zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,956 Commits 3 Branches 352 Tags 59 MiB
Commit Graph

1632 Commits

Author SHA1 Message Date
Julio Castillo b6e0557bbb
Simplify organization tags.tf locals (#1932) 
* Simplify organization tags.tf locals

* Fix boilerplate

* Override github provider version for tests
 2023-12-18 16:09:22 +00:00
Simone Ruffilli c5da6b99c3
Fixes typo in README.md 2023-12-18 15:40:16 +01:00
simonebruzzechesse c50b732c79
Allow granting network user role on host project from project module and factory (#1930) 
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-12-15 14:39:21 +01:00
Simone Ruffilli db31c1b8aa Fixes example in cloud-config-container/squid 2023-12-15 12:31:08 +01:00
Ludovico Magnocavallo 537237edd6
Fix health check autocreation and id output in passthrough LB modules (#1928) 
* fix health check autocreation and id output

* fix health check exclusion
 2023-12-13 23:39:55 +00:00
Simone Ruffilli ca3c86cb5c
Add support for policy based routes to net-vpc (#1926) 
* Add support for PBR to net-vpc
 2023-12-13 15:19:40 +00:00
Thomas Colomb 201ff284f6
gke-cluster-standard : Support upgrade_settings for node auto provisioner (#1905) 
* gke-cluster-standard : Support upgrade_settings for node auto provisionner

* implement suggestions

* tfdoc

---------

Co-authored-by: Ludo <ludomagno@google.com>
 2023-12-12 19:17:51 +00:00
luigi-bitonti ef4095f000
Removed deprecated variable and added labels (#1923) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-12-12 18:32:48 +00:00
Simone Ruffilli f293847077
can_ip_forward in simple-nva examples (#1922) 2023-12-12 13:09:58 +00:00
Wiktor Niesiobędzki c24d023c23 Sync tf version to version used by tests 2023-12-12 09:43:09 +01:00
Ludovico Magnocavallo b65c57bcc2
bump tf version (#1920) 2023-12-12 09:19:46 +01:00
luigi-bitonti 6cb3eb5390
Added missing parameters in kubelet and linux node conf (#1918) 2023-12-11 20:05:23 +01:00
Francesco Pavan d2d62b71e2
Added the possibility to configure maintenance window and deny maintenance period in Cloud SQL module module (#1917) 
* added maintenance window configuration to cloud sql

* Formatted code + generated readme

* Fixed readme errors (missing dots at the end of variables' description)

* Fixed typos + regenerated docs

* Added correct readme

* Collapsed "deny_maintenance_period" and "maintenance_window" variables into a single variable called "maintenance_config"

* Added input validation + some minor fixes

* Add trigger configuration for Composer (#1916)

* Added update_track variable validation

* Formatted variables + regenerated readme

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-12-11 16:59:00 +00:00
Ludovico Magnocavallo bba814c091
Custom role factories for organization and project modules (#1912) 
* backport custom role factories

* backport from fast ci/cd branch

* indent

* tfdoc

* fix module tests
 2023-12-11 14:16:39 +00:00
dibaskar-google c65e242685
net_lb_ext module e2e and example testing changes (#1909) 
E2E tests for net_lb_ext
 2023-12-08 10:04:07 +01:00
Wiktor Niesiobędzki 84a15c4d77 README fixes for #1907 2023-12-07 09:51:48 +00:00
Thomas Colomb e4c55bc4c9
gke-cluster-standard : Set optional shielded_instance_config block in cluster_autoscaling.auto_provisioning_defaults (#1906) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-12-07 09:37:13 +00:00
Ludovico Magnocavallo f548b65b1c
Add support for subnet-level service network user grants to project module, improve docs (#1907) 
* improve project factory example

* light refactor of project modules shared vpc internals and docs

* add support for subnet-level grants on host project
 2023-12-07 09:07:48 +00:00
Thomas Colomb b92389066e
gke-cluster-standard : Add possibility to enable image streaming feature at cluster level (#1904) 2023-12-07 06:36:21 +01:00
Luca Prete fa7664434b
Enable sole tenancy (`node_affinities`) on compute_vm (#1903) 2023-12-05 18:05:23 +01:00
Luca Prete 7916cd2081
Add IPv6 to HA VPN module + test inventories (#1901) 
---------

Co-authored-by: Luca Prete <lucaprete@google.com>
 2023-12-04 23:38:41 +01:00
Wiktor Niesiobędzki d9f9410ae5 Use unique names for logging buckets in examples 
Logging bucket name can be reused only after 7 days (when it is actually
deleted). When different tests reuse the same name, the ones that are
executed as 2nd and later will fail with message:
```
Error updating Logging Bucket Config [...]: googleapi: Error 400: Buckets
must be in an ACTIVE state to be modified
```

As their actual state is:
```
lifecycleState: DELETE_REQUESTED
```
 2023-12-03 10:03:22 +00:00
Thangaraju R e2d170c1a6
e2e tests for net-vpc-firewall module (#1896) 
e2e tests for net-vpc-firewall module
 2023-12-01 13:50:56 +01:00
Ludovico Magnocavallo 42fa742528
Add support for firewall tags to compute-vm module (#1895) 
* add support for firewall tags to compute-vm module

* add support for firewall tags to compute-vm module
 2023-12-01 11:27:37 +00:00
Thomas Colomb 3a2484843c
artifact-registry: Support cleanup policies (#1891) 2023-12-01 10:33:02 +00:00
Thangaraju R da5371b391
e2e test fix for iam-service-account module (#1894) 2023-12-01 09:23:37 +01:00
Thangaraju Rajasekaran 224b98c786 removed prefix and updated net-vpc shared-vpc for e2e test 2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran d9cd46d8a7 fixed e2e test for shared-vpc and subnet-iam 2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran 0af5e31ca3 E2E tests for net-vpc module 2023-11-30 14:03:49 +00:00
luigi-bitonti b5cd2d8088
Updated bigquery module (#1861) 2023-11-30 14:33:50 +01:00
apichick 66bd9d5160 Added workstation-cluster module 2023-11-30 07:02:28 +01:00
luigi-bitonti 98accdb3ad
Added PSC support to CloudSQL Module (#1874) 
* Added Feature

* Added PSC to CloudSQL module

* Added psc to read replica

* Changed variables

* Updated README

* Ran fmt

* Removed old variables

* Fix README

* Fixed blueprints

* Fix README

* Fixed output

* Added more outputs and bug fixes

* Changed variable structure

* Bug fix

* Added PSC example.
 2023-11-24 15:47:45 +01:00
apichick 27c3d9424a Fixed envoy file, it has extra character 2023-11-24 10:34:51 +01:00
Wiktor Niesiobędzki 55f308cbea
Fix failing E2E tests for folders (#1884) 
* Run tests requiring uniqueness on org level serially (organization tags, firewall policies)
* make gcs bucket name globally unique

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-24 08:09:13 +00:00
Ludovico Magnocavallo 637926fb68
Support boot disk KMS key in GKE cluster modules (#1881) 
* gke cluster standard

* tfdoc

* gke cluster autopilot

* fix autopilot tags test
 2023-11-23 11:52:13 +00:00
Julio Castillo 7baa1f98d4
Output all neg ids in app lbs (#1879) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-23 08:41:31 +01:00
flaprimo 2997bdeee5
Fix permissions assignments (#1878) 
Fix permission assignments to cloud init configuration.

Otherwise you obtain error:
$ sudo cloud-init schema --system

Invalid cloud-config /var/lib/cloud/instances/XXX/cloud-config.txt
Error: Cloud config schema errors: write_files.0.permissions: 420 is not of type 'string', write_files.1.permissions: 420 is not of type 'string'

Error: Invalid cloud-config schema: user-data
 2023-11-22 13:16:25 +01:00
dibaskar-google 2d70bb8db2
E2E tests for folder module (#1876) 
E2E tests for folder module
 2023-11-22 10:25:11 +01:00
Francesco Spinelli ad98b839bb
added missing sql parameters (#1869) 
* added missing sql parameters

* fix variables order

---------

Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
 2023-11-20 22:27:59 +01:00
ddaluka 543ea6e7f3
Fix/dlpagent (#1868) 
Create DLP Service Account on service activation.
 2023-11-20 14:11:01 +01:00
Wiktor Niesiobędzki 9577ac5c36 Disable EventArc E2E test 
The test fails with:

Error: Error creating Trigger: googleapi: Error 400: Invalid resource state for "": Permission denied while using the Eventarc Service Agent. If you recently started to use Eventarc, it may take a few minutes before all necessary permissions are propagated to the Service Agent. Otherwise, verify that it has Eventarc Service Agent role.

Retryig after 5 minutes fixes that, but thats not an option for
automated tests.
 2023-11-18 10:36:30 +00:00
Wiktor Niesiobędzki 950ad088e9 Remove perma-diff when using VPC connector 
+ fix trigger service account
 2023-11-18 10:09:03 +00:00
Wiktor Niesiobędzki 35c58eb5c1 Fix non-empty plan after apply when using VPC connector 2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki 28b8edced5 Add end-to-end tests to Cloud Run 2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki a635534a33 Fix IAM grants for KMS 2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki 1fbd018f5f E2E tests for GCS 2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki 03bf0b15b3
Organization module end-to-end tests (#1860) 
* added tag serial to mark tests to be run serially
* always run tests using loadgroup distribution to make use of serial tag
* added end-to-end tests for organization, not adding to custom constraints as the name has to be unique
* fixed granting custom roles created in the same module call
 2023-11-14 18:54:59 +01:00
Francesco Spinelli 1c2f1c7b0d
Sql user features (#1856) 
* added user type feature

* fix readme

* fix comment

* fix blueprint cloudsql users value + minor fix

* readme fix

* variables fix

* local var fix

* fix for in local var

* fix on readme

* fix intentations var in readme

* fix blueprint user quote

---------

Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
 2023-11-13 10:27:14 +01:00
apichick c79af78c48 Removed options that are not applicable to this load balancer 2023-11-12 20:21:06 +01:00
luigi-bitonti d07f8fd33d
Added CMEK for Secret auto managed (#1739) 
Allow to specify custom KMS keys for Secret Manager secrets
 2023-11-10 16:45:47 +01:00