zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,007 Commits 3 Branches 352 Tags 58 MiB
Commit Graph

1663 Commits

Author SHA1 Message Date
Luca Prete 7916cd2081
Add IPv6 to HA VPN module + test inventories (#1901) 
---------

Co-authored-by: Luca Prete <lucaprete@google.com>
 2023-12-04 23:38:41 +01:00
Julio Diez 4c80442f53 First version of Cloud Run module v2 2023-12-04 20:20:46 +01:00
Wiktor Niesiobędzki d9f9410ae5 Use unique names for logging buckets in examples 
Logging bucket name can be reused only after 7 days (when it is actually
deleted). When different tests reuse the same name, the ones that are
executed as 2nd and later will fail with message:
```
Error updating Logging Bucket Config [...]: googleapi: Error 400: Buckets
must be in an ACTIVE state to be modified
```

As their actual state is:
```
lifecycleState: DELETE_REQUESTED
```
 2023-12-03 10:03:22 +00:00
Thangaraju R e2d170c1a6
e2e tests for net-vpc-firewall module (#1896) 
e2e tests for net-vpc-firewall module
 2023-12-01 13:50:56 +01:00
Ludovico Magnocavallo 42fa742528
Add support for firewall tags to compute-vm module (#1895) 
* add support for firewall tags to compute-vm module

* add support for firewall tags to compute-vm module
 2023-12-01 11:27:37 +00:00
Thomas Colomb 3a2484843c
artifact-registry: Support cleanup policies (#1891) 2023-12-01 10:33:02 +00:00
Thangaraju R da5371b391
e2e test fix for iam-service-account module (#1894) 2023-12-01 09:23:37 +01:00
Thangaraju Rajasekaran 224b98c786 removed prefix and updated net-vpc shared-vpc for e2e test 2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran d9cd46d8a7 fixed e2e test for shared-vpc and subnet-iam 2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran 0af5e31ca3 E2E tests for net-vpc module 2023-11-30 14:03:49 +00:00
luigi-bitonti b5cd2d8088
Updated bigquery module (#1861) 2023-11-30 14:33:50 +01:00
apichick 66bd9d5160 Added workstation-cluster module 2023-11-30 07:02:28 +01:00
luigi-bitonti 98accdb3ad
Added PSC support to CloudSQL Module (#1874) 
* Added Feature

* Added PSC to CloudSQL module

* Added psc to read replica

* Changed variables

* Updated README

* Ran fmt

* Removed old variables

* Fix README

* Fixed blueprints

* Fix README

* Fixed output

* Added more outputs and bug fixes

* Changed variable structure

* Bug fix

* Added PSC example.
 2023-11-24 15:47:45 +01:00
apichick 27c3d9424a Fixed envoy file, it has extra character 2023-11-24 10:34:51 +01:00
Wiktor Niesiobędzki 55f308cbea
Fix failing E2E tests for folders (#1884) 
* Run tests requiring uniqueness on org level serially (organization tags, firewall policies)
* make gcs bucket name globally unique

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-24 08:09:13 +00:00
Ludovico Magnocavallo 637926fb68
Support boot disk KMS key in GKE cluster modules (#1881) 
* gke cluster standard

* tfdoc

* gke cluster autopilot

* fix autopilot tags test
 2023-11-23 11:52:13 +00:00
Julio Castillo 7baa1f98d4
Output all neg ids in app lbs (#1879) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-23 08:41:31 +01:00
flaprimo 2997bdeee5
Fix permissions assignments (#1878) 
Fix permission assignments to cloud init configuration.

Otherwise you obtain error:
$ sudo cloud-init schema --system

Invalid cloud-config /var/lib/cloud/instances/XXX/cloud-config.txt
Error: Cloud config schema errors: write_files.0.permissions: 420 is not of type 'string', write_files.1.permissions: 420 is not of type 'string'

Error: Invalid cloud-config schema: user-data
 2023-11-22 13:16:25 +01:00
dibaskar-google 2d70bb8db2
E2E tests for folder module (#1876) 
E2E tests for folder module
 2023-11-22 10:25:11 +01:00
Francesco Spinelli ad98b839bb
added missing sql parameters (#1869) 
* added missing sql parameters

* fix variables order

---------

Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
 2023-11-20 22:27:59 +01:00
ddaluka 543ea6e7f3
Fix/dlpagent (#1868) 
Create DLP Service Account on service activation.
 2023-11-20 14:11:01 +01:00
Wiktor Niesiobędzki 9577ac5c36 Disable EventArc E2E test 
The test fails with:

Error: Error creating Trigger: googleapi: Error 400: Invalid resource state for "": Permission denied while using the Eventarc Service Agent. If you recently started to use Eventarc, it may take a few minutes before all necessary permissions are propagated to the Service Agent. Otherwise, verify that it has Eventarc Service Agent role.

Retryig after 5 minutes fixes that, but thats not an option for
automated tests.
 2023-11-18 10:36:30 +00:00
Wiktor Niesiobędzki 950ad088e9 Remove perma-diff when using VPC connector 
+ fix trigger service account
 2023-11-18 10:09:03 +00:00
Wiktor Niesiobędzki 35c58eb5c1 Fix non-empty plan after apply when using VPC connector 2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki 28b8edced5 Add end-to-end tests to Cloud Run 2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki a635534a33 Fix IAM grants for KMS 2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki 1fbd018f5f E2E tests for GCS 2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki 03bf0b15b3
Organization module end-to-end tests (#1860) 
* added tag serial to mark tests to be run serially
* always run tests using loadgroup distribution to make use of serial tag
* added end-to-end tests for organization, not adding to custom constraints as the name has to be unique
* fixed granting custom roles created in the same module call
 2023-11-14 18:54:59 +01:00
Francesco Spinelli 1c2f1c7b0d
Sql user features (#1856) 
* added user type feature

* fix readme

* fix comment

* fix blueprint cloudsql users value + minor fix

* readme fix

* variables fix

* local var fix

* fix for in local var

* fix on readme

* fix intentations var in readme

* fix blueprint user quote

---------

Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
 2023-11-13 10:27:14 +01:00
apichick c79af78c48 Removed options that are not applicable to this load balancer 2023-11-12 20:21:06 +01:00
luigi-bitonti d07f8fd33d
Added CMEK for Secret auto managed (#1739) 
Allow to specify custom KMS keys for Secret Manager secrets
 2023-11-10 16:45:47 +01:00
Tone 0f446e89d4
Extend `cluster_autoscaling` fields in gke-cluster-standard (#1845) 
* feat(gke-cluster-standard): Add feature to setup `cluster_autoscaling`

* feat(gke-cluster-standard): Add GPUs setup feature for `cluster_autoscaling`

* feat(gke-cluster-standard): Add validation for `autoscaling_profile` and `disk_type` to ensure only valid values are specified

* feat(gke-cluster-standard): Fix validation condition for `cluster_autoscaling`
 2023-11-10 12:39:50 +01:00
Francesco Spinelli 82c74e4ab6
Dataproc module bug fix (#1848) 
* bug fix

* bug fix

* fix dinamic for_each

---------

Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
 2023-11-09 15:48:29 +00:00
Artur Pacan fca89b57ed Fix validation and dynamic block for optional gpu_driver 2023-11-08 11:49:15 +00:00
Ludovico Magnocavallo c7bef582e8
add support for IAM to vpc sc module (#1846) 2023-11-08 11:27:44 +01:00
Ludovico Magnocavallo 9068bd7729
Update README.md 2023-11-08 09:20:16 +01:00
apichick 0f91a964da Added back sink iam flag as module users might not have access to the sink destination and the role might need to be granted somewhere else 2023-11-07 08:11:23 +01:00
Teodelas 0f502a8cfb
Fix modules to support new Apigee X environment types (#1841) 
* Update main.tf

* Update variables.tf

* Update main.tf

Updated environment members to be alphabetical order

* fixed linting and terraform fmt

* removed venv

* removed venv directory

---------

Co-authored-by: Teo De Las Heras <teodlh@google.com>
 2023-11-06 09:56:03 +01:00
Wiktor Niesiobędzki ecaa253594
Merge branch 'master' into wiktorn-provider-5.4.0 2023-11-04 08:31:56 +01:00
Wiktor Niesiobędzki fe485414e6
Add end-to-end tests for project module (#1823) 
* Add end-to-end tests for project module
* Add inventory to data tests
* Add files to end-to-end test cases
* Review fixes - use named groups

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-03 18:04:19 +01:00
Wiktor Niesiobędzki b40ad91629 Bump provider version to 5.4.0 2023-11-03 17:02:00 +00:00
apichick 3648ca0da1
Merge branch 'master' into envoy-sni-dyn-fwd-proxy 2023-11-03 08:22:37 +01:00
apichick 3191dbb769 Added envoy as SNI dynamic forward proxy to cloud-config-container 2023-11-03 08:21:20 +01:00
apichick 26248ba5f5 Added create_before_destroy = true for self-managed certificates 2023-11-02 13:52:46 +01:00
cmalpe 1031076569 added validation for stack_type 2023-11-01 09:18:49 +00:00
cmalpe f1972550fe fixed linting for variables file 2023-11-01 08:02:36 +00:00
cmalpe 17707da60a added stack_type field 2023-11-01 07:58:09 +00:00
alealr 8d06afcdb8 Updating wording 2023-10-31 14:35:27 +00:00
devuonocar 103388bcc9 Update default value 2023-10-31 10:47:28 +01:00
devuonocar e52af05504 Update README.md 2023-10-30 18:34:55 +01:00
devuonocar 96c1342d55 Add public_access_prevention 2023-10-30 18:23:33 +01:00
cmalpe b8bb000073
Merge branch 'master' into cmalpe/kms-import-job 2023-10-30 20:32:50 +05:30
Ludovico Magnocavallo 671f06a3a4
Billing budget factory (#1822) 
* billing budget factory

* review comment changes
 2023-10-29 11:24:52 +01:00
Luca Prete 7c6726e79b
[net-address] enable ipv6 (#1821) 
---------

Co-authored-by: Luca Prete <lucaprete@google.com>
 2023-10-28 15:36:30 +02:00
Ludovico Magnocavallo b29987bb61
Merge branch 'master' into cmalpe/kms-import-job 2023-10-28 01:29:28 +02:00
apichick 022b9f5060 Added iam_bindings and iam_bindings_additive to apigee module 2023-10-27 18:22:07 +02:00
Wiktor Niesiobędzki 5b17c11d01
Merge branch 'master' into fix/ai-models-support 2023-10-27 10:22:47 +02:00
cmalpe af339aad15 corrected readme linting 2023-10-27 07:22:59 +00:00
cmalpe b0e5231f50 Merge branch 'master' into cmalpe/kms-import-job 2023-10-27 07:21:36 +00:00
cmalpe 9a3ac13687 corrected linting and test example 2023-10-27 06:52:55 +00:00
Ewa Wojtach 98dde0c57f review comments 2023-10-27 08:38:37 +02:00
Chaitanya Malpe 8a76b10161 added test for import job 2023-10-27 11:53:35 +05:30
Ludovico Magnocavallo d0b1ced280
fix logic for default source range in firewall ingress rules (#1815) 2023-10-26 15:25:36 +00:00
cmalpe 5d8ff92471 added linting changes for readme file 2023-10-26 15:02:59 +00:00
Chaitanya Malpe d9e09bb9c3 removed unneeded variable 2023-10-26 20:23:06 +05:30
cmalpe c83b6c229f added tfdoc changes 2023-10-26 14:05:39 +00:00
Chaitanya Malpe c2380a88fa added import job support for kms module 2023-10-26 18:12:58 +05:30
Ewa Wojtach 6fc960ea0b empty gpu sharing config fix 2023-10-26 07:23:13 +02:00
Simone Ruffilli 4decc641bb
Stop wrapping yamldecode with try() (#1812) 2023-10-25 16:16:05 +02:00
Ewa Wojtach 33ce0e1db5
AI models support (#1750) 
* nodepool config

* added gpu driver configuration

* documentation update

* regenerated docs

* review comments

* review comments

* blocks structure

* documentation update

* test fix and doc update

* review comments

* doc

* Extend inventory

* Update README

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-25 09:42:36 +00:00
mwarm2 e28f7c3237
Fix Apigee add-ons configuration (#1798) 
* Revert "Merge pull request #1694 from eddern/eddern/fix-apigee-addons-config"

This reverts commit ec7a7a9605, reversing
changes made to df5daab6cc.

* Flip for_each ternary: use true to enable an add-on

When a given add-on's variable is set to true, do instantiate the block.

---------

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-10-25 07:37:45 +00:00
Ludovico Magnocavallo 1b3a4d627b
allow setting enable_private_nodes in gke nodepool pod range (#1808) 2023-10-24 17:34:04 +00:00
Luca Prete 019cca735d
net-lb-ext: add option to set IPv6 subnetwork for IPv6 external fw rules 2023-10-24 13:37:33 +00:00
Luca Prete feef3909db
compute-vm: remove old todo (#1804) 2023-10-24 10:45:53 +00:00
Pierre Formont 43f78194e9
use the repository format in the image_path output (#1803) 
* use the repository format in the image_path output

* use local.format_string instead of var.format
 2023-10-24 10:24:53 +00:00
Julio Castillo b2201f69b7
Fix Internal App LB serverless NEG backend example (#1801) 
* Fix Internal App LB serverless NEG backed example

* Silence linter
 2023-10-24 07:25:43 +00:00
Luca Prete f54b4f88b8
net-address: allow users to optionally specify address names (#1795) 2023-10-23 15:17:06 +00:00
apichick 378960cfc6 Removed unnecessary try statements 2023-10-22 17:50:57 +02:00
Luca Prete a23b3d62ae
net-lb-ext: add support for multiple forwarding rules (IPs) and dual-stack (IPv4/IPv6) 2023-10-21 18:19:18 +02:00
Simone Ruffilli 6d89b88149
versions.tf maintenance + copyright notice bump (#1782) 
* Bump copyright notice to 2023

* Delete versions.tf on blueprints

* Pin provider to major version 5

* Remove comment

* Fix lint

* fix bq-ml blueprint readme

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-20 18:17:47 +02:00
Wiktor Niesiobędzki d07daf966a
End-to-end tests for terraform modules (#1751) 
Add end-to-end tests (apply, plan, destroy) for examples.

When run, `tests/examples_e2e`:
1. Create an environment for tests to run (folder, project vpc network) 
2. For each marked example (with `e2e` tftest directive), run apply, plan, destroy
3. Verify:
* no failure in apply
* empty plan after apply
* no failure during destroy
4. When all tests are done, destroy test environment

More details in `tests/examples_e2e/README.md`
 2023-10-20 09:59:52 +02:00
luigi-bitonti 4e439720aa
Added ProtectedApplication feature to GKE Backup (#1774) 
* Added ProtectedApplication feature to GKE Backup

* Fixed location name and added example

* Modified test module

* Changed test

* Changed test

* Changed test

* Restore old "all_namespaces" logic

* Bug fix

* Ran fmt on README example

* Modified variable structure

* Fix test

* Fix
 2023-10-19 19:54:22 +02:00
Ludovico Magnocavallo 77a4696aa6
Add gcp org policy constraints file to bootstrap stage (#1775) 
* add gcp org policy constraints file to bootstrap

* make the org policy factories more resilient
 2023-10-18 18:21:16 +00:00
Ludovico Magnocavallo 02ccc576f5
fix resource manager tag bindings in compute-vm module (#1771) 2023-10-18 09:24:00 +00:00
Wiktor Niesiobędzki c21fa4558f
Remove incompatible balancing_mode (#1769) 
## net-lb-int
* Fix error on apply of example:
```
Error creating RegionBackendService: googleapi: Error 400: Invalid value for field 'resource.backends[0].balancingMode': 'UTILIZATION'. Balancing mode must be CONNECTION for an INTERNAL backend service., invalid
```
* remove unused `balancing_mode` variable, as only one value is possible anyhow

## net-lb-ext
* update in the `backends` description

## net-lb-proxy-int
* update in the `backends` description

## net-lb-app-int
* added validation of `balancing_mode`
* fixed other validations

## net-lb-app-ext
* added validation of `balancing_mode`
* fixed other validations
* removed validation for `locality_lb_policy` as this variable is not used in this module

Closes: #1767
 2023-10-18 08:11:32 +02:00
Luca Prete 6c48512f7e
[#1764] net-lb-int: add support for dual stack and multiple forwarding rules 2023-10-17 09:30:34 +00:00
Julio Castillo 82f14fd6c0
Make subnets depend on proxy only subnets (#1762) 
* Make subnets depend on proxy only subnets

* Add dependency to subnet_ids too

* Update readme
 2023-10-16 11:39:52 +00:00
jeroenmonteban f464557525
Add autoclass to GCS (#1757) 
* Add autoclass to GCS

* Fix linting

* Make autoclass block dynamic

* Fix syntax

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-16 07:45:10 +00:00
luigi-bitonti 0195ea6bca
Exposed stack_type variable in compute_vm module (#1756) 
* Exposed stack_type variable in compute_vm module

* Updated README.md

* align instance template, fix variable ordering

---------

Co-authored-by: Ludo <ludomagno@google.com>
 2023-10-16 06:28:56 +00:00
Ludovico Magnocavallo 252127bde5
Billing account module (#1743) 
* initial untested draft

* readme and tests

* folder module tfdoc

* remove redundant billing cost manager role in fast stage 0

* fix FAST test
 2023-10-15 15:02:50 +00:00
devuonocar 3949fdc283
Add outputs to BigQuery dataset module (#1752) 
* Add outputs

* Fix checks

* Fix order

* Fix order

* Fix var

* Fix outputs

* Fix README.md
 2023-10-13 17:02:47 +02:00
Ludovico Magnocavallo 85d2b8b093
Fix typo in GKE nodepool taints (#1754) 
* Fix typo in GKE nodepool taints

Fixes #1749

* fix windows taints
 2023-10-12 12:04:15 +00:00
Ludo 55fc3e226d
Revert "fix windows taints" 
This reverts commit 661b543e08.
 2023-10-12 13:39:42 +02:00
Ludo 661b543e08
fix windows taints 2023-10-12 13:38:37 +02:00
luigi-bitonti 3503e028ae
Module autopilot bug fixes (#1746) 
* Removed unused variables and bug fix

* Ran fmt

* Fix README.md

* Added comments to code
 2023-10-12 12:40:28 +02:00
devuonocar 4f91523a08
Add missing fields to Cloud Storage bucket (#1745) 
* Add new featrures

* Terraform fmt

* Fix README.md

* Delete not allowed validation

* Fix README.md

* Fix README.md

* update var

* update var

* Update var
 2023-10-10 22:40:30 +02:00
Julio Castillo 64d88d90d1
Append "s" to backoff times (#1744) 2023-10-10 13:32:19 +03:00
Julio Castillo 9ab3b49f69
Add PSA peered domains support to `net-vpc` (#1741) 
* Add PSA peered domains support to `net-vpc`

* Fix tests
 2023-10-06 15:31:32 +00:00
Julio Castillo ef290c1c8d
Enforce mandatory types in all variables (#1737) 2023-10-06 09:44:33 +00:00
luigi-bitonti bb76878d0d
Added FQDN Network Policy feature on GKE Cluster (#1732) 
* Added FQDN Network Policy feature on GKE Cluster

* Fix README.md. Added validation into variable.

* README.md updated

---------

Co-authored-by: Bitonti, Luigi <luigi.bitonti@nttdata.com>
 2023-10-06 10:05:54 +02:00