
|
||||||
State.FAIL_STALE_README: '✗R',
|
State.FAIL_STALE_README: '✗R',
|
||||||
State.FAIL_UNSORTED_VARS: '✗V',
|
State.FAIL_UNSORTED_VARS: 'SV',
|
||||||
State.FAIL_UNSORTED_OUTPUTS: '✗O',
|
State.FAIL_UNSORTED_OUTPUTS: 'SO',
|
||||||
|
State.FAIL_VARIABLE_PERIOD: '.V',
|
||||||
|
State.FAIL_OUTPUT_PERIOD: '.O',
|
||||||
|
State.FAIL_VARIABLE_DESCRIPTION: 'DV',
|
||||||
|
State.FAIL_OUTPUT_DESCRIPTION: 'DO',
|
||||||
}[self.value]
|
}[self.value]
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -71,10 +79,10 @@ def _check_dir(dir_name, exclude_files=None, files=False, show_extra=False):
|
||||||
new_doc = tfdoc.create_doc(readme_path.parent, files, show_extra,
|
new_doc = tfdoc.create_doc(readme_path.parent, files, show_extra,
|
||||||
exclude_files, readme)
|
exclude_files, readme)
|
||||||
# TODO: support variables in multiple files
|
# TODO: support variables in multiple files
|
||||||
variables = [
|
newvars = new_doc.variables
|
||||||
v.name for v in new_doc.variables if v.file == "variables.tf"
|
newouts = new_doc.outputs
|
||||||
]
|
variables = [v.name for v in newvars if v.file == "variables.tf"]
|
||||||
outputs = [o.name for o in new_doc.outputs if o.file == "outputs.tf"]
|
outputs = [o.name for o in newouts if o.file == "outputs.tf"]
|
||||||
except SystemExit:
|
except SystemExit:
|
||||||
state = state.SKIP
|
state = state.SKIP
|
||||||
else:
|
else:
|
||||||
|
|
@ -87,6 +95,20 @@ def _check_dir(dir_name, exclude_files=None, files=False, show_extra=False):
|
||||||
new_doc.content.split('\n'))
|
new_doc.content.split('\n'))
|
||||||
diff = '\n'.join([header] + list(ndiff))
|
diff = '\n'.join([header] + list(ndiff))
|
||||||
|
|
||||||
|
elif empty := [v.name for v in newvars if not v.description]:
|
||||||
|
state = state.FAIL_VARIABLE_DESCRIPTION
|
||||||
|
diff = "\n".join([
|
||||||
|
f'----- {mod_name} variables missing description -----',
|
||||||
|
', '.join(empty),
|
||||||
|
])
|
||||||
|
|
||||||
|
elif empty := [o.name for o in newouts if not o.description]:
|
||||||
|
state = state.FAIL_VARIABLE_DESCRIPTION
|
||||||
|
diff = "\n".join([
|
||||||
|
f'----- {mod_name} outputs missing description -----',
|
||||||
|
', '.join(empty),
|
||||||
|
])
|
||||||
|
|
||||||
elif variables != sorted(variables):
|
elif variables != sorted(variables):
|
||||||
state = state.FAIL_UNSORTED_VARS
|
state = state.FAIL_UNSORTED_VARS
|
||||||
diff = "\n".join([
|
diff = "\n".join([
|
||||||
|
|
@ -103,6 +125,20 @@ def _check_dir(dir_name, exclude_files=None, files=False, show_extra=False):
|
||||||
', '.join(sorted(outputs)),
|
', '.join(sorted(outputs)),
|
||||||
])
|
])
|
||||||
|
|
||||||
|
elif nc := [v.name for v in newvars if not v.description.endswith('.')]:
|
||||||
|
state = state.FAIL_VARIABLE_PERIOD
|
||||||
|
diff = "\n".join([
|
||||||
|
f'----- {mod_name} variables missing colons -----',
|
||||||
|
', '.join(nc),
|
||||||
|
])
|
||||||
|
|
||||||
|
elif nc := [o.name for o in newouts if not o.description.endswith('.')]:
|
||||||
|
state = state.FAIL_VARIABLE_PERIOD
|
||||||
|
diff = "\n".join([
|
||||||
|
f'----- {mod_name} outputs missing colons -----',
|
||||||
|
', '.join(nc),
|
||||||
|
])
|
||||||
|
|
||||||
yield mod_name, state, diff
|
yield mod_name, state, diff
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -128,7 +164,6 @@ def main(dirs, exclude_file=None, files=False, show_diffs=False,
|
||||||
if errors:
|
if errors:
|
||||||
if show_diffs:
|
if show_diffs:
|
||||||
print('Errored diffs:')
|
print('Errored diffs:')
|
||||||
print(errors)
|
|
||||||
print('\n'.join([e[1] for e in errors]))
|
print('\n'.join([e[1] for e in errors]))
|
||||||
else:
|
else:
|
||||||
print('Errored modules:')
|
print('Errored modules:')
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue