* hotfix/dataproc-variables: fix type of kubernetes_software_config.component_version and properties
* add example of provisioning dataproc cluster on GKE
* Update README.md
* Update main.tf
* Update main.tf
* Update README
---------
Co-authored-by: Julio Castillo <jccb@google.com>
Add support for Cloud Run v2 jobs
* create a separate file for service creation (service.tf) and job
(job.tf) - for easy comparison
* add E2E tests where possibile
* remove default value for input variable `region`
* fix subnet range VPC Access Connector example
* add creation of service account for audit logs call (trigger requires
service account)
* use provided trigger service account email in
`local.trigger_sa_email`, so explicitly provided SA is passed to
trigger
* set default value for vpc_connector_create.throughput.max, to match
what is set by GCP API, as provider uses wrong default of 300 which
results in perma-diff
* create inventory fiels for all examples
Global changes
* (tests) add input variable `project_number`, to allow assigning IAM permissions to Service Accounts in fixtures
* (tests) fix not outputting the path, when object is not found in inventory
* (tests) fix `create_e2e_sandbox.sh` - now it properly finds root of the repo
Secret Manager
* added `version_versions` output, to allow specifying versions in other modules. `versions` is sensitive and it makes it unsuitable for `for_each` values
New test fixtures
* `pubsub.tf` - creating one topic
* `secret-credential.tf` - creating Secret Manager `credential` secret
* `shared-vpc.tf` - creating two projects (host and service), and vpc in host project
* `vpc-connector.tf` - creating VPC Access Connector instance
Due to the disk_type validation for auto provision node pool,
this module always forced to create a GKE standard cluster
with a auto provisioned node pool. This is not desirable if
you manage pools separately like using the `gke-nodepool`.
* Add default ingress deny rule with logging to FAST net stages.
Fixes#2024
* Allow firewall factory to omit rules key
* Fix tests
* Fix fast tests
* fix fast tests
* Updated the DataQualitySpec for Dataplex Datascan
* Fix linting
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* pre PR commit
* added IAM functionality
* clean up of readme
* versions.tf fix
* added separate iam.tf, facilitated existing secret manager module
* corrected optional variable defaults
* adjusted readme to new changes
* adjusted tftest line in readme for changed example
* reverted the module back to a state where it only manages one instance
* minor fix for main readme.md
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* Fix named ranges behaviour if cidr_tpl_file variable not provided.
* Fix and extend tests.
* fix map syntax
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Fix DNS E2E test + add one to net-lb-app-int-cross-region
* Update README.md
* Fix inventory for tests
* Fix tests
* Fix number of resources
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* implement optionals in gke-hub module
* simplify gke hub module call in mc mesh blueprint
* simplify gke hub module call and variables in multitenant blueprint
* gke hub inventory
* provide cluster and fleet examples in stage
* fix: allow configuring `docker_repository` for cloud-function2
When docker repository is not specified by default docker repository
`projects/PROJECT_ID/locations/REGION/repositories/gcf-artifacts` is used.
In such a case, terraform plan always generates a difference for `docker_repository`
field as the module passes null value but the tfstate file has the above specified
default value. This fix allows one to prevent unnecessary infrastructure change when
using the default repository as well as any user created repository.
* doc: updated README for cloud-function-v2
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Allow empty string for 'identity_type' supported by Google provider and use correct value name for ingress 'identity_type'
* Sanitizing variables as the logical operators in Terraform do not short-circuit.
null address results in following error:
Error creating GlobalAddress: googleapi: Error 400: Invalid value for field 'resource.address': ''. The field is not a valid IP address or does not match the given prefix length, invalid
Error creating Address: googleapi: Error 400: Invalid value for field 'resource.purpose': 'SHARED_LOADBALANCER_VIP'. Shared LoadBalancer VIP IPv6 address reservation is not supported., invalid
Error creating Address: googleapi: Error 400: Invalid value for field 'resource.networkTier': 'STANDARD'. An address with type INTERNAL cannot have a network tier., invalid
HTTP to HTTPS needs work, now fails with:
Error: Error creating ForwardingRule: googleapi: Error 400: Invalid value for field 'resource.IPAddress': '34.160.52.156'. Invalid IP address specified., invalid
with module.ralb-test-0-redirect.google_compute_forwarding_rule.default,
on fabric/modules/net-lb-app-ext-regional/main.tf line 32, in resource "google_compute_forwarding_rule" "default":
32: resource "google_compute_forwarding_rule" "default" {
Endpoints in Service Directory can be *associated* with a
VPC. In this case, they can be used by supported Google
Cloud products to send requests directly to resources inside
a VPC. This feature is called Private Network Access.
The `google_service_directory_endpoint` resource supports
this configuration with a new argument `network`.
Unfortunately, this argument has an unusual format: it
is similar to a standard VPC ID, but instead of the project ID,
it expects the project number.
* Allow terraform fixtures for examples
* Allow defining multiple fixtures, and named fixtures under tests/fixtures/
* Enable e2e for wiktorn
* Fix prepare_files call for e2e
* Move fixture to separate file, fix test
* Revert shallow-copying symlinks, performane penalty - 20%
* Update tfdoc.py to list used fixtures
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Saleh Elnagar
tamartayar
Julio Castillo
Ludovico Magnocavallo
Thinh Ha
Wiktor Niesiobędzki
lcaggio
luigi-bitonti
Deepak Kumar
Harald Haas
shourya116
Blake Corbitt
Amela Spica
marcjwo
Miro Michalicka
dibaskar-google
Wiktor Niesiobędzki
apichick
Tahar JEGHAM
Luca Prete
Viliam Pucik
Jan Toth
Jason Steenblik
Stefano Tribioli
Andy Bubune Amewuda
Julio Diez
Simone Ruffilli
simonebruzzechesse
Simone Ruffilli
Thomas Colomb