Ludovico Magnocavallo
66c4fffd76
FAST: configuration switches for features ( #703 )
...
* example implementation of top-level switches
* data platform as a fast feature
* decouple teams and project factory
* teams disable fixes
* optional pf
* networking stage
* remove var from stage 2s, security
2022-06-28 17:33:37 +02:00
Lorenzo Caggioni
ceb611bb81
Remove custom role and rely on conditions.
2022-06-23 07:04:35 +02:00
Lorenzo Caggioni
2ce4b002f1
Rename role
2022-06-20 22:23:18 +02:00
Lorenzo Caggioni
7625773dea
Fix tests
2022-06-20 22:05:22 +02:00
Lorenzo Caggioni
c464a3c8cc
Improve KMS: add custom role to handle keys
2022-06-20 17:13:25 +02:00
javiergp
fa321fc67c
Update README.md ( #667 )
...
* Update README.md
Fixed VPC SC example
* Update README.md
2022-06-05 19:43:14 +02:00
Ludovico Magnocavallo
725f7effce
Initial MVP for CI/CD ( #608 )
...
* preliminary support for wif in stage 0
* IAM wif role
* IAM wif role TODO
* add support for external SA IAM to SA module
* add name output to SA module
* separate cicd SA
* tfdoc
* GITLAB principal (untested)
* make GCS name output static
* outputs bucket
* fix stage 1 test
* tweak outputs
* tfdoc
* move wif_pool to automation variable
* add support for top-level and repository providers
* add missing boilerplate
* fix branchless principal
* initial workflow
* symlink provider template in stages
* remove service accounts from stage 0 cicd tfvars
* add cicd interface variable to resman stage
* fix cicd variable in resman stage
* better condition on outputs_location
* fix last change
* change outputs_location type
* revert outputs_location change
* split outputs in stage 0
* update ci/cd temporary notes
* rename additive IAM resource in SA module
* split outputs in stage 1
* remove unused locals
* fix stage 1 tests
* tfdoc
* Upload action files to outputs_bucket
* Fix tests and README
* rename template, streamline outputs
* local templates and gcs output for all stage 2
* add workflows to local output files
* Use lowercase WIF providers everywhere
* Bring back suffix for workflow files
* Remove unused files
* Update READMEs
* preliminary CI/CD implementation for stage 1
* fix stage 1
* stage 1 cicd
* tfdoc
* fix tests
* readme and links for cicd and wif
* refactor wif providers
* refactor cicd for stage 1
* fix stage 1
* wif org policies
* split identity provider configuration from cicd
* add type attribute to cicd repositories
* valid cicd repositories have a workflow template
* refactor stage 01
* fix stage 01 tests
* minimal CI/CD documentation
* better check_links error reporting
* fix links
* Added Gitlab specific configurations
Set the default issuer_uri for Gitlab. Added allowed audiences to OIDC configuration.
* Fixed TF formatting in identity providers.
* Changing identity provider audience to null
Changing identity provider audience to default to null.
* add instructions for renaming workflows
* address Julio's comments
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: alexmeissner <alexmeissner@google.com>
2022-04-12 08:17:27 +02:00
Simone Ruffilli
fb039d1bb7
FAST: Security README.md fixes
2022-02-24 12:10:36 +01:00
Ludovico Magnocavallo
4b73cc4de6
tfdoc, stages README
2022-02-16 10:14:51 +01:00
Julio Castillo
0544456462
Use local for tfvar outputs
2022-02-16 09:07:07 +01:00
Ludovico Magnocavallo
c0f73cb3be
replace : with - in output keys
2022-02-16 08:20:22 +01:00
Ludovico Magnocavallo
ca186054df
02-security
2022-02-16 01:18:51 +01:00
Ludovico Magnocavallo
54c7d8a5c6
fix perimeter definition in locals
2022-02-12 15:41:13 +01:00
Ludovico Magnocavallo
fbf4d29c88
Fix FAST names ( #539 )
...
* name checker, initial names fix
* fix name parser
* sdbx -> sbox
* explicit names
* show total name length
* check names in linting action
* validate prefix length
* fix typo
2022-02-12 13:29:22 +01:00
Simone Ruffilli
2696af1a7e
Update vpc-sc.tf - manage empty perimeters. ( #530 )
...
* Update vpc-sc.tf - manage empty perimeters.
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2022-02-10 16:24:14 +01:00
Ludovico Magnocavallo
d21304267b
revert dry-run to true as default
2022-02-08 13:43:37 +01:00
Ludovico Magnocavallo
02dc9de9b0
make it simpler to switch from/ry run mode ( #524 )
2022-02-08 13:26:44 +01:00
Ludovico Magnocavallo
d711a93397
fix previous merge ( #513 )
2022-02-06 18:34:32 +01:00
Ludovico Magnocavallo
c4533503a6
Fast: use pathexpand for output location ( #512 )
...
* use pathexpand for output location
* tfdoc
2022-02-06 18:24:46 +01:00
Ludovico Magnocavallo
c8cbf9b7d7
Add utility to extract IAM bindings from state ( #503 )
...
* add utility to extract IAM bindings from state
* TODO
* TODO
* output one row per role/member pairs
* sorting
* rename, delete spurious file
* generalize output functions
* generate IAM.md
* fix org id
* add link to role in markdown
* fix org id
* replace organization ids
2022-02-05 17:34:43 +01:00
lcaggio
6e896382d6
Fix READMEs. ( #484 )
...
* Fix READMEs.
* fix outputs location paths in READMEs
* fix output location paths in READMEs
* Update README.md
* Update README.md
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2022-02-01 18:12:57 +01:00
Simone Ruffilli
abb6b50a46
Add periods at the end of each description field where missing ( #478 )
2022-01-31 10:45:34 +01:00
Julio Castillo
31f625f149
Link vars and outputs from README
2022-01-22 14:15:16 +01:00
Ludovico Magnocavallo
9a533180a0
Refactor project module, support per-file tags in tfdoc ( #450 )
...
* add support for in-doc tfdoc options overrides
* clean up project module
* add file description tags
* only output module and resource columns in tfdoc file table if they exist
* update fast READMEs
* fix check docs
2022-01-22 11:34:18 +01:00
Ludovico Magnocavallo
4e02f4475a
Update core-dev.tf
2022-01-19 17:03:58 +01:00
Ludovico Magnocavallo
e866db2c88
Merge Fabric FAST ( #435 )
...
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2022-01-19 14:19:39 +01:00