zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,901 Commits 3 Branches 352 Tags 59 MiB
Commit Graph

94 Commits

Author SHA1 Message Date
Ludovico Magnocavallo dff7b69250
FAST: bootstrap and extra stage CI/CD improvements and fixes (#956) 
* add clone commands output

* always create secret key for repos, fix module source

* optional modules ref

* tfdoc

* create secrets in the right repositories

* add publick key to modules repository

* bump Terraform version in CI templates

* add template to populated files

* tfdoc

* do not error out writing ci/cd workflows when output files are disabled

* update README

* fix apply file outputs when outputs_location is changed to null
 2022-11-08 09:38:15 +01:00
Julio Castillo 85378ea0fb
Update README.md 2022-11-03 22:43:22 +01:00
Julio Castillo 453a55c2d0
Merge branch 'master' into patch-2 2022-11-03 22:39:44 +01:00
Julio Castillo dc81b26a9b Use display_name instead of description for FAST service accounts 
Fixes #944
 2022-11-03 16:23:48 +01:00
Kartheek c7b70e42d0
Update README.md 
Added a note about Project resource name to be unique and also to check if project was deleted recently.
 2022-11-02 14:37:49 -07:00
Ludovico Magnocavallo 559753fab5
enable org policy API, fix run.allowedIngress value (#935) 2022-11-01 09:52:03 +01:00
Ludovico Magnocavallo 350a7dbf83
update README 2022-10-23 19:56:08 +02:00
Julio Castillo 2333bf58f1
Update README.md (#898) 
* Update README.md

* Update terraform.tfvars.sample

* Update README.md

* Update README.md
 2022-10-19 17:15:36 +02:00
Julio Castillo 60cb3a4dc8 Default gcp-support to gcp-devops 2022-10-06 14:18:58 +02:00
Julio Castillo e4b32c17d0
Update README.md 2022-10-06 13:59:44 +02:00
Ludovico Magnocavallo 4a1465ae32
Comment redundant role in bootstrap stage, align IAM.md files, improve IAM tool (#842) 
* comment redundant role

* account for duplicate folder names

* update IAM.md files
 2022-09-29 08:30:01 +02:00
Miklos Niedermayer b0b6510aed
Fix automation gcs location (#803) 
* Fix automation gcs location

* also apply change to stage 01

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2022-09-09 07:18:44 +02:00
Julio Castillo 76e49d5891 Merge remote-tracking branch 'origin/master' into fast/gke2 2022-09-08 22:38:05 +02:00
Ludovico Magnocavallo 353706150e
FAST: add support for storage locations in stages 0 and 1 (#800) 
* FAST: add support for storage locations in stages 0 and 1

* fix typo

* fix typo on logging

* tfdoc
 2022-09-08 15:24:42 +02:00
Ludovico Magnocavallo 6035dc1491
FAST: add support for project parents to bootstrap stage (#799) 
* FAST: add support for project parents to bootstrap stage

* change as per review comments
 2022-09-08 15:11:46 +02:00
Julio Castillo 2ddd68ee2a Fix comment exaplaining serviceProjectAdmin permissions 2022-08-30 20:41:34 +02:00
Julio Castillo 25955b158a Merge branch 'master' into fast/gke2 2022-07-12 12:16:04 +02:00
Ludovico Magnocavallo f42b0f06e4
add billing IAM for billing group (#730) 2022-07-11 08:26:13 +02:00
Ludovico Magnocavallo d6a81fb662 wip 2022-06-30 11:00:57 +02:00
Ludovico Magnocavallo ee7a615a58 Merge remote-tracking branch 'origin/master' into fast/gke2 2022-06-29 17:06:55 +02:00
Ludovico Magnocavallo 66c4fffd76
FAST: configuration switches for features (#703) 
* example implementation of top-level switches

* data platform as a fast feature

* decouple teams and project factory

* teams disable fixes

* optional pf

* networking stage

* remove var from stage 2s, security
 2022-06-28 17:33:37 +02:00
Ludovico Magnocavallo 666d8a469c
Merge branch 'master' into fast/gke2 2022-06-23 08:34:09 +02:00
Ludovico Magnocavallo c59ce76e97
Add repository_owner to GitHub identity attributes (#699) 
* add repository_owner to GitHub identity attributes

* fix errors on null identity provider custom settings
 2022-06-23 08:06:25 +02:00
Taneli Leppä c3fdc62ff2 Allow creating repositories in Gitlab via Terraform. 2022-06-21 15:12:03 +02:00
Alexander Meissner 9691577638
Fast/group creation gif (#676) 
* Updated Readme with Group creation GIF

Added visual representation of checklist group creation.

* Update README.md

Added v1 version of group creation GIF.

* localize gif

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2022-06-21 07:19:52 +02:00
Ludovico Magnocavallo da17d57863 fix tfdoc 2022-06-16 21:59:44 +02:00
Ludovico Magnocavallo f163bad220 add automation project number to stage 0 outputs 2022-06-16 21:56:18 +02:00
agusramirez@google.com 2eb996d33d sourcerepo and cloudbuild at 01-resman 2022-06-15 19:12:11 -05:00
Julio Castillo 29ce5f666d Simplify log_sink local 2022-06-10 12:25:26 +02:00
Julio Castillo 0bf1880431 Fix FAST audit logs when using pubsub as destination 
This commit also splits each organization-level logging sink of type
`logging` to a separate logging bucket.
 2022-06-10 12:25:26 +02:00
Ludovico Magnocavallo bb3f55fe9e
Fix Gitlab WIF attributes (#671) 2022-06-09 08:31:50 +02:00
Julio Castillo f3f9a4a88c GKE multitenant 
Co-authored-by: Daniel Marzini <dmarzi@google.com>
 2022-06-08 11:41:50 +02:00
Ludovico Magnocavallo 44ae2671b0
CI/CD support for Source Repository and Cloud Build (#669) 
* add id to outputs

* initial cloud build implementation for stage 0

* comments

* stage 0

* stage 1, untested

* add support for IAM and CB triggers to source repository module

* refactor stage 0 to use sourcerepo module

* refactor stage 1 to use sourcerepo module

* file descriptions

* fix gitlab pipeline
 2022-06-08 11:34:08 +02:00
Ludovico Magnocavallo 8040a4538c
clarify some admin bindings via comments (#663) 2022-06-05 19:48:26 +02:00
frits-v 9feb938bed
Update README.md (#653) 2022-05-12 08:01:18 +02:00
Alexander Meissner acd6719602
Adjusted Error Message of Supported Types 2022-04-19 11:10:21 +02:00
Ludovico Magnocavallo 3b6de2531d tfdoc 2022-04-15 02:20:39 +02:00
Ludovico Magnocavallo 473178010a don't error out when no repositories are set 2022-04-15 02:19:46 +02:00
Alexander Meissner 74a919d203
Update variables.tf 
Fixed formatting
 2022-04-14 18:34:17 +02:00
alexmeissner 6df4fc1cff Added Gitlab CI Template 
- Added Gitlab CI Template
- Changed Identify Provider settings
- Fixed incorrect outputs
- Enabled Gitlab
 2022-04-14 18:23:22 +02:00
Ludovico Magnocavallo 725f7effce
Initial MVP for CI/CD (#608) 
* preliminary support for wif in stage 0

* IAM wif role

* IAM wif role TODO

* add support for external SA IAM to SA module

* add name output to SA module

* separate cicd SA

* tfdoc

* GITLAB principal (untested)

* make GCS name output static

* outputs bucket

* fix stage 1 test

* tweak outputs

* tfdoc

* move wif_pool to automation variable

* add support for top-level and repository providers

* add missing boilerplate

* fix branchless principal

* initial workflow

* symlink provider template in stages

* remove service accounts from stage 0 cicd tfvars

* add cicd interface variable to resman stage

* fix cicd variable in resman stage

* better condition on outputs_location

* fix last change

* change outputs_location type

* revert outputs_location change

* split outputs in stage 0

* update ci/cd temporary notes

* rename additive IAM resource in SA module

* split outputs in stage 1

* remove unused locals

* fix stage 1 tests

* tfdoc

* Upload action files to outputs_bucket

* Fix tests and README

* rename template, streamline outputs

* local templates and gcs output for all stage 2

* add workflows to local output files

* Use lowercase WIF providers everywhere

* Bring back suffix for workflow files

* Remove unused files

* Update READMEs

* preliminary CI/CD implementation for stage 1

* fix stage 1

* stage 1 cicd

* tfdoc

* fix tests

* readme and links for cicd and wif

* refactor wif providers

* refactor cicd for stage 1

* fix stage 1

* wif org policies

* split identity provider configuration from cicd

* add type attribute to cicd repositories

* valid cicd repositories have a workflow template

* refactor stage 01

* fix stage 01 tests

* minimal CI/CD documentation

* better check_links error reporting

* fix links

* Added Gitlab specific configurations

Set the default issuer_uri for Gitlab. Added allowed audiences to OIDC configuration.

* Fixed TF formatting in identity providers.

* Changing identity provider audience to null

Changing identity provider audience to default to null.

* add instructions for renaming workflows

* address Julio's comments

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: alexmeissner <alexmeissner@google.com>
 2022-04-12 08:17:27 +02:00
Ludovico Magnocavallo 9bb2f91458
Fix a few import errors in FAST (#620) 
* fix import errors in stage 0

* fix import errors in stage 1
 2022-04-12 07:35:31 +02:00
Simone Ruffilli ab4a8eb78a FAST: README.md fixes 2022-02-24 11:21:06 +01:00
Ludovico Magnocavallo c4b2f85a3b README tweaks 2022-02-21 20:41:40 +01:00
Ludovico Magnocavallo c74ea67987 minimal README tweaks 2022-02-21 14:52:25 +01:00
Ludovico Magnocavallo 474bcbdd0e
Use tags and tag-based IAM conditions in FAST (#553) 
* organization module

* folder module

* project module

* fix project binding

* environment tags

* use id instead of name for references

* environment bindings

* conditional org policy admin binding via tags

* rename pf service accounts and buckets

* update IAM docs

* kms module

* compute-vm

* fix compute-vm

* tfdoc
 2022-02-20 11:26:30 +01:00
Ludovico Magnocavallo 9c736ea337
Merge branch 'master' into lcaggioni/fast-data-platform 2022-02-16 11:47:41 +00:00
Ludovico Magnocavallo 4b73cc4de6 tfdoc, stages README 2022-02-16 10:14:51 +01:00
Julio Castillo 0544456462 Use local for tfvar outputs 2022-02-16 09:07:07 +01:00
Ludovico Magnocavallo 41a848e501 stage 00 doc 2022-02-16 08:52:19 +01:00