Julio Castillo
a5e905cb80
Update remaining org policies
2023-02-21 15:49:16 +01:00
Ludovico Magnocavallo
5453c585e0
FAST multitenant bootstrap and resource management, rename org-level FAST stages ( #1052 )
...
* rename stages
* remove support for external org billing, rename output files
* resman: make groups optional, align on new billing account variable
* bootstrap: multitenant outputs
* tenant bootstrap stage, untested
* fix folder name
* fix stage 0 output names
* optional creation for tag keys in organization module
* single tenant bootstrap minus tag
* rename output files, add tenant tag key
* fix organization module tag values output
* test skipping creation for tags in organization module
* single tenant bootstrap plan working
* multitenant bootstrap
* tfdoc
* fix check links error messages
* fix links
* tfdoc
* fix links
* rename fast tests, fix bootstrap tests
* multitenant stages have their own folder, simplify stage numbering
* stage renumbering
* wip
* rename tests
* exclude fast providers in fixture
* stage 0 tests
* stage 1 tests
* network stages tests
* stage tests
* tfdoc
* fix links
* tfdoc
* multitenant tests
* remove local files
* stage links command
* fix links script, TODO
* wip
* wip single tenant bootstrap
* working tenant bootstrap
* update gitignore
* remove local files
* tfdoc
* remove local files
* allow tests for tenant bootstrap stage
* tenant bootstrap proxies stage 1 tfvars
* stage 2 and 3 service accounts and IAM in tenant bootstrap
* wip
* wip
* wip
* drop multitenant bootstrap
* tfdoc
* add missing stage 2 SAs, fix org-level IAM condition
* wip
* wip
* optional tag value creation in organization module
* stage 1 working
* linting
* linting
* READMEs
* wip
* Make stage-links script work in old macos bash
* stage links command help
* fix output file names
* diagrams
* fix svg
* stage 0 skeleton and diagram
* test svg
* test svg
* test diagram
* diagram
* readme
* fix stage links script
* stage 0 readme
* README changes
* stage readmes
* fix outputs order
* fix link
* fix tests
* stage 1 test
* skip stage example
* boilerplate
* fix tftest skip
* default bootstrap stage log sinks to log buckets
* add logging to tenant bootstrap
* move iam variables out of tenant config
* fix cicd, reintroduce missing variable
* use optional in stage 1 cicd variable
* rename extras stage
* rename and move identity providers local, use optional for cicd variable
* tfdoc
* add support for wif pool and providers, ci/cd
* tfdoc
* fix links
* better handling of modules repository
* add missing role on logging project
* fix cicd pools in locals, test cicd
* fix workflow extension
* fix module source replacement
* allow tenant bootstrap cicd sa to impersonate resman sa
* tenant workflow templates fix for no providers file
* fix output files, push github workflow template to new repository
* remove try from outpout files
* align stage 1 cicd internals to stage 0
* tfdoc
* tests
* fix tests
* tests
* improve variable descriptions
* use optional in fast features
* actually create tenant log sinks, and allow the resman sa to do it
* test
* tests
* aaaand tests again
* fast features tenant override
* fast features tenant override
* fix wording
* add missing comment
* configure pf service accounts
* add missing comment
* tfdoc
* tests
* IAM docs
* update copyright
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-02-04 15:00:45 +01:00
Wiktor Niesiobędzki
2976df596e
Fix tests (add JIT-ed SA for multiclusteringress.googleapis.com)
2023-01-29 15:50:24 +01:00
Wiktor Niesiobędzki
b38ef22572
Even more test fixes
2023-01-19 09:37:48 +01:00
Wiktor Niesiobędzki
720213593e
Use google_gkehub_feature_membership
...
Use google_gkehub_feature_membership to provision ASM on clusters.
Ensure that the cluster membership is refreshed on cluster recreation.
2023-01-19 09:37:48 +01:00
Julio Castillo
e700a27079
Enforce terraform fmt in examples
2022-12-18 14:00:19 +01:00
apichick
ba17e10ebd
Merge branch 'master' into binauthz-fixes
2022-11-28 12:33:34 +01:00
Julio Castillo
612d7283e8
Enforce nonempty descriptions ending in a colon
2022-11-24 18:56:01 +01:00
Sebastian Kunze
e4fc47a063
Normalize prefix handling in blueprints ( #1003 )
2022-11-23 11:09:00 +01:00
Miren Esnaola
5ba65b99ed
Binauthz blueprint fixes related to project creation
2022-11-22 12:45:43 +01:00
Julio Castillo
826ff14ef9
Sort variables and outputs
2022-11-21 13:17:55 +01:00
Ludovico Magnocavallo
fae5654e33
Refactor VPC firewall module for Terraform 1.3 ( #949 )
...
* module and module tests/examples
* align blueprints and fast
* fix null ranges
* make ports optional
* tfdoc
* make rules optional defaulting to all protocols
* review comments
* last round of comments
* invert precedence of template variables
* add option to disable all default rules
* add option to disable all default rules
* split egress/ingress
* tests
* fix tests
2022-11-04 13:56:07 +01:00
Ludovico Magnocavallo
e20de3b86a
fix service account create ( #923 )
2022-10-27 15:12:04 +00:00
Ludovico Magnocavallo
ed9fd6b08d
Align documentation, move glb blueprint ( #921 )
...
* aling documentation, move glb blueprint
* modules README, sort modules
* reorder modules
* fix bp links
* fix moved blueprint test
* use a single cloud shell image in the repo
2022-10-26 14:31:04 +02:00
apichick
d9ccf04221
Added managed_prometheus to features ( #906 )
...
* Added managed_prometheus monitoring_config
* fix module
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2022-10-25 21:18:50 +00:00
Ludovico Magnocavallo
4fa1dc431d
Refactor net-vpc module for Terraform 1.3 ( #880 )
...
* module tests pass
* doc examples
* refactor blueprints
* fast stages
* fix comment typo
* fix module factory test
2022-10-14 11:02:33 +02:00
Ludovico Magnocavallo
e8056577ce
Refactor GKE nodepool and blueprints ( #875 )
...
* first shot, untested
* example tests working
* module tests
* work on gke blueprints
* multitenant fleet doc examples
* fix gke hub doc examples
* blueprint tests
* move master range to vpc config
* fast stage 3 gke test
* tfdoc
* bump provider versions
* and bump provider again to latest
2022-10-12 12:59:36 +02:00
Ludovico Magnocavallo
16822e94ab
Refactor GKE module for Terraform 1.3 ( #868 )
...
* wip
* module and module tests
* doc examples
* gke-hub doc examples
* gke blueprints
* hub and spoke peering blueprint
* Rename some keys of some optional objects
* Fix readme
Co-authored-by: Julio Castillo <jccb@google.com>
2022-10-10 09:38:21 +02:00
Julio Castillo
894647ff9e
Leverage new shared VPC project config defaults across the repo
2022-10-07 08:55:47 +02:00
Julio Castillo
7e9173d35d
Create fully recursive e2e test runner
2022-09-12 13:58:11 +02:00
Ludovico Magnocavallo
aea24f24f8
fix blueprint tests
2022-09-12 11:54:18 +02:00
Julio Castillo
96edc4b58f
Move gke multi cluster mesh example to gke folder
2022-09-12 10:26:33 +02:00
Julio Castillo
96257871a2
Move binautz to gke folder
2022-09-12 10:21:56 +02:00
Julio Castillo
014c2c7d10
Add readme to serverless blueprints folder
2022-09-12 10:09:56 +02:00
Julio Castillo
faf6c48a80
Add gke description
2022-09-12 10:03:27 +02:00
Julio Castillo
61c45501ab
Link shared vpc gke blueprint in gke folder
2022-09-12 10:00:38 +02:00
Julio Castillo
72da12e377
Rename gke-serverless to gke and add test for fast gke stage
2022-09-12 09:56:25 +02:00